(upbeat music) >> Announcer: From theCUBE studios in Palo Alto in Boston connecting with thought leaders all around the world, this is theCUBE Conversation. >> Well, welcome to theCUBE Conversation here in theCUBE studios in Palo Alto, California. I'm John Furrier, your host. Got a great conversation with two great guests, going to explore the edge, what it means in terms of commercial, but also national security. And as the world goes digital, we're going to have that deep dive conversation around how it's all transforming. We've got Ki Lee, Vice President of Booz Allen's Digital Business. Ki, great to have you. John Pisano, Principal at Booz Allen's Digital Cloud Solutions. Gentlemen, thanks for coming on. >> And thanks for having us, John. >> So one of the most hottest topics, obviously besides cloud computing having the most refactoring impact on business and government and public sector has been the next phase of cloud growth and cloud scale, and that's really modern applications and consumer, and then here for national security and for governments here in the U.S. is military impact. And as digital transformation starts to go to the next level, you're starting to see the architectures emerge where the edge, the IoT edge, the industrial IoT edge, or any kind of edge concept, 5G is exploding, making that much more of a dense, more throughput for connectivity with wireless. You got Amazon with Snowball, Snowmobile, all kinds of ways to deploy technology, that's IT like and operational technologies. It's causing quite a cloud operational opportunity and disruption, so I want to get into it. Ki, let's start with you. I mean, we're looking at an architecture that's changing both commercial and public sector with the edge. What are the key considerations that you guys see as people have to really move fast in this new architecture of digital? >> Yeah, John, I think it's a great question. And if I could just share our observation on why we even started investing in edge. You mentioned the cloud, but as we've reflected upon kind of the history of IT, then you take a look from mainframes to desktops to servers to cloud to mobile and now IoT, what we observed was that industry investing in infrastructure led to kind of an evolution of IT, right? So as you mentioned, with industry spending billions on IoT and edge, we just feel that that's going to be the next evolution. If you take a look at, you mentioned 5G, I think 5G will be certainly an accelerator to edge because of the resilience, the lower latency and so forth. But taking a look at what's happening in space, you mentioned space earlier as well, right, and what Starlink is doing by putting satellites to actually provide transport into the space, we're thinking that that actually is going to be the next ubiquitous thing. Once transport becomes ubiquitous, just like cloud allows storage to be ubiquitous. We think that the next generation internet will be space-based. So when you think about it, connected, it won't be connected servers per se, it will be connected devices. >> John: Yeah, yeah. >> That's kind of some of the observations and why we've been really focusing on investing in edge. >> I want to come back to that piece around space and edge and bring it from a commercial and then also tactical architecture in a minute 'cause there's a lot to unpack there, role of open source, modern application development, software and hardware supply chains, all are core issues that are going to emerge. But I want to get with John real quick on cloud impact, because you think about 5G and the future of work or future of play, you've got people, right? So whether you're at a large concert like Coachella or a 49ers or Patriots game or Redskins game if you're in the D.C. area, you got people there, of congestion, and now you got devices now serving those people. And that's their play, people at work, whether it's a military operation, and you've got work, play, tactical edge things. How is cloud connecting? 'Cause this is like the edge has never been kind of an IT thing. It's been more of a bandwidth or either telco or something else operationally. What's the cloud at scale, cloud operations impact? >> Yeah, so if you think about how these systems are architected and you think about those considerations that Ki kind of touched on, a lot of what you have to think about now is what aspects of the application reside in the cloud, where you tend to be less constrained. And then how do you architect that application to move out towards the edge, right? So how do I tier my application? Ultimately, how do I move data and applications around the ecosystem? How do I need to evolve where my application stages things and how that data and those apps are moved to each of those different tiers? So when we build a lot of applications, especially if they're in the cloud, they're built with some of those common considerations of elasticity, scalability, all those things; whereas when you talk about congestion and disconnected operations, you lose a lot of those characteristics, and you have to kind of rethink that. >> Ki, let's get into the aspect you brought up, which is space. And then I was mentioning the tactical edge from a military standpoint. These are use cases of deployments, and in fact, this is how people have to work now. So you've got the future of work or play, and now you've got the situational deployments, whether it's a new tower of next to a stadium. We've all been at a game or somewhere or a concert where we only got five bars and no connectivity. So we know what that means. So now you have people congregating in work or play, and now you have a tactical deployment. What's the key things that you're seeing that it's going to help make that better? Are there any breakthroughs that you see that are possible? What's going on in your view? >> Yeah, I mean, I think what's enabling all of this, again, one is transport, right? So whether it's 5G to increase the speed and decrease the latency, whether it's things like Starlink with making transport and comms ubiquitous, that tied with the fact that ships continue to get smaller and faster, right? And when you're thinking about tactical edge, those devices have limited size, weight, power conditions and constraints. And so the software that goes on them has to be just as lightweight. And that's why we've actually partnered with SUSE and what they've done with K3s to do that. So I think those are some of the enabling technologies out there. John, as you've kind of alluded to it, there are additional challenges as we think about it. We're not, it's not a simple transition and monetization here, but again, we think that this will be the next major disruption. >> What do you guys think, John, if you don't mind weighing in too on this as modern application development happens, we just were covering CloudNativeCon and KubeCon, DockerCon, containers are very popular. Kubernetes is becoming super great. As you look at the telco landscape where we're kind of converging this edge, it has to be commercially enterprise grade. It has to have that transit and transport that's intelligent and all these new things. How does open source fit into all this? Because we're seeing open source becoming very reliable, more people are contributing to open source. How does that impact the edge in your opinion? >> So from my perspective, I think it's helping accelerate things that traditionally maybe may have been stuck in the traditional proprietary software confines. So within our mindset at Booz Allen, we were very focused on open architecture, open based systems, which open source obviously is an aspect of that. So how do you create systems that can easily interface with each other to exchange data, and how do you leverage tools that are available in the open source community to do that? So containerization is a big drive that is really going throughout the open source community. And there's just a number of other tools, whether it's tools that are used to provide basic services like how do I move code through a pipeline all the way through? How do I do just basic hardening and security checking of my capabilities? Historically, those have tend to be closed source type apps, whereas today you've got a very broad community that's able to very quickly provide and develop capabilities and push it out to a community that then continues to adapt and add to it or grow that library of stuff. >> Yeah, and then we've got trends like Open RAN. I saw some Ground Station for the AWS. You're starting to see Starlink, you mentioned. You're bringing connectivity to the masses. What is that going to do for operators? Because remember, security is a huge issue. We talk about security all the time. Where does that kind of come in? Because now you're really OT, which has been very purpose-built kind devices in the old IoT world. As the new IoT and the edge develop, you're going to need to have intelligence. You're going to be data-driven. There is an open source impact key. So, how, if I'm a senior executive, how do I get my arms around this? I really need to think this through because the security risks alone could be more penetration areas, more surface area. >> Right. That's a great question. And let me just address kind of the value to the clients and the end users in the digital battlefield as our warriors to increase survivability and lethality. At the end of the day from a mission perspective, we know we believe that time's a weapon. So reducing any latency in that kind of observe, orient, decide, act OODA loop is value to the war fighter. In terms of your question on how to think about this, John, you're spot on. I mean, as I've mentioned before, there are various different challenges, one, being the cyber aspect of it. We are absolutely going to be increasing our attack surface when you think about putting processing on edge devices. There are other factors too, non-technical that we've been thinking about s we've tried to kind of engender and kind of move to this kind of edge open ecosystem where we can kind of plug and play, reuse, all kind of taking the same concepts of the open-source community and open architectures. But other things that we've considered, one, workforce. As you mentioned before, when you think about these embedded systems and so forth, there aren't that many embedded engineers out there. But there is a workforce that are digital and software engineers that are trained. So how do we actually create an abstraction layer that we can leverage that workforce and not be limited by some of the constraints of the embedded engineers out there? The other thing is what we've, in talking with several colleagues, clients, partners, what people aren't thinking about is actually when you start putting software on these edge devices in the billions, the total cost of ownership. How do you maintain an enterprise that potentially consists of billions of devices? So extending the standard kind of DevSecOps that we move to automate CI/CD to a cloud, how do we move it from cloud to jet? That's kind of what we say. How do we move DevSecOps to automate secure containers all the way to the edge devices to mitigate some of those total cost of ownership challenges. >> It's interesting, as you have software defined, this embedded system discussion is hugely relevant and important because when you have software defined, you've got to be faster in the deployment of these devices. You need security, 'cause remember, supply chain on the hardware side and software in that too. >> Absolutely. >> So if you're going to have a serviceability model where you have to shift left, as they say, you got to be at the point of CI/CD flows, you need to be having security at the time of coding. So all these paradigms are new in Day-2 operations. I call it Day-0 operations 'cause it should be in everyday too. >> Yep. Absolutely. >> But you've got to service these things. So software supply chain becomes a very interesting conversation. It's a new one that we're having on theCUBE and in the industry Software supply chain is a superly relevant important topic because now you've got to interface it, not just with other software, but hardware. How do you service devices in space? You can't send a break/fix person in space. (chuckles) Maybe you will soon, but again, this brings up a whole set of issues. >> No, so I think it's certainly, I don't think anyone has the answers. We sure don't have all the answers but we're very optimistic. If you take a look at what's going on within the U.S. Air Force and what the Chief Software Officer Nic Chaillan and his team, and we're a supporter of this and a plankowner of Platform One. They were ahead of the curve in kind of commoditizing some of these DevSecOps principles in partnership with the DoD CIO and that shift left concept. They've got a certified and accredited platform that provides that DevSecOps. They have an entire repository in the Iron Bank that allows for hardened containers and reciprocity. All those things are value to the mission and around the edge because those are all accelerators. I think there's an opportunity to leverage industry kind of best practices as well and patterns there. You kind of touched upon this, John, but these devices honestly just become firmware. The software is just, if the devices themselves just become firmware , you can just put over the wire updates onto them. So I'm optimistic. I think all the piece parts are taking place across industry and in the government. And I think we're primed to kind of move into this next evolution. >> Yeah. And it's also some collaboration. What I like about, why I'm bringing up the open source angle and I think this is where I think the major focus will shift to, and I want to get your reaction to it is because open source is seeing a lot more collaboration. You mentioned some of the embedded devices. Some people are saying, this is the weakest link in the supply chain, and it can be shored up pretty quickly. But there's other data, other collective intelligence that you can get from sharing data, for instance, which hasn't really been a best practice in the cybersecurity industry. So now open source, it's all been about sharing, right? So you got the confluence of these worlds colliding, all aspects of culture and Dev and Sec and Ops and engineering all coming together. John, what's your reaction to that? Because this is a big topic. >> Yeah, so it's providing a level of transparency that historically we've not seen, right? So in that community, having those pipelines, the results of what's coming out of it, it's allowing anyone in that life cycle or that supply chain to look at it, see the state of it, and make a decision on, is this a risk I'm willing to take or not? Or am I willing to invest and personally contribute back to the community to address that because it's important to me and it's likely going to be important to some of the others that are using it? So I think it's critical, and it's enabling that acceleration and shift that I talked about, that now that everybody can see it, look inside of it, understand the state of it, contribute to it, it's allowing us to break down some of the barriers that Ki talked about. And it reinforces that excitement that we're seeing now. That community is enabling us to move faster and do things that maybe historically we've not been able to do. >> Ki, I'd love to get your thoughts. You mentioned battlefield, and I've been covering a lot of the tactical edge around the DOD's work. You mentioned about the military on the Air Force side, Platform One, I believe, was from the Air Force work that they've done, all cloud native kind of directions. But when you talk about a war field, you talk about connectivity. I mean, who controls the DNS in Taiwan, or who controls the DNS in Korea? I mean, we have to deploy, you've got to stand up infrastructure. How about agility? I mean, tactical command and control operations, this has got to be really well done. So this is not a trivial thing. >> No. >> How are you seeing this translate into the edge innovation area? (laughs) >> It's certainly not a trivial thing, but I think, again, I'm encouraged by how government and industry are partnering up. There's a vision set around this joint all domain command control, JADC2. And then all the services are getting behind that, are looking into that, and this vision of this military, internet of military things. And I think the key thing there, John, as you mentioned, it's not just the connected of the sensors, which requires the transport again, but also they have to be interoperable. So you can have a bunch of sensors and platforms out there, they may be connected, but if they can't speak to one another in a common language, that kind of defeats the purpose and the mission value of that sensor or shooter kind of paradigm that we've been striving for for ages. So you're right on. I mean, this is not a trivial thing, but I think over history we've learned quite a bit. Technology and innovation is happening at just an amazing rate where things are coming out in months as opposed to decades as before. I agree, not trivial, but again, I think there are all the piece parts in place and being put into place. >> I think you mentioned earlier that the personnel, the people, the engineers that are out there, not enough, more of them coming in. I think now the appetite and the provocative nature of this shift in tech is going to attract a lot of people because the old adage is these are hard problems attracts great people. You got in new engineering, SRE like scale engineering. You have software development, that's changing, becoming much more robust and more science-driven. You don't have to be just a coder as a software engineer. You could be coming at it from any angle. So there's a lot more opportunities from a personnel standpoint now to attract great people, and there's real hard problems to solve, not just security. >> Absolutely. Definitely. I agree with that 100%. I would also contest that it's an opportunity for innovators. We've been thinking about this for some time, and we think there's absolute value from various different use cases that we've identified, digital battlefield, force protection, disaster recovery, and so forth. But there are use cases that we probably haven't even thought about, even from a commercial perspective. So I think there's going to be an opportunity just like the internet back in the mid '90s for us to kind of innovate based on this new kind of edge environment. >> It's a revolution. New leadership, new brands are going to emerge, new paradigms, new workflows, new operations, clearly great stuff. I want to thank you guys for coming on. I also want to thank Rancher Labs for sponsoring this conversation. Without their support, we wouldn't be here. And now they were acquired by SUSE. We've covered their event with theCUBE virtual last year. What's the connection with those guys? Can you guys take a minute to explain the relationship with SUSE and Rancher? >> Yeah. So it's actually it's fortuitous. And I think we just, we got lucky. There's two overall aspects of it. First of all, we are both, we partner on the Platform One basic ordering agreement. So just there we had a common mentality of DevSecOps. And so there was a good partnership there, but then when we thought about we're engaging it from an edge perspective, the K3s, right? I mean, they're a leader from a container perspective obviously, but the fact that they are innovators around K3s to reduce that software footprint, which is required on these edge devices, we kind of got a twofer there in that partnership. >> John, any comment on your end? >> Yeah, I would just amplify, the K3s aspects in leveraging the containers, a lot of what we've seen success in when you look at what's going on, especially on that tactical edge around enabling capabilities, containers, and the portability it provides makes it very easy for us to interface and integrate a lot of different sensors to close the OODA loop to whoever is wearing or operating that a piece of equipment that the software is running on. >> Awesome, I'd love to continue the conversation on space and the edge and super great conversation to have you guys on. Really appreciate it. I do want to ask you guys about the innovation and the opportunities of this new shift that's happening as the next big thing is coming quickly. And it's here on us and that's cloud, I call it cloud 2.0, the cloud scale, modern software development environment, edge with 5G changing the game. Ki, I completely agree with you. And I think this is where people are focusing their attention from startups to companies that are transforming and re-pivoting or refactoring their existing assets to be positioned. And you're starting to see clear winners and losers. There's a pattern emerging. You got to be in the cloud, you got to be leveraging data, you got to be horizontally scalable, but you got to have AI machine learning in there with modern software practices that are secure. That's the playbook. Some people are making it. Some people are not getting there. So I'd ask you guys, as telcos become super important and the ability to be a telco now, we just mentioned standing up a tactical edge, for instance. Launching a satellite, a couple of hundred K, you can launch a CubeSat. That could be good and bad. So the telco business is changing radically. Cloud, telco cloud is emerging as an edge phenomenon with 5G, certainly business commercial benefits more than consumer. How do you guys see the innovation and disruption happening with telco? >> As we think through cloud to edge, one thing that we realize, because our definition of edge, John, was actually at the point of data collection on the sensor themselves. Others' definition of edge is we're a little bit further back, what we call it the edge of the IT enterprise. But as we look at this, we realize that you needed this kind of multi echelon environment from your cloud to your tactical clouds where you can do some processing and then at the edge of themselves. Really at the end of the day, it's all about, I think, data, right? I mean, everything we're talking about, it's still all about the data, right? The AI needs the data, the telco is transporting the data. And so I think if you think about it from a data perspective in relationship to the telcos, one, edge will actually enable a very different paradigm and a distributed paradigm for data processing. So, hey, instead of bringing the data to some central cloud which takes bandwidth off your telcos, push the products to the data. So mitigate what's actually being sent over those telco lines to increase the efficiencies of them. So I think at the end of the day, the telcos are going to have a pretty big component to this, even from space down to ground station, how that works. So the network of these telcos, I think, are just going to expand. >> John, what's your perspective? I mean, startups are coming out. The scalability, speed of innovation is a big factor. The old telco days had, I mean, months and years, new towers go up and now you got a backbone. It's kind of a slow glacier pace. Now it's under siege with rapid innovation. >> Yeah, so I definitely echo the sentiments that Ki would have, but I would also, if we go back and think about the digital battle space and what we've talked about, faster speeds being available in places it's not been before is great. However, when you think about facing an adversary that's a near-peer threat, the first thing they're going to do is make it contested, congested, and you have to be able to survive. While yes, the pace of innovation is absolutely pushing comms to places we've not had it before, we have to be mindful to not get complacent and over-rely on it, assuming it'll always be there. 'Cause I know in my experience wearing the uniform, and even if I'm up against an adversary, that's the first thing I'm going to do is I'm going to do whatever I can to disrupt your ability to communicate. So how do you take it down to that lowest level and still make that squad, the platoon, whatever that structure is, continue survivable and lethal. So that's something I think, as we look at the innovations, we need to be mindful of that. So when I talk about how do you architect it? What services do you use? Those are all those things that you have to think about. What if I lose it at this echelon? How do I continue the mission? >> Yeah, it's interesting. And if you look at how companies have been procuring and consuming technology, Ki, it's been like siloed. "Okay, we've got a workplace workforce project, and we have the tactical edge, and we have the siloed IT solution," when really work and play, whether it's work here in John's example, is the war fighter. And so his concern is safety, his life and protection. >> Yeah. >> The other department has to manage the comms, (laughs) and so they have to have countermeasures and contingencies ready to go. So all this is, they all integrate it now. It's not like one department. It's like it's together. >> Yeah. John, I love what you just said. I mean, we have to get away from this siloed thinking not only within a single organization, but across the enterprise. From a digital battlefield perspective, it's a joint fight, so even across these enterprise of enterprises, So I think you're spot on. We have to look horizontally. We have to integrate, we have to inter-operate, and by doing that, that's where the innovation is also going to be accelerated too, not reinventing the wheel. >> Yeah, and I think the infrastructure edge is so key. It's going to be very interesting to see how the existing incumbents can handle themselves. Obviously the towers are important. 5G obviously, that's more deployments, not as centralized in terms of the spectrum. It's more dense. It's going to create more connectivity options. How do you guys see that impacting? Because certainly more gear, like obviously not the centralized tower, from a backhaul standpoint but now the edge, the radios themselves, the wireless transit is key. That's the real edge here. How do you guys see that evolving? >> We're seeing a lot of innovations actually through small companies who are really focused on very specific niche problems. I think it's a great starting point because what they're doing is showing the art of the possible. Because again, we're in a different environment now. There's different rules. There's different capabilities. But then we're also seeing, you mentioned earlier on, some of the larger companies, the Amazons, the Microsofts, also investing as well. So I think the merge of the, you know, or the unconstrained or the possible by these small companies that are just kind of driving innovations supported by the maturity and the heft of these large companies who are building out these hardened kind of capabilities, they're going to converge at some point. And that's where I think we're going to get further innovation. >> Well, I really appreciate you guys taking the time. Final question for you guys, as people are watching this, a lot of smart executives and teams are coming together to kind of put the battle plans together for their companies as they transition from old to this new way, which is clearly cloud-scale, role of data. We hit out all the key points I think here. As they start to think about architecture and how they deploy their resources, this becomes now the new boardroom conversation that trickles down and includes everyone, including the developers. The developers are now going to be on the front lines. Mid-level managers are going to be integrated in as well. It's a group conversation. What are some of the advice that you would give to folks who are in this mode of planning architecture, trying to be positioned to come out of this pandemic with a massive growth opportunity and to be on the right side of history? What's your advice? >> It's such a great question. So I think you touched upon it. One is take the holistic approach. You mentioned architectures a couple of times, and I think that's critical. Understanding how your edge architectures will let you connect with your cloud architecture so that they're not disjointed, they're not siloed. They're interoperable, they integrate. So you're taking that enterprise approach. I think the second thing is be patient. It took us some time to really kind of, and we've been looking at this for about three years now. And we were very intentional in assessing the landscape, how people were discussing around edge and kind of pulling that all together. But it took us some time to even figure it out, hey, what are the use cases? How can we actually apply this and get some ROI and value out for our clients? So being a little bit patient in thinking through kind of how we can leverage this and potentially be a disruptor. >> John, your thoughts on advice to people watching as they try to put the right plans together to be positioned and not foreclose any future value. >> Yeah, absolutely. So in addition to the points that Ki raised, I would, number one, amplify the fact of recognize that you're going to have a hybrid environment of legacy and modern capabilities. And in addition to thinking open architectures and whatnot, think about your culture, the people, your processes, your techniques and whatnot, and your governance. How do you make decisions when it needs to be closed versus open? Where do you invest in the workforce? What decisions are you going to make in your architecture that drive that hybrid world that you're going to live in? All those recipes, patience, open, all that, that I think we often overlook the cultural people aspect of upskilling. This is a very different way of thinking on modern software delivery. How do you go through this lifecycle? How's security embedded? So making sure that's part of that boardroom conversation I think is key. >> John Pisano, Principal at Booz Allen Digital Cloud Solutions, thanks for sharing that great insight. Ki Lee, Vice President at Booz Allen Digital Business. Gentlemen, great conversation. Thanks for that insight. And I think people watching are going to probably learn a lot on how to evaluate startups to how they put their architecture together. So I really appreciate the insight and commentary. >> Thank you. >> Thank you, John. >> Okay. I'm John Furrier. This is theCUBE Conversation. Thanks for watching. (upbeat music)

>>law from Las Vegas. It's the Q covering a ws re invent 2019. Brought to you by Amazon Web service is and Intel along with its ecosystem partners. >>Welcome back to the Sands. We continue our coverage here on the Cube of Day, one of a W s ram in 2019 show. Bigger and better than ever. Tough to say, because last year was awesome. This year if they think you're gonna have a little bit higher on the knots. Justin Warren, I'm John Walls were joined by Brandon Walsh, who is the s creepy apartment relations at the 1901 group. Good to see you, sir. >>Thank you. Thank you for having me. >>Right now. I can't imagine anything intact dating back to 1901 So I'm trying to think What What was the origination of? Of the company? First off, tell us a little bit about what you do, but what's the name all about? >>Well, real quick for the name are our CEO. So new Singh came up with this idea for automation of I t routine. I t management in 1901 was the year the assembly line was invented, so a gentleman named Ransom E. Olds from the famed Oldsmobile gets credit for that. So so new named the company after that automation breakthrough of an assembly line model. And we have built an assembly line concept what we call an I T factory for a cloud migration factory into our operations center. And that's part of our managed service is offering that we sell, promote, provide to our customers. >>And, of course, you're doing that with the help of a company called Cohee City. Find Data Management Solutions provider. So let's talk a little bit about cohesively as well. And your relationship, how that works and what you're I guess, of deriving are extracted from their service is that you find that great value in that >>absolutely were. Maybe this is a little different for today in the show. We actually are a customer of Cohee City. We consume cohesive. So in our managed service offering portfolio, one of the things that we've been using Holy City four is helping our customers set, create or start up. Disaster recovery or backup service is capability. In 1901 group has been packaging marketing, selling that D R. As a service and that bur back up as a service to our federal state, local customers. >>A longtime fan of the Toyota production system, I am very pleased that you are turning an assembly line concept. You know, I think it's vastly overdue. So it's great to hear you focus a lot on the public sector is my understanding absolutely. Tell me a little bit more about what the public sector is. A very complicated based is a >>complicated is putting it politely. >>So walk us through how you're using cohesive toe help. Public sector organizations transform themselves to use this kind of as a service back up and disaster recovery. >>You hit on a really good point. It's sort of two points. One is the term is I t modernization. So in order to modernize a very large complex, I T Environment Assets Systems Service is multi locations, various data centers, multiple data classifications that that complexity with the cohesive product. What has allowed us to do is to start incrementally by doing a disaster recovery or a backup on premise that gives the agency since a confidence we get to show success and progress and that sort of a win win for everyone involved, where the growth with a future and how those agencies will modernize is once you start getting the data backed up properly, prepped for disaster, recover properly. You can also start migrating data toward Native Cloud. And particularly we've been working with AWS aws govcloud in particular, but also a WC commercial clout. >>I like how you mentioned that building trust part with the agencies to begin with. It's not so much about the technology, but about the human part of the process. Way heard that came out this morning with Andy Jesse talking about how data transfer transformation happens, and it's a lot to do with the humans. It's not all about technology. >>At the the organizational change, management is important as the technology change management and incremental shift toward the cloud and migration toward the cloud allows for both time and and reallocation of resource is both by the agency's contractors supporting the agencies and manage service providers like us, who are really providing more as a service. Models meaning way generally consumed the technology for the client, which is a little bit different of a model from the past, but that is the trend of the future. >>It's not purely incremental, though, because you're not. You have to change the way that you're doing things, to be using it as a service, as this thing from the way that you would have done it is purely on premises type infrastructure. Explain a little bit about how you helped these agencies to change the way they think to be able to use this as a service >>approach. Well, one of the one of the reasons we selected Cohesive E is because of their ability to scale out and their pricing model that allows us to better forecast costs and because we're managed service provider price to the government. So the scale out capability that Callie City provides allows us to buy technology capacity nodes as we need them so we don't have a large capital expenditure up front as orders come in. As agencies purchase as we grow, we can add to that capacity incrementally. That's lower risk for us. Lower risk for the client. So again it's a it's a win win in their pricing model. Their licensing model allows us to work with our agency customers and predict costing and pricing for next year, two years out, three years out, which, in the federal budget cycle appropriations are not appropriated. It is a pretty important thing >>got on a wire in the business. Frankly, it's such a, you know, just pull your hair out. I'm sure they're wonderful. This roast ready to say the least, but way heard a lot about a pretty big major theme, this transformation versus transition and in terms of government users, how do you get them into the transformation mindset when you have those obstacles you just talked about that you have a number of times, cycles and our funding cycles and development cycles. And so regulatory psychic, I mean and you write those concerns whatever they will throws their way, states what they throw their way. I think that would be just looking at it from the outside. Tough to get into a transformer mode when you are almost are constantly transitioning. It seems >>you bring up a good point. A. If I can make a comment about eight of us, AWS has been investing in in what's called Fed Ramp that's a federal accreditation program that insurers that that cloud systems and in the case of AWS have their security controls documented, properly documented to a standard and then enforced, so continuously monitored and reported on the investments AWS have been making. And and that speed of investment has been increasing over the last few years has really helped manage service providers. And I t providers like like 1901 group help the agency's understand how to transition and transform. But it's definitely a step. It's a step across. It's incremental in nature, but I congratulate AWS on that investment of time and resource is for Fed Ramp Way also are federally authorized way. We're going into our fifth year so we were early on and being able to watch A W s grow expand helps us helps our competition, but helps the agencies and helps. In the end, all citizens of the United States. So missions air getting better. Theodore Option is speeding up. I think a ws for that investment >>tell us a little bit more about how these federal agencies are using both AWS and Cohee City to work together because you mentioned that your business is built built on Cohee City. So where does that go? Where's coming >>s so So way started out using Cohee City in on premise environment to support federal civilian agencies. That model has been growing, so that was a single tenant, meaning we had one customer. On a single instance. We've expanded to a multi tenant instance. And now we're expanding into a AWS Cloud native instance, so being able to work with a complex environment, a complex data management environment being able to go from on prim to cloud of being will go from AWS back and forth, being able to manage that seamlessly, ensuring there's encryption of data at rest and in motion. That just makes our job that much easier. >>Now we know that Cohee City is a software data management company. It's not just about backup on D are so cohesive is making some inroads into other secondary data management service is, and some other things they're So what are you looking at to expand into what what a customer is asking you to do for them now that you've already proven yourself with with some of the D. R and back up type ability? Yeah, >>I mean, it really varies. It does very agency to agency smaller, independent agencies really may be looking at a cohesive technology to manage fragmented data. Larger agencies and groups and programs within agencies have different. Different asks different requirements. It's really hard to say a single what is the thing? I would say that the flexibility cohesive he gives us is the ability to go hybrid. So depending on what the customers asking feature wise functionality, wise architecture wise way think that Cally city is very flexible >>and about the public sector market. Then if you if you could put your headlight on that for the next 23 years, he was talked about some cycles of that far out. What do you think it would be? A. I guess shift is the right word. What would be a useful or valuable shift in terms of the public sector in terms of their acceptance or adoption in your world? >>Well, so as applications are lifted and shifted or migrated re factored rewritten into cloud environments, you're gonna we're going to see you're going to see mission applications at the agency level moved to cloud reside in the cloud, so data for performance reasons is gonna have to be right next to that application. So the data management, whether it's for production or test Dev Kohli City's got emerging capability for for Dev Test. I think it's a test of but deaf task. So all these pieces sort of go together as a CZ, you said, going from transitioning to transforming and you start looking to three years out. I do believe the agencies have a lot of momentum. There are some really interesting activities being done in the federal state local realm, around artificial intelligence machine learning. So being able to do the compute storage, the networking and security all within a A W s cloud, it's just going to speed things up and make cost and performance more manageable and transparent. >>Thank you for the time. We appreciate that. We find out earlier that Brendan is a Washington Redskins fan and a D. C. Resident, as am I. And I thought 90 No. One was the last time we had a playoff tape. It was quite that far back, but it certainly seems like it, doesn't it? Hang in there, Thank you very much. Enjoy that. Brenda Walsh joining us from the 1901 group back lot with more live here from AWS reinvent with just a warning. I'm John Walls and you are watching the Cube

>> Hey, welcome back everybody, Jeff Frick here with theCUBE. We're having a Cube conversation in our Palo Alto studio, the conference season hasn't got to full swing yet, so we can have a little bit more relaxed atmosphere here in the studio and we're really excited, as part of our continuing coverage for the Data Makes Possible sponsored by Western Digital, looking at cool applications, really the impact of data and analytics, ultimately it gets stored usually on a Western Digital hard drive some place, and this is a great segment. Who doesn't like talking about sports, and football, and advanced analytics? And we're really excited, I have John Pollard here, he is the VP of Business Development for Zebra Sports, John, great to see you. >> Jeff, thanks for having me. >> Absolutely, so before we jump into the fun stuff, just a little bit of background on Zebra Sports and Zebra Technologies. >> Okay well, first, Zebra Technologies is a publicly traded company, we started in the late 1960s, and really what we do is we track enterprise assets in industries typically like healthcare, retail, travel and logistics, and transportation. And what we've done is take that heritage and bring that over into the world of sports, starting four years ago with our relationship with the NFL as the official player tracking technology. >> It's such a great story of an old-line company, right? based in Illinois-- >> Yeah, Lincolnshire. >> Outside of Chicago, right? RFID tags, and inventory management, and all this kind of old-school stuff. But then to take that into this really dynamic world, A, of sports, but even more, advanced analytics, which is relatively new. And we've been at it for a few years, but what a great move by the company to go into this space. How did they choose to do that? >> Well it was an opportunity that just came to them through an RFP, the NFL had investigated different technologies to track players including optical and a GPS-based technologies, and now of course with Zebra, our location and technologies are based on RFID. And so we just took the heritage and our capabilities of really working at the edge of enterprises in those traditional industries from transactional moments, to inventory control moments, to analytics at the end, and took that model and ported it over to football, and it's turned out to be a very good relationship for us in a couple of ways. We've matured as a sports business over the four years, we've developed more opportunities to take our solutions, not just in-game but moving them into the practice facilities for NFL teams, but it's also opened up the aperture for other industries to now appreciate how we can track minute types of information, like players moving around on the football field, and translating it into usable information. >> So, for the people that aren't familiar, they can do a little homework. But basically you have a little tag, a little sensor, that goes onto the shoulder pads, right? >> There's two chips. >> Two chips, and from that you can tell where that player is all the time and how they move, how they fast they move, acceleration and all the type of stuff, right? >> Correct, we put two chips inside of the shoulder pads for down linemen, or people who play with their hands on the ground, we put a third chip between the shoulder blades. Those chips communicate with receiver boxes that have been installed across the perimeter or around the perimeter of a stadium, and they blink 12 times per second. And that does tell you who's on the field, where they are on the field, and in proximity to other players on the field. And once the play starts itself, we can see how fast they're going, we can calculate change of direction, acceleration and deceleration metrics, we can also see, as you know with football, interesting information like separation from a wide receiver in defensive back, which is critical when you're evaluating players' capabilities. >> So, this started about four years ago, right? >> Yes, we started our relationship with the league in-game, four years ago. >> Okay, so I'd just love to kind of hear your take on how the evolution of the introduction of this data was received by the league, received by the teams, something they'd never had before, right? Kind of a look and feel and you can look at film, but not to the degree and the tightness of tolerances that you guys are able to deliver. >> Well, like any new technology and information resource, it takes time to first of all determine what you want to do with that information, you have an idea when you start, and then it evolves over time. And so what we started with was tagging the players themselves and during the time, what we've really enjoyed in working with the NFL is that the league has to be very pragmatic and thoughtful when introducing new technologies and information. So they studied and researched the information to determine how much of this information do they share with the clubs, how much do they share with the fans and the media, and then what type of information sharing, what does that mean in terms of impact of the integrity of the game and fair competition. So, for the first two years it was more of a research and testing type of process, and starting in 2016 you started to see more of an acceleration of that data being shared with the clubs. Each club would receive their own data for in-game, and then we would start to see some of that trickle out through the NFL's Next Gen Stats brand banner on their NFL.com site. And so then we start to see more of that and then what I think we've really seen pick up pace certainly in 2017 is more utilization of this information from a media perspective. We're seeing it more integrated into the broadcasts themselves, so you have like kind of a live tracking set of information that keeps you contextually involved in the game. >> Right. And you were involved in advanced analytics before you joined Zebra, so you've been kind of in this advanced stats world for a while. So how did it change when you actually had a real-time sensor on people's bodies? >> Yeah it does feel a bit like Groundhog Day, right? I started more in the stats and advanced analytics when I worked for STATS LLC. In 2007, I developed a piece of software for the New Orleans Saints that they used to track observational statistics to game video. And it was a similar type of experience in starting in 2009 and introducing that to teams where it took about three or four years where teams started to feel like that new information resource was not a nice to have but a need to have, a premium ingredient that they could use for game planning, and then player evaluation, and also the technology could provide them some efficiencies. We're seeing that now with the tracking data. We just returned from the NFL Combine a couple weeks ago, and what I felt in all the conversations that we had with clubs was that there was a high level of appreciation and a lot of interest in how tracking data can help facilitate their traditional scouting and player evaluation processes, the technology itself how can it make the teams more efficient in evaluating players and developing game plans, so there's a lot of excitement. We've kind of hit that tipping point, if I may, where there's general acceptance and excitement about the data and then it's incumbent upon us as a partner with the league and with the teams for our practice clients to teach them how to use the analytics and statistics effectively. >> So I'm just curious, some of the specific data points that you've seen evolve over time and also the uses. I think you were talking about a little bit off camera that originally it was really more the training staff and it was really more kind of the health of the player. Then I would imagine it evolved to now you can actually see what's going on in terms of better analysis, but I would imagine it's going to evolve where coaches are getting that feedback in real-time on a per-play basis and are making in-game adjustments based on this real-time data. >> Well technically that's feasible today but then there's the rules of engagement with the league itself, and so the teams themselves, and the coaches, and the sideline aren't seeing this tracking data live, whether it be in the booth or on the sidelines. Now in a practice environment, that's what teams are using our system for. With inside of three seconds they're seeing real-time information show up about players during practice. Let's take an example, a player during practice who's coming back from injury. You might want to monitor their output during the week as they come back and they make sure that they're ready for the game on a week to week basis. Trainers are now able to see that information and take that over to a position coach or a head coach and make them aware of the performance of the player during practice. And I think sometimes people think with tracking data it's all about managing in the health of the player and making sure they don't overwork. Where really, the antithesis of that is you can actually also identify players who aren't necessarily reaching their maximum output that will help them build throughout the week from peak performance during a game. And so a lot of teams like to say okay, I have a wide receiver, I know their max miles per hour, is, let's use an example, 20.5 miles an hour. He hasn't hit his max yet during the entire week, so let's get him into some drills and some sessions, where he can start hitting that max so that we reduce the potential for injury on game day. >> Right, another area that probably a lot of people would never think is you also put sensors on the refs. So you know not only where the refs are, but are they in the right positions technically and kind of from a best practices to make the calls for the areas that they're trying to cover. >> Right. >> There's got to be, was their a union pushback on this type of stuff? I mean there's got to be some interesting kind of dynamics going on. >> Yeah as far as the referees, I know that referees are tagged and the NFL uses that information and correlates that with the play calls themselves. We're not involved in that process but I know they're utilizing the information. In addition to the referees I should add, we also have a tag in the ball itself. >> [Jeff] That's right. >> 2017 season was the first year that we had every single game had a tagged ball. Now that tagged information in the ball was not shared with the clubs yet, the league is still researching the information, like they did with the players' stuff. A couple years of research, then they decide to distribute that to the teams and the media. So we are tracking a lot of assets, we also have tags in the first down markers and the pylons and I'll just cut to the chase, there are people who will say okay, does that mean you can use these chips and this technology to identify first down marks or when a ball might break the plane for a potential touchdown? Technically you can do that, and that's something the league may be researching, but right now that's not part of our charter with them. >> Right, so I'm just curious about the conversations about the data and the use of the data. 'Cause as you said there's a lot of raw data, and there's kind of governance issues and rules of engagement, and then there's also what types of analytics get applied on top of that data, and then of course also it's about context, what's the context of the analytics? So I wonder if you could speak to the kind of the evolution of that process, what were people looking at when you first introduced this four years ago, and how has it moved over time in terms of adding new analytics on top of that data set? >> That's one of my favorite topics to talk about, when we first started with the league and engaging teams for the practice solution or providing them analytics, they in essence got a large raw data file of XY coordinates, you can imagine (laughs) it was a gigantic hard drive-- >> Even better, XY coordinates. >> And put it into a spreadsheet and go. There was some of that early on and really what we had to do through the power of software, is develop and application platform that would help teams manage and organize this data appropriately, develop the appropriate reports, or interesting reports and analysis. And over the last two or three years I think we've really found our stride at Zebra in providing solutions to go along with the capabilities of the technology itself. So at first it was strength and conditioning coaches, plowing through this information in great detail or analytics staffs, and what we've seen over the last 24 months is director of analytics now, personnel staff, coaches as well, a broadening group of people inside of a football organization start to use this data because the software itself allows them to do so. I'll give an example, instead of just tabular information, and charts and graphs, we now take the data and we can plot them into a play field schematic, which as you know as we talked off camera you're very familiar with football, that just automates the process of what teams do today manually, is develop play cards so they can do self-study and advanced scouting techniques. That's all automated today, and not only that, it's animated because we have the tracking information and we can merge that to game video. So we're just trying to make the tools with the software more functional so everybody in the organization can utilize it beyond strength and conditioning, which is important, but now we're broadening the aperture and appealing to everybody in the organization. >> Do you do, I can just see you can do play development too, if you plug in everybody's speeds and feeds, you have a certain duration of time, you can probably AB test all types of routes, and timing on drops and now you know how hard the guy throws the ball to come up with a pretty wide array of options, I would imagine within the time window. >> Exactly, a couple of examples I could give, when we meet with teams we have every player, let's say on a team and we know all the routes they ran during an entire season. So you can imagine on a visualization tool, you can imagine, it's like a spaghetti chart of different routes and then you start breaking down the scenarios of context like we talked about earlier, it's third down, it's in the red zone, it's receptions. And so that becomes a smaller set of lines that you see on the chart. I'll tell you Jeff, when we start meeting with teams at the Combine and we start showing them their X or a primary receiver, or their slot receiver tendencies visually, they start leaning forward a bit, oh my goodness, we spend way too much time on the same route when we're targeting for touch down passes. Or we're right-handed too much, we have to change that up. That's the most gratifying thing, is that you're taking a picture and you're really illuminating and those coaches who intrinsically know that, but once they see a visual cue, it validates something in their head that either they have to change or evolve something in their game plan or their practice regimen. >> Well, that's what I was going to ask, and you lead right into it is, what are some of the things that get the old-school person or the people that just don't get that, they don't get it, they don't have the time, they don't believe it, or maybe believe it but they don't have the time, they're afraid to understand. What are some of those kind of light bulb moments when they go okay, I get it, as you said, most of the time if they're smart, it's going to be kind of a validation of something they've already felt, but they've never actually had the data in front of them. >> Right, that's exactly right. So that, the first thing is just quantifying, providing a quantifiable empirical set of evidence to support what they intrinsically know as professional evaluators or coaches. So we always say that they data itself and the technology isn't meant to be a silver bullet. It's now a new premium ingredient that can help support the processes that existed in the past and hopefully provide some efficiency. And so that's the first thing, I think the visual, the example I showed about the wide receiver tendencies when they're thrown to in the red zone, that always gets people leaning forward a little bit. Also with running backs, third down in three plus yards, or third down in short situations, and my right-hander to left-hander when I'm on a certain hash. Again the visualization just allows them to really mark something in their head-- >> Just in the phase. >> Where it makes them really understand. Another example that's interesting is players who play on special teams who are also wide receivers, so as we know, linebackers and tight ends tend to be, and quarterbacks tend to be involved in special teams. Well is there an effect when they've covered kick offs and punts, a large amount of those in a game, did that affect them on side a ball play, for instance? Think about Julian Edelman two Superbowls ago, he played 93 snaps against the Atlanta Falcons. and when you look at the route-- >> [Jeff] He played 93 snaps? >> Yeah, between special, because it went into overtime, right? It was an offensive game-- >> And he's on all the-- >> He played a lot of snaps, he played 93 snaps. how does that affect his route integrity? Not only the types and quality of the route, but the depth and speed he gets to those points, those change over time. So this type of information can give the experts just a little bit more information to find that edge. And I have a great mentor of mine, I have to bring him up, Gill Brant, former VP of Personnel to Dallas Cowboys, with Tex Schramm and Tom Landry, he looks at this type of information and he says, what would a team pay for one more victory? >> So as we know, all coaches and professional organizations and college are looking for an edge, and if we can provide that with our technology through efficiencies and some type of support information resource then we're doing our job. >> I just wanted to, before I let you go, just the human factors on that. I mean, football coaches are notoriously crazy workers and, right, you can always watch more films. So now you're adding a whole new category of data and information. How's that being received on their side? Is it, are they going to have to put new staff and resources against this? I mean, there's only so many hours in a day and I can't help but think of the second tier or third tier coaches who are going to be on the hook for going through this. Or can you automate so much of it so it's not necessarily this additional burden that they have to take on? 'Cause I would imagine if the Cowboys are doing it, the Eagles got to do it, the Giants got to do it, and the Washington Redskins got to do it, right? >> Right, right, well each team as you might expect, their cultures are different. And I would say two or three years ago you started to see more teams hire literally by title, director of analytics, or director of football information, instead of sharing that responsibility between two or three people that already existed in the organization. So that staffing I think occurred a couple, two or three years ago or over the last two or three years. This becomes another element for those staffs to work with. But also along that process over the last two or three years is, really, I always try to say in talking to teams and I'll be on the road again here soon talking to clubs after pro days conclude, is forget about staffs and analytics and that idea. Do you want to be information driven, and do you want to be efficient? And that's something everybody can grasp onto, whether you're the strength and conditioning coach, personnel staff or scout, or a position coach, or a head coach, or a coordinator. So we try to be information driven, and then that seems to ease the process of people thinking I have to hire more people. What I really need to do is ask my people that are already in place to maybe be more curious about this information, and if we're going to invest in a resource that can help support them and make them more efficient, make sure we leverage it. And so that's our process that we work with, it varies by team, some teams have large, large expansive staffs. That doesn't necessarily mean, in my opinion the most effective staff is using information. Sometimes it's the organizations that run very lean with a few set of people, but very focused and moving in one direction. >> I love it, data for efficiency, right? In God we trust, everybody else bring data. One of my favorite lines that we hear over and over and over at these shows. >> In fact, I might borrow that next week. >> You could take that one, alright. >> Thank you, Jeff. >> Well John, thanks for taking a few minutes and stopping by and participating in this Western Digital program, because it is all about the data and it is about efficiency, so it's not necessarily trying to kill people with more tools, but help them be better. >> That's what we're trying to do, I appreciate the opportunity and love to talk to you more. >> Absolutely, well hopefully we'll see you again. He's John Pollard, I'm Jeff Frick, you're watching theCUBE from Palo Alto studios, thanks for watching, we'll see you next time. (Upbeat music)

>> Announcer: Live from Washington, DC it's theCube covering .conf 2017 brought to you by Splunk. >> Welcome back here on theCube the flagship broadcast for Silicon Angle TV, glad to have you here at .conf 2017 along with Dave Vellante, John Walls. We are live in Washington, DC and balmy Washington, DC. It's like 88 here today, really hot. >> It's cooler here than it is in Boston, I here. >> Yeah, right, but we're not used to it this time of year. Brad Medairy now joins us he's an SVP at Booz Allen Hamilton and Brad, thank you for being with us. >> Dave: And another Redskins fan I heard. >> Another Redskins fan. >> It was a big night wasn't it? Sunday night, I mean we haven't had many of those in the last decade or so. >> Yeah, yeah, I became a Redskins fan in 1998 and unfortunately a little late after the three or four superbowls. >> John: That's a long dry spell, yeah. >> Are you guys Nats fans? >> Oh, huge Nats fan, I don't know, how about Brad, I don't want to speak for you. >> I've got a soft spot in my heart for the Nats, what's the story with that team? >> Well, it's just been post-season disappointment, but this year. >> This is the year. >> This is the year, although-- >> Hey, if the Redsox and the Cubs can do it. >> I hate to go down the path, but Geos worry me a little bit, but we can talk about it offline. >> Brad: Yeah, let's not talk about DC Sports. >> Three out of five outings now have not been very good, but anyway let's take care of what we can. Cyber, let's talk a little cyber here. I guess that's your expertise, so pretty calm, nothing going on these days, right? >> It's a boring field, you know? Boring field, yeah. >> A piece of cake. So you've got clients private sector, public sector, what's kind of the cross-pollination there? I mean, what are there mutual concerns, and what do you see from them in terms of common threats? >> Yeah, so at Booz Allen we support both federal and commercial clients, and we have a long history in cyber security kind of with deep roots in the defense and the intelligence community, and have been in the space for years. What's interesting is I kind of straddle both sides of the fence from a commercial and a federal perspective, and the commercial side, some of the major breaches really force a lot of these organizations to quickly get religion, and early on everything was very compliance driven and now it's much more proactive and the need to be much more both efficient and effective. The federal space is, I think in many cases, catching up, and so I've done a lot of work across .mil and there's been a lot of investment across .mil, and very secure, .gov, you know, is still probably a fast follower, and one of the things that we're doing is bringing a lot of commercial best practices into the government space and the government's quickly moving from a compliance-based approach to cyber security to much more proactive, proactive defense. >> Can you get, it's almost like a glacier sometimes, right, I mean there's a legacy mindset, in a way, that government does it's business, but I would assume that events over the past year or two have really prompted them along a little bit more. >> I mean there's definitely been some highly publicized events around breaches across .gov, and I think there's a lot of really progressive programs out there that are working to quickly you know, remediate a lot of these issues. One of the programs we're involved in is something called CDM that's run out of DHS, Continuous Diagnostic and Mitigation, and it's a program really designed to up-armor .gov, you know to increase situational awareness and provide much more proactive reporting so that you can get real-time information around events and postures of the network, so I think there's a lot of exciting activities and I think DHS and partnership with the federal agencies is really kind of spearheading that. >> So if we can just sort of lay out the situation in the commercial world and see how it compares to what's going on in gov. Product creep, right, there's dozens and dozens and dozens of products that have been installed, security teams are just sort of overwhelmed, overworked, response is too slow, I've seen data from, whatever, 190 days to 350 days, to identify an infiltration, nevermind remediate it, and so, it's a challenge, so what's happening in your world and how can you guys help? >> Yeah, you know it's funny, I love going out to the RSA conference and, you know, I watch a lot of folks in the space, walking around with a shopping cart and they meet all these great vendors and they have all these shiny pebbles and they walk away with the silver bullet, right, and so if they implement this tool or technology, they're done, right? And I think we all know, that's not the case, and so over the years I think that we've seen a lot of, a lot of organizations, both federal and commercial, try to solve a lot of the problems through, you know, new technology solutions, whether it's the next best intrusion detection, or if it's endpoint, you know, the rage now is EDR, MDR, and so, but the problem is at the end of the day, the adversaries live in the seams, and in the world that I grew up in focused a lot around counter-terrorism. We took a data-centric approach to finding advanced adversaries, and one of the reasons that the Booz Allen has strategically partnered with Splunk is we believe that, you know, in a data-centric approach to cyber, and Splunk as a platform allows us to quickly integrate data, independent of the tools because the other thing with these tool ecosystems is all these tools work really well within their own ecosystem, but as soon as you start to mix and match best of breed tools and capabilities, they tend to not play well together. And so we use Splunk as that integration hub to bring together the data that allows us to bring our advanced trade-craft and tech-craft around hunting, understanding of the adversaries to be able to fuse that data and do advanced detection and help our clients be a lot more proactive. >> So cyber foresight is the service that you lead with? >> Yeah, you know, one of the things, having a company that's been, Booz Allen I think now is 103 years old, with obvious deep roots in the federal government, and so we have a pedigree in defense and intelligence, and we have a lot of amazing analysts, a lot of amazing, what we call, tech-craft, and what we did was, this was many many years ago, and we're probably one of the best kept secrets in threat intelligence, but after maybe five or six years ago when you started to see a lot of the public breaches in the financial services industry, a lot of the financial service clients came to us and said, "Hey, Booz Allen, you guys understand the threat, you understand actors, you understand TTPs, help educate us around what these adversaries are doing. Why are they doing it, how are they doing it, and how can we get out in front of it?" So the question has always been, you know, how can we be more proactive? And so we started a capability that we, or we developed a capability called cyber foresight where we provided some of our human intelligence analysts and applied them to open-source data and we were providing threat intelligence as a service. And what's funny is today you see a lot of the cyber threat intelligence landscape is fairly crowded, when I talk to clients they affectionately refer to people that provide threat intelligence as beltway book reporters, which I love. (laughter) But for us, you know, we've lived in that space for so many years we have the analysts, the scale, the tradecraft, the tools, the technologies, and we feel that we're really well positioned to be able to provide clients with the insights. You know, early on when we were working heavily in the financial services sector, the biggest challenge a lot of our clients had in threat intelligence was, what do I do with it? Okay, so you're going to send me, what we call a Spot Report, and so hey we know this nation-state actor with this advanced set of TTPs is targeting my organization, so what, right? I'm the CISO, I'm the CIO, should I resign? Should I jump out the window? (laughter) What do I do? I know these guys are coming after me, how do I actually operationalize that? And so what we've spent a lot of time thinking about and investing in is how to operationalize threat intelligence, and when we started, you kind of think of it as a pitcher and a catcher, right? You know, so the threat intelligence provider throws those insights, but the receiver needs to be able to catch that information, be able to put it in context, process it, and then operationalize it, implement it within their enterprise to be able to stop those advanced threats. And so one of the reasons that we gravitated toward Splunk, Splunk is a platform, Splunk is becoming really, in our mind, one of the defacto repositories for IT and cyber data across our client space, so when you take that, all those insights that Splunk has around the cyber posture and the infrastructure of an enterprise, and you overlay the threat intelligence with that, it gives us the ability to be able to quickly operationalize that intelligence, and so what does that mean? So, you know, when a security operator is sitting at a console, they're drowning in data, and, you know, analysts, we've investigated tons of commercial breaches and in most cases what we see is the analyst, at some point, had a blinking red light on their screen that was an indicator of that particular breach. The problem is, how do you filter through the noise? That's a problem that this whole industry, it's a signal to noise ratio issue. >> So you guys bring humans to that equation, human intelligence meets analytics and machine intelligence, and your adversary has evolved, and I wonder if you can talk about that, it's gone from sort of hacktivists to organized crime and nation-states, so they've become much more sophisticated. How have the humans sort of evolved as well that your bridge to bear? >> Yeah, I mean certainly the bear to entry is lower, and so now we're seeing ransomware as a service, we're seeing attacks on industrial control systems, on IOT devices, you know, financial services now is extremely concerned about building control systems because if you can compromise and build a control system you can get into potentially laterally move into the enterprise network. And so our analysts now not only are traditional intelligence analysts that understand adversaries and TTPs, but they also need to be technologists, they need to have reverse engineering experience, they need to be malware analysts, they need to be able to look at attack factors in TTPs to be able to put all the stuff in context, and again it goes back to being able to operationalize this intelligence to get value out of it quickly. >> They need to have imaginations, right? I mean thinking like the bad guys, I guess. >> Yeah, I mean we spend a lot of time, we've started up a new capability called Dark Labs and it's our way to be able to unlock some of those folks that think like bad guys and be able to unleash them to look at the world through a different lens, and be able to help provide clients insights into attack factors, new TTPs, and it's fascinating to watch those teams work. >> How does social media come into play here? Or is that a problem at all, or is that a consideration for you at all? >> Well, you know, when we look at a lot of attacks, what's kind of interesting with the space now is you look at nation-state and nation-state activists and they have sophisticated TTPs. In general they don't have to use them. Nation-states haven't even pulled out their quote "good stuff" yet because right now, for the most part they go with low-hanging fruit, low-hanging fruit being-- >> Just pushing the door open, right? >> Yeah, I mean, why try to crash through the wall when you can just, you know, the door's not locked? And so, you know, when you talk about things like social media whether it's phishing, whether it's malware injected in images, or on Facebook, or Twitter, you know, the majority of tacts are either driven through people, or driven through just unpatched systems. And so, you know, it's kind of cliche, but it really starts with policies, training of the people in your organization, but then also putting some more proactive monitoring in place to be able to kind of start to detect some of those more advanced signatures for some of the stuff that's happening in social media. >> It's like having the best security system in the world, but you left your front door unlocked. >> That's right, that's right. >> So I wonder if, Brad, I don't know how much you can say, but I wonder if you could comment just generally, like you said, we haven't seen their best pitch yet, we had Robert Gates on, and when I was interviewing him he said, "You know, we have great offensive posture and security, but we have to be super careful how we use it because when it comes to critical infrastructure we have the most to lose." And when you think about the sort of aftermath of Stuxnet, when basically the Iranians said hey we can do this too, what's the general sort of philosophy inside the beltway around offense versus defense? >> You know, I think from, that's a great question. From an offensive cyber perspective I think where the industry is going is how do you take offensive tradecraft and apply it to defensive? And so by that I mean, think about we take folks that have experience thinking like a bad guy, but unleash them in a security operation center to do things like advanced hunting, and so what they'll do is take large sets of data and start doing hypothesis driven analytics where they'll be able to kind of think like a bad guy and then they'll have developers or techies next to them building different types of analytics to try to take their mind and put it into an analytic that you can run over a set of data to see, hey, is there an actor on your network performing like that? And so I think we see in the space now a lot of focus around hunting and red teaming, and I think that's kind of the industry's way of trying to take some of that offensive mentality, but then apply it on the defensive side. >> Dave: It just acts like kind of Navy Seal operations in security. >> Right, right, yeah. I mean the challenge is there's a finite set of people in the world that really, truly have that level of tradecraft so the question is, how do you actually deliver that at any level of scale that can make a difference across this broader industry. >> So it's the quantity of those skill sets, and they always say that the amazing thing, again I come back to Stuxnet, was that the code was perfect. >> Brad: Yeah. >> The antivirus guy said, "We've never seen anything like that where the code is just perfect." And you're saying it's just a quantity of skills that enables that, that's how you know it's nation-state, obviously, something like that. >> Yeah, I mean the level of expertise, the skill set, the time it take to be able to mature that tradecraft is many many years, and so I think that when we can crack the bubble of how we can take that expertise, deliver it in a defensive way to provide unique insights that, and do that at scale because just taking one of those folks into an organization doesn't help the whole, right? How can you actually kind of operationalize that to be able to deliver that treadecraft through things like analytics as a service, through manage, detection, and response, at scale so that one person can influence many many organizations at one time. >> And, just before we go, so cyber foresight is available today, it's something you're going to market with. >> Yeah, we just partnered with Splunk, it's available as a part of Splunk ES, it's an add-on, and it provides our analysts the ability to provide insights and be able to operationalize that within Splunk, we're super excited about it and it's been a great partnership with Splunk and their ES team. >> Dave: So you guys are going to market together on this one. >> We are partnered, we're going to market together, and delivering the best of our tradecraft and our intelligence analysts with their platform and product. >> Dave: Alright, good luck with it. >> Hey, thank you, thank you very much, guys. >> Good pair, that's for sure, yeah. Thank you, Brad, for being with us here, and Monday night, let's see how it goes, right? >> Yeah, I'm optimistic. >> Very good, alright. Coach Brad Medairy joining us with his rundown on what's happening at Booz Allen. Back with more here on theCube, you're watching live .conf 2017.