(upbeat music) >> Welcome back to Boston. The CUBE's coverage of AWS Re-inforce 2022. This is our second live Re-inforce. We did two in the middle that were all digital. Aaron Brown is here as US AWS cyber leader for Deloitte and Ryan Orsi the cloud foundation leader for partners for Amazon Web Services. Jen, welcome to The CUBE. >> Thanks for having us. >> Thanks. >> Nice to see you. Tell us about the story of Deloitte in cyber and then we'll get it to Deloitte cyber on AWS, or maybe even start there. >> Yeah, sure. I mean, obviously Deloitte, one of the largest cyber consultancies in the world, we've been working with AWS for a very long time. 2013, I was involved with, you know, the first Alliance agreement with them. And then we've been in cloud managed services about five years delivering workloads for clients. We have over 200 clients on that platform and then about a year and a half ago or so, the MSSP program came and it made a ton of sense to us, right? To really level the playing field and gave us a chance to really come out and demonstrate, you know, our capability around MSSP. >> The MSSP program, I saw a slide yesterday in keynote and in the analyst program was, you know, there's technology partners, there's MSSP partners. Explain the MSSP partner. >> Sure, sure. So at the Database Partner Network, we break it down. The program is called the level one MSSP Competency Program. And it is for both those companies that are sort of more of a software company with a managed service and those that are more of a pure service company, it's for both, but it's the general concept, it hosts the community of partners like Deloitte with a concentrated talent pool around 24 by 7 monitoring and response of AWS security events. >> So what is Deloitte? Deloitte's not a pure software play. It's not a pure services play anymore. It's sort of a mixture. >> Yeah, you know, asset enabled services, right? It's the way that we look at it. So, yeah, we're definitely not trying to compete with software companies out there, but we do have assets, right? So we do everything as infrastructure as code and that allows us to deploy our solutions into client environments really quickly. So where you might spend months on third party tool integrations, we leverage all native AWS tools in our standard offering and we can deploy into a client and get those services up and running in a couple of weeks. >> So you sell your software as an integrated service, is that correct? You don't- >> It's service, it's really is service. We sell a metered service. >> You don't sell your software separately? >> No. >> I should say it differently. You include your software as part of the service, is that right? >> Yeah, it is. But actually there's another element. There are obviously some clients who don't want to be in a managed service in perpetuity. And so those same assets that I talked about that we use for MSSP, you know, for the right clients, we don't just give away everything to anybody but for the right clients, for the right engagement, we will work with clients to help them build the capability that they need to run it themselves. And our solution is built in a way where they can do that. Right? We have a base component and a variable component to the solution and we will impart those assets to a client, you know, if the situation is right. >> Okay. So you'll actually transfer the software, but would you charge for that? >> Yeah, certainly, but there's obviously a big service component that goes into it. Right? >> And that's really where your expertise is. >> Yeah, we don't have like a standard, you know, list price but we'll work with clients to basically help them build out that capability because frankly the the market moves so fast that you need a constant capability and engine to update that solution. It's not something that, you know, you're going to sell and someone's just going to use that out of the box for the next five years. >> But a lot of the value that seems that Deloitte brings is you don't run from customization. You welcome that. You, you know, if a client says, hey, I need this special and that special, or whatever it is you'll go attack. You have the staff, the talent to attack that problem. And you use software in areas where you can have repeatability and it helps you scale and be more productive. Is that a fair way to think about it? >> Yeah, that's right. I mean, I guess one of the phrases that we use is we like big hairy problems, right? That's sort of our sweet spot. The, you know, the very simple, hey, I need a couple of guys to do a couple of things, typically, we're not the right firm for that. So, yes, we use the assets cause we realize like, hey, you know, out of everything that needs to be done, there's a significant portion of this that everybody needs more or less the same way. And then we build that, we build the automation to get it in and then we have that variable component working with clients to say, hey, let's make this work in your environment. We use a combination of AWS Native services, but then, you know, some clients have investments in third party tools and we can work with that. >> So it's a perfect match for AWS cause you guys are all about providing tools for builders and here's some primitives, some APIs and Go, we don't want that highly customized snowflake for every single client. >> Exactly. I mean, that's what I feel like the partnership with Deloitte is really bringing to the table for everybody and our mutual customers and builders out there that we both work with is again, they don't run from complexity or customization that security can be complex. It can be hard, Deloitte's helping making it much easier. The AWS partner network is helping kind of bring the ecosystem together and of software service, architectures that AWS recommend for like a security best practice around what to monitor, how to respond, what kind of enriched data should be added to that security finding and kind of pushing that out through our partnerships with it such as Deloitte. >> One of the things that, I mean, certainly big takeaway from this event, the security tracks that reinvent, previous Re-inforce events is AWS imparting, educating its customers on best practice and how tos and things that they should be thinking about, you know, do this, don't do that. In 2019, it was a lot about, hey guys, there's this shared responsibility model and kind of explaining that, we're way, way beyond that now, should we think about Deloitte sort of as an extension of that best practice AWS expertise that can be applied at your clients? I'll go to Deloitte because I don't have the talent to deal with that. I mean, I got talented people, but I just don't have enough of them. >> Exactly. Yeah. Yeah. And that's really, you know, our offerings tend to be comprehensive across all the domains. And like I said, the full life cycle of security operations all the way from, you know, identify the issue to resolve it and recover from it. And, you know, when we look at the shared responsibility model, you know, we like to say, hey, we will take you really far up that stack, that customer responsibility area, you know, for our service, we cover a significant portion of that landscape on our client's behalf cause, you know, what do they care about? Deploying workloads, getting the application running, right? Security is just another one of those important, necessary things, but it just sort of standing between you and the business value of your workload. >> And your ideal target customer would be a large medium up to a large enterprise or is all exclusively large or? >> Definitely not exclusively large. You know, the fact that we have all the automation that we do, we have a significant portion of our security operations folks are offshore allows us to be really competitive. And so we're able to serve clients that maybe, you know, in years past wouldn't have been what you'd think of as traditional. So like clients leveraging the marketplace, you know, we're able to serve that market segment. >> So billion dollar up kind of revenue? Odes that sound about right? >> Yeah. Even south of that a bit. >> Okay. So maybe half a billion or 500 million up. >> Yeah. >> Okay. So thinking about that ideal sort of profile, if you don't know, you don't know, I'm going to ask you to guess. >> Yeah. >> What percent of those target companies, enterprises, have a SOC? Is it 100%, 50%, you know, or are you- >> 75, 75% most so. >> Okay. So let's say 3/4. >> Yeah. >> So you compliment the SOC, right? You're not the SOC, but you may be in some cases? >> Depending, now we're talking about it's a function of what their IT enterprise landscape looks like. If they're 100% AWS, yeah. If you're born in the cloud startup and, you know, you don't do anything else and we have, you know, we have a few of those. Right. And they want to give us everything. They're like, you know, our security guys just going to kind of understand what you guys are doing and feel good about it. Yeah. We do that. But for the most, there is an existing SOC. Right. And so what we do is we leverage, you know, an ITSM software to e-bond with our clients service management functions so that when we're generating tickets, they have full visibility to what's going on. We're still resolving things on their behalf, we need to communicate with some clients, right? Cause a lot of security issues that need to get resolved require engagement with the asset owner. So we're not just a black box. So we do have to talk to folks on the ground at the client to resolve issues. >> And that's actually one thing that really impressed me to getting to know Aaron and his team more and more throughout this journey together in the partnership is they're not throwing alerts over the fence to the customers SOC team saying, well, here's some recommended remediation steps, they're actually rolling up their sleeves and doing some remediation themselves and informing the customer. This was taken care of for you. I think that's really unique. >> Yeah. In addition to, you know, our solution obviously has a bunch of auto-remediations, you know, that we do as part of the solution. >> So what's the engagement like? What's the conversation like when people come to you? Say I have a problem, it's blank, right? What are the typical blank- >> You know, a lot of it has been organizations where there's either a business unit that has kind of maybe off run and doing their own thing. And, you know, it's only sort of come to light with the compliance and security organization inside the client that like, hey, these guys maybe need some help. And boy, we're really strapped. We don't have the people cause talent's so tight to go help these guys and make them get it right. We're going to go ahead and keep them kind of off to the side. And you know, we'll do this managed service to help get that addressed. And then another typical scenario is when companies are acquired. So, you know, organization buys a company and they've got a preexisting. Again, they look under the covers and they're like, oh, these guys really need some help because of the way that we deploy everything as infrastructure as code really very quickly, it's a great way to just kind of get it sorted. It's a metered service. So it's not some massive investment that they have to make. We could just get it sorted out until maybe they get a chance to process and actually onboard that new entity into their enterprise structure. So as part of the MSSP program within AWS, you got to be really good at understanding how to utilize the AWS portfolio of cyber security services natively. So you do that, does that check the box on everything you need or do clients typically say, no, no, you got to integrate with all this other mess that I have there. Can you sweep that mess aside and say, hey, I can do this all in the cloud or what's that dynamic like? >> The answer is, yes, both. Right? So, you know, typically clients will have significant investments in existing third party tools and then either politically because of the investment or from a practical standpoint it makes sense to integrate those. Now that does slow down, you know, the deployment and the customization a bit, but, you know, and a lot of times that makes sense for the client. >> Well, it gets hairy. Like you said, you love these kind of hairy problems, right? >> Yeah, that's right. >> You run towards that. >> That's right. We run towards fire >> And, Ryan, your focus on partners is all partners or is it really the MSSPs or? >> All partners, all kinds of partners in the security space, right? >> Right, right. Yeah. Of course. >> Software companies, professional services, managed services. And we're focused on trying to make the security easier for both of our mutual customers here. Right? So that what you mentioned about best practices and, you know, how do you tell what best practices are per AWS service or third party software that's operating in an AWS environment? That's part of what our team does is we create these partner programs. There's a very detailed, very prescriptive technical checklist that out internal security experts are going through with Deloitte folks, for example, as a part of their membership and the level one MSSP program to make sure that, right? Those best practices which could be fresh off the AWS documentation truck are built into their services. And the reason those best practices exist is for a for a good reason. They're built, tried and tested, you know, in our own environments before they reach the documentation website. But all of that is incorporated into that whole kind of validated checklist that we do together. So it's a great way to make sure that operations from partners like Deloitte, software delivered, customization delivered, aligns with what we're able to see from just our Amazon culture of being so customer obsessed and really listening to all of those very specific challenges they might have that the customer will have at different points in their cloud journey. Those challenges are baked directly into key technical requirement criteria that Deloitte's teamed up with us to go achieve. >> What are you seeing at the macro, Aaron? When we talked to practitioners where we'll survey, we have a survey partner called ETR and they'll do spending surveys coming into the year of CIOs and IT buyers, we're expecting 8%, eight to 8 1/2% budget growth, post Ukraine, inflation, Fed tightening, you know, the tech lash, all that. It's dialed down a bit, it's still pretty robust it's 6% and security still remains the number one priority. And we've seen a little bit of momentum deceleration even in security spend across the board, but not anything, you know, tragic. Are you seeing the same or are you seeing security budgets kind of where they were expected to be at the beginning of the year? >> Yeah, you know, I haven't seen it decline. I mean, I think the fact of the matter is for all the things that we talked about before, right? Basically the skill shortages and just the coordination with other cloud programs, there's a tremendous backlog of stuff that needs to be done. And, you know, enterprises have more appreciation now for the need for all, you know, all the various, you know, ransomware things that have happened and others that, hey, they need to get a handle on the security and their environment. And so I think a lot of what's been going on in the last year, the reason it hasn't been faster, hasn't been for a lack of appetite. It's just been a lack of skills and process to do it. >> Has the business case changed? And the variables maybe the same, but it used to be, hey, if you don't do this, you're exposed. Okay. Here's the fear of getting, you know, infiltrated and then it's going to became if you want to quantify it, it's like, okay, what's the expected loss with, and without, you know, the kind of think of insurance terms. Is the business case shifting with digital toward this is a fundamental component of monetization in order to be able to monetize, you have to ensure this level security. Are we there yet? >> Yeah, I think so. I don't think anyone's arguing whether it's, you know, needed or not. Right. So now it's a question of, hey, and I think CJ Moses had a good slide in the opening yesterday where he was saying, you know, was it, make the secure path, the path of least resistance. Right? And so that's a big part of, you know, how we deliver our solution. We really want to make it easy for the enterprise to absorb the security services that we have. Right? And that's really critical. I think that's where the focus is, is make it easier to do security because the value comes right along with it. >> All right. I'll give you each the final word, Ryan, you go first then Aaron kind of put a bumper sticker on Re-inforce 2022. >> It's not slowing down. It's only picking up in terms of innovation, software tools, operational processes, and some of the unique ways that all these tools are tied together. Third party, Native AWS, consulting, the way these services come together, it's only accelerating. It's been pretty exciting to see some of the innovation here this time at this Re-inforce. >> Right, Aaron, what do you say? >> Yeah, I would agree. I mean, just the breadth of capabilities, the new announcements by AWS of the capabilities in their solution stack. I mean, for me, you know, I just kind of wonder like when does it narrow or when does it settle down and I know that that's not now. >> Keep waiting. >> Yeah. >> But, yeah, I think, you know, we will continue to see you know, just rapid acceleration and new features and services that... >> I often say the next decade at cloud ain't going to to be like the last. So gentlemen, thanks for coming on The CUBE. It's great to see you. >> Thanks for having us. Thank you everything. >> All right, thank you for watching. Keep it right there. This is Dave Vellante for The CUBE. We'll be back right after this short break from Boston AWS Re-inforce 2022. (soft music)