absolutely I think if I were to net it out Jeff what I'm sensing is there is a whole movement to shift security left which is this whole idea of IT stepping up as the first line of defense reduce cyber exposure take care of patching multi-factor authentication reduce their tax surface intrinsic security right so you know DevOps active ops take care of it right up front with all the apps even get built right then there is another movement to shift things right which is take care of the new new aspects of the attack surface right what the hackers always take advantage of of other areas where in a sense we are unprepared and for a long time they've seen us being unprepared in terms of reducing the attack surface and then they go after the new aspects of the tak surface and what are those IT I ot ot data as as an attack surface and the edge right so so these are areas where there's a lot of activity a lot of innovation you know on the on the air on the floor here if you walk the corners shifting left shifting right as in all the new aspects of the tax F is I'm seeing a lot of conversations a lot of innovation in that area I think it also boils down to real-world examples we've been really understand the demographics that we're working for I think today it's the first time really in history that we have four generations working side-by-side in the workforce so we have to understand that people learn differently training should be adjusted to the type of people that we're teaching but phishing doesn't just oil down to clicking on links phishing teaches also it boils down to tricking somebody getting someone's trust and it can come in different forms for example think of social media how do people connect we're connecting across social media on many different platforms I'll give a very easy example LinkedIn LinkedIn is for business have form we're all connected on LinkedIn why we connect on LinkedIn because that's a social platform that people feel safe on because we're able to connect to each other in a business form I want to think of the person who's getting the first job with an organization their first job in maybe their project manager and they're working for Bank a excited to be working for Bank a hey I'm gonna list all the projects I'm working for so here's now my resume on LinkedIn I'm working on project ABCD and this is my manager I report to perfect there's some information sitting there on LinkedIn now what else I will tell you is that you might have somebody who's looking to get into that Bank what will they do let's look for the lowest hanging fruit who this new project manager oh I see they're working on these projects and they're reporting in to someone well I'm not a project manager I'm a senior project manager from a competing bank I'm gonna befriend them and tell them that I'm really excited about the work they're doing here there's social engineering their way into their friendship into the good graces into their trust once done the video becomes a trusted source people share information freely so people are putting too much information out there on social trusting too easily opening the door for more than a phishing attack and things are just rapidly going out of control right so my co-founder and I both came from the world of being practitioners and we saw how limited the space wasn't actually changing human behavior I was given some animated powerpoints that use this to keep the Russians out of your Network which is a practical joke unless your job is on the line I took a huge step back and I said there are other fields that have figured this out behavioral science being one of them they use positive reinforcement gamification marketing and advertisement has figured out how to engage this human element just look around the RSA floor and there are so many learnings of how we make decisions as human beings that can be applied into changing people's behaviors and security so that's what we did adventure so this is my first early stage company we're still seeking series a we're a young company but our mantras we are the data value company so they have had this very robust analytics engine that goes into the heart of data I can track it and map it and make it beautiful and Along Came McNeely who actually sits on our board Oh does he and they said we need someone who's this week it's all happening so they asked Scott McNealy who is the craziest person in privacy and data that you know and he said oh my god get the done any woman so they got the den of a woman and that's what I do now so I'm taking this analytics value engine I'm pointing it to the board as I've always said Grace Hopper said data value and data risk has to be on the corporate balance sheet and so that's what we're building is a data balance sheet for everyone to use to actually value data for me it starts with technology that takes look we've only got so many security practitioners in the company actually defend your email example we've got to defend every user from those kinds of problems and so how do I find technology solutions that help take that load off the security practitioners so they can focus on the niche examples that are really really well-crafted emails and and and help take that load off the user because users just you're not going to be able to handle that right it's not fair to ask them and like you said it was just poorly timed that helps protect it so how do we help make sure that we're taking that technology load off identify the threats in advance and and protect them and so I think one of the biggest things that Chris and I talk a lot about is how do our solutions help make it easier for people to secure themselves instead of just providing only a technology technology advantage so the virtual analyst is able to sit on premises so it's localized learning collector has to understand the nature of those strats collect to be able to look at the needles of the needles if you will make sense of that and then automatically generate reports based off of that right so it's really an assist tool that a network in min or a security analyst was able to pick up and virtually save hours and hours of time so we have this we call it a thread research group within the company and their job is to take all the data from the sensors we have I mean we have we look at about 25 petabytes of data every day all our solutions are cloud solutions as well as on forum so we get the benefit of basically seeing all the data's that are hitting our customers every day I mean we block about 1 million attacks every minutes like every minute 1 billion attacks every minute minute right we protect over 3 million databases and you know we've mitigated some of the largest DDoS attacks that's ever been reported so we have a lot of date right that we're seen and the interesting thing is that you're right we are having to always we're using that threat research data to see what's happening how the threat landscape is changing therefore guiding us on how we need to augment and add to our products to prevent that but interestingly we're also consuming AI and machine learning as well on our products because we're able to use those solutions to actually do a lot of attack analytics and do a lot of predictive and research for our customers that can kind of guide them about you know where things are happening because what's happening is that before a lot of the tacks were just sort of fast and furious now we're seeing a pattern towards snow snow and continuous if that makes sense we're seeing all these patterns and threats coming in so we're fighting against those technologies like AI Barossa using those technologies to help us soon you know decide where we need to continue to add capabilities to stop it you know the whole bad box thing wasn't a problem right a number of years ago and so it's it's ever-changing your world which frankly speaking makes it an interesting place to be yes who wants to be in a static in a boring place right well I mean we do you're a good package or a bad package you have to traverse the network to be interesting we've all you know put our phones in airplane mode at blackhat or events like that but we don't want to be on it they're really boring when they're offline but they're also really boring too attackers when they're offline as soon as you turn them on you have a problem or could have a problem but as things traverse the network what better place to see who and what's on your network and on the gear and end of the day we're able to provide that visibility we're able to provide that enforcement so as you mentioned 2020 is now the year of awareness for us so the threat aware network we're able to do things like look at encrypted traffic do heuristics and analysis to figure out should that even be on my network because as you bring it into a network and you have to decrypt it a there's privacy concerns of that in these times but also it's computationally expensive to do that so it becomes a challenge from a both a financial perspective as well as a compliance perspective so we're helping solve s even kind of offset that traffic and be able to ensure your network secure so when we started developing our cyber recovery solution about five years ago we used the NIST cybersecurity framework which is a very well known standard that defines really five pillars of how organizations can think about building a cyber resilience strategy a cyber resilience strategy really encompasses everything from perimeter threat detection and response all the way through incident response after an attack and everything that happens in between protecting the data and recovering the data right and critical systems so I think of cyber resilience is that holistic strategy of protecting an organization and its data from a cyberattack yeah I think the human element is the hardest part you know in mind of this conference and its theme the human element the hardest part about this job is that it's not just mechanical issues and routing issues and networking issues but is about dealing with all types of humans innocent humans that do strange and bad things unknowingly and it's in malicious people who do very bad things that is by design and so the research suggests that no matter what we do in security awareness training some four percent of our employee base will continually bail security awareness that's what we fished and actively and so one of the things that we need to do is use automation and intelligence so that you can comb through all of that data and make a better informed decision about what risks are going to mitigate right and for this four percent are habitually abusing the system and can't be retrained well you can isolate them right and make sure that they're separated and then they're not able to to do things that may harm the organization you

>> Announcer: Live from San Francisco, it's theCUBE covering RSA Conference 2020 San Francisco, brought to you by SiliconANGLE Media. >> Okay, welcome back, everyone, to CUBE's coverage here in San Francisco at RSA Conference 2020. I'm John Furrier, your host. You know, cybersecurity industry's changing. Enterprises are now awake to the fact that it's now a bigger picture around securing the enterprise, 'cause it's not only the data center. It's cloud, it's the edge, a lot of great stuff. We've got a great guest here from Dell EMC. Peter Gerr's a consultant, cyber resilience solutions and services marketing at Dell EMC. Great to see you. >> You too, John. >> Thanks for coming on. >> Good to see you again, thank you. >> So, you know, I was joking with Dave Volante just this morning around the three waves of cloud, public cloud, hybrid cloud, multicloud. And we see obviously the progression. Hybrid cloud is where everyone spends most of their time. That's from ground to cloud, on-premises to cloud. So pretty much everyone knows-- >> Peter: On-ramp, kind of. >> That on-prem is not going away. Validated by all the big cloud players. but you got to nail the equation down for on-premises to the cloud, whether it's, I'm Amazon-Amazon, Azure-Azure, whatever, all those clouds. But the multicloud will be a next generation wave. That as an industry backdrop is very, very key. Plus AI and data are huge inputs into solving a lot of what is going to be new gaps, blind spots, whatever insecurity. So I got to, you know, Dell has a history with huge client base, traditional enterprises transforming. You're in the middle of all this, so you got the airplane at 30,000 feet and the companies have to swap out their engines and reboot their teams, and it's a huge task. What's going on with cyber and the enterprises? What are some of the key things? >> Well, so I like to keep it pretty simple. I've been in this industry over 20 years and I've really consistently talked about data as the global currency, right? So it's beautifully simple. Whatever industry you're in, whatever size company you're in, enterprise or even now small to medium businesses, their businesses are driven by data. Connectivity to that data, availability of the data, integrity of the data, and confidentiality of the data. And so sort of the area of the world that I focus upon is protecting customers' most valuable data assets, now, whether those are on-prem, in the cloud, or in a variety of modalities, and ensuring that those assets are protected and isolated from the attack surface, and then ability to recover those critical assets quickly so they can resume business operations. That's really the area that I work in. Now, that data, as you pointed out, it could start on-prem. It could live in multicloud. It can live in a hybrid environment. The key is really to understand that not all data is created equally. If you were to have a widespread cyber attack, really the key is to bring up those critical applications systems and data sets first to return to business operations. >> Yeah, it's funny-- >> Peter: It's really challenging >> You know, it's not funny, it's actually just ironic, but it's really kind of indicative of the society now is that EMC was bought by Dell Storage and the idea of disruption has always been a storage concept. We don't want a lot of disruption when we're doing things, right? >> Peter: None, we can't, yeah. >> So whether it's backup and recovery or cyber ransomware, whatever it is, the idea of non-disruptive operations-- >> Absolutely. >> Has been a core tenant. Now, that's obviously the same for cyber, as you can tell. So I got to ask you, what is your definition and view of cyber resilience? Because, well, that's what we're talking about here, cyber resilience. What's your view on that? >> So when we started developing our cyber recovery solution about five years ago, we used the NIST cybersecurity framework, which is a very well-known standard that defines really five pillars of how organizations can think about building a cyber resilience strategy. A cyber resilience strategy really encompasses everything from perimeter threat detection and response all the way through incident response after an attack and everything that happens in between, protecting the data and recovering the data, right? And critical systems. So I think of cyber resilience as that holistic strategy of protecting an organization and its data from a cyber attack. >> That's great insight. I want to get your thoughts on how that translates into the ecosystem, because this is an ecosystem around cyber resilience. >> Peter: Absolutely. >> And let's just say, and you may or may not be able to comment on this, but RSA is now being sold. >> Peter: Yeah, no, that's fair. >> So that's going out of the Dell family. But you guys have obviously VMware and Secureworks. But it's not just you guys. It's an ecosystem. >> It really is. >> How does Dell now without, with and without RSA, fit into the ecosystem? >> So as I mentioned, cyber resilience is really thought of as a holistic strategy. RSA and other Dell assets like Carbon Black fit in somewhere in that continuum, right? So RSA is really more on threat detection and response, perimeter protection. The area of the business that I work on, data protection and cyber recovery, really doesn't address the prevention of attacks. We really start with the premise that preventing a cyber attack is not 100% possible. If you believe that, then you need to look at protecting and recovering your assets, right? And so whether it's RSA, whether it's Carbon Black, whether it's Secureworks, which is about cyber incident and response, we really work across those groups. It's about technology, processes, and people. It's not any one thing. We also work outside of the Dell technologies umbrella. So we integrate, our cyber recovery solution is integrated with Unisys Stealth. So there's an example of how we're expanding and extending the cyber recovery solution to bring in other industry standards. >> You know, it's interesting. I talk to a lot of people, like, I'm on theCube here at RSA. Everyone wants better technology, but there's also a shift back to best-of-breed, 'cause you want to have the best new technology, but at the same time, you got to have proven solutions. >> Peter: That's the key. >> So what are you guys selling, what is the best-of-breed from Dell that you guys are delivering to customers? What are some of the areas? >> So I'm old EMC guy myself, right? And back from the days of disaster recovery and business continuity, right? More traditional data protection and backup. The reality is that the modern threats of cyber hackers, breaches, insider attacks, whatever you like, those traditional data protection strategies weren't built to address those types of threats. So along with transformation and modernization, we need to modernize our data protection. That's what cyber recovery is. It's a modern solution to the modern threat. And what it does is it augments your data, excuse me, your disaster recovery and your backup environment with a purpose-built isolated air gap digital vault which is built around our proven Data Domain and PowerProtect DD platforms that have been around for over a decade. But what we've done is added intelligence, analytics, we've hardened that system, and we isolate it so customers can protect really their most valuable assets in that kind of a vault. >> So one of things I've been doing some research on and digging into is cyber resilience, which you just talked about, cyber security, which is the industry trend, and you're getting at cyber recovery, okay? >> Peter: Correct. >> Can you talk about some examples of how this all threads together? What are some real recent wins or examples? >> Sure, sure. So think of cyber recovery as a purpose-built digital vault to secure your most valuable assets. Let me give you an example. One of our customers is a global paint manufacturer, okay? And when we worked with them to try to decide what of their apps and data sets should go into this cyber recovery vault, we said, "What is the most critical intellectual property "that you have?" So in their case, and, you know, some customers might say my Oracle financials or my Office 365 environment. For this customer it was their proprietary paint matching system. So they generate $80 to $100 million every day based upon this proprietary paint matching system which they've developed and which they use every day to run their business. If that application, if those algorithms were destroyed, contaminated, or posted on the public internet somewhere, that would fundamentally change that company. So that's really what we're talking about. We're working with customers to help them identify their most critical assets, data, systems, applications, and isolate those from the threat vector. >> Obviously all verticals are impacted by cyber security. >> Every vertical is data-driven, that's right. >> And so obviously the low-hanging fruit, are they the normal suspects, financial services? Is there a particular one that's hotter than, obviously financial services has got fraud and all that stuff on it, but is that still number one, or-- >> So I think there's two sides to the coin. One, if you look at the traditional enterprise environments, absolutely financial services and healthcare 'cause they're both heavily regulated, therefore that data has very high value and is a very attractive target to the would-be hackers. If you look on the other end of the spectrum, though, the small to medium businesses that all rely on the internet for their business to run, they're the ones that are most susceptible because they don't have the budgets, the infrastructure, or the expertise to protect themselves from a sophisticated hacker. So we work across all verticals. Obviously the government is also very susceptible to cyber threats. But it's every industry, any business that's data-driven. I mean, everyone's been breached so many times, no one even knows how many times. I got to ask you about some cool trends we're reporting on here. Homomorphic encryption is getting a lot of traction here because financial services and healthcare are two-- >> Peter: Homomorphic? >> Homomorphic, yeah. Did I say that right? >> It's the first time I've ever heard that term, John. >> It's encryption at in use. So you have data at rest, data in flight, and data in use. So it's encryption when you're doing all your, protecting all your transactional data. So it's full implementation with Discovery. Intel's promoting it. We discovered a startup that's doing that, as well. >> Peter: Yeah, that's new for me, yeah. >> But it allows for more use cases. But data in use, not just motion, or in-flight, whatever they call it. >> Peter: I get it, yeah, static. >> So that's opening up these other thing. But it brings up the why, why that's important, and the reason is that financial services and healthcare, because they're regulated, have systems that were built many moons ago or generations ago. >> Absolutely. >> So there was none of these problems that you were mentioning earlier, like, they weren't built for that. >> Correct. >> But now you need more data. AI needs sharing of data. Sharing is a huge deal. >> Real-time sharing, too, right? >> Real-time sharing. >> And I think that's where the homomorphic encryption comes in. >> That's exactly right. So you mentioned that. So these industries, how can they maintain their existing operations and then get more data sharing? Do you have any insight into how you see that? Because that's one of those areas that's becoming like, okay, HIPAA, we know why that was built, but it's also restrictive. How do you maintain the purity of a process-- >> If your infrastructure is old? That is a challenge, healthcare especially, because, I mean, if I'm running a health system, every dollar that I have should really go into improving patient care, not necessarily into my IT infrastructure. But the more that every industry moves towards a real-time data-driven model for how we give care, right, the more that companies need to realize that data drives their business. They need to do everything they can to protect it and also ensure that they can recover it when and if a cyber attack happens. >> Well, I really appreciate the insight, and it's going to be great to see Dell Technologies World coming up. We'll dig into a lot of that stuff. While we're here and talking us about some of these financial services, banking, I want to get your thoughts. I've been hearing this term Sheltered Harbor being kicked around. What is that about? What does that mean? >> Sheltered Harbor, you're right, I think you'll hear a lot more about it. So Sheltered Harbor is a financial industries group and it's also a set of best practices and specifications. And really, the purpose of Sheltered Harbor is to protect consumer and financial institutions' data and public confidence in the US financial system. So the use case is this. You can imagine that a bank having a cyber attack and being unable to produce transactions could cause problems for customers of that bank. But just like we were talking about, the interconnectedness of the banking system means that one financial institution failing because of a cyber attack, it could trigger a cascade and a panic and a run on the US financial banks and therefore the global financial system. Sheltered Harbor was developed to really protect public confidence in the financial system by ensuring that banks, brokerages, credit unions are protecting their customer data, their account records, their most valuable assets from cyber attack, and that they can recover them and resume banking operations quickly. >> So this is an industry group? >> It's an industry group. >> Or is it a Dell group or-- >> No, Sheltered Harbor is a US financial industry group. It's a non-profit. You can learn more about it at shelteredharbor.org. The interesting thing for Dell Technologies is we're actually the first member of the Sheltered Harbor solution provider program, and we'll be announcing that shortly, in fact, this week, and we'll have a cyber recovery for Sheltered Harbor solution in the market very shortly. >> Cyber resilience, great topic, and you know, it just goes to show storage is never going away. The basic concepts of IT, recovery, continuous operations, non-disruptive operations. Cloud scale changes the game. >> Peter: It's all about the data. >> It's all about the data. >> Still, yes, sir. >> Thanks for coming on and sharing your insights. >> Thank you, John. >> RSA coverage here, CUBE, day two of three days of coverage. I'm John Furrier here on the ground floor in Moscone in San Francisco. Thanks for watching (electronic music)

>> Announcer: Live from San Francisco, it's theCUBE covering RSA Conference 2020, San Francisco. Brought to you by SiliconANGLE Media. >> Welcome back everybody, Jeff Frick with theCUBE. We're at RSA 2020. It's day four, it's Thursday. This is a crazy long conference, 40,000 people. Even with the challenges presented by coronavirus, and there's a lot of weird stuff going on, the team pulled it together, they went forward. And even though there was drops out here and there, I think all in all, most people will tell you, it's been a pretty successful conference. And we're excited to be joined by really one of the top level sponsors here, that's still here and still doing good things. It's Vittorio Viare... Viarengo, sorry, the new interim CMO of McAfee. >> Yeah. >> Vittorio, I just call you Vittorio all the time. I never look past your first name. Great to see you. >> Likewise. It's always a pleasure to be here with an institution of Silicon Valley-- >> Oh thank you, thank you. So interim CMO, I always think of like interim football coaches that they get pulled in halfway through the season, so the good news is you kind of got the job and all the responsibilities. The bad news is, you still have that interim thing, but you don't care, you just go to work, right? >> Now whenever you have an interim job, you have to just do the job and then that's the best way to operate. >> Yeah, so again, I couldn't help but go back and look at that conversation that we had at Xerox Parc, which is interesting. That's pretty foundational, everything that happens in Silicon Valley, and so many discoveries up there. And you touched on some really key themes in the way you manage your teams, but I think they're really much more valuable, and worth bringing back up again. And the context was using scrum as a way to manage people, but more importantly, what you said is it forced you as a leader to set first priorities and have great communication; and to continually do that on this two week pace, to keep everybody moving down the road. I think that is so powerful and so lacking unfortunately, in a lot of organizations today. >> Yeah, look, I think that when you hire smart people, if you just make sure that they understand what their priorities are, and then remove the obstacle and get out of the way, magical things happen. And I give you example that is very close to your heart. When I took over a great team at Skyhigh, that got bought by McAfee, they had content marketing down to a science, but they were lacking videos. So I brought that in. I said, "Guys, people watch videos, "people engage with videos, "we need to start telling the story through videos." And I started pushing, pushing, pushing, and then I pulled back, and these guys took it to a whole new level. And then they're doing videos, they're very creative, they are crisp. And I'm like, "Yeah, my job is done." >> It is really wild how video has become such an important way for education. I mean it used to be... I remember the first time I ever saw an engineer use Google to answer a question on writing code. I had never seen that before. I'm not a coder. Wow, I thought it was just for finding my local store or whatever. And now to see what really... I think YouTube has pushed people to expect that the answer to any question should be in a video. >> So, yesterday literally, somebody from a company I don't even know stopped me and said, "I watch you to videos on container. "Thank you very much." I was like, "What, you?" And the genesis of that was the sales people ask me, "Hey, we're selling container security and all that," but I don't even understand what containers are. Okay, sure. So I shot a video and I'm the CMO, I was the vice president. I think you have to put your face on your content. It doesn't matter how senior you are, you're not in a corner office, you're down there with the team. So I got into the studio, based on my background at VMware, I knew virtual machine, and I said, "Okay, how do you explain this "to somebody who's not technical?" And next thing you know, it makes its way out there, not just to our sales force, but to the market at large. That's fantastic. >> Right, and let me ask you to follow up on that because it seems like the world is very divergent as to those who kind of want their face, and more their personality to be part of their business culture and their business messaging, and those that don't. And you know, as part of our process, we always are looking at people's LinkedIn, and looking at people's Twitter. I get when people don't have Twitter, but it really surprises me when professionals, senior professionals within the industry aren't on LinkedIn. And is just like, wow! That is such a different kind of world. >> LinkedIn right now is... and I'm stealing this from Gary on the Chuck, as a big believer in this. LinkedIn right now is like Facebook 10 years ago. You get amazing organic distribution, and it's a crime not to use it. And the other thing is if you don't use it, how are you going to inspire your team to do the right thing? Modern marketing is all about organic distribution with a great content. If you're not doing it yourself... I grew up in a bakery. I used to look at my mom, we have a big bakery. We had eight people working, and I said, "Ma, why are you workin' so hard? "Your first day, last hour?" And she said, "Look, you cannot ask your people, "to work harder than you do." That was an amazing lesson. So it's not just about working hard, and harder than your team, it's about are you walking the walk? Are you doing the content? Are you doing the modern marketing things that work today, if you expect your people to also do it? >> Yeah, it's just funny 'cause, when we talk to them, I'm like, "If you don't even have a LinkedIn account, "we shouldn't even be talking to you "because you just won't get what we do. "You won't see the value, you won't understand it "and if you're not engaging at least "a little bit in the world then..." And then you look at people say like Michael Dell, I'll pick on or Pat Gelsinger who use social media, and put their personalities out there. And I think it's, people want to know who these people are, they want to do business with people that they they like, right? >> Absolutely. You know what's the worst to me? I can tell when an executive as somebody else manages their account, I can tell from a mile away. That's the other thing. You have to be genuine. You have to be who you are on your social and all your communication because people resonate with that, right? >> Right. All right, so what are you doing now? You got your new title, you've got some new power, you've got a great brand, leading brand in the industry, been around for a while, what are some of your new priorities? What's some of the energy that you're bringing in and where you want to to go with this thing? >> Well, my biggest priority right now is to get the brand and our marketing to catch up with what the products and the customers are already which is, Cloud, Cloud, Cloud. So when we spun off from Intel two years ago, we had this amazing heritage in the endpoint security. And then we bought Skyhigh, and Skyhigh was transformational for us because it became the foundation for us to move to become a cloud-first organization. And is in the process of becoming a cloud-first organization, and creating a business that is growing really fast. We also brought along the endpoint, which now is all delivered from the Cloud, to the cloud-first open unified approach, which is exciting. >> And we see Edge is just an extension of endpoints, I would assume. It just changes the game. >> Yeah, so if you think about today modern work gets done with the backend in the Cloud, and accessing those backends from the device, right? >> Right. >> And so, our strategy is to secure data where modern work gets done, and it's in the device, in the Cloud, and on the edge. Because data moves in and out of the Cloud, and that's kind of the edge of the Cloud. That's what we launched this week at RSA we launched Unified Cloud Edge, which is our kind of a, Gartner call's it SaaS-y, so that we are kind of the security. We believe we have the most complete and unified security part of the SaaS-y world. >> Okay, I just laugh at Gartner and the trough of disillusion men and Jeff and I always go back to a Mars law. Mar does not get enough credit for a Mars law. We've got a lot of laws, but Mars law, we tend to overestimate in the short term, the impact of these technologies, and they completely underestimate really the long tail of this technology improvements, and we see it here. So let's shift gears a little bit. When you have your customers coming in here, and they walk into RSA for the first time, how do you tell people to navigate this crazy show and the 5,000 vendors and the more kind of solutions and spin vocabulary, then is probably save for anyone to consume over three days? >> Look, security is tough because you look around and say, "You have six, 700 vendors here." It's hard to stand out from the crowd. So what I tell our customers is use this as a way to meet with your strategic vendors in the booth upstairs. That's where you conduct business and all that. And I walk around to see from the ground up, send your more junior team out there to see what's happening because some of these smaller companies that are out here will be the big transformational companies or the future like Skyhigh was three four years ago, and now we're part of McAfee, and leading the charge there. >> Yeah, just how do you find the diamond in the rough, right? >> Yeah. >> 'Cause there's just so much. But it's still the little guys that are often on the leading edge and the bleeding edge, of the innovation so you want to know what's going on so that you're kind of walking into the back corners of the floor as well. >> That's why I am lifelong learner, so I go around to see what people do from a marketing perspective because, the last thing I want to do, I want to become obsolete. (Jeff laughs) And the way you don't become obsolete is to see what the new kids on the block do and steal their ideas, steal their tactics take them to the next level. >> Right, so I want to ask you a sensitive question about the conference itself and the coronavirus thing and we all saw what happened in Mobile World Congress. I guess it just got announced today that Facebook pulled F8, their developer conference. We're in the conference business. You go to a lot of conferences. Did you have some thought process? There were some big sponsors that pulled out of this thing. How did you guys kind of approach the situation? >> It's a tough one. >> It's a really tough one. >> It's a very tough one 'cause last thing you want to do is to put your employees and your customers at risk. But the way we looked at it was there were zero cases of coronavirus in San Francisco. And we saw what the rest of the industry was doing, and we made the call to come here, give good advice to our employees, wash their hands, and usual and this too will pass. >> Yeah, yeah. Well Vittorio, it's always great to catch up with you. >> Likewise. >> I just loved the energy, and congratulations. I know you'll do good things, and I wouldn't be at all surprised if that interim title fades away like we see with most great coaches. >> Good. >> So thanks for stopping by. >> My pleasure. >> All right, he's Vittorio, I'm Jeff. You're watching theCUBE, we're at RSA 2020 in San Francisco. Thanks for watching, we'll see you next time. (upbeat music)

>> Narrator: Live from San Francisco, it's theCube covering RSA Conference 2020 San Francisco brought to you by Silicon Angle Media. >> Hey welcome back here ready Jeff Frick here with theCube. We're at the RSA Conference downtown San Francisco, about 40,000 people In the year we're going to know everything with the benefit of fine sight. It's not really working out that way. So we're still going out to the events, getting the smartest people we can find, bringing them to you. We're excited to have our very next guest. He's Steve Chin, the senior director of developer relations for JFrog. Steve, great to meet you. >> Thanks very much for having me here at the conference. >> Absolutely so for people that don't know JFrog, give him kind of the one on one. >> So I think the simplest way to describe our company is where the database of DevOps >> The database of DevOps. (laughs) I don't know that that would be the simplest way, >> But basically when companies want to deliver software faster, when they're looking at how to speed up their feature development, how to respond quicker to security, we provide a end-to-end DevOps platform, the JFrog platform, which accomplishes this for companies. >> Okay so a lot of people know about DevOps. A lot of people have experienced with rapid iteration on their apps. I don't know why they have to keep uploading updates all the time. There's a ton of great benefits to that and this really revolutionize the software industry. That said, the other kind of theme here at RSA and a lot of the security conferences is you can no longer bolt security on. It can no longer be a moat around the castle. It can no longer be a firewall on the edge of the network that it has to be baked in all the way through the product. And that goes right back to kind of what you guys do. And on the DevOps, how do devs who didn't necessarily get trained on security don't necessarily want to know about security and probably would prefer not to have to deal they probably liked the better when they could just push it off, but kind of like they used to push it off to prod. That's not the way anymore they have to bake it in. So how do you help them do that? What do you kind of see in terms of trends in the space? >> Yeah, so I think what we're seeing in the industry is that companies want to deliver, they need to deliver software more quickly and more rapidly. Just based on user requirements. So if you think about your phone, your car, like pretty much everything is updating constantly and it's not even a choice anymore. Updates get pushed to you because you need new features. You also need security fixes for things. And this is happening weekly, daily, hourly. As new threats are exposed and for companies, the standard processes which might have been used in the past to type security or reviews to run a complicated scanners to have like different checkpoints that doesn't work in an environment where you're continuously deploying. And really if you think about it, the only way you can accomplish rapid iteration, high security is to be doing security scanning as a part of your workflow. As a part of your DevOps workflow and shifting left. So going towards the developers and giving them more tools, which give them information about potential security risks. So as an example, developers code and an IDE or some sort of visual environment. And if you can present the information up front right there and tell them, "Hey, this open source library "you're using it has a security vulnerability, "there's a new version you should upgrade." Or "Hey this component that has an incompatible license. "Like this doesn't meet our security requirements." Those sort of things if they're caught while you're developing new features, it saves time and money there. But it delays potential slippage, risks, pushback from the security team at the other end. The next step is when they check in code or when they're executing a build. You want to be scanning up front scan the bills, scan the binary's really far up the chain. And that way you're catching security vulnerabilities during the iterative development process. By the time you get to like QA to stage to production, security vulnerabilities shouldn't be a surprise. They should be something which the teams up front know about. They're addressing and you're using tools which are designed in that workflow to really give early, often feedback to the teams up the chain and see it's the only way like all the large companies doing continuous deployments. This is how you have to approach it. You use multiple techniques, you use binary scatters, you use source code scanners even runtime scanners and you make sure you shift as much left as possible, which is exactly what the JFrog platform enables development teams to do. >> So what percentage roughly is just making sure you've got the first thing that you described that you've got the right libraries that you're using the right tools that have already gone through some security protocol check versus just writing in a bad sequence of steps or that API call or opening up some hole via just bad code choices. Yeah so I think increasingly as companies depends more on third party libraries, open source libraries. if you think about your average application, you're bundling in hundreds of different components and libraries which you have relatively little control over. And a simple way to look at this as if you created a Docker container today, you loaded up with a bunch of DB and packages, maybe a few application bundles within a few days, at the end of a month, that will be full of security vulnerabilities. So that container you build one month ago, it will be full which is outdated. You'll have hundreds of security vulnerabilities >> Just because validated patches or because people see it in attacking? >> Well the thing is you constantly have folks releasing new software, identifying vulnerability risks, patching those risks. And if you don't stay current, if you're not constantly updating your software to stay up with the latest security patches, you're putting your customers and your own business at risk. So I think today that is the number one issue with software is we all depend on open source libraries and components which are used by a lot of companies are constantly being improved and then patched. And the most important thing is knowing when their security vulnerability is identifying the risk of how those impact your customers and then patching as quickly as possible. >> And then the other piece of it is just API is to lots of other people, software that I don't necessarily have access to rights to. So the fact that so much of this stuff is all tied together. Now an attendant just opens up kind of a whole another layer of a potential attack surface. So have you seen things change in kind of IOT as kind of OT and IT come together with IOT and a lot of those OT devices, we're not necessarily set up for patching, they weren't necessarily set up with easy to get into operating systems or maybe too easy to get into operating systems. How are you seeing kind of all the growth that's happening there impact this conversation? >> Yeah, so I think especially with edge devices, I think what we've realized is that edge devices which aren't being updated or insecurity devices. So if you don't have a plan for how you update a new patch and you address security vulnerabilities in your edge devices, they're subject to the same risks. If they're running a variant of Linux, then they're running open source software. They're running a bunch of libraries. If they're on the network, they're open to network attacks. And we have even more complicated edge devices rolling around the roads now. There were some critical security patches and several of the self driving cars with braking systems, with obstacle avoidance systems. So if you don't have an aggressive plan on how you're patching your edge devices you reached the same sort of challenge. And what that involves again is identifying what libraries and components you depend upon, assessing the security risks, which those pose and then having a distribution plan. How do you go from your systems through builds, through deployments and then do the edge distribution to all the devices to get critical security updates to your end users as quickly as possible. >> I'm just curious who do you see on the teams that ultimately has responsibility that this is ready to go or not go. 'Cause we've seen too many instances of stuff that gets shipped that's not ready to go. I can certainly see the pressure to get stuff shipped and somebody says, well, that's okay, we'll just get that patch out. We'll get that patch out next week or we'll get that patch out sometime down the road. And we've seen a ton of things go out that are super easily hacked children's toys and some of these things that have all kinds of really bad implications to it. Is there somebody usually on the team that's, that needs to give the stamp of approval? Is it more of kind of a broad? >> Yes I think the traditional approach is having somebody within the company responsible for security, but increasingly to effectively address security, it needs to be the ownership of the whole team from end to end to make it successful. So the more the security team can be an ally of the QA team of the development team, of the DevOps team rather than being the gatekeeper, they want to be the ally of those teams. Then the more successful it is. So arming the other teams in your company with knowledge about security risks, arming with tools which provide visibility into different security vulnerabilities. That's the way which you have a end-to-end secure product because when you get to the release, if the security team holds up the release, you're either making a bad decision or a bad decision. Catching it up front. When you're building features, then you actually can address it and build the right security into your product, which is much better for your customers and your company. >> Well, Steve, interesting conversation, interesting times. The DevOps and the rapid deploy is certainly the way it is that we're here. So being able to effectively bake that security is only a good thing, but really a necessary thing. >> Well, this was great chatting with you and the conference here is great to see all of these folks focused on improving security and taking us to the next generation with more secure edge devices. >> I don't think there'll be any shortage of need for security professionals anytime soon. All right well thanks again Steve. >> All right, thank you. All right Steve, I'm Jeff Frick. You're watching theCube. We're at the RSA Conference in downtown San Francisco. Thanks for watching. We'll see you next time. (upbeat music)

>> Narrator: Live from San Francisco. It's theCUBE. Covering RSA conference 2020 San Francisco. Brought to you by SiliconANGLE Media. (upbeat music) >> Hey, welcome back, everybody. Jeff Rick here with theCUBE. We're at RSA 2020, Moscone and beautiful San Francisco's day four I think Thursday already. This is a crazy conference Monday, Tuesday, Wednesday, Thursday, and Friday. I don't think we'll be here for tomorrow. It's been a pretty full slate. As it is, we're excited to have our next guest. She is Rose Ross, the founder and chief trailblazer, for Tech Trailblazers. Rose. Great to meet you. >> It's great to be here too. >> Absolutely. So what are the Tech Trailblazers? >> So the Tech Trailblazers are an awards lead platform, which recognizes the creme de la creme of the enterprise Tech startup landscape. >> Jeff: Okay. >> So we cover the categories from AI through to storage, but obviously security is a big part of that and we find that security and cloud are usually our most popular awards to be entered into. >> Okay, and I assume you're, really recognizing the individuals more than the companies, >> We do both. >> Or is it more of the companies? You do both. >> We do the Tech category so they can compare like for like apples with apples, pears with pears, security startups with security startups. And then we also acknowledge and recognize some of the key players in those startups. So we have a female trailblazers and a male trailblazer each year . >> Okay, and how long have you been doing this? >> This is our eighth edition. >> The eighth edition. >> Started for a while. 2012 was our first outing. >> Okay, And you said you just gave out this year's Awards on Monday? >> That's right. We announced it. Yeah, day one of RSA. >> Right, so give us some of the highlights. Who were some of the special people that you called out this year? >> Some of the special people, I actually sat down with one of the special people just now interviewed CEO of Shift-left who is our security trailblazer this year. Manish Gupta and yeah, we spent some time chatting about his journey and his challenges and his successes. And finding out more about the technology itself. So. >> And so what are the criteria to win? >> So we kind of look at a number of elements. We have an independent body of judges who are from the analyst community, from the blogger community from industry itself. So we have CSOs, CIOs, and just people who understand the Technology really, at both the technical level and what is needed by the marketplace. So we look at a number of things. One is obviously innovation. If you're looking at the startup world, you want to look at people who are bringing new and exciting things that are needed by companies, to either secure them or store their data or analyze their data. But we also look at how they're doing in the market. So, we'll be looking at what their go to market strategy is, how they're engaging with the end user community, that type of stuff. >> Okay. And at what stage in their growth are they generally you know, kind of coming into your radar? >> So we sort of do the cutoff for a start up as being having not celebrated their sixth birthday yet. >> Six birthday okay. >> Right, so and have not gone beyond Series C funding. >> Okay. >> So you wanted to keep it on the the newer end of the startup spectrum. We also have a special award for those that have not received any VC funding whatsoever. So they're either growing organically or privately funded. That could be seed capital, you know, crowdfunding, whatever that might be. And they have to be two years or younger, and they are all fire starters. >> And those are fire starters. So those are probably it's just really a function of life, 'cause I would imagine the vast majority of the companies that you recognize, eventually get VC funding if you're playing in this crazy technology space. >> It certainly helps to get to where you want to go. Accelerate, put a bit more fuel in the tank. >> So you also announced in your press release the incredible amount of money (laughs) your award winners have raised over time. Do you tell us a little bit more about that? >> Well, yeah, with RSA this week, we thought it'd be a great time to reflect back on what our security trailblazers had done over these eight editions. And obviously, it's a little bit early for expecting additional fundraising from Shift-left, 'cause they literally got the award on Monday. >> Great. >> But hopefully, if you look at the history of it all, we look at the people who've received the accolade over the last eight editions, nearly all of them have been within their first two years. Most of them have done at least one round of funding, but have usually gone on to do another significant round of funding within 12 months of having one, we'd love to take all the credit for that, but I think you really need to put that on the team. >> Jeff: Right. >> And acquisitions have also been quite prevalent. So we looked at the numbers just before RSA, and it was 72 722 million of the disclosed raised, and just in the security, >> Right. >> Space. Unfortunately, or very fortunately for one of our winners, ZeroFOX, they just peeped in with raising 74 million last Friday, which we didn't include. So if we put the undisclosed it would definitely over 800 million now. So well done to the ZeroFOX guys. >> Right, so how did you get involved in this? >> It was an idea that I had. My my other life is a Tech PR person. And we were working on a campaign for a show somewhat like RSA in the UK. And we thought it would be a great idea to run a startup competition to highlight some new entrants to the market. Unfortunately, they didn't think it was a fit for what they wanted to do, but it was such a compelling idea. I've worked with startups all my life and one of the challenges was always with them, particularly in the early stages to get recognition and to get coverage. So we thought we can do something about this. And I thought, well, nobody's going to listen to a PR person. They aren't interested in what I think. I'm not an expert on who's great in this space. So I spoke to Joe Bagley, who's the CTO of Amir for VMware, who's somebody I've worked with a lot over the years. And I said, Look, Joe, if I run something like this, would you come on board as a judge? And he said, Absolutely, I think it's a brilliant idea. And luckily, many other amazing judges has followed in his footsteps. So it's thanks to them, so. >> How many judges are there? >> We have around 40. I mean, we have a number of what a number of categories. So we want a specialist in those areas. Some cover multiple light cloud and security or Cloud and Storage. But obviously, when you look at AI and blockchain and all these other categories, you need people who really understand that space. >> And what's the process kind of how big is the top of the funnel when he started? And then how do you kind of whittle it down to the end when you said 1212 categories, so 12 winners per year about? >> Yeah. So we started off as obviously people enter usually through their PR team or their marketing team, or pull together the information that we request, which is quite a lengthy process, it's a big commitment of time. But not huge, but we do want to get to a certain amount of detail, to make a decision and give the judges something to work with. Then for that period, we then put out the judges to create the shortlist. So they will come back they will score on a number of elements, which are things like innovation and the maturity of the technology, then go to market attractiveness and their own personal view of how exciting and it is intuitive and how trailblazing it actually is. >> Right. >> Then we put it out to a public vote, but also the judges then take the shortlist and take another look at everybody. >> And it gets a public vote too? >> Yes, it does. >> It so does. Do the judges ever meet with the the nominees or is it all done based on the application the application packet that you put together and any other independent information they find on their own? >> Well, we still would encourage. I know the judges do like to reach out to people. And I know that obviously there are relationships because of the nature of the types of judges. >> Jeff: Sure. >> Obviously, we've got people in industry within the vendor community, analysts and bloggers, so they will have people that they know. So I always encourage people, if they say, you know, what would you do? I said, Well, if I was you, I would also reach out to the judges in your area, and just make them aware of who you are. And if they have other questions that they should you know, set up a briefing or something. >> Right. So it's really interesting concept to get the pub into the startup world because it's really, as you know, being in PR, you know, it's really hard to get elevated above the noise, if you will. And you know, we're sitting here surrounded by I don't even know how many thousands of vendors are in this hall. >> The early stage has 51 just as a starter. >> 51 in the early stage expo. >> Yes. >> Which hall is that? >> It's up on the second floor. >> On the second floor. Then there's little like corners of cubbies have of not even 10 by 10s. But you know the kind of the classic kiosks. So, when you're talking to two small companies, regardless of whether they go for the word, what do you tell them as a PR pro? What do you tell them as someone who's, you know, kind of seeing the challenges of trying to raise your profile as a small company? Do you stick to your knitting? Do you in a try to get a high profile? When you know, what are some of the tips and tricks that help little companies rise above the den, if you will, in this great space. >> Validation is always very important. Talk to the influencers in your space, talk to the analysts in your space, the bloggers in your space, and get that feedback and integrate it into your plan of how you create your message. And I think that's one of the hard things, a lot of startups particularly in the technology space, particularly enterprise Tech, they really in the weeds with what's amazing about their products and why they put it together. But you really have to put that into very simple terms. >> Jeff: Right. >> I mean, if you look at someone like RSA, we have got, you know, a lot of buzzwords kicking around here. You do have to try and put that into the deeds and requirements of the end user community. That's always got to be your lens on things >> Right. >> really. >> And you also you always have the vendor viability issues, you know, with your top and even if your Tech relatively inexpensive, maybe as a PLC or this or that, it still takes an investment from your potential customers to put it in and take that risk. And, you know, that's a much bigger hurdle to overcome often than simply the pricing or the structure of the deal. Not a easy, not an easy path. >> It has to be a partnership. I mean, one of the things we were advocating a couple years ago is that the bigger organizations really should have somebody who has a role of being a Chief Collaboration Officer for those smaller companies to engage with them. Because even the procurement process can obviously kill you. >> A little kill a little company, right? Even the pre sales, just having meetings and meetings and meetings and meetings and meetings and meetings to talk about the meetings that you're going to have to maybe eventually (laughs) get to somebody who can make a decision. >> Yeah, Its tough. >> Very cool. >> So, any kind of significant changes in the programme over time? Are you pretty much at the same place you were eight years ago? Or do you see this expanding into different categories? How do you see, you know, kind of the evolution of the Trailblazer? >> Well, we like to review everything and we listened to our judges, we listened to people in the marketplace. I mean, I had a great meeting yesterday with somebody in banking, who works with an awful lot of startups. And there is some really good news coming through that. The enterprise Tech VC community, there's a lot more of an appetite. They're starting to see the value more and more of investing in that type of longer longer term, because you can actually scale beyond where you can do sometimes with a consumer Technology. >> Right >> The potential unicorn sometimes don't quite make it. Those horses aren't always that reliable in the race. >> (laughs) Sometimes too much money is not a good thing that is for sure. >> Yeah. >> Or is good for you? It's a great way I know, I think the kind of the award format is a great way to shine a little bit of extra light on some of these companies that are really struggling to get noticed. It's a really difficult process for a startup, especially in such a deep Technology field. Something is so mission critical that people it's just not that easy for people to give you a try and give you a trial. Takes a lot of investment. So good work and look forward >> Thank you. to continuing to see the winners, raise lots of money and have success. >> Right, absolutely. Thank you, Jeff. >> All right Rose thanks again. She's Rose, I'm Jeff. You're watching theCUBE. We're at RSA 2020. Thanks for watching, we'll see you next time. (upbeat music)

>> Announcer: Live from San Francisco, it's theCUBE, covering RSA Conference 2020 San Francisco, brought to you by SiliconANGLE Media. >> Hey, welcome back everybody, Jeff Frick here with theCUBE. We are Thursday, day four of the RSA Show here in Moscone in San Francisco. It's a beautiful day outside, but the show is still going, 40,000-plus people. A couple of challenges with the coronavirus, and some other things going on, but everybody's here, everybody's staying the course, and I think it's really a good message going forward as to what's going to happen in the show season. We go to a lot of shows. Is 2020 the year we're going to know everything with the benefit of hindsight? It's not quite working out so far that way, but we're bringing in the experts to share the knowledge, and we're excited for our next guest, who's going to help us get to know what the answers are. He's Oliver Sherman, senior director, Enterprise Product Marketing for Juniper Networks. Oliver, great to see you. >> Thanks for having me. >> Absolutely, so first off, just general impressions of the show. I'm sure you've been coming here for a little while. >> We have, and I think the show's going very well, as you pointed out, there's a couple of challenges that are around, but I think everybody's staying strong, and pushing through, and really driving the agenda of security. >> So I've got some interesting quotes from you doing a little research for this segment. You said 2019 was the year of enforcement, but 2020 is the year of intelligence. What did you mean by that? >> Specifically, it's around Juniper. We have a Juniper connected security message and strategy that we proved last year by increasing the ability to enforce on all of your infrastructure without having to rip and replace technologies. For instance, on our widely rolled out MX routing platform, we offer second tell to block things like command and control traffic, or on our switching line for campus and data centers, we prevent lateral threat propagation with second tell, allowing you to block hosts as they're infected, and as we rounded that out, and it's a little bit in 2020 we were able to now deliver that on our Mist, or our wireless acquistion that we did last year around this time, so showing the integration of that product portfolio. >> Yeah, we met Bob Friday from Mist. >> Oliver: Excellent. >> He, doing the AI, some of the ethics around AI. >> Oliver: Sure. >> At your guys conference last year. It was pretty interesting conversation. Let's break down what you said a little bit deeper. So you're talking about inside your own product suite, and managing threats across once they get to that level to keep things clean across that first layer of defense. >> Right, well, I mean, whether you're a good packet or a bad packet, you have to traverse the network to be interesting. We've all put our phones in airplane mode at Black Hat or events like that because we don't want anybody on it, but they're really boring when they're offline, but they're also really boring to attackers when they're offline. As soon as you turn them on, you have a problem, or could have a problem, but as things traverse the network, what better place to see who and what's on your network than on the gears, and at the end of the day, we're able to provide that visibility, we're able to provide that enforcement, so as you mentioned, 2020 is now the year of an awareness for us, so the Threat Aware Network. We're able to do things like look at encrypted traffic, do heuristics and analysis to figure out should that even be on my network because as you bring it into a network, and you have to decrypt it, a, there's privacy concerns with that in these times, but also, it's computationally expensive to do that, so it becomes a challenge from both a financial perspective, as well as a compliance perspective, so we're helping solve that so you can offset that traffic, and be able to ensure your network's secure. >> So is that relatively new, and I apologize. I'm not deep into the weeds of feature functionality, but that sounds pretty interesting that you can actually start to do the analysis without encrypting the data, and get some meaningful, insightful information. >> Absolutely, we actually announced it on Monday at 4:45 a.m. Pacific, so it is new. >> Brand new. >> Yes. >> And what's the secret sauce to be able to do that because one would think just by rule encryption would eliminate the ability to really do the analysis, so what analysis can you still do while still keeping the data encrypted? >> You're absolutely right. We're seeing 70 to 80% of internet traffic is now encrypted. Furthermore, bad actors are using that to obfuscate themselves, right, obviously, and then, the magic to that, though, to look at it without having to crack open the package is using things like heuristics that look at connections per second, or connection patterns, or looking at significant exchanges, or even IP addresses to know this is not something you want to let in, and we're seeing a very high rate of success to block things like IoT botnets, for instance, so you'll be seeing more and more of that from us throughout the year, but this is the initial step that we're taking. >> Right, that's great because so much of it it sounds like, a, a lot of it's being generated by machines, but two, it sounds like the profile of the attacks keeps changing quite a bit from a concentrated attacks to more, it sounds like now, everyone's doing the slow creeper to try to get it under the covers. >> Right, and really, you're using your network to your full extent. I mean, a lot of things that we're doing including encrypted traffic analysis is an additional feature on our platform, so that comes with what you already have, so rather than walking in and saying, "Buy my suite of products, this will all" "solve all your problems," as we've done for the past, or as other vendors have done for the past 10, 20 years, and it's never worked. So you why not add things that you already have so you're allowed to amortize your assets, build your best of breed security, and do it within a multi-vendor environment, but also, do it with your infrastructure. >> Right, so I want to shift gears a little bit. Doing some research before you got on, you've always been technical lead. You've been doing technical lead roles. You had a whole bunch of them, and we don't have internet, unfortunately, here, so I can't read them off. >> Oliver: That's fine. >> But now, you've switched over. You've put the marketing hat on. I'm just curious the different, softer, squishy challenge of trying to take the talent that you have, the technical definitions that you have, the detailed compute and stuff you're doing around things like you just described, and now, putting the marketing hat, and trying to get that message out to the market, help people understand what you're trying to do, and break through, quite frankly, some crazy noise that we're sitting here surrounded by hundreds, if not thousands of vendors. >> I think that's really the key, and yes, I've been technical leads. I've run architecture teams. I've run development teams, and really, from a marketing perspective, it's to ensure that we're delivering a message that is, that the market will consume that is actually based in reality. I think a lot of times you see a lot of products that are put together with duct tape, baling twine, et cetera, but then, also have a great Powerpoint that makes it look good, but from a go to market perspective, from whether it's your sellers, meaning the sellers that work for Juniper, whether it's our partners, whether it's our customers, they have to believe in what's out there, and if it's tried and true, and we understand it from an engineering perspective, and we can say it's not a marketing texture, it's a strategy. >> Right. >> That really makes a difference, and we're really seeing that if you look at our year over year growth in security, if you look at what analysts are saying, if you look at what testing houses are saying about our product, that Juniper's back, and that's why I'm in this spot. >> And it really begs to have a deeper relationship with the customer, that you're not selling them a one-off market texture slide. You're not having a quick point solution that's suddenly put together, but really, have this trusted, ongoing relationship that's going to evolve over time. The products are going to evolve over time because the threats are evolving over time, right? >> Absolutely, and to help them get more out of what they already have, and from a go to market perspective, our partners have an addressful market that's naturally through the install base that we have, we're able to provide additional value and services to those customers that may want to lean on a partner to actually build some of these solutions for them. >> All right, well, Oliver, well thanks for stopping by. I'm glad I'm not too late on the encrypted analysis game, so just a couple of days. >> Absolutely. >> Thanks for stopping by. Best to you, and good luck with 2020, the year we'll know everything. >> Absolutely, thanks for having me. >> All right, he's Oliver, I'm Jeff, you're watching theCUBE. We're at RSA 2020 here in Moscone. Thanks for watching. We'll see you next time. (gentle electronic music)

>> Announcer: Live from San Francisco, it's theCUBE, covering RSA conference 2020 San Francisco, brought to you by SiliconANGLE Media. >> Hey, welcome back, everybody. Jeff Frick here with theCUBE. We're at the RSA 2020 show, here in Moscone in San Francisco, it's Thursday, we've been going wall to wall, we're really excited for our next guest. We've been talking about some kind of interesting topics, getting a little bit into the weeds, not on the technology, but some of the philosophical things that are happening in this industry that you should be thinking about. And we're excited welcome, Laurence Pitt, he is the cyber security strategist at Juniper Networks. Laurence, great to meet you. >> Thank you very much, hi. >> Yeah, so before we turn the cameras off, we've been talking about all kinds of fancy things, so let's just jump into it. One of the topics that gets a lot of news is deepfakes, and there's a lot of cute funny things out there of people's voices and things that they're saying not necessarily being where you expect them to be, but there's a real threat here, and a real kind of scary situation that just barely beginning to scratch the surface, I want you to get share some of your thoughts on deepfakes. >> I'm going to think you made a good point at the start. There's a lot of cute and funny stuff out there, there's a lot of fake political stuff you see. So is it seen as being humorous some people are sharing it a lot. But there is a darker side that's going to happen to deepfakes, because a lot of the things that you see today that go out on video, the reason that it is what it is, is because you're very familiar with the person that you're seeing in that video. Is a famous politician, is a movie star, and they're saying something that's out of character or funny and that's it. But what if that was actually the Chief Financial Officer of a major company, where the company appears to have launched a video, very close to the bell ringing on the stock market, that makes some kind of announcement about product or delay or something to do with their quarterly figures or something like that? You know that one minute video, could do a huge amount of damage to that organization. It could that somebody's looking to take advantage of a dip at that point, video goes out, their stocks going to dip, buy it out, then they could profit, but it all could also be much darker. It could be somebody who's trying to do that to actually damage their business. >> So, would you define a very good text base phishing spear phishing as a deepfake, where they've got enough data, where they're, the relevance of the topic is so spot on, the names that are involved in the text are so spot on 'cause they've done their homework, and the transactions that they're suggesting, are really spot on and consistent with the behavior of the things that their target does each and every day. >> So I'm not sure I defined that as a deepfake yet, obviously you've got two types of a phish, you've got a spear phish, which is the the perfected version, the work has gone into target, you as a specific, high value individual for some reason in your organization, but what we are seeing is in the same way that deepfakes are leveraging technology to be able to manipulate somebody, things like the fact that we're all on Instagram, we're all on Facebook, we're all on Twitter, means that social manipulation is a lot easier for the bad guys to be able to create, phishing campaigns that appear to be very much more targeted, they can create emails because they know you've got a dog. They know roughly where you live, because you're this information is coming up in pictures and it's a metro on the internet. And so they can generate automated messaging and emails and things that are going to go out. That will appear to be from whomever you expect to receive it from, using words that you think that only they would know about to make that appear to be more realistic. >> Right. >> And that's actually something, we sort of seen the start of that, but still the thing to spot is that the grammar is very often not very good in these if they haven't perfected the language side of it. >> But that's coming right, but that's coming right. >> But they all getting much more accurate yeah. >> We is an automated transcription service to do all the transcription on these videos. And you know, It's funny you can you can pay for the machine or you can pay for the human, we do both. But it's amazing, even only in the last six months to see the Delta shrink between the machine generated and the person generated. And this is even in, you know, pretty technical stuff that we get in very specific kind of vocabulary around the tech conferences that we cover. And the machines are catching up very, very fast. >> They very much are. but then if you think about, this is not new. What's happened, it's been happening in the background for a while things like quite a lot of legal work is done. If you look at a state agency, for example, conveyancing it's not uncommon for the conveyancing to be done using machine learning and using computer generated documentation because it's within a framework. But of course, the more it does that, the more that it learns. And then that software can more easily be applied to other other areas to be able to do that accurately. >> Right. So another big topic that gets a lot of conversation is passwords. You know, it's been going on forever, and now we're starting to get The two factor authentication, you know, the new Apple phones, you can look at it and identify it, you say now you have kind of biometrics. But that can all be hacked, too, right? It's just a slightly different, a slightly different method. But, you know, even those, the biometric is not at all. >> Well. >> That's secure. >> I think the thing is, you see that when you're logging into something, there's two pieces of information you need. There's there's what you are you as a person and then there's the thing that you know, a lot of people confuse biometrics, thinking of biometric authentication is their password, we're actually the biometric is is the them. And so you still should back things with strong passwords, you still should have that behind it. Because if somebody does get through the biometric that shouldn't automatically just give them access to absolutely everything. It's you know, these are technologies that are provided to make things easier to make it so that you can have less strong passwords so that so that you do know where you're storing information. But People over people tend to rely on them too much, it is still very, very important to use strong passwords to think about the process for how you want to do that. Taking statements and then turning those statements into strange sentences that only you understand maybe having your own code to do that conversion. So that you have a very strong password that nobody's ever going to pick up, right? We know that common passwords, unfortunately, are still 1234567 password, its horrific. >> I know, i saw some article that you're quoted in and it had the worst 25 passwords for 2018 and 2019. And it's basically just pick and pick a string. >> They just don't change. >> But you know, but it's interesting cause, you know, having a hard Prat, you know, it's easy to make, take the time and go ahead and create that, that that strong password. But then, you know, three months later. Salesforce keeps making me do a new one or the bank keeps making me do a new one. What's your opinion in some of these kind of password managers? Because to me, it seems like okay, well, I might be doing a great job creating some crazy passwords for the specific accounts. But what if I could hacked on that thing right now they have everything in the same a single place. >> Yeah. So this is where things like two factor authentication become really, really important. So I use passwords manager. And I've been I'm very, very careful with the how my passwords are created and what goes in there so that i know where certain passwords are created for certain types of account and certain complexities. But I also turned on two factor. And if somebody does try to go into my online password account, I will get an alert to say that they've tried to do that a single failed authentication and I will get an alert to say that they've done it an authentication that happens where I'm not I you know, then I will get a note say I've done that. So this is where there's that second factor actually becomes very important. If you have something that gives you the option to use two factor authentication. Use it. >> Use it. >> You know, it may, you know, we it is a pain when you're trying to do something with your credit card and you have to do One time text. But it'd be more of a pain if you didn't and somebody else was to use it. And to fill it up nicely for you wouldn't right. >> Right. You know, it's funny part of the keynote from Rowan was talking about, you know, as a profession, spending way too much time thinking about the most kind of crazy bizarre, sophisticated attacks. At the at the fault of, you know, not necessarily paying attention to the basics and the basics is where still a lot of the damage was done right. >> You know what? This is the thing and then there's, you know, there's a, there's a few things in our industry. So exactly what you just said. Everybody seems to believe that they're going to be the target of the next really big complex, major attack. The reality is they aren't. And the reality is that they've been hit by the basic slight ransomware, phishing spearphishing credential stuffing all these attacks are hitting them all the time. And so they need to have those foundational elements in place against those understanding what those are and not worry about the big stuff because the reality is if your organization is going to be hit by a nation state level complex attack. Or you can do fight against that as well, it's going to happen. And that's the thing with a lot of the buzzwords that we see in in cyber today as Matt. >> And and with smaller companies SMB's, I mean is really their only solution to go with, you know, cloud providers and other types of organizations and have the resources to get the people and the systems and the processes to really protect them because you can't expect you to just flowers down down off fourth street to be have any type of sophistication needed. But as soon as you plug that server in with a website, you're instantly going to get, get attacked , right. >> So the thing is, you can expect that, that guy to be an expert. He's not going to be an expert in cybersecurity and the cost of hiring someone is going to outweigh the value who's getting back. My recommendation that case is to look for organizations that can actually help you to become more cyber resilience. So an organization that I work with, it's actually UK and US basis, the global cyber alliance. They actually produce a small business toolkit. So it's a set of tools which are not chargeable is put together. And some of it might be a white paper, a set of recommendations, it might actually be a vendor developed tool that they can use to download to check the vulnerabilities or something like that. But what it does is it provides a framework for them. So they go through and say, Okay, yeah, I get this. This is English, simple language. And it helps to protect me as a small business owner, not a massive enterprise where actually none of those solutions fits what i one's to. So that's my recommendation to small businesses, look for these types of organization, work with someone like that, listen to what they're doing and learn cyber from them. >> Yeah, that's good tip. I want to, kind of of double click on that. So that makes sense when it's easy to measure your ROI on a small business. I just can't afford the security pros. >> Yeah. >> For bigger companies when they're doing their budgeting for security. To me, it's always a really interesting as i can, it's insurance at some point, you know, wouldn't be great if i could ensure 100% coverage, but we can't. And there's other needs in the business beyond just investing in, in cyber security, how should people think about the budgets relative to, as you just said, the value that they're trying to protect? How do you help people think about their cyber security budgets and allocations. >> So then there needs to be and this is happening, a change in how the conversation works between the security team and the board who own those budgets. What tends to happen today is that there's a cyber team wants to provide the right information to the board that's going to make them see how good what they're doing is and how successful they are and justifies the spend that they've made and also justifies the future investments that they're going to need to make. But very often, that falls back on reporting on big numbers, statistics, we blocked billions of threats. We turned away millions of pieces of malware. Actually, that conversation needs to narrow down and the team should be saying, Okay, so in the last two months, we had Five attacks that came in, we actually dealt with them by doing this, this is the changes that we've made, this is what we've learned. However, if we had had this additional or this switched on, then we would have been more successful or we'd have been faster or we could have turned down the time on doing that. Having that risk and compliance type conversation is actually adding value to the security solutions they've got and the board understand that they get that conversation, you're going to be happy to engage. This is happening, this is something that is happening. And it will, it's going to get better and better. But that's that's where things need to go. >> Right. Cause the other hard thing is it's kind of like we've joked earlier, it's kind of like an offensive lineman, they do a great job for 69 plays. And on the seventh seventh play, they get a holding call. That's all anybody sees . And you know, there's, again, that was part of robots, keynote that we can't necessarily brag about all the DDoS taxes that we stopped cause we can't let the bad guys kind of know where we're, we're being successful. So it's a little bit of a challenge in tryna show the ROI. Show the value when you can't necessarily raise your hand and say, hey, we stopped the 87. Tax. >> Yeah, >> Cause it's only the 88. That really is the one that that showed up in the Wall Street Journal. >> I think the thing with that is when organizations are looking at security solutions, specifically, we're very aware of that. As you know, organizations struggle to get customer references, you'll see a lot of the references are major financial, large manufacturing organization, because companies don't want to step up and say, I implemented security, they did this because the reverse of that is, she didn't have it before then >> Right right, or we'll go in that door not that door. >> Yeah and so, but there are a lot of good testing organizations out there that actually do take the security solutions, and run them through very, very stringent tests and then report back on the success of those tests. So you know, we work closely with NSX labs, for example, we've had some very good reports that have come out from there, where they do a drill down into how fast how much, how many, and then that's the kind of You can then take to the board. That's the kind of thing that you can publicize to say, the reason that we're using Juniper X or x firewalls is because in this report, this is what it said, this is how good that product was. And then you're not admitting a weakness. You're actually saying we're strong because we did this work in this research background. >> Right, very different kind of different approach. >> Yeah, yeah. >> Yeah well, Lawrence really enjoyed the conversation. We'll have to leave it here. But I think you have no shortage of job security, even though we will know everything in 2020 with the benefit of hindsight. >> Really, yeah thank you very much for that. >> All right. Thanks a lot. Alright, he's Lawrence. I'm Jeff. You're watching the cube. We're at RSA 2020 in Moscone. Thanks for watching. We'll see you next time.

>> Narrator: Live from San Francisco it's theCUBE covering RSA Conference 2020 San Francisco brought to you by SiliconANGLE media. >> Welcome back, everybody. Jeff Frick here with theCUBE. We are at the RSA 2020, a really special segment. As you can tell it's really quiet here, it's not like normal CUBE action, we are here before the expo hall even opens on Thursday morning with a very special guest, we pulled them away from a crazy busy week if not more, it's Rohit Ghai the president of RSA, Rohit great to see you again. >> Always a pleasure, thanks Jeff. >> Absolutely, so I was really looking forward to this, I was really impressed by the opening keynotes, first it rolled out George Takei, that's a pretty bold move even more bold is to try to follow him up. >> Totally (laughing) >> So congratulations, and you know, that was pretty brave. >> I appreciate it, thank you. That was quite a, you know, quite a hurdle to got to follow George Takei. >> Right, and I just want to get kind of these other things that were kind of bubbling above the surface out of the way you know, a big piece of news, I think a week it came out before the show is that RSA was sold to Symphony I believe? >> Rohit: Symphony Technology Group. >> Right, so give us a little bit of the story there. >> Absolutely, so you know we entered into a definitive agreement, Symphony Technology Group acquiring RSA from Dell Technologies. What this does is this it basically clarifies the swim lanes for Dell Technologies to focus on intrinsic security and RSA can focus on managing digital and cyber risk, and you know, we are excited about the opportunity to become agile and independent and you know, kind of play in a smaller company setting to pursue our future, so we are super excited to be part of Symphony. >> Yeah, that's great, and the other thing that's kind of a pall, I mean just to put it out there is the corona virus thing. And you know, Mobile World Congress, a completely different show but a big show, probably the first big show of our industry this year was canceled. A hundred thousand plus people, so I just am just wondering if you can share kind of what were some of your thoughts and the team's thoughts 'cause we were all curious to see well how is this going to happen, there was a couple of drop outs but I think it's been a very good week. >> It has been a great week, you know what I'll say is it was a demonstration of resilience on part of the attendees, you know when we analyzed the situation what we noted was about 82 plus percent of our attendees are from the Americas right, so there was a core set of attendees that were perhaps not as impacted in terms of travel, et cetera, so we decided to move forward, we've been in close collaboration with the CDC and the mayor's office right here, Major London Breed's office right here is SF to make sure it's going to be a safe event for everyone and you know, the team put together a great kind of set of measures to make sure everyone has hand sanitizer. >> Great, great. >> And you know, we made sure we did what was needed to manage the risk and ensure resilience through this sort of you know very global risk that is playing out, so very proud of the team, and we garnered 40 thousand plus attendees despite you know, despite the coronavirus issue. >> You know, good job I am sure it was touch and go and a real sensitive situation and I can tell you a lot of other people and event organizers you know, were getting ready to head into a very busy event season, it's what we do and so, you know nice kind of lead indicator from you to execute with caution. >> I appreciate it, thank you. >> So let's jump into the fun stuff. So your key note was not really talking that much about bad guys and technology and this and that, you talked about story telling and you got very much into kind of the human element, which is the theme this year, but really the role of stories, the importance of stories, and most importantly for the security industry to take back their story and not let it get away from them. >> You summed it up really well Jeff, and you know what I said is hey if the theme of the conference is the human element, let's explore what intrinsically makes us human and the point, you know you've all know that it is stories that makes us human and I feel we've lost control of the narrative as an industry and as such we need to take that back and make sure we clarify the role of all the human characters in our story because until we do that, until we change our story we have no shot at changing our reality. >> Right, but you're kind of in a weird spot right, it's the classic spy dilemma. You can't necessarily tell people what you know because then they'll know that you know it and you might not be able to get more or better information down the road, so as you said in you keynote you don't necessarily have the ability to celebrate your wins, and a DDoS attack thwarted doesn't make the news. I keep thinking it's like ref in a game or like a offensive lineman in football you only hear about them on that one play when they get the holding call, not the 70 other plays were they did their job. >> Rohit: Totally, totally. >> So it's a unique challenge though >> It is, it is a challenge, it is not an easy problem and you know, there is a couple of recipes that I put out there for us to consider as an industry is you know, recipe one is we can celebrate our successes at a collective level right so, just like we put out breach reports, et cetera, in terms of what the statistics are, where the breaches are animating from we can talk about defensive strategies that are working at a collective level as an industry and share that sort of best practices recipes to win, that would be a fine start. I think another area, another point that I made was that we don't have to win for the hacker to lose. 71% of the breaches were motivated by financial gains, right, and as such if we, despite breaches, which is not a win for us, if we deny financial gain to the hackers we make them lose and they are subject to the same laws of economics, they have a profit and loss statement, they are spending resources for gain and when we deny them gain we make them lose, so those are a couple of ideas on how we can begin to change the narrative. >> Right. So the other piece of the human part is the rise of the bots, right, and the raise of AI and the rise of these increasingly smart and sophisticated machines. I think I saw one of those reports that we talk about on air was you know that people are an increasingly targeted group we hear it all the time, we hear about social engineering. As that gets more complicated, how does the role of people change? 'Cause clearly they can't monitor tens and tens and hundreds of thousands of concurrent attacks all the time. >> Absolutely, so you know the bad guys are using AI you know I cited the example of a deep fake audio clip that actually duped the CEO into initiating a wire transfer so they are using all these sophisticated attacks so to your point, we cannot rely on the end user to discern through these very sophisticates. It's unfair for us to think of them as the first line of defense, we have to on the IT side, we have to bring in technology, make the technology more usable, so you don't have to pay attention to this one millimeter by one millimeter lock at the corner of the browser to realize whether a web interaction is safe or not. We need to make more usable software, we need to do a better job of managing and reducing vulnerabilities to reduce the attack surface so IT has to step up in that regard, and then on the security teams I think they have to step up to use AI to detect bot initiated attacks so we are not leaning on the human to discern what is an anomalous interaction and what could be a phishing or a smishing attack, et cetera, you know we need to bring AI to fight the good fight on our behalf. >> Right. So the other kind of angle on that I thought was really interesting, Wendy's keynote, a couple of keynotes after yours from Cisco talked about, you know, a theme we see over and over in tech which is really kind of the democratization of security and get it out of just the hallowed halls of the super billion CSOCs and technologists that are just security and open it up to everybody so make them part of the solution and not those pesky people that keep clicking on links that they are not supposed to. >> Absolutely. She did a great job of kind of making that point and you know the way I think about it is again we need to move from a culture of elitism to a culture of inclusion. Until we really get the steaming going, not just within the security professionals which we are doing a better job of certainly in the industry, but we have to team with the user, the IT and the business teams in order to have a shot at tipping the balance in our favor. >> Yeah, it's really funny 'cause that kind of democratization theme is something that we see kind of across many levels of technology, whether it's in big data, can get away from the data scientists, in doing your own reports, in having access to your own marketing material and you know, so it's kind of funny that now we are just hearing it here I guess the last bastion of we're the smartest people in the room, no no, you need to use all the brain power. >> All the brain power. I use the phrase let's stop being STEM snobs and let's be more inclusive, and you know garner the entire spectrum of the diverse talent pool that we have available and you know making the point, perhaps a provocative point, that the cyber talent gap, a bit of it might be actually self-inflicted because we have been in this sort of elitism mindset. >> Right, and I think one of the themes that you talked about in you keynote was because of kind of the elite mindset we only want to focus on the elite challenges and in fact it's not the hardest challenges that are necessarily the most dangerous or the ones that are more frequently used, it doesn't have to be the craziest hardest way in. >> It absolutely does not. The point I made was preparing for the worse does not prepare you for the likely and the statistics are overwhelming. 60% of the breaches were on the back of six stolen credentials. That's a pretty table stakes basic issue that ought to be just taken off the table, and if we take care of the basics then we can focus our energy on the corner cases but let's first prepare for the likely before we get to the worst situations. >> Right. So Rohit I'm just curious to get your take as you have been here for the last couple of days, you know you did a whole lot of work getting into that keynote and getting this thing up and off the ground but you've had a couple of days to be here walked around, talked to a lot of customers and clients, partners, I wonder if there is anything that's kind of come up as a theme that you either didn't expect or kind of reinforced some of thoughts that you had coming into this week. >> Absolutely. I think if I would've net it out Jeff what I'm sensing is there is a whole movement to shift security left, which is this whole idea of IT stepping up as the first line of defense, reduce cyber exposure, take care of patching, multi-factor authentication, reduce the attack surface intrinsic security right so DevOps and SecDevOps take care of it right up front before the apps even get built right, then there is another movement to shift things right which is take care of the new aspects of the attack surface right, what the hacker always take advantage of are the areas where they sense we are unprepared and for a long time they've seen us being unprepared in terms of reducing the attack surface and then they go after the new aspects of the attack surface and what are those? IT, IoT, OT, data as an attack surface and the Edge right, so these are areas were there is a lot of activity, a lot of innovation, you know, on the floor here if you walk the corners shifting left shifting right as in all the new aspects of the attack surface. I am seeing a lot of conversations, a lot of innovation is that area. >> Yeah. Well, there's certainly no shortage of innovation in the companies here and in fact I think it's probably one of the biggest challenges that I think of from a virus perspective is to walk this floor and to figure it all out 'cause I don't know how many thousand of vendors there are but there's really big ones and there is lot's of little ones like you said tucked in the corner in kind of the cutting edge of the innovation. What advice do you give to people who is their first time coming to RSA? >> Yes, I think you know, it's a huge challenge for customers, there's 14 of every category. I think the customers what they have to see is they have to think about the recipe rather they have to focus not on the tool but the concept behind the tool, and think about the architecture right and they should seek out vendors that take this platform approach. It is, you know, the market hasn't consolidated that much where they can just go to a few vendors but when they build that architecture they should choose vendors that behave well as a puzzle piece in the jigsaw puzzle that our customers are having to assemble together right, that they are investing in the API integrations on the edges so they can slot in and be part of a broader solution. That's a key, key criteria that customers should utilize in their selection of the vendors. >> Yes, that's good. That's good advice, and they should be listening. So Rohit, thanks again for your time. Congratulations on a week and I hope you get that weekend of absolutely nothing coming up in just a couple of days that you talked about. >> I absolutely do. The joke I made was, you know, the only time I'm okay being labeled as useless is the weekend after RSA conference. So, I fully look forward to being useless over this weekend, it's been a great week and thank you again for having me. >> All right, two more days, 48 hours. All right, thanks again. He's Rohit, I'm Jeff, you're watching theCUBE. We're at RSA 2020, the year we're going to know everything with the benefit of hindsight. We're not quite there yet but we're trying yo get a little closer. Thanks for watching, we'll see you next time. (upbeat music)

>>Fly from San Francisco. It's the cube covering RSA conference, 2020 San Francisco brought to you by Silicon angle media. >>Hi everyone. Welcome back to the cubes coverage here at in San Francisco, the Moscone center for RSA conference 2020 I'm job for your host. We are the very special guests, the COO of VMware, Sanjay Poonen, cube alumni. When you talk about security, talk about the modern enterprise as it transforms new use cases, new problems emerge. New opportunities exist here to break it down. Sanjay, welcome back. Thank you John. Always a pleasure to be on your show and I think it's my first time at RSA. We've talked a number of times, but nice to see you here. Well, it's a security guard. Well, this is really why I wanted you to talk, talk to you because operations is become now the big conversation around security. So you know, security was once part of it. It comes out and part of the board conversation, but when you look at security, all the conversations that we're seeing that are the most important conversations are almost a business model conversation. >>Almost like if you're the CEO of the company, you've got HR people, HR, organizational behavior, collaboration, technology, stack compliance and risk management. So the threat of cyber has to cut across now multiple operational functions of the business. It's no longer one thing, it's everything. So this is really kind of makes it the pressure of the business owners to be mindful of a bigger picture. And the attack velocity is happening so much faster, more volume of attacks, milliseconds and nanosecond attacks. So this is a huge, huge problem. I need you to break it down for me. >> Good. But then wonderful intro. No, I would say you're absolutely right. First off, security is a boardroom topic. Uh, audit committees are asking, you know, the CIO so often, you know, reports a report directly, sometimes, often not even to the CIO, to the head of legal or finance and often to the audit. >>So it's a boardroom topic then. You're right, every department right now cares about security because they've got both threat and security of nation state, all malicious, organized crime trying to come at them. But they've also got physical security mind. I mean, listen, growing a virus is a serious threat to our physical security. And we're really concerned about employees and the idea of a cyber security and physical security. We've put at VMware, cybersecurity and, and um, um, physical security. One guy, the CIO. So he actually runs vote. So I think you're absolutely right and if you're a head of HR, you care about your employees. If you're care ahead of communications, you care about your reputation and marketing the same way. If you're a finance, you care about your accounting systems and having all of the it systems that are. So we certainly think that holistic approach does, deserves a different approach to security, which is it can't be silo, silo, silo. >>It has to be intrinsic. And I've talked on your show about why intrinsic and how differentiated that intrinsic security, what I talked about this morning in my keynote. >> Well, and then again, the connect the dots there. It's not just security, it's the applications that are being built on mobile. For instance, I've got a mobile app. I have milliseconds, serious bond to whether something's yes or no. That's the app on mobile. But still the security threat is still over here and I've got the app over here. This is now the reality. And again, AirWatch was a big acquisition that you did. I also had some security. Carbon black was a $2 billion acquisition that VMware made. That's a security practice. How's it all coming together? Can you think of any questions? Blame the VMware because it's not just security, it's what's around it. >> Yeah. I think we began to see over the course of the last several years that there were certain control points and security that could help, you know, bring order to this chaos of 5,000 security vendors. >>They're all legitimate. They're all here at the show. They're good vendors. But you cannot, if you are trying to say healthy, go to a doctor and expect the doctor to tell you, eat 5,000 tablets and sailed. He just is not sustainable. It has to be baked into your diet. You eat your proteins, your vegetables, your fruit, your drink, your water. The same way we believe security needs to become intrinsically deeper parts, the platform. So what were the key platforms and control points? We decided to focus on the network, the endpoint, and you could think of endpoint as to both client and workload identity, cloud analytics. You take a few of those and network. We've been laboring the last seven years to build a definitive networking company and now a networking security company where we can do everything from data center networking, Dell firewalls to load balancing to SDN in this NSX platform. >>You remember where you bought an nice syrup. The industry woke up like what's VM ever doing in networking? We've now built on that 13,000 customers really good growing revenue business in networking and and now doing that working security. That space is fragmented across Cisco, Palo Alto, FIU, NetScaler, checkpoint Riverbed, VMware cleans that up. You get to the end point side. We saw the same thing. You know you had an endpoint management now workspace one the sequel of what AirWatch was, but endpoint security again, fragmented. You had Symantec McAfee, now CrowdStrike, tenable Qualis, you know, I mean just so many fragmented IOM. We felt like we could come in now and clean that up too, so I have to worry about to do >> well basically explaining that, but I want to get now to the next conversation point that I'm interested in operational impact because when you have all these things to operationalize, you saw that with dev ops and cloud now hybrid, you got to operationalize this stuff. >>You guys have been in the operations side of the business for our VMware. That's what you're known for and the developers and now on the horizon I gotta operationalize all the security. What do I do? I'm the CSO. I think it's really important that in understanding operations of the infrastructure, we have that control point called vSphere and we're now going to take carbon black and make it agentless on the silverside workloads, which has never been done before. That's operationalizing it at the infrastructure level. At the end point we're going to unify carbon black and workspace one into a unified agent, never been done before. That's operationalizing it on the client side. And then on the container and the dev ops site, you're going to start bringing security into the container world. We actually happened in our grade point of view in containers. You've seen us do stuff with Tansu and Kubernetes and pivotal. >>Bringing that together and data security is a very logical thing that we will add there. So we have a very good view of where the infrastructure and operations parts that we know well, a vSphere, NSX workspace one containers with 10 Xu, we're going to bring security to all of them and then bake it more and more in so it's not feeling like it's a point tool. The same platform, carbon black will be able to handle the security of all of those use cases. One platform, several use cases. Are you happy with the carbon black acquisition? Listen, you know, you stay humble and hungry. Uh, John for a fundamental reason, I've been involved with number of acquisitions from my SAP VMware days, billion dollar plus. We've done talking to us. The Harvard business review had an article several years ago, which Carney called acquisitions and majority of them fail and they feel not because of process of product they feel because good people leave. >>One of the things that we have as a recipe does acquisition. We applied that to AirWatch, we apply the deny Sera. There is usually some brain trust. You remember in the days of nice area, it was my team Cosato and the case of AirWatch. It was John Marshall and that team. We want to preserve that team to help incubate this and then what breve EV brings a scale, so I'm delighted about Patrick earlier. I want to have him on your show next time because he's now the head of our security business unit. He's culturally a fit for the mr. humble, hungry. He wants to see just, we were billion dollar business now with security across networking endpoint and then he wants to take just he's piece of it, right? The common black piece of it, make it a billion dollar business while the overall security business goes from three to five. >>And I think we're going to count them for many years to come to really be a key part of VMware's fabric, a great leader. So we're successful. If he's successful, what's my job then? He reports to me is to get all the obstacles out of the way. Get every one of my core reps to sell carbon black. Every one of the partners like Dell to sell carbon black. So one of the deals we did within a month is Dell has now announced that their preferred solution on at Dell laptops, this carbon bike, they will work in the past with silence and crowd CrowdStrike. Now it's common black every day laptop now as a default option. That's called blank. So as we do these, John, the way we roll is one on here to basically come in and occupy that acquisition, get the obstacles out of the way, and that let Patrick scaled us the same way. >>Martine Casado or jumbo. So we have a playbook. We're gonna apply that playbook. Stay humble and hungry. And you ask me that question every year. How are we doing a carbon black? I will be saying, I love you putting a check on you. It will be checking in when we've done an AirWatch. What do you think? Pretty good. Very good. I think good. Stayed line to the radar. Kept growing. It's top right. Known every magic quadrant. That business is significant. Bigger than the 100 million while nice here. How do we do a nice hero? NSX? It's evolved quite a bit. It's evolved. So this is back to the point. VMware makes bets. So unlike other acquisitions where they're big numbers, still big numbers, billions or billions, but they're bets. AirWatch was a good bet. Turned out okay. That the betting, you're being conservative today anyway. That's it. You're making now. >>How would you classify those bets? What are the big bets that you're making right now? Listen, >> I think there's, um, a handful of them. I like to think of things as no more than three to five. We're making a big bet. A multi-cloud. Okay. The world is going to be private, public edge. You and us have talked a lot about VMware. AWS expanded now to Azure and others. We've a big future that private cloud, public cloud edge number two, we're making a big bet on AB motorization with the container level 10 zoos. I think number three, we're making a big bet in virtual cloud networking cause we think longterm there's going to be only two networking companies in matter, VMware and Cisco. Number four, we're making a big bet in the digital workspace and build on what we've done with AirWatch and other technologies. Number five, and make it a big bet security. >>So these five we think of what can take the company from 10 to 20 billion. So we, you know, uh, we, we've talked about the $10 billion Mark. Um, and the next big milestone for the company is a 20 billion ball Mark. And you have to ask yourself, can you see this company with these five bets going from where they are about a 10 billion revenue company to 20. Boom. We hope again, >> Dave, a lot that's doing a braking and now he might've already shipped the piece this morning on multi-cloud. Um, he and I were commenting that, well, I said it's the third wave of cloud computing, public cloud, hybrid multi-cloud and hybrids, the first step towards multi-cloud. Everyone kind of knows that. Um, but I want to ask you, because I told Dave and we kind of talked about this is a multi-decade growth opportunity, wealth creation, innovation, growth, new opportunity multicloud for the generation. >>Take the, this industry the next level. How do you see that multicloud wave? Do you agree on the multigenerational and if so, what specifically do you see that unfolding into this? And I'm deeply inspired by what Andy Jassy, Satya Nadella, you know, the past leading up to Thomas Korea and these folks are creating big cloud businesses. Amazon's the biggest, uh, in the iOS pass world. Azure is second, Google is third, and just market shares. These folks collectively are growing, growing really well. In some senses, VM-ware gets to feed off that ecosystem in the public cloud. So we are firm believers in what you're described. Hybrid cloud is the pot to the multicloud. We coined that term hybrid thought. In fact, the first incantation of eco there was called via cloud hybrid service. So we coined the term hybrid cloud, but the world is not multi-cloud. The the, the key though is that I don't think you're gonna walk away from those three clouds I mentioned have deep pockets. >>Then none of them are going away and they're going to compete hard with each other. The market shares may stay the same. Our odd goal is to be a Switzerland player that can help our customers take VM or workloads, optimize them in the private cloud first. Okay? When a bank of America says on their earnings caller, Brian Warren and said, I can run a private cloud better than a public cloud and I can save 2 billion doing that, okay? It turns off any of the banks are actually running on VMware. That's their goal. But there are other companies like Freddie Mac, we're going all in with Amazon. We want to ride the best of both worlds. If you're a private cloud, we're going to make you the most efficient private cloud, VMware software, well public cloud, and going to Amazon like a Freddie Mac will help you ride your apps into that through VMware. >>So sometimes history can be a predictor of future behavior. And just to kind of rewind the computer industry clock, if you looked at mainframe mini-computers, inter networking, internet proprietary network operating systems dominated it, but you saw the shift and it was driven by choice for customers, multiple vendors, interoperability. So to me, I think cloud multicloud is going to come down to the best choice for the workload and then the environment of the business. And that's going to be a spectrum. But the key in that is multi-vendor, multi, a friend choice, multi-vendor, interoperability. This is going to be the next equation in the modern error. It's not gonna look the same as mainframe mini's networking, but it'll create the next Cisco, the create the next new brand that may or may not be out there yet that might be competing with you or you might be that next brand. >>So interoperability, multi-vendor choice has been a theme in open systems for a long time. Your reactions, I think it's absolutely right, John, you're onto something there. Listen, the multicloud world is almost a replay of the multi hardware system world. 20 years ago, if you asked who was a multi hardware player before, it was Dell, HP at the time, IBM, now, Lenovo, EMC, NetApp, so and so forth and Silva storage, networking. The multicloud world today is Amazon, Azure, Google. If you go to China, Alibaba, so on and so forth. A Motiva somebody has to be a Switzerland player that can serve the old hardware economy and the new hardware economy, which is the, which is the cloud and then of course, don't forget the device economy of Apple, Google, Microsoft, there too. I think that if you have some fundamental first principles, you expressed one of them. >>Listen where open source exists, embrace it. That's why we're going big on Kubernetes. If there are multiple clouds, embrace it. Do what's right for the customer, abstract away. That's what virtualization is. Managed common infrastructure across Ahmed, which is what our management principles are, secure things. At the point of every device and every workload. So those are the principles. Now the engineering of it changes. The way in which we're doing virtualization today in 2020 is slightly different from when Diane started the company and around the year 2020 years ago. But the principals are saying, we're just not working just with the hardware vendors working toward the cloud vendors. So using choices where it's at, the choice is what they want. Absolutely, absolutely. And you're right. It's choice because it was the big workloads. We see, for example, Amazon having a headstart in the public cloud markets, but there's some use cases where Azure is applicable. >>Some use his word, Google's applicable, and to us, if the entire world was only one hardware player or only one cloud player, only one device player, you don't need VMware. We thrive in heterogeneity. It's awesome. I love that word. No heterogeneity provides not 3000 vendors. There's almost three, three of every kind, three silver vendors, three storage vendors, three networking vendors, three cloud vendors, three device vendors. We was the middle of all of it. And yeah, there may be other companies who tried to do that too. If they are, we should learn from them, do it better than them. And competition even to us is a good thing. All right. My final question for you is in the, yeah, the Dell technologies family of which VMware is a part of, although big part of it, the crown jewel as we've been calling them the cube, they announced RSA is being sold to a private equity company. >>What's the general reaction amongst VMware folks and the, and the Dell technology family? Good move, no impact. What we support Dell and you know, all the moves that they've made. Um, and from our perspective, you know, if we're not owning it, we're going to partner it. So I see no overlap with RSA. We partner with them. They've got three core pillars, secure ID, net witness and Archer. We partnered with them very well. We have no aspirations to get into those aspects of governance. Risk and compliance or security has been, so it's a partner. So whoever's running it, Rohit runs on very well. He also owns the events conference. We have a great relationship and then we'll keep doing that. Well, we are focused in the areas I described, network, endpoint security. And I think what Michael has done brilliantly through the course of the last few years is set up a hardware and systems company in Dell and allow the software company called Vima to continue to operate. >>And I think, you know, the movement of some of these assets between the companies like pivotal to us and so on and so forth, cleans it up so that now you've got both these companies doing well. Dell has gone public, we Hammer's gone public and he has said on the record, what's good for Dell is good, what's good for VMware and vice versa and good for the customer. And I think the key is there's no visibility on what cloud native looks like. Hybrid, public, multi, multi, not so much. But you get almost, it's an easy bridge to get across and get there. AI, cyber are all big clear trends. They're waves. Sasha. Great. Thank you. Thanks for coming on. Um, your thoughts on the security show here. Uh, what's your, what's your take to, uh, definitive security shows? I hope it stays that way. Even with the change of where RSA is. >>Ownership goes is this conference in black hat and we play in both, uh, Amazon's conference. I was totally starting to, uh, reinforce, reinforce cloud security will show up there too. Uh, but we, we think, listen, there's what, 30,000 people here. So it's a force. It's a little bit like VMworld. We will play here. We'll play a big, we've got, you know, it just so happens because the acquisition happened before we told them, but we have two big presences here. We were at carbon black, um, and it's an important business for us. And I said, like I said, we have $1 billion business and security today by 30,000 customers using us in a security network, endpoints cloud. I want to take that to be a multi, multiple times that size. And I think there's a pot to do that because it's an adjacent us and security. So we have our own kind of selfish motives here in terms of getting more Mindshare and security. >>We did a keynote this morning, which was well received with Southwest airlines. She did a great job. Carrie Miller, she was a fantastic speaker and it was our way of showing in 20 minutes, not just to our point of view, because you don't want to be self serving a practitioner's point of view. And that's what's really important. Well finally on a personal note, um, you know, I always use the term tech athlete, which I think you are one, you really work hard and smart, but I got to get your thoughts. But then I saw you're not on Twitter. I'm on. When IBM announced a new CEO, Arvin, um, fishnet Indian American, another CEO, this is a pattern. We're starting to see Indian American CEOs running cup American companies because this is the leadership and it's really a great thing in my mind, I think is one of the most successful stories of meritocracy of all time. >>You're quick. I'm a big fan of oven, big fan of Shantanu, Sundar Pichai, something that Ellen, many of them are close friends of mine. Uh, many of them have grown up in Southern India. We're a different ages. Some of them are older than me and in many cases, you know, we were falling behind other great players like Vino Cosla who came even 10 to 15 years prior. And you know, it's hard for an immigrant in this country. You know, um, when I first got here and I came as an immigrant to Dartmouth college, there may have been five or 10 Brown skin people in the town of Hanover, New Hampshire. I don't know if you've been to New Hampshire. I've been there, there's not many at that time. And then the late 1980s, now of course, there's much more, uh, so, you know, uh, we stay humble and hungry. >>There's a part of our culture in India that's really valued education and hard work and people like Arvin and some of these other people are products. I look up to them, the things I learned from them. And um, you know, it's true of India. It's a really good thing to see these people be successful at name brand American companies, whether it's IBM or Microsoft or Google or Adobe or MasterCard. So we're, we're, I'm in that fan club and there's a lot I learned from that. I just love being around people who love entrepreneurship, love innovation, love technology, and work hard. So congratulations. Thank you so much for your success. Great to see you again soon as you put in the COO of VM-ware here on the ground floor here at RSA conference at Moscone, sharing his insight into the security practice that is now carbon black and VMware. All the good things that are going on there. Thanks for watching.

>>Fly from San Francisco. It's the cube covering RSA conference 2020 San Francisco brought to you by Silicon angled medias >>live in. Welcome to the cube coverage here in San Francisco at Moscone hall for RSA 2020 I'm John furrier, host of the cube. We're here breaking down all the actions in cyber security. I'll say three days of wall-to-wall cube coverage. You got two great guests here, experts in the cybersecurity enterprise security space. Over 25 years. We've got two gurus and experts. We've got Bob Mindell, executive vice president of North America cyber practice for cap Gemini and Joe McMahon, head of North America cyber strategy, even a practitioner in the intelligence community. Langley, you've been in the business for 25 years. You've seen the waves guys, welcome to the cube. Thank you John. Thanks for having us. So first let's just take a step back. A cyber certainly on the number one agenda kind of already kind of broken out of it in terms of status, board level conversation, every CSO, risk management and a lot of moving parts. >>Now, cyber is not just a segment in the industry. It is the industry. Bob, this is a big part of business challenge today. What's your view? What was going on? So John has a great point. It's actually a business challenge and that's one of the reasons why it's now the top challenge. It's been a tech challenge for a long time. It wasn't always a business challenge for you as was still considered an it challenge and once it started impacting business and got into a board level discussion, it's now top of mind as a business challenge and how it can really impact the business continuity. Joe is talking before we came on camera about you know CEOs can have good days here and there and bad days then but sees us all have bad days all the time because there's so much, it's so hard. You're on the operations side. >>You see a day to day in the trenches as well as the strategy. This is really an operations operationalizing model. As new technology comes out, the challenge is operationalizing them for not only a business benefit but business risk management. It's like changing an airplane engine out at 35,000 feet. It's really hard. What are you seeing as the core challenge? This is not easy. It's a really complex industry. I mean, you take the word cybersecurity, right? Ready? Cybersecurity conference. I see technology, I see a multitude of different challenges that are trying to be solved. It means something different to everybody, and that's part of the problem is it's a really broad ecosystem that we're in. If you meet one person that says, I know all of cyber, they're lying, right? It's just like saying, I know active directory and GRC and I know DNS and I know how to, how to code, right? >>Those people don't exist and cyber is a little bit the same way. So for me, it's just recognizing the intricacies. It's figuring out the complexities, how people processing technology really fit together and it's an operation. It is an ongoing, and during operation, this isn't a program that you can run. You run it for a year, you install and you're done. There's ebbs and flows. You talked about the CISOs and the bad days. There's wins and there's losses. Yeah. And I think part of that is just having the conversation with businesses. Just like in it, you have bad days and good days wins and losses. It's the same thing in cybersecurity and we've got to set that expectation. Yeah, you didn't bring up a good point. I've been saying this on the cube and we've been having conversations around this. It used to be security as part of it, right? >>But now that it's part of the business, the things that you're mentioning around people, process, technology, the class, that kind of transformational formula, it is business issues, organizational behavior. Not everyone's an expert specialism versus generalists. So this is like not just a secure thing, it's the business model of a company is changing. So that's clear. There's no doubt. And then you've got the completion of the cloud coming, public cloud, hybrid multi-cloud. Bob, this is a number one architectural challenge. So outside of the blocking and tackling basics, right, there's now the future business is at risk. What does cap Gemini do? And because you guys are well known, great brand, helping companies be successful, how do you guys go to customers and say, Hey, here's what you do. What's the, what's the cap Gemini story? >>So the cat termini stories is really about increasing your cybersecurity maturity, right? As Joe said, starting out at the basics. If you look at a lot of the breaches that have occurred today have occurred because we got away from the basics and the fundamentals, right? Shiny new ball syndrome. Really. Exactly exasperates that getting away from the basics. So the technology is an enabler, but it's not the be all and end all right, go into the cloud is absolutely a major issue. That's increasing the perimeter, right? We've gone through multiple ways as we talked about, right? So now cloud is is another way, cloud, mobile, social. How do you deal with those from on prem, off prem. But ultimately it's about increasing your cyber cyber security maturity and using the cloud as just increasing the perimeter, right? So you need to, you really need to understand, you have your first line defense and then your maturity is in place. Whether the data resides in your organization, in the cloud, on a mobile device, in a social media, you're responsible for it all. And if you don't have the basics, then you're, you're really, and you guys bring a playbook, is that what you guys come in and do? Correct. Correct. Right. So our goal is to coordinate people, process technology and leverage playbooks, leverage the run books that we had been using for many years. >>I want to get down to you on this one because of what happens when you take that to the, into the practitioner mode or at implementation. Customers want the best technology possible. They go for the shiny new choice. Bob just laid out. There's also risks too because it may or may not be big. So you've got to balance out. I got to get an edge technically because the perimeters becoming huge surface area now or some say has gone. Now you've got edge, just all one big exposed environment, surface area for vulnerabilities is massive. So I need better tech. How do you balance and obtain the best tech and making sure it works and it's in production and secure. So there's a couple of things, right, and this is not, it's not just our, and you'll hear it from other people that have been around a long time, but a lot of organizations that we see have built themselves so that their cybersecurity organization is supporting all these tools that we see. >>That's the wrong way to do it. The tools should support the mission of the organization, right? If my mission is to defend my enterprise, there are certain things that I need to do, right? There's questions I need to be able to ask and get answers to. There's data I need visibility into. There's protections and controls I need to be able to implement. If I can lay those out in some coordinated strategic fashion and say, here's all the things I'm trying to accomplish, here's who's going to do it. Here's my really good team, here's my skilled resources, here's my workflows, my processes, all that type of stuff. Then I can go find the right technology to put into that. And I can actually measure if that technology is effective in supporting my mission. But too often we start with the technology and then we hammer against it and we run into CISOs and they say, I bought all this stuff and it's not working and come hell yeah. >>And that's backing into it the wrong. So I've heard from CSOs, I'd like they buying all these tools. It's like a tool shed. Don't be the fool with the wrong tool as they I say. But that brings up the question of, okay, as you guys go to customers, what are some of the main pain points or issues that they're trying to overcome that that are opportunities that you guys are helping with? Uh, on the business side and on the technical side, what are some of the things? So on the business side, you know, one is depending on their level of maturity and the maturity of the organization and the board of directors and their belief in, in how they need to help fund this. We can start there. We can start by helping draw out the threat landscape within that organization where they are maturity-wise and where they need to go and help them craft that message to the board of directors and get executive sponsorship from the board down in order to take them from baby, a very immature organization or you know, a reactive organization to an adaptive organization, right. >>And really become defenders. So from a business perspective, we can help them there. From the technology perspective, Joe, uh, you know, or an implementation perspective. I think, you know, it's been a really interesting road like being in this a long time, you know, late two thousands when nation States were first really starting to become a thing. All the industries we were talking to, every customer is like, I want to be the best in my industry. I want to be the shining example. And boards in leadership were throwing money at it and everybody was on this really aggressive path to get there. The conversation is shifted a little bit with a lot of the leadership we talked to. It's, I just want to be good enough, maybe a little bit better than good enough, but my, my objective anymore is it to leave the industry. Cause that's really expensive and there's only one of those. >>My objective is to complete my mission maybe a little bit above and beyond, but I need the right size and right. So we spent a lot of time helping organizations, I would say optimize, right? It's what is the right level of people, what is the right amount of resources, what's the right spend, what's the right investment, the right allocation of technology and mix of everything, right? And sometimes it's finding the right partner. Sometimes it's doing certain things in house. It's, there's no one way to solve this problem, but you've got to go look at the business challenges. Look at the operational realities of the customer, their budgets, all those, their geographies mattered, right? Some places it's easy to hire talent. Some places it's not so easy to hire talent. And that's a good point, right? Some organizations, >>they just need to understand what does good look like and we can, we have so many years of experience. We have so many customers use skates is we've been there and we've done that. We can bring the band and show them this is what good looks like and this is sustainable >>of what good looks like. I want to get your reactions to, I was talking to Keith Alexander, general Keith Alexander, a former cyber command had last night and we were talking about officers, his defense and that kind of reaction. How the Sony hack was was just was just, they just went after him as an example. Everyone knows about that hack, but he really was getting at the idea of human efficiency, the human equation, which is if you have someone working on something that here, but their counterpart might be working on it maybe from a different company or in the same company, they're redundant. So there's a lot of burnout, a lot of people putting out fires. So reactive is clearly, I see as a big trend that the conversation's shifting towards let's be proactive, let's get more efficient in the collaboration as well as the technology. What you, how do you guys react to that? What's your view on that statement? So >>people is the number one issue, in my opinion. In this space, there's a shortage of people. The people that are in it are working very long hours. They're burnt out. So we constantly need to be training and bringing more people into the industry. Then there's the scenario around information sharing, right? Threat information sharing, and then what levels are you comfortable with as an organization to share that information? How can you share best practices? So that's where the ice sacks come into play. That's also where us as a practitioner and we have communities, we have customers, we bring them together to really information, share, share, best practice. It's in all of our best interests. We all have the same goal and the goal is to protect our assets, especially in the United States. We have to protect our assets. So we need, the good thing is that it's a pretty open community in that regards and sharing the information, training people, getting people more mature in their people, process technology, how they can go execute it. >>Yeah. What's your take on the whole human equation piece? Right? So sharing day, you probably heard a word and the word goes back to where I came from, from my heritage as well, but I'm sure general Alexander used the word mission at some point, right? So to me, that's the single biggest rallying point for all of the people in this. If you're in this for the right reasons, it's because you care about the mission. The mission is to defend us. Stop the bad guys from doing days, right? Whether you're defending the government, whether you're defending a commercial enterprise, whether you're defending the general public, right? Whatever the case is, if you're concerned, you know, if you believe in the mission, if you're committed to the mission, that's where the energy comes from. You know, there's a lot of, there's a lot of talk about the skill gap and the talent gap and all of those types of things. >>To me, it's more of a mindset issue than anything. Right? The skill sets can be taught. They can be picked up over time. I was a philosophy major. All right? Somehow I ended up here. I have no idea how, um, but it's because I cared about the mission and everybody has a part to play. If you build that peer network, uh, both at an individual level and at an organizational and a company level, that's really important in this. Nobody's, nobody's an expert at everything. Like we said, you brought a philosophy. I think one of the things I have observed in interviewing and talking to people is that the world's changed so much that you almost need those fresh perspectives because the problems are new problems, statements, technology is just a part of the problem set back to the culture. The customer problem, Bob, is that they got to get all this work done. >>And so what are some of the use cases that you guys are working on that that is a low hanging fruit in the industry or our customer base? How do you guys engage with customers? So our target market is fortune 500 global 1000 so the biggest of the big enterprises in the world, right? And because of that, we've seen a lot of a complex environments, multinational companies as our customers. Right? We don't go at it from a pure vertical base scenario or a vertical base solution. We believe that horizontal cybersecurity can it be applied to most verticals. Right. And there's some tweaking along the way. Like in financial services, there's regulars and FFIC that you need to be sure you adapt to. But for the most part the fundamentals are applicable. All right. With that said, you know, large multinational manufacturing organization, right? They have a major challenge in that they have manufacturing sites all over the world. >>They building something that is, you know, unique. It has significant IP to it, but it's not secure. Historically they would have said, well, nobody's really gonna just deal steal what we do because it's really not differentiated in the world, but it is differentiated and it's a large corporation making a lot of money. Unfortunately ransomware, that'd be a photographer. Ransomware immediately, right? Like exact down their operations and their network, right? So their network goes down. They can have, they can, they can not have zero downtown and their manufacturing plants around the world. So for us, we're implementing solutions and it's an SLA for them is less than six seconds downtime by two that help secure these global manufacturing environment. That's classic naive when they are it. Oh wow. We've got to think about security on a much broader level. I guess the question I have for you guys, Joe, you talk about when do you guys get called in? >>I mean what's your main value proposition that you guys, cause you guys got a broad view of the industry, that expertise. Why do, why are customers calling you guys and what do you guys deliver? They need something that actually works, right? It's, it's you mentioned earlier, I think when we were talking how important experiences, right? And it's, Bob said it too, having been there, done that I think is really important. The fact that we're not chasing hype, we're not selling widgets. That we have an idea of what good looks like and we can help an organization kind of, you know, navigate that path to get there is really important. So, uh, you know, one of our other customers, large logistics company, been operating for a very long time. You know, very, very mature in terms of their, it operations, those types of things. But they've also grown through merger and acquisition. >>That's a challenge, uh, cause you're taking on somebody else's problem set and they just realize, simply put that their existing security operations wasn't meeting their needs. So we didn't come in and do anything fancy necessarily. It's put a strategic plan in place, figure out where they are today, what are the gaps, what do they need to do to overcome those gaps? Let's go look at their daily operations, their concept of operations, their mission, their vision, all of that stuff down to the individual analysts. Like we talked about the mindset and skillset. But then frankly it's putting in the hard work, right? And nobody wants to put in the heart. I don't want to say nobody wants to put in the hard work. That's fun. There's a lot of words that's gets done I guess by the questions that you guys getting called in on from CSOs chief and Mason security officers. >>Guess who calls you? So usually we're in talking to the Cisco, right? We're having the strategic level conversation with the Cisco because the Cisco either has come in new or has been there. They may have had a breach. Then whatever that compelling event may be, they've come to the realization that they're not where they need to be from a maturity perspective and their cyber defense needs revamping. So that's our opportunity for us to help them really increase the maturity and help them become defenders. Guys, great for the insight. Thanks for coming on the cube. Really appreciate you sharing the insights. Guys. Give a quick plug for what you guys are doing. Cap Gemini, you guys are growing. What do you guys look to do? What are some of the things that's going on? Give the company plug. Thanks Sean show. It's been a very interesting journey. >>You know this business started out from Lockheed Martin to Leidos cyber. We were acquired by cap Gemini a year ago last week. It's a very exciting time. We're growing the business significantly. We have huge growth targets for 2020 and beyond, right? We're now over 800 practitioners in North America, over 2,500 practitioners globally, and we believe that we have some very unique differentiated skill sets that can help large enterprises increase their maturity and capabilities plug there. Yeah, I mean, look, nothing makes us happier than getting wins when we're working with an organization and we get to watch a mid level analyst brief the so that they just found this particular attack and Oh by the way, because we're mature and we're effective, that we were able to stop it and prevent any impact to the company. That's what makes me proud. That's what makes it so it makes it fun. >>Final question. We got a lot of CSOs in our community. They're watching. What's the pitch to the CSO? Why, why you guys, we'd love to come in to understand what are their goals, how can we help them, but ultimately where do they believe they think they are and where do they need to go and we can help them walk that journey. Whether it's six months, a year, three years, five years. We can take them along that journey and increase the cyber defense maturity. Joe, speak to the CSO. What are they getting? They're getting confidence. They're getting execution. They're getting commitment to delivery. They're getting basically a, a partner in this whole engagement. We're not a vendor. We're not a service provider. We are a partner. A trusted partner. Yeah, partnerships is key. Building out in real time. A lot new threats. Got to be on offense and defense going on. A lot of new tech to deal with. I mean, it's a board level for a long time. Guys, thanks for coming on. Cap Gemini here inside the cube, bringing their practices, cybersecurity, years of experience with big growth targets. Check them out. I'm John with the cube. Thanks for watching.

>> Narrator: Live from San Francisco. It's theCUBE, covering RSA Conference 2020, San Francisco. Brought to you by, SiliconANGLE Media. >> Welcome back everyone. CUBE coverage here in Moscone in San Francisco for RSA, 2020. I'm John Furrier host of theCUBE. We've got a great guest here talking about cybersecurity and the impact with AI and the role of data. It's always great to have Derek Manky on Chief Security Insights Global Threat Alliances with FortiGuard Lab, part of Fortinet, FortiGuard Labs is great. Great organization. Thanks for coming on. >> It's a pleasure always to be here-- >> So you guys do a great threat report that we always cover. So it covers all the bases and it really kind of illustrates state of the art of viruses, the protection, threats, et cetera. But you're part of FortiGuard Labs. >> Yeah, that's right. >> Part of Fortinet, which is a security company, public. What is FortiGuard Labs? What do you guys do, what's your mission? >> So FortiGuard Labs has existed since day one. You can think of us as the intelligence that's baked into the product, It's one thing to have a world-class product, but you need a world-class intelligence team backing that up. We're the ones fighting those fires against cybercrime on the backend, 24/7, 365 on a per second basis. We're processing threat intelligence. We've got over 10 million attacks or processing just per minute, over a hundred billion events, in any given day that we have to sift through. We have to find out what's relevant. We have to find gaps that we might be missing detection and protection. We got to push that out to a customer base of 450,000 customers through FortiGuard services and 5 million firewalls, 5 million plus firewalls we have now. So it's vitally important. You need intelligence to be able to detect and then protect and also to respond. Know the enemy, build a security solution around that and then also be able to act quickly about it if you are under active attack. So we're doing everything from creating security controls and protections. So up to, real time updates for customers, but we're also doing playbooks. So finding out who these attackers are, why are they coming up to you. For a CSO, why does that matter? So this is all part of FortiGuard Labs. >> How many people roughly involved ? Take us a little inside the curtain here. What's going on? Personnel size, scope. >> So we're over 235. So for a network security vendor, this was the largest global SOC, that exists. Again, this is behind the curtain like you said. These are the people that are, fighting those fires every day. But it's a large team and we have experts to cover the entire attack surface. So we're looking at not just a viruses, but we're looking at as zero-day weapons, exploits and attacks, everything from cyber crime to, cyber warfare, operational technology, all these sorts of things. And of course, to do that, we need to really heavily rely on good people, but also automation and artificial intelligence and machine learning. >> You guys are walking on a tight rope there. I can only imagine how complex and stressful it is, just imagining the velocity alone. But one of the trends that's coming up here, this year at RSA and is kind of been talking about in the industry is the who? Who is the attacker because, the shifts could shift and change. You got nation states are sitting out there, they're not going to have their hands dirty on this stuff. You've got a lot of dark web activity. You've got a lot of actors out there that go by different patterns. But you guys have an aperture and visibility into a lot of this stuff. >> Absolutely. >> So, you can almost say, that's that guy. That's the actor. That's a really big part. Talk about why that's important. >> This is critically important because in the past, let's say the first generation of, threat intelligence was very flat. It was to watch. So it was just talking about here's a bad IP, here's a bad URL, here's a bad file block hit. But nowadays, obviously the attackers are very clever. These are large organizations that are run a lot of people involved. There's real world damages happening and we're talking about, you look at OT attacks that are happening now. There's, in some cases, 30, $40 million from targeted ransom attacks that are happening. These people, A, have to be brought to justice. So we need to understand the who, but we also need to be able to predict what their next move is. This is very similar to, this is what you see online or CSI. The police trynna investigate and connect the dots like, plotting the strings and the yarn on the map. This is the same thing we're doing, but on a way more advanced level. And it's very important to be able to understand who these groups are, what tools they use, what are the weapons, cyber weapons, if you will, and what's their next move potentially going to be. So there's a lot of different reasons that's important. >> Derek, I was riffing with another guest earlier today about this notion of, government protection. You've got a military troops drop on our shores and my neighborhood, the Russians drop in my neighborhood. Guess what, the police will probably come in, and, or the army should take care of it. But if I got to run a business, I got to build my own militia. There's no support out there. The government's not going to support me. I'm hacked. Damage is done. You guys are in a way providing that critical lifeline that guard or shield, if you will, for customers. And they're going to want more of it. So I've got to ask you the hard question, which is, how are you guys going to constantly be on the front edge of all this? Because at the end of the day, you're in the protection business. Threats are coming at the speed of milliseconds and nanoseconds, in memory. You need memory, you need database. You've got to have real time. It's a tsunami of attack. You guys are the front lines of this. You're the heat shield. >> Yes, absolutely. >> How do you take it to the next level? >> Yeah, so collaboration, integration, having a broad integrated platform, that's our bread and butter. This is what we do. End-to-end security. The attack surface is growing. So we have to be able to, A, be able to cover all aspects of that attack surface and again, have intelligence. So we're doing sharing through partners. We have our core intelligence network. Like I said, we're relying heavily on machine learning models. We're able to find that needle in the haystack. Like, as I said earlier, we're getting over a hundred billion potential threat events a day. We have to dissect that. We have to break it down. We have to say, is this affecting endpoint? Is this effect affecting operational technology? What vertical, how do we process it? How do we verify that this is a real threat? And then most importantly, get that out in time and speed to our customers. So I started with automation years ago, but now really the way that we're doing this is through broad platform coverage. But also machine learning models for and-- >> I want to dig into machine learning because, I love that needle in the haystack analogy, because, if you take that to the next step, you got to stack a needles now. So you find the needle in the haystack. Now you got a bunch of needles, where do you find that? You need AI, you got to have some help. But you still got the human component. So talk about how you guys are advising customers on how you're using machine learning and get that AI up and running for customers and for yourselves. >> So we're technology people. I always look at this as the stack. The stack model, the bottom of the stack, you have automation. You have layer one, layer two. That's like the basic things for, feeds, threat feeds, how we can push out, automate, integrate that. Then you have the human. So the layer seven. This is where our human experts are coming in to actually advise our customers. We're creating a threat signals with FortiGuard Labs as an example. These are bulletins that's a quick two to three page read that a CSO can pick up and say, here's what FortiGuard Labs has discovered this week. Is this relevant to my network? Do I have these protections in place. There's also that automated, and so, I refer to this as a centaur model. It's half human half machine and, the machines are driving a lot of that, the day to day mundane tasks, if you will, but also finding, collecting the needles of needles. But then ultimately we have our humans that are processing that, analyzing it, creating the higher level strategic advice. We recently, we've launched a FortiAI, product as well. This has a concept of a virtual-- >> Hold on, back up a second. What's it called? >> FortiAI. >> So it's AI components. Is it a hardware box or-- >> This is a on-premise appliance built off of five plus years of learning that we've done in the cloud to be able to identify threats and malware, understand what that malware does to a detailed level. And, where we've seen this before, where is it potentially going? How do we protect against it? Something that typically you would need, four to five headcount in your security operations center to do, we're using this as an assist to us. So that's why it's a virtual analyst. It's really a bot, if you will, something that can actually-- >> So it's an enabling opportunity for the customers. So is this virtual assistant built into the box. What does that do, virtual analyst. >> So the virtual analyst is able to, sit on premises. So it's localized learning, collect threats to understand the nature of those threats, to be able to look at the needles of the needles, if you will, make sense of that and then automatically generate reports based off of that. So it's really an assist tool that a network admin or a security analyst was able to pick up and virtually save hours and hours of time of resources. >> So, if you look at the history of like our technology industry from a personalization standpoint, AI and data, whether you're a media business, personalization is ultimately the result of good data AI. So personalization for an analyst, would be how not to screw up their job. (laughs) One level. The other one is to be proactive on being more offensive. And then third collaboration with others. So, you starting to see that kind of picture form. What's your reaction to that? >> I think it's great. There's stepping stones that we have to go through. The collaboration is not always easy. I'm very familiar with this. I mean I was, with the Cyber Threat Alliance since day one, I head up and work with our Global Threat Alliances. There's always good intentions, there's problems that can be created and obviously you have things like PII now and data privacy and all these little hurdles they have to come over. But when it works right together, this is the way to do it. It's the same thing with, you talked about the data naturally when he started building up IT stacks, you have silos of data, but ultimately those silos need to be connected from different departments. They need to integrate a collaborate. It's the same thing that we're seeing from the security front now as well. >> You guys have proven the model of FortiGuard that the more you can see, the more visibility you can see and more access to the data in real time or anytime scale, the better the opportunity. So I got to take that to the next level. What you guys are doing, congratulations. But now the customer. How do I team up with, if I'm a customer with other customers because the bad guys are teaming up. So the teaming up is now a real dynamic that companies are deploying. How are you guys looking at that? How is FortiGuard helping that? Is it through services? Is it through the products like virtual assistant? Virtual FortiAI? >> So you can think of this. I always make it an analogy to the human immune system. Artificial neural networks are built off of neural nets. If I have a problem and an infection, say on one hand, the rest of the body should be aware of that. That's collaboration from node to node. Blood cells to blood cells, if you will. It's the same thing with employees. If a network admin sees a potential problem, they should be able to go and talk to the security admin, who can go in, log into an appliance and create a proper response to that. This is what we're doing in the security fabric to empower the customer. So the customer doesn't have to always do this and have the humans actively doing those cycles. I mean, this is the integration. The orchestration is the big piece of what we're doing. So security orchestration between devices, that's taking that gap out from the human to human, walking over with a piece of paper to another or whatever it is. That's one of the key points that we're doing within the actual security fabric. >> So that's why silos is problematic. Because you can't get that impact. >> And it also creates a lag time. We have a need for speed nowadays. Threats are moving incredibly fast. I think we've talked about this on previous episodes with swarm technology, offensive automation, the weaponization of artificial intelligence. So it becomes critically important to have that quick response and silos, really create barriers of course, and make it slower to respond. >> Okay Derek, so I got to ask you, it's kind of like, I don't want to say it sounds like sports, but it's, what's the state of the art in the attack vectors coming in. What are you guys seeing as some of the best of breed tax that people should really be paying attention to? They may, may not have fortified down. What are SOCs looking at and what are security pros focused on right now in terms of the state of the art. >> So the things that keep people up at night. We follow this in our Threat Landscape Report. Obviously we just released our key four one with FortiGuard Labs. We're still seeing the same culprits. This is the same story we talked about a lot of times. Things like, it used to be a EternalBlue and now BlueKeep, these vulnerabilities that are nothing new but still pose big problems. We're still seeing that exposed on a lot of networks. Targeted ransom attacks, as I was saying earlier. We've seen the shift or evolution from ransomware from day to day, like, pay us three or $400, we'll give you access to your data back to going after targeted accounts, high revenue business streams. So, low volume, high risk. That's the trend that we're starting to see as well. And this is what I talk about for trying to find that needle in the haystack. This is again, why it's important to have eyes on that. >> Well you guys are really advanced and you guys doing great work, so congratulations. I got to ask you to kind of like, the spectrum of IT. You've got a lot of people in the high end, financial services, healthcare, they're regulated, they got all kinds of challenges. But as IT and the enterprise starts to get woke to the fact that everyone's vulnerable. I've heard people say, well, I'm good. I got a small little to manage, I'm only a hundred million dollar business. All I do is manufacturing. I don't really have any IP. So what are they going to steal? So that's kind of a naive approach. The answer is, what? Your operations and ransomware, there's a zillion ways to get taken down. How do you respond to that. >> Yeah, absolutely. Going after the crown jewels, what hurts? So it might not be a patent or intellectual property. Again, the things that matter to these businesses, how they operate day to day. The obvious examples, what we just talked about with revenue streams and then there's other indirect problems too. Obviously, if that infrastructure of a legitimate organization is taken over and it's used as a botnet and an orchestrated denial-of-service attack to take down other organizations, that's going to have huge implications. >> And they won't even know it. >> Right, in terms of brand damage, has legal implications as well that happened. This is going even down to the basics with consumers, thinking that, they're not under attack, but at the end of the day, what matters to them is their identity. Identity theft. But this is on another level when it comes to things to-- >> There's all kinds of things to deal with. There's, so much more advanced on the attacker side. All right, so I got to ask you a final question. I'm a business. You're a pro. You guys are doing great work. What do I do, what's my strategy? How would you advise me? How do I get my act together? I'm working the mall every day. I'm trying my best. I'm peddling as fast as I can. I'm overloaded. What do I do? How do I go the next step? >> So look for security solutions that are the assist model like I said. There's never ever going to be a universal silver bullet to security. We all know this. But there are a lot of things that can help up to that 90%, 95% secure. So depending on the nature of the threats, having a first detection first, that's always the most important. See what's on your network. This is things where SIM technology, sandboxing technology has really come into play. Once you have those detections, how can you actually take action? So look for a integration. Really have a look at your security solutions to see if you have the integration piece. Orchestration and integration is next after detection. Finally from there having a proper channel, are there services you looked at for managed incident response as an example. Education and cyber hygiene are always key. These are free things that I push on everybody. I mean we release weekly threat intelligence briefs. We're doing our quarterly Threat Landscape Reports. We have something called threat signals. So it's FortiGuard response to breaking industry events. I think that's key-- >> Hygiene seems to come up over and over as the, that's the foundational bedrock of security. >> And then, as I said, ultimately, where we're heading with this is the AI solution model. And so that's something, again that I think-- >> One final question since it's just popped into my head. I wanted, and that last one. But I wanted to bring it up since you kind of were, we're getting at it. I know you guys are very sensitive to this one topic cause you live it every day. But the notion of time and time elapsed is a huge concern because you got to know, it's not if it's when. So the factor of time is a huge variable in all kinds of impact. Positive and negative. How do you talk about time and the notion of time elapsing. >> That's great question. So there's many ways to stage that. I'll try to simplify it. So number one, if we're talking about breaches, time is money. So the dwell time. The longer that a threat sits on a network and it's not cleaned up, the more damage is going to be done. And we think of the ransom attacks, denial-of-service, revenue streams being down. So that's the incident response problem. So time is very important to detect and respond. So that's one aspect of that. The other aspect of time is with machine learning as well. This is something that people don't always think about. They think that, artificial intelligence solutions can be popped up overnight and within a couple of weeks they're going to be accurate. It's not the case. Machines learn like humans too. It takes time to do that. It takes processing power. Anybody can get that nowadays, data, most people can get that. But time is critical to that. It's a fascinating conversation. There's many different avenues of time that we can talk about. Time to detect is also really important as well, again. >> Let's do it, let's do a whole segment on that, in our studio, I'll follow up on that. I think it's a huge topic, I hear about all the time. And since it's a little bit elusive, but it kind of focuses your energy on, wait, what's going on here? I'm not reacting. (laughs) Time's a huge issue. >> I refer to it as a latency. I mean, latency is a key issue in cybersecurity, just like it is in the stock exchange. >> I mean, one of the things I've been talking about with folks here, just kind of in fun conversation is, don't be playing defense all the time. If you have a good time latency, you going to actually be a little bit offensive. Why not take a little bit more offense. Why play defense the whole time. So again, you're starting to see this kind of mentality not being, just an IT, we've got to cover, okay, respond, no, hold on the ballgame. >> That comes back to the sports analogy again. >> Got to have a good offense. They must cross offense. Derek, thanks so much. Quick plug for you, FortiGuard, share with the folks what you guys are up to, what's new, what's the plug. >> So FortiGuard Labs, so we're continuing to expand. Obviously we're focused on, as I said, adding all of the customer protection first and foremost. But beyond that, we're doing great things in industry. So we're working actively with law enforcement, with Interpol, Cyber Threat Alliance, with The World Economic Forum and the Center for Cyber Security. There's a lot more of these collaboration, key stakeholders. You talked about the human to human before. We're really setting the pioneering of setting that world stage. I think that is, so, it's really exciting to me. It's a lot of good industry initiatives. I think it's impactful. We're going to see an impact. The whole goal is we're trying to slow the offense down, the offense being the cyber criminals. So there's more coming on that end. You're going to see a lot great, follow our blogs at fortinet.com and all-- >> Great stuff. >> great reports. >> I'm a huge believer in that the government can't protect us digitally. There's going to be protection, heat shields out there. You guys are doing a good job. It's only going to be more important than ever before. So, congratulations. >> Thank you. >> Thanks for coming I really appreciate. >> Never a dull day as we say. >> All right, it's theCUBE's coverage here in San Francisco for RSA 2020. I'm John Furrier, your host. Thanks for watching. (upbeat music)

>> Narrator: Live from San Francisco. It's the theCUBE covering RSA Conference 2020 San Francisco, brought to you by SiliconAngle Media. >> Alright, welcome to theCUBE coverage here at RSA Conference in San Francisco and Moscone Halls, theCUBE. I'm John Furrier, the host of theCUBE, in a cyber security is all about encryption data and also security. We have a very hot startup here, that amazing guest, Dr. Ellison Anne Williams, CEO and Founder of Enveil just recently secured a $10 million Series A Funding really attacking a real problem around encryption and use. Again, data ,security, analytics, making it all secure is great. Allison, and thanks for coming on. Appreciate your time. >> Thanks for having me. >> So congratulations on the funding before we get started into the interview talking about the hard news, you guys that are around the funding. How long have you guys been around? What's the funding going to do? What are you guys doing? >> Yeah, so we're about three and a half years old as a company. We just announced our Series A close last week. So that was led by C5. And their new US Funds The Impact Fund and participating. Other partners included folks like MasterCard, Capital One Ventures, Bloomberg, Beta 1843, etc. >> So some names jumped in C5 led the round. >> For sure. >> How did this get started? What was the idea behind this three years you've been actually doing some work? Are you going to production? Is it R&D? Is it in market? Give us a quick update on the status of product and solution? >> Yeah, so full production. For production of the product. We're in fact in 2.0 of the release. And so we got our start inside of the National Security Agency, where I spent the majority of my career. And we developed some breakthroughs in an area of technology called homomorphic encryption, that allows you to perform computations into the encrypted domain as if they were in the unencrypted world. So the tech had never existed in a practical capacity. So we knew that bringing seeds of that technology out of the intelligence community and using it to seed really and start the company, we would be creating a new commercial market. >> So look at this, right? So you're at the NSA, >> Correct >> Your practitioner, they're doing a lot of work in this area, pioneering a new capability. And did the NSA spin it out did they fund it was the seed capital there or did you guys bootstrap it >> No. So our seed round was done by an entity called Data Tribe. So designed to take teams in technologies that were coming out of the IC that wanted to commercialize to do so. So we took seed funding from them. And then we were actually one of the youngest company ever to be in the RSA Innovation Sandbox here in 2017, to be one of the winners and that's where the conversation really started to change around this technology called homomorphic encryption, the market category space called securing data in use and what that meant. And so from there, we started running the initial version of a product out in the commercial world and we encountered two universal reaction. One that we were expecting and one that we weren't. And the one that we were expecting is that people said, "holy cow, this actually works". Because what we say we do keeping everything encrypted during processing. Sounds pretty impossible. It's not just the math. And then the second reaction that we encountered that we weren't expecting is those initial early adopters turned around and said to us, "can we strategically invest in you?" So our second round of funding was actually a Strategic Round where folks like Bloomberg beta,Thomson Reuters, USA and Incue Towel came into the company. >> That's Pre Series A >> Pre Series A >> So you still moving along, if a sandbox, you get some visibility >> Correct. >> Then were the products working on my god is you know, working. That's great. So I want to get into before I get into some of the overhead involved in traditionally its encryption there always has been that overhead tax. And you guys seem to solve that. But can you describe first data-at-rest versus data-in-motion and data-in-user. data at rest, as means not doing anything but >> Yeah, >> In flight or in you so they the same, is there a difference? Can you just tell us the difference of someone this can be kind of confusing. >> So it's helpful to think of data security in three parts that we call the triad. So securing data at rest on the file system and the database, etc. This would be your more traditional in database encryption, or file based encryption also includes things like access control. The second area, the data security triad is securing data- in- transit when it's moving around through the network. So securing data at rest and in transit. Very well solution. A lot of big name companies do that today, folks like Talus and we partner with them, Talus, Gemalto, etc. Now, the third portion of the data security triad is what happens to that data when you go use or process it in some way when it becomes most valuable. And that's where we focus. So as a company, we secure data-in-use when it's being used or processed. So what does that mean? It means we can do things like take searches or analytics encrypt them, and then go run them without ever decrypting them at any point during processing. So like I said, this represents a new commercial market, where we're seeing it manifest most often right now are in things like enabling secure data sharing, and collaboration, or enabling secure data monetization, because its privacy preserving and privacy enabling as a capability. >> And so that I get this right, the problem that you solved is that during the end use parts of the triad, it had to be decrypted first and then encrypted again, and that was the vulnerability area. Look, can you describe kind of like, the main problem that you guys saw was that-- >> So think more about, if you've got data and you want to give me access to it, I'm a completely different entity. And the way that you're going to give me access to it is allowing me to run a search over your data holdings. We see this quite a bit in between two banks in the areas of anti-money laundering or financial crime. So if I'm going to go run a search in your environment, say I'm going to look for someone that's an EU resident. Well, their personal information is covered under GDPR. Right? So if I go run that search in your environment, just because I'm coming to look for a certain individual doesn't mean you actually know anything about that. And so if you don't, and you have no data on them whatsoever, I've just introduced a new variable into your environment that you now have to account for, From a risk and liability perspective under something like GDPR. Whereas if you use us, we could take that search encrypt it within our walls, send it out to you and you could process it in its encrypted state. And because it's never decrypted during processing, there's no risk to you of any increased liability because that PII or that EU resident identifier is never introduced into your space. >> So the operating side of the business where there's compliance and risk management are going to love this, >> For sure. >> Is that really where the action is? >> Yes, compliance risk privacy. >> Alright, so get a little nerdy action on this one. So encryption has always been an awesome thing depending on who you talk to you, obviously, but he's always been a tax associate with the overhead processing power. He said, there's math involved. How does homeomorphic work? Does it have problems with performance? Is that a problem? Or if not, how do you address that? Where does it? I might say, well, I get it. But what's the tax for me? Or is your tax? >> Encryption is never free. I always tell people that. So there always is a little bit of latency associated with being able to do anything in an encrypted capacity, whether that's at rest at in transit or in use. Now, specifically with homomorphic encryption. It's not a new area of encryption. It's been around 30 or so years, and it had often been considered to be the holy grail of encryption for exactly the reasons we've already talked about. Doing things like taking searches or analytics and encrypting them, running them without ever decrypting anything opens up a world of different types of use cases across verticals and-- >> Give those use case examples. What would be some that would be low hanging fruit. And it would be much more higher level. >> Some of the things that we're seeing today under that umbrella of secure data sharing and collaboration, specifically inside of financial services, for use cases around anti-money laundering and financial crimes so, allowing two banks to be able to securely collaborate with with each other, along the lines of the example that I gave you just a second ago, and then also for large multinational banks to do so across jurisdictions in which they operate that have different privacy and secrecy regulations associated with them. >> Awesome. Well, Ellison, and I want to ask you about your experience at the NSA. And now as an entrepreneur, obviously, you have some, you know, pedigree at the NSA, really, you know, congratulations. It's going to be smart to work there, I guess. Secrets, you know, >> You absolutely do. >> Brains brain surgeon rocket scientist, so you get a lot of good stuff. But now that you're on the commercial space, it's been a conversation around how public and commercial are really trying to work together a lot as innovations are happening on both sides of the fence there. >> Yeah. >> Then the ICC and the Intelligence Community as well as commercial. Yeah, you're an entrepreneur, you got to go make money, you got shareholders down, you got investors? What's the collaboration look like? How does the world does it change for you? Is it the same? What's the vibe in DC these days around the balance between collaboration or is there? >> Well, we've seen a great example of this recently in that anti-money laundering financial crime use case. So the FCA and the Financial Conduct Authority out of the UK, so public entity sponsored a whole event called a tech spread in which they brought the banks together the private entities together with the startup companies, so your early emerging innovative capabilities, along with the public entities, like your privacy regulators, etc, and had us all work together to develop really innovative solutions to real problems within the banks. In the in the context of this text spread. We ended up winning the know your customer customer due diligence side of the text brand and then at the same time that us held an equivalent event in DC, where FinCEN took the lead, bringing in again, the banks, the private companies, etc, to all collaborate around this one problem. So I think that's a great example of when your public and your private and your private small and your private big is in the financial services institutions start to work together, we can really make breakthroughs-- >> So you see a lot happening >> We see a lot happening. >> The encryption solution actually helped that because it makes sense. Now you have the sharing the encryption. >> Yeah. >> Does that help with some of the privacy and interactions? >> It breaks through those barriers? Because if we were two banks, we can't necessarily openly, freely share all the information. But if I can ask you a question and do so in a secure and private capacity, still respecting all the access controls that you've put in place over your own data, then it allows that collaboration to occur, whereas otherwise I really couldn't in an efficient capacity. >> Okay, so here's the curveball question for you. So anybody Startup Series today, but you really got advanced Series A, you got a lot of funding multiple years of operation. If I asked you what's the impact that you're going to have on the world? What would you say to that, >> Over creating a whole new market, completely changing the paradigm about where and how you can use data for business purposes. And in terms of how much funding we have, we have, we've had a few rounds, but we only have 15 million into the company. So to be three and a half years old to see this new market emerging and being created with with only $15 million. It's really pretty impressive. >> Yeah, it's got a lot of growth and keep the ownership with the employees and the founders. >> It's always good, but being bootstrap is harder than it looks, isn't it? >> Yeah. >> Or how about society at large impact. You know, we're living global society these days and get all kinds of challenges. You see anything else in the future for your vision of impact. >> So securing data and your supplies horizontally across verticals. So far we've been focused mainly on financial services. But I think healthcare is a great vertical to move out in. And I think there are a lot of global challenges with healthcare and the more collaborative that we could be from a healthcare standpoint with our data. And I think our capabilities enable that to be possible. And still respecting all the privacy regulations and restrictions. I think that's a whole new world of possibility as well. >> And your secret sauce is what math? What's that? What's the secret sauce, >> Math, Math and grit. >> Alright, so thanks for sharing the insights. Give a quick plug for the company. What are you guys looking to do? Honestly, $10 million in funding priorities for you and the team? What do you guys live in to do? >> So priorities for us? privacy is a global issue now. So we are expanding globally. And you'll be hearing more about that very shortly. We also have new product lines that are going to be coming out enabling people to do more advanced decisioning in a completely secure and private capacity. >> And hiring office locations DC. >> Yes. So our headquarters is in DC, but we're based on over the world, so we're hiring, check out our web page. We're hiring for all kinds of roles from engineering to business functionality >> And virtual is okay virtual hires school >> Virtual hires is great. We're looking for awesome people no matter where they are. >> You know, DC but primary. Okay, so great to have you gone. Congratulations for one, the financing and then three years of bootstrapping and making it happen. Awesome. >> Thank you. >> Thank you for coming ,appreciate it. So keep coming to your RSA conference in Moscone. I'm John Furrier. Thanks for watching more after this short break (pop music playing)

>> Narrator: Live from San Francisco, it's theCUBE, covering RSA Conference 2020 San Francisco. Brought to you by SiliconANGLE Media. >> Welcome back everyone. This is theCUBE's coverage from RSA Conference on Moscone South. I'm John Furrier, host of theCUBE. You know, cybersecurity is changing, and the next technology is right around the corner, and it's got to be invented somewhere, and of course Accenture Labs is part of it. Our next guest is Lisa O'Connor, Global Security R&D Lead for Accenture Labs. Lisa's working on some of those hard problems all around the world. Thank you for joining me today. Thanks for coming on. >> Thank you for having me. >> So, we always get the good scoop from Accenture, because you have a lot of smart people in that company. You know, they know their stuff. I know you got a huge analytics team. I've talked to Jean-Luc Chatelain before, and I know you got a massive amount of, deep bench of talent. But as you have to go do the applied R&D, and maybe some of the crazy ideas, you got to start thinking about where the puck is going to be. >> Absolutely. >> You got to understand that. Well, it's pretty clear to us that Cloud is certainly there. Palo Alto Networks had a disappointing earnings yesterday, because their on-premises business is shifting to the Cloud. You're seeing hybrid operating model and multicloud for the enterprise, but now you got global challenges. >> We absolutely do. >> Huge, so what are you guys working on that's coming? Tell us. >> So we're working on lots of exciting things, and Cloud is one of them. But, some of the things I'm so passionate about in labs, and I have the best job at Accenture. Don't tell anyone. (laughs) I do. So, we are working on, like Jean-Luc is working on applied intelligence, we are working on robust AI. So, when we think about AI in the future, how do we feel that, and know that it's okay? How do we put it out there and know it's safe in production, we've done the right training, we've made our model resilient to what's out there? One of the things we see happening, and I love AI, love it. It has great potential, and we get great insights out of it, but a lot of times we stop, we get the insights, and we say, "Okay, it's in the box, we got a couple hits there, "we're good, it's good." No, maybe not. And so really, it's learning and creating the actually applied attacks on AI, and then figuring out what the right defenses are. And, depending on what type of machine learning you're using, those defenses change. And so, we're having a great time in our lab in Washington D.C., working on basically defending AI and building those techniques, so that what we put out as Accenture is robust. >> You know, it's interesting, AI, you watch some of the hardcore, you know, social justice warriors out there going after Amazon, Google, you know, because they're doing some pretty progressive things. Oh, facial recognition, you got AI, you got Alexa. You know, a lot of people are like, "Oh, I'm scared." But, at the end of the day, they also have some challenges like network security, so you have all this AI up and down the stack. And, one thing I like about what's being talked about in the industry is the shared responsibility model. So, I got to ask you, as AI becomes exciting, but also, balancing, frightening to people, how do you get that shared responsibility model, so we get it right, do the experimentation, without people freaking out? (laughs) So, it's kind of like this weird mode we're in now, where I want to do more AI, because I think it benefits society, but everyone's freaking out. >> Yeah, so, in our tech vision that we just launched, The Tech Vision 2020, there's a lot of talk about value and values, which is really important when we think about AI because we can get great value out of it, but there's a values piece of it and it's how we're using it, how we're getting those insights. Because, the one thing, we have this circle, and it's between customer experience, because the companies that do customer experience well are going to excel, they're going to keep their clients, they're going to do amazing things, they're going to become sticky. But, to do that well, you have to be a good custodian of their data and their information, and curated experiences that they want, and not the creepy ones, not the ones they don't want. And so, we really look at that trust is necessary in that ecosystem, in building that, and keeping that with clients. So, that's something that came out of our technology vision. And, in fact, we're going to be talking at the Executive Women's Forum, this is tomorrow, and we're going to be having a panel on AI, and defending it, which will be very interesting. >> Make sure your people film that conference. We'd like to get a view of it on YouTube after. We love those conferences, really insightful. But, I want to get back to what you were talking about, the fun side. >> Yeah. >> You got a lot of new things on, your guys are kicking the tires on, scratching the surface on. You have two operating labs, one in Washington D.C., and one in Israel. What city in Israel? Is it in Tel Aviv or-- >> Herzliya. >> Okay, did not know. >> Yeah, the tech district, just north of Tel Aviv. It's the hotspot. >> So, Silicon Valley, D.C., and Israel, hotbeds of technology now. >> Yes. >> What's coming out of those labs, what's hot? >> Oh, there's so much exciting stuff coming out of our lab in Herzliya. One of the things that we have, and it's something that's been long and coming, it's been brewing for a while, but it's really looking at creating a model of the enterprise security posture. And, when I say a model of it, I'm talking about a cyber digital twin. Because, so much we can't do in our production networks, we don't have the capabilities. We can look around the room, but we don't have the capabilities on the SOCs team side, to ingest all this stuff. We need a playground where we can ask the what-ifs, where we can run high performance analytics, and we do that through a temporal knowledge graph. And, that's a hard thing to achieve, and it's a hard thing to do analytics at scale. So, that's one of the big projects that we're doing out of our Israel lab. >> Are you saying digital twins is a framework for that? >> Yeah. >> Does it really work well with that? >> So the knowledge graph, we can create digital twins around many things, because a digital twin is a model of processes, people, technologies, the statefulness of things, and configurations, whatever you want to pull in there. So, when we start thinking about, what would we take in to create the perfect enterprise security posture? What would give us all the insights? And, then we can ask the questions about, okay, how would an adversary do lateral movement through this? I can't fix everything that's a 10, but I could fix the right ones to reduce the risk impactfully. And, those are the kind of what-ifs that you can do. >> That's real sci-fi stuff, that's right around the corner. >> Yeah, it is. >> That simulation environment. >> It is. >> What-ifs. Oh my god, the company just got hacked, we're out of business. That's your simulation. You could get to, that's the goal, right? >> It absolutely is, to ask those good business questions about the data, and then to report on the risk of it. And, the other thing, as we move to 5G, this problem's getting bigger and bigger, and we're now bringing in very disparate kinds of compute platforms, computing-at-the-edge. And, what does that do to our nice little network model that we had, that our traditional systems are used to defending against? >> I mean, just the segmentation of the network, and the edge opens up so much more aperture-- >> Yes, it does (laughs). >> to the digital twin, or a knowledge graph. You brought up knowledge graph, I want to get your thoughts on this. I was just having dinner last night with an amazing woman out of New York. She's a Ph.D. in computer science. So, we're talking about graphs, and I love riffing on graph databases. But, the topic came up about databases in general, because with the cloud, it's horizontally scalable, you've got all kinds of simulation, a lot of elasticity going on, there's a lot of software being written on this. You got time series database, you got relational database, you got unstructured, and you got graphs. You got to make them all work together. This is kind of the unique challenge. And, with security, leveraging the right database, and the right construct is a super important thing. How do you guys look at that in the labs? Because, is it something that you guys think about, or is it going to be invisible someday? >> Oh, we think about it a lot. In fact, we've had a number of research projects over the last five years now, actually six years, where we've really pivoted hard in cyber security to graph databases. And, the reason for that is, the many-to-many relationships, and what we can do in terms of navigating, asking the questions, pulling on a thread, because in cyber hunting, that's what we're doing. In many of these use cases that we're trying to defend an enterprise, we're following the next new path based on the newest information of now what the challenge is, or what the current configuration is. So, that's really important. So, graph databases enable that so well. Now, there's still the architecture challenge of, okay, when I ask a query, what am I doing? Am I disrupting the whole apple cart? Do I have to process everything over, or is there a way to do that elegantly, where I can ask my query, and because of how I've structured it in storage, I can do it much better, and I can do it much more efficiently. And that, I think, is where the opportunities are. >> I got to tell you, I'm getting exited now on this whole database discussion, because you think about the logic around what you just said. A graph database with that kind of complexity, when you factor in contextually different things happening at any given time, the database needs to be parsed and managed differently. >> Yes. >> That's a huge challenge. >> It is a great research challenge, which is why we're doing it. >> What is that, how far along are we going to be able to have this dynamic, self-evolving, self-governing, self-healing data modeling? Is that coming soon, or... >> Yeah, I hope so. We wrote about it a couple of years ago. >> You did? >> The self-healing enterprise, aspirational. But I think, I mean, we try to get to real time, right? And, we try to get to real time, and again, refactoring. As we talk about what an adversary is going to do, or lateral movement through a business process, we're talking about a lot of computational horsepower to recalculate all that, process it again, update it, and then again present that back. So the number of things we're asking, how we're asking it becomes also very important to the structure. >> Just, it goes zooming up a little bit, high level, what we're really talking about here is value >> of the data. >> Absolutely. >> And, when you get into the valuation of the nodes, and the arcs, and all that graphs, and other databases, you got to know what to pay attention to. It's kind of like going into the hospital and hearing all these alarms going off. At some point you don't know what's, until they hear a flat line, or whatever. >> Right. That's a bad one. >> I mean, well that's obvious. But, now sometimes there's so many alerts, there's so many alarms. How do you understand at any given time what to pay attention to, because obviously when someone's having a problem you want to pay attention to it. If it's a security alert, that's prioritized. >> And the devil is in the analytics, right? What's the question we're asking, and the analytics that give us that prioritization? And that's non-trivial, because there are a lot of other folks that are doing prioritization in a different manner. To do it at scale, and to do it, not just one hop out, but I want to go all the way to the crown jewels, I want that whole path navigated, and I want to know where to cut along that path. That's a hard thing to do. And so, we've actually developed, and we've submitted patents for them, but we've developed new analytics that'll support that. >> Awesome. Well Lisa, I want to ask you kind of a, I'll give you a plug here, just going to get it out, because I think it's important. Skills gap's a big thing, so I want to give you a minute to explain, or share what you're looking for in your hiring. Who are you looking for? What kind of, the make-up of individual, obviously? Maybe, do you use straight, more academic paper kind of people, or practitioners? I mean, when you look to hire, what are some of the priorities that you look for, and who would thrive in an Accenture Lab's environment? >> Oh, my goodness. >> Take a minute to share what you're looking for. >> Yeah, so we love people that think out of the box, and those kinds of people come from very different backgrounds. And so, part of that is, some of them we look for Ph.D.'s, that have wonderful applied skills, and applied is a key word there. White papers are great, I need to be able to prove something, I need to be able to demo something that has value. So, having the applied skills to a business challenge is really important. So, that sort of ground, understanding the business, very important too. But, our talent comes from many different areas. I mean, I kind of joke, my lab looks like the UN, it's wonderful. I have people from across the globe that are in our cyber security lab. I have, in our Washington D.C. lab, we're 50% women, which is also exciting, because we want different experiences, and we shoot for cognitive diversity, right? So, we're looking for people that think differently about solving problems, and are not encumbered by what they've seen in the past, because we're trying to be tip of spear. And, I'm sure you know that from Paul Daugherty. >> Yeah. >> We are trying to be three to five years over the horizon. >> You guys got a good narrative. I always love talking to Accenture, they have a good vision. So, I got to ask you, the next logical question is, obviously, in the news, you see everyone talking about breaches, and ya know, it's not a breach if the door's open, you just walk in. They're really walking in, nothing was really breached, you're just giving it to them. >> Yeah. It's a passive invitation. >> (laughs) Hey come on in. Human error is a big part of it, but then, breach is obviously targeted, phishing, and all that good stuff. But, as those stories get told, there's a whole nother set of stories that aren't being told that are super important. So, I'd love to get your thoughts on, what are the most important stories that we should be talking about that aren't being talked about? >> Yeah, so I have two that are front-of-mind for me. One theme we come back to, and it's not sexy, it's hygiene. It is IT hygiene, and so many of the large companies, and even medium, small companies, we have legacy technology, and keeping that adds complexity, it adds to the whole breadth and depth of what we have to manage and defend. Keeping that attack surface simple and small, cloud-enabled, all those good things, is a real asset and it makes it much easier to defend. So, that's kind of the first non-sexy one, hygiene. The other one I'll say that I think is a challenge that we are not dealing with yet, quantum computing, right? And so, we're on the way to getting our post quantum cryptography in place, but there's another dimension to it, and it's our histories. So, all of the things that have passed on the wire, all the communications with the key exchanges, all that brilliant stuff, is sitting somewhere. Once we get to that point where this becomes very routine, and it's coming fast, we predicted eight years, two years ago. >> So, all that exhaust is somewhere, pent up. >> It's somewhere that, we have to think about how much data we're keeping as custodians, how we're managing it, and then we have to think about the exposure from our past, and say, "Okay, what does that mean that, that was out there?" "Is it aged enough that it doesn't have value?" And, I think there's a real triage that needs to be done, and certainly data management. >> I think, you know, the hygiene brings up a good point. It reminds me of the story Andy Jassy was telling about the mainframe customer that they couldn't find who had the password. They had to find their person, who was retired 10 years earlier to get the password. You don't forget things, but also, there's a human component in all this. Humans and machines are working together. >> Absolutely. >> And. that's a huge part of it. It's not just machines dominating it all, there's going to be a human component, there's a societal impact that we're seeing with information. And, whether that's out in the open, or behind closed doors, there's all kinds of things looming. >> There are, and I think one of the things in the companies that we're seeing who are embracing innovation well, are doing a lot of retraining. Because, the things that people are excellent at, AI is not good at, and the things that AI is good at, are not at all what people are good at. So, the good news is there is a beautiful teaming there, if we retool the skills, or if we re-envision those roles, so that people can get into those roles, and I think that's really important, because I'd rather see AI do all the heavy lifting well, and be trustworthy, and robust and all those great things, and the people be doing the much smarter things that require a human. >> Does the process serve the purpose? Does the purpose serve the process? Same kind of question, right? >> Exactly. >> AI, you can't have great AI that does nothing. >> That's right. >> (laughs) So, it has to be relevant. >> It absolutely does. >> Relevance is kind of a big thing. >> And we own that context, right? Humans own that context. >> Yeah. Yeah. Yeah. Well, thanks for coming in, and sharing the insight. Really appreciate it. Final question, it's always tough to pick your favorite child, but what is your most coolest thing you're working on right now? >> I'll tell you, the cyber digital twin stuff is so cool. >> The what? >> The cyber digital twin stuff is so cool. When you see the power of what that picture, and the analytics can do, we'll show ya. >> Do you have a demo of that now? >> We absolutely do. >> You do. Is it online, or is it more in person you got to see it? >> More in person. >> Okay. >> Folks can reach out, yeah. >> We'll have to get the exclusive on that. >> We do. >> I love those simulations. I think it's very beneficial. >> It is. >> A lot of learning. I mean, who doesn't want practice? >> Well, and a picture, you know that is worth a million dollars. It's just incredible to look at it, and it clicks. It clicks of all the potential things you could ask or do. And, that's the exciting part now, as we show this with customers' and we co-innovate with customers', they're coming up with a laundry list of questions. >> And, this is the beautiful thing about cloud, is that new capabilities are emerging every day, and you could use the good ones. Lisa O'Connor is here. Thank you very much for sharing your insights. Global Security R&D Lead for Accenture Labs. TheCUBE coverage, getting all the signal here on the show floor, extracting that from all the noise. I'm John Furrier, thanks for watching. (upbeat music)

>> Narrator: Live from San Francisco It's theCUBE. Covering RSA Conference 2020, San Francisco. Brought to you by Silicon Angled Media >> Hi everyone, welcome to theCUBE's coverage here at RSA Conference 2020. I'm John Furrier, host of theCUBE We're on the floor getting all the data, sharing it with you here, Cube coverage. Got the best new generation shift happening as cloud computing goes to the whole other level. Multi-cloud, hybrid cloud changing the game. You're seeing the companies transition from an on-premises to cloud architecture. This is forcing all the companies to change. So a new generation of security is here and we've got a great guest, so a hot start-up. Masha Sedova, co-founder of Elevate Security. Welcome to theCUBE, thanks for joining us. >> Thank you so much for having me, John. >> So the next generation in what will be a multi-generational security paradigm, is kind of happening right now with the beginning of, we're seeing the transition, Palo Alto Networks announced earnings yesterday down 13% after hours because of the shift to the cloud. Now I think they're going to do well, they're well positioned, but it highlights this next generation security. You guys are a hot start-up, Elevate Security. What is the sea change? What is going on with security? What is this next generation paradigm about? >> Yeah, so it's interesting that you talk about this as next generation. In some ways, I see this as a two-prong move between, yes, we're moving more into the cloud but we're also going back to our roots. We're figuring out how to do asset management right, we're figuring out how to do patching right, and for the first time, we're figuring how to do the human element right. And that's what where we come in. >> You know, the disruption of these new shifts, it also kind of hits like this, the old expression, 'same wine, new bottle', all this, but it's a data problem. Security has always been a data problem, and we've seen some learnings around data. Visualization, wrangling, there's a lot of best practices around there. You guys are trying to change the security paradigm by incorporating a data-centric view with changing the behavior of the humans and the machines and kind of making it easier to manage. Could you share what you guys are doing? What's the vision for Elevate? >> Yeah, so we believe and we've seen, from our experience being practitioners, you can't change what you can't measure. If you don't have visibility, you don't know where you're going. And that's probably been one of the biggest pain-point in the security awareness space traditionally. We just roll out training and hope it works. And it doesn't, which is why human error is a huge source of our breaches. But we keep rolling out the same one-size fits all approach without wanting to measure or, being able to. So, we've decided to turn the problem on its head and we use existing data sets that most organizations who have a baseline level of maturity already have in place. Your end point protections, your DLP solutions, your proxies, your email security gateways and using that to understand what your employees are doing on the network to see if user generated incidents are getting better over time or getting worse. And using that as the instrumentation and the level of visibility into understanding how you should be orchestrating your program in this space. >> You know, that's a great point. I was just having a conversation last night at one of the cocktail parties here around RSA and we were debating on, we talk about the kind of breaches, you mentioned breaches, well there's the pure breach where I'm going to attack and penetrate the well fortified network. But then there's just human error, an S3 bucket laying open or some configuration problem. I guess it's not really a breach, it's kind of an open door so the kind of notion of a breach is multifold. How do you see that, because again, human error, insider threats or human error, these are enabling the hackers. >> Yeah >> This is not new. >> Yeah. >> How bad is the problem? >> It depends on what report you read. The biggest number I've seen so far is something like 95% of breaches have human error. But I honestly, I couldn't tell you what the 5% that don't include it because if you go far enough back, it's because a patch wasn't applied and there is a human being involved there because there is vulnerability in code, that's probably a secure coding practice when you're a development organization. Maybe it's a process that wasn't followed or even created in the first place. There's a human being at the core of every one of these breaches and, it needs to be addressed as holistically as our technologies and our processes right now in the space. >> The evolution of human intelligence augmented by machines will certainly help. >> That's it, yeah. >> I mean, I've got to ask you, obviously you're well-funded. Costanova Ventures well known in the enterprise space, Greg Sands and the team there, really strong, but you guys entered the market, why? I mean you guys, you and your founder both at Salesforce.com. Salesforce gurus doing a lot of work there. Obviously you've seen the large scale, first wave of the cloud. >> Yeah >> Why do the start-up? What was the problem statement you guys were going after? >> So, my co-founder and I both came from the world of being practitioners and we saw how limited the space was and actually changing human behavior, I was given some animated PowerPoints, said use this to keep the Russians out of your network, which is a practical joke unless your job is on the line, so I took a huge step back and I said, there are other fields that have figured this out. Behavioral science being one of them, they use positive reinforcement, gamification, marketing and advertisements have figured out how to engage the human element, just look around the RSA floor, and there's so many learnings of how we make decisions as human beings that can be applied into changing people's behaviors in security. So that's what we did. >> And what was the behavior you're trying to change? >> Yeah, so the top one's always that our attackers are getting into organizations, so, reducing phishing click-throughs an obvious one, increasing reporting rates, reducing malware infection rates, improving sensitive data handling, all of which have ties back to, as I was mentioning earlier, security data sources. So, we get to map those and use that data to then drive behavior change that's rooted in concepts like social proof, how are you doing compared to your peers? We make dinner decisions on that and Amazon buying decisions on that, why not influence security like that? >> So building some intelligence into the system, is there a particular market you're targeting? I mean, here people like to talk in segments, is there a certain market that you guys are targeting? >> Yeah, so the amazing thing about this is, and probably no surprise, the human element is a ubiquitous problem. We are in over a dozen different industries and we've seen this approach work across all of those industries because human beings make the same mistakes, no matter what kind of company they're in. We really work well with larger enterprises. We work well with larger enterprises because they tend to have the data sets that really provides insights into human behavior. >> And what's the business model you guys envision happening with your service product? >> We sell to enterprises and security, the CISO and the package as a whole, gives them the tools to have the voice internally in their organization We sell to Fortune 1000 companies, >> So it's a SAAS service? >> Yeah, SAAS service, yeah. >> And so what's the technology secret sauce? (laughing) >> Um, that's a great question but really, our expertise is understanding what information people need at what time and under what circumstances, that best changes their behavior. So we really are content diagnostic, we are much more about the engine that understands what content needs to be presented to whom and why. So that everyone is getting only the information they need, they understand why they need it and they don't need anything extra-superfluous to their... >> Okay, so I was saying on theCUBE, my last event was at, CIO's can have good days and bad days. They have good days, CISOs really have good days, many will say bad days, >> Masha: Yeah, it's a hard job. >> So how do I know I need the Elevate Solution? What problem do I have, what's in it for me? What do I get out of it? When do I know when to engage with you guys? >> I take a look at how many user generated incidents your (mumbles) responding to, and I would imagine it is a large majority of them. We've seen, while we were working at Salesforce and across our current customers, close to a 40% reduction rate in user generated incidents, which clearly correlates to time spent on much more useful things than cleaning up mistakes. It's also one of the biggest ROI's you can get for the cheapest investment. By investing a little bit in your organization now, the impact you have in your culture and investing in the future decision, the future mistakes that never get made, are actually untold, the benefit of that is untold. >> So you're really kind of coming in as a holistic, kind of a security data plane if you will, aggregating the data points, making a visualization in human component. >> You've got it. >> Now, what's the human touchpoint? Is it a dashboard? Is it notifications? Personalization? How is the benefit rendered for the customer? >> So we give security teams and CSOs a dashboard that maps their organization's strengths and weaknesses. But for every employee, we give personalized, tailored feedback. Right now it shows up in an email that they get on an ongoing basis. We also have one that we tailor for executives, so the executive gets one for their department and we create an executive leaderboard that compares their performance to fellow peers and I'll tell you, execs love to win, so we've seen immense change from that move alone. >> Well, impressive pedigree on your entrepreneurial background, I see Salesforce has really kind of, I consider real first generation cloud before cloud actually happened, and there's a lot of learn, it was always an Apple case, now it's AWS, but it's it's own cloud as we all know, what are the learnings that you saw from Salesforce that you said hey, I'm going to connect those dots to the new opportunity? What's the real key there? >> So, I had two major aha's that I've been sharing with my work since. One, it's not what people know, but it's what they do that matters, and if you can sit with a moment and think about that, you realize it's not more training, because people might actually know the information, but they just choose not to do it. How many people smoke, and they still know it kills them? They think that it doesn't apply to them, same thing with security. I know what I need to do, I'm just not incentivized to do it, so there's a huge motivation factor that needs to be addressed. That's one thing that I don't see a lot of other players on the market doing and one thing we just really wanted to do as well. >> So it sounds like you guys are providing a vision around using sheet learning and AI and data synthesis wrangling and all that good stuff, to be an assistant, a personal assistant to security folks, because it sounds like you're trying to make their life easier, make better decisions. Sounds like you guys are trying to distract away all these signals, >> You're right. >> See what to pay attention to. >> And make it more relevant, yeah. Well think about what Fitbit did for your own personal fitness. It curates a personal relationship based on a whole bunch of data. How you're doing, goals you've set, and all of a sudden, a couple of miles walk leads to an immense lifestyle change. Same thing with security, yeah. >> That's interesting, I love the Fitbit analogy because if you think about the digital ecosystem of an enterprise, it used to be siloed, IT driven, now with digital, everything's connected so technically, you're instrumenting a lot of things for everything. >> Yeah. >> So the question's not so much instrumentation, it's what's happening when and contextually why. >> That's it, why, that's exactly it. Yeah, you totally got it. >> Okay. I got it. >> Yeah, I can see the light bulb. >> Okay, aha, ding ding. All right, so back to the customer pain point. You mentioned some data points around KPI's that they might or things that they might want to call you so it's incidents, what kind of incidents? When do I know I need to get you involved? Will you repeat those again? >> There's two places where it's a great time to involve. Now, because of the human element is, or think about this as an investment. If you do non-investor security culture, one way or another, you have security culture. It's either hurting you or it's helping you and by hurting you, people are choosing to forego investing security processes or secure cultures and you are just increasing your security debt. By stepping in to address that now, you are actually paying it forward. The second best time, is after you realize you should have done that. Post-breaches or post incidents, is a really great time to come in and look at your culture because people are willing to suspend their beliefs of what good behavior looks like, what's acceptable and when you look at an organization and their culture, it is most valuable after a time of crisis, public or otherwise, and that is a really great time to consider it. >> I think that human error is a huge thing, whether it's as trivial as leaving an S3 bucket open or whatever, I think it's going to get more acute with service meshes and cloud-native microservices. It's going to get much more dynamic and sometimes services can be stood up and torn down without any human knowledge, so there's a lot of blind spots potentially. This brings up the question of how does the collaboration piece, because one of the things about the security industry is, it's a community. Sharing data's important, having access to data, how do you think about that as the founder of a start-up that has a 20 mile steer to the future around data access, data diversity, blind spots, how do you look at that and how do you advise your clients to think about that? >> I've always been really pro data sharing. I think it's one of the things that has held us back as an industry, we're very siloed in this space, especially as it relates to human behavior. I have no idea, as a regular CISO of a company, if I am doing enough to protect my employees, is my phishing click (mumbles), are my malware download rates above normal, below or should I invest more, am I doing enough? How do I do compared to my peers and without sharing industry stats, we have no idea if we're investing enough or quite honestly, not enough in this space. And the second thing is, what are approaches that are most effective? So let's say I have a malware infection problem, which approach, is it this training? Is it a communication? Is it positive reinforcement, is it punishment? What is the most effective to leverage this type of output? What's the input output relation? And we're real excited to have shared data with Horizon Data Breach Report for the first time this year, to start giving back to the communities, specifically to help answer some of these questions. >> Well, I think you're onto something with this behavioral science intersection with human behavior and executive around security practices. I think it's going to be an awesome, thanks for sharing the insights, Miss Masha on theCUBE here. A quick plug for your company, (mumbles) you're funded, Series A funding, take us through the stats, you're hiring what kind of positions, give a plug to the company. >> So, Elevate Security, we're three years old. We have raised ten million to date. We're based in both Berkeley and Montreal and we're hiring sales reps on the west coast, a security product manager and any engineering talent really focused on building an awesome data warehouse infrastructure. So, please check out our website, www.elevatesecurity.com/careers for jobs. >> Two hot engineering markets, Berkeley I see poaching out of Cal, and also Montreal, >> Montreal, McGill and Monterey. >> You got that whole top belt of computer science up in Canada. >> Yeah. >> Well, congratulations. Thanks for coming on theCUBE, sharing your story. >> Thank you. >> Security kind of giving the next generation all kinds of new opportunities to make security better. Some CUBE coverage here in San Francisco, at the Moscone Center. I'm John Furrier, we'll be right back after this break. (upbeat music)