>> Narrator: From around the globe, it's theCUBE, covering Fortinet Security Summit brought to you by Fortinet. >> Welcome to theCUBE. I'm Lisa Martin. We are live at the Fortinet Championship, the PGA Tour Kickoff to the 2021-2022 FedEx Regular Season Cup. And this is so exciting to be here with Fortinet, to be at an in-person event, and to be talking about a very important topic of cybersecurity. One of our alumni is back with me, Sandra Wheatley is here, the SVP of Marketing, Threat Intelligence, and Influencer Communications at Fortinet. Sandra, it's great to see you. >> You too, Lisa. Thank you for having me. >> This is a great event. >> Yeah, it's awesome, yeah. >> Great to be outdoors, great to see people again, and great for Fortinet for being one of the first to come back to in-person events. One of the things I would love to understand is here we are at the PGA tour, what's the relationship with Fortinet and the PGA Tour? >> Well, first of all, I think the PGA tour is an amazing brand. You just have to look around here and it's extremely exciting, but beyond the brand, there's a lot of synergies between the PGA tour and Fortinet CSR initiatives, particularly around STEM, diversity inclusion, as well as veterans rescaling. And so some of the proceeds from the Fortinet Championship will go to benefit local nonprofits and the local community. So that's something we're very excited about overall. >> Lisa: Is this a new partnership? >> It is a new partnership and we will be the Fortinet Championship sponsor for about the next five years. So we're looking forward to developing this partnership and this relationship, and benefiting a lot of nonprofits in the future. >> Excellent, that's a great cause. One of the things, when you and I last saw each other by Zoom earlier in the summer, we were talking about the cybersecurity skills gap. And it's in its fifth consecutive year, and you had said some good news on the front was that data show that instead of needing four million professionals to fill that gap, it's down to three, and now there's even better news coming from Fortinet. Talk to me about the pledge that you just announced to train one million people in the next five years. >> Absolutely, we're very excited about this. You know, Fortinet has been focused on reducing the skills gap for many years now. It continues to be one of the biggest issues for cybersecurity leaders if you think about it. You know, we still need about 3.1 million professionals to come into the industry. We have made progress, but the need is growing at about 400,000 a year. So it's something that public and private partnerships need to tackle. So last week we did announce that we are committed to training a million professionals over the next five years. We're very excited about that. We're tackling this problem in many, many ways. And this really helps our customers and our partners. If you really think about it, in addition to the lack of skills, they're really tackling cybersecurity surface that's constantly changing. In our most recent FortiGuard's threat report, we saw that ransomware alone went up 10 times over the last year. So it's something that we all have to focus on going forward. And this is our way of helping the industry overall. >> It's a huge opportunity. I had the opportunity several times to speak with Derek Manky and John Maddison over the summer, and just looking at what happened in the first half, the threat landscape, we spoke last year, looking at the second half, and ransomware as a service, the amount of money that's involved in that. The fact that we are in this, as Fortinet says, this work from anywhere environment, which is probably going to be somewhat persistent with the attack surface expanding, devices on corporate networks out of the home, there's a huge opportunity for people to get educated, trained, and have a great job in cybersecurity. >> Absolutely, I like to say there's no job security like cybersecurity, and it is. I mean, I've only been in this industry about, I'm coming up on six years, and it's definitely the most dynamic industry of all of the IT areas that I've worked in. The opportunities are endless, which is why it's a little bit frustrating to see this big gap in skills, particularly around the area of women and minorities. Women make up about 20%, and minorities are even less, maybe about 3%. And so this is a huge focus of ours. And so through our Training Advancement Agenda, our TAA initiative, we have several different pillars to attack this problem. And at the core of that is our Network Security Expert Training or NSC training and certification program. We made that freely available to everybody at the beginning of COVID. It was so successful, at one point we we're seeing someone register every five minutes. And that was so successful, we extended that indefinitely. And so to date, we've had about almost 700,000 certifications. So it's just an amazing program. The other pillars are Security Academy Program, where we partner with nonprofits and academia to train young students. And we have something like 419 academies in 88 countries. >> Lisa: Wow. >> And then the other area that's very important to us is our Veterans Program. You know, we have about 250,000 veterans every year, transfer out of the service, looking for other jobs in the private sector. And so not only do we provide our training free, but we do resume building, mentoring, all of these types of initiatives. And we've trained about 2,000 veterans and spouses, and about 350 of those have successfully got jobs. So that's something we'll continue to focus on. >> That's such a great effort. As the daughter of a Vietnam combat veteran, that really just hits me right in the heart. But it's something that you guys have been dedicated for. This isn't something new, this isn't something that is coming out of a result of the recent executive order from the Biden administration. Fortinet has been focused on training and helping to close that gap for a while. >> That's exactly true. While we made the commitment to train a million people on the heels of the Biden administration at Cybersecurity Summit about two weeks ago, we have been focused on this for many years. And actually, a lot of the global companies that were part of that summit happened to be partners on this initiative with us. For example, we work with the World Economic Forum, IBM, and Salesforce offer our NSC training on their training platforms. And this is an area that we think it's really important and we'll continue to partner with larger organizations over time. We're also working with a lot of universities, both in the Bay Area, local like Berkeley, and Stanford and others to train more people. So it's definitely a big commitment for us and has been for many years. >> It'll be exciting to see over the next few years, the results of this program, which I'm sure will be successful. Talk to me a little bit about this event here. Fortinet is 100% partner driven company, more than 300 or so partners and customers here. Tell me a little bit about what some of the interesting topics are that are going to be discussed today. >> Sure, yeah, so we're delighted to bring our partners and customers together. They will be discussing some of the latest innovations in cybersecurity, as well as some of the challenges and opportunities. We are seeing, you know, during COVID we saw a lot of change with regards to cybersecurity, especially with remote working. So we'll discuss our partnership with LYNX that we just announced. We'll also be talking about some of the emerging technologies like CTNA, 5G, SASE, cloud, and really understanding how we can best help protect our customers and our partners. So it's very exciting. In addition to our Technology Summit, we have a technology exhibition here with many of our big sponsors and partners. So it's definitely going to be a lot of dynamic conversation over the next few days. >> We've seen so much change in the last year and a half. That's just an understatement. But one of the things that you touched on this a minute ago, and we're all feeling this is is when we all had to shift to work from home. And here we are using corporate devices on home networks. We're using more devices, the edge is expanding, and that became a huge security challenge for enterprises to figure out how do we secure this. Because for some percentage, and I think John Maddison mentioned a few months ago to me, at least 25% will probably stay remote. Enterprises have to figure out how to keep their data secure as people are often the weakest link. Tell me about what you guys announced with LYNX that will help facilitate that. >> Well, we're announcing an enterprise grade security offering for people who are working remotely. And the nice thing about this offering is it's very easy to set up and implement, so consumers and others can easily set this up. It also provides a dashboard for the enterprise, IT organization to, they can see who's on the network, devices, everything else. So this should really help because we did see a big increase in attacks, really targeting remote workers. As cyber criminals try to use their home as a foothold into the enterprise. So we're very excited about this partnership, and definitely see big demand for this going forward. >> Well, can you tell me about the go-to market for that and where can enterprises and people get it? >> Well, we're still working through that. I know you'll talk with John later on, he'll have more details on that. But definitely, we'll be targeting both of our different sets of customers and the channel for this. And I definitely think this is something that will, it's something that enterprises are definitely looking for, and there'll be more to come on this over the next few months. >> It's so needed. The threat landscape just exploded last year, and it's in a- >> Sandra: Yeah, absolutely. >> Suddenly your home. Maybe your kids are home, your spouse is working, you're distracted, ransomware, phishing emails, so legitimate. >> Sandra: They do. >> Lisa: But the need for what you're doing with LYNX is absolutely essential these days. >> Sandra: Yeah, these threats are so sophisticated. They're really difficult. And the other thing we did in addition to LYNX was as we got into COVID, we saw that, or the most successful organizations were really using this as an opportunity to invest for the longterm in cybersecurity. We also saw that, and this continues to be the case that, the insider threat continues to be one of the biggest challenges, where an employee will accidentally hit on a phishing email. So we did roll out an infosec awareness training, and we made that free for all of our customers and partners. So we're trying to do everything we can to really help our customers through this demanding time. >> Lisa: Right, what are some of the feedback that you're hearing from customers? I'm sure they're very appreciative of the education, the training, the focus effort from Fortinet. >> Sandra: Absolutely, it's definitely huge. And more and more we're seeing partners who want to work with us and collaborate with us on these initiatives. We've had a really positive response from some of the companies that I mentioned earlier, some of the big global names. And we're very excited about that. So we feel like we have some key initiatives on pillars, and we'll continue to expand on those and bring more partners to work with us over time. >> Lisa: Expansion as the business is growing amazingly well. Tell me a little bit about that. >> Sandra: Yeah, I think, in our last quarter we announced our largest billings growth for many, many years. And so, Fortinet, we're been very fortunate over the last few years, has continued to grow faster than the market. We now have half a million customers, and I think our platform approach to security is really being adopted heavily. And we continue to see a lot of momentum, especially around our solutions like SD-WAN. I think we're the only vendor who provides security in SD-WAN appliance. And so that's been a key differentiator for us. The other thing that's increasingly important, especially with the rollout of 5G is performance. And, you know, Fortinet, from the very beginning, created its own customized ASX or SPU, which really provides the best performance in security compute ratings in the industry. So all of this is really helping us with our growth, and we're very excited about the opportunities ahead. >> Lisa: And last question, on that front, what are some of the things that you're excited about as we wrap up 2021 calendar year and go into 2022? >> Sandra: Well, this been very exciting year for Fortinet. And I think we're in a great position to take advantage of many of the different growth areas we're seeing in this new and changing space. And, you know, we're all on board and ready to take advantage of those opportunities, and really fire ahead. >> Lisa: Fire ahead, I like that. Sandra, thank you so much for joining me today, talking about the commitment, the long standing commitment that Fortinet has to training everybody from all ages, academia, veterans, to help close that cybersecurity skills gap. And such an interesting time that we've had. There's so much opportunity, and it's great to see how committed you are to helping provide those opportunities to people of all ages, races, you name it. >> Sandra: Thank you, Lisa, I really appreciate it. >> Lisa: Ah, likewise. For Sandra Wheatley, I'm Lisa Martin. You're watching theCube at the Fortinet Championship Security Summit. (soft bright music)

(upbeat music) >> Welcome to this CUBE Conversation, I'm Lisa Martin. I've got two guests from Fortinet with me next talking about an very interesting topic that's something that always piques my interest, cybersecurity, and some of the things going on with respect to that. Sandra Wheatley joins us the SVP of marketing, threat intelligence and influencer communications at Fortinet. Sandra, it's great to see you again. >> Thank you, Lisa. I'm delighted to be here today. >> Lisa: Good and Rob Rashotte is here as well, vice-president, global training and technical field enablement at Fortinet. Rob welcome to the program. >> Hi, great to meet you Lisa. Nice to be here. >> Likewise. So since I last saw Fortinet we've had such a challenging year as we all know, that's an understatement, but one of the things that happened so quickly was the distribution of the workforce. And there were already preexisting gaps in IT Visibility and teams being siloed, security teams being siloed as well exacerbated distinct cybersecurity skills gap. So Sandra I want to start with you. Talk to us about what's going on with the cybersecurity skills gap and how it's impacting organizations today. >> Thank you, Lisa. While the cybersecurity skills gap continues to be one of the biggest challenges facing security organizations today, as you know, the cybersecurity space is very dynamic. It's constantly changing and we saw this even through COVID with more people working from home or being educated from home. Cyber adversaries are using remote workers as a way into the enterprise network. And so security organizations today are facing a lot of complexity. They deal with billions of alerts that come in every day and a lot of these have to be managed manually and they just don't have the professionals to keep up with that. So it continues to be a big issue facing organizations. We have seen some progress about a year ago. It was estimated that we would need 4 million professionals come into the industry to close the gap. We are now at probably a little bit over 3 million. So there is progress being made but we still have a long way to go. >> Yeah, good progress there. But what I mean, one of the things that we saw so quickly was with the distribution center was suddenly, there were tons of trusted devices that were off the network perimeter where all these keep going, "Use your own device at home until we can get you something provisioned on the network." So huge challenge that was almost like a light switch for people in any industry. Rob, talk to me from your perspective the ongoing cybersecurity skills gap. What are some of the things that you were seeing through your lens? >> Yeah, well, I mean it has certainly changed our focus over the last year with the pandemic and the change in workforce and so on. And I think as a cybersecurity vendor, a lot of the times when we talk about training and the skills gap we often tend to think pretty quickly about engineers and technical training and like this has really opened up our eyes too. We need to really broaden our scope when we're talking about training and closing the skills gap, because it's a lot more than just engineers. So we've had to really focus more on really anyone sitting in front of a computer screen and ensure that programs are available for people that are working from home that need to understand, the fact that security is just as big an issue if you're working from home or working from the office. So it's really broadened our scope in terms of who we're delivering training to and within a number of our programs, actually, that has happened. When we're dealing with we have a lot of academic partners that we deliver training with them. And one thing that's happened there is we we've traditionally dealt with engineering schools within our academic partners but now we're starting to see a lot of business schools coming and talking to us about delivering training within MBA programs and so on. So that business leaders can start understand, the need to be addressing cybersecurity in the boardroom for example, not just within the it department. So it's I guess the one thing I would say is it's really broadened our scope in terms of who the audience is for cybersecurity and the skills gap is a, you know it impacts a lot of different areas in the organization. >> Yeah, you brought up a great point there that elevation of security to the board level is critical. As we saw like big spikes and things like Ransomware last year. Ransomware getting much more sophisticated kind of playing on people's concerns for buzzwords like COVID-19 for example, and I talked to a lot of organizations where security is at the board level but the talent gap is another challenge. Sandra talk to us about what Fortinet is doing from a partnership perspective to help shrink that gap. >> Well, it's interesting because if you were to do a survey of people about where the responsibility lies to train more professionals for the industry, you'll see a split about 40% of people feel like academia should be providing the training and the curriculum to bring more professionals into the industry. And then others feel like it's a mix between corporate private public partnerships. And that's something that Fortinet believes in. We are tackling this issue on multiple fronts. We recently launched our TAA initiative or our Training Advancement Agenda, and a lot of the pro programs that Rob manages are part of that agenda like our free NSE training, our security academies, but we're also working with a lot of global partners, corporate partners like Salesforce, and IBM. We're also working with the World Economic Forum on this initiative because we really believe it's a joint effort to really make a difference. And so, for example, with Salesforce we provide some of our curriculum and training for free on their training platform, the same with IBM. And we'll continue to scale these partnerships because with these partners, we can reach more people and accelerate the impact that we can have overall. >> Absolutely that ability to expand it especially as we saw such a change in the cyber threat landscape last year as you said, Sandra you've made great progress needing, you know, a deficit of 4 million folks down to 3 million, but also looking at the opportunity to try to find more folks leveraging partners and to rubs point elevating the conversation or expanding that scope. This isn't just a problem for IT and security folks. This is a challenge across the organization that the board needs to be focused on because we've seen in this rapidly changing last year organizations and enough peril in trying to pivot their businesses. And then you add on some of the cyber threats. Rob can you talk a little bit more about the TAA initiative? I know that about your Network Security Expert program NSE program, you guys also do FortiVet program. Tell us a little bit about some of those programs and maybe some of the things that you've done to broaden the scope during the last year. >> Yeah, it certainly can. I mean, there's a number of programs that make up the agenda and you know we've widened the scope in terms of the audiences that we're looking at. But also as Sandra mentioned, trying to expand our reach as ordinary, obviously we have a reach into our partners and our ecosystem, but the ecosystem of the IBM's and the world economic forums and so on go far beyond our reach. But one of the things that we were able to do as a company almost exactly a year ago, we made the conscious decision that the training curriculum that we've built, we wanted to make it available to as many people as we possibly could. So we we've made approximately 400 hours worth of cybersecurity training available to anyone that wants to sign up and take the training in self-paced format, where they want to take it, when they want to take it. So that was a big commitment on our part and that training continues to be free today and we'll keep it free until we start to see the skills gap closed but that that has resulted I guess it was about a month or two ago when we were tracking numbers that we've exceeded over a million registrations for that training, which really was validation to us that the demand for this training is massive. So that's helped us expand our reach but that training as well we're making it available for free, but we have all sorts of different types of partners who are taking that training and making it three free through their learning portals as well. So it's really expanded the reach in that way. You know, another area that we've really focused on is partnering with nonprofits who are representing underrepresented groups. So you mentioned the veterans program that's been a program we've had for quite a while now, but we've looked at that program and thought, well, you know, we can definitely replicate our efforts there and look at other groups as well and start to see how we can partner with different NGOs to really address the diversity and inclusion, within the cybersecurity industry. 'Cause, you know, I think one thing that's interesting here is because of the skill shortage, a lot of hiring managers have had to start to look at recruiting through non traditional streams. And that that can be, you know, looking at if we have policies that say, we must hire people with four year degrees. Well, maybe we want to take a look at that and see well is that really necessary for all the jobs that we're looking at? Maybe we could look at shorter programs even high school students but then also looking at underrepresented groups it is a great way for us to take a look at this skills gap in cybersecurity and align it with our diversity and inclusion initiatives, internally within our organizations and see how we can bring that to bear on problem and really start to have the same time, create a much more diverse workforce within cybersecurity while we're trying to close that skills gap. >> I love that what a great opportunity to expand upon that. I wanted to ask you just really quickly, Rob she said 400 hours of free cyber training available over a million registrations so far. You're right, that definitely shows the demand. I'm curious when we think of backgrounds we think are these, you know need to be IT folks. Is that curriculum broad enough so that somebody with a marketing degree or somebody that doesn't have a degree could kind of get in on level one and start learning their way up the security stack? >> Yeah, it is a very broad scope. When we look at the catalog, it is multiple levels. And in fact our network security expert program it's an eight level program. And the first couple of levels of that program are applicable to anyone that needs an awareness of cybersecurity and the issues. So, yeah, it's perfect. And `in fact the level one of that program is something that we've integrated into a new service offering which is our Cybersecurity Awareness Program that companies can implement internally to provide that base level of cybersecurity awareness to all of their employees. And then as you go up to level two, three, four and five, and so on, it gets more and more technical right up to the NSE level or we're talking about, you know, architects engineers are developing very large critical cyber security infrastructures. >> Lisa, you bring up a very important point that I'd like to make a comment on. There's this misconception that you need a degree in Computer Science or some other technical degree to be in cyber security. And that's absolutely not the case. In fact, half the people in cybersecurity don't have a degree in any Computer Science program, et cetera, but you know there's a lot of skillsets and backgrounds that really map well to cybersecurity. And it's a very broad industry. There was new roles coming all of the time. So I would encourage people to not let that be a barrier to getting into this industry. And in fact our Veteran's program has been extremely successful because people coming out of the defense forces have a lot of the skills that match very well to cyber security like attention to detail, situational awareness, the ability to work under pressure. So it's definitely a misconception that the industry needs to correct. >> I couldn't agree more, especially as the daughter of a Vietnam Combat Veteran and I love what you guys are doing with veterans but you're right. There's so many other skills that people have that are so transportable and transferable that, and it's such an exciting industry. I mean, we all have a million devices scattered around. I think with those new Apple tags that if I put one on my dog's collar, my dog's going to be a connected device. There's so many opportunities to learn but there's also more exposure. The more people that have different backgrounds I think just that with that thought diversity alone, organizations in any industry can benefit. Sandra talk to us about how partners are taking some of these programs and rolling them into their own to help kind of open that door wider as you say, to make sure that barrier isn't there and also get more folks aware of what they can learn. >> Yeah, the encouraging thing is I just see a lot more creativity around this issue. If you think about it, the lack of diversity in IT has been a challenge for everyone that the issue in cybersecurity is just a manifestation of that. And one of the reasons is that it's particularly cybersecurity. A lot of people don't understand how to get into the industry, or they have a lack of awareness about the different types of roles. And we see this in particular with women and young females as well as underserved minority groups. In fact, the veterans program is one way to bring more of that diversity into the industry. And if you think about it today, women make up about 24%. I think it's single digits for underrepresented groups. So we have a huge opportunity there. And I think somehow working with our partners we're doing a lot of different things. Not only are we providing our curriculum and our training and the technical support, but we're also done a lot of work around mapping roles and the steps you need to take to, to achieve those roles. So we've created that for different roles, and we've shared that with some of our training partners and they provide that information on their training platforms. We also regularly have done a lot of different podcasts and interviews with women and minorities have gone through the industry and been very successful talking about how they did that and how they got there. We're working with lots of nonprofits like Women in Cybersecurity speaking to people out there providing them the support. So it's a multi-phase approach. And I do think that private industry need to be doing things like creating entry level kinds of roles to bring more people in the industry and recruit differently. But the good news is there's a huge amount of awareness around this, and you definitely see companies doing a lot more, as well as our partners. >> Well if I could just touch on something there, well Sandra is talking about the different career roles and so on. The industry can get pretty complicated pretty quickly when we're talking about different roles. And there's a lot of buzzwords. And you know when people are looking at this and say, well, how do I even get into this industry? It sounds very technical complicated. And, you know, there are a number of different career patching tools that you can find out there around cyber security but when there's too many of those that even gets confusing. So the career paths that we've developed, we've done that in conjunction with NICE and there's an initiative called the NICE Framework which stands for National Initiative for Cyber Security Education. And so the pathways that we've developed map to that. So, you know, that's one thing I'd like to encourage other organizations to make sure that we're all following that framework so that as we're providing these career paths to people we're using the same terminology. We're using the same titles and career paths and so on. So it just makes it a little bit more understandable for people to pick a path that they want and then start their journey. >> I also think exposing students earlier in their education about cyber security is really important. In fact, we're just released a book called "Cyber Safe" and it's targeting elementary school children and their parents and making them more aware of cybersecurity, the risks, how they should behave online. It talks about cyber bullying and it also helps has guidance in there for parents. And this is a book that we're making freely available to underserved schools and it can easily be accessed online. We've had great reviews, but it's all part of our TAA efforts to educate and make people more aware about the opportunities on the industry overall. >> I love that, Sandra our SVP of marketing. Is there a URL that you can give our audience where they can find that free resource? >> Yes, you can find that I believe on our NSE training page. You can just go to fortinet.com NSE and or TAA and you will find information about how to get the book. >> Excellent so fortinet.com search TAA or NSE you'll find that information. I'm going to check that out myself 'cause maybe you know, for adult children of parents who also need some cybersecurity help I think I might check that out for myself. >> You can (indistinct) copy Lisa. >> Thank you, excellent. It's been great talking to you guys. This is such an interesting topic. I love the efforts that Fortinet is doing to close those gaps and also what you're doing to bridge that with the diversity and inclusion efforts brought out. That's a great effort, Sandra, Rob thank you for joining me today. >> Thank you, Lisa. >> Thank you, Lisa >> For Sandra Wheatley and Rob Rashotte. I'm Lisa Martin. You're watching this CUBE conversation with Fortinet. (gentle music)

(upbeat music) >> Narrator: From theCUBE studios in Palo Alto in Boston, connecting with thought leaders all around the world, this is theCUBE conversation. >> Hey, welcome back, everybody Jeff Frick here with theCUBE coming to you from our Palo Alto studios today for a cube conversation, you know we're like six, seven, eight months into this COVID thing. We're going to be dealing with it for a while. And one of the themes we've heard about over and over as kind of a result of COVID is an increased in the attack surfaces. More people are working from home or work from anywhere. And security has only been increasing in importance. And we're excited to have somebody from the alumni group who's been on before she is Sandra Wheatley the SVP marketing threat intelligence and influencer communications at Fortinet. Sandra great to see you. >> Thank you Jeff, I'm happy to be here. >> Yeah, I think actually I misspoke. We've had a ton of great Fortinet people on we've talked to John and Ken and Phil and Tony, but actually I'm not sure that we've had you on before, so great to have you. >> No, this is my first time. >> Awesome, so let's jump into it but we're going to take a slightly different tack today and we're not going to talk about the technology as much as this other pesky little problem, which is people. And, you know we know there's a huge skills gap in tech in general right. There's tons and tons of open recs. If you go into all the big sites and then security it's even a more specific and a more acute problem. I wonder if you can tell us a little bit about kind of your perspective on this problem, being a senior executive you know, at a security company, people is a big issue. How do you guys kind of look at the problem? How should people think about it and what are we going to do about it? >> Well, Jeff, you were completely right. The Cyber security skills gap. It's one of the biggest challenges that's facing organizations today. I mean if you look at the larger landscape, cyber crime is one of the fastest growing crimes in the world, in fact by 2021, it'll cost the world about 6 trillion in total. And so tackling this issue continues to be a big problem. And it's exasperated by this the skills gap we recently did a study of Fortinet and 73% of respondents acknowledged that at least one intrusion could be attributed to the lack of skilled professionals. So it's a huge problem. We know that it would take about 4 million professionals to close that gap. And in particular with COVID, it's become even more increased. We've seen a big uptick in attacks from cyber criminals, really targeting remote workers. It's a way into the enterprise network. We've seen a resurgence of ransomware and phishing targeting that workforce. And so as this threat landscape continues to increase it's definitely a problem that cybersecurity organizations public and private partnerships really need to tackle. >> It's interesting because we talk a lot about automation and we talk about the scale of the attacks and the scale of data and you know, everything is just going so up until the right that without automation, you know you have no hope and you need some help to basically separate signal from noise. That said you still need people. And really that automation is going to hopefully get the high visibility the high priority issues to the right people. But ultimately that's an enabler for a person, not a replacement for person, for people. And it doesn't take away this tremendous need for more security professionals. And the other thing that we hear Sandra over and over right, is that security is no longer a bolt on it's no longer, you know, you just build the wall around the outside of everything, right? It's got to be baked in throughout the entire process of the product development and deployment. So the importance and kind of the reach and the breadth of security people in the influence of the building new products and shipping new products has never been greater and yet we've got this huge shortage. >> Exactly and I think you touched on it. You know, what we're hearing from our customers is that they're really using this period during COVID to really take a long-term look at their cybersecurity investments and strategy. And so you're right increasingly organizations are taking more of a platform approach to security, where they have more automation integration and AI that's one help. The other area is organizations need to be making their employees more cyber aware because it impacts everyone even employees working at home organizations. We just released InfoSec training and we offered it we made it available for free, and it really enables organizations to help educate their employees about the risk of cybersecurity and helping them to understand not to hit on the phishing email because, you know, 68% of intrusions happened as a result of careless mistakes by employees. That's a big issue, but also really making sure that we bring more professionals into the industry. I like to say, there's no job security like cybersecurity. So at the beginning of COVID, we made all of our training free and to the public in general. And I believe we had 500,000 registrations in the first six months. So that really underscores the demand for cybersecurity skills. And then organizations can also really be tapping into underrepresented of demographics, like veterans like women who make up only 14% of the workforce overall. So there was a lots of things we can be doing and working together on this problem. >> Yeah, you touched on a whole bunch of things there. So let's unpack a couple of them specifically. One of the cool things about security is that you guys do work together and that there is a big benefit from working together. So it's a great place for kind of coopetition, especially as new threats come in and you guys can share that information. So there is an interesting kind of an ecosystem that there's, you know shared basically resources against the bad guys. But you guys did a really interesting thing with Salesforce, with the world economic forum specifically to go after this problem. So where did that come from, Why Salesforce? Why world economic forum and why take you know, kind of, I guess, out of the industry approach to really addressing getting more people as cybersecurity professionals? >> Well, for dinette as a founding member of the C foresee cybersecurity forum, it was created by the world economic forum about two years ago. And right from the beginning one of the initiatives that we began working on was to reduce the skills gap. And so we started working with the world economic forum Salesforce, which is another founding member and others to tackle this problem. And so we're provide all of our training we provide our training and curriculum on the salesforce Trailhead platform. We've also entered into another partnership with IBM, where we're providing our training on there as cyber skills platform. We're working with local universities like Berkeley and others to make sure that we're getting more of the curriculum into their certifications and degree programs. Interestingly enough, one of the issues with this challenges is that there's not a lot of universities offering degrees in cybersecurity, which is really surprising. And so we're seeing a lot more uptick and interest around awareness around this area. And so it's very encouraging to see the results of some of these partnerships. >> I don't, I mean, you I'm going to tease you kind of buried the lead but so people understand what you just said. You guys basically opened up your training catalog for free, during COVID as a reaction to help basically get more people trained. Am I getting that right? >> That's completely right. We saw that this is something that can really help our customers during this time. It's something we're committed to closing and we felt this was a really impactful way to help with that issue. >> That's amazing. And I saw you in an interview with Rob Rashad I believe is his name from your team. I wonder if you can, again, share with us some of the details in terms of the numbers of people that have gone through this program. Cause he mentioned them, somebody didn't write them down this is pretty significant numbers that you guys are running through this free program. >> Yeah, so we just passed a great big milestone of 500,000 certifications. Half of those have just been this year and that program's been in place for many, many years. So there's no doubt that this is something that's in huge demand. And so we continue to offer those trainings. This was one of the reasons why we just rolled out the InfoSec training for our customers and others to educate their employees. I mean, that's one point I think we had someone registering every seven minutes. And so the response to that was excellent. And that training program has eight different modules and the curriculum in that program actually provides credits for ISC, which is a a big certification in cybersecurity and CIISSP. So, you know, it's just an invaluable training program. >> That's wild, and again, it's free all the way, not just to register for, you know, the one-on-ones, but all the way through the certification process at the end. >> Well at the end, if you want to get the actual certification that's something that you can do separately after you do the training. Although we're working with some nonprofits to help pay for those certifications so that there's no financial burden to people. >> Wow, that's tremendous. And then the other piece that you mentioned but I just want to highlight it is the opportunity to go after underrepresented groups. And you specifically mentioned that you have a program for veterans and again, it seems so logical but some people just don't get it right. Then you've got a skills shortage and you've got a talent shortage. Why not tap into those markets and of those pools of people that are under utilized because, Oh, by the way, they probably have a bunch of good qualified people in there that you can leverage. >> That's exactly right, like vets if you look at take veterans for an example, they already have a lot of the skills that really work well for cybersecurity like situational awareness. They work very well under pressure. And so we started our veterans program about two years ago. And in addition to our training we offer mentoring curriculum, resume building, interviews skills building and now at this point, trained about a thousand veterans many have had jobs on one thing that we do that's different to other programs is that we bridge those candidates to our partners and customers who are looking for talent and really closed that whole loop. So it's not just about the training, but it's also finding them as well at the end of the training once it's been completed. >> Right, that's great. I also want to touch on another thing that you do beyond just training and this comes from you published a blog on July eighth of this year talking about overcoming the cybersecurity gap skills gap. But you talked about other things beyond just the people. And I want to highlight really some attitudinal things that you suggest for people to get over this world view, cyber security as an enabler, right? Not an obstacle recognize cybersecurity is a team effort. It's not just some superstar, get the C-suite involved collaborate on cybersecurity awareness and you know, thinking about these this issue at a little broader and a more kind of macro company-wide scale versus it's just the security people's job over in the security people's corner. And that's really the best way to take care of it. >> Absolutely, and that goes back to my earlier point. I mean the insider threat continues to be the biggest vector for attacks. A lot of times it's, you know, employees hitting on a phishing email I'm sure you've seen the increase in those. And so it's really, you're right. It's more, the responsibility just doesn't lie with the folks who lead the cybersecurity organization. We all have a responsibility to be much more educated and aware. And so I think you know, the board has to get them more involved. Executive management needs to make sure that they're providing the right training and education to their employees, that they're providing mentoring that the really encouraging more employees to move into cybersecurity and become certified. So there's lots of things that organizations need to be doing that include education training. And then also making sure that you're making the right technology investments so that you have an infrastructure in place that's agile and can be flexible enough to meet the increasing demands of the threat landscape. >> Right, I just wonder if you can share some insight on the conversation that happened before you guys opened this up to be free. 'Cause it's clearly, it's a move to do the right thing. It's a move to you know, to respond to the community that's suffering and it's something that you guys could do you had at your disposal, but I'm sure there was some naysayers in there they're saying "No, we can't give this away. This is super valuable stuff." How, you know how did you kind of make that decision to move forward? And I'm curious how it's kind of played out over time now that you've basically, as you said increased your exposure and people that are trained and you know, I'm sure a lot of positive, you know kind of second order benefits that you really didn't plan on when you were just trying to make a decision to help the community. >> Well, this was a decision that came from the top. Our CEO has always been committed to training. I mean, this is why we even started the program which our NSE program is one of the most robust in the industry. And so it's something that the founders have always been committed to. It's something that we've invested in. So there really wasn't any obstacles to doing this. This was something that everyone jumped on board with. The other thing is we really wanted to help our customers during this time. And we felt that this was one really meaningful way. We could help them by providing this training for free. And making sure that they have the talent that they need to really address all of the, you know, the expanding attack surface. But we were surprised by the demand and the response that was outstanding, right from the get-go. And so while we, you know, we've talked about this being offered to the end of the year we haven't really made any plans to change that. And so that it may continue beyond the end of the year because the demand is so great and the results have been so positive. >> Right. And I'm just curious, do you have in the training and I didn't go through exhaustively through the whole list of all the courses, but beyond just the professionals do you have all the basic training just for employees? I just don't click on the link. You know, it's so funny. I was at, I think it was RSA. One of the keynotes was a, a Cisco executive and she said you know, we tell people not to click links but that's what we do all day long. We click links, that's what we do, it's part of our job. And, you know, it's such a a weird behavior to tell people not to do. And I'm still confused how SurveyMonkey gets people to click on SurveyMonkey links but that's a different conversation for another day but I mean, are you offering the whole suite? And I just love to get your perspective as a security executive, when you talk to clients how to think about things beyond just the obvious you know, don't click on phishing emails and, you know, tighten up everything, but you know, more kind of high level how to think about security in this increasingly complex and dangerous world, if you will. >> Yeah, well, the training program has eight modules. It goes from the most basic training to the most advanced training. So our NSE one and two are really more about educating people about the threat landscape the threats out there, what it looks like the most basic emphasis security awareness around what you should do and what you should be looking out for. And all of our employees afforded that take that training. We take up to NSE 4, that's, something that's mandated. And so at the very basic level all organizations should be leveraging those modules for their employees and for individuals who are just interested at large. And then it really advances very quickly after that. And it's the most advanced, you know, it covers, you know cloud, the whole attack surface, AI, threat intelligence. And actually, as I mentioned earlier, provides credits for some of that top cybersecurity certifications in the industry, especially at the level of CSO. So it's very broad, it's extremely robust. And addition to those modules we also have what we call fast track training and that's really utilized by our customers and partners. And that's more focused on specific technology areas. It's very condensed, it may be a day or two days. And the demand for that has been phenomenal. So that's been another program we added about two years ago. That's been very well received. >> Wow, well, good for you guys. Good for you guys for making a proactive move in a very positive way to help your customers and help the community at large. It's just great to see, these are just tough times. They're going to be tough times for a little while longer. So, you know, it's nice that you have resources available that you're able to make to make available to the larger community. And I'm sure it's nothing, but goodness will come from it. So good move by you guys. And I'm sure there's a lot of tangential benefits as well. >> Thank you Jeff. >> Well, thank you Sandra for sharing the story and great to meet you and expand our our community over on the fourth tenet side, we've had a lot of great guests over the year so it was great to great to have you on as well. >> Thank you very much. We really appreciate all the support. >> Absolutely, thank you. All right, so go out and get your free training. Go to fortinet.com and sign up and you too could be a security expert, or at least as far as you want to go all the way up to certification. I'm Jeff, she's Sandra you're watching theCUBE. Thanks for watching, we'll see you next time. (upbeat music)