>> from Seattle WASHINGTON. It's the Q covering AWS Imagine brought to you by Amazon Web service is >> Hey, welcome back already, Jeffrey. Here with the cue, we're in downtown Seattle at the AWS. Imagine, Edie, you event. It's a small conference. It's a second year, but it'll crow like a weed like everything else does the of us. And it's all about Amazon and a degree. As for education, and that's everything from K through 12 community college, higher education, retraining vets coming out of the service. It's a really big area. And we're really excited to have fresh off his keynote presentations where he changed his title on me from what it was >> this morning tow. It was the senator duties >> David Raymond, the director of what was the Virginia Cyber Range and now is the U. S. Cyber range. Virginia Tech. David, Great to see you. >> Yeah, Thank you. Thanks. So the Virginia cyber age actually will continue to exist in its current form. Okay, Well, it'll still serve faculty and students in the in the Commonwealth of Virginia, funded by the state of Virginia. Now the U. S. Cyber Angel fund will provide service to folks outside over, >> so we jumped ahead. So? So it's back up. A step ladder is the Virginia, >> So the Virginia Cyber Range provides courseware and infrastructure so students could do hands on cyber security, educational activities in Virginia, high schools and colleges so funded by the state of Virginia and, um provides this service at no charge to the schools >> and even in high school, >> even in high school. Yes, so now that there are now cybersecurity courses in the Virginia Department of Education course catalogue as of two years ago, and I mean they've grown like wildfire, >> I'm just so a ton of talk here about skills gap. And there's tremendous skills gap. Even the machine's gonna take everybody's job. There's a whole lot of jobs are filled, but what's interesting? I mean, it's the high school angle is really weird. I mean, how do you Most high school kids haven't even kind of clued in tow, privacy and security, opting in and opting out. It's gotta be a really interesting conversation when now you bring security into that a potential career into that and directly reflects on all those things that you do on your phone. >> Well, I would argue that that's exactly the problem. Students are not exposed to cyber security, you know. They don't want the curia potentials are they really don't understand what it is we talked about. We talked about teenagers being digital natives. Really? They know how to use smartphones. They know how to use computers, but they don't understand how they work. And they don't understand the security aspects that go along with using all this technology. And I would argue that by the time a student gets into college they have a plan, right? So I have a student in college. He's he's gonna be a doctor. He knows what a doctor is. He heard of that his whole life. And in high school, he was able to get certified as a nursing assistant. We need cyber security in that same realm, right? If we start students in high school and we and we expose them to cybersecurity courses, they're all elective courses. Some of the students will latch onto it, and I'll say, Hey, this is what I want to be when I grew up. And in Virginia, we have we have this dearth of cyber security expertise and this is true across the country. In Virginia, right now, we have over 30,000 cyber security jobs that are unfilled. That's about 1/3 of the cyber security jobs in this state. And I mean, that's a serious problem, not only in Virginia but nationwide. And one of the ways to fix that is to get high school students exposed to cybersecurity classes, give them some real hands on opportunities. So they're really doing it, not just learning the words and passing the test, and I mean really again in Virginia, this is this is grown like wildfire and really thinks revolutionized cybersecurity education in the state. >> And what are some of the topics that say, a high school level, where you know you're kind of getting versed on the vocabulary and the terminology vs when they go into into college and start to take those types, of course, is >> yeah, so in Virginia, there's actually cybersecurity courses across the C T E career pathways. And so SETI is the career and technical education curricula. And so there are courses like cyber security and health care, where students learn about personal health data and how to secure that specific specific kinds of data, they learn about the regulations behind that data. There's healthcare in manufacturing, where students learn about industrial control systems and you know how those things need to be secured and how they're different from a laptop or a phone. And the way those air secured and what feeds into all of those courses is an introductory course. Cyber security fundamentals, where students learn some of the very basics they learn the terminology. They learn things like the C I. A. Triad right, confidentiality, integrity and availability of the three basic components of security that you try to maintain for any system. So they start out learning the basics. But still they're doing that hands on. So they're so they're in a network environment where they see that you know that later on in the course during Capstone exercises, they might see someone trying to attack a computer that they're that they're tasked to defend and a defender of what does that look like? What are the things that I'm going to do? That computer? You know, I might install anti virus. I might have a firewall on the computer. And how do I set that up and etcetera etcetera. So high school start with the basics. As as students progressed through their high school years, there are opportunities to take further more advanced classes in the high schools. And then when they get to college, some of those students are gonna have latched onto cyber security as a potential career field. Now, now we've got him right way, get him into the right into the right majors and into the right courses. And our hope is that that's gonna sort of kick start this pipeline of students in Virginia colleges, >> right? And then I wonder if you could >> talk a little bit about the support at the state level. And it's pretty interesting that you had him from the state level we heard earlier today about supported the state level. And it was Louisiana for for another big initiative. So you know that the fact that the governor and the Legislature are basically branding this at the state level, not the individual school district level, is a pretty strong statement of the prioritization that they're putting on this >> that has been critical to our success. If we didn't have state level support, significant state level support, there's no way we could be where we are. So the previous governor of Virginia, Terry McAuliffe, he latched on to cyber security education as one of his signature initiatives. In fact, he was the president of the State Governors Association, and in that role he cybersecurity was one of his condition. So so he felt strongly about educating K 12 education college students feeding that cybersecurity pipeline Onda Cyberangels one of one of a handful of different initiatives. So they were veterans scholarships, and there were some community college scholarships and other other initiatives. Some of those are still ongoing so far are not. But but Cyber Range has been very successful. Funded by the state provides a service at no cost to high schools and colleges on Dad's Been >> critically, I can't help. We're at our say earlier this year, and I'm just thinking of all the CEOs that I was sitting with over the course of a couple of days that are probably looking for your phone number right now. Make introduction. But I'm curious. Are are the company's security companies. I mean, Arcee is a huge show. Amazon just had their first ever security conference means a lot of money being invested in this space. Are they behind it? Have you have you looked for in a kind of private company participation to help? Because they desperately need these employees? >> Definitely. So we've just started down that road, Really? I mean, our state funding has kept us strong to this point in our state funding is gonna continue into the foreseeable future. But you're right. There are definitely opportunities to work with industry. Certainly a DBS has been a very strong partner of our since the very beginning. They really I mean, without without the help of some, some of their cloud architects and other technical folks way could not have built what we built in the eight of us. Cloud. We've also been talking to Palo Alto about using some of their virtual appliances in our network environments. So yeah, so we're definitely going down the road of industry partners and that will continue to grow, I'm sure >> So then fast forward today to the keynote and your your announcement that now you taking it beyond just Virginia. So now it's the U. S. Cyber range. Have that come apart? Come about. What does that mean? >> Yes, So we've been We've been sharing the story of the Virginia cyber range for the last couple of years, and I goto national conferences and talk about it. And, um, just to just sort of inform other states, other other school systems what Virginia's doing. How could you? How could you potentially match what we're doing and what The question that I keep getting is I don't want to reinvent the wheel. How can I buy what you have? And that's been sort of a constant drumbeat over the last couple of years. So we decided fairly early on that we might want to try to expand beyond Virginia, and it just sort of the conditions were right about six months ago. So we set a mark on the wall, he said. In Summer of 2019 we're gonna make this available to folks outside of Virginia. And so, so again, the Virginia Cyberangels still exist. Funded by the Commonwealth of Virginia, the U. S cyber range is still part of Virginia Tech. So within Virginia Tech, but we will have to we will have to essentially recoup our costs so we'll have to spend money on cloud infrastructure and We'll have to spend salary money on folks who support this effort. And so we'll recoup costs from folks that are outside of Virginia using our service. But, um, we think the costs are gonna be very competitive compared to similar efforts. And we're looking forward to some successes here. >> And do you think you're you're kind of breakthrough will be at the high school level, the You know, that underground level, you know, where do you kind of see the opportunities? You've got the whole thing covered with state support in Virginia. How does that get started in California? How's that get started here? Yeah, that's a Washington state. >> That's a great question. So really, when we started this, I thought we were building a thing for higher ed. That's my experience. I've been teaching cyber security and higher ed for several years, and I knew I knew what I would want if I was using it, and I do use it. So I teach classes at Virginia Tech Graduate program. So I I used the Virginia side in my class, and, um, what has happened is that the high schools have latched onto this as I mentioned, and Most of our users are high schools. In Virginia, we have 180. Virginia High School is using the Virgin Cyber. That's almost >> 188 1 >> 180. That's almost half the high schools in the state using the Virginia cyber age. So we think. And if you think about, you know, higher. Ed has been teaching cybersecurity classes that the faculty members who have been teaching them a lot of them have set up their own network infrastructure. They have it set up the way they want it, and it ties into their existing courseware, and you know they're going to use that, At least for now. What we provide is is something that makes it so that a high school or a community college doesn't have to figure out how to fund or figure out how to actually put this network architecture together. They just come to us. They have the flexibility of the flexibility to use, just are very basic plug and play network environments, or they have flexibility to, um, make modifications depending on how sophisticated they themselves are with with, you know, manipulating systems and many playing the network so so Our expectation is that the biggest growth is going to be in the high school market, >> right? That's great, because when you say cyber range God, finally, Donna me use it like a target range. It's like a place to go practice >> where the name comes from, right? >> Absolutely. If I finally like okay, I get it. So because it's not only the curriculum and the course where and everything else but it's actually an environment, it depends on the stage things and do things exactly >> So students could d'oh offensive, offensive and defensive cybersecurity activities. And so early on, when we were teaching students howto hack essentially in colleges, you know, there were people who were concerned about that on the military case we make for that is you can't teach somebody how to defend unless they understand how they're gonna be attacked. The same is true in this case. So all of our all of our course, where has lots of ethics and no other legal and other other discussions embedded throughout. So students understand the implications of what their actions would be if they do it somewhere else. And, um, right, these are all isolated network environments their places where students can get hands on in a place where they can essentially do whatever they want without causing trouble on the school network or on the Internet. And it's very much akin to a rifle range, >> right? Like you said, you can have different scenarios. And I would imagine there's probably gonna be competitions of you think. Fact. You know what's going on in the robotics world for lots of all these things, right? Like white hat, black hat hacker. Well, very, very exciting. David, Congratulations. And it sounds like you're well on your way. Thanks. Great. Alright, >> He's David. I'm Jeff. You're watching The Cube were at Washington State Convention Centre just across the street at a W s. Imagine. Thanks for watching. We'll see you next time. >> Thanks.

>> Live from Orlando, Florida, it's theCUBE covering Cisco Live 2018, brought to you by Cisco, NetApp and theCUBE's ecosystem partnership. (upbeat techno music) >> Welcome back, I'm Stu Miniman and this is theCUBE's exclusive coverage of Cisco Live 2018 in Orlando, Florida. Happy to welcome to the program, first time guest David Arnette, who's a technical marketing engineer with NetApp. He's living in the heart of the show, which of course is The Knock. Thanks so much for joining us. >> Thanks, Stu, it's good to be here. >> All right, so Dave, first before we get into it, give us a little bit about your background, where were you based and what your role is. >> Well, I'm based in Research Triangle Park, which is NetApp's East Coast headquarters, were basically right across from Cisco's East Coast headquarters. >> So we all know the RTP, those of us that work in tech. >> Right, so my role, I'm a technical marketing engineer on the FlexPod solutions team, so I build systems in the lab and then validate them, and then document them, and publish them for our customers to use to build similar systems for themselves. >> Okay, if we go with all the TLAs, or the TME from RTP or any in the NOC. (laughs) >> That's correct. >> All right, so you are not responsible for the network here, so we're not >> That's correct. >> gonna ask you why the network went down for a few minutes, (laughs) and people are troubleshooting everything with that. >> Thanks, I appreciate that. >> Why don't you explain NetApp and your role at The Knock. >> Well, NetApp is a big sponsor of this conference and one of the ways we do that is that we supply storage systems for the Network Operations Data Center. There's a lot of systems that have to run in addition to the actual network in order to make everything run, and those systems require data center resources, so we bring servers and storage to run all of the services necessary. >> Okay, and luckily I'm sure, everything's running really smoothly, there's never any challenges, and that's why it's just this great glass thing that we look at as we walk by. >> It just magically appears like that, right? >> All right, so give us a little bit of insight. You've done this at a few shows. What kind of things do you run in? What are the stresses and strains? And how does the architecture hold up? >> Well, we started Wednesday of last week putting The Knock together, and of course the room here was completely empty. There's nothing here, the rigging is laying all over the floor, and we end up with delays just because things are in the way. We can't put our equipment where it needs to be, then the power gets pulled in. We had the racks in place and then waited an hour or two for power to come in, and then another couple hours for the network drop to arrive before we could get connected to the outside world. So, it's always kind of a challenging, there's a lot of moving parts in order to get this thing off the ground. >> It reminds me so much of you talk about customer environments. All right, how does day zero go? Well, things like we interviewed one of your colleagues talking about FlexPod, FlexPod conversion, hyper-converged infrastructures help simplify that initial rollout, and then it should also help once you're up and running. So once you've got The Knock up and running, what's your team working on? Are there knobs you've gotta adjust? Are there outside stresses that need to concern you? >> Well, I'm happy to say that the storage and the data center infrastructure is one of the most reliable parts of The Knock, right? Once we get it up and running, it's more about monitoring and management than anything else. I'm personally monitoring to make sure that we're not running out of storage capacity, to make sure that everything is still online, and make sure that basically everything is running as smoothly as it can be. >> Okay, are you doing any analytics on this? Do you have hero numbers that come out after the show? >> We do, we participate in the session on Thursday, The Knock round table session, and so we're collecting all of the, all of the numbers, how much capacity we're actually using, kinda what the performance envelope of the system is and so on. >> It's interesting, when we talk about customers and their deployment one of the biggest challenges is "Okay, I'm gonna deploy this. "How long am I gonna have it, "and when am I gonna run out of storage? "When am I gonna need to grow?" It's kind of a unique beast when we're here at a show like this cause you've got some ideas, but what if something's really popular or stresses and strains? How do you plan for that, and has anything ever come up that you have to worry about? >> Well, we've never actually hit the wall yet. We try to be very careful. We've actually provisioned a considerable amount more capacity than we need, and the system that we've deployed is an all-flash FAS, so it's got performance to spare. So we really try and avoid any of those problems up front. We have seen in the past issues where the cameras and recording and such generated more data than we expected, but it was not more than we could handle. We had planned ahead and made sure we have plenty of extra capacity. >> Oh trust me, this is our ninth year doing theCUBE. In some of the early days we were scrambling. Luckily we actually work with a lot of storage companies, (laughs) so sometimes there's spare drives or things that we can grab because, yeah, it's more and more data, the devices get larger megapixels, higher resolution. It's challenging to deal with things like video. >> Yeah, it is pretty challenging and of course every time we do this, there are and more cameras, not just the data they produce, but the actual items that are producing it, so things really can grow very quickly. >> Yeah Dave, there any interest, are they playing with IoT here that brings data back? >> Not so much, I mean the video recording is more just for general monitoring and security purposes. There is, there's not a whole lot of deeper level analysis going on like on the video or anything like that. As far as the rest of the systems, everything is constantly being monitored, and for pretty much every system that we run, at the end of the week we'll kinda produce some metrics around what we saw and where the challenges were. >> Okay, you said at the end of the show there's a round table to talk about it. What are the users looking for? What kind of things do they learn going to a session like that? >> Well, they're really interested in how it's possible to bring such a huge scale network into existence, especially in such a short period of time, right? So we talk a lot about the deployment, and how the wireless access points get spread all over, and how all the applications come up and come online, and then take advantage of the networks that we put in place. They're really interested in the deployment details, because they're doing the same things in their own shops, and they're looking for guidance on how the experts do it. >> Yeah, it's interesting. I remember I read a book once, they're like you can't teach a kid to ride a bike at a conference, but there are some interesting lessons (laughs) that we learn going through some of these deployments. Any interesting points over your time working with The Knock? >> Well, we built this system to be really highly reliable. That's key for the operation of the show, right? We just can't take any chances that it goes down. We've had some incidents where the wrong circuit breaker gets switched, and so we're left with a failed over situation, but because the system was designed to withstand those kind of failures, it's really nothing but a thing. We flip the power back on and make sure the other half comes back alive, and we're back in action. >> All right, yeah, definitely I'm sure people's running around a little bit trying to fix those-- >> Oh yeah, as soon as lights go dark, man, there's chickens in the hen house. >> All right, and it's something we people can walk by, and is there tours of it? Is it a big plexiglass thing? (mumbles) >> Yeah, there's a, The Knock is actually all of our data center equipment is out on the floor for everybody to see. Rotalis supplied an enclosure and the cooling equipment, so we can run it right there in the middle of the floor and still keep it at proper data center temperatures. It's there all the time for everybody to come look at, but then there are tours daily, starting at noon I think, every hour on the hour. There's a tour related to more specific technologies like the wireless, and the routing and switching, and then of course the data center. >> And the stuff you're not using, you're doing Bitcoin mining on that now? >> That's correct. (laughs) No actually, we do run some, we do run some, oh, I can't even think of the name of the application now. It's one of, it's like not SETI, but something similar, folding at home or something like that to really just kind of drive the systems a little harder, and run them at an operational pace, more like what a customer would see. We actually, in terms of the entire infrastructure, we are way over-provisioned in terms of compute capacity and stuff. So we have some room to do that, and that's always an interesting number at the end to produce how many projects we closed in a folding at home scenario. >> Okay, so you've got half a week to set it up. How much time do they give you to tear the whole thing down? >> About 24 hours. (laughs) Yeah, it goes down really quickly, it's remarkable. >> Yeah, it is something. If you've ever, people, if you've been involved in these events, it takes such a long time to set things up, but they usually are designed to break it down and get out of town, on to the next thing. >> Yeah, all of the, all the equipment is in racks, pre-racked. It arrives in the rack and we just connect up the patch panels between the racks, and when the time comes to go, we just power everything off and pull the cables and roll it back into the crate. >> Do you do similar things at other events? >> We don't do similar things at other events. Cisco Live is actually the only show I know of that actually runs the operations as a centerpiece of the show. It's really a remarkable thing. >> It is, the network is obviously pretty critical here. >> Yeah, the attendees expect a world-class experience right? And so, our job is really to make sure that happens. >> All right, Dave, wanna give you the final word. Key takeaways you have coming to events like this? >> Well, it's really kind of an honor and a privilege, right? NetApp is really proud to be a part of what Cisco has going on here. We've got a lot of synergies with our FlexPod program, and so it's really great to be here and be a part of this show, and really specifically to work on The Knock team where I can say I had a hand in making it a success. >> Dave Arnette, really appreciate you joining, giving us some insight into some of the inner workings that help everything going on here at the show. >> Thanks very much. >> All right, we'll be back with lots more coverage here at Cisco Live Orlando 2018. I'm Stu Miniman, and thanks so much for watching theCUBE. (upbeat techno music)

>> Mine from Las Vegas. It's the cute covering knowledge sixteen brought to you by service. Now carry your host, Dave Alon and Jeff Rick. >> Welcome back to knowledge. Sixteen. Everybody, This is the Cube. Silicon Angles, flagship product. We go out to the events. We extract the signal from the noise Bart Murphy is. Here's the CTO of York Risk Services group. Mark. Good to see again. Good to see you. But thank you for having me. So what's been going on this week? Busy week. What you been doing this week has >> been busy. I've been doing a couple different things. One on the CIA decisions track, you know, collaborated on with those folks and getting some sessions in from service now and then on the partner side. You know, talking to customers, checking out and enjoying the the key notes on seeing what's new on the platform. Very exciting. >> Did you see Secretary Gates last night? We were, unfortunately, >> got pulled out for a call, So I >> think that's the >> one thing I did miss. You >> want to call me on that? One of things, he said, which I want to ask you about a former CEO. See XO now? Hey, said that consensus management don't bother now speaking to watch the CEO's as the CEO, yeah, it's a >> challenge. I think you know, there's there's one component that you have to devise, a strategy that you know a sound, and you have to have some resolve to help sell it. So I see that component of it. But the other is to sell that vision and get other people bought it. So, you know, I think there is a and consensus component from that, certainly from the executive team. And then you have to go sell it to your organization as well. And I think that truly doesn't come from just talking about the vision or the business case. It's from actually delivering the software and delivering the services and doing in an incremental basis that allows them to see and gain value from that, that that's what you build your credibility up on. And I think then that's what helps sell it. >> So you've gone through a few changes personally, your company. So take us through the care works acquisition. Sure, so >> careless family companies was required by your Chris Services Group S O. We're now part of a larger organization and national organization, Although care works itself had a few of the companies that had national footprint, a majority of them were primarily based in Ohio. So strategically great fit a great company. I moved into the corporate CTO roll about Oh, a year, year and a half after the acquisition, and I've been really trying to build out the entire enterprise strategy from a night perspective because they just they had procured a lot of acquired a lot of companies over a two to three year time span. And so we need to really invest a lot of time on what the future state of it is going to look like. >> So it's interesting gone from CEO to CTO. People talk coming to Cuba to talk about the role of the CIA. He'LL talk about all the time, and there'd been someone put forth the notion that the CEO eventually is going to have to choose a path, technical path or business path. You know, maybe both at different times. Do you subscribe to that, or do you see the CEO role is continuing on a CZ? We've known it. Yeah, >> we don't have a separate CIA and CTO I oversee the including operations. To me from a title perspective, I just want to have the organization view that that role is part of innovation. We have a chief innovation officer as well, but from a technology perspective, I think it's very difficult to run operations if you don't have a good grass for the technology in the platform. So regardless of the roller or title that they gave me, I think it's more about what are you managing on? And I don't want to ever be broken up between sort of SETI role that may be more focused on newer technology projects and then a CIA on Lee based on building our run methods. I want to make sure that those organizations are always combined because you're going to build much better software if you also have to support it. We also want to make sure that the automation is in place so that we have our support organization in mind when we actually deploy new platforms, new applications, new systems. >> So you see yourself as a software company. >> You know we do. We're in the wrist services business, so we are, ah, services provider, two carriers to large self insured Teo Large Claims organization. So we see ourselves. A lot of what we do is differentiated by our technology. Whether that's, you know, better business process, outsourcing functions or ability to do Bill review faster, more accurately. So our CEO definitely sees us as a technology company, and that's why there's a lot of investment in time being put into sort of build out what that future state of it is going to look like. >> What what do you do with service now? These days? How did the acquisition affect that and where you had it? >> Well, so we just went live with Yorker Services Group on service now is Platform on Geneva, and that's actually a separate production instance that we have with care work. So we deployed the care works instance in early two thousand eleven, late two thousand ten in that time frame, and there were, you know, there's a ton of customization a lot, you know, very solid platform for that family of companies with the York. There's a much larger scope that we wanted to address so very lucky again to be in that situation because I had an opportunity to start a redo and any time that you worked on a platform and you do it for a few years and then you get a chance to actually build again. So we really took more of an enterprise. I till out of the box type of approach s O that it could be flexible enough to manage across the entire enterprise, including all the acquired companies that we plan to pull onto the platform. And then that gives us time to figure out what was really the best out of our other platform that we want to, you know, retrofit back in. But the main reason I did that is to make sure that we could get some benefit out of the platform now and work and migrate into the business. Shared services functions within York that I think we're going to benefit very, very much from the new platform. >> So you've got a mulligan of sorts a little bit. >> Yeah, I got lucky on that on a little bit of the mulligan. And, you know, again, it's all about trying to make sure that we can come in and we just went live. You know, we're gonna have our challenges, like with any organizational change management solution, even just on the same side. But the cadence in which we're putting out releases to actually improve and bring on other shared services functions, I think, is where we will gain the majority of buying. >> So this notion here talked about a lot of this conference. The single cmd b yeah, is that something that you're able to achieve or working toward? Are you there? And absolutely, it's the goal. >> I mean, I don't know if you ever achieve it. I think it does take a lot of time. So the goal is to have everything in one platform for all of our companies across the board and to help facilitate automation, whether it's with GRC with the new security product that's coming out, which is, you know, something we're looking to get deployed in. Q three Q. Three Q For hopefully sooner rather than later. I just see there's a bunch of play on the automation orchestration side as it relates to tying in and tying an audit. Tien and Security on then also looking at business shared services and you know that's a whole different world of figuring out how can we help them? And we have ah operations service and are actually part of our next release. So I'll be very interested to see. You know, they do a lot of things manually like everybody does. He'LL be very keen to see how they see the platform and what they're going to come up with us, a strategy long term for them. >> So are you mentioned a couple times that York's made a number of acquisitions your company included, and don't give twenty four looking statements? Obviously, they're going to keep rolling up more things. But if you could speak to using service now as a vehicle to better integrate acquisitions, yeah, because for a lot of companies, that's a strategy. >> Yes, so and I actually have a strategy around that leveraging the platform is one of the main reasons that want to get it in now so that it could eventually build that. My whole goal there is the Leverage Performance Analytics on the way that I envisioned. Using that is, in many of the companies that we acquire, they will operate still, stand alone from a night perspective for some period of time. You know, whether that's six months, three months, two years until we can fully integrate him, whether it's network, you know, systems consolidation you name it. It takes a long time. It's not something that we have solved. So part of it is to be able to do modeling using Performance Analytics by pulling in the data so I can get them now onto this cloud platform because they don't need to be on network. I can have them operating their work within that platform for a period of a baseline period of time. And I could start to model that using Performance Analytics to say, How would that impact our enterprise? That's allies. Does it help our enterprise? That's always. Does it degrade our enterprise? That's the lace. Are they staffed appropriately to actually meet our enterprise? That's the lace and what our enterprises slaves. Once we start collecting all this data based on how we're staffed and how we're going to, you know, fund that transaction. So, >> Bart, if I understood it correctly, you have the dual role CEO slash CTO. Okay, is that there's the CSO report into you are he does. I saw Also he >> does. And so and that's ah, new rule that we established about a little less than a year ago. There was ah VP of corporate security. But we didn't have a chief information security officer s. So I we're not got a very season, see so and working not only as an internal what we do internally. Also within our tech company as well. We started cybersecurity practice. So everything we do, we try to make sure that we can actually support our technology investments from an enterprise perspective and be able to self serve ourselves as an enterprise. So very excited about that. That's why we're getting to the security components and some other products that we think will integrate extremely well into service. Now >> let's talk about that a little bit. I want to put forth the premise. You tell me, feel free to tell me the premise doesn't hold water. But it seems to us that there's been a shift in thinking about security from we'LL focus on you know, defense, defense, defense to one of you know we're going to get infiltrated. It's all about how we respond and I as the sea xo Whatever. See so CEO Seo, I can help lead that response. It's mechanism, but it's a team sport. Is that a valid premise? >> I think it's valid. I think you know, I think it's a little it is driving some change v f ear. But, you know, I think that, you know, is certainly from an external perspective can protect yourself pretty well. You know, a lot of the breaches were actually curve, and some of the cases were internal or through third party partners. So I think there's been a lot of additional due diligence being put on organization, especially as a service organization. We work with a lot of large insurance carriers as an example. So we are getting hit with a lot more requests and a lot more sort of assessments on what our controls are in that space. So we need to be mature, and that's based no matter what, since again, we're providing services to clients in this space, and we're collecting a good amount of claim data and bill data and medical data. So I'm not as going out staying okay, just when it's gonna happen and how we handle breach. If that's the case, I'm trying to figure out what are the ways that we can proactively manage our environment and be able to respond in a much faster fashion to isolate an issue as quickly as possible, which is why I'm really excited about the automation and security component within service now because properly integrated with similar tools that we have. There's a lot that the system conduce that a human can't get too fast enough that will actually shut down to manage that risk extremely well. >> Do you believe that the board level? There's sort of open and transparent communication that that it's not about If Wade get infiltrated, its we have been infiltrated and we will continue to be infiltrated. That discussion occur. >> I think, yeah, the board level. They're certainly more aware, and not just from their participation in our board for the companies that they run themselves, because many of these folks come from companies that their run themselves. So I think there's certainly an awareness I think they're demanding and wanting to have more concrete plans on what your corporate security strategy is going to be. So we've produced a three year plan on what that is and presented that our committee and are starting to communicate that all the way up, you know, through our CEO. So I think there's more awareness I I think that for whatever reason, people think that it hasn't been working on this for some time, but they have S o. You know, there's a lot of good things that we've already done and already put in place that people just need to be made aware of it and get up to speed if you will. And then there's. Here's what we're doing to invest in trying to stop future things or to be more proactive or tow, have better control. Is better auto practices this type of >> what's the right regime for a cyber security? In other words, who should be responsible for should be a single tech group? We Should it be a wider group. What responsibility? >> And no, it's it's it's It's by committee. So our committee included, you know, our general counsel, our CEO, our chief human resource officer, our CEO. So it it's a joint effort. Certainly there's a large component of it because many of it is about your defenses in your ability to manage and maintain and keep your data secure. But security is a company wide initiative. You know everything from training all the way down the associate level to not, you know, click on bad email links, right that no matter what you do and what type of in a virus you have and you're still going to get some of those fishing emails and some of those ransomware emails in those type of components. So there's a whole education put component that goes all the way down to the associate level. If that's not understood by the management over those groups, then you know how is it going to actually be distilled down and supported? So it's a complete company effort when it comes to corporate security. >> And how about >> the business lines? Because our research shows that a lot of organizations don't you don't even have the specifically answer for your organization. Just in your experience is the CEO and the CEO. If it seems as though a lot of businesses don't understand the value of their data or the value of their I p, and as a result, don't really know how to protect it, is that something that is challenging for organism >> Asians? I think it is least when I've talked to other clients potentially, I think less today than it was even five years ago. We certainly know the value of our data. I mean, there's been too many breaches in the large breaches in the past three years to not be aware. I have had that question asked ofyou on, even for a business perspective, understand the exposure. So you know they what is that? Hundred fifty hundred twenty five dollars per claim? Potentially on the data side. So people even put metrics around. It's you, Khun. Quickly go through and established what you think your overall exposure is from a dollar perspective and that starts toe. You know, open eyes when you have millions of claims, are even more millions of bills. >> And that's your business. So you would think you have a better understanding everything most. But so for those who don't how should they go about achieving that knowledge? That awareness, >> They should find someone that, you know, maybe some type of trusted advisor. You know, whether they need to hire a consulting company whether they need to go and just converse with another AA group like a CEO group and ask Hey, have you guys done this before? There's a ton of collaboration at that level where people are asking, Hey, how did you guys come up with your security road map on What did that >> look like? Because Because the value then drives your investment decisions, right, because that's the other thing is kind of like insurance. When is enough enough, You could always been Mohr, but at some point you're gonna have diminishing returns relative to the value. But you've gotta have a basis to set a budget. So I would imagine the value of the data, the value of the risk, whether its >> value brand right, so outside of the hard costs of potentially, you know, getting credit rating or those type of components. You know, there's there's the brand discussion, and I think that's somewhat invaluable. So, you know, budgets are just over. Go spend what you want, but there's certainly a lot of awareness that money needs to be spent that area. It needs to be spent wisely, but there hasn't been an issue as to either one. We're coming up with wild budgets for security but explaining what we're doing and why, and how cost effectively we're doing. It has been very well >> in thinking about how you communicate to the board Yeah, about cyber security. What would be the top two or three things that you would recommend that a C XO should have on his or her checklist? >> One is, you know, understanding all your end point, so understanding everything that's in your network. And it's an easy to say, but it's a very hard thing to do, especially when you have external facing applications. And you have a lot of different networks, so understanding your scope of devices and understand. You know, that way you could understand, to start to collect and fill up that C M G B and understand. Okay, if I have a patch that wasn't applied, how many devices were impacted? You know, how quickly can I get those remediated s so that you know, I think understanding the technical scope of your organization is important because it's very difficult to understand your risks, you know, rating if you will. If you don't understand the tools you have in place and where your potential holes maybe, ah, and then understanding you know your core data. So you know what is in your data that would potentially create a potential risk, even a financial risk? Certainly we go through all the insurance process, right? And even insurance now for cyber liability insurance. You know, the forms for five years ago were much different than the forms that are being filled out today. Much different. A lot more detail, a lot more drill down. So even just going through that process alone drives you to actually go and collect all this information that I'm talking about today, you know, so understanding your internal environment in understanding you know, those endpoints understanding the scope of your data management. And then I think it's around developing a sound strategy that is not just short term but short term and long term, with investments not just in tools, but also processes training those components. >> Did you look a tte security and responding to security is part of, ah, business continuity, as opposed to sort of a bespoke initiative. It is, There's business >> continuity and d are both have components of security, but it is truly what a way to ensure that you're you stay in business, right, and and And if people don't view it that way, then there's a lot of organizations that have been either crippled, not necessary put out of business but impacted extremely large. You know, financial impact with unmanaged breaches that actually went on way too long, right? And they weren't able to detect it, you know? So I think that there's a component there where you have to really think about what's the scope of the work, what the scope of the risk and how much do we need to invest? >> And you see service now. And I'm spending so much time in security this week because I'm excited about what I saw on Monday at the financial analyst meeting and who, talking to folks about this very important topic, you see, service now is playing a role in solving this problem. >> I do because we're a big user of GRC. So we already went down the audit route with service now years ago s Oh, this is just another extension I see of not just audit controls but being more proactive on the security side. And so, since all of our information is in this platform anyhow, we have a ton of opportunity toe automate and manage a lot of the things that again could have potentially gone unnoticed for a period of time simply because a manpower or logs if you ever had a review logs from some of these devices. I mean, trying to find the needle in the haystack is very difficult. So tools are extremely important in this space. Humans cannot meet this challenge alone at all. >> You just make a tad cloud. You wish, right? Awesome. Bart, this is I'LL give you the last word so that your impressions on knowledge sixteen. >> I'm excited, You know, the way it's grown again The way that they're really being purposeful about how they're building out their platform and truly trying to solve the enterprise problems to me is just it shows a very strategic, well thought out plan by service now. And as customers, you know and partners, you know, that's that's what you want to see from a company. So for me, I'm just very pleased where the platforms going. It's exciting how much they've grown. But the way that they've been able to invest in the right things, I feel and truly integrate things into the platform, even acquisitions that they had on and truly make it part of the platform versus and add on, I think, is really differentiating them from a lot of products that have grown in a similar matter but become unwieldy to manage because they're just pieced together. So I'm very, very excited, >> Fantastic. The cube securing knowledge for our audience that Bart, you have full of a lot of knowledge and really appreciate you coming on the Cuban and sharing. >> Yeah, appreciate it. Nice seeing you guys. >> All right, Keep it right there, everybody. We'LL be back with our next guests right after this. We're live knowledge. Sixteen from the Mandalay Bay Hotel in Las Vegas, right back. >> Every once in a while.