>> Hey, welcome back everybody. Jeff Frick here with the CUBE. We're in Palo Alto, California at the Chertoff's event, "Security in the Boardroom." And again, this is an event about elevating the security conversation beyond speeds and feeds and in-points and IOT and ever-increasing attack surfaces, and really, how do we elevate it into the boardroom discussion, because that's where it needs to be before they wake up on Monday morning and see their company's name in the newspaper, which is when you don't want to have your first conversation. So we're excited to have our next guest. He's Joe Gottlieb, the Senior Vice President of Corporate Development for Sailpoint. Joe, welcome. >> Thank you, good to be here, Jeff. >> Absolutely, so for people who aren't familiar with Sailpoint, why don't you give us a quick overview. >> Sure, so Sailpoint helps large enterprises control who has access to what. So at the end of the day, all the access that you need to do your job should fall into what your role is in the company, and what projects you're working on, and for many companies, that's not what is proactively being delivered. You're accumulating a set of things based upon who you ask, who you know, and a lot of inadvertent accumulation of things that you might need or you might not need. So we help companies put that under lock and key and under control, make sure that there's a process for who should approve your access. How can we empower you quickly when you start your job? How can we transfer you to a new role if you move jobs? And most importantly, oftentimes, how do we take away things very systematically when you leave the company? So that's what we do in a nutshell. >> So I would imagine, before you get there, it's a hodgepodge of spreadsheets and Google Docs and all types of assorted random things. >> You bet, for the average large company, this is a manual effort, and it is just not systematic, which it has to be. What you have when you don't have a systematic effort here that's filtered by business approvals and work flow processes is a cumulated surface area that need not be available to the attacker. We want to narrow that surface area by narrowing your access to only that's what's needed and keep it pruned as you evolve with your role in the company. >> It seems like there's so much low-hanging fruit, about just doing what you should be doing, just doing it and so many people don't apply patches, they don't systematically take people out of things when they leave the company. All these things that seem relatively simple on the surface from the outside, but in fact, in a large organization, are not simple by any stretch of the imagination. >> It's so true. In security in particular, it's a really hard job but consistency and patience and methodic progress is really, really key. I liken it to the quality movement that we experienced in manufacturing over two decades ago. We started measuring, we started being consistent, we started thinking about what is the root cause of this or that and how can we continually make ourselves a bit better every time period. And so that's what some of the basics are all about, and governance is a big part of that. >> Okay, so you just got off a panel. And the event here is really focused about the boardroom conversation, so let's just jump into that. You made an interesting conversation from the board about a portfolio approach, which is only natural since you're a corp dev guy, thinking of portfolio strategies. So how should they think about the portfolio? I haven't heard anyone discuss their tools in a portfolio strategy method. >> So, let's zoom out on the context here. Boards are trying to provide governance. They need wisdom to provide governance. If they don't understand security at all, how can they be wise about it? So there's definitely a really, really strong push to get the board being more proactive about demanding the right levels of security and being shown the data that they can have for how security is being applied. I look at security portfolio management as a great way to step out of the Fudd domain, where we have vendors selling us technologies that we don't understand and most of the people talking to us don't even understand, and into a domain where there is less of a bet on prevention, which we know isn't going to happen, and more of a bet on monitoring a response, governance, which is just going back to the source and making sure people have the right access, and education, helping end users understand what that phishing attack would look like, actually going through testing and really accumulating awareness of what to avoid. Because we know that's the easiest way to get started. Every attack starts with a phishing attack that compromises an end-user point in-station, and then moves laterally to the good stuff. That portfolio view allows the board to start understanding how we're not making a bunch of hopeful bets on prevention that is elusive, and we're actually making some balanced bets around the pieces of the puzzle that we know can give us immediate returns and we can measure against the returns. >> Now what about the scale of the bets? We've talked about this with a few of the other guests that came on, 'cause again I liken it to insurance. You'd add some, you could be probably over-insured. There's not infinite resources, so there's always a ying and yang on how much do we invest and then what came up in the kickoff this morning and then how do we measure success? Because obviously success would be no problems, but you probably need a much softer way to measure success. >> Very true. So this came up earlier in the discussion, and that is you've got to get the board thinking about a risk posture, where there are tradeoffs. You can't ask them, you can't use Fudd on the board. You're going to freak 'em out. You have to say, "This is what I have to do "to enable this business to operate at this velocity." And if they don't want that risk, here's the velocity that they ought to be operating within because we are less exposed at that velocity. And so translating it into these sorts of terms that the board understands in the world of business. They're well experienced in advising you on how to operate your business. They've thought about travel risks. They've thought about plant closure risks. And they've thought about employee lawsuit risks. Translate security into risks that they can also understand and then present your measurements and your investment trade-offs in that context. That's what the best practice appears to be. It's still really hard, and so here's the knock: you can have all that great thinking and still struggle because of the degree of difficulty here. You just have to keep at it. >> Now unfortunately, the CISO on the agenda at the board meeting was down toward the end of the day and just before him was the CMO and the Head of Sales and Operations and they're like, "We got to go, we got to go, it's digital transformation. "We got to go, we got to go, competitors are going like crazy. "Speed, speed, speed, digital transformation." That's what you beat us up about last quarter. So as people are trying to really evolve their companies, they're trying to move to a more digital platform, they're innovate faster, they're trying to enable more people in the company to have access to the data, and access to the tools so they can innovate faster. How does that then bang up when he sits down and the CISO stands up? >> So, digital transformation is an opportunity. For me, it's just code for reinventing business around customer engagement, for many companies that have direct relationships to their customers in a broad form, at least it's that for them. That means there's an investment elasticity opportunity. And so building security into that velocity we talked about, or the mode of digital transformation that you're going to deliver is really, really key. It's less about defending security as a horizontal utility that is generic and hard to place within the context of that digital transformation, that customer engagement, that velocity of business, it's that latter scenario. Actually, one of the folks of the panel that I was on, Debbie from PNC Bank, made a great point. She talks about security as part of the brand, part of the brand prompts. We want people to trust our brand. And so more and more, I would argue that the monetization and the maturation of the attack life cycle, and the ability to take customer records and sell them, has forced us to realize that's a distinct business risk. So losing all of our customer data is a huge business risk that business people now understand and you can equip them to reduce that risk with good security measures. While you're doing digital transformation, you have an opportunity to bake it in. So now, you can suddenly say, "Hey look! "We can fit that into the overall architecture." You want it to be a collaborative part of the new design, versus an overlay, which has typically been the approach, when we've automated business on top of IT and then wrapped security around that. >> It's funny, you're the first person that's ever really tied security to trust and trust to brand, because there's always an ongoing conversation about, "Do brands matter? "What is a brand? "How are brands defined "in an increasingly competitive world?" So, is security in that context, table stakes or is it a competitive advantage? >> Well, let me ask you a question. How's Yahoo's brand today? >> Not so good. >> After repeated losses, right, I could name plenty. The circumstance and the experience, and our ability to absorb that experience frankly through a lot of reporting, has helped us to know what we're up against. What are the downsides? That's just education. I think that's the good part of Fudd, when things are reported accurately and we understand that these things have happened, even if we learn a bit later, that's very necessary for us to say, "This is what needs to be done." Just like anything else. When transportation evolved and we reinvented business at the speed of our new transportation in the way we collaborate, that was an impact. We now have to continue to think about business as being more digital and has to be more secure. >> Well, Joe, this has been a great conversation and the other thing you nailed, you're the first person that has ever talked about digital transformation as redefining your business process around customer engagement. That is spectacular. >> Wow. >> Thanks for sharing that, we'll use that. >> Good stuff. >> Alright. Thanks for stopping by. >> You bet. >> He's Joe Gottlieb, I'm Jeff Frick, you're watching the CUBE. We'll catch you next time, thanks for watching.

(upbeat music) >> From theCube Studios in Palo Alto in Boston, bringing you data driven insights from theCube and ETR. This is Breaking Analysis with Dave Vellante. >> While by no means a safe haven, the cybersecurity sector has outpaced the broader tech market by a meaningful margin, that is up until very recently. Cybersecurity remains the number one technology priority for the C-suite, but as we've previously reported the CISO's budget has constraints just like other technology investments. Recent trends show that economic headwinds have elongated sales cycles, pushed deals into future quarters, and just like other tech initiatives, are pacing cybersecurity investments and breaking them into smaller chunks. Hello and welcome to this week's Wikibon Cube Insights powered by ETR. In this Breaking Analysis we explain how cybersecurity trends are reverting to the mean and tracking more closely with other technology investments. We'll make a couple of valuation comparisons to show the magnitude of the challenge and which cyber firms are feeling the heat, which aren't. There are some exceptions. We'll then show the latest survey data from ETR to quantify the contraction in spending momentum and close with a glimpse of the landscape of emerging cybersecurity companies, the private companies that could be ripe for acquisition, consolidation, or disruptive to the broader market. First, let's take a look at the recent patterns for cyber stocks relative to the broader tech market as a benchmark, as an indicator. Here's a year to date comparison of the bug ETF, which comprises a basket of cyber security names, and we compare that with the tech heavy NASDAQ composite. Notice that on April 13th of this year the cyber ETF was actually in positive territory while the NAS was down nearly 14%. Now by August 16th, the green turned red for cyber stocks but they still meaningfully outpaced the broader tech market by more than 950 basis points as of December 2nd that Delta had contracted. As you can see, the cyber ETF is now down nearly 25%, year to date, while the NASDAQ is down 27% and change. Now take a look at just how far a few of the high profile cybersecurity names have fallen. Here are six security firms that we've been tracking closely since before the pandemic. We've been, you know, tracking dozens but let's just take a look at this data and the subset. We show for comparison the S&P 500 and the NASDAQ, again, just for reference, they're both up since right before the pandemic. They're up relative to right before the pandemic, and then during the pandemic the S&P shot up more than 40%, relative to its pre pandemic level, around February is what we're using for the pre pandemic level, and the NASDAQ peaked at around 65% higher than that February level. They're now down 85% and 71% of their previous. So they're at 85% and 71% respectively from their pandemic highs. You compare that to these six companies, Splunk, which was and still is working through a transition is well below its pre pandemic market value and 44, it's 44% of its pre pandemic high as of last Friday. Palo Alto Networks is the most interesting here, in that it had been facing challenges prior to the pandemic related to a pivot to the Cloud which we reported on at the time. But as we said at that time we believe the company would sort out its Cloud transition, and its go to market challenges, and sales compensation issues, which it did as you can see. And its valuation jumped from 24 billion prior to Covid to 56 billion, and it's holding 93% of its peak value. Its revenue run rate is now over 6 billion with a healthy growth rate of 24% expected for the next quarter. Similarly, Fortinet has done relatively well holding 71% of its peak Covid value, with a healthy 34% revenue guide for the coming quarter. Now, Okta has been the biggest disappointment, a darling of the pandemic Okta's communication snafu, with what was actually a pretty benign hack combined with difficulty absorbing its 7 billion off zero acquisition, knocked the company off track. Its valuation has dropped by 35 billion since its peak during the pandemic, and that's after a nice beat and bounce back quarter just announced by Okta. Now, in our view Okta remains a viable long-term leader in identity. However, its recent fiscal 24 revenue guide was exceedingly conservative at around 16% growth. So either the company is sandbagging, or has such poor visibility that it wants to be like super cautious or maybe it's actually seeing a dramatic slowdown in its business momentum. After all, this is a company that not long ago was putting up 50% plus revenue growth rates. So it's one that bears close watching. CrowdStrike is another big name that we've been talking about on Breaking Analysis for quite some time. It like Okta has led the industry in a key ETR performance indicator that measures customer spending momentum. Just last week, CrowdStrike announced revenue increased more than 50% but new ARR was soft and the company guided conservatively. Not surprisingly, the stock got absolutely crushed as CrowdStrike blamed tepid demand from smaller and midsize firms. Many analysts believe that competition from Microsoft was one factor along with cautious spending amongst those midsize and smaller customers. Notably, large customers remain active. So we'll see if this is a longer term trend or an anomaly. Zscaler is another company in the space that we've reported having great customer spending momentum from the ETR data. But even though the company beat expectations for its recent quarter, like other companies its Outlook was conservative. So other than Palo Alto, and to a lesser extent Fortinet, these companies and others that we're not showing here are feeling the economic pinch and it shows in the compression of value. CrowdStrike, for example, had a 70 billion valuation at one point during the pandemic Zscaler top 50 billion, Okta 45 billion. Now, having said that Palo Alto Networks, Fortinet, CrowdStrike, and Zscaler are all still trading well above their pre pandemic levels that we tracked back in February of 2020. All right, let's go now back to ETR'S January survey and take a look at how much things have changed since the beginning of the year. Remember, this is obviously pre Ukraine, and pre all the concerns about the economic headwinds but here's an X Y graph that shows a net score, or spending momentum on the y-axis, and market presence on the x-axis. The red dotted line at 40% on the vertical indicates a highly elevated net score. Anything above that we think is, you know, super elevated. Now, we filtered the data here to show only those companies with more than 50 responses in the ETR survey. Still really crowded. Note that there were around 20 companies above that red 40% mark, which is a very, you know, high number. It's a, it's a crowded market, but lots of companies with, you know, positive momentum. Now let's jump ahead to the most recent October survey and take a look at what, what's happening. Same graphic plotting, spending momentum, and market presence, and look at the number of companies above that red line and how it's been squashed. It's really compressing, it's still a crowded market, it's still, you know, plenty of green, but the number of companies above 40% that, that key mark has gone from around 20 firms down to about five or six. And it speaks to that compression and IT spending, and of course the elongated sales cycles pushing deals out, taking them in smaller chunks. I can't tell you how many conversations with customers I had, at last week at Reinvent underscoring this exact same trend. The buyers are getting pressure from their CFOs to slow things down, do more with less and, and, and prioritize projects to those that absolutely are critical to driving revenue or cutting costs. And that's rippling through all sectors, including cyber. Now, let's do a bit more playing around with the ETR data and take a look at those companies with more than a hundred citations in the survey this quarter. So N, greater than or equal to a hundred. Now remember the followers of Breaking Analysis know that each quarter we take a look at those, what we call four star security firms. That is, those are the, that are in, that hit the top 10 for both spending momentum, net score, and the N, the mentions in the survey, the presence, the pervasiveness in the survey, and that's what we show here. The left most chart is sorted by spending momentum or net score, and the right hand chart by shared N, or the number of mentions in the survey, that pervasiveness metric. that solid red line denotes the cutoff point at the top 10. And you'll note we've actually cut it off at 11 to account for Auth 0, which is now part of Okta, and is going through a go to market transition, you know, with the company, they're kind of restructuring sales so they can take advantage of that. So starting on the left with spending momentum, again, net score, Microsoft leads all vendors, typical Microsoft, very prominent, although it hadn't always done so, it, for a while, CrowdStrike and Okta were, were taking the top spot, now it's Microsoft. CrowdStrike, still always near the top, but note that CyberArk and Cloudflare have cracked the top five in Okta, which as I just said was consistently at the top, has dropped well off its previous highs. You'll notice that Palo Alto Network Palo Alto Networks with a 38% net score, just below that magic 40% number, is healthy, especially as you look over to the right hand chart. Take a look at Palo Alto with an N of 395. It is the largest of the independent pure play security firms, and has a very healthy net score, although one caution is that net score has dropped considerably since the beginning of the year, which is the case for most of the top 10 names. The only exception is Fortinet, they're the only ones that saw an increase since January in spending momentum as ETR measures it. Now this brings us to the four star security firms, that is those that hit the top 10 in both net score on the left hand side and market presence on the right hand side. So it's Microsoft, Palo Alto, CrowdStrike, Okta, still there even not accounting for a Auth 0, just Okta on its own. If you put in Auth 0, it's, it's even stronger. Adding then in Fortinet and Zscaler. So Microsoft, Palo Alto, CrowdStrike, Okta, Fortinet, and Zscaler. And as we've mentioned since January, only Fortinet has shown an increase in net score since, since that time, again, since the January survey. Now again, this talks to the compression in spending. Now one of the big themes we hear constantly in cybersecurity is the market is overcrowded. Everybody talks about that, me included. The implication there, is there's a lot of room for consolidation and that consolidation can come in the form of M&A, or it can come in the form of people consolidating onto a single platform, and retiring some other vendors, and getting rid of duplicate vendors. We're hearing that as a big theme as well. Now, as we saw in the previous, previous chart, this is a very crowded market and we've seen lots of consolidation in 2022, in the form of M&A. Literally hundreds of M&A deals, with some of the largest companies going private. SailPoint, KnowBe4, Barracuda, Mandiant, Fedora, these are multi billion dollar acquisitions, or at least billion dollars and up, and many of them multi-billion, for these companies, and hundreds more acquisitions in the cyberspace, now less you think the pond is overfished, here's a chart from ETR of emerging tech companies in the cyber security industry. This data comes from ETR's Emerging Technologies Survey, ETS, which is this diamond in a rough that I found a couple quarters ago, and it's ripe with companies that are candidates for M&A. Many would've liked, many of these companies would've liked to, gotten to the public markets during the pandemic, but they, you know, couldn't get there. They weren't ready. So the graph, you know, similar to the previous one, but different, it shows net sentiment on the vertical axis and that's a measurement of, of, of intent to adopt against a mind share on the X axis, which measures, measures the awareness of the vendor in the community. So this is specifically a survey that ETR goes out and, and, and fields only to track those emerging tech companies that are private companies. Now, some of the standouts in Mindshare, are OneTrust, BeyondTrust, Tanium and Endpoint, Net Scope, which we've talked about in previous Breaking Analysis. 1Password, which has been acquisitive on its own. In identity, the managed security service provider, Arctic Wolf Network, a company we've also covered, we've had their CEO on. We've talked about MSSPs as a real trend, particularly in small and medium sized business, we'll come back to that, Sneek, you know, kind of high flyer in both app security and containers, and you can just see the number of companies in the space this huge and it just keeps growing. Now, just to make it a bit easier on the eyes we filtered the data on these companies with with those, and isolated on those with more than a hundred responses only within the survey. And that's what we show here. Some of the names that we just mentioned are a bit easier to see, but these are the ones that really stand out in ERT, ETS, survey of private companies, OneTrust, BeyondTrust, Taniam, Netscope, which is in Cloud, 1Password, Arctic Wolf, Sneek, BitSight, SecurityScorecard, HackerOne, Code42, and Exabeam, and Sim. All of these hit the ETS survey with more than a hundred responses by, by the IT practitioners. Okay, so these firms, you know, maybe they do some M&A on their own. We've seen that with Sneek, as I said, with 1Password has been inquisitive, as have others. Now these companies with the larger footprint, these private companies, will likely be candidate for both buying companies and eventually going public when the markets settle down a bit. So again, no shortage of players to affect consolidation, both buyers and sellers. Okay, so let's finish with some key questions that we're watching. CrowdStrike in particular on its earnings calls cited softness from smaller buyers. Is that because these smaller buyers have stopped adopting? If so, are they more at risk, or are they tactically moving toward the easy button, aka, Microsoft's good enough approach. What does that mean for the market if smaller company cohorts continue to soften? How about MSSPs? Will companies continue to outsource, or pause on on that, as well as try to free up, to try to free up some budget? Adam Celiski at Reinvent last week said, "If you want to save money the Cloud's the best place to do it." Is the cloud the best place to save money in cyber? Well, it would seem that way from the standpoint of controlling budgets with lots of, lots of optionality. You could dial up and dial down services, you know, or does the Cloud add another layer of complexity that has to be understood and managed by Devs, for example? Now, consolidation should favor the likes of Palo Alto and CrowdStrike, cause they're platform players, and some of the larger players as well, like Cisco, how about IBM and of course Microsoft. Will that happen? And how will economic uncertainty impact the risk equation, a particular concern is increase of tax on vulnerable sectors of the population, like the elderly. How will companies and governments protect them from scams? And finally, how many cybersecurity companies can actually remain independent in the slingshot economy? In so many ways the market is still strong, it's just that expectations got ahead of themselves, and now as earnings forecast come, come, come down and come down to earth, it's going to basically come down to who can execute, generate cash, and keep enough runway to get through the knothole. And the one certainty is nobody really knows how tight that knothole really is. All right, let's call it a wrap. Next week we dive deeper into Palo Alto Networks, and take a look at how and why that company has held up so well and what to expect at Ignite, Palo Alto's big user conference coming up later this month in Las Vegas. We'll be there with theCube. Okay, many thanks to Alex Myerson on production and manages the podcast, Ken Schiffman as well, as our newest edition to our Boston studio. Great to have you Ken. Kristin Martin and Cheryl Knight help get the word out on social media and in our newsletters. And Rob Hof is our EIC over at Silicon Angle. He does some great editing for us. Thank you to all. Remember these episodes are all available as podcasts. Wherever you listen, just search Breaking Analysis podcast. I publish each week on wikibond.com and siliconangle.com, or you can email me directly David.vellante@siliconangle.com or DM me @DVellante, or comment on our LinkedIn posts. Please do checkout etr.ai, they got the best survey data in the enterprise tech business. This is Dave Vellante for theCube Insights powered by ETR. Thanks for watching, and we'll see you next time on Breaking Analysis. (upbeat music)

>> From theCUBE Studios in Palo Alto and Boston bringing you data driven insights from theCUBE and ETR. This is Breaking Analysis with Dave Vellante. >> After a two year hiatus, AWS re:Inforce is back on as an in-person event in Boston next week. Like the All-Star break in baseball, re:Inforce gives us an opportunity to evaluate the cyber security market overall, the state of cloud security and cross cloud security and more specifically what AWS is up to in the sector. Welcome to this week's Wikibon cube insights powered by ETR. In this Breaking Analysis we'll share our view of what's changed since our last cyber update in May. We'll look at the macro environment, how it's impacting cyber security plays in the market, what the ETR data tells us and what to expect at next week's AWS re:Inforce. We start this week with a checkpoint from Breaking Analysis contributor and stock trader Chip Simonton. We asked for his assessment of the market generally in cyber stocks specifically. So we'll summarize right here. We've kind of moved on from a narrative of the sky is falling to one where the glass is half empty you know, and before today's big selloff it was looking more and more like glass half full. The SNAP miss has dragged down many of the big names that comprise the major indices. You know, earning season as always brings heightened interest and this time we're seeing many cross currents. It starts as usual with the banks and the money centers. With the exception of JP Morgan the numbers were pretty good according to Simonton. Investment banks were not so great with Morgan and Goldman missing estimates but in general, pretty positive outlooks. But the market also shrugged off IBM's growth. And of course, social media because of SNAP is getting hammered today. The question is no longer recession or not but rather how deep the recession will be. And today's PMI data was the weakest since the start of the pandemic. Bond yields continue to weaken and there's a growing consensus that Fed tightening may be over after September as commodity prices weaken. Now gas prices of course are still high but they've come down. Tesla, Nokia and AT&T all indicated that supply issues were getting better which is also going to help with inflation. So it's no shock that the NASDAQ has done pretty well as beaten down as tech stocks started to look oversold you know, despite today's sell off. But AT&T and Verizon, they blamed their misses in part on people not paying their bills on time. SNAP's huge miss even after guiding lower and then refusing to offer future guidance took that stock down nearly 40% today and other social media stocks are off on sympathy. Meta and Google were off, you know, over 7% at midday. I think at one point hit 14% down and Google, Meta and Twitter have all said they're freezing new hires. So we're starting to see according to Simonton for the first time in a long time, the lower income, younger generation really feeling the pinch of inflation. Along of course with struggling families that have to choose food and shelter over discretionary spend. Now back to the NASDAQ for a moment. As we've been reporting back in mid-June and NASDAQ was off nearly 33% year to date and has since rallied. It's now down about 25% year to date as of midday today. But as I say, it had been, you know much deeper back in early June. But it's broken that downward trend that we talked about where the highs are actually lower and the lows are lower. That's started to change for now anyway. We'll see if it holds. But chip stocks, software stocks, and of course the cyber names have broken those down trends and have been trading above their 50 day moving averages for the first time in around four months. And again, according to Simonton, we'll see if that holds. If it does, that's a positive sign. Now remember on June 24th, we recorded a Breaking Analysis and talked about Qualcomm trading at a 12 X multiple with an implied 15% growth rate. On that day the stock was 124 and it surpassed 155 earlier this month. That was a really good call by Simonton. So looking at some of the cyber players here SailPoint is of course the anomaly with the Thoma Bravo 7 billion acquisition of the company holding that stock up. But the Bug ETF of basket of cyber stocks has definitely improved. When we last reported on cyber in May, CrowdStrike was off 23% year to date. It's now off 4%. Palo Alto has held steadily. Okta is still underperforming its peers as it works through the fallout from the breach and the ingestion of its Auth0 acquisition. Meanwhile, Zscaler and SentinelOne, those high flyers are still well off year to date, with Ping Identity and CyberArk not getting hit as hard as their valuations hadn't run up as much. But virtually all these tech stocks generally in cyber issues specifically, they've been breaking their down trend. So it will now come down to earnings guidance in the coming months. But the SNAP reaction is quite stunning. I mean, the environment is slowing, we know that. Ad spending gets cut in that type of market, we know that too. So it shouldn't be a huge surprise to anyone but as Chip Simonton says, this shows that sellers are still in control here. So it's going to take a little while to work through that despite the positive signs that we're seeing. Okay. We also turned to our friend Eric Bradley from ETR who follows these markets quite closely. He frequently interviews CISOs on his program, on his round tables. So we asked to get his take and here's what ETR is saying. Again, as we've reported while CIOs and IT buyers have tempered spending expectations since December and early January when they called for an 8% plus spending growth, they're still expecting a six to seven percent uptick in spend this year. So that's pretty good. Security remains the number one priority and also is the highest ranked sector in the ETR data set when you measure in terms of pervasiveness in the study. Within security endpoint detection and extended detection and response along with identity and privileged account management are the sub-sectors with the most spending velocity. And when you exclude Microsoft which is just dominant across the board in so many sectors, CrowdStrike has taken over the number one spot in terms of spending momentum in ETR surveys with CyberArk and Tanium showing very strong as well. Okta has seen a big dropoff in net score from 54% last survey to 45% in July as customers maybe put a pause on new Okta adoptions. That clearly shows in the survey. We'll talk about that in a moment. Look Okta still elevated in terms of spending momentum, but it doesn't have the dominant leadership position it once held in spend velocity. Year on year, according to ETR, Tenable and Elastic are seeing the biggest jumps in spending momentum, with SailPoint, Tanium, Veronis, CrowdStrike and Zscaler seeing the biggest jump in new adoptions since the last survey. Now on the downside, SonicWall, Symantec, Trellic which is McAfee, Barracuda and TrendMicro are seeing the highest percentage of defections and replacements. Let's take a deeper look at what the ETR data tells us about the cybersecurity space. This is a popular view that we like to share with net score or spending momentum on the Y axis and overlap or pervasiveness in the data on the X axis. It's a measure of presence in the data set we used to call it market share. With the data, the dot positions, you see that little inserted table, that's how the dots are plotted. And it's important to note that this data is filtered for firms with at least 100 Ns in the survey. That's why some of the other ones that we mentioned might have dropped off. The red dotted line at 40% that indicates highly elevated spending momentum and there are several firms above that mark including of course, Microsoft, which is literally off the charts in both dimensions in the upper right. It's quite incredible actually. But for the rest of the pack, CrowdStrike has now taken back its number one net score position in the ETR survey. And CyberArk and Okta and Zscaler, CloudFlare and Auth0 now Okta through the acquisition, are all above the 40% mark. You can stare at the data at your leisure but I'll just point out, make three quick points. First Palo Alto continues to impress and as steady as she goes. Two, it's a very crowded market still and it's complicated space. And three there's lots of spending in different pockets. This market has too many tools and will continue to consolidate. Now I'd like to drill into a couple of firms net scores and pick out some of the pure plays that are leading the way. This series of charts shows the net score or spending velocity or granularity for Okta, CrowdStrike, Zscaler and CyberArk. Four of the top pure plays in the ETR survey that also have over a hundred responses. Now the colors represent the following. Bright red is defections. We're leaving the platform. The pink is we're spending less, meaning we're spending 6% or worse. The gray is flat spend plus or minus 5%. The forest green is spending more, i.e, 6% or more and the lime green is we're adding the platform new. That red dotted line at the 40% net score mark is the same elevated level that we like to talk about. All four are above that target. Now that blue line you see there is net score. The yellow line is pervasiveness in the data. The data shown in each bar goes back 10 surveys all the way back to January 2020. First I want to call out that all four again are seeing down trends in spending momentum with the whole market. That's that blue line. They're seeing that this quarter, again, the market is off overall. Everybody is kind of seeing that down trend for the most part. Very few exceptions. Okta is being hurt by fewer new additions which is why we highlighted in red, that red dotted area, that square that we put there in the upper right of that Okta bar. That lime green, new ads are off as well. And the gray for Okta, flat spending is noticeably up. So it feels like people are pausing a bit and taking a breather for Okta. And as we said earlier, perhaps with the breach earlier this year and the ingestion of Auth0 acquisition the company is seeing some friction in its business. Now, having said that, you can see Okta's yellow line or presence in the data set, continues to grow. So it's a good proxy from market presence. So Okta remains a leader in identity. So again, I'll let you stare at the data if you want at your leisure, but despite some concerns on declining momentum, notice this very little red at these companies when it comes to the ETR survey data. Now one more data slide which brings us to our four star cyber firms. We started a tradition a few years ago where we sorted the ETR data by net score. That's the left hand side of this graphic. And we sorted by shared end or presence in the data set. That's the right hand side. And again, we filtered by companies with at least 100 N and oh, by the way we've excluded Microsoft just to level the playing field. The red dotted line signifies the top 10. If a company cracks the top 10 in both spending momentum and presence, we give them four stars. So Palo Alto, CrowdStrike, Okta, Fortinet and Zscaler all made the cut this time. Now, as we pointed out in May if you combined Auth0 with Okta, they jumped to the number two on the right hand chart in terms of presence. And they would lead the pure plays there although it would bring down Okta's net score somewhat, as you can see, Auth0's net score is lower than Okta's. So when you combine them it would drag that down a little bit but it would give them bigger presence in the data set. Now, the other point we'll make is that Proofpoint and Splunk both dropped off the four star list this time as they both saw marked declines in net score or spending velocity. They both got four stars last quarter. Okay. We're going to close on what to expect at re:Inforce this coming week. Re:Inforce, if you don't know, is AWS's security event. They first held it in Boston back in 2019. It's dedicated to cloud security. The past two years has been virtual and they announced that reinvent that it would take place in Houston in June, which everybody said, that's crazy. Who wants to go to Houston in June and turns out nobody did so they postponed the event, thankfully. And so now they're back in Boston, starting on Monday. Not that it's going to be much cooler in Boston. Anyway, Steven Schmidt had been the face of AWS security at all these previous events as the Chief Information Security Officer. Now he's dropped the I from his title and is now the Chief Security Officer at Amazon. So he went with Jesse to the mothership. Presumably he dropped the I because he deals with physical security now too, like at the warehouses. Not that he didn't have to worry about physical security at the AWS data centers. I don't know. Anyway, he and CJ Moses who is now the new CISO at AWS will be keynoting along with some others including MongoDB's Chief Information Security Officer. So that should be interesting. Now, if you've been following AWS you'll know they like to break things down into, you know, a couple of security categories. Identity, detection and response, data protection slash privacy slash GRC which is governance, risk and compliance, and we would expect a lot more talk this year on container security. So you're going to hear also product updates and they like to talk about how they're adding value to services and try to help, they try to help customers understand how to apply services. Things like GuardDuty, which is their threat detection that has machine learning in it. They'll talk about Security Hub, which centralizes views and alerts and automates security checks. They have a service called Detective which does root cause analysis, and they have tools to mitigate denial of service attacks. And they'll talk about security in Nitro which isolates a lot of the hardware resources. This whole idea of, you know, confidential computing which is, you know, AWS will point out it's kind of become a buzzword. They take it really seriously. I think others do as well, like Arm. We've talked about that on previous Breaking Analysis. And again, you're going to hear something on container security because it's the hottest thing going right now and because AWS really still serves developers and really that's what they're trying to do. They're trying to enable developers to design security in but you're also going to hear a lot of best practice advice from AWS i.e, they'll share the AWS dogfooding playbooks with you for their own security practices. AWS like all good security practitioners, understand that the keys to a successful security strategy and implementation don't start with the technology, rather they're about the methods and practices that you apply to solve security threats and a top to bottom cultural approach to security awareness, designing security into systems, that's really where the developers come in, and training for continuous improvements. So you're going to get heavy doses of really strong best practices and guidance and you know, some good preaching. You're also going to hear and see a lot of partners. They'll be very visible at re:Inforce. AWS is all about ecosystem enablement and AWS is going to host close to a hundred security partners at the event. This is key because AWS doesn't do it all. Interestingly, they don't even show up in the ETR security taxonomy, right? They just sort of imply that it's built in there even though they have a lot of security tooling. So they have to apply the shared responsibility model not only with customers but partners as well. They need an ecosystem to fill gaps and provide deeper problem solving with more mature and deeper security tooling. And you're going to hear a lot of positivity around how great cloud security is and how it can be done well. But the truth is this stuff is still incredibly complicated and challenging for CISOs and practitioners who are understaffed when it comes to top talent. Now, finally, theCUBE will be at re:Inforce in force. John Furry and I will be hosting two days of broadcast so please do stop by if you're in Boston and say hello. We'll have a little chat, we'll share some data and we'll share our overall impressions of the event, the market, what we're seeing, what we're learning, what we're worried about in this dynamic space. Okay. That's it for today. Thanks for watching. Thanks to Alex Myerson, who is on production and manages the podcast. Kristin Martin and Cheryl Knight, they helped get the word out on social and in our newsletters and Rob Hoff is our Editor in Chief over at siliconangle.com. You did some great editing. Thank you all. Remember all these episodes they're available, this podcast. Wherever you listen, all you do is search Breaking Analysis podcast. I publish each week on wikibon.com and siliconangle.com. You can get in touch with me by emailing avid.vellante@siliconangle.com or DM me @dvellante, or comment on my LinkedIn post and please do check out etr.ai for the best survey data in the enterprise tech business. This is Dave Vellante for theCUBE Insights powered by ETR. Thanks for watching and we'll see you in Boston next week if you're there or next time on Breaking Analysis (soft music)

>> From theCUBE Studios in Palo Alto in Boston, bringing you data driven insights from theCUBE and ETR. This is Breaking Analysis with Dave Vellante. >> Cybersecurity stocks have been sending mixed signals as of late, mostly negative like much of tech, but some such as Palo Alto Networks, despite a tough go of it recently have held up better than most tech names. Others like CrowdStrike, had been out performing Broader Tech in March, but then flipped in May. Okta's performance was pretty much tracking along with CrowdStrike for most of the past several months, a little bit below, but then the Okta hack changed the trajectory of that name. Zscaler has crossed the critical billion dollar ARR revenue milestone, and now sees a path to five billion dollars in revenue, but the company stock fell sharply after its last earnings report and has been on a down trend since last November. Meanwhile, CyberArk's recent beat and raise, was encouraging and the stock acted well after its last report. Security remains the number one initiative priority amongst IT organizations and the spending momentum for many high flying cyber names remain strong. So what gives in cyber security? Hello, and welcome to this week's Wikibon CUBE insights powered by ETR. In this breaking analysis, we focus on security and will update you on the latest data from ETR to try to make sense out of the market and read into what this all means in both the near and long term, for some of our favorite names in cyber. First, the news. There's always something happening in security news cycles. The big recent news is new President Rodrigo Chavez declared a national emergency in Costa Rica due to the preponderance of Russian cyber attacks on the country's critical infrastructure. Such measures are normally reserved for natural disasters like earthquakes, but this move speaks to the nature of today's cyber threats. Of no surprise is modern superpower warfare even for a depleted power like Russia almost certainly involves cyber warfare as we continue to see in Ukraine. Privately held Arctic Wolf Networks hired Dustin Williams as its new CFO. Williams has taken three companies to IPO, including Nutanix in 2016, a very successful IPO for that company. Whether AWN chooses to pull the trigger this year or will wait until markets are less choppy or obviously remains to be seen. But it's a pretty clear sign the company is headed to IPO at some point. Now, big point of discussion this week at Red Hat Summit in Boston and the prior week at Dell technologies world was security. In the case of Red Hat, securing the digital supply chain was the main theme. And from Dell building, many security features into its storage arrays and cyber resilience services into its as a service offering called Apex. And we're seeing a trend where buyers want to reduce the number of bespoke tools they use if they, in fact can. Here's IDC's Jim Mercer, sharing data from a recent survey they conducted on the topic. Play the clip. >> Interestingly, we did a survey, I think around last August or something. And one of the questions was around where do you want your security, right? Where do you want to get your DevSecOps security from? Do you want to get it from individual vendors, right? Or do you want to get it from like your platforms that you're using and deploying changes in Kubernetes? >> Great question. What did they say? >> The majority of them, they're hoping they can get it built into the platform. That's really what they want-- >> Now, whether that's actually achievable is debatable because you have so much innovation and investment going on from the likes of startups and for instance, lace work or sneak and security companies that you see even trying to build platforms, you've got CrowdStrike, Okta, Zscaler and many others, trying to build security platforms and put it all under their umbrella. Now the last point will hit here is there was a lot of buzz in the news about Okta. The reaction to what was a relatively benign hack was pretty severe and probably overblown, but Okta's stock is paying the price of what is generally considered a blown communications plan versus a technical failure. Remember, identity is not an easy thing to rip and replace and Okta remains a best-of-breed player and leader in the space. So we're going to look at some ETR data later in this segment to try and make sense of the recent action in the market and certain names. Speaking of which let's take a look at how some of the names in cybersecurity have fared relative to some of the indices and relative indicators that we like to look at. Here's a Google finance comparison for a number of stocks and names in the bottom there you can see we plot the hack ETF which tracks security stocks. This is a year to date view. And so we don't show it here but the tech heavy NASDAQ is off around 26% year to date whereas the cyber ETF that we're showing is down 18%, okay. So cyber holding up a little bit better than broader tech as we've reported earlier, was actually much better and still seems to be a gap there, but the data are mixed. You can see Okta is way off relative to its peers. That's a combination of the breach that we talked about but also the run up in the stock since COVID. CrowdStrike was actually faring better but broke this month, we'll see how it's upcoming earnings announcements are received when it announces on June 2nd after the close. Palo Alto in the light blue has done better than most and until recently was holding up quite well. And of course, Sailpoint is another identity specialist, it is kind of off the charts here because it's going private with the acquisition by Thoma Bravo at nearly seven billion dollars. So you see some mixed signals in cyber these past several months and weeks. And so we're trying to understand what that all means. So let's take a look at the survey data and see how spending momentum is holding up. As we've reported IT spending forecast, at the macro level, they've come off their 8% highs from the end of the year, the ETRS December survey, but robust tech spending is still there. It's expected at nearly seven percent and this is amongst 1200 ETR respondents. Here's a picture from the ETR survey of the cybersecurity landscape. That y-axis that's net score or a measure of spending momentum and that horizontal access is overlap. We used to talk about it as a market share which is a measure of pervasiveness in the data set. That dotted red line at 40% indicates an elevated spending momentum level on the vertical axis and we filter the names and limited to only those with a hundred or more responses in the ETR survey. Then the pictures still pretty crowded as you can see. You got lots of companies above the red dotted line, including Microsoft which is up into the right, they're so far off the chart, it's just amazing. But also Palo Alto and Okta, Auth0, which of course is now owned by Okta, Zscaler, CyberArk is making moves. Sailpoint and Cloudflare, they're all above that magic 40% line. Now, you look at Cisco, it shows a very large presence in the horizontal axis in the data set. And it's got pretty respectable momentum and you see Splunk doing okay, no before and tenable just below that 40% line and a lot of names in the very respectable 20% zone. And we've included some legacy names just for context that fall below the zero percent line with a negative net score. And that means a larger proportion, that negative net score means a larger proportion of their customers in the survey are spending less than those that are spending more. Now, typically for these legacy names you're going to have a huge proportion of customers who have flat spending that kind of fat middle and that's why they sort of don't have that highly elevated score, but they're still viable as they get the recurring revenue each year. But the bottom line is that spending remains robust for some of the top names that we've talked about earlier despite their rocky stock performance. Now, let's filter this data a bit more to make it a little bit easier to read. So to do that, we take out Microsoft because they're just so dominant and we cherry pick some names to make the data more consumable and scannable. The other data point we've added is Okta's net score breakdown, the multicolored rows there, that row in the bottom right. Net score, it measures the percent of customers that are adding the platform new, that's the lime green, at 18% for Okta. The forest green is at 42%. That's the percent of customers in the survey that are spending six percent or more. The gray is flat spending. That's 32% for Okta, this past survey. The pink is customers that are spending less, that's three percent. They're spending six percent or worse in the survey, so only three percent for Okta. And the bright red at three percent is decommissioning the platform. You subtract the reds from the greens and you get a net score, well, into the 50s for Okta and you can see. We highlight Okta here because it's a name that we've been following for quite some time and customers have given us really solid feedback on the technology and up until the hack, they're affinity to Okta, but that seems to be continuing. We'll talk more about that. This recent breach to Okta has caused us to take a closer look. And you may recall, we reported with our ETR colleague, Eric Bradley. The breach was announced right in the middle of ETR collecting data in the last survey. And while we did see a noticeable downtick right after the announcement, the exposure of the hack and Okta's net score just after the breach was disclosed, you can see the combination of Okta and Auth0 remains very strong. I asked Eric Bradley this morning what he thought about Okta, and he pointed out that you can't evaluate this company on its price to earnings ratio. But it's forward sales multiple is now below 7X. And while attractive, these high flyers at some point, Eric says, they got to start making a profit. So you going to hold that thought, we'll come back to that. Now, another cut of the ETR data to look at our four star security names here. A while back we developed a methodology to try and cut through the noise of the crowded security sector using the ETR data to evaluate two key metrics; net score and shared N. Net score again is, spending momentum, the latter is an indicator of presence in the data set which is a proxy for market presence. Okay, we assigned those companies that cracked the top 10 in both net score and shared N, we give them four stars, okay, if they make the top 10. This chart here shows the April survey data for those companies with an N that's greater than, equal to a hundred responses. So again, we're filtering on those with a hundred or more responses. The table on the left that you see there, that's sorted by net score, okay. So we're sorting by spending momentum. And then the one on the right is sorted by shared N, so their presence in the data set. Seven companies hit the top 10 for both categories; Palo Alto Network, Splunk, CrowdStrike Okta, Proofpoint, Fortinet and Zscaler. Now, remember, take a look, Okta excludes Auth0, in this little methodology that we came up with. Auth0 didn't make the cuts but it hits the top 10 for net score. So if you add in Auth0's 112 N there that you see on the right. You add that into Okta, we put Okta in the number two spot in the survey on the right most table with the shared N of 354. Only Cisco has a higher presence in the data set. And you can see Cisco in the left lands just below that red dotted line. That's the top 10 in security. So if we were to combine Okta and Auth0 as one, Cisco would make the cut and earn four stars. Now, some other notables are CyberArk, which is just below the red line on the right most chart with an impressive 177 shared N. Again, if you combine Auth0 and Okta, CyberArk makes the four star grade because it's in the top 10 for net score on the left. And Sailpoint is another notable with a net score above 50% and it's got a shared N of 122, which is respectable. So despite the market's choppy waters, we're seeing some positive signs in the survey data for some of the more prominent names that we've been following for the last couple of years. So what does this mean for the markets going forward? As always, when we see these confusing signs we like to reach out to the network and one of the sharpest traders out there is Chip Simonton. We've quoted him before and we like to share some of his insights. And so we're going to highlight some of that here. So technically, almost every good tech stock is oversold. And as such, he suggested we might see a bounce here. We certainly are seeing that on this Friday, the 13th. But the right call tactically has been to sell into the rally these past several months, so we'll see what happens on Monday. The key issue with the name like Okta and some other momentum names like CrowdStrike and Zscaler is that when money comes back into tech, it's likely going to go to the FAANG stocks, the Facebook, Apple, Amazon, Netflix, Google, and of course, you put Microsoft in there as well. And we'll see about Amazon, by the way, it's kind of out of favor right now, as everyone's focused on the retail side of the business meanwhile it's cloud business is booming and that's where all the profit is. We think that should be the real focus for Amazon. But the point is, for these momentum names in cybersecurity that don't make money, they face real headwinds, as growth is slowing overall and interest rates rise, that makes the net present value of these investments much less attractive. We've talked about that before. But longer term, we agree with Chip Simonton that these are excellent companies and they will weather the storm and we think they're going to lead their respective markets. And in cyber, we would expect continued M&A activity, which could act as a booster shot in the arms of these names. Now in 2019, we saw the ETR data, it pointed to CrowdStrike, Zscaler, Okta and others in the security space. Some of those names that really looked to us like they were moving forward and the pandemic just created a surge in these names and admittedly they got out over their skis. But the data suggests that these leading companies have continued momentum and the potential for stay in power. Unlike the SolarWinds hack, it seems at this point anyway that Okta will recover in the market. For the reasons that we cited, investors, they might stay away for some time but longer term, there's a shift in CSO security strategies that appear to be permanent. They're really valuing cloud-based modern platforms, these platforms will likely continue to gain share and carry their momentum forward. Okay, that's it for now, thanks to Stephanie Chan, who helps with the background research and with social, Kristen Martin and Cheryl Knight help get the word out and do some great work as well. Alex Morrison is on production and handles all of our podcast. Alex, thank you. And Rob Hof is our Editor in Chief at SiliconANGLE. Remember, all these episodes, they're available as podcast, you can pop in the headphones and listen, just search "Breaking Analysis Podcast." I publish each week on wikibon.com and SiliconANGLE.com. Don't forget to check out etr.ai, best in the business for real customer data. It's an awesome platform. You can reach me at dave.vellante@siliconangle.com or @dvellante. You can comment on our LinkedIn posts. This is Dave Vellante for the CUBEinsights powered by ETR. Thanks for watching. And we'll see you next time. (bright upbeat music)

>> From theCUBE Studios in Palo Alto and Boston, bringing you data-driven insights from theCUBE and ETR, this is Breaking Analysis with Dave Vellante. >> The pandemic has changed the way we think about and predict the future. As we enter the third year of a global pandemic, we see the significant impact that it's had on technology strategy, spending patterns, and company fortunes Much has changed. And while many of these changes were forced reactions to a new abnormal, the trends that we've seen over the past 24 months have become more entrenched, and point to the way that's coming ahead in the technology business. Hello and welcome to this week's Wikibon CUBE Insights powered by ETR. In this Breaking Analysis, we welcome our partner and colleague and business friend, Erik Porter Bradley, as we deliver what's becoming an annual tradition for Erik and me, our predictions for Enterprise Technology in 2022 and beyond Erik, welcome. Thanks for taking some time out. >> Thank you, Dave. Luckily we did pretty well last year, so we were able to do this again. So hopefully we can keep that momentum going. >> Yeah, you know, I want to mention that, you know, we get a lot of inbound predictions from companies and PR firms that help shape our thinking. But one of the main objectives that we have is we try to make predictions that can be measured. That's why we use a lot of data. Now not all will necessarily fit that parameter, but if you've seen the grading of our 2021 predictions that Erik and I did, you'll see we do a pretty good job of trying to put forth prognostications that can be declared correct or not, you know, as black and white as possible. Now let's get right into it. Our first prediction, we're going to go run into spending, something that ETR surveys for quarterly. And we've reported extensively on this. We're calling for tech spending to increase somewhere around 8% in 2022, we can see there on the slide, Erik, we predicted spending last year would increase by 4% IDC. Last check was came in at five and a half percent. Gardner was somewhat higher, but in general, you know, not too bad, but looking ahead, we're seeing an acceleration from the ETR September surveys, as you can see in the yellow versus the blue bar in this chart, many of the SMBs that were hard hit by the pandemic are picking up spending again. And the ETR data is showing acceleration above the mean for industries like energy, utilities, retail, and services, and also, notably, in the Forbes largest 225 private companies. These are companies like Mars or Koch industries. They're predicting well above average spending for 2022. So Erik, please weigh in here. >> Yeah, a lot to bring up on this one, I'm going to be quick. So 1200 respondents on this, over a third of which were at the C-suite level. So really good data that we brought in, the usual bucket of, you know, fortune 500, global 2000 make up the meat of that median, but it's 8.3% and rising with momentum as we see. What's really interesting right now is that energy and utilities. This is usually like, you know, an orphan stock dividend type of play. You don't see them at the highest point of tech spending. And the reason why right now is really because this state of tech infrastructure in our energy infrastructure needs help. And it's obvious, remember the Florida municipality break reach last year? When they took over the water systems or they had the ability to? And this is a real issue, you know, there's bad nation state actors out there, and I'm no alarmist, but the energy and utility has to spend this money to keep up. It's really important. And then you also hit on the retail consumer. Obviously what's happened, the work from home shift created a shop from home shift, and the trends that are happening right now in retail. If you don't spend and keep up, you're not going to be around much longer. So I think the really two interesting things here to call out are energy utilities, usually a laggard in IT spend and it's leading, and also retail consumer, a lot of changes happening. >> Yeah. Great stuff. I mean, I recall when we entered the pandemic, really ETR was the first to emphasize the impact that work from home was going to have, so I really put a lot of weight on this data. Okay. Our next prediction is we're going to get into security, it's one of our favorite topics. And that is that the number one priority that needs to be addressed by organizations in 2022 is security and you can see, in this slide, the degree to which security is top of mind, relative to some other pretty important areas like cloud, productivity, data, and automation, and some others. Now people may say, "Oh, this is obvious." But I'm going to add some context here, Erik, and then bring you in. First, organizations, they don't have unlimited budgets. And there are a lot of competing priorities for dollars, especially with the digital transformation mandate. And depending on the size of the company, this data will vary. For example, while security is still number one at the largest public companies, and those are of course of the biggest spenders, it's not nearly as pronounced as it is on average, or in, for example, mid-sized companies and government agencies. And this is because midsized companies or smaller companies, they don't have the resources that larger companies do. Larger companies have done a better job of securing their infrastructure. So these mid-size firms are playing catch up and the data suggests cyber is even a bigger priority there, gaps that they have to fill, you know, going forward. And that's why we think there's going to be more demand for MSSPs, managed security service providers. And we may even see some IPO action there. And then of course, Erik, you and I have talked about events like the SolarWinds Hack, there's more ransomware attacks, other vulnerabilities. Just recently, like Log4j in December. All of this has heightened concerns. Now I want to talk a little bit more about how we measure this, you know, relatively, okay, it's an obvious prediction, but let's stick our necks out a little bit. And so in addition to the rise of managed security services, we're calling for M&A and/or IPOs, we've specified some names here on this chart, and we're also pointing to the digital supply chain as an area of emphasis. Again, Log4j really shone that under a light. And this is going to help the likes of Auth0, which is now Okta, SailPoint, which is called out on this chart, and some others. We're calling some winners in end point security. Erik, you're going to talk about sort of that lifecycle, that transformation that we're seeing, that migration to new endpoint technologies that are going to benefit from this reset refresh cycle. So Erik, weigh in here, let's talk about some of the elements of this prediction and some of the names on that chart. >> Yeah, certainly. I'm going to start right with Log4j top of mind. And the reason why is because we're seeing a real paradigm shift here where things are no longer being attacked at the network layer, they're being attacked at the application layer, and in the application stack itself. And that is a huge shift left. And that's taking in DevSecOps now as a real priority in 2022. That's a real paradigm shift over the last 20 years. That's not where attacks used to come from. And this is going to have a lot of changes. You called out a bunch of names in there that are, they're either going to work. I would add to that list Wiz. I would add Orca Security. Two names in our emerging technology study, in addition to the ones you added that are involved in cloud security and container security. These names are either going to get gobbled up. So the traditional legacy names are going to have to start writing checks and, you know, legacy is not fair, but they're in the data center, right? They're, on-prem, they're not cloud native. So these are the names that money is going to be flowing to. So they're either going to get gobbled up, or we're going to see some IPO's. And on the other thing I want to talk about too, is what you mentioned. We have CrowdStrike on that list, We have SentinalOne on the list. Everyone knows them. Our data was so strong on Tanium that we actually went positive for the first time just today, just this morning, where that was released. The trifecta of these are so important because of what you mentioned, under resourcing. We can't have security just tell us when something happens, it has to automate, and it has to respond. So in this next generation of EDR and XDR, an automated response has to happen because people are under-resourced, salaries are really high, there's a skill shortage out there. Security has to become responsive. It can't just monitor anymore. >> Yeah. Great. And we should call out too. So we named some names, Snyk, Aqua, Arctic Wolf, Lacework, Netskope, Illumio. These are all sort of IPO, or possibly even M&A candidates. All right. Our next prediction goes right to the way we work. Again, something that ETR has been on for awhile. We're calling for a major rethink in remote work for 2022. We had predicted last year that by the end of 2021, there'd be a larger return to the office with the norm being around a third of workers permanently remote. And of course the variants changed that equation and, you know, gave more time for people to think about this idea of hybrid work and that's really come in to focus. So we're predicting that is going to overtake fully remote as the dominant work model with only about a third of the workers back in the office full-time. And Erik, we expect a somewhat lower percentage to be fully remote. It's now sort of dipped under 30%, at around 29%, but it's still significantly higher than the historical average of around 15 to 16%. So still a major change, but this idea of hybrid and getting hybrid right, has really come into focus. Hasn't it? >> Yeah. It's here to stay. There's no doubt about it. We started this in March of 2020, as soon as the virus hit. This is the 10th iteration of the survey. No one, no one ever thought we'd see a number where only 34% of people were going to be in office permanently. That's a permanent number. They're expecting only a third of the workers to ever come back fully in office. And against that, there's 63% that are saying their permanent workforce is going to be either fully remote or hybrid. And this, I can't really explain how big of a paradigm shift this is. Since the start of the industrial revolution, people leave their house and go to work. Now they're saying that's not going to happen. The economic impact here is so broad, on so many different areas And, you know, the reason is like, why not? Right? The productivity increase is real. We're seeing the productivity increase. Enterprises are spending on collaboration tools, productivity tools, We're seeing an increased perception in productivity of their workforce. And the CFOs can cut down an expense item. I just don't see a reason why this would end, you know, I think it's going to continue. And I also want to point out these results, as high as they are, were before the Omicron wave hit us. I can only imagine what these results would have been if we had sent the survey out just two or three weeks later. >> Yeah. That's a great point. Okay. Next prediction, we're going to look at the supply chain, specifically in how it's affecting some of the hardware spending and cloud strategies in the future. So in this chart, ETRS buyers, have you experienced problems procuring hardware as a result of supply chain issues? And, you know, despite the fact that some companies are, you know, I would call out Dell, for example, doing really well in terms of delivering, you can see that in the numbers, it's pretty clear, there's been an impact. And that's not not an across the board, you know, thing where vendors are able to deliver, especially acute in PCs, but also pronounced in networking, also in firewall servers and storage. And what's interesting is how companies are responding and reacting. So first, you know, I'm going to call the laptop and PC demand staying well above pre-COVID norms. It had peaked in 2012. Pre-pandemic it kept dropping and dropping and dropping, in terms of, you know, unit volume, where the market was contracting. And we think can continue to grow this year in double digits in 2022. But what's interesting, Erik, is when you survey customers, is despite the difficulty they're having in procuring network hardware, there's as much of a migration away from existing networks to the cloud. You could probably comment on that. Their networks are more fossilized, but when it comes to firewalls and servers and storage, there's a much higher propensity to move to the cloud. 30% of customers that ETR surveyed will replace security appliances with cloud services and 41% and 34% respectively will move to cloud compute and storage in 2022. So cloud's relentless march on traditional on-prem models continues. Erik, what do you make of this data? Please weigh in on this prediction. >> As if we needed another reason to go to the cloud. Right here, here it is yet again. So this was added to the survey by client demand. They were asking about the procurement difficulties, the supply chain issues, and how it was impacting our community. So this is the first time we ran it. And it really was interesting to see, you know, the move there. And storage particularly I found interesting because it correlated with a huge jump that we saw on one of our vendor names, which was Rubrik, had the highest net score that it's ever had. So clearly we're seeing some correlation with some of these names that are there, you know, really well positioned to take storage, to take data into the cloud. So again, you didn't need another reason to, you know, hasten this digital transformation, but here we are, we have it yet again, and I don't see it slowing down anytime soon. >> You know, that's a really good point. I mean, it's not necessarily bad news for the... I mean, obviously you wish that it had no change, would be great, but things, you know, always going to change. So we'll talk about this a little bit later when we get into the Supercloud conversation, but this is an opportunity for people who embrace the cloud. So we'll come back to that. And I want to hang on cloud a bit and share some recent projections that we've made. The next prediction is the big four cloud players are going to surpass 167 billion, an IaaS and PaaS revenue in 2022. We track this. Observers of this program know that we try to create an apples to apples comparison between AWS, Azure, GCP and Alibaba in IaaS and PaaS. So we're calling for 38% revenue growth in 2022, which is astounding for such a massive market. You know, AWS is probably not going to hit a hundred billion dollar run rate, but they're going to be close this year. And we're going to get there by 2023, you know they're going to surpass that. Azure continues to close the gap. Now they're about two thirds of the size of AWS and Google, we think is going to surpass Alibaba and take the number three spot. Erik, anything you'd like to add here? >> Yeah, first of all, just on a sector level, we saw our sector, new survey net score on cloud jumped another 10%. It was already really high at 48. Went up to 53. This train is not slowing down anytime soon. And we even added an edge compute type of player, like CloudFlare into our cloud bucket this year. And it debuted with a net score of almost 60. So this is really an area that's expanding, not just the big three, but everywhere. We even saw Oracle and IBM jump up. So even they're having success, taking some of their on-prem customers and then selling them to their cloud services. This is a massive opportunity and it's not changing anytime soon, it's going to continue. >> And I think the operative word there is opportunity. So, you know, the next prediction is something that we've been having fun with and that's this Supercloud becomes a thing. Now, the reason I say we've been having fun is we put this concept of Supercloud out and it's become a bit of a controversy. First, you know, what the heck's the Supercloud right? It's sort of a buzz-wordy term, but there really is, we believe, a thing here. We think there needs to be a rethinking or at least an evolution of the term multi-cloud. And what we mean is that in our view, you know, multicloud from a vendor perspective was really cloud compatibility. It wasn't marketed that way, but that's what it was. Either a vendor would containerize its legacy stack, shove it into the cloud, or a company, you know, they'd do the work, they'd build a cloud native service on one of the big clouds and they did do it for AWS, and then Azure, and then Google. But there really wasn't much, if any, leverage across clouds. Now from a buyer perspective, we've always said multicloud was a symptom of multi-vendor, meaning I got different workloads, running in different clouds, or I bought a company and they run on Azure, and I do a lot of work on AWS, but generally it wasn't necessarily a prescribed strategy to build value on top of hyperscale infrastructure. There certainly was somewhat of a, you know, reducing lock-in and hedging the risk. But we're talking about something more here. We're talking about building value on top of the hyperscale gift of hundreds of billions of dollars in CapEx. So in addition, we're not just talking about transforming IT, which is what the last 10 years of cloud have been like. And, you know, doing work in the cloud because it's cheaper or simpler or more agile, all of those things. So that's beginning to change. And this chart shows some of the technology vendors that are leaning toward this Supercloud vision, in our view, building on top of the hyperscalers that are highlighted in red. Now, Jerry Chan at Greylock, they wrote a piece called Castles in the Cloud. It got our thinking going, and he and the team at Greylock, they're building out a database of all the cloud services and all the sub-markets in cloud. And that got us thinking that there's a higher level of abstraction coalescing in the market, where there's tight integration of services across clouds, but the underlying complexity is hidden, and there's an identical experience across clouds, and even, in my dreams, on-prem for some platforms, so what's new or new-ish and evolving are things like location independence, you've got to include the edge on that, metadata services to optimize locality of reference and data source awareness, governance, privacy, you know, application independent and dependent, actually, recovery across clouds. So we're seeing this evolve. And in our view, the two biggest things that are new are the technology is evolving, where you're seeing services truly integrate cross-cloud. And the other big change is digital transformation, where there's this new innovation curve developing, and it's not just about making your IT better. It's about SaaS-ifying and automating your entire company workflows. So Supercloud, it's not just a vendor thing to us. It's the evolution of, you know, the, the Marc Andreessen quote, "Every company will be a SaaS company." Every company will deliver capabilities that can be consumed as cloud services. So Erik, the chart shows spending momentum on the y-axis and net score, or presence in the ETR data center, or market share on the x-axis. We've talked about snowflake as the poster child for this concept where the vision is you're in their cloud and sharing data in that safe place. Maybe you could make some comments, you know, what do you think of this Supercloud concept and this change that we're sensing in the market? >> Well, I think you did a great job describing the concept. So maybe I'll support it a little bit on the vendor level and then kind of give examples of the ones that are doing it. You stole the lead there with Snowflake, right? There is no better example than what we've seen with what Snowflake can do. Cross-portability in the cloud, the ability to be able to be, you know, completely agnostic, but then build those services on top. They're better than anything they could offer. And it's not just there. I mean, you mentioned edge compute, that's a whole nother layer where this is coming in. And CloudFlare, the momentum there is out of control. I mean, this is a company that started off just doing CDN and trying to compete with Okta Mite. And now they're giving you a full soup to nuts with security and actual edge compute layer, but it's a fantastic company. What they're doing, it's another great example of what you're seeing here. I'm going to call out HashiCorp as well. They're more of an infrastructure services, a little bit more of an open-source freemium model, but what they're doing as well is completely cloud agnostic. It's dynamic. It doesn't care if you're in a container, it doesn't matter where you are. They recently IPO'd and they're down 25%, but their data looks so good across both of our emerging technology and TISA survey. It's certainly another name that's playing on this. And another one that we mentioned as well is Rubrik. If you need storage, compute, and in the cloud layer and you need to be agnostic to it, they're another one that's really playing in this space. So I think it's a great concept you're bringing up. I think it's one that's here to stay and there's certainly a lot of vendors that fit into what you're describing. >> Excellent. Thank you. All right, let's shift to data. The next prediction, it might be a little tough to measure. Before I said we're trying to be a little black and white here, but it relates to Data Mesh, which is, the ideas behind that term were created by Zhamak Dehghani of ThoughtWorks. And we see Data Mesh is really gaining momentum in 2022, but it's largely going to be, we think, confined to a more narrow scope. Now, the impetus for change in data architecture in many companies really stems from the fact that their Hadoop infrastructure really didn't solve their data problems and they struggle to get more value out of their data investments. Data Mesh prescribes a shift to a decentralized architecture in domain ownership of data and a shift to data product thinking, beyond data for analytics, but data products and services that can be monetized. Now this a very powerful in our view, but they're difficult for organizations to get their heads around and further decentralization creates the need for a self-service platform and federated data governance that can be automated. And not a lot of standards around this. So it's going to take some time. At our power panel a couple of weeks ago on data management, Tony Baer predicted a backlash on Data Mesh. And I don't think it's going to be so much of a backlash, but rather the adoption will be more limited. Most implementations we think are going to use a starting point of AWS and they'll enable domains to access and control their own data lakes. And while that is a very small slice of the Data Mesh vision, I think it's going to be a starting point. And the last thing I'll say is, this is going to take a decade to evolve, but I think it's the right direction. And whether it's a data lake or a data warehouse or a data hub or an S3 bucket, these are really, the concept is, they'll eventually just become nodes on the data mesh that are discoverable and access is governed. And so the idea is that the stranglehold that the data pipeline and process and hyper-specialized roles that they have on data agility is going to evolve. And decentralized architectures and the democratization of data will eventually become a norm for a lot of different use cases. And Erik, I wonder if you'd add anything to this. >> Yeah. There's a lot to add there. The first thing that jumped out to me was that that mention of the word backlash you said, and you said it's not really a backlash, but what it could be is these are new words trying to solve an old problem. And I do think sometimes the industry will notice that right away and maybe that'll be a little pushback. And the problems are what you already mentioned, right? We're trying to get to an area where we can have more assets in our data site, more deliverable, and more usable and relevant to the business. And you mentioned that as self-service with governance laid on top. And that's really what we're trying to get to. Now, there's a lot of ways you can get there. Data fabric is really the technical aspect and data mesh is really more about the people, the process, and the governance, but the two of those need to meet, in order to make that happen. And as far as tools, you know, there's even cataloging names like Informatica that play in this, right? Istio plays in this, Snowflake plays in this. So there's a lot of different tools that will support it. But I think you're right in calling out AWS, right? They have AWS Lake, they have AWS Glue. They have so much that's trying to drive this. But I think the really important thing to keep here is what you said. It's going to be a decade long journey. And by the way, we're on the shoulders of giants a decade ago that have even gotten us to this point to talk about these new words because this has been an ongoing type of issue, but ultimately, no matter which vendors you use, this is going to come down to your data governance plan and the data literacy in your business. This is really about workflows and people as much as it is tools. So, you know, the new term of data mesh is wonderful, but you still have to have the people and the governance and the processes in place to get there. >> Great, thank you for that, Erik. Some great points. All right, for the next prediction, we're going to shine the spotlight on two of our favorite topics, Snowflake and Databricks, and the prediction here is that, of course, Databricks is going to IPO this year, as expected. Everybody sort of expects that. And while, but the prediction really is, well, while these two companies are facing off already in the market, they're also going to compete with each other for M&A, especially as Databricks, you know, after the IPO, you're going to have, you know, more prominence and a war chest. So first, these companies, they're both looking pretty good, the same XY graph with spending velocity and presence and market share on the horizontal axis. And both Snowflake and Databricks are well above that magic 40% red dotted line, the elevated line, to us. And for context, we've included a few other firms. So you can see kind of what a good position these two companies are really in, especially, I mean, Snowflake, wow, it just keeps moving to the right on this horizontal picture, but maintaining the next net score in the Y axis. Amazing. So, but here's the thing, Databricks is using the term Lakehouse implying that it has the best of data lakes and data warehouses. And Snowflake has the vision of the data cloud and data sharing. And Snowflake, they've nailed analytics, and now they're moving into data science in the domain of Databricks. Databricks, on the other hand, has nailed data science and is moving into the domain of Snowflake, in the data warehouse and analytics space. But to really make this seamless, there has to be a semantic layer between these two worlds and they're either going to build it or buy it or both. And there are other areas like data clean rooms and privacy and data prep and governance and machine learning tooling and AI, all that stuff. So the prediction is they'll not only compete in the market, but they'll step up and in their competition for M&A, especially after the Databricks IPO. We've listed some target names here, like Atscale, you know, Iguazio, Infosum, Habu, Immuta, and I'm sure there are many, many others. Erik, you care to comment? >> Yeah. I remember a year ago when we were talking Snowflake when they first came out and you, and I said, "I'm shocked if they don't use this war chest of money" "and start going after more" "because we know Slootman, we have so much respect for him." "We've seen his playbook." And I'm actually a little bit surprised that here we are, at 12 months later, and he hasn't spent that money yet. So I think this prediction's just spot on. To talk a little bit about the data side, Snowflake is in rarefied air. It's all by itself. It is the number one net score in our entire TISA universe. It is absolutely incredible. There's almost no negative intentions. Global 2000 organizations are increasing their spend on it. We maintain our positive outlook. It's really just, you know, stands alone. Databricks, however, also has one of the highest overall net sentiments in the entire universe, not just its area. And this is the first time we're coming up positive on this name as well. It looks like it's not slowing down. Really interesting comment you made though that we normally hear from our end-user commentary in our panels and our interviews. Databricks is really more used for the data science side. The MLAI is where it's best positioned in our survey. So it might still have some catching up to do to really have that caliber of usability that you know Snowflake is seeing right now. That's snowflake having its own marketplace. There's just a lot more to Snowflake right now than there is Databricks. But I do think you're right. These two massive vendors are sort of heading towards a collision course, and it'll be very interesting to see how they deploy their cash. I think Snowflake, with their incredible management and leadership, probably will make the first move. >> Well, I think you're right on that. And by the way, I'll just add, you know, Databricks has basically said, hey, it's going to be easier for us to come from data lakes into data warehouse. I'm not sure I buy that. I think, again, that semantic layer is a missing ingredient. So it's going to be really interesting to see how this plays out. And to your point, you know, Snowflake's got the war chest, they got the momentum, they've got the public presence now since November, 2020. And so, you know, they're probably going to start making some aggressive moves. Anyway, next prediction is something, Erik, that you and I have talked about many, many times, and that is observability. I know it's one of your favorite topics. And we see this world screaming for more consolidation it's going all in on cloud native. These legacy stacks, they're fighting to stay relevant, but the direction is pretty clear. And the same XY graph lays out the players in the field, with some of the new entrants that we've also highlighted, like Observe and Honeycomb and ChaosSearch that we've talked about. Erik, we put a big red target around Splunk because everyone wants their gold. So please give us your thoughts. >> Oh man, I feel like I've been saying negative things about Splunk for too long. I've got a bad rap on this name. The Splunk shareholders come after me all the time. Listen, it really comes down to this. They're a fantastic company that was designed to do logging and monitoring and had some great tool sets around what you could do with it. But they were designed for the data center. They were designed for prem. The world we're in now is so dynamic. Everything I hear from our end user community is that all net new workloads will be going to cloud native players. It's that simple. So Splunk has entrenched. It's going to continue doing what it's doing and it does it really, really well. But if you're doing something new, the new workloads are going to be in a dynamic environment and that's going to go to the cloud native players. And in our data, it is extremely clear that that means Datadog and Elastic. They are by far number one and two in net score, increase rates, adoption rates. It's not even close. Even New Relic actually is starting to, you know, entrench itself really well. We saw New Relic's adoption's going up, which is super important because they went to that freemium model, you know, to try to get their little bit of an entrenched customer base and that's working as well. And then you made a great list here, of all the new entrants, but it goes beyond this. There's so many more. In our emerging technology survey, we're seeing Century, Catchpoint, Securonix, Lucid Works. There are so many options in this space. And let's not forget, the biggest data that we're seeing is with Grafana. And Grafana labs as yet to turn on their enterprise. Elastic did it, why can't Grafana labs do it? They have an enterprise stack. So when you look at how crowded this space is, there has to be consolidation. I recently hosted a panel and every single guy on that panel said, "Please give me a consolidation." Because they're the end users trying to actually deploy these and it's getting a little bit confusing. >> Great. Thank you for that. Okay. Last prediction. Erik, might be a little out of your wheelhouse, but you know, you might have some thoughts on it. And that's a hybrid events become the new digital model and a new category in 2022. You got these pure play digital or virtual events. They're going to take a back seat to in-person hybrids. The virtual experience will eventually give way to metaverse experiences and that's going to take some time, but the physical hybrid is going to drive it. And metaverse is ultimately going to define the virtual experience because the virtual experience today is not great. Nobody likes virtual. And hybrid is going to become the business model. Today's pure virtual experience has to evolve, you know, theCUBE first delivered hybrid mid last decade, but nobody really wanted it. We did Mobile World Congress last summer in Barcelona in an amazing hybrid model, which we're showing in some of the pictures here. Alex, if you don't mind bringing that back up. And every physical event that we're we're doing now has a hybrid and virtual component, including the pre-records. You can see in our studios, you see that the green screen. I don't know. Erik, what do you think about, you know, the Zoom fatigue and all this. I know you host regular events with your round tables, but what are your thoughts? >> Well, first of all, I think you and your company here have just done an amazing job on this. So that's really your expertise. I spent 20 years of my career hosting intimate wall street idea dinners. So I'm better at navigating a wine list than I am navigating a conference floor. But I will say that, you know, the trend just goes along with what we saw. If 35% are going to be fully remote. If 70% are going to be hybrid, then our events are going to be as well. I used to host round table dinners on, you know, one or two nights a week. Now those have gone virtual. They're now panels. They're now one-on-one interviews. You know, we do chats. We do submitted questions. We do what we can, but there's no reason that this is going to change anytime soon. I think you're spot on here. >> Yeah. Great. All right. So there you have it, Erik and I, Listen, we always love the feedback. Love to know what you think. Thank you, Erik, for your partnership, your collaboration, and love doing these predictions with you. >> Yeah. I always enjoy them too. And I'm actually happy. Last year you made us do a baker's dozen, so thanks for keeping it to 10 this year. >> (laughs) We've got a lot to say. I know, you know, we cut out. We didn't do much on crypto. We didn't really talk about SaaS. I mean, I got some thoughts there. We didn't really do much on containers and AI. >> You want to keep going? I've got another 10 for you. >> RPA...All right, we'll have you back and then let's do that. All right. All right. Don't forget, these episodes are all available as podcasts, wherever you listen, all you can do is search Breaking Analysis podcast. Check out ETR's website at etr.plus, they've got a new website out. It's the best data in the industry, and we publish a full report every week on wikibon.com and siliconangle.com. You can always reach out on email, David.Vellante@siliconangle.com I'm @DVellante on Twitter. Comment on our LinkedIn posts. This is Dave Vellante for the Cube Insights powered by ETR. Have a great week, stay safe, be well. And we'll see you next time. (mellow music)

>> From theCUBE studios in Palo Alto in Boston, bringing you data-driven insights from theCUBE in ETR. This is Breaking Analysis with Dave Vellante. >> Despite the more than $100 billion spent each year fighting Cyber-crime. When we do an end-of-the year look back and ask "How did we do?" The answer is invariably the same, "Worse than last year." Pre pandemic, the picture was disheartening, but since March of 2020 the situation has only worsened as cyber-criminals have become increasingly sophisticated, better funded and more brazen. SecOps pros continue to fight, but unlike conventional wars, this one has no end. Now the flip side of course, is that markets continue to value cybersecurity firms at significant premiums. Because this huge market will continue to grow by double digits for the foreseeable future. Hello and welcome to this week's Wikibon theCUBE Insights powered by ETR. In this Breaking Analysis, we look at the state of cybersecurity in 2021 and beyond. We'll update you with the latest survey data from enterprise technology research and share the fundamentals that have investors piling into the security space like never before. Let's start with the customer view. Cybersecurity remains the number one priority for CIOs and CSOs. This latest ETR survey, once again asked IT buyers to rank their top priorities for the next 12 months. Now the last three polling period dating back to last March. Cybersecurity has outranked every top spending category, including cloud, data analytics, productivity software, networking, AI, and automation or RPA. Now this shouldn't surprise anybody, but it underscores the challenges that organizations face. Not only are they in the midst of a non-optional digital transformation, but they have to also fund a cyber war that has no ceasefires, no truces, and no exit path. Now there's much more going on in cybersecurity than ransomware, but certainly that has the attention of executives. And it's becoming more and more lucrative for attackers. Here's a snapshot of some of the more well-documented attacks this decade many which have occurred in very recent months. CNA Financial, they got hit earlier this year and paid a $40 million ransom. The Ireland Health Service also got hit this year and refused to pay the ransom, but it's estimated that the cost to recover and the damage to the organization exceeded half a billion dollars. The request was for a $20 million ransom. The JBS meat company hack, they paid $11 million. CWT travel paid $5 million. The disruption from the Colonial Pipeline company, was widely reported they paid more than $4 million, as the Brenntag, the chemical company. The NBA got hit. Computer makers, Quanta and Acer also. More than 2,000 random attacks were reported to the FBI in the first seven months of 2021. Up more than 60% from 2020. Now, as I've said many times, you don't have to be a genius to be a ransomware as today. Anyone can go on the dark web, tap into ransomware as a service. Attackers, they have insidious names like darkside, evil, the cobalt, crime gang, wizard spider, the Lazarus gang, and numerous others. Criminals they have negotiation services is most typically the attackers, they'll demand a specific amount of money but they're willing to compromise in an exchange of cryptocurrency for decryption keys. And as mentioned, it's not just ransomware supply chain attacks like the solar winds hack hit organizations within the U.S government and companies like Mimecast this year. Now, while these attacks often do end up in a ransom situation. The attackers sometimes find it more lucrative to live off the land and stealth fashion and ex filtrates sensitive data that can be sold or in the case of many financial institution attacks they'll steal information from say a chief investment officer that signals an upcoming trading strategy and then the attackers will front run that trade in the stock market. Now, of course phishing, remains one of the most prominent threats. Only escalated by the work from home trend as users bring their own devices and of course home networks are less secure. So it's bad, worse than ever before. But you know, if there's a problem, entrepreneurs and investors, they're going to be there to solve it. So here's a LinkedIn post from one of the top investors in the business, Mike Speiser. He was a founding investor in Snowflake. He helped get pure storage to escape velocity and many, many other successes. This hit my LinkedIn feed the other day, his company Sutter Hill Ventures is co-leading a 1.3 Series D on an $8.3 billion valuation. They're putting in over $200 million. Now Lacework is a threat detection software company that looks at security as a data problem and they monitor exposures across clouds. So very timely. So watch that company. They're going to soar. Now the right hand chart shows venture investments in cybersecurity over the past several years. You can see it exploded in 2019 to $7.6 billion. And people thought the market was peaking at that time, if you recall. But then investments rose a little bit to $7.8 billion in 2020 right in the middle of lockdown. And then the hybrid work, the cloud, the new normal thesis kicked in big time. It's in full gear this year. You can see nearly $12 billion invested in cybersecurity in the first half of 2021 alone. So the money keeps coming in as the problem gets worse and the market gets more crowded. Now we'd like to show this slide from Optiv, it's their security taxonomy. It'll make your eyes cross. It's so packed with companies in different sectors. We'll put a link in our posts, so you can stare at this. We've used this truck before. It's pretty good. It's comprehensive and it's worth spending some time to see what that landscape looks like. But now let's reduce this down a bit and bring in some of the ETR data. This is survey data from October that shows net score or spending momentum on the vertical axis and market share or pervasiveness in the dataset on the horizontal axis. That's a measure of mentioned share if you will. Now this is just isolated on the information security sector within the ETR taxonomies. No filters in terms of the number of responses. So it's every company that ETR picks up in cybersecurity from its buyer surveys. Now companies above that red line, we consider them to have a highly elevated spending momentum for their products and services. And you can see, there are a lot of companies that are in this map first of all, and several above that magic mark. So you can see the momentum of Microsoft and Palo Alto. That's most impressive because of their size, their pervasiveness in the study, Cisco and Splunk are also quite prominent. They don't have as much spending momentum, but they're pretty respectable. And you can see the companies that have been real movers in this market that we've been reporting on for a while. Okta, CrowdStrike, Zscaler, CyberArk, SailPoint, Authzero, all companies that we've extensively covered in previous breaking analysis episodes as the up and comers. And isn't it interesting that Datadog is now showing up in the vertical axis. You see that in the left-hand side up high, they're becoming more and more competitive to Splunk in this space as an alternative and lines are blurring between observability, log analytics, security, and as we previously reported even backup and recovery. But now let's simplify this picture a bit more and filter down a little bit further. This chart shows the same X, Y view. Same data construct and framework, but we required more than a hundred responses to hit the chart. So the companies, they have to have a notable market presence in the ETR survey. It's perhaps a bit less crowded, but still very packed. Isn't it? You can see firms that are less prominent in the space like Datadog fell off. The big companies we mentioned, obviously still prominent Microsoft, Palo Alto, Cisco and Splunk and then those with real momentum, they stand out a little bit. There's somewhat smaller, but they're gaining traction in the market. As we felt they would Okta and Auth zero, which Okta acquired as we reported on earlier this year, both showing strength as our CrowdStrike, Zscaler, CyberArk, which does identity and competition with Okta and SentinelOne, which went public mid this year. The company SentinelOne uses AI to do threat detection and has been doing quite well. SalePoint and Proofpoint are right on that red elevated line and then there's a big pack in the middle. Look, this is not an easy market to track. It's virtually every company plays in security. Look, AWS says some of the most advanced security in the business but they're not in the chart specifically, but you see Microsoft is. Because much of AWS security is built into services. Amazon customers heavily rely on the Amazon ecosystem which is in the Amazon marketplace for security products. And often they associate their security spend with those partners and not necessarily Amazon. And you'll see networking companies you see right there, like Juniper and the bottom there and in the ETR data set and the players like VMware in the middle of the pack. They've been really acquisitive for example, with carbon black. And the, of course, you've got a lot of legacy players like McAfee and RSA and IBM. Look, virtually every company has a security story and that will only become more common in the coming years. Now here's another look at the ETR data it's in the raw form, but it'll give you a sense of two things; One is how the data from the previous chart is plotted. And two, it gives you a time series of the data. So the data lists the top companies in the ETR data sets sorted by the October net score in the right most column. Again, that measures spending momentum. So to make the cut here, you had to have more than a hundred mentions which is shown on the left-hand side of the chart that shared N, IE that's shared accounts in the dataset. And you can track the data from last October, July of this year and the most recent October, 2021 survey. So we, drew that red line just about at the 40% net score market coincidentally, there are 10 companies that are over that figure over that bar. We sometimes call out the four star companies. We give four stars to those companies that both are in the top 10 and spending momentum and the top in prominence are shared N in the dataset. So some of these 10 would fit into that profile by that methodology, specifically, Microsoft, Okta, CrowdStrike, and Palo Alto networks. They would be the four star companies. Now a couple of other things to point out here, DDoS attacks, they're still relevant, and they're real threat. So a company like CloudFlare which is just above that red line they play in that space. Now we've also shaded the companies in the fat middle. A lot of these companies like Cisco and Splunk for example, they're major players in the security space with very strong offerings and customer affinity. We sometimes give them two stars. So this is what makes this market so interesting. It's not like the high end discourage market where literally every vendor in the Gartner magic quadrant is up in the right, okay. And there's only five or four or five, six vendors there. This market is diverse with many, many segments and sub segments, and it's such a vital space. And there's so many holes to fill with an ever changing threat landscape as we've seen in the last two years. So this is in part which makes it such a good market for investors. There's a lot of room for growth and not just from stealing market share. That's certainly an opportunity there, but things like cloud, multi-cloud, shifting end points, the edge ,and so forth make this space really ripe for investments. And to underscore this, we put together this little chart of some of the pure play security firms to see how their stock performance has done recently. So you can see that here, you know, it's a little hard to read, but it's not hard to see that Okta, CrowdStrike, Zscaler on the left have been big movers. These charts where possible all show a cross here, starting at the lockdown last year. The only exception is SentinelOne which IPO mid this year. So that's the point March, 2020 when the whole world changed and security priorities really started to shift to accommodate the work from home. But it's quite obvious that since the pandemic, these six companies have been on a tear for the fundamental reason that hybrid work has created a shift in spending priorities for CSOs. No longer are organizations just spending on hardening a perimeter, that perimeter has been blown away. The network is flattening. Work is what you do, it's no longer a place. As such threats are on the rise and cloud, endpoint security, identity access tools there become increasingly vital and the vendors who provide them are on the rise. So it's no surprise that the players that we've listed here which play quite prominently in those markets are all on fire. So now in summary, I want to stress that while the picture is sometimes discouraging. The entire world is becoming more and more tuned in to the cyber threat. And that's a good thing. Money is pouring in. Look, technology got us into this problem and technology is a defensive weapon that will help us continue this fight. But it's going to take more than technology. And I want to share something. We get dozens and dozens of in bounds this time of the year because we do an annual predictions posts. So folks and they want to help us out. So now most of the in bounds and the predictions that we get, they're just kind of observations or frankly, non predictions that can't really be measured as like where you right, or where you're wrong. So for the most part I like predictions that are binary. For example, last December we predicted their IT spending in 2021 would rebound and grow at 4% relative to 2020. Well, it did rebound but that prediction really wasn't as accurate as I'd like. It was frankly wrong. We think it's actually the market's going to actually grow. Spending's going to grow more like 7% this year. Not to worry plenty of our predictions came true, but we'll leave that for another day. Anyway, I got an email from Dean Fisk of Fisk partners. It's a PR firm representing an individual named Lyndon Brown chief of strategy officer of Pondurance. Pondurance is a security consultancy. And the email had the standard, Hey, in case you're working on a predictions post this year end, blah, blah, blah. But instead of sharing with me, a bunch of non predictions, the notes said here's some trends in cybersecurity that might be worth thinking about. And there were a few predictions sprinkled in there, but I wanted to call it a couple of the comments from Linden Brown, whom I don't know, I never met the guy, but I really thought his trends were spot on. The first was a stat I'll share that the United Nations report cyber crime is up 600% due to the pandemic. If as if I couldn't feel worse already. His first point though was that the hybrid workplace will be the new frontier for cyber. Yes, we totally agree. There are permanent shifts taking place. And we actually predicted that last year, but he further cited that many companies went from zero to full digital transformation overnight and many are still on that journey. And his point is that hybrid work is going to require a complete overhaul of how we think about security. We think this is very true. Now the other point that stood out is that governments are going to crack down on this behavior. And we've seen this where criminals have had their critical infrastructure dismantled by governments. No doubt the U.S government has the capabilities to do so. And it is very much focused on this issue. But it's tricky as Robert Gates, who was the former defense secretary, told me a few years back in theCUBE. He said, well, we have the best offense. We also have the most to lose. So we have to be very careful, but Linden's key point was you are going to see a much more forward and aggressive public policy and new laws that give crime fighters more latitude . Again, it's tricky kind of like the Patriot act was tricky but it's coming. Now, another call-out from Linden shares his assertion that natural disasters will bring increased cyber risk. And I thought this was a really astute point because natural disasters they're on the rise. And when there's chaos, there's cash opportunities for criminals. And I'll add to this that the supply chain risk is far from over. This is going to be continuing theme this coming year and beyond. And one of the things that Linden Brown said in his note to me is essentially you can't take humans out of the equation. Automation alone can't solve the problem, but some companies operate as though they can. Just as bad human behavior, can tramp good security, Good human education and behavior is going to be a key weapon in this endless war. Now the last point is we're going to see continued escalation government crackdowns are going to bring retaliation and to Gates' point. The U.S has a lot at stake. So expect insurance premiums are going to go through the roof. That's assuming you can even get cyber insurance. And so we got to hope for the best, but for sure, we have to plan for the worst because it's coming. Deploy technology aggressively but people in process will ultimately be the other ingredients that allow us to live to battle for another day. Okay. That's a wrap for today. Remember these episodes they're all available as podcasts, wherever you listen just search "breaking analysis" podcast. Check out ETR his website at ETR.plus. We also publish a full report every week on Wikibond.com and siliconangle.com. You can get in touch. Email me @david.volante@tsiliconangle.com or you can DM me @dvellante. Comment on our LinkedIn posts. This is Dave Vellante for theCUBE insights powered by ETR. Have a great week. everybody stay safe, be well. And we'll see you next time. (techno music)

>> From "theCUBE" studios in Palo Alto in Boston, bringing you data-driven insights from "theCUBE" in ETR. This is breaking analysis with Dave Vellante. >> Chief Information Security Officer's site trust, is the number one value attribute, they can deliver to their organizations. And when it comes to security, identity is the new attack surface. As such identity and access management, continue to be the top priority among technology decision makers. It also happens to be one of the most challenging and complicated areas of the cybersecurity landscape. Okta, a leader in the identity space has announced its intent to converge privileged access and Identity Governance in an effort to simplify the landscape and re-imagine identity. Our research shows that interest in this type of consolidation is very high, but organizations believe technical debt, compatibility issues, expense and lack of talent are barriers to reaching cyber nirvana, with their evolving Zero-Trust networks. Hello and welcome to this week's Wikibon CUBE insights, powered by ETR. In this breaking analysis, we'll explore the complex and evolving world of identity access and privileged account management, with an assessment of Okta's market expansion aspirations and fresh data from ETR, and input from my colleague Eric Bradley. Let's start by exploring identity and why it's fundamental to digital transformations. Look the pandemic accelerated digital and digital raises the stakes in cybersecurity. We've covered this extensively, but today we're going to drill into identity, which is one of the hardest nuts to crack in security. If hackers can steal someone's identity, they can penetrate networks. If that someone has privileged access to databases, financial information, HR systems, transaction systems, the backup corpus, well. You get the point. There are many bespoke tools to support a comprehensive identity access management and privilege access system. Single sign-on, identity aggregation, de-duplication of identities, identity creation, the governance of those identities, group management. Many of these tools are open source. So you have lots of vendors, lots of different systems, and often many dashboards. Practitioners tell us that it's the paper cuts that kill them, patches that aren't applied, open ports, orphan profiles that aren't disabled. They'd love to have a single dashboard, but it's often not practical for large organizations because of the bespoke nature of the tooling and the skills required to manage them. Now, adding to this complexity, many organizations have different identity systems for privileged accounts, the general employee population and customer identity. For example, around 50 percent of ETR respondents in a recent survey use different systems for workforce identity and consumer identity. Now this is often done because the consumer identity is a totally different journey. The consumer is out in the wild and takes an unknown, nonlinear path and then enters the known space inside a brand's domain. The employee identity journey is known throughout. You go onboarding, to increasing responsibilities and more access to off-boarding. Privileged access may even have different attributes, does usually like no email and, or no shared credentials. And we haven't even touched on the other identity consumers in the ecosystem like selling partners, suppliers, machines, etcetera. Like I said, it's complicated and meeting the needs of auditors is stressful and expensive for CSOs. Open chest wounds, such as sloppy histories of privileged access approvals, obvious role conflicts, missing data, inconsistent application of policy and the list goes on. The expense of securing digital operations goes well beyond the software and hardware acquisition costs. So there's a real need and often desire, to converge these systems. But technical debt makes it difficult. Companies have spent a lot of time, effort and money on their identity systems and they can't just rip and replace. So they often build by integrating piece parts or they add on to their Quasi-integrated monolithic systems. And then there's the whole Zero-Trust concept. It means a lot of different things to a lot of different people, but folks are asking if I have Zero-Trust, does it eliminate the need for identity? And what does that mean for my architecture, going forward. So, let's take a snapshot of some of the key players in identity and PAM, Privileged Access Management. This is an X-Y graph that we always like to show. It shows the net score or spending velocity, spending momentum on the vertical axis and market share or presence in the ETR dataset on the horizontal axis. It's not like revenue market share. It's just, it's mentioned market share if you will. So it's really presence in the dataset. Now, note the chart insert, the table, which shows the actual data for Net Score and Shared In, which informs the position of the dot. The red dotted line there, it indicates an elevated level. Anything over 40 percent that mark, we consider the strongest spending velocity. Now within this subset of vendors that we've chosen, where we've tried to identify some, most of them are pure plays, in this identity space. You can see there are six above that 40 percent mark including Zscaler, which tops the charts, Okta, which has been at or near the top for several quarters. There's an argument by the way, to be made that Okta and Zscaler are on a collision course as Okta expands it's TAM, but let's just park that thought for a moment. You can see Microsoft with a highly elevated spending score and a massive presence on the horizontal axis, CyberArk and SailPoint, which Okta is now aiming to disrupt and Auth zero, which Okta officially acquired in may of this year, more on that later now. Now, below that 40 percent mark you can see Cisco, which is largely acquired companies in order to build its security portfolio. For example, Duo which focuses on access and multi-factor authentication. Now, word of caution, Cisco and Microsoft in particular are overstated because, this includes their entire portfolio of security products, whereas the others are more closely aligned as pure plays in identity and privileged access. ThycotyicCentrify is pretty close to that 40 percent mark and came about as a result of the two companies merging in April of this year. More evidence of consolidation in this space, BeyondTrust is close to the red line as well, which is really interesting because this is a company whose roots go back to the VAX VMS days, which many of you don't even know what a VAX VMS is in the mid 1980s. It was the mini computer standard and the company has evolved to provide more modern PAM solutions. Ping Identity is also notable in that, it essentially emerged after the dot com bust in the early 2000s as an identity solution provider for single sign-on, SSO and multifactor authentication, MFA solutions. In IPO'd in the second half of 2019, just prior to the pandemic. It's got a $2 billion market cap-down from its highs of around $3 billion earlier this year and last summer. And like many of the remote work stocks, they bounced around, as the reopening trade and lofty valuations have weighed on many of these names, including Okta and SailPoint. Although CyberArk, actually acted well after its August 12th earnings call as its revenue growth about doubled year on year. So hot space and a big theme this year is around Okta's acquisition of Auth zero and its announcement at Oktane 2021, where it entered the PAM market and announced its thrust to converge its platform around PAM and Identity Governance and administration. Now I spoke earlier this week with Diya Jolly, who's the Chief Product Officer at Okta and I'll share some of her thoughts later in this segment. But first let's look at some of the ETR data from a recent drill down study that our friends over there conducted. This data is from a drill down that was conducted early this summer, asking organizations how important it is to have a single dashboard for access management, Identity Governance and privileged access. This goes directly to Okta strategy that it announced this year at it's Oktane user conference. Basically 80 percent of the respondents want this. So this is no surprise. Now let's stay on this theme of convergence. ETR asks security pros if they thought convergence between access management and Identity Governance would occur within the next three years. And as you can see, 89% believe this is going to happen. They either strongly agree, agree, or somewhat agree. I mean, it's almost as though the CSOs are willing this to occur. And this seemingly bodes well for Okta, which in April announced its intent to converge PAM and IGA. Okta's Diya jolly stressed to me that this move was in response to customer demand. And this chart confirms that, but there's a deeper analysis worth exploring. Traditional tools of identity, single sign-on SSO and multi-factor authentication MFA, they're being commoditized. And the most obvious example of this is OAuth or Open Authorization. You know, log in with Twitter, Google, LinkedIn, Amazon, Facebook. Now Okta currently has around a $35 billion market cap as of today, off from its highs, which were well over 40 billion earlier this year. Okta stated, previously stated, total addressable market was around 55 billion. So CEO, Todd McKinnon had to initiate a TAM expansion play, which is the job of any CEO, right? Now, this move does that. It increases the company's TAM by probably around $20 to $30 billion in our view. Moreover, the number one criticism of Okta is, "Your price is too high." That's a good problem to have I say. Regardless, Okta has to think about adding more value to its customers and prospects, and this move both expands its TAM and supports its longer-term vision to enable a secure user-controlled ubiquitous, digital identity, supporting federated users and data within a centralized system. Now, the other thing Jolly stressed to me is that Okta is heavily focused on the user experience, making it simple and consumer grade easy. At Oktane 21, she gave a keynote laying out the company's vision. It was a compelling presentation designed to show how complex the problem is and how Okta plans to simplify the experience for end users, service providers, brands, and the overall technical community across the ecosystem. But look, there are a lot of challenges, the company faces to pull this off. So let's dig into that a little bit. Zero-Trust has been the buzz word and it's a direction, the industry is moving towards, although there are skeptics. Zero-Trust today is aspirational. It essentially says you don't trust any user or device. And the system can ensure the right people or machines, have the proper level of access to the resources they need all the time, with a fantastic user experience. So you can see why I call this nirvana earlier. In previous breaking analysis segments, we've laid out a map for protecting your digital identity, your passwords, your crypto wallets, how to create Air Gaps. It's a bloody mess. So ETR asked security pros if they thought a hybrid of access management and Zero-Trust network could replace their PAM systems, because if you can achieve Zero-Trust in a world with no shared credentials and real-time access, a direction which Diya jolly clearly told me Okta is headed, then in theory, you can eliminate the need for Privileged Access Management. Another way of looking at this is, you do for every user what you do for PAM users. And that's how you achieve Zero-Trust. But you can see from this picture that there's more uncertainty here with nearly 50 percent of the sample, not in agreement that this is achievable. Practitioners in Eric Bradley's round tables tell us that you'll still need the PAM system to do things, like session auditing and credential checkouts and other things. But much of the PAM functionality could be handled by this Zero-Trust environment we believe. ETR then asks the security pros, how difficult it would be to replace their PAM systems. And this is where it gets interesting. You can see by this picture. The enthusiasm wanes quite a bit when the practitioners have to think about the challenges associated with replacing Privileged Access Management Systems with a new hybrid. Only 20 percent of the respondents see this as, something that is easy to do, likely because they are smaller and don't have a ton of technical debt. So the question and the obvious question is why? What are the difficulties and challenges of replacing these systems? Here's a diagram that shows the blockers. 53 percent say gaps in capabilities. 26 percent say there's no clear ROI. IE too expensive and 11 percent interestingly said, they want to stay with best of breed solutions. Presumably handling much of the integration of the bespoke capabilities on their own. Now speaking with our Eric Bradley, he shared that there's concern about "rip and replace" and the ability to justify that internally. There's also a significant buildup in technical debt, as we talked about earlier. One CSO on an Eric Bradley ETR insights panel explained that the big challenge Okta will face here, is the inertia of entrenched systems from the likes of SailPoint, Thycotic and others. Specifically, these companies have more mature stacks and have built in connectors to legacy systems over many years and processes are wired to these systems and would be very difficult to change with skill sets aligned as well. One practitioner told us that he went with SailPoint almost exclusively because of their ability to interface with SAP. Further, he said that he believed, Okta would be great at connecting to other cloud API enabled systems. There's a large market of legacy systems for which Okta would have to build custom integrations and that would be expensive and would require a lot of engineering. Another practitioner said, "We're not implementing Okta, but we strongly considered it." The reason they didn't go with was the company had a lot of on-prem legacy apps and so they went with Microsoft Identity Manager, but that didn't meet the grade because the user experience was subpar. So they're still searching for a solution that can be good at both cloud and on-prem. Now, a third CSO said, quote, " I've spent a lot of money, writing custom connectors to SailPoint", and he's stressed a lot of money, he said that several times. "So, who was going to write those custom connectors for me? Will Okta do it for free? I just don't see that happening", end quote. Further, this individual said, quote, "It's just not going to be an easy switch. And to be clear, SailPoint is not our PAM solution. That's why we're looking at CyberArk." So the complexity that, unquote. So the complexity and fragmentation continues. And personally I see this as a positive trend for Okta, if it can converge these capabilities. Now I pressed Okta's Diya Jolly on these challenges and the difficulties of replacing them over to our stacks of the competitors. She fully admitted, this was a real issue But her answer was that Okta is betting on the future of microservices and cloud disruption. Her premise is that Okta's platform is better suited for this new application environment, and they're essentially betting on organizations modernizing their application portfolios and Okta believes that it will be ultimately a tailwind for the company. Now let's look at the age old question of best of breed versus incumbent slash integrated suite. ETR and it's drilled down study ask customers, when thinking about identity and access management solutions, do you prefer best of breed and incumbent that you're already using or the most cost efficient solution? The respondents were asked to force rank one, two and three, and you can see, incumbent just edged out best in breed with a 2.2 score versus a 2.1, with the most cost-effective choice at 1.7. Now, overall, I would say, this is good news for Okta. Yes, they faced the issues that we brought up earlier but as digital transformations lead to modernizing much of the application portfolio with container and microservices, Okta will be in a position, assuming it continues to innovate, to pick up much of this business. And to the point earlier, where the CSO told us they're going to use both SailPoint and CyberArk. When ETR asked practitioners which vendors are in the best position to benefit from Zero-Trust, the Zero-Trust trend, the answers were not surprisingly all over the place. Lots of Okta came up. Zscaler came up a lot too, hmm. There's that collision course. But plenty of SailPoint, Palo Alto, Microsoft, Netskope, Dichotic, Centrify, Cisco, all over the map. So now let's look specifically at how practitioners are thinking about Okta's latest announcements. This chart shows the results of the question. Are you planning to evaluate Okta's recently announced Identity Governance and PAM offerings? 45 to nearly 50 percent of the respondents either were already using or plan to evaluate, with just around 40 percent saying they had no plans to evaluate. So again, this is positive news for Okta in our view. The huge portion of the market is going to take a look at what Okta's doing. Combined with the underlying trends that we shared earlier related to the need for convergence, this is good news for the company. Now, even if the blockers are too severe to overcome, Okta will be on the radar and is on the radar as you can see from this data. And as with the Microsoft MIM example, the company will be seen as increasingly strategic, Okta that is, and could get another bite at the apple. Moreover, Okta's acquisition of Auth zero is strategically important. One of the other things Jolly told me is they see initiative starting both from devs and then hand it over to IT to implement, and then the reverse where IT may be the starting point and then go to devs to productize the effort. The Auth zero acquisition gives Okta plays in both games, because as we've reported earlier, Okta wasn't strong with the devs, Auth zero that was their wheelhouse. Now Okta has both. Now on the one hand, when you talk to practitioners, they're excited about the joint capabilities and the gaps that Auth zero fills. On the other hand, it takes out one of Okta's main competitors and customers like competition. So I guess I look at it this way. Many enterprises will spend more money to save time. And that's where Okta has traditionally been strong. Premium pricing but there's clear value, in that it's easier, less resources required, skillsets are scarce. So boom, good fit. Other enterprises look at the price tag of an Okta and, they actually have internal development capabilities. So they prefer to spend engineering time to save money. That's where Auth zero has seen its momentum. Now Todd McKinnon and company, they can have it both ways because of that acquisition. If the price of Okta classic is too high, here's a lower cost solution with Auth zero that can save you money if you have the developer talent and the time. It's a compelling advantage, that's unique. Okay, let's wrap. The road to Zero-Trust networks is long and arduous. The goal is to understand, support and enable access for different roles, safely and securely, across an ecosystem of consumers, employees, partners, suppliers, all the consumers, (laughs softly) of your touch points to your security system. You've got to simplify the user experience. Today's kluge of password, password management, security exposures, just not going to cut it in the digital future. Supporting users in a decentralized, no-moat world, the queen has left her castle, as I often say is compulsory. But you must have federated governance. And there's always going to be room for specialists in this space. Especially for industry specific solutions for instance, within healthcare, education, government, etcetera. Hybrids are the reality for companies that have any on-prem legacy apps. Now Okta has put itself in a leadership position, but it's not alone. Complexity and fragmentation will likely remain. This is a highly competitive market with lots of barriers to entry, which is both good and bad for Okta. On the one hand, unseating incumbents will not be easy. On the other hand, Okta is both scaling and growing rapidly, revenues are growing almost 50% per annum and with it's convergence agenda and Auth zero, it can build a nice moat to its business and keep others out. Okay, that's it for now. Remember, these episodes are all available as podcasts, wherever you listen, just search braking analysis podcast, and please subscribe. Thanks to my colleague, Eric Bradley, and our friends over at ETR. Check out ETR website at "etr.plus" for all the data and all the survey action. We also publish a full report every week on "wikibon.com" and "siliconangle.com". So make sure you check that out and browse the breaking analysis collection. There are nearly a hundred of these episodes on a variety of topics, all available free of charge. Get in touch with me. You can email me at "david.vellante@siliconangle.com" or "@dvellante" on Twitter. Comment on our LinkedIn posts. This is Dave Vellante for "theCUBE" insights powered by ETR. Have a great week everybody. Stay safe, be well And we'll see you next time. (upbeat music)

>> From The Cube Studios in Palo Alto in Boston, bringing you data-driven insights from The Cube in ETR. This is "Breaking Analysis" with Dave Vellante >> The pandemic not only accelerated the shift to digital but it also highlighted a rush of cyber criminal sophistication, collaboration, and chaotic responses by virtually every major company in the planet. The SolarWinds hack exposed supply chain weaknesses and so-called island hopping techniques that are exceedingly difficult to detect. Moreover, the will and aggressiveness of well-organized cybercriminals has elevated to the point where incident responses are now met with counter attacks, designed to both punish and extract money from victims via ransomware and other criminal activities. The only upshot is the cybersecurity market remains one of the most enduring and attractive investment sectors for those that can figure out where the market is headed and which firms are best positioned to capitalize. Hello, everyone. And welcome to this week's Wikibon Cube Insights powered by ETR. In this "Breaking Analysis" we'll provide our quarterly update of the security industry, and share new survey data from ETR and the Cube community that will help you navigate through the maze of corporate cyber warfare. We'll also share our thoughts on the game of 3D chess that Okta CEO, Todd McKinnon, is playing against the market. Now, we all know this market is complicated, fragmented and fast moving. And this next chart says it all. It's an interactive graphic from Optiv, a Denver, Colorado-based SI that's focused on cybersecurity. They've done some really excellent research and put together this awesome taxonomy, and it mapped vendor names therein. And this helps users navigate the complex security landscape. And there are over a dozen major sectors, high-level sectors within the security taxonomy and nearly 60 subsectors. From monitoring, vulnerability assessment, identity, asset management, firewalls, automation, cloud, data center, sim, threat detection and intelligent endpoint network, and so on and so on and so on. But this is a terrific resource, and going to help you understand where players fit and help you connect the dots in the space. Now let's talk about what's going on in the market. The dynamics in this crazy mess of a landscape are really confusing sometimes. Now, since the beginning of cyber time, we've talked about the increasing sophistication of the adversary, and the back and forth escalation between good and evil. And unfortunately, this trend is unlikely to stop. Here's some data from Carbon Black's annual modern bank heist report. This is the fourth, and of course now, VMware's brand, highlights the Carbon Black study since the acquisition, and to catalyze the creation of VMware's cloud security division. Destructive malware attacks, according to the recent study are up 118% from last year. Now, one major takeaway from the report is that hackers aren't just conducting wire fraud, they are. 57% of the banks surveyed, saw an increase in wire fraud, but the cybercriminals are also targeting non-public information such as future trading strategies. This allows the bad guys to front-run large block trades and profit. It's become a very lucrative practice. Now the prevalence of so-called island hopping is up 38% from already elevated levels. This is where a virus enters a company supply chain via a partner, and then often connects with other stealthy malware downstream. These techniques are more common where the malware will actually self-form with other infected parts of the supply chain and create actions with different signatures, designed to identify and exfiltrate valuable information. It's a really complex problem. Of major concern is that 63% of banking respondents in the study reported that responses to incidents were then met with retaliation designed to intimidate, or initiate ransomware tax to extract a final pound of flesh from the victim. Notably, the study found that 75% of CISOs reported to the CIO, which many feel is not the right regime. The study called for a rethinking of the right cyber regime where the CISO has increased responsibility and a direct reporting line to the CEO, or perhaps the COO, with greater exposure to boards of directors. So, many thanks to VMware and Tom Kellerman specifically for sharing this information with us this past week. Great work by your team. Now, some of the themes that we've been talking about for several quarters are shown in the lower half of the chart. Cloud, of course is the big driver thanks to work-from-home and to the pandemic. And the interesting corollary of course, is we see a rapid rethinking of end point and identity access management, and the concept of zero trust. In a recent ESG survey, two thirds of respondents said that their use of cloud computing necessitated a change in how they approach identity access management. Now, as shown in the chart from Optiv, the market remains highly fragmented, and M&A is of course, way up. Now, based on our research, it looks like transaction volume has increased more than 40% just in the last five months. So let's dig into the M&A, the merger and acquisition trends for just a moment. We took a five-month snapshot and we were able to count about 80 deals that were completed in that timeframe. Those transactions represented more than $20 billion in value. Some of the larger ones are highlighted here. The biggest of course, being the Thoma Bravo, taking Proofpoint private for a $12 plus billion price tag. The stock went from the low 130s and is trading in the low 170s based on the $176 per share offer. So there's your arbitrage, folks. Go for it. Perhaps the more interesting acquisition was Auth0 by Optiv for 6.5 billion, which we're going to talk about more in a moment. There was more private equity action we saw as Insight bought Armis, an IOT security play, and Cisco shelled out $730 million for IMImobile, which is more of an adjacency to cyber, but it's going to go under Cisco security and applications business run by Jeetu Patel. But these are just the tip of the iceberg. Some of the themes that we see connecting the dots of these acquisitions are first, SIs like Accenture, Atos and Wipro are making moves in cyber to go local. They're buying SecOps expertise, as I say, locally in places like France, Germany, Netherlands, Canada, and Australia, that last mile, that belly to belly intimate service. Israeli-based startups chocked up five acquired companies in the space over the last five months. Also financial services firms are getting into the act with Goldman and MasterCard making moves to own its own part of the stack themselves to combat things like fraud and identity theft. And then finally, numerous moves to expand markets. Okta with Auth0, CrowdStrike buying a log management company, Palo Alto, picking up dev ops expertise, Rapid7 shoring up it's Coobernetti's chops, Tenable expanding beyond Insights and going after identity, interesting. Fortinet filling gaps in a multi-cloud offering. SailPoint extending to governance risk and compliance, GRC. Zscaler picked up an Israeli firm to fill gaps in access control. And then VMware buying Mesh7 to secure modern app development and distribution service. So tons and tons of activity here. Okay, so let's look at some of the ETR data to put the cyber market in context. ETR uses the concept of market share, it's one of the key metrics which is a measure of pervasiveness in the dataset. So for each sector, it calculates the number of respondents for that sector divided by the total to get a sense for how prominent the sector is within the CIO and IT buyer communities. Okay, this chart shows the full ETR sector taxonomy with security highlighted across three survey periods; April last year, January this year, and April this year. Now you wouldn't expect big moves in market share over time. So it's relatively stable by sector, but the big takeaway comes from observing which sectors are most prominent. So you see that red line, that dotted line imposed at the 60% level? You can see there are only six sectors above that line and cyber security is one of them. Okay, so we know that security is important in a large market. But this puts it in the context of the other sectors. However, we know from previous breaking analysis episodes that despite the importance of cyber, and the urgency catalyzed by the pandemic, budgets unfortunately are not unlimited, and spending is bounded. It's not an open checkbook for CSOs as shown in this chart. This is a two-dimensional graphic showing market share in the horizontal axis, or pervasiveness in net score in the vertical axis. Net score is ETR's measurement of spending velocity. And we've superimposed a red line at 40% because anything over 40%, we consider extremely elevated. We've filtered and limited the number of sectors to simplify the graphic. And you can see, in the sectors that we've highlighted, only the big four are above that 40% line; AI, containers, RPA, and cloud. They exceed that sort of 40% magic waterline. Information security, you can see that as highlighted and it's respectable, but it competes for budget with other important sectors. So this is of course creates challenges for organization, because not only are they strapped for talent as we've reported, they like everyone else in IT face ongoing budget pressures. Research firm, Cybersecurity Ventures estimates that in 2021, $6 trillion worldwide will be lost on cyber crime. Conversely, research firm, Cannolis peg security spending somewhere around $60 billion annually. IDC has at higher, around $100 billion. So either way, we're talking about spending between 1 to 1.6% annually of how much the bad guys are taking out. That's peanuts really when you consider the consequences. So let's double-click into the cyber landscape a bit and further look at some of the companies. Here's that same X/Y graphic with the companies ETR captures from respondents in the cybersecurity sector. That's what's shown on the chart here. Now, the usefulness of the red lines is 20% on the horizontal indicates the largest presence in the survey, and the magic 40% line that we talked about earlier shows those firms with the most elevated momentum. Only Microsoft and Palo Alto exceed both high watermarks. Of course, Splunk and Cisco are prominent horizontally. And there are numerous companies to the left of the 20% line and many above that 40% high watermark on the vertical axis. Now in the bottom left quadrant, that includes many of the legacy names that have been around for a long time. And there are dozens of companies that show spending momentum on their platforms, i.e above single digits. So that picture is like the first one we showed you, very, very crowded space. But so let's filter it a bit and only include companies in the ETR survey that had at least 100 responses. So an N of 100 or greater. So it was a little easier to read but still it's kind of crowded when you think about it. Okay, so same graphic, and we've superimposed the data that determined the plot position over in the bottom right there. So there's net score and shared in, including only companies with more than 100 N. So what does this data tell us about the market? Well, Microsoft is dominant as always, it seems in all dimensions but let's focus on that red line for a moment. Some of the names that we've highlighted over the past two years show very well here. First, I want to talk about Palo Alto Networks. Pre-COVID as you might recall, we highlighted the valuation divergence between Palo Alto and Fortinet. And we said Fortinet was executing better on its cloud strategy, and Palo Alto was at the time struggling with the transition especially with its go-to-market and its Salesforce compensation, and really refreshing its portfolio. But we told you that we were bullish on Palo Alto Networks at the time because of its track record, and the fact that CIOs consistently told us that they saw Palo Alto as a thought leader in the space that they wanted to work with. They said that Palo Alto was the gold standard, the best, especially larger company CISOs. So that gave us confidence that Palo Alto, a very well-run company was going to get its act together and perform better. And Palo Alto has just done just that. As we expected, they've done very well and rapidly moving customers to the next generation of platforms. And we're very impressed by the company's execution. And the stock has generally reflected that. Now, some other names that hit our radar in the ETR data a couple of years ago, continue to perform well. CrowdStrike, Zscaler, SailPoint, and CloudFlare. Now, CloudFlare just reported and beat earnings but was off, the stock fell on headwinds for tech overall, the big rotation. But the company is doing very well and they're growing rapidly and they have momentum as you can see from the ETR data. Now, we put that double star around Proofpoint to highlight that it was worthy of fetching $12.5 billion from private equity firm. So nice exit there, supporting the continued consolidation trend that we've predicted in cybersecurity. Now let's turn our attention to Okta and Auth0. This is where it gets interesting, and is a clever play for Okta we think, and we want to drill into it a bit. Okta is acquiring Auth0 for big money. Why? Well, we think Todd McKinnon, Okta CEO, wants to run the table on identity and then continue to expand as TAM has to do that, to justify his lofty valuation. So Okta's ascendancy around identity and single sign-on is notable. The fragmented pictures that we've shown you, they scream out for simplification and trust, and that's what Okta brings. But it competes with some major players, most notably Microsoft with active directory. So look, of course, Microsoft is going to dominate in its massive customer base, but the rest of the market, that's like (indistinct) wide open. And we think McKinnon saw the opportunity to go dominate that sector. Now Okta comes at this from an enterprise perspective bringing top-down trust to the equation, and throwing a big blanket over all the discreet SaaS platforms and unifying employee access. Okta's timing was perfect. It was founded in 2009, just as the massive SaaSifiation trend was happening around CRM and HR, and service management and cloud, et cetera. But the one thing that Okta didn't have that Auth0 does is serious developer chops. While Okta was crushing it with its enterprise sales strategy, Auth0 was laser-focused on developers and building a bottoms up approach to identity. By acquiring Auth0, Okta can dominate both sides of the barbell and then capture the fat middle. So yes, it's a pricey acquisition, but in our view, it's a great move by McKinnon. Now, I don't know McKinnon personally, but last week I spoke to Arun Shrestha, who's the CEO of security specialist, BeyondID, they're a platinum services partner of Okta. And they're a zero trust expert. He worked for Okta for a number of years and shared with me a bit about McKinnon's style, and think big approach. Arun said something that caught my attention. He said, firewalls used to be the perimeter, now people are. And while that's self-serving to Okta and probably BeyondID, it's true. People, apps and data are the new perimeter, and they're not in one location. And that's the point. Now, unfortunately, I had lined up an interview with Diya Jolly, who was the chief product officer at Okta and a Cube alum for this past week, knowing that we were running this segment in this episode but she unfortunately fell ill the day of our interview and had to cancel. But I want to follow up with her, and understand how she's thinking about connecting the dots with Auth0 with devs and enterprises and really test our thesis there. This is a really interesting chess match that's going on. Let's look a little deeper into that identity space. This chart here shows some of the major identity players. It has some of the leaders in the identity market, and is a breakdown at ETR's net score. Now net score comprises five elements. The lime green is, we're adding the platform new. The forest green is we're spending 6% or more relative to last year. The gray is flat send plus or minus flat spend, plus or minus 5%. The pinkish is spending less. And the bright red is we're exiting the platform, retiring. Now you subtract the red from the green, and that gets you the result for net score which you can see super-imposed on the right hand chart at the bottom, that first column there. The far column is shared in which informs and indicates the number of responses and is a proxy for presence in the market. Oh, look at the top two players in terms of spending momentum. Now SailPoint is right there, but Auth0 combined with Okta's distribution channel will extend Okta's lead significantly in our view. And then there's Microsoft. Now just a caveat, this includes all of Microsoft's security offerings, not just identity, but it's there for context. And CyberArk as well includes this acquisition of adaptive, but also other parts of CyberArk's portfolio. So you can see some of the other names that are there, many of which you'll find in the Gartner magic quadrant for identity. And as we said, we really like this move by Okta. It combines positive market forces with lead offerings from very well-run companies that have winning DNA and passionate people. Now, to further emphasize what's happening here, take a look at this. This chart shows ETR data for Okta within SailPoint and CyberArk accounts. Out of the 230 CyberArk and SailPoint customers in the dataset, there are 81 Okta accounts. That's a 35% overlap. And the good news for Okta is that within that base of SailPoint and CyberArk accounts, Okta is shown by the net score line, that green line has a very elevated spending in momentum. And the kicker is, if you read the fine print in the right hand column, ETR correctly points out that while SailPoint and CyberArk have long been partners with Okta, at the recent Octane21 event, Okta's big customer event, The company announced that it was expanding into privileged access management, PAM, and identity governance. Hello, and welcome to co-opetition in the 2020s. Now, our current thinking is that this bodes very well for Okta and CyberArk and SailPoint. Well, they're going to have to make some counter moves to fend off the onslaught that is coming. Now, let's wrap up with what has become a tradition in our quarterly security updates. Looking at those two dimensions of net score and market share, we're going to see which companies crack the top 10 for both measures within the ETR dataset. We do this every quarter. So here in the left, we have the top 20, sorted by net score spending momentum and on the right, we sort by shared N. So it's again, top 20, which informs, shared N informs the market share metric or presence in the dataset. That red horizontal lines, those two lines on each separate the top 10 from the remaining 10 within those top 20. And our method, what we do is we assign four stars to those companies that crack the top 10 for both metrics. So again, you see Microsoft, Palo Alto Networks, Okta, CrowdStrike, and Fortinet. Fortinet by the way, didn't make it last quarter. They've kind of been in and out and on the bubble, but company is very strong, and doing quite well. Only the other four did last quarter. They were the same for last quarter. And we give two stars to those companies that make it in both categories within the top 20 but didn't make the top 10. So Cisco, Splunk, which has been steadily decelerating from a spending momentum standpoint, and Zscaler, which is just on the cusp. We really like Zscaler and the company has great momentum, but that's the methodology. That is what it is. Now you can see, we kept Carbon Black on the right most chart, it's like kind of cut off, it's number 21. Only because they're just outside looking in on net score. You see them there, they're just below on net score, number 11. And VMware's presence in the market we think, that Carbon Black is right really worth paying attention to. Okay, so we're going to close with some summary and final thoughts. Last quarter, we did a deeper dive on the SolarWinds hack, and we think the ramifications are significant. It has set the stage for a new era of escalation and adversary sophistication. Now, major change we see is a heightened awareness that when you find intruders, you'd better think very carefully about your next moves. When someone breaks into your house, if the dog barks, or if you come down with a baseball bat or other weapon, you might think the intruder is going to flee. But if the criminal badly wants what you have in your house and it's valuable enough, you might find yourself in a bloody knife fight or worse. Well, what's happening is intruders come to your company via island hopping or insider subterfuge or whatever method. And they'll live off the land stealthily using your own tools against you so that you can't find them so easily. So instead of injecting new tools in that send off an alert, they just use what you already have there. That's what's called living off the land. They'll steal sensitive data, for example, positive COVID test results when that was really, really sensitive, obviously still is, or other medical data. And when you retaliate, they will double-extort you. They'll encrypt your data and hold it for ransom, and at the same time threaten to release the sensitive information, crushing your brand in the process. So your response must be as stealthy as their intrusion, as you marshal your resources and devise an attack plan. And you face serious headwinds. Not only is this a complicated situation, there's your ongoing and acute talent shortage that you tell us about all the time. Many companies are mired in technical debt, that's an additional challenge. And then you've got to balance the running of the business while actually effecting a digital transformation. That's very, very difficult, and it's risky because the more digital you become, the more exposed you are. So this idea of zero trust, people used to call it a buzzword, it's now a mandate along with automation. Because you just can't throw labor at the problem. This is all good news for investors as cyber remains a market that's ripe for valuation increases and M&A activity, especially if you know where to look. Hopefully we've helped you squint through the maze a little bit. Okay, that's it for now. Thanks to the community for your comments and insights. Remember I publish each week on wikibon.com and siliconangle.com. These episodes, they're all available as podcasts. All you got to do is search breaking analysis podcasts, put in the headphones, listen when you're in your car, or out for your walk or run, and you can always connect on Twitter @DVellante, or email me at david.vellante@siliconangle.com. I appreciate the comments on LinkedIn and in Clubhouse, please follow me, so you're notified when we start a room and riff on these topics and others. And don't forget to check out etr.plus for all the survey data. This is Dave Vellante for The Cube Insights powered by ETR. Be well, and we'll see you next time. (light instrumental music)

>> Narrator: From theCUBE Studios in Palo Alto, in Boston, bringing you data-driven insights from theCUBE and ETR, this is Breaking Analysis with Dave Vellante. >> Tech spending is poised to rebound as the economy reopens in 2021. CIOs and IT buyers, they expect a 4% increase in 2021 spending based on ETR's latest surveys. And we believe that number will actually be higher, in the six to 7% range even. The big drivers are continued fine tuning of, and investment in digital strategies, for example, cloud security, AI data and automation. Application modernization initiatives continue to attract attention, and we also expect more support with work from home demand, for instance laptops, et cetera. And we're even seeing pent-up demand for data center infrastructure and other major risks to this scenario, they remain the pace of the reopening, of course, no surprise there, however, even if there are speed bumps to the vaccine rollout and achieving herd immunity, we believe tech spending will grow at least two points faster than GDP, which is currently forecast at 4.1%. Hello and welcome to this week's (indistinct) on Cube Insights powered by ETR. In this breaking analysis, we want to update you on our latest macro view of the market, and then highlight a few key sectors that we've been watching, namely cloud with a particular drill down on Microsoft and AWS, security, database, and then we'll look at Dell and VMware as a proxy for the data center. Now here's a look at what IT buyers and CIOs think. This chart shows the latest survey data from ETR and it compares the December results with the year earlier survey. Consistent with our earlier reporting, we see a kind of a swoosh-like recovery with a slower first half and accelerating in the second half. And we think that CIOs are being prudently conservative, 'cause if GDP grows at 4% plus, we fully expect tech spending to outperform. Now let's look at the factors that really drive some of our thinking on that. This is data that we've shown before it asks buyers if they're initiating any of the following strategies in the coming quarter, in the face of the pandemic and you can see there's no change in work from home, really no change in business travel, but hiring freezes, freezing new deployments, these continue to trend down. New deployments continue to be up, layoffs are trending down and hiring is also up. So these are all good signs. Now having said that, one part of our scenario assumes workers return and the current 75% of employees that work from home will moderate by the second half to around 35%. Now that's double the historical average, and that large percentage, that will necessitate continued work from home infrastructure spend, we think and drive HQ spending as well in the data center. Now the caveat of course is that lots of companies are downsizing corporate headquarters, so that could weigh on this dual investment premise that we have, but generally with the easy compare in these tailwinds, we expect solid growth in this coming year. Now, what sectors are showing growth? Well, the same big four that we've been talking about for 10 months, machine intelligence or AI/ML, RPA and broader automation agendas, these lead the pack along with containers and cloud. These four, you can see here above that red dotted line at 40%, that's a 40% net score which is a measure of spending momentum. Now cloud, it's the most impressive because what you see in this chart is spending momentum or net score in the vertical axis and market share or pervasiveness in the data center on the horizontal axis. Now cloud it stands out, as it's has a large market share and it's got spending velocity tied to it. So, I mean that is really impressive for that sector. Now, what we want to do here is do a quick update on the big three cloud revenue for 2020. And so we're looking back at 2020, and this really updates the chart that we showed last week at our CUBE on Cloud event, the only differences Azure, Microsoft reported and this chart shows IaaS estimates for the big three, we had had Microsoft Azure in Q4 at 6.8 billion, it came in at 6.9 billion based on our cloud model. Now the points we previously made on this chart, they stand out. AWS is the biggest, and it's growing more slowly but it throws off more absolute dollars, Azure grew 48% sent last quarter, we had it slightly lower and so we've adjusted that and that's incredible. And Azure continues to close that gap on AWS and we'll see how AWS and Google do when they report next week. We definitely think based on Microsoft result that AWS has upside to these numbers, especially given the Q4 push, year end, and the continued transition to cloud and even Google we think can benefit. Now what we want to do is take a closer look at Microsoft and AWS and drill down into those two cloud leaders. So take a look at this graphic, it shows ETR's survey data for net score across Microsoft's portfolio, and we've selected a couple of key areas. Virtually every sector is in the green and has forward momentum relative to the October survey. Power Automate, which is RPA, Teams is off the chart, Azure itself we've reported on that, is the linchpin of Microsoft's innovation strategy, serverless, AI analytics, containers, they all have over 60% net scores. Skype is the only dog and Microsoft is doing a fabulous job of transitioning its customers to Teams away from Skype. I think there are still people using Skype. Yes, I know it's crazy. Now let's take a look at the AWS portfolio drill down, there's a similar story here for Amazon and virtually all sectors are well into the 50% net scores or above. Yeah, it's lower than Microsoft, but still AWS, very, very large, so across the board strength for the company and it's impressive for a $45 billion cloud company. Only Chime is lagging behind AWS and maybe, maybe AWS needs a Teams-like version to migrate folks off of Chime. Although you do see it's an uptick there relative to the last survey, but still not burning the house down. Now let's take a look at security. It's a sector that we've highlighted for several quarters, and it's really undergoing massive change. This of course was accelerated by the work from home trend, and this chart ranks the CIO and CSO priorities for security, and here you see identity access management stands out. So this bodes well for the likes of Okta and SailPoint, of course endpoint security also ranks highly, and that's good news for a company like CrowdStrike or Forescout, Carbon Black, which was acquired by VMware. And you can see network security is right there as well, I mean, it's all kind of network security but Cisco, Palo Alto, Fortinet are some of the names that we follow closely there, and cloud security, Microsoft, Amazon and Zscaler also stands out. Now, what we want to do now is drill in a little bit and take a look at the vendor map for security. So this chart shows one of our favorite views, it's getting net score or spending momentum on the vertical axis and market share on the horizontal. Okta, note in the upper right of that little chart there that table, Okta remains the highest net score of all the players that we're showing here, SailPoint and CrowdStrike definitely looming large, Microsoft continues to be impressive because of its both presence, you can see that dot in the upper right there and it's momentum, and you know, for context, we've included some of the legacy names like RSA and McAfee and Symantec, you could see them in the red as is IBM, and then the rest of the pack, they're solidly in the green, we've said this before security remains a priority, it's a very strong market, CIOs and CSOs have to spend on it, they're accelerating that spending, and it's a fragmented space with lots of legitimate players, and it's undergoing a major change, and with the SolarWinds hack, it's on everyone's radar even more than we've seen with earlier high profile breaches, we have some other data that we'll share in the future, on that front, but in the interest of time, we'll press on here. Now, one of the other sectors that's undergoing significant changes, database. And so if you take a look at the latest survey data, so we're showing that same xy-view, the first thing that we call your attention to is Snowflake, and we've been reporting on this company for years now, and sharing ETR data for well over a year. The company continues to impress us with spending momentum, this last survey it increased from 75% last quarter to 83% in the latest survey. This is unbelievable because having now done this for quite some time, many, many quarters, these numbers are historically not sustainable and very rarely do you see that kind of increase from the mid-70s up into the '80s. So now AWS is the other big call out here. This is a company that has become a database powerhouse, and they've done that from a standing start and they've become a leader in the market. Google's momentum is also impressive, especially with it's technical chops, it gets very, very high marks for things like BigQuery, and so you can see it's got momentum, it does not have the presence in the market to the right, that for instance AWS and Microsoft have, and that brings me to Microsoft is also notable, because it's so large and look at the momentum, it's got very, very strong spending momentum as well, so look, this database market it's seeing dramatically different strategies. Take Amazon for example, it's all about the right tool for the right job, they get a lot of different data stores with specialized databases, for different use cases, Aurora for transaction processing, Redshift for analytics, I want a key value store, hey, some DynamoDB, graph database? You got little Neptune, document database? They've got that, they got time series database, so very, very granular portfolio. You got Oracle on the other end of the spectrum. It along with several others are converging capabilities and that's a big trend that we're seeing across the board, into, sometimes we call it a mono database instead of one database fits all. Now Microsoft's world kind of largely revolves around SQL and Azure SQL but it does offer other options. But the big difference between Microsoft and AWS is AWS' approach is really to maximize the granularity in the technical flexibility with fine-grained access to primitives and APIs, that's their philosophy, whereas Microsoft with synapse for example, they're willing to build that abstraction layer as a means of simplifying the experiences. AWS, they've been reluctant to do this, their approach favors optionality and their philosophy is as the market changes, that will give them the ability to move faster. Microsoft's philosophy favors really abstracting that complexity, now that adds overhead, but it does simplify, so these are two very interesting counter poised strategies that we're watching and we think there's room for both, they're just not necessarily one better than the other, it's just different philosophies and different approaches. Now Snowflake for its part is building a data cloud on top of AWS, Google and Azure, so it's another example of adding value by abstracting away the underlying infrastructure complexity and it obviously seems to be working well, albeit at a much smaller scale at this point. Now let's talk a little bit about some of the on-prem players, the legacy players, and we'll use Dell and VMware as proxies for these markets. So what we're showing here in this chart is Dell's net scores across select parts of its portfolio and it's a pretty nice picture for Dell, I mean everything, but Desktop is showing forward momentum relative to previous surveys, laptops continue to benefit from the remote worker trend, in fact, PCs actually grew this year if you saw our spot on Intel last week, PCs had peaked, PC volume at peaked in 2011 and it actually bumped up this year but it's not really, we don't think sustainable, but nonetheless it's been a godsend during the pandemic as data center infrastructure has been softer. Dell's cloud is up and that really comprises a bunch of infrastructure along with some services, so that's showing some strength that both, look at storage and server momentum, they seem to be picking up and this is really important because these two sectors have been lagging for Dell. But this data supports our pent-up demand premise for on-prem infrastructure, and we'll see if the ETR survey which is forward-looking translates into revenue growth for Dell and others like HPE. Now, what about Dell's favorite new toy over at VMware? Let's take a look at that picture for VMware, it's pretty solid. VMware cloud on AWS, we've been reporting on that for several quarters now, it's showing up in the ETR survey and it is well, it's somewhat moderating, it's coming down from very high spending momentum, so it's still, we think very positive. NSX momentum is coming back in the survey, I'm not sure what happened there, but it's been strong, VMware's on-prem cloud with VCF VMware Cloud Foundation, that's strong, Tanzu was a bit surprising because containers are very hot overall, so that's something we're watching, seems to be moderating, maybe the market says okay, you did great VMware, you're embracing containers, but Tanzu is maybe not the, we'll see, we'll see how that all plays out. I think it's the right strategy for VMware to embrace that container strategy, but we said remember, everybody said containers are going to kill VMware, well, VMware rightly, they've embraced cloud with VMware cloud on AWS, they're embracing containers. So we're seeing much more forward-thinking strategies and management philosophies. Carbon Black, that benefits from the security tailwind, and then the core infrastructure looks good, vSAN, vSphere and VDI. So the big thing that we're watching for VMware, is of course, who's going to be the next CEO. Is it going to be Zane Rowe, who's now the acting CEO? And of course he's been the CFO for years. Who's going to get that job? Will it be Sanjay Poonen? The choice I think is going to say much about the direction of VMware going forward in our view. Succeeding Pat Gelsinger is like, it's going to be like following Peyton Manning at QB, but this summer we expect Dell to spin out VMware or do some other kind of restructuring, and restructure both VMware and Dell's balance sheet, it wants to get both companies back to investment grade and it wants to set a new era in motion or it's going to set a new era in motion. Now that financial transaction, maybe it does call for a CFO in favor of such a move and can orchestrate such a move, but certainly Sanjay Poonen has been a loyal soldier and he's performed very well in his executive roles, not just at VMware, but previous roles, SAP and others. So my opinion there's no doubt he's ready and he's earned it, and with, of course with was no offense to Zane Rowe by the way, he's an outstanding executive too, but the big questions for Dell and VMware's what will the future of these two companies look like? They've dominated, VMware especially has dominated the data center for a decade plus, they're responding to cloud, and some of these new trends, they've made tons of acquisitions and Gelsinger has orchestrated TAM expansion. They still got to get through paying down the debt so they can really double down on an innovation agenda from an R&D perspective, that's been somewhat hamstrung and to their credit, they've done a great job of navigating through Dell's tendency to take VMware cash and restructure its business to go public, and now to restructure both companies to do the pivotal acquisition, et cetera, et cetera, et cetera and clean up it's corporate structure. So it's been a drag on VMware's ability to use its free cash flow for R&D, and again it's been very impressive what it's been able to accomplish there. On the Dell side of the house, it's R&D largely has gone to kind of new products, follow-on products and evolutionary kind of approach, and it would be nice to see Dell be able to really double down on the innovation agenda especially with the looming edge opportunity. Look R&D is the lifeblood of a tech company, and there's so many opportunities across the clouds and at The Edge we've talked this a lot, I haven't talked much about or any about IBM, we wrote a piece last year on IBM's innovation agenda, really hinges on its R&D. It seems to be continuing to favor dividends and stock buybacks, that makes it difficult for the company to really invest in its future and grow, its promised growth, Ginni Rometty promised growth, that never really happened, Arvind Krishna is now promising growth, hopefully it doesn't fall into the same pattern of missed promises, and my concern there is that R&D, you can't just flick a switch and pour money and get a fast return, it takes years to get that. (Dave chuckles) We talked about Intel last week, so similar things going on, but I digress. Look, these guys are going to require in my view, VMware, Dell, I'll put HPE in there, they're going to require organic investment to get back to growth, so we're watching these factors very, very closely. Okay, got to wrap up here, so we're seeing IT spending growth coming in as high as potentially 7% this year, and it's going to be powered by the same old culprits, cloud, AI, automation, we'll be doing an RPA update soon here, application modernization, and the new work paradigm that we think will force increased investments in digital initiatives. The doubling of the expectation of work from home is significant, and so we see this hybrid world, not just hybrid cloud but hybrid work from home and on-prem, this new digital world, and it's going to require investment in both cloud and on-prem, and we think that's going to lift both boats but cloud, clearly the big winner. And we're not by any means suggesting that their growth rates are going to somehow converge, they're not, cloud will continue to outpace on-prem by several hundred basis points, throughout the decade we think. And AWS and Microsoft are in the top division of that cloud bracket. Security markets are really shifting and we continue to like the momentum of companies in identity and endpoint and cloud security, especially the pure plays like CrowdStrike and Okta and SailPoint, and Zscaler and others that we've mentioned over the past several quarters, but CSOs tell us they want to work with the big guys too, because they trust them, especially Palo Alto networks, Cisco obviously in the mix, their security business continues to outperform the balance of Cisco's portfolio, and these companies, they have resources to withstand market shifts and we'll do a deeper drill down at the security soon and update you on other trends, on other companies in that space. Now the database world, it continues to heat up, I used to say on theCUBE all the time that decade and a half ago database was boring and now database is anything but, and thank you to cloud databases and especially Snowflake, it's data cloud vision, it's simplicity, we're seeing lots of different ways though, to skin the cat, and while there's disruption, we believe Oracle's position is solid because it owns Mission-Critical, that's its stronghold, and we really haven't seen those workloads migrate into the cloud, and frankly, I think it's going to be hard to rest those away from Oracle. Now, AWS and Microsoft, they continue to be the easy choice for a lot of their customers. Microsoft migrating its software state, AWS continues to innovate, we've got a lot of database choices, the right tool for the right job, so there's lots of innovation going on in databases beyond these names as well, and we'll continue to update you on these markets shortly. Now, lastly, it's quite notable how well some of the legacy names have navigated through COVID. Sure, they're not rocketing like many of the work-from-home stocks, but they've been able to thus far survive, and in the example of Dell and VMware, the portfolio diversity has been a blessing. The bottom line is the first half of 2021 seems to be shaping up as we expected, momentum for the strongest digital plays, low interest rates helping large established companies hang in there with strong balance sheets, and large customer bases. And what will be really interesting to see is what happens coming out of the pandemic. Will the rich get richer? Yeah, well we think so. But we see the legacy players adjusting their business models, embracing change in the market and steadily moving forward. And we see at least a dozen new players hitting the radar that could become leaders in the coming decade, and as always, we'll be highlighting many of those in our future episodes. Okay, that's it for now, listen, these episodes remember, they're all available as podcasts, all you got to do is search for Breaking Analysis Podcasts and you'll you'll get them so please listen, like them, if you like them, share them, really, I always appreciate that, I publish weekly on wikibon.com and siliconangle.com, and really would appreciate your comments and always do in my LinkedIn posts, or you can always DM me @dvellante or email me at david.vellante@siliconangle.com, and tell me what you think is happening out there. Don't forget to check out ETR+ for all the survey action, this is David Vellante, thanks for watching theCUBE Insights powered by ETR. Stay safe, we'll see you next time. (downbeat music)

(gentle music) >> From the Cube Studios in Palo Alto and Boston, connecting with thought leaders all around the world. This is theCube Conversation. >> Hi everybody, this is Dave Vellante, we're back at Cube on Cloud, and with me is Muddu Sudhakar. He's a long time alum of theCube, a technologist and executive, a serial entrepreneur and an investor. Welcome my friend, good to see you. >> Good to see you, Dave. Pleasure to be with you. Happy elections, I guess. >> Yeah, yeah. So I wanted to start, this work from home, pivot's been amazing, and you've seen the enterprise collaboration explode. I wrote a piece a couple months ago, looking at valuations of various companies, right around the snowflake IPO, I want to ask you about that, but I was looking at the valuations of various companies, at Spotify, and Shopify, and of course Zoom was there. And I was looking at just simple revenue multiples, and I said, geez, Zoom actually looks, might look undervalued, which is crazy, right? And of course the stock went up after that, and you see teams, Microsoft Teams, and Microsoft doing a great job across the board, we've written about that, you're seeing Webex is exploding, I mean, what do you make of this whole enterprise collaboration play? >> No, I think the look there is a trend here, right? So I think this probably trend started before COVID, but COVID is going to probably accelerate this whole digital transformation, right? People are going to work remotely a lot more, not everybody's going to come back to the offices even after COVID, so I think this whole collaboration through Slack, and Zoom, and Microsoft Teams and Webex, it's going to be the new game now, right? Both the video, audio and chat solutions, that's really going to help people like eyeballs. You're not going to spend time on all four of them, right? It's like everyday from a consumer side, you're going to spend time on your Gmail, Facebook, maybe Twitter, maybe Instagram, so like in the consumer side, on your personal life, you have something on the enterprise. The eyeballs are going to be in these platforms. >> Yeah. Well. >> But we're not going to take everything. >> Well, So you are right, there's a permanence to this, and I got a lot of ground to cover with you. And I always like our conversations mood because you tell it like it is, I'm going to stay on that work from home pivot. You know a lot about security, but you've seen three big trends, like mega trends in security, Endpoint, Identity Access Management, and Cloud Security, you're seeing this in the stock prices of companies like CrowdStrike, Zscaler, Okta- >> Right >> Sailpoint- >> Right, I mean, they exploded, as a result of the pandemic, and I think I'm inferring from your comment that you see that as permanent, but that's a real challenge from a security standpoint. What's the impact of Cloud there? >> No, it isn't impact but look, first is all the services required to be Cloud, right? See, the whole ideas for it to collaborate and do these things. So you cannot be running an application, like you can't be running conference and SharePoint oN-Prem, and try to on a Zoom and MS teams. So that's why, if you look at Microsoft is very clever, they went with Office 365, SharePoint 365, now they have MS Teams, so I think that Cloud is going to drive all these workloads that you have been talking about a lot, right? You and John have been saying this for years now. The eruption of Cloud and SAS services are the vehicle to drive this next-generation collaboration. >> You know what's so cool? So Cloud obviously is the topic, I wonder how you look at the last 10 years of Cloud, and maybe we could project forward, I mean the big three Cloud vendors, they're running it like $20 billion a quarter, and they're growing collectively, 35, 40% clips, so we're really approaching a hundred billion dollars for these three. And you hear stats like only 20% of the workloads are in the public Cloud, so it feels like we're just getting started. How do you look at the impact of Cloud on the market, as you say, the last 10 years, and what do you expect going forward? >> No, I think it's very fascinating, right? So I remember when theCube, you guys are talking about 10 years back, now it's been what? More than 10 years, 15 years, since AWS came out with their first S3 service back in 2006. >> Right. >> Right? so I think look, Cloud is going to accelerate even more further. The areas is going to accelerate is for different reasons. I think now you're seeing the initial days, it's all about startups, initial workloads, Dev test and QA test, now you're talking about real production workloads are moving towards Cloud, right? Initially it was backup, we really didn't care for backup they really put there. Now you're going to have Cloud health primary services, your primary storage will be there, it's not going to be an EMC, It's not going to be a NetApp storage, right? So workloads are going to shift from the business applications, and these business applications, will be running on the Cloud, and I'll make another prediction, make customer service and support. Customer service and support, again, we should be running on the Cloud. You're not want to run the thing on a Dell server, or an IBM server, or an HP server, with your own hosted environment. That model is not because there's no economies of scale. So to your point, what will drive Cloud for the next 10 years, will be economies of scale. Where can you take the cost? How can I save money? If you don't move to the Cloud, you won't save money. So all those workloads are going to go to the Cloud are people who really want to save, like global gradual custom, right? If you stay on the ASP model, a hosted, you're not going to save your costs, your costs will constantly go up from a SaaS perspective. >> So that doesn't bode well for all the On-prem guys, and you hear a lot of the vendors that don't own a Cloud that talk about repatriation, but the numbers don't support that. So what do those guys do? I mean, they're talking multi-Cloud, of course they're talking hybrid, that's IBM's big play, how do you see it? >> I think, look, see there, to me, multi-Cloud makes sense, right? You don't want one vendor that you never want to get, so having Amazon, Microsoft, Google, it gives them a multi-Cloud. Even hybrid Cloud does make sense, right? There'll be some workloads. It's like, we are still running On-prem environment, we still have mainframe, so it's never going to be a hundred percent, but I would say the majority, your question is, can we get to 60, 70, 80% workers in the next 10 years? I think you will. I think by 2025, more than 78% of the Cloud Migration by the next five years, 70% of workload for enterprise will be on the Cloud. The remaining 25, maybe Hybrid, maybe On-prem, but I get panics, really doesn't matter. You have saved and part of your business is running on the Cloud. That's your cost saving, that's where you'll see the economies of scale, and that's where all the growth will happen. >> So square the circle for me, because again, you hear the stat on the IDC stat, IBM Ginni Rometty puts it out there a lot that only 20% of the workloads are in the public Cloud, everything else is On-prem, but it's not a zero sum game, right? I mean the Cloud native stuff is growing like crazy, the On-prem stuff is flat to down, so what's going to happen? When you talk about 70% of the workloads will be in the Cloud, do you see those mission critical apps and moving into the car, I mean the insurance companies going to put their claims apps in the Cloud, or the financial services companies going to put their mission critical workloads in the Cloud, or they just going to develop new stuff that's Cloud native that is sort of interacts with the On-prem. How do you see that playing out? >> Yeah, no, I think absolutely, I think a very good question. So two things will happen. I think if you take an enterprise, right? Most businesses what they'll do is the workloads that they should not be running On-prem, they'll move it up. So obviously things like take, as I said, I use the word SharePoint, right? SharePoint and conference, all the knowledge stuff is still running on people's data centers. There's no reason. I understand, I've seen statistics that 70, 80% of the On-prem for SharePoint will move to SharePoint on the Cloud. So Microsoft is going to make tons of money on that, right? Same thing, databases, right? Whether it's CQL server, whether there is Oracle database, things that you are running as a database, as a Cloud, we move to the Cloud. Whether that is posted in Oracle Cloud, or you're running Oracle or Mongo DB, or Dynamo DB on AWS or SQL server Microsoft, that's going to happen. Then what you're talking about is really the App concept, the applications themselves, the App server. Is the App server is going to run On-prem, how much it's going to laureate outside? There may be a hybrid Cloud, like for example, Kafka. I may use a Purse running on a Kafka as a service, or I may be using Elasticsearch for my indexing on AWS or Google Cloud, but I may be running my App locally. So there'll be some hybrid place, but what I would say is for every application, 75% of your Comprende will be on the Cloud. So think of it like the Dev. So even for the On-prem app, you're not going to be a 100 percent On-prem. The competent, the billing materials will move to the Cloud, your Purse, your storage, because if you put it On-prem, you need to add all this, you need to have all the whole things to buy it and hire the people, so that's what is going to happen. So from a competent perspective, 70% of your bill of materials will move to the Cloud, even for an On-prem application. >> So, Of course, the susification of the industry in the last decade and in my three favorite companies last decade, you've worked for two of them, Tableau, ServiceNow, and Splunk. I want to ask you about those, but I'm interested in the potential disruption there. I mean, you've got these SAS companies, Salesforce of course is another one, but they can't get started in 1999. What do you see happening with those? I mean, we're basically building these sort of large SAS, platforms, now. Do you think that the Cloud native world that developers can come at this from an angle where they can disrupt those companies, or are they too entrenched? I mean, look at service now, I mean, I don't know, $80 billion market capital where they are, they bigger than Workday, I mean, just amazing how much they've grown and you feel like, okay, nothing can stop them, but there's always disruption in this industry, what are your thoughts on that. >> Not very good with, I think there'll be disrupted. So to me actually to your point, ServiceNow is now close to a 100 billion now, 95 billion market coverage, crazy. So from evaluation perspective, so I think the reason they'll be disrupted is that the SAS vendors that you talked about, ServiceNow, and all this plan, most of these services, they're truly not a multi-tenant or what do you call the Cloud Native. And that is the Accenture. So because of that, they will not be able to pass the savings back to the enterprises. So the cost economics, the economics that the Cloud provides because of the multi tenancy ability will not. The second reason there'll be disrupted is AI. So far, we talked about Cloud, but AI is the core. So it's not really Cloud Native, Dave, I look at the AI in a two-piece. AI is going to change, see all the SAS vendors were created 20 years back, if you remember, was an operator typing it, I don't respond administered we'll type a Splunk query. I don't need a human to type a query anymore, system will actually find it, that's what the whole security game has changed, right? So what's going to happen is if you believe in that, that AI, your score will disrupt all the SAS vendors, so one angle SAS is going to have is a Cloud. That's where you make the Cloud will take up because a SAS application will be Cloudified. Being SAS is not Cloud, right? Second thing is SAS will be also, I call it, will be AI-fied. So AI and machine learning will be trying to drive at the core so that I don't need that many licenses. I don't need that many humans. I don't need that many administrators to manage, I call them the tuners. Once you get a driverless car, you don't need a thousand tuners to tune your Tesla, or Google Waymo car. So the same philosophy will happen is your Dev Apps, your administrators, your service management, people that you need for service now, and these products, Zendesk with AI, will tremendously will disrupt. >> So you're saying, okay, so yeah, I was going to ask you, won't the SAS vendors, won't they be able to just put, inject AI into their platforms, and I guess I'm inferring saying, yeah, but a lot of the problems that they're solving, are going to go away because of AI, is that right? And automation and RPA and things of that nature, is that right? >> Yes and no. So I'll tell you what, sorry, you have asked a very good question, let's answer, let me rephrase that question. What you're saying is, "Why can't the existing SAS vendors do the AI?" >> Yes, right. >> Right, >> And there's a reason they can't do it is their pricing model is by number of seats. So I'm not going to come to Dave, and say, come on, come pay me less money. It's the same reason why a board and general lover build an electric car. They're selling 10 million gasoline cars. There's no incentive for me, I'm not going to do any AI, I'm going to put, I'm not going to come to you and say, hey, buy me a hundred less license next year from it. So that is one reason why AI, even though these guys do any AI, it's going to be just so I call it, they're going to, what do you call it, a whitewash, kind of like you put some paint brush on it, trying to show you some AI you did from a marketing dynamics. But at the core, if you really implement the AI with you take the driver out, how are you going to change the pricing model? And being a public company, you got to take a hit on the pricing model and the price, and it's going to have a stocking part. So that, to your earlier question, will somebody disrupt them? The person who is going to disrupt them, will disrupt them on the pricing model. >> Right. So I want to ask you about that, because we saw a Snowflake, and it's IPO, we were able to pour through its S-1, and they have a different pricing model. It's a true Cloud consumption model, Whereas of course, most SAS companies, they're going to lock you in for at least one year term, maybe more, and then, you buy the license, you got to pay X. If you, don't use it, you still got to pay for it. Snowflake's different, actually they have a different problem, that people are using it too much and the sea is driving the CFO crazy because the bill is going up and up and up, but to me, that's the right model, It's just like the Amazon model, if you can justify it, so how do you see the pricing, that consumption model is actually, you're seeing some of the On-prem guys at HPE, Dell, they're doing as a service. They're kind of taking a page out of the last decade SAS model, so I think pricing is a real tricky one, isn't it? >> No, you nailed it, you nailed it. So I think the way in which the Snowflake there, how the disruptors are data warehouse, that disrupted the open source vendors too. Snowflake distributed, imagine the playbook, you disrupted something as the $ 0, right? It's an open source with Cloudera, Hortonworks, Mapper, that whole big data that you want me to, or that market is this, that disrupting data warehouses like Netezza, Teradata, and the charging more money, they're making more money and disrupting at $0, because the pricing models by consumption that you talked about. CMT is going to happen in the service now, Zen Desk, well, 'cause their pricing one is by number of seats. People are going to say, "How are my users are going to ask?" right? If you're an employee help desk, you're back to your original health collaborative. I may be on Slack, I could be on zoom, I'll maybe on MS Teams, I'm going to ask by using usage model on Slack, tools by employees to service now is the pricing model that people want to pay for. The more my employees use it, the more value I get. But I don't want to pay by number of seats, so the vendor, who's going to figure that out, and that's where I look, if you know me, I'm right over as I started, that's what I've tried to push that model look, I love that because that's the core of how you want to change the new game. >> I agree. I say, kill me with that problem, I mean, some people are trying to make it a criticism, but you hit on the point. If you pay more, it's only because you're getting more value out of it. So I wanted to flip the switch here a little bit and take a customer angle. Something that you've been on all sides. And I want to talk a little bit about strategies, you've been a strategist, I guess, once a strategist, always a strategist. How should organizations be thinking about their approach to Cloud, it's cost different for different industries, but, back when the cube started, financial services Cloud was a four-letter word. But of course the age of company is going to matter, but what's the framework for figuring out your Cloud strategy to get to your 70% and really take advantage of the economics? Should I be Mono Cloud, Multi-Cloud, Multi-vendor, what would you advise? >> Yeah, no, I mean, I mean, I actually call it the tech stack. Actually you and John taught me that what was the tech stack, like the lamp stack, I think there is a new Cloud stack needs to come, and that I think the bottomline there should be... First of all, anything with storage should be in the Cloud. I mean, if you want to start, whether you are, financial, doesn't matter, there's no way. I come from cybersecurity side, I've seen it. Your attackers will be more with insiders than being on the Cloud, so storage has to be in the Cloud then come compute, Kubernetes. If you really want to use containers and Kubernetes, it has to be in the public Cloud, leverage that have the computer on their databases. That's where it can be like if your data is so strong, maybe run it On-prem, maybe have it on a hosted model for when it comes to database, but there you have a choice between hybrid Cloud and public Cloud choice. Then on top when it comes to App, the app itself, you can run locally or anywhere, the App and database. Now the areas that you really want to go after to migrate is look at anything that's an enterprise workload that you don't need people to manage it. You want your own team to move up in the career. You don't want thousand people looking at... you don't want to have a, for example, IT administrators to call central people to the people to manage your compute storage. That workload should be more, right? You already saw Sierra moved out to Salesforce. We saw collaboration already moved out. Zoom is not running locally. You already saw SharePoint with knowledge management mode up, right? With a box, drawbacks, you name anything. The next global mode is a SAS workloads, right? I think Workday service running there, but work data will go into the Cloud. I bet at some point Zendesk, ServiceNow, then either they put it on the public Cloud, or they have to create a product and public Cloud. To your point, these public Cloud vendors are at $2 trillion market cap. They're they're bigger than the... I call them nation States. >> Yeah, >> So I'm servicing though. I mean, there's a 2 trillion market gap between Amazon and Azure, I'm not going to compete with them. So I want to take this workload to run it there. So all these vendors, if you see that's where Shandra from Adobe is pushing this right, Adobe, Workday, Anaplan, all the SAS vendors we'll move them into the public Cloud within these vendors. So those workloads need to move out, right? So that all those things will start, then you'll start migrating, but I call your procurement. That's where the RPA comes in. The other thing that we didn't talk about, back to your first question, what is the next 10 years of Cloud will be RPA? That third piece to Cloud is RPA because if you have your systems On-prem, I can't automate them. I have to do a VPN into your house there and then try to automate your systems, or your procurement, et cetera. So all these RPA vendors are still running On-prem, most of them, whether it's UI path automation anywhere. So the Cloud should be where the brain should be. That's what I call them like the octopus analogy, the brain is in the Cloud, the tentacles are everywhere, they should manage it. But if my tentacles have to do a VPN with your house to manage it, I'm always will have failures. So if you look at the why RPA did not have the growth, like the Snowflake, like the Cloud, because they are running it On-prem, most of them still. 80% of the RP revenue is On-prem, running On-prem, that needs to be called clarified. So AI, RPA and the SAS, are the three reasons Cloud will take off. >> Awesome. Thank you for that. Now I want to flip the switch again. You're an investor or a multi-tool player here, but so if you're, let's say you're an ecosystem player, and you're kind of looking at the landscape as you're in an investor, of course you've invested in the Cloud, because the Cloud is where it's at, but you got to be careful as an ecosystem player to pick a spot that both provides growth, but allows you to have a moat as, I mean, that's why I'm really curious to see how Snowflake's going to compete because they're competing with AWS, Microsoft, and Google, unlike, Frank, when he was at service now, he was competing with BMC and with on-prem and he crushed it, but the competitors are much more capable here, but it seems like they've got, maybe they've got a moat with MultiCloud, and that whole data sharing thing, we'll see. But, what about that? Where are the opportunities? Where's that white space? And I know there's a lot of white space, but what's the framework to look at, from an investor standpoint, or even a CEO standpoint, where you want to put place your bets. >> No, very good question, so look, I did something. We talk as an investor in the board with many companies, right? So one thing that says as an investor, if you come back and say, I want to create a next generation Docker or a computer, there's no way nobody's going to invest. So that we can motor off, even if you want to do object storage or a block storage, I mean, I've been an investor board member of so many storage companies, there's no way as an industry, I'll write a check for a compute or storage, right? If you want to create a next generation network, like either NetSuite, or restart Juniper, Cisco, there is no way. But if you come back and say, I want to create a next generation Viper for remote working environments, where AI is at the core, I'm interested in that, right? So if you look at how the packets are dropped, there's no intelligence in either not switching today. The packets come, I do it. The intelligence is not built into the network with AI level. So if somebody comes with an AI, what good is all this NVD, our GPS, et cetera, if you cannot do wire speed, packet inspection, looking at the content and then route the traffic. If I see if it's a video package, but in UN Boston, there's high interview day of they should be loading our package faster, because you are a premium ISP. That intelligence has not gone there. So you will see, and that will be a bad people will happen in the network, switching, et cetera, right? So that is still an angle. But if you work and it comes to platform services, remember when I was at Pivotal and VMware, all models was my boss, that would, yes, as a platform, service is a game already won by the Cloud guys. >> Right. (indistinct) >> Silicon Valley Investors, I don't think you want to invest in past services, right? I mean, you might come with some lecture edition database to do some updates, there could be some game, let's say we want to do a time series database, or some metrics database, there's always some small angle, but the opportunity to go create a national database there it's very few. So I'm kind of eliminating all the black spaces, right? >> Yeah. >> We have the white spaces that comes in is the SAS level. Now to your point, if I'm Amazon, I'm going to compete with Snowflake, I have Redshift. So this is where at some point, these Cloud platforms, I call them aircraft carriers. They're not going to stay on the aircraft carriers, they're going to own the land as well. So they're going to move up to the SAS space. The question is you want to create a SAS service like CRM. They are not going to create a CRM like service, they may not create a sales force and service now, but if you're going to add a data warehouse, I can very well see Azure, Google, and AWS, going to create something to compute a Snowflake. Why would I not? It's so close to my database and data warehouse, I already have Redshift. So that's going to be nightlights, same reason, If you look at Netflix, you have a Netflix and you have Amazon prime. Netflix runs on Amazon, but you have Amazon prime. So you have the same model, you have Snowflake, and you'll have Redshift. The both will help each other, there'll be a... What do you call it? Coexistence will happen. But if you really want to invest, you want to invest in SAS companies. You do not want to be investing in a compliment players. You don't want to a feature. >> Yeah, that's great, I appreciate that perspective. And I wonder, so obviously Microsoft play in SAS, Google's got G suite. And I wonder if people often ask the Andy Jassy, you're going to move up the stack, you got to be an application, a SAS vendor, and you never say never with Atavist, But I wonder, and we were talking to Jerry Chen about this, years ago on theCube, and his angle was that Amazon will play, but they'll play through developers. They'll enable developers, and they'll participate, they'll take their, lick off the cone. So it's going to be interesting to see how directly Amazon plays, but at some point you got Tam expansion, you got to play in that space. >> Yeah, I'll give you an example of knowing, I got acquired by a couple of times by EMC. So I learned a lot from Joe Tucci and Paul Merage over the years. see Paul and Joe, what they did is to look at how 20 years, and they are very close to Boston in your area, Joe, what games did is they used to sell storage, but you know what he did, he went and bought the Apps to drive them. He bought like Legato, he bought Documentum, he bought Captiva, if you remember how he acquired all these companies as a services, he bought VMware to drive that. So I think the good angle that Microsoft has is, I'm a SAS player, I have dynamics, I have CRM, I have SharePoint, I have Collaboration, I have Office 365, MS Teams for users, and then I have the platform as Azure. So I think if I'm Amazon, (indistinct). I got to own the apps so that I can drive this workforce on my platform. >> Interesting. >> Just going to developers, like I know Jerry Chan, he was my peer a BMF. I don't think just literally to developers and that model works in open source, but the open source game is pretty much gone, and not too many companies made money. >> Well, >> Most companies pretty much gone. >> Yeah, he's right. Red hats not bad idea. But it's very interesting what you're saying there. And so, hey, its why Oracle wants to have Tiktok, running on their platform, right? I mean, it's going to. (laughing) It's going to drive that further integration. I wanted to ask you something, you were talking about, you wouldn't invest in storage or compute, but I wonder, and you mentioned some commentary about GPU's. Of course the videos has been going crazy, but they're now saying, okay, how do we expand our Team, they make the acquisition of arm, et cetera. What about this DPU thing, if you follow that, that data processing unit where they're like hyper dis-aggregation and then they reaggregate, and as an offload and really to drive data centric workloads. Have you looked at that at all? >> I did, I think, and that's a good angle. So I think, look, it's like, it goes through it. I don't know if you remember in your career, we have seen it. I used to get Silicon graphics. I saw the first graphic GPU, right? That time GPU was more graphic processor unit, >> Right, yeah, work stations. >> So then become NPUs at work processing units, right? There was a TCP/IP office offloading, if you remember right, there was like vector processing unit. So I think every once in a while the industry, recreated this separate unit, as a co-processor to the main CPU, because main CPU's inefficient, and it makes sense. And then Google created TPU's and then we have the new world of the media GPU's, now we have DPS all these are good, but what's happening is, all these are driving for machine learning, AI for the training period there. Training period Sometimes it's so long with the workloads, if you can cut down, it makes sense. >> Yeah. >> Because, but the question is, these aren't so specialized in nature. I can't use it for everything. >> Yup. >> I want Ideally, algorithms to be paralyzed, I want the training to be paralyzed, I want so having deep use and GPS are important, I think where I want to see them as more, the algorithm, there should be more investment from the NVIDIA's and these guys, taking the algorithm to be highly paralyzed them. (indistinct) And I think that still has not happened in industry yet. >> All right, so we're pretty much out of time, but what are you doing these days? Where are you spending your time, are you still in Stealth, give us a little glimpse. >> Yeah, no, I'm out of the Stealth, I'm actually the CEO of Aisera now, Aisera, obviously I invested with them, but I'm the CEO of Aisero. It's funded by Menlo ventures, Norwest, True, along with Khosla ventures and Ram Shriram is a big investor. Robin's on the board of Google, so these guys, look, we are going out to the collaboration game. How do you automate customer service and support for employees and then users, right? In this whole game, we talked about the Zoom, Slack and MS Teams, that's what I'm spending time, I want to create next generation service now. >> Fantastic. Muddu, I always love having you on you, pull punches, you tell it like it is, that you're a great visionary technologist. Thanks so much for coming on theCube, and participating in our program. >> Dave, it's always a pleasure speaking to you sir. Thank you. >> Okay. Keep it right there, there's more coming from Cuba and Cloud right after this break. (slow music)

>> From theCube studios in Palo Alto in Boston, bringing you data-driven insights from theCube in ETR. This is Breaking Analysis with Dave Vellante. >> New data suggests the tech spending will be higher than we previously thought for 2021. COVID learnings, a faster than expected vaccine rollout, productivity gains in the last 10 months, and broad-based cloud leverage lead us to raise our outlook for next year. We now expect a three to 5% increase in 2021 technology spending, roughly double our previously forecasted growth rate of 2%. Hello everyone and welcome to this week's we keep on Cube Insights powered by ETR. In this breaking analysis, we're going to share new spending data from ETR partners and take a preliminary look at which sectors and which companies are showing momentum heading into next year. Let's get right into it. The data is pointing to a strong 2021 rebound. A latest survey from ETR and the information from theCube Community suggests that the accelerated pace of the vaccine rollout pent up demand for normalcy and learnings from COVID will boost 2021 tech spending higher than previously anticipated. Now a key factor we've cited is that the forced March to digital transformation due to the pandemic created a massive proof of concept for what works and what doesn't in a digital business. CIOs are planning to bet on those sure things to drive continued productivity improvements and new business opportunities. Now, speaking of productivity, nearly 80% of respondents in the latest ETR survey indicate that productivity either stayed the same or improved over the past three months. Now of those, the vast majority, more than 80% cited improvements in productivity. This has been a common theme throughout the year. As well, the expectation among CIOs is that many workers will return to the office in the second half of the year, which we expect will drive new spending in the infrastructure needs of company HQs, which have been neglected over the past 10 months. Now, despite the expectation that many workers will return to the office, 2020 has shown us that working remotely, hey, it's here to stay, and a much larger number of employees are going to be permanently remote working than pre pandemic. ETR survey data shows that that number is going to be approximately double over the longterm. We'll look at some of that specific data. In addition, cloud computing, it became the staple of business viability in 2020. Those that were up the cloud adoption ramp, well, they benefited greatly, those that weren't well, they had to learn fast. Now, along with remote work cloud necessitated new thinking around network security, and as we've reported identity access management, endpoint security and cloud security with the beneficiaries. Companies like Okta, CrowdStrike, Zscaler, a number of others continue to ride this wave. Larger established security companies like Cisco, Palo Alto Networks, F5, Fortunate and others, they have major portions of their business that are benefiting from the tailwinds in the shift and network traffic, as a result of cloud and remote work. Now, despite all the momentum in the market and the expect of improvements in 2021, these tailwinds are not expected to be evenly distributed, far from it. We think Q4 is going to remain soft relative to last year and Q1 2021 is going to be flat, maybe up slightly. Remember the COVID impact was definitely felt in March of this year. So based on the earnings that we saw, there may be some upside in Q1, given that organizations are still being cautious in Q4, and really there's still some uncertainty in Q1. Let's look at some of the survey responses and you'll see why we're more optimistic than we've previously reported. This chart shows the responses to key questions around spending trajectories from the March, June, September, and December surveys of this year. Now it's no surprise that there's been little change in remote workers and limiting business travel. But look at the other categories, seeing a dramatic reduction in hiring freezes. The percentage of companies freezing new IT deployments continues to drop throughout the year. And then conversely, the percentage of companies accelerating new it deployments that's sharply up to 34% from the March low of 12%. And look at the headcount trends. The percentage of companies instituting layoffs. It continues its downward trajectory while accelerated hiring is now up to 17%. So there's a lot to be excited about in these results. Now let's look the remote worker trend. How do CIO see that shift in the near to midterm? This chart shows the work from home data and it's amazingly consistent from the September survey drill down. You can see CIO's is indicate that on average, 15 to 60% of workers were remote prior to the pandemic, and that jumped up to 72 to 73% currently, and is expected to stay in the high fifties until the summer of 2021. Thereafter, organizations expect that the number of employees that work remotely on a permanent basis is going to more than double to 34% long term. By the way, I've talked to a number of executives, CEOs, CIOs, and CFOs that expect that number to be higher than these especially in the technology sector. They expect more than half of their workers to be remote and are looking to consolidate facilities cost to save money. As we've said, cloud computing has been the most significant contributor to business resilience and digital transformation this year. So let's look at cloud strategies and see how CIOs expect those to evolve. This chart shows responses to how organizations see multi-cloud evolving. It's interesting to note the ETR call-out, which concludes that the narrative around multi-cloud multi-cloud is real, and it is. But I want to talk to you about a flip side to this notion in that, as many customers have, or are planning to increasingly concentrate workloads in the cloud. This actually makes some sense. Sure, virtually every major company uses multiple clouds, but more often than not, it concentrate work on a primary cloud. CIO strategies, they're not generally evenly distributed across clouds. The data shows that this is the case for less than 20% of the respondents, rather organizations are typically going to apply an 80, 20 or a 70, 30 rule for their multi-cloud approach. Meaning they pick a primary cloud on which most work is done, and then they use alternative clouds as either a hedge or maybe for specific workloads or maybe even data protection purposes. Now, if you think about it, optimizing on a primary cloud allows organizations to simplify their security and governance and consolidate their skills. At this point in the cloud evolution, it seems CIOs feel there's more value that is going to come from leveraging the cloud to change their operating models, and maybe broadly spreading the wealth to reduce risk or maybe cut costs, or maybe even to tap specialized capabilities. What's more in thinking about AWS and Microsoft respectively. Each can make a very strong case from MANO cloud. AWS has more features than any other cloud, and as such can handle most workloads. Microsoft can make a similar argument for its customers that have an affinity and a largest state of Microsoft software. The key for multi-cloud in our view will be the degree to which technology vendors can abstract the underlying cloud complexity and create a layer that floats above the clouds and adds incremental value. Snowflakes data cloud is one of the best examples of this, and we've covered that pretty extensively. Now, clearly VMware and Red Hat have aspirations at the infrastructure layer in a similar fashion. Pure storage, and NetApp are a couple of the largest storage players with similar visions. And then Qumulo and Clumio are two other examples with promising technologies, but they have a much smaller install base. Take a look at Cisco, Dell, IBM and HPE. They have a lot to gain and a lot to lose in this cloud game. So multi-cloud is an imperative for these leaders, but for them it's much more complicated because of the complexity and vastness of their portfolios. And notably Dell has VMware and IBM of course has Red Hat, which are key assets that can be leveraged for this multi-cloud game. HPE has a channel and a large install base, but all of these firms, they have to spread R&D much more thinly than some of these other companies that we mentioned for example. The bottom line is that multi-cloud has to be more than just plugging into an operating well on any of the clouds. It require... Which is by the way, this is mostly where we are today. It requires an incremental value proposition that solves a clear problem, and at the same time runs efficiently, meaning it takes advantage of cloud native services at scale. What sectors are showing momentum heading into 2021? And who are some of the names that are looking strong? We've reported a lot that cloud containers and container orchestration, machine intelligence and automation are by far the hottest sectors, the biggest areas of investment with the greatest spending momentum. Now we measure this in ETR parlance, remember by net score. But here's the good news, almost every other sector in the ETR taxonomy with the notable exception of IT outsourcing and IT consulting is showing positive spending momentum relative to previous surveys this year. Yeah, maybe not, it's not a shock, but it appears that the tech spending recovery will be broad-based. It's also worth noting that there are several vendors that stand out and we show a number of them here. CrowdStrike, Microsoft has had consistent performance in the dataset throughout this year. Okta, we called out those guys last year and they've clearly performed as you can see in their earnings reports. Pure storage, interestingly, big acceleration and a turnaround from last quarter in the dataset, and of course, snowflake has been off the charts as we reported many times. These guys are all seeing highly accelerated momentum. UiPath just announced its intent to IPO, AWS, Google, Zscaler, SailPoint, ServiceNow, and Elastic, these all continue to trend up. And so, there are some real positives that we're looking for a member of the ETR surveys, they're forward-looking. So we'll see, as we catch up next quarter. Now, before we wrap, I want to say a few words on security, and maybe it's a bit of a non-sequitur here, but I think it's relevant to the trends that we've been discussing, especially as we talk about moving to the cloud. And as you know, we've reported many times on the security space, basically updating you quarterly with our scenarios and the spending and the technology trends and highlighting our four-star companies. Four-star company's insecurity on those with both momentum and significant market presence. And last year we put CrowdStrike, Okta and Zscaler, and some others on the radar. And we've closely track the cyber business of larger companies with a security portfolio like Palo Alto and Cisco, and more recently, VMware has made some acquisitions. Now the government hacked that became news this week. It really underscores the importance of security. It remains the most challenging area for organizations because well, failure's not an option, skills are short, tools are abundant, the adversaries are very well-funded and extremely capable yet failure is common as we saw this week. And there's a misconception that cloud solves the security problem, and it's important to point out that it does not. Cloud is a shared responsibility model, meaning the cloud provider is going to secure the infrastructure for example, but it's up to you as the customer to configure things properly and deal with application security. It's ultimately on you. And the example of S3 is instructive because we've seen a number S3 breaches over the years where the customer didn't properly configure the S3 bucket. We're talking about companies like Honda and Capital One, not just small businesses that don't have the SecOps resources. And generally it was because a non-security person was configuring things. Maybe they were Or developers who are not focused on security, and perhaps permission set too broadly, and access was given to far too many people. Whatever the issue, it took some breaches and subsequent education to increase awareness of this problem and tighten it up. We see some similar trends occurring with new workloads, especially in cloud databases. It's becoming so easy to spin up new data warehouses for example, and we believe that there are exposures out there due the lack of awareness or inconsistent corporate governance being applied to these new data stores. As well, even though important areas like threat intelligence and database security are important, SecOps budgets are stretched thin. And when you ask companies where the priorities are, these fall lower down the list, these areas specifically have taken a back seat, the endpoint, identity and cloud security. And we bring this up because it's a potential blind spot as we saw this week with the US government hack. It was stealthy, it wasn't detected for many, many months. Who knows maybe even years. And not to be a buzzkill, but the point is, cloud enthusiasm has to be concompetent with security vigilant. Enough preaching, let's wrap up here. As we enter 2020, this year, we said the cloud was going to be the force that drove innovation along with data and AI. And as we look in the rear view mirror and put 2020 behind us, I know many of you want to do that, it was the cloud that enabled businesses to not only continue to operate, but to actually increase productivity. Nonetheless, we still see IT spending declines of four to 5% this year with an expectation of a tepid Q4 relative to the last year. We see Q1 slowly rebounding and kind of a swoosh, let me try that again, recovery in the subsequent quarters with tech spending rebounding in 2021 to a positive three to 5%, let's call it 4%. Now supporting us scenario, the pandemic forced a giant Petri dish for digital. And we see some real successes and learnings that organizations will apply in 2021 to bet on sure things. These are cloud, containers, AI, ML, machine intelligence pieces and automation. For sure, along with upticks for virtually every other sector of technology because spending has been so depressed. The two exceptions are outsourcing and IT consulting and related services which continue to be a drag on overall spending. Priorities must be focused on security and governance and further improvements in applying corporate edicts in a cloud world. We also see new data architectures emerging where domain knowledge becomes central to data platforms. We'll be covering this in more detail on top of the work that we've already done in this area. Now, automation is not only an opportunity, it's become a mandate. Yes, RPA, but also broader automation agendas be on point tools. And importantly, we're not talking about paving the cow path here by automating existing processes. Rather we're talking about rethinking processes across the entire organization for a new digital reality where many of these processes are being invented. The work of Erik Brynjolfsson and Andrew McAfee on the second machine age. It was pressured back in 2014 and the conclusions they drew, they're becoming increasingly important in the 2020s, meaning that look machines have always replaced humans throughout time. But for the first time in history, it's happening for cognitive functions, and a huge base of workers is going to be, or as being marginalized, unless they're retrained. Education and public policy that supports this transition is critical. And I for one would like to see a much more productive discussion that goes beyond the cult of break up big tech. Rather I'd like to see governments partner with big tech to truly do good and help drive the re-skilling of workers for the digital age. Now cloud remains the underpinning of the digital business mandate, but the path forward isn't really always crystal clear. This is evidenced by the virtual dead heat between those organizations that are consolidating workloads in a cloud workloads versus those that are hedging bets on a multi-cloud strategy. One thing is clear cloud is the linchpin for our growth scenarios and will continue to be the substrate for innovation in the coming decade. Remember, these episodes, they're all available as podcasts, wherever you listen, all you got to do is search Breaking Analysis podcast, and please subscribe to the series, appreciate that. Check out ETR's website at ETR.plus. We also publish full report every week on wikibond.com and siliconangle.com and get in touch with me at David.vallante, siliconangle.Com, you can DM me at D. Vellante. And please by all means comment on our LinkedIn posts. This is Dave Vellante for theCube Insights powered by ETR. Have a great week everybody, Merry Christmas, happy Hanukkah, happy Kwanzaa, or happy, whatever holiday you celebrate. Stay safe, be well, and we'll see you next time. (upbeat music)

>> From theCUBE studios in Palo Alto in Boston, bringing you data-driven insights from theCUBE at ETR. This is Breaking Analysis with Dave Vellante >> As we've reported extensively, the pandemic has affected cybersecurity markets perhaps more than any other. Remote work has caused CISOs, chief information security officers to shift spending priorities toward identity access management endpoint and cloud security. COVID has been a benefactor for next gen security companies that participate in these sectors. Notably, we believe tactical responses to the coronavirus have resulted in productivity improvements that will create permanent change in the way organizations defend themselves against cyber threats. Hello everyone and welcome to this week's Wikibon CUBE Insights powered by ETR. In this Breaking Analysis, we'll provide you with our quarterly update of the cybersecurity space and share fresh ETR data on the market. We also have some results from Eric Bradley's most recent Venn round table conducted with three senior chief information security officers. Let's start by looking at this notion of a single pane of glass. Now, despite the aspiration, there is no silver bullet to protect organizations from cyber attacks. The complexities of security, they're enormous and they require a layered defense approach. They range from securing internal networks to end points, to DMZ subnets, external traffic security, data in motion, data at rest, protecting from ransomware, dealing with web traffic, emails, phishing, not to mention threats from internal employees and contractors. As we mentioned at the open, there are three areas in particular that have seen significantly elevated spending momentum that is translated into the valuation increases for several companies, including CrowdStrike, Okta, Zscaler and several others. Zero trust security has gone from buzzword to reality. And spending shifts to these technologies have siphoned off demand from traditional hardware based firewalls. Although CISOs seem to be hedging their bets, at some point, they realized that people are actually going to come back to the office, so they have to remain agile. Lack of talent. Well, that remains one of the CISOs biggest challenges to securing applications and data. And automation while sometimes viewed as risky, is becoming increasingly important. Several companies have hit our radar this quarter and were highlighted in the CISO Panel, including Elastic which has seen momentum as an open source alternative to Splunk and notably multiple CIOs in the panel, they cited concerns related to Splunk's pricing and their sales tactics. They actually compared those of Splunk to those of EMC in the past, if anybody remembers how aggressive EMC salespeople could be. CloudFlare also broke into the top 10 in the ETR survey based on net score which is a measure of spending momentum. And that was for those companies with more than 50 mentions in the survey. CloudFlare is a CDN and provides security for websites. Also Netskope, a cloud security specialist cracked the top 10 in terms of net score and received high marks from the CISO panel, particularly with respect to it's vision and roadmap. Microsoft, Palo Alto Networks, Okta, CrowdStrike Cisco, CyberArk, SailPoint, Zscaler and Proofpoint remain focus vendors for us in the ETR survey as measured by spending momentum and their presence in the data set, what we call market share. And we'll talk more about those companies in a moment. Now finally, even CISOs that were skeptical about the permanence of the effects of COVID, they're seeing business benefits that suggest many of these shifts are circular, and not cyclical. Indeed, prior to the pandemic, ETR survey data showed that about 16% of organizations workers were primarily remote. CIOs expect that number to more than double post pandemic to 34%. Let's say you look at some of the cybersecurity vendors. We'll plot some, we don't have enough room to plot all of them, there are so many. But this chart shows one of our favorite XY views. On the Y axis, we measure net score. And that measures against spending velocity by looking at the net percentage of customers that are spending more versus those that are spending less within the ETR survey. The X axis measures market share or pervasiveness in the survey. Now we've included a select list of companies for this view and only include those with more than 50 responses, or 50 Ns, shared Ns, if you will, in the data set. In the upper right, you can see a table that shows the data sorted by both net score and shared Ns for each vendor. Now, as we indicated, Elastic has taken the top spot, just barely edging out Okta who took over from CrowdStrike in the last survey. And you can see the significant market presence of Palo Alto and Splunk and the most pervasive vendor here is Cisco. Note that Cisco also owns Umbrella and Duo which both have meaningful Ns in the survey. Now, if we were to combine these into one view, a single view of Cisco, all three of those, it would pull the company even further up into the right. Security is one of the bright spots in Cisco's portfolio and shows consistent year-on-year growth each quarter. Now having said that, some CISOs complained that Cisco's propensity to rely on acquisitions to fill gaps has caused them integration challenges in the past. Let's go back to Palo Alto for a moment. We'll make some comments later regarding their position relative to Fortinet, but we wanted to call them out here. Look, CISOs, they really liked Palo Alto. They trust the Palo Alto Networks. They consider Palo Alto as a trusted leader with a very strong portfolio and vision. Now let's turn our attention to the pack here, as we mentioned, Okta's momentum is notably elevated and it's meaningfully higher than the others. Its presence continues to increase up to the right, as does CrowdStrike's, or to the right, not necessarily up to the right, but to the right. But CrowdStrike has come off its net score high, so it's coming down actually in the vertical axis. And we're not super concerned about that because they're dramatically increasing their presence on the X axis each survey. But so is Okta, so that's something to watch. In other words, CrowdStrike's coming down in net score while it's increasing its presence, Okta is holding its net score while at the same time increasing its presence, which is really a strong sign. Now that they compete, they don't compete against each other directly, but it's they're still in the same sector. We've also included Carbon Black here because because of their VMware acquisition and VMware CEO, Pat Gelsinger, he's on a mission to fix security and the company has made a number of moves in cyber. VMware has a really good track record could of execution and while fixing Curity is highly aspirational. With its install base and history of success, we wanted to include them here because they're getting more attention of the CISOs in the ETR panel. So we're keeping an eye on VMware and Carbon Black. It's going to take some time, but we'll keep watching them. Now let's take a look at how the players have moved this year over the quarters. We're going to show you four tables here and we're going to compare the net scores and market share of the cyber companies for January, April, July, and October surveys. So pre-COVID and throughout the year. So let's look first at the pre-COVID positions. The left most chart is sorted by net score or spending momentum and the right most chart is the shared Ns, which is the number of mentions in the survey, which is what drives the horizontal axis that I showed you earlier. Now, when you go back to the January survey, you see CrowdStrike was already doing very well with an elevated net score of 68.3% and 123 mentions. By the way, please ignore those companies with less than 50 Ns, I didn't filter the data back then. I was kind of still learning how to use the ETR software platform. Okta was also elevated and you can see the others there as well. Now, last year, we came up with a method to assign stars to those companies that had both top net scores and large shared Ns in the survey. So spending momentum and strong market share. And you can see Microsoft, Splunk, Palo Alto Networks, Proofpoint, CrowdStrike, Zscaler and CyberArk made the cut and all received four stars. And we gave two stars to Cisco and Fortinet because they had strong net scores and very high presence in the survey. Now let's go forward and look at April when the lockdown was in full swing. Okay, so we tightened things up in April and on the presentation of the survey did and only included those companies with more than 50N. And we cut the top 10, that's the red line and we put in their Dell EMC which is RSA and IBM for context. And you can see CrowdStrike, they shot to the top with a 68% net score and increased it's shared N, and you can see the stars right. Now, let's just jump ahead to the July survey. So now we're well into the pandemic. Maybe things are calming down a little bit in the summer. People feeling a little bit more freedom, maybe not as concerned about the work-from-home peace, that's sort of settling in, and CISOs, they had a little time to respond here and that's kind of the picture in the summer. Okta jumped way up on the left, you see in spending momentum and CrowdStrike, they moderated a bit, although they remained elevated. And again, they're not direct competitors, but it's instructive to compare these two firms, 'cause they're both hot and growing. And you see the green lines, they show the direction of the momentum of the net score. CrowdStrike was a bit of a concern because its net score dropped and its presence in the dataset kind of moderated. But the company continued to report strong revenue during its earnings calls and the stock remain a darling. So some mixed signals in the data, one quarter doesn't necessarily make a trend. But Okta, Microsoft, Cisco, Palo Alto, Splunk and several others, they remained very, very strong. Now let's go into the most recent October survey. So again, we continue to fine tune our presentation analysis here. And you can see there are two red lines. The top one is the top 10 cutoff. And the second line is the top 20. As we said, Elastic hit the radar for net score but still not pervasive enough in the dataset on the right to earn some stars with the shared Ns. So Okta in our view continues to hold that top spot for momentum and made the top 10 cut for shared N, two very positive signs. It's shared N, for example, jumped from 139 to 185. So more and more mentions, people are increasingly relying on Okta for identity access management. Now for the green arrows here, the momentum lines, we've tried to take into consideration the shared N. So even though, for example CrowdStrike's net score dropped from 50 down to 43%, it's shared N, or again, the number of mentions, it jumped from 119 to 162. So that's a 36% increase and you might be thinking, well, why is that significant? Well, CIOs and IT buyers in the ETR survey, they're asked to choose the areas with which they are most familiar and then they answer questions on which vendors they use. So the fact that companies like Okta and Palo Alto and CrowdStrike and several others that we've highlighted are increasing their presence in the data set and still maintaining a very strong net score is a really good signal in our view. That's why, for example, take Zscaler, we still give them two stars, even though on a relative basis, it didn't make the top 10 cut. It's net score held relatively firm and it's shared N jumped by 39%. So we continue to like names like Zscaler, Okta, CrowdStrike, CyberArk, Proofpoint Fortinet and of course Microsoft, which consistently shines brightly. Let's look at a comment that underscores the CISOs sentiment and I think the market overall. Here's a comment from a CISO of a global travel and hospitality company. It's a name you would recognize and obviously this individual's business was hit hard by the pandemic. So there's an inherent bias toward hope anyway, toward a return to the normal. But look at the comment, I'll read it. "I was a skeptic on the permanence of the changes due to COVID, but I've seen firsthand, there are legitimate structural changes that are taking place, and that's going to fundamentally shift where companies are investing in cyber. Building leases are expiring, people, they're productive working from home. Products that enable work from home and that are cloud first, that trend will continue and be permanent." And you know what? We agree. Okay, here's a chart that we've been updating since right before the pandemic and it compares the performance of the S & P 500 and Nasdaq with specific security companies that are public. And we've been tracking the revenue multiples on a trailing 12 month revenue basis over time to get a sense of how these companies compare. And we prefer to use forward looking revenue, but find TTM to be more consistent and frankly easier to access quickly. So that's what we're using. Now note that Splunk, Octa, CrowdStrike and Zscaler, those are the guys I've highlighted in red, they have yet to report as of this publication. A couple of points here are worth noting. First, we've been talking a lot about the divergence in valuation between Palo Alto and Fortinet and we'll show some more data on that in a moment but we want to share some CISO comments about Fortinet. People sometimes refer to Fortinet as Forti knife, as in Swiss army knife. They're a Swiss army knife of cyber, Forti everything is what one CISO called it. Fortinet is more price attractive, especially for mid-sized companies who don't have the resources of larger firms that might gravitate toward Palo Alto Networks. And the companies around for awhile and has earned the trust of CISOs because of their portfolio and their track record. Now, the other notable item in this data is the rise in value for Okta, CrowdStrike and Zscaler which have seen values increase 78%, 128%, 124% respectively in the time period we show here. You can see the very highly elevated revenue multiples compared to some of the more mature companies. Splunk, they're a bit of an outlier here 'cause we're showing negative growth in that right-hand column. And that's because of its transition toward a subscription model. That really messes up the income statement. And we just wanted to cite that. Splunk's been doing a good job communicating to the street. There are some concerns in the ETR dataset, which we've talked about. They've sort of moderated lately. There's also concerns about pricing that CISOs have mentioned, but generally there's a real bifurcation in the market in terms of valuations. And we think that while there's a lot of discussion about the so-called stay-at-home stocks and a shift back away from those when the pandemic subsides, we believe that the productivity benefits of remote work are becoming more clear and these next gen security companies are going to continue to thrive. Now let's take a moment to look at the relative performance of Palo Alto and Fortinet. Back in February of this year, we noted that there was a valuation divergence occurring between these two companies. And we cited three factors at the time for this gap. First, we said the Palo Alto was trying to cloud proof its business, and as such, it was in transition. And second, it had some challenges with regard to the pace of that transition, including sales incentives, actually that's part of the first point. That was kind of one A. Secondly, we said that the shift away from appliance-based firewalls was accelerating and that was pressuring Palo Alto's valuation. They were kind of underperforming in that segment. And finally we said the Palo Alto was facing some very tough compares in 2019 relative to 2018. And that was causing investors to pause as Palo Alto began shifting to an annual recurring revenue model. Now we said at the time that CISOs really, they really liked Palo Alto and we felt it would... the company would deal with these issues in 2020. And this chart really shows that and they've begun to reverse this trend. The yellow line is Fortinet. The blue line is Palo Alto and it's showing this sort of relative performance here. And you can see that gap coming into 2020 which extended into the meat of 2020. But now it's starting to compress, thanks to a nice earnings report that beat EPS on revenue this month, as we're talking about Palo Alto. So we continue to believe that Fortinet has done a good job and a better job of moving to the cloud model. And Palo Alto has largely relied on acquisitions to accelerate this trend. And we'll see if they can continue to thrive during this transition to cloud. But there's little doubt that CISOs want to work with Palo Alto networks and they remain committed to having a strategic relationship with the company. Alright, let's wrap. The shift to the subscription model is well underway in the cybersecurity space and it's buoyed by cloud and next generation SAS-based security players. Splunk is in transition. Cisco and Palo Alto emphasize the importance of this trend and virtually all historically on-prem players are being forced to respond. Survey data and anecdotal information from theCUBE community supports what the ETR Venn CISOs are saying, that the internet is becoming the new private network and these trends toward cloud-based and remote worker support are delivering benefits that CEOs and CFOs are going to continue to push to operationalize. CISOs, they got to continue to take a multi-layered approach to defending their data, their applications and their users. And it's such a fragmented market with specialists is going to continue for quite some time. Now, despite these clear trends, CISOs face a real challenge, the timing of the return to semi normal, it's really uncertain. And we still don't have a clear picture of what that future will look like. As such incumbent firms with hardened networks, they're going to have to remain in a hybrid holding pattern to accommodate whatever happens. Why is that important? Well, this means that budgets are going to be stretched. Look, while security remains a top priority, you can't expect an open checkbook going to SecOps team. Throwing money at the problem wouldn't really solve it anyway. Rather CISOs have to take a balanced portfolio of investments, continuing with automation and data analytics and of course, good security practice practices. That's going to be the pattern. Alright, well, thanks everyone for watching this episode of theCUBE insights powered by ETR. There are many ways to get in touch. @dvellante on Twitter, david.vellante@siliconangle.com. You can comment on my LinkedIn posts. I publish weekly on wikibon.com and siliconangle.com and always appreciate the feedback from our community. These episodes, by the way, are all available as podcasts. So you can listen while you multitask and don't forget to check out etr.plus for all the survey action. This is Dave Vellante. Have a great Thanksgiving, be smart, stay safe and we'll see you next time. (light melodic music)

(gentle music) >> From the Cube Studios in Palo Alto and Boston, connecting with thought leaders all around the world. This is theCube Conversation. >> Hi everybody, this is Dave Vellante, we're back at Cube on Cloud, and with me is Muddu Sudhakar. He's a long time alum of theCube, a technologist and executive, a serial entrepreneur and an investor. Welcome my friend, good to see you. >> Good to see you, Dave. Pleasure to be with you. Happy elections, I guess. >> Yeah, yeah. So I wanted to start, this work from home, pivot's been amazing, and you've seen the enterprise collaboration explode. I wrote a piece a couple months ago, looking at valuations of various companies, right around the snowflake IPO, I want to ask you about that, but I was looking at the valuations of various companies, at Spotify, and Shopify, and of course Zoom was there. And I was looking at just simple revenue multiples, and I said, geez, Zoom actually looks, might look undervalued, which is crazy, right? And of course the stock went up after that, and you see teams, Microsoft Teams, and Microsoft doing a great job across the board, we've written about that, you're seeing Webex is exploding, I mean, what do you make of this whole enterprise collaboration play? >> No, I think the look there is a trend here, right? So I think this probably trend started before COVID, but COVID is going to probably accelerate this whole digital transformation, right? People are going to work remotely a lot more, not everybody's going to come back to the offices even after COVID, so I think this whole collaboration through Slack, and Zoom, and Microsoft Teams and Webex, it's going to be the new game now, right? Both the video, audio and chat solutions, that's really going to help people like eyeballs. You're not going to spend time on all four of them, right? It's like everyday from a consumer side, you're going to spend time on your Gmail, Facebook, maybe Twitter, maybe Instagram, so like in the consumer side, on your personal life, you have something on the enterprise. The eyeballs are going to be in these platforms. >> Yeah. Well. >> But we're not going to take everything. >> Well, So you are right, there's a permanence to this, and I got a lot of ground to cover with you. And I always like our conversations mood because you tell it like it is, I'm going to stay on that work from home pivot. You know a lot about security, but you've seen three big trends, like mega trends in security, Endpoint, Identity Access Management, and Cloud Security, you're seeing this in the stock prices of companies like CrowdStrike, Zscaler, Okta- >> Right >> Sailpoint- >> Right, I mean, they exploded, as a result of the pandemic, and I think I'm inferring from your comment that you see that as permanent, but that's a real challenge from a security standpoint. What's the impact of Cloud there? >> No, it isn't impact but look, first is all the services required to be Cloud, right? See, the whole ideas for it to collaborate and do these things. So you cannot be running an application, like you can't be running conference and SharePoint oN-Prem, and try to on a Zoom and MS teams. So that's why, if you look at Microsoft is very clever, they went with Office 365, SharePoint 365, now they have MS Teams, so I think that Cloud is going to drive all these workloads that you have been talking about a lot, right? You and John have been saying this for years now. The eruption of Cloud and SAS services are the vehicle to drive this next-generation collaboration. >> You know what's so cool? So Cloud obviously is the topic, I wonder how you look at the last 10 years of Cloud, and maybe we could project forward, I mean the big three Cloud vendors, they're running it like $20 billion a quarter, and they're growing collectively, 35, 40% clips, so we're really approaching a hundred billion dollars for these three. And you hear stats like only 20% of the workloads are in the public Cloud, so it feels like we're just getting started. How do you look at the impact of Cloud on the market, as you say, the last 10 years, and what do you expect going forward? >> No, I think it's very fascinating, right? So I remember when theCube, you guys are talking about 10 years back, now it's been what? More than 10 years, 15 years, since AWS came out with their first S3 service back in 2006. >> Right. >> Right? so I think look, Cloud is going to accelerate even more further. The areas is going to accelerate is for different reasons. I think now you're seeing the initial days, it's all about startups, initial workloads, Dev test and QA test, now you're talking about real production workloads are moving towards Cloud, right? Initially it was backup, we really didn't care for backup they really put there. Now you're going to have Cloud health primary services, your primary storage will be there, it's not going to be an EMC, It's not going to be a ETAP storage, right? So workloads are going to shift from the business applications, and this business App again, will be running on the Cloud, and I'll make another prediction, make customer service and support. Customer service and support, again, we should be running on the Cloud. You're not want to run the thing on a Dell server, or an IBM server, or an HP server, with your own hosted environment. That model is not because there's no economies of scale. So to your point, what will drive Cloud for the next 10 years, will be economies of scale. Where can you take the cost? How can I save money? If you don't move to the Cloud, you won't save money. So all those workloads are going to go to the Cloud are people who really want to save, like global gradual custom, right? If you stay on the ASP model, a hosted, you're not going to save your costs, your costs will constantly go up from a SAS perspective. >> So that doesn't bode well for all the On-prem guys, and you hear a lot of the vendors that don't own a Cloud that talk about repatriation, but the numbers don't support that. So what do those guys do? I mean, they're talking multi-Cloud, of course they're talking hybrid, that's IBM's big play, how do you see it? >> I think, look, see there, to me, multi-Cloud makes sense, right? You don't want one vendor that you never want to get, so having Amazon, Microsoft, Google, it gives them a multi-Cloud. Even hybrid Cloud does make sense, right? There'll be some workloads. It's like, we are still running On-prem environment, we still have mainframe, so it's never going to be a hundred percent, but I would say the majority, your question is, can we get to 60, 70, 80% workers in the next 10 years? I think you will. I think by 2025, more than 78% of the Cloud Migration by the next five years, 70% of workload for enterprise will be on the Cloud. The remaining 25, maybe Hybrid, maybe On-prem, but I get panics, really doesn't matter. You have saved and part of your business is running on the Cloud. That's your cost saving, that's where you'll see the economies of scale, and that's where all the growth will happen. >> So square the circle for me, because again, you hear the stat on the IDC stat, IBM Ginni Rometty puts it out there a lot that only 20% of the workloads are in the public Cloud, everything else is On-prem, but it's not a zero sum game, right? I mean the Cloud native stuff is growing like crazy, the On-prem stuff is flat to down, so what's going to happen? When you talk about 70% of the workloads will be in the Cloud, do you see those mission critical apps and moving into the car, I mean the insurance companies going to put their claims apps in the Cloud, or the financial services companies going to put their mission critical workloads in the Cloud, or they just going to develop new stuff that's Cloud native that is sort of interacts with the On-prem. How do you see that playing out? >> Yeah, no, I think absolutely, I think a very good question. So two things will happen. I think if you take an enterprise, right? Most businesses what they'll do is the workloads that they should not be running On-prem, they'll move it up. So obviously things like take, as I said, I use the word SharePoint, right? SharePoint and conference, all the knowledge stuff is still running on people's data centers. There's no reason. I understand, I've seen statistics that 70, 80% of the On-prem for SharePoint will move to SharePoint on the Cloud. So Microsoft is going to make tons of money on that, right? Same thing, databases, right? Whether it's CQL server, whether there is Oracle database, things that you are running as a database, as a Cloud, we move to the Cloud. Whether that is posted in Oracle Cloud, or you're running Oracle or Mongo DB, or Dynamo DB on AWS or SQL server Microsoft, that's going to happen. Then what you're talking about is really the App concept, the applications themselves, the App server. Is the App server is going to run On-prem, how much it's going to laureate outside? There may be a hybrid Cloud, like for example, Kafka. I may use a Purse running on a Kafka as a service, or I may be using Elasticsearch for my indexing on AWS or Google Cloud, but I may be running my App locally. So there'll be some hybrid place, but what I would say is for every application, 75% of your Comprende will be on the Cloud. So think of it like the Dev. So even for the On-prem app, you're not going to be a 100 percent On-prem. The competent, the billing materials will move to the Cloud, your Purse, your storage, because if you put it On-prem, you need to add all this, you need to have all the whole things to buy it and hire the people, so that's what is going to happen. So from a competent perspective, 70% of your bill of materials will move to the Cloud, even for an On-prem application. >> So, Of course, the susification of the industry in the last decade and in my three favorite companies last decade, you've worked for two of them, Tableau, ServiceNow, and Splunk. I want to ask you about those, but I'm interested in the potential disruption there. I mean, you've got these SAS companies, Salesforce of course is another one, but they can't get started in 1999. What do you see happening with those? I mean, we're basically building these sort of large SAS, platforms, now. Do you think that the Cloud native world that developers can come at this from an angle where they can disrupt those companies, or are they too entrenched? I mean, look at service now, I mean, I don't know, $80 billion market capital where they are, they bigger than Workday, I mean, just amazing how much they've grown and you feel like, okay, nothing can stop them, but there's always disruption in this industry, what are your thoughts on that. >> Not very good with, I think there'll be disrupted. So to me actually to your point, ServiceNow is now close to a 100 billion now, 95 billion market coverage, crazy. So from evaluation perspective, so I think the reason they'll be disrupted is that the SAS vendors that you talked about, ServiceNow, and all this plan, most of these services, they're truly not a multi-tenant or what do you call the Cloud Native. And that is the Accenture. So because of that, they will not be able to pass the savings back to the enterprises. So the cost economics, the economics that the Cloud provides because of the multi tenancy ability will not. The second reason there'll be disrupted is AI. So far, we talked about Cloud, but AI is the core. So it's not really Cloud Native, Dave, I look at the AI in a two-piece. AI is going to change, see all the SAS vendors were created 20 years back, if you remember, was an operator typing it, I don't respond administered we'll type a Splunk query. I don't need a human to type a query anymore, system will actually find it, that's what the whole security game has changed, right? So what's going to happen is if you believe in that, that AI, your score will disrupt all the SAS vendors, so one angle SAS is going to have is a Cloud. That's where you make the Cloud will take up because a SAS application will be Cloudified. Being SAS is not Cloud, right? Second thing is SAS will be also, I call it, will be AI-fied. So AI and machine learning will be trying to drive at the core so that I don't need that many licenses. I don't need that many humans. I don't need that many administrators to manage, I call them the tuners. Once you get a driverless car, you don't need a thousand tuners to tune your Tesla, or Google Waymo car. So the same philosophy will happen is your Dev Apps, your administrators, your service management, people that you need for service now, and these products, Zendesk with AI, will tremendously will disrupt. >> So you're saying, okay, so yeah, I was going to ask you, won't the SAS vendors, won't they be able to just put, inject AI into their platforms, and I guess I'm inferring saying, yeah, but a lot of the problems that they're solving, are going to go away because of AI, is that right? And automation and RPA and things of that nature, is that right? >> Yes and no. So I'll tell you what, sorry, you have asked a very good question, let's answer, let me rephrase that question. What you're saying is, "Why can't the existing SAS vendors do the AI?" >> Yes, right. >> Right, >> And there's a reason they can't do it is their pricing model is by number of seats. So I'm not going to come to Dave, and say, come on, come pay me less money. It's the same reason why a board and general lover build an electric car. They're selling 10 million gasoline cars. There's no incentive for me, I'm not going to do any AI, I'm going to put, I'm not going to come to you and say, hey, buy me a hundred less license next year from it. So that is one reason why AI, even though these guys do any AI, it's going to be just so I call it, they're going to, what do you call it, a whitewash, kind of like you put some paint brush on it, trying to show you some AI you did from a marketing dynamics. But at the core, if you really implement the AI with you take the driver out, how are you going to change the pricing model? And being a public company, you got to take a hit on the pricing model and the price, and it's going to have a stocking part. So that, to your earlier question, will somebody disrupt them? The person who is going to disrupt them, will disrupt them on the pricing model. >> Right. So I want to ask you about that, because we saw a Snowflake, and it's IPO, we were able to pour through its S-1, and they have a different pricing model. It's a true Cloud consumption model, Whereas of course, most SAS companies, they're going to lock you in for at least one year term, maybe more, and then, you buy the license, you got to pay X. If you, don't use it, you still got to pay for it. Snowflake's different, actually they have a different problem, that people are using it too much and the sea is driving the CFO crazy because the bill is going up and up and up, but to me, that's the right model, It's just like the Amazon model, if you can justify it, so how do you see the pricing, that consumption model is actually, you're seeing some of the On-prem guys at HPE, Dell, they're doing as a service. They're kind of taking a page out of the last decade SAS model, so I think pricing is a real tricky one, isn't it? >> No, you nailed it, you nailed it. So I think the way in which the Snowflake there, how the disruptors are data warehouse, that disrupted the open source vendors too. Snowflake distributed, imagine the playbook, you disrupted something as the $ 0, right? It's an open source with Cloudera, Hortonworks, Mapper, that whole big data that you want me to, or that market is this, that disrupting data warehouses like Netezza, Teradata, and the charging more money, they're making more money and disrupting at $0, because the pricing models by consumption that you talked about. CMT is going to happen in the service now, Zen Desk, well, 'cause their pricing one is by number of seats. People are going to say, "How are my users are going to ask?" right? If you're an employee help desk, you're back to your original health collaborative. I may be on Slack, I could be on zoom, I'll maybe on MS Teams, I'm going to ask by using usage model on Slack, tools by employees to service now is the pricing model that people want to pay for. The more my employees use it, the more value I get. But I don't want to pay by number of seats, so the vendor, who's going to figure that out, and that's where I look, if you know me, I'm right over as I started, that's what I've tried to push that model look, I love that because that's the core of how you want to change the new game. >> I agree. I say, kill me with that problem, I mean, some people are trying to make it a criticism, but you hit on the point. If you pay more, it's only because you're getting more value out of it. So I wanted to flip the switch here a little bit and take a customer angle. Something that you've been on all sides. And I want to talk a little bit about strategies, you've been a strategist, I guess, once a strategist, always a strategist. How should organizations be thinking about their approach to Cloud, it's cost different for different industries, but, back when the cube started, financial services Cloud was a four-letter word. But of course the age of company is going to matter, but what's the framework for figuring out your Cloud strategy to get to your 70% and really take advantage of the economics? Should I be Mono Cloud, Multi-Cloud, Multi-vendor, what would you advise? >> Yeah, no, I mean, I mean, I actually call it the tech stack. Actually you and John taught me that what was the tech stack, like the lamp stack, I think there is a new Cloud stack needs to come, and that I think the bottomline there should be... First of all, anything with storage should be in the Cloud. I mean, if you want to start, whether you are, financial, doesn't matter, there's no way. I come from cybersecurity side, I've seen it. Your attackers will be more with insiders than being on the Cloud, so storage has to be in the Cloud and encompass compute whoever it is. If you really want to use containers and Kubernetes, it has to be in the public Cloud, leverage that have the computer on their databases. That's where it can be like if your data is so strong, maybe run it On-prem, maybe have it on a hosted model for when it comes to database, but there you have a choice between hybrid Cloud and public Cloud choice. Then on top when it comes to App, the app itself, you can run locally or anywhere, the App and database. Now the areas that you really want to go after to migrate is look at anything that's an enterprise workload that you don't need people to manage it. You want your own team to move up in the career. You don't want thousand people looking at... you don't want to have a, for example, IT administrators to call central people to the people to manage your compute storage. That workload should be more, right? You already saw Sierra moved out to Salesforce. We saw collaboration already moved out. Zoom is not running locally. You already saw SharePoint with knowledge management mode up, right? With a box, drawbacks, you name anything. The next global mode is a SAS workloads, right? I think Workday service running there, but work data will go into the Cloud. I bet at some point Zendesk, ServiceNow, then either they put it on the public Cloud, or they have to create a product and public Cloud. To your point, these public Cloud vendors are at $2 trillion market cap. They're they're bigger than the... I call them nation States. >> Yeah, >> So I'm servicing though. I mean, there's a 2 trillion market gap between Amazon and Azure, I'm not going to compete with them. So I want to take this workload to run it there. So all these vendors, if you see that's where Shandra from Adobe is pushing this right, Adobe, Workday, Anaplan, all the SAS vendors we'll move them into the public Cloud within these vendors. So those workloads need to move out, right? So that all those things will start, then you'll start migrating, but I call your procurement. That's where the RPA comes in. The other thing that we didn't talk about, back to your first question, what is the next 10 years of Cloud will be RPA? That third piece to Cloud is RPA because if you have your systems On-prem, I can't automate them. I have to do a VPN into your house there and then try to automate your systems, or your procurement, et cetera. So all these RPA vendors are still running On-prem, most of them, whether it's UI path automation anywhere. So the Cloud should be where the brain should be. That's what I call them like the octopus analogy, the brain is in the Cloud, the tentacles are everywhere, they should manage it. But if my tentacles have to do a VPN with your house to manage it, I'm always will have failures. So if you look at the why RPA did not have the growth, like the Snowflake, like the Cloud, because they are running it On-prem, most of them still. 80% of the RP revenue is On-prem, running On-prem, that needs to be called clarified. So AI, RPA and the SAS, are the three reasons Cloud will take off. >> Awesome. Thank you for that. Now I want to flip the switch again. You're an investor or a multi-tool player here, but so if you're, let's say you're an ecosystem player, and you're kind of looking at the landscape as you're in an investor, of course you've invested in the Cloud, because the Cloud is where it's at, but you got to be careful as an ecosystem player to pick a spot that both provides growth, but allows you to have a moat as, I mean, that's why I'm really curious to see how Snowflake's going to compete because they're competing with AWS, Microsoft, and Google, unlike, Frank, when he was at service now, he was competing with BMC and with on-prem and he crushed it, but the competitors are much more capable here, but it seems like they've got, maybe they've got a moat with MultiCloud, and that whole data sharing thing, we'll see. But, what about that? Where are the opportunities? Where's that white space? And I know there's a lot of white space, but what's the framework to look at, from an investor standpoint, or even a CEO standpoint, where you want to put place your bets. >> No, very good question, so look, I did something. We talk as an investor in the board with many companies, right? So one thing that says as an investor, if you come back and say, I want to create a next generation Docker or a computer, there's no way nobody's going to invest. So that we can motor off, even if you want to do object storage or a block storage, I mean, I've been an investor board member of so many storage companies, there's no way as an industry, I'll write a check for a compute or storage, right? If you want to create a next generation network, like either NetSuite, or restart Juniper, Cisco, there is no way. But if you come back and say, I want to create a next generation Viper for remote working environments, where AI is at the core, I'm interested in that, right? So if you look at how the packets are dropped, there's no intelligence in either not switching today. The packets come, I do it. The intelligence is not built into the network with AI level. So if somebody comes with an AI, what good is all this NVD, our GPS, et cetera, if you cannot do wire speed, packet inspection, looking at the content and then route the traffic. If I see if it's a video package, but in UN Boston, there's high interview day of they should be loading our package faster, because you are a premium ISP. That intelligence has not gone there. So you will see, and that will be a bad people will happen in the network, switching, et cetera, right? So that is still an angle. But if you work and it comes to platform services, remember when I was at Pivotal and VMware, all models was my boss, that would, yes, as a platform, service is a game already won by the Cloud guys. >> Right. (indistinct) >> Silicon Valley Investors, I don't think you want to invest in past services, right? I mean, you might come with some lecture edition database to do some updates, there could be some game, let's say we want to do a time series database, or some metrics database, there's always some small angle, but the opportunity to go create a national database there it's very few. So I'm kind of eliminating all the black spaces, right? >> Yeah. >> We have the white spaces that comes in is the SAS level. Now to your point, if I'm Amazon, I'm going to compete with Snowflake, I have Redshift. So this is where at some point, these Cloud platforms, I call them aircraft carriers. They're not going to stay on the aircraft carriers, they're going to own the land as well. So they're going to move up to the SAS space. The question is you want to create a SAS service like CRM. They are not going to create a CRM like service, they may not create a sales force and service now, but if you're going to add a data warehouse, I can very well see Azure, Google, and AWS, going to create something to compute a Snowflake. Why would I not? It's so close to my database and data warehouse, I already have Redshift. So that's going to be nightlights, same reason, If you look at Netflix, you have a Netflix and you have Amazon prime. Netflix runs on Amazon, but you have Amazon prime. So you have the same model, you have Snowflake, and you'll have Redshift. The both will help each other, there'll be a... What do you call it? Coexistence will happen. But if you really want to invest, you want to invest in SAS companies. You do not want to be investing in a compliment players. You don't want to a feature. >> Yeah, that's great, I appreciate that perspective. And I wonder, so obviously Microsoft play in SAS, Google's got G suite. And I wonder if people often ask the Andy Jassy, you're going to move up the stack, you got to be an application, a SAS vendor, and you never say never with Atavist, But I wonder, and we were talking to Jerry Chen about this, years ago on theCube, and his angle was that Amazon will play, but they'll play through developers. They'll enable developers, and they'll participate, they'll take their, lick off the cone. So it's going to be interesting to see how directly Amazon plays, but at some point you got Tam expansion, you got to play in that space. >> Yeah, I'll give you an example of knowing, I got acquired by a couple of times by EMC. So I learned a lot from Joe Tucci and Paul Merage over the years. see Paul and Joe, what they did is to look at how 20 years, and they are very close to Boston in your area, Joe, what games did is they used to sell storage, but you know what he did, he went and bought the Apps to drive them. He bought like Legato, he bought Documentum, he bought Captiva, if you remember how he acquired all these companies as a services, he bought VMware to drive that. So I think the good angle that Microsoft has is, I'm a SAS player, I have dynamics, I have CRM, I have SharePoint, I have Collaboration, I have Office 365, MS Teams for users, and then I have the platform as Azure. So I think if I'm Amazon, (indistinct). I got to own the apps so that I can drive this workforce on my platform. >> Interesting. >> Just going to developers, like I know Jerry Chan, he was my peer a BMF. I don't think just literally to developers and that model works in open source, but the open source game is pretty much gone, and not too many companies made money. >> Well, >> Most companies pretty much gone. >> Yeah, he's right. Red hats not bad idea. But it's very interesting what you're saying there. And so, hey, its why Oracle wants to have Tiktok, running on their platform, right? I mean, it's going to. (laughing) It's going to drive that further integration. I wanted to ask you something, you were talking about, you wouldn't invest in storage or compute, but I wonder, and you mentioned some commentary about GPU's. Of course the videos has been going crazy, but they're now saying, okay, how do we expand our Team, they make the acquisition of arm, et cetera. What about this DPU thing, if you follow that, that data processing unit where they're like hyper dis-aggregation and then they reaggregate, and as an offload and really to drive data centric workloads. Have you looked at that at all? >> I did, I think, and that's a good angle. So I think, look, it's like, it goes through it. I don't know if you remember in your career, we have seen it. I used to get Silicon graphics. I saw the first graphic GPU, right? That time GPU was more graphic processor unit, >> Right, yeah, work stations. >> So then become NPUs at work processing units, right? There was a TCP/IP office offloading, if you remember right, there was like vector processing unit. So I think every once in a while the industry, recreated this separate unit, as a co-processor to the main CPU, because main CPU's inefficient, and it makes sense. And then Google created TPU's and then we have the new world of the media GPU's, now we have DPS all these are good, but what's happening is, all these are driving for machine learning, AI for the training period there. Training period Sometimes it's so long with the workloads, if you can cut down, it makes sense. >> Yeah. >> Because, but the question is, these aren't so specialized in nature. I can't use it for everything. >> Yup. >> I want Ideally, algorithms to be paralyzed, I want the training to be paralyzed, I want so having deep use and GPS are important, I think where I want to see them as more, the algorithm, there should be more investment from the NVIDIA's and these guys, taking the algorithm to be highly paralyzed them. (indistinct) And I think that still has not happened in industry yet. >> All right, so we're pretty much out of time, but what are you doing these days? Where are you spending your time, are you still in Stealth, give us a little glimpse. >> Yeah, no, I'm out of the Stealth, I'm actually the CEO of Aisera now, Aisera, obviously I invested with them, but I'm the CEO of Aisero. It's funded by Menlo ventures, Norwest, True, along with Khosla ventures and Ram Shriram is a big investor. Robin's on the board of Google, so these guys, look, we are going out to the collaboration game. How do you automate customer service and support for employees and then users, right? In this whole game, we talked about the Zoom, Slack and MS Teams, that's what I'm spending time, I want to create next generation service now. >> Fantastic. Muddu, I always love having you on you, pull punches, you tell it like it is, that you're a great visionary technologist. Thanks so much for coming on theCube, and participating in our program. >> Dave, it's always a pleasure speaking to you sir. Thank you. >> Okay. Keep it right there, there's more coming from Cuba and Cloud right after this break. (slow music)

>> From theCube Studios in Palo Alto in Boston, bringing you data driven insights from theCube and ETR, this is breaking analysis with Dave Vellante. >> As we reported in our last episode tech spending overall continues to be significantly muted relative to 2019. Now, our forecast continues to project a 4 to 5% decline in 2020 spending, and a tepid 2% increase in 2021. This is based on the latest data from ETR surveys of CIOs and other it buyers. Nonetheless, there continues to be some sectors and vendor bright spots in what is generally an overall challenging market. Hello everyone, and welcome to this week's Wikibon Cube Insights powered by ETR. My name is Dave Vellante, and in this breaking analysis, we welcome back Erik Bradley from ETR to provide added color from my solo flight from last time. Erik always a pleasure to see you, thanks so much for coming back in theCube. >> I always enjoy it. Happy Friday Dave, We're almost through. >> Happy Friday. They just blend together. Guys, if you would bring up the first slide, I just want to summarize the situation. This is from ETR's latest findings, I just extracted some. And I want to go down very quickly, Erik, and then get your take. As I said, technology buyers expect the downturn for 2020, but this quarter, coming into fourth quarter, minus 3.2% was ETR's forecast, that's year to year spending decline and a 2% uptick in 2021. Now, Erik this is slightly, what I call it slightly less bad, relative to last quarter. So sequentially it's less bad. >> Yeah, there's a couple of things to break down there. So first to begin with, beginning of the year, when we launched not only our spending attention surveys, we did a simultaneous COVID impact survey, and that's where we caught originally a 5% decline was expected. So although negative 3.2 was probably the worst quarter over quarter lapse we've seen, as a matter of fact it is the lowest drop we've had theory, going into 2021, the IT people that we've actually surveyed are actually expecting a 2% increase. So there is a reason for optimism, but if we're looking at the current data set, there is no doubt the picture remains a little bit bleak. We can go into different sectors and vendors where they are impacted, but I think maybe if you're willing, I think it might be worth just sort of breaking down the demographics of the survey a little bit and how we got to that 3.2% survey over survey decline. >> Yeah, and we have a chart on that. But before we get that, I just wanted to lay out some of the other key points of your analysis. The other one, which is we talked about this in the last episode, we call it a slow thawing. Hiring an IT project freezes are thawing, with fewer companies expecting layoffs. So that gives us some bright spots, but there are definitely a widening bifurcation between vendors gaining share and those who are donating share. And then, you know, again, relative to last quarter survey we're seeing government and education and fortune 100, you guys are showing the deepest cuts from the last survey. Where's IT Telco, retail and retail consumer are showing a little bit more stability. And then of course you talked about the work from home which we've covered doubling from pre pandemic. Pretty interesting findings from your COVID survey. >> Yeah, it's a fantastic, and this is the fourth iteration of this survey that we've done now. So we've been able to track it very quickly, launched it in the field when we realized the true impact of what was happening in early March. This is our fourth version, and we've been able to track it overall. Yes, without a doubt government, education are being the biggest impact, the biggest declines without a doubt. Now, clearly the caveat to that is if there's any sort of government policy maybe those could actually help a little bit, but for right now, those are getting hit the most. Retail consumer is fairing much, much better, and the IT companies, as generally, we're seeing in the market as well, they can, you know, are still spending money and still moving. But the reason for optimism actually comes from multiple metrics. And I will say, we have caught a bottom on all of the negative metrics at this point. Now, who knows what will happen the next time we do it, right? The world is always fluid. But based on this, this is our fourth iteration of this survey, whether it be IT projects being frozen, whether it be layoffs, whether it be just overall expected budget increase, everything looks like it is already bottomed and there is some optimism going into 2021. Of course, the January survey that we launched will be able to corroborate that hopefully, and we'll have much more granularity into those findings at that time. >> Great. Okay, now let's get into the demographics that you referenced for. This next slide shows those. The record number of respondents Erik, congratulations on that. And so take us through the makeup of the survey respondents guys, if you bring up this next slide. >> Yeah. So for the October 20, what we're really doing here is we're asking the it decision makers to update the survey responses they gave us in July. We're basically saying, okay, you thought you were going to spend this in the back half, what did you actually do? And in this particular survey we had 1,438 qualified IT decision makers get involved. That's 60% of the fortune 100 is represented, almost a quarter of the global 1000, and we had about 35% of the fortune 500. The industry breakdown is all across the board, whether it's financials/insurance, IT/Telco, we have industrials/manufacturing, we have energy/utilities, we have government. So it's really a great cross section. Now, geographically, that tends to be about 80% North America. We are heavily concentrated in that area, but we also have a 12% EMEA, 5% APAC and remainder is Latin AmErika. If there were any visibility concerns at all would probably be in China. It's just not that easy to get qualified IT decision makers from China to respond to us. But that's an area we are working on going forward, but overall a huge survey response, certainly meaningful end, and we're very happy with the data that we collected this time. >> Okay, thank you for that. Now, I want to go into the next graphic here, and I want to look at how net score has changed over time. And I want to remind people that, so this slide basically goes back to 2016, and shows some ebbs and flows and then some real strength coming in, 'cause you see 17 and 18, and you may forget going into Q4'19 and into 2020, the ETR data was telling us, hey, things are going to slow down a little bit. It's hard to remember that. And so, and the thinking back then was okay, last couple of years, people have spent a lot on digital transformation, and would a lot of experimentation, they were hanging on to their legacy stuff, and with all that technical debt and they were experimenting with a lot of the new technologies. And what we saw coming into Q4 2019 was people beginning to unplug some of that and making bets basically, unplugging some of the legacy stuff. Oh, and by the way, maybe saying hey, the new stuff that we tried didn't work, we're going to do less experimentation. So we saw a somewhat depressed next score, and you can see that in here coming into 2020, and then of course COVID hit and you can see the bottom fell out. But wow what a drop, I mean, that says it all, a lot different than what we're seeing in the stock market. >> Yeah, first of all, just a great recap on what we caught last year. Really well done. So at that time there was concurrent spending. There was a lot of proof of concepts being done. People weren't exactly sure how to transition off, how fast they were going to get into the cloud, how fast they could make that digital transformation. And they were kicking the tires on everything, and there was a ton of spend. It was the golden era of IT spending at the time. But we did catch that some of that was coming down. So what we will see now is obviously that spending was going to cool off either way, but now with the global pandemic impact hitting what we've caught, of course, is the biggest survey over survey decline. 3.2% was matched at one other point in our survey's history, but that was at very elevated spendings, so that drop was not as meaningful. When we're seeing from a more baseline that drop right now is extremely seasonal, and extremely meaningful, my apologies. Now, I do want to make a quick caveat that usually the October survey catches some seasonality, because a lot of people have expected spend in the back half that doesn't always materialize. But make no mistake, this is way beyond our normal seasonality. This trough is a real metric. >> Yeah, and when I talk to buyers and I talk to even salespeople, for if you want the truth, you'll talk to salespeople, if you can get the truth out of them, which you usually can. Sales and engineering, that's really if we want to know what's happening in companies, but they will tell you that their visibility, same with the buyers, they're saying, look, I think I'm going to spend and I think I'm going to get approval on it, but the normal buying signals, you kind of have to take with a grain of salt because it's, the buyers don't know the sellers don't really know. I mean, they think they've got reasonable visibility but things change so fast as we know. So you have to be really, really careful. All right, let's drill in to some of the sectors, and that's really the next two slides, guys, if you bring up the first of the next two. So this shows the change from July to October. So the last survey to this survey, 2020, and the green bars of July, yellow bars are October. And you can see right away, jumps out at you, container orchestration and ML and AI, and we've got some other data on this jump right off the charts. They're still elevated levels, so that's a real positive. You can see AI actually, maybe waning a bit, and I think that's probably, Erik, is a lot of it is just, you don't even see it, it's just embedded. But take us through this first chart and then we'll dig into some of these sectors. What are you seeing? >> Yeah, certainly. So from a sector breakdown point of view, that lesson, none of them were spared, let's be honest, right? There's a slow down in spending. But containers and containerization were by far the most stable. So clearly this is a priority. People are recognizing that they need to go that route. Nobody wants to be tied to any particular cloud provider. So container and containers are moving the best, they are looking about as stable as they can be. When we drill down a little bit further in there, we're seeing Kubernetes of course, Microsoft and AWS really supporting in that sector. Now, when you talk about the ones that had the biggest survey over survey declines, we are looking at ML/AI, but like you said, still elevated spend. So even though there was a big survey over survey decline, the overall spending intentions are healthy. Nobody is getting away from it. Also to corroborate that in the COVID impact study, we asked people, given the current situation where their priorities are, and unfortunately in that area ML/AI and the RPA we're actually not positioned as well. So it actually corroborates the COVID impact survey, corroborates what we're seeing here in our larger intentions. Now, when you look at ML/AI, Microsoft is still very well suited in that area. Virtualization was another big area that dropped, which was interesting because I think the immediate COVID impact and the work from home, we saw a little spike there. I think we definitely saw companies like Citrix, right? F5 and Nutanix and AWS workspaces. They all had a really good impact, positive, when we first hit, but virtualization is dropping quite a bit there. And again, no surprise, Microsoft is well positioned as well. And then lastly, enterprise content management also had a big, big drop-off, and there you're looking at Adobe Box, Open Text, those are the type of companies that seem to be having the biggest survey over survey decline and ECM. >> Yeah. And I just want to make a comment on this first of the two slides. Is you see security, it's okay, there's a little bit of decline, but there's the story of the haves and the have nots. If you're an end point security, you're in cloud security, you're in identity access management, there's some real tailwinds for you right now. You're seeing that with Octa, CrowdStrike and Zscaler, SailPoint, you know, had a really good quarter. So that's the story of kind of the, a mixed bag. If you go to the next slide, guys, what jumps out here on the second sector breakdown, and Erik you alluded to this as RPA, very elevated, although down, somewhat still, again, very elevated and cloud computing. I mean, that's all everybody wants to talk about. This is a large market that continues to grow very, very fast. >> Yeah. It's a A2 cloud, right? I mean, even the cloud, we're kind of shocked and we saw that too. But, you know, again, it's still a healthy survey at 4Cloud. Spending is still there, but what we are seeing is a pretty big survey over-serving decline that is probably, if you had to translate that, it's going to show slower growth. Still double digit growth, but slower than we expected. And interestingly in the cloud, again, Microsoft is very steady, GCP steady. We saw AWS soften a little bit, and that's something that I think we need to keep an eye on there, we are seeing some softening trends. IBM and Oracle, unfortunately, no matter how hard they push, it doesn't really seem to be making a dent, at least with our it decision makers that respond to the survey. But one thing that was interesting was VMware on AWS actually looked much, much better than VMware alone. So on the cloud side, those are pretty interesting takeaways. >> Yeah, we talked about that a couple of episodes back as the, well, couple of things to pick up on your comments. You mentioned IBM and Oracle, they're just so large, they're growing businesses are not growing fast enough and they're not large enough to offset the decline and their declining businesses. Yet they're huge, they have, they throw off a lot of cash and so maybe their stock's not going through the roof, but they're pretty stable companies from that regard. I wonder, maybe AWS is starting to hit some of those, the law of large numbers. I mean, it's still growing very, very rapidly for a 45 plus billion dollar organization, still growing well into the double digits, so it just gets harder. And then, but the other thing I wanted to pick up on is you mentioned VMware cloud on AWS, we're seeing those hybrid solutions really start to pick up the multi-cloud solutions, which I was a real skeptic a couple of years ago 'cause it wasn't really real, now becoming real. And I think when you talk to, you know this well from your Ven discussions, people are looking at options for cloud. They want multiple clouds, the right horse for the right course, they want to reduce their risk, they want to ensure exit strategies and some clouds are just better at some things than others. >> Yeah, completely agree. And as you know, I do interview a lot of these IT decision makers that we survey to get a little more granularity and to dig into the details, and you and I just, great example. We did a session on Data Warehousing as a Service, we're at Snowflake. And the main reason that people love them is 'cause they have cloud portability. They can move across multiple clouds. Nobody wants to be tied to one cloud provider, they need to be agnostic. And if you look at, you know, something like Microsoft, right? Their Software Suite is fantastic. So most people are going to be aligned for them. They provide great active directory, the enterprise applications are absolutely incredible. But if you're looking to do straight ML/AI or straight data warehousing, maybe AWS Redshift, maybe Google Big Query might be a better fit for you. There's no reason to be tied into one. So what we're seeing more and more is those vendors that offer cloud portability or hybrid availability to do some on-prem for security, some cloud, they're really taking a step up in our recent surveys. Another comment you made Dave, if I can just backtrack to it is, you kind of mentioned how some of the vendors are taking more and more share. We are continuing to see this theme of a widening bifurcation, where although the overall spend that pie is shrinking, the leading vendors are taking much bigger slices from that pie. And that is continuing across the entire year. >> Yeah, definitely a time of disruption. So thank you for bringing that up. Okay, the next graphic I want to show you is actually a motion graphic, and what we're showing here is one of our favorite views. On the vertical axis you've got net score, remember, net score, essentially ETR, every quarter like clockwork asks customers are you spending more you're spending less, it's more granular than that, but essentially they subtract the red from the green and that leaves you with net score. So the higher the net score the better on the vertical axis, on the on the horizontal is axis is market share, its presence, its pervasiveness in the dataset. So you want to be up into the right, of course, like all these charts and XY's. And what we're showing here is, we go back to October, 2018. Remember this is the October survey and you can see the movement and what's happening. And a couple of points here really is one is container orchestration and container platforms, cloud, RPA, ML, they all stand out. And now we, you can see the the context of their "market share" as well, and you see that bunching, you see some of the Legacy stuff, the more mature markets like storage and PC tablets and laptops. They don't have a huge next or outsourcing, not a big net score, but they're there and they're kind of bunched up, down in the middle. But you can also see how they've slowly got depressed over time, even the elevated ones. Nobody in the recent survey is over a 60% net net score. I think you guys said that the overall net score was the lowest in history. So this is just a good way to visualize the various sectors and how spending, momentum and share is shifting. >> Yeah, that's a very good point, and you are right. The overall survey net score is actually 25.3% and it is the lowest ever we've captured. So that actually is translating into what we expect to be single digit declines in overall growth in IT budgets, which again is in line with what we've been saying. We caught early on about negative 5 1/2, that is improved now it's in this quarter to about negative 3 1/2, but if you look at the mid point here, we're very clearly in mid single digit declines, and the entire area is being impacted. Now, there are certainly some areas that are more important than others, there's no doubt about it. But yeah, outsourcing is one you mentioned, absolutely getting decimated. Nobody really has the money right now to be doing IT outsourcing, that's just not a priority. The priority is remote connectivity, remote security, how do I get identity access and governance to make sure that my employees are doing what they're supposed to be doing, even though they're not on my network anymore. All of those things are continuing. And as you saw on the COVID-19 Impact Survey, they're not going away. You had mentioned on a solo session you did, I think a week ago, where you have cited our data saying that permanent workforce is going to double from where it was in pre-pandemic levels. So that means a lot of the people that slapped a bandaid on their networking to get their employees to work from home, that bandaid solution is not going to work. They need to find one that's permanent now. So the areas of spend, although it is declining, there are very clear delineations of where that spend is going. >> Yeah, I want to just pick up on something you said about the work from home doubling, 'cause I've shared that data with some folks and had some discussions. We're talking about people that work from home, not come in a couple of times a week, this is the work from home component. And so I think the hybrid is going to increase as well, but the hardcore work from home, I think it was mid-teens, 16% or something doubling in the post pandemic was the expectation. And again, I just wanted to sort of clarify that I think your data there is quite good. How about some of the vendors? I think, now that's Snowflakes public, you guys may be doing some forecasts there. Let's start there. >> Sure, yeah. So it's fun to talk about the high level, right? And talk about the sector breakdown and where we're seeing things, but at the end of the day, people just love to talk about the individual vendors. So there's a few things that were interesting, yeah. We were able to finally come out with a real viewpoint on Snowflake now that they're out in public, and we kind of launched with a positive to neutral viewpoint. I don't think there's going to be anything here that shocks you. We're absolutely outstanding expansion rates. All the commentary we get from our CIOs are just incredible, the market share gains are about as high as you're going to see in the survey, they are extremely well positioned to continue executing, and this is not in the data set, but we also know that that management team is fantastic. I would think that they had set themselves up coming out as a public company not to completely disappoint. And everything in our data set shows absolutely no reason why they would disappoint. >> Well, and so you may be wondering folks, like, well, wait a minute, with all that great news, I mean, how could they be positive to neutral. Maybe it maybe neutral, the reason is because they have a 66, roughly $66 billion valuation. And what ETR is doing is they're taking that into consideration as well relative to, so they're looking at the street forecast, the consensus forecast and saying, okay, how does the data line up to that? And so a lot of people are asking the question, can Snowflake live up to its valuation. I don't think there's any lack of total available market here. I mean, it's very, very large, the data market, it's enormous. And as, just a plug for an event that we're doing on November 17th, it starts, we're doing a global event, and we're going to be looking at this issue very closely, interviewing customers and partners and executives and, you know, you can judge for yourself if you think the vision, they're putting out this vision of a data cloud. You see this, if this vision, you think is going to have a big enough term that they can grow into, and as Erik said, great management team, will they be able to execute? Decide for yourself, but very exciting IPO obviously that we've tracked quite closely. Elastic is another one that you guys have followed quite closely. I know you've got some data there that you want to share as well. >> Yeah, I certainly do. The APM spaces is really interesting. One last quick point on Snowflake. We don't have regression forecasts on them, because they haven't been out public long enough for us to be able to do that sort of back-testing. So without that data science behind us, we will never really go with a full positive. So to your point that saying positive to neutral is not negative or neutral stance whatsoever, it's just without that regression support behind our data, that's what we just tend to do. Because at the end of the day, we're a data science company, so.. >> Yeah. You need some some history there to really make those calls. But yeah, let's talk about Elastic. >> Yeah, sure, you got it. So recently I hosted a panel on the APM and monitoring space. It was incredibly enlightening. It's a very crowded space that our CIOs told us is right for disruption. And it ended up being a little bit of an avalanche in our data, because it wasn't just Elastic, but it was also Splunk and Dynatrace that we ended up putting ratings on. Now, Elastic as we know is an open source model, a freemium to pay type of model. And we normally try to stay away from open source models, 'cause it's kind of hard to predict how that converts to revenue, but the data was so strong that again, we came out with a positive to neutral rating on Elastic. It was based on just elevated spend levels across, there was almost no negativity, we weren't seeing any decrease or replacement indications, really solid positioning in the fortune 500 accounts, which I was a bit surprised about. And the other thing here is that Elastic tends to be really expanding in the information security. This is no longer just about monitoring and logging, they are becoming a very relevant infosec play and they are breathing down the necks of Splunk. They can do the same thing and they can do it much cheaper. The caveat being, you need to have the IT and the human skillset to run Elastic. So it really comes down to, are you sophisticated enough with the human capital management to run it? But everything we saw here just incredibly improved competitive positioning, they actually had the number one net score in all of information security in any vendor that had over 50 citations. It was just too hard to ignore, we had to come out with a positive neutral. >> That's super interesting Erik, and of course, yeah, we covered that space recently. Everybody wants a piece of Splunk and have for a number of years, but, you know, you see in Datadog come after it, then you see some startups getting into the space. Jeremy Burton launched his company, Observe, Honeycomb is in that, they kind of coined the term observability. Kakao Search is another one. Ed Wall's joined that company, and so you see a lot of folks really going after that space, why not? I mean, it's such a successful company. The pickup of SignalFX filling some holes, we talked about that on the Ven, and it's a very interesting space, and one I think has some somewhat depressed levels from a net score standpoint but as some of your Ven observers said, this market is here to stay and it becoming much more important as part of digital transformation, as part of a dashboard of digital transformation. >> Yeah. Coining that term observability really just hit it on the nail on the head. When we just talked about monitoring an application, that's not what it's about anymore, right? You need to have observability in multi hybrid cloud environments, whether it's your infrastructure or people actually writing code for your application. And so that single pane of glass, end-to-end is the holy grail of monitoring, and that's what these guys are pushing for. The New Relics, the Datadog's, the Elastics, they're getting there more quickly than Splunk and Dynatrace or AppDynamics from Cisco are. That's what the people are telling us, the ones I speak to, the CIOs that use it in the field. They're getting there more quickly and they're doing it more cheaply. Now, this is not to say Splunk is not a great company, we know it is. And also Splunk has more API integration into any ecosystem you want. They're not getting pulled or ripped out anytime soon, we're not saying that. But when we look at our data, we had no choice but to come out with a neutral to negative. They are deteriorating and their spending intentions, their customer growth is completely stalling, we're not seeing any more increased perversion in our dataset or among customers. There just wasn't really anything we could really do. Looking at the data set and that's what we do, we had no choice. There's a lot of skepticism heading into the back half of this year and next year, there's so much competition coming after them, and some of these people are just giving it away for free. It's pretty hard to compete with free. >> Yeah, free is very powerful. All right, speaking of skepticism, Rackspace had their IPO, what do you see in there? >> Oh man, I'm not really sure how to start there. But listen, I don't want to beat a company while it's down, but their net scores are actually negative. I think at the negative 20% range, if I could possibly recall that. But listen, Rackspace, when they were private, let's give them some credit, right? They decided to go out and buy a bunch of different managed service providers, they tried to align themselves with AWS, with Oracle. So they've got this whole bundle thing right now that isn't just straight cloud computing anymore. We'll see if that plays out. But clearly we saw that the IPO was not a very special IPO. In this environment the valuations in the technology stocks being very elevated, having a negative IPO was very telling. But sticking straight to the data, basically we're seeing negativity across several years, it's the worst position vendor in cloud computing that we even cover. We just had to take a look at it right now, and just be honest and say according to the data, this is a very negative data set, there just isn't much we can do about it. Wish them the best, I hope their MSP revenue starts kicking in, and hopefully it'll change. But for right now the snapshot of our data was quite dire. >> Okay, Erik, Well, thanks so much. So let's update folks, so the ETR is exiting, it's quiet, period, which I love, because that means I can have the data and share with you. So we'll be updating our cloud scenarios, security, automation, our infrastructure, and many other segments as well. Certainly the data piece, we've been tracking snowflake very closely. And of course, Erik, you guys are already gearing up for your January survey. So, you know... >> It never ends Dave. And I've... >> Well, I got a really... I've got a sizzle panel that I'm doing next week as well, where we got four sizzles talking about security threats and priorities for 2021. So as soon as I wrap that, you'll be the first one I get my summary to. >> Oh, those are great. I mean, there's such deep dives with practitioners, and it's just an open discussion. So Erik Bradley, thanks so much for coming back in theCube. >> Have a great weekend Dave. >> Yeah, you too. And thank you for watching everybody this episode of Cube Insights powered by ETR. Go to etr.plus, that's where all the survey action is. I publish every week on wikibon.com and siliconangle.com. All these episodes are available on podcast. Wherever you watch, you can DM me, I'm @DVelllante. I post on LinkedIn, you can comment there or email me @david.vellanteat, @siliconangle.com. This is Dave Vellante for Erik Bradley. Thanks for watching everybody, we'll see you next time. (upbeat music)

>> Narrator: From around the globe, it's theCUBE with digital coverage VMworld 2020. Brought to you by the VMware and its ecosystem partners. >> Everyone, welcome to "theCUBE's" virtual coverage of VMworld 2020. I'm John furrier with my cohosts, Stuart Miniman and Dave Vellante. 10 years covering VM it's our 11th Vmworld, 2010 was our first. Guys, this is an unusual event. It's not in person. Analyzing the keynotes and essentially the main announcements in the general sessions. Let's analyze VMworld 2020. I know it's hard, we're not in person. A lot of the hallway conversations we're grabbing on Twitter. Obviously we've got our Cube interviews on "theCube".net. There's a link on the front page of the VMworld site. Check it out and go check out all the dozens of interviews we're doing here with our community. But, the event is "Digital Foundation "For An Unpredictable World," that's the theme. Most of the announcements are around future architecture, but the blocking and tackling is around AI With NVIDIA. You got security and you got some really key announcements around networking Stuart. So guys, what's your take on all this? Because, VMware has to set the table. They've made good moves under Gelsinger, last few years, you're seeing another Q2 successful quarter, Dave, you're starting to see VMware's investments pay off Raghu and the brain child who are behind VMware making these calls Stuart. Guys, this is the VMware's moment to go to the next level. What's your thoughts, Dave, we'll start with you. >> Well, I mean, as always you saw VMware have on stage some really high profile guests. So John Donahoe from Nike, who knows a little bit about the enterprise, right? He left ServiceNow after a couple of years, stint. Ironically ServiceNow is pushing a hundred billion dollar valuation. Nike's at 150. But he's more comfortable in the consumer world. CEO of Nvidia. I think that's a key move, Nvidia the arm acquisition. That's going to be critical at the edge. You're seeing VMware just throw its blanket around telco Edge cloud with VMware cloud and AWS, which is doing very well. We're going to talk about that in our cube segment. You're, seeing them really go after hybrid. And so they're really about expanding their marketplace and they've done a great job of that. For translating engineering into customer value and getting paid for it. >> I want to come back to you Dave, on this edge because some of the key trends that I think we've been on now that the whole world is kind of realizing that they're kind of going mainstream. One's been the edge and you mentioned ARM, and we got analysis on that. Stuart, cloud native, we've been banging on the cloud native drone. We've been riding that wave, now with the Snowflake IPO just happened earlier, you starting to see cloud native, everything is coming true. It's kind of evolving in front of us right now and the whole world is now on board with this new mega trend enterprise computing companies, the largest IPO, since we enrolled, actually if you look at Snowflake, so you start to see cloud native and Enterprise Technology as the next wave, this is huge. And VMware is a big part of it. Your thoughts from how they did the show. >> Yeah, so John, one of the questions we always ask is, how fast are customers moving? Are the vendors moving along with them? Our friend and often co-hosts in "theCube" Keith Townsend said, and it was kind of faint praise. "VMware has moved at the speed of the CIO." Dave, I've heard you so many times this year say that the impact of the pandemic, that the financial ramifications has been an accelerator for many of the transformational journeys that we've been talking about. Move to cloud much faster adopting cloud native faster. Companies that have gone through their digital transformation, are able to react much faster. And to be honest, I'm not sure that VMware's moving fast enough. We've seen them do a number of big acquisitions over the last few years. Some of them are doing great. Carbon Black, great to see them go deeper into the security space. We've talked a lot about that before. Some of the others, Pivotal came out of VMware and got pulled back in. Datrium was a recent acquisition. What we hear inside is, some of those groups and product lines have been trimmed back. So as companies are looking to move faster, they're looking to AWS is that bar. And while AWS is a big partner for VMware and very important, how many people will get to VMware on AWS and say, well, maybe I can scale back what my VMware state is, or maybe those some environments. So, we've said for the longest time, cloud is a double edged sword for many players you need to partner as closely as you can to keep that momentum going forward. But VMware is also getting cut by some of those deals. Boy, John, there was a big news a couple of weeks before the show here about how the VMware cloud on AWS, it's doing great. And if it's a big deal, the channel often gets cut out of it and Amazon's taking it. So there definitely are some things that put up a little bit warning lights for me as to who is winning, when it comes to the partnership. >> That's a great point, the ecosystem in VMware, out of 10 years we've been covering here, this is our 11th year with ""theCube"," we've always had that ecosystems evolving. And I think cloud native to me really sees how that's driving them with cloud. We saw that, serverless, you starting to see cloud native. And what cloud proved Dave was that developers really shouldn't care about the infrastructure being abstracted away. But now you look at multiple clouds, with VMware's now moving into having a multicloud kind of backbone, connected to these environments as a key strategy. But then you look at the edge. The edge is about purpose built devices, run with software and data. So whether it's at an office on a person or in space, you have these devices that is really not about the hardware, it's about the software running on them. They have to run into multiple environments. They are purpose built. They do have to run like cloud native. The edge is the next opportunity for VMware with multicloud. What's your thoughts and reaction to that? >> Well, I think there's no question. And again, the relevance of Nvidia on stage, we think that ARM and Nvidia are going to dominate AI inferencing at the edge real time, and you're going to need much more efficient processing at the edge than you're going to get with traditional x86 architectures. So today what we're seeing is a lot of companies, Dell, HPE included a throwing over x86 boxes to the edge. I think they clearly realized that ARM is going to be a player there and now with the Nvidia move. And I think, multicloud is really something that is starting to become real. I've often said multi-cloud has been more of a symptom of multi-vendor than an actual strategy. Well, that's changing. I think people don't want lock-in. I think they realize that they've got the right horse for the right course, and you're seeing Red Hat and VMware emerge as real leaders there. You're seeing it in the data, you're seeing VMware cloud on AWS. Okay, that's in AWS, but you're also seeing VMware Cloud Foundation and it's other VMware cloud capabilities emerging as in demand, a lot of spending velocity, a lot of interest gaining share. And so these are becoming real and they're becoming fundamental strategies as to your points Stuart, CIO's are catching up. And it's, actually becoming not just slideware, but real aware. >> Well, I'll debate that whole idea that CIO's are catching up, but I'd say CSOs already caught up. CIO's are catching up to the CSO, but this brings up the question Stuart, of what a modern app is. And this is one of the highlights of the show, modern applications, and feels a lot like kind of window dressing to the cloud native conversation because Tanzu is built into it but cloud native really is. This is where the modern apps are being built. And it's about security, it's about multiple clouds. So the question for you is, are we going to have a cloudless architecture? Because we've got serverless. Because if you think about modern apps, should you really care about which cloud it runs on? I'm sure Andy Jassy would be saying he does care. And you see Google almost shying away from having that conversation. But, Tanzu kind of speaks to a cloudless strategy. Is that something you see? >> John you're absolutely right. The goal we want is... Developers don't even want to think about the infrastructure at all. So cloudless serverless, storageless, it would all be wonderful if they didn't have to do that. Now, of course, data is the lifeblood of my business. We need to make sure that things are secure all the time. Serverless is wonderful and there's even some early connections that VMware and others in the traditional infrastructure space are tying to serverless environment. But if I look at VMware, John, this still isn't, where the app dev team people come, this is an infrastructure show and it needs to be an enabler for what they're doing. If you look at how Kubernetes integrates into VMware, it's, take your virtual estate and let's put containers in it and it can be managed in that environment. Or we've got some new tools we're developing and do some of that multicloud world, as opposed to the companies that are born in the cloud, or have a heavy leaning towards the cloud. This might not be attractive for them, but in many ways, it's extending what VMware has done for a long time. They've, got strong position here. And that's why John, as you've said, all the other clouds want to partner with VMware ' 'cause they've got just so many customers there that they will be... it's hybrid today it will be hybrid in the future. The public cloud is a pool, but the edge is also a pool. So that those new architectures like are starting to be put forward with project Monterey, give people a roadmap as to where they can go. And VMware absolutely is a key player in that discussion. >> Yeah, well, I want to bring this up real quick on project Monterey and then I want to get Dave's reaction too what the buyers are thinking about. 'Cause you know, we can debate the speed of the CIO and I'd love to have that debate in a separate segment. I think,COVID and the security threats are forcing the businesses to really be focused because if you not thinking about having an environment where people are working remotely and that's with COVID, and I'll see with the security vectors, if you don't have an architecture Stuart, then you're going to be screwed. So I think project Monterey feels to me as that VMware answer like, look, and you can have an end to end architecture. I think there's marketechure there's architecture, that's one thought. So let's react to that Stuart. How much of that do you see as, look at, if you want to move faster CIO, because they have to now move fast. COVID showed that and the ones that aren't are failing and it doesn't change the buyer behavior, Dave. Stuart we'll start with you Monterey. >> John I don't think we know yet. It is more marketecture I'd say you got to get into the whisper suites, have those discussions. There was not as much, pre-briefing on this. We talked for awhile, VMware on AWS, those solutions, they take two or three years to bake out. So I think Monterey is a good vision. They have some of the architectural underpinnings, but I'm not ready to say, "hey, you want to deploy that gear in 2020? "That's the blueprint that you want to use going forward," but it gets VMware a seat at the table. >> I'm a big fan of the project I think it's about time someone put a stake in the ground. So this is what a modern architecture looks like and love to debate that further, we'll do that another time, Dave buyers. Were they buying the VMware? What's your data tell you in terms of where the customers are right now in 2020, you've been doing a ton of breaking analysis on COVID fire behavior, spending patterns. How does VMware potentially its ecosystem stack up with all these focused cloud native, multicloud modern app and security and networking? >> Well, let's start with some data and I'll bring up this slide, which is this kind of wheel slide. And it's ETR data that talks to what we call net score. And essentially what it's doing is it's taking the green in this wheel, which is spending more and it's subtracting the red, which is spending less or leaving. And then you see that in the middle is 53% are flat. So they've got a net score at 29. What does that mean? That means this is a mature company, which is amazing to me that VMware continues to really outperform from a financial standpoint. Yeah, so you could see that, we subtract the red from the green. This is again a sign of a mature company, but the key is they've got to continue to invest. Now they make a lot of inorganic acquisitions and some organic acquisitions, but Dell, as we know, is using VMware's cashflow to restructure its balance sheet to go public, et cetera. So if you could bring up the next slide, if you would guys. This is a slide I like to share. And it shows in the vertical axis, spending momentum, which is net score and the horizontal axis, which is presence in the survey. It's a 1200 person survey or a respondent survey, IT buyers. Look where VMware cloud on AWS is. So while VMware has a 29%, net score, look at VMware cloud on AWS, look at VMware cloud, which is cloud foundation. And you can see Red Hat is in there with OpenShift, even OpenStack, believe it or not and telcos. And then just see the hyperscalers in the upper right. Everybody wants to be AWS or Azure, and you sort of see Google there. But the point of this is the momentum in hybrid cloud and multicloud, and VMware really is clearly in a very, very strong position there. So, back to your point about project Monterey, they're basically using this hybrid cloud notion to go everywhere. It's that TAM expansion that I love to talk about. And it's the innovation. The big question is if Dell's going to be squeezing VMware R&D, will it be able to continue to execute on that translation of engineering into product and customer value? That's going to be a challenge. We saw it decades ago, where IBM got squeezed doing stock buybacks and dividends R&D is the lifeblood of innovation. And so that's something that we have to watch very closely, I think. >> Just to one quick followup, Dave, we're talking about the financial pieces here we are in 2020, there's been the discussions and I know you've dug into it a bunch. By the time we get to VMworld 2021 will the ownership of VMware and the role that Michael Dell has, change? And will that impact that investment capability that you talked about? The cashflow just, I know you've done a lot of research on this and could it help educate our audience? >> Well, it's going to change the income statement of Dell because they won't have VMware in there anymore. It won't change VMware's cashflow. It will affect VMware and Dell's balance sheet. And so two companies, one chairman and the chairman is going to say, okay, let's rebalance the balance sheets and create an equilibrium. So Dell has less debt, VMware has more debt and we'll try to thread the needle so they're both investment grade, which will lower the interest costs on that debt. But fundamentally, I don't think it's going to change anything in terms of strategy, go to market, the close relationship was between Dell and VMware. the thing to watch is VMware's, Dell's piggyback. And so I would rather see a lot of that go... once this equilibrium is reached, I want to see that go more in R&D. You know, again, remember IBM has spent $6 billion in R&D for the past two decades IBM was right there. They could have invested in cloud the same way Amazon did. And in the same way that Microsoft did, they were kind of equal 20 years ago. And look what happened. You don't want that to happen to VMware. They must continue to spend on R&D and innovate. >> Oh, well let's get to the innovation strategy in a second, but I want to ask the ecosystem question, because if you go back in history guys, and remember when Pat Gelsinger had that year, where he was basically given the presentation of his life, and he was in the hot seat and there's a lot of rumors spinning around. Since then it's just been nothing but exceptional performance on as a company executing, all new bets have been played it's almost like he'd cleaned house, put the ship in the right direction they've been smooth sailing since strategically making all the right moves. Okay now that VMware is back on their footings and Dave they have a solid foundation, what happens to the ecosystem because now that their houses in order, what do they do with the ecosystem? How do you see it evolving? >> Well look, I mean the ecosystem is looking for alternatives. I mean they have to participate in VMware. It's part of their go to market. You remember Todd Neilson used to say, "For every dollar spend on a VMware license, "15 or 20 or $18 is spent in the ecosystem," you don't hear that type of ratio anymore. Maybe it still exists I'm sure it does because it's a very vibrant and robust ecosystem but look, let's face it. Jeff Clark and Michael Dell are very clear. We are going to do a much closer integration than EMC ever did. And look at HPE we're looking for alternatives, driving to the edge. That's a huge opportunity for people. VMware becomes the ecosystems cash cow, but they need new growth and new strategic opportunities. And so they got to play nice, but there's more green fields out there. >> Stuart multicloud and cloud native with Tansu I think this is a really big opportunity to reset the ecosystem with services, because it used to be vendors, you bolt on some data backup and recovery, and you have a bunch of people doing storage around VMware, and these big white spaces, they're kind of huge white spaces. But now, when you start getting into cloud native, is a whole new landscape developing. Your thoughts because we're seeing some activity, certainly companies that are building on top of clouds that are building on top of clouds. So you've got Snowflake builds on Amazon now, other clouds and you have companies building on Snowflake. So you're starting to see this kind of new interconnected cloud native landscape, your thoughts. >> Yeah, well John there's definitely a huge tug of war in the ecosystem. One of the things that's been really nice if you were a VMware partner, let's take data protection. Huge ecosystem companies like Veeam, that were created in that environment. Hot companies like Rubrik and Cohesity grew very much working in VMware. All of them now play natively with the cloud environments, but they also get pulled along when you do a VMware Cloud on AWS, on Azure, on Google, on Oracle. So VMware will pull some of the ecosystem with them, but that tug of war is well, if the customer decides to just go fully cloud native, that software needs to work there and you would think that the vendor actually makes more money if it's just natively there, there's not that middleman extra piece. So VMware has a slice the pie and like Microsoft or Oracle behind them, can they justify that value for the license that you're paying when I go to some of these environments. So VMware does not have the pull in the ecosystem Dave talked a bit about it. HPE, Cisco, IBM, all companies that were early, early big huge proponent of VMware now very much are investing heavily in alternative. So VMware major player but no longer the gravity that everyone orbits around. >> Dave, what do you think? >> I want to bring up another data point if I could I want to share something with you. This is a slide that talks about... It asks customers. Why would you not work with VMware? Why would you replace them? What are the reasons? And three things stand out to me, it's not around cloud on the very left alignment with Cloud they've taken care of that with the AWS deal and even now Oracle. And you look at the right hand side, you see technology lead or lag that's innovation. Look at how that gray a couple surveys ago, has gone down to the yellow. So that's off the table, not a problem with innovation, look at total cost of ownership that's gone down, in terms of concerns. The one concern is price and that stays up there. If that's your biggest challenge, that your price is too high, that says to me that VMware's ticking all the boxes of value. So they're in a really, really good position if they can continue to innovate and that's why I've been harping so much on innovation and R&D and key acquisitions they're are great acquire of companies. So, I see this as this data is very, very positive for VMware. If your price is too high and that's your big objection, all you need as good salespeople. >> Or also you'd lower the price and you shift the value to say new features, say cloud native or security. I'll see the movement they've been making with NSX Gelsinger famous quotes are things like, "Kubernetes the dial tone of the internet, "and NSX is the crown jewel security is a do over." So NSX Dave and Stuart, this been a big part of their theme every year. That's a core feature for their security play. That's where they're going to put a lot of value in there. You guys, what's your thoughts on that because you've got Cisco in going that " mh we're frenemies" that's what Sanjay Poonen says, but are they really frenemies? >> But culturally VMware is an engineering driven company they a great engineering team and they don't have dogma about these new... they don't get defensive about some new trends. They embraced Kubernetes, they finally figured out Cloud, they were sort of defensive originally, but they realized hey, and they got religion. So that's the smart thing to do, go on to the next way maybe take a little bit of heat if you've got to go through a transition, but they've done a phenomenal job of making those transitions and staying relevant >> What's the big wave guys? What's the big wave that VMware's riding? The 10 years out we're in we've seen the movie, we've been through a decade with VM world coverage Stuart Dave next 10 years, what's the big wave or waves plural? >> Well, cloud is the first one that they addressed no doubt and then they are in my mind, the leader, or certainly a leader in multicloud. Edge I think there's a big question Mark there, AI is going to be everywhere. I think security is the really interesting opportunity for VMware and it's going to be... the big battle and security is, do you go after these point products like Okta and CrowdStrike and Zscaler and SailPoint who are really doing very well right now in the market or do you want an integrated stack that can be, you good enough VMware will say it's best to breed. We'll see that is a huge opportunity for them because security just keeps getting more and more critical. We've seen that with COVID. >> Let's do final word on your thoughts on the next 10 years for VMware looking back and learn and looking forward. >> Yeah well Dave just building off what you were just saying there, we said that the mission for Pat Gelsinger was, could he do for VMware, what Indel had done for the longest time, which has expanded Tam, expand what markets to go into, but not completely tick off the ecosystem and have them run away. So you saw here at the show, I mean Dave, Zscaler is a partner there. Security absolutely is a monster opportunity and John networking, networking, right. But it should be multibillion dollar business for VMware and they can eat some of that multicloud environment. we talk specifically about SD-WAN, now that cloud's doing well. So VMware that's software across environments, hybrid cloud multicloud, they're well positioned today, they just need to move a little bit faster and make sure they don't bleed talent and continue to support their customers because Dave, you're right how many times have people said, "Microsoft too expensive. "Oracle's too expensive." Here we are in 2020, they still have pretty strong positions VMware still has a very strong position. >> Well, I'll just add, I think it just shows what happens when you have a technical visionary, like Gelsinger in the lead and you have an industry visionary of not just technical, not just financial, but industry luminary like Michael Dell. These are very powerful... VMware and Dell have extremely capable management teams and you're seeing it in action >> And you've got Sanjay Poonen who's a great executer as well, he knows how to execute, he knows technology. Guys it's been a great run. I got to say for me personally, I'm so excited that, for 10 years that we've had "theCube" and the team covering the enterprise tech space, you can't be more excited. At least I'm so excited at the number one IPO in the history of wall street is an enterprise tech company. You can't see any more proof points that enterprise technology is now with the whole end to end architecture with the edge. We're talking about space, we're talking about cybersecurity. We're having now conversations with "theCube" that is now ranging... It reminds me David of the B to C world it's almost like consumerized. Now the enterprise technology is now so important that is now taking over the appeal on wall street entrepreneurs, and to me, VMware can tap into that on this next wave and this will be huge. Your thoughts on- >> I think the Snowflake IPO tells us several things. One, I totally agree, it says the technology is the now trend, no question about it. It also really underscores the cloud and it underscores the demand for issues other than the big Apple, Amazon, Google, et cetera. But it's really interesting to see as well the street continues to reward growth. I mean, Snowflake has as a valuation higher than Workday comparable to VMware. In fact it exceeded VMware on its first day. So that says that the street is rewarding growth. It's rewarding technology, it's rewarding cloud. And so that's that to me says great opportunities for companies like VMware who have both growth, great cash flow, they're profitable and they have a huge, huge customer base. So right now things look good for tech >> Dave enterprise tech is hot, it's sexy. Don't you think? Enterprise tech these days? >> Used to be storage is sexy. Now Enterprise tech sexy. >> You guys great run great analysis again, VMworld's virtual, we didn't have the face to face. We didn't have the hang space, but we have the virtual cube. Virtualization has come to "theCube". We have multiple tracks on our site, check out the content. Thanks for the analysis guys. Great keynote announcement coverage of the Vmworld 2020. This is "theCube". Thanks for watching. (digital music)