>> Narrator: theCUBE's live coverage is made possible by funding from Dell Technologies, creating technologies that drive human progress. (bright upbeat music plays) >> Welcome back to Barcelona, everybody. You're watching theCUBE's coverage of MWC '23, my name is Dave Vellante. Just left a meeting with the CEO of Cisco, Chuck Robbins, to meet with Jeetu Patel, who's our Executive Vice President and General Manager of security and collaboration at Cisco. Good to see you. >> You never leave a meeting with Chuck Robbins to meet with Jeetu Patel. >> Well, I did. >> That's a bad idea. >> Walked right out. I said, hey, I got an interview to do, right? So, and I'm excited about this. Thanks so much for coming on. >> Thank you for having me. It's a pleasure. >> So, I mean you run such an important part of the business. I mean, obviously the collaboration business but also security. So many changes going on in the security market. Maybe we could start there. I mean, there hasn't been a ton of security talk here Jeetu, because I think it's almost assumed. It was 45 minutes into the keynote yesterday before anybody even mentioned security. >> Huh. >> Right? And so, but it's the most important topic in the enterprise IT world. And obviously is important here. So why is it you think that it's not the first topic that people mention. >> You know, it's a complicated subject area and it's intimidating. And actually that's one of the things that the industry screwed up on. Where we need to simplify security so it actually gets to be relatable for every person on the planet. But, if you think about what's happening in security, it's not just important for business it's critical infrastructure that if you had a breach, you know lives are cost now. Because hospitals could go down, your water supply could go down, your electricity could go down. And so it's one of these things that we have to take pretty seriously. And, it's 51% of all breaches happen because of negligence, not because of malicious intent. >> It's that low. Interesting. I always- >> Someone else told me the same thing, that they though it'd be higher, yeah. >> I always say bad user behavior is going to trump good security every time. >> Every single time. >> You can't beat it. But, you know, it's funny- >> Jeetu: Every single time. >> Back, the earlier part of last decade, you could see that security was becoming a board level issue. It became, it was on the agenda every quarter. And, I remember doing some research at the time, and I asked, I was interviewing Robert Gates, former Defense Secretary, and I asked him, yeah, but we're getting attacked but don't we have the best offense? Can't we have the best technology? He said, yeah but we have so much critical infrastructure the risks to United States are higher. So we have to be careful about how we use security as an offensive weapon, you know? And now you're seeing the future of war involves security and what's going on in Ukraine. It's a whole different ballgame. >> It is, and the scales always tip towards the adversary, not towards the defender, because you have to be right every single time. They have to be right once. >> Yeah. And, to the other point, about bad user behavior. It's going now beyond the board level, to it's everybody's responsibility. >> That's right. >> And everybody's sort of aware of it, everybody's been hacked. And, that's where it being such a complicated topic is problematic. >> It is, and it's actually, what got us this far will not get us to where we need to get to if we don't simplify security radically. You know? The experience has to be almost invisible. And what used to be the case was sophistication had to get to a certain level, for efficacy to go up. But now, that sophistication has turned to complexity. And there's an inverse relationship between complexity and efficacy. So the simpler you make security, the more effective it gets. And so I'll give you an example. We have this great kind of innovation we've done around passwordless, right? Everyone hates passwords. You shouldn't have passwords in 2023. But, when you get to passwordless security, not only do you reduce a whole lot of friction for the user, you actually make the system safer. And that's what you need to do, is you have to make it simpler while making it more effective. And, I think that's what the future is going to hold. >> Yeah, and CISOs tell me that they're, you know zero trust before the pandemic was like, yeah, yeah zero trust. And now it's like a mandate. >> Yeah. >> Every CISO you talk to says, yes we're implementing a zero trust architecture. And a big part of that is that, if they can confirm zero trust, they can get to market a lot faster with revenue generating or critical projects. And many projects as we know are being pushed back, >> Yeah. >> you know? 'Cause of the macro. But, projects that drive revenue and value they want to accelerate, and a zero trust confirmation allows people to rubber stamp it and go faster. >> And the whole concept of zero trust is least privileged access, right? But what we want to make sure that we get to is continuous assessment of least privileged access, not just a one time at login. >> Dave: 'Cause things change so frequently. >> So, for example, if you happen to be someone that's logged into the system and now you start doing some anomalous behavior that doesn't sound like Dave, we want to be able to intercept, not just do it at the time that you're authenticating Dave to come in. >> So you guys got a good business. I mentioned the macro before. >> Yeah. >> The big theme is consolidating redundant vendors. So a company with a portfolio like Cisco's obviously has an advantage there. You know, you guys had great earnings. Palo Alto is another company that can consolidate. Tom Gillis, great pickup. Guy's amazing, you know? >> Love Tom. >> Great respect. Just had a little webinar session with him, where he was geeking out with the analyst and so- >> Yeah, yeah. >> Learned a lot there. Now you guys have some news, at the event event with Mercedes? >> We do. >> Take us through that, and I want to get your take on hybrid work and what's happening there. But what's going on with Mercedes? >> Yeah so look, it all actually stems from the hybrid work story, which is the future is going to be hybrid, people are going to work in mixed mode. Sometimes you'll be in the office, sometimes at home, sometimes somewhere in the middle. One of the places that people are working more and more from is their cars. And connected cars are getting to be a reality. And in fact, cars sometimes become an extension of your home office. And many a times I have found myself in a parking lot, because I didn't have enough time to get home and I was in a parking lot taking a conference call. And so we've made that section easier, because we have now partnered with Mercedes. And they aren't the first partner, but they're a very important partner where we are going to have Webex available, through the connected car, natively in Mercedes. >> Ah, okay. So I could take a call, I can do it all the time. I find good service, pull over, got to take the meeting. >> Yeah. >> I don't want to be driving. I got to concentrate. >> That's right. >> You know, or sometimes, I'll have the picture on and it's not good. >> That's right. >> Okay, so it'll be through the console, and all through the internet? >> It'll be through the console. And many people ask me like, how's safety going to work over that? Because you don't want to do video calls while you're driving. Exactly right. So when you're driving, the video automatically turns off. And you'll have audio going on, just like a conference call. But the moment you stop and put it in park, you can have video turned on. >> Now, of course the whole hybrid work trend, we, seems like a long time ago but it doesn't, you know? And it's really changed the security dynamic as well, didn't it? >> It has, it has. >> I mean, immediately you had to go protect new endpoints. And those changes, I felt at the time, were permanent. And I think it's still the case, but there's an equilibrium now happening. People as they come back to the office, you see a number of companies are mandating back to work. Maybe the central offices, or the headquarters, were underfunded. So what's going on out there in terms of that balance? >> Well firstly, there's no unanimous consensus on the way that the future is going to be, except that it's going to be hybrid. And the reason I say that is some companies mandate two days a week, some companies mandate five days a week, some companies don't mandate at all. Some companies are completely remote. But whatever way you go, you want to make sure that regardless of where you're working from, people can have an inclusive experience. You know? And, when they have that experience, you want to be able to work from a managed device or an unmanaged device, from a corporate network or from a Starbucks, from on the road or stationary. And whenever you do any of those things, we want to make sure that security is always handled, and you don't have to worry about that. And so the way that we say it is the company that created the VPN, which is Cisco, is the one that's going to kill it. Because what we'll do is we'll make it simple enough so that you don't, you as a user, never have to worry about what connection you're going to use to dial in to what app. You will have one, seamless way to dial into any application, public application, private application, or directly to the internet. >> Yeah, I got a love, hate with my VPN. I mean, it's protecting me, but it's in the way a lot. >> It's going to be simple as ever. >> Do you have kids? >> I do, I have a 12 year old daughter. >> Okay, so not quite high school age yet. She will be shortly. >> No, but she's already, I'm not looking forward to high school days, because she has a very, very strong sense of debate and she wins 90% of the arguments. >> So when my kids were that age, I've got four kids, but the local high school banned Wikipedia, they can't use Wikipedia for research. Many colleges, I presume high schools as well, they're banning Chat GPT, can't use it. Now at the same time, I saw recently on Medium a Wharton school professor said he's mandating Chat GPT to teach his students how to prompt in progressively more sophisticated prompts, because the future is interacting with machines. You know, they say in five years we're all going to be interacting in some way, shape, or form with AI. Maybe we already are. What's the intersection between AI and security? >> So a couple very, very consequential things. So firstly on Chat GPT, the next generation skill is going to be to learn how to go out and have the right questions to ask, which is the prompt revolution that we see going on right now. But if you think about what's happening in security, and there's a few areas which are, firstly 3,500 hundred vendors in this space. On average, most companies have 50 to 70 vendors in security. Not a single vendor owns more than 10% of the market. You take out a couple vendors, no one owns more than 5%. Highly fractured market. That's a problem. Because it's untenable for companies to go out and manage 70 policy engines. And going out and making sure that there's no contention. So as you move forward, one of the things that Chat GPT will be really good for is it's fundamentally going to change user experiences, for how software gets built. Because rather than it being point and click, it's going to be I'm going to provide an instruction and it's going to tell me what to do in natural language. Imagine Dave, when you joined a company if someone said, hey give Dave all the permissions that he needs as a direct report to Chuck. And instantly you would get all of the permissions. And it would actually show up in a screen that says, do you approve? And if you hit approve, you're done. The interfaces of the future will get more natural language kind of dominated. The other area that you'll see is the sophistication of attacks and the surface area of attacks is increasing quite exponentially. And we no longer can handle this with human scale. You have to handle it in machine scale. So detecting breaches, making sure that you can effectively and quickly respond in real time to the breaches, and remediate those breaches, is all going to happen through AI and machine learning. >> So, I agree. I mean, just like Amazon turned the data center into an API, I think we're now going to be interfacing with technology through human language. >> That's right. >> I mean I think it's a really interesting point you're making. Now, from a security standpoint as well, I mean, the state of the art today in my email is be careful, this person's outside your organization. I'm like, yeah I know. So it's a good warning sign, but it's really not automated in any way. So two part question. One is, can AI help? You know, with the phishing, obviously it can, but the bad guys have AI too. >> Yeah. >> And they're probably going to be smarter than I am about using it. >> Yeah, and by the way, Talos is our kind of threat detection and response >> Yes. >> kind of engine. And, they had a great kind of piece that came out recently where they talked about this, where Chat GPT, there is going to be more sophistication of the folks that are the bad actors, the adversaries in using Chat GPT to have more sophisticated phishing attacks. But today it's not something that is fundamentally something that we can't handle just yet. But you still need to do the basic hygiene. That's more important. Over time, what you will see is attacks will get more bespoke. And in order, they'll get more sophisticated. And, you will need to have better mechanisms to know that this was actually not a human being writing that to you, but it was actually a machine pretending to be a human being writing something to you. And that you'll have to be more clever about it. >> Oh interesting. >> And so, you will see attacks get more bespoke and we'll have to get smarter and smarter about it. >> The other thing I wanted to ask you before we close is you're right on. I mean you take the top security vendors and they got a single digit market share. And it's like it's untenable for organizations, just far too many tools. We have a partner at ETR, they do quarterly survey research and one of the things they do is survey emerging technology companies. And when we look at in the security sector just the number of emerging technology companies that are focused on cybersecurity is as many as there are out there already. And so, there's got to be consolidation. Maybe that's through M & A. I mean, what do you think happens? Are company's going to go out of business? There's going to be a lot of M & A? You've seen a lot of companies go private. You know, the big PE companies are sucking up all these security companies and may be ready to spit 'em out and go back public. How do you see the landscape? You guys are obviously an inquisitive company. What are your thoughts on that? >> I think there will be a little bit of everything. But the biggest change that you'll see is a shift that's going to happen with an integrated platform, rather than point solution vendors. So what's going to happen is the market's going to consolidate towards very few, less than a half a dozen, integrated platforms. We believe Cisco is going to be one. Microsoft will be one. There'll be others over there. But these, this platform will essentially be able to provide a unified kind of policy engine across a multitude of different services to protect multiple different entities within the organization. And, what we found is that platform will also be something that'll provide, through APIs, the ability for third parties to be able to get their technology incorporated in, and their telemetry ingested. So we certainly intend to do that. We don't believe, we are not arrogant enough to think that every single new innovation will be built by us. When there's someone else who has built that, we want to make sure that we can ingest that telemetry as well, because the real enemy is not the competitor. The real enemy is the adversary. And we all have to get together, so that we can keep humanity safe. >> Do you think there's been enough collaboration in the industry? I mean- >> Jeetu: Not nearly enough. >> We've seen companies, security companies try to monetize private data before, instead of maybe sharing it with competitors. And so I think the industry can do better there. >> Well I think the industry can do better. And we have this concept called the security poverty line. And the security poverty line is the companies that fall below the security poverty line don't have either the influence or the resources or the know how to keep themselves safe. And when they go unsafe, everyone else that communicates with them also gets that exposure. So it is in our collective interest for all of us to make sure that we come together. And, even if Palo Alto might be a competitor of ours, we want to make sure that we invite them to say, let's make sure that we can actually exchange telemetry between our companies. And we'll continue to do that with as many companies that are out there, because actually that's better for the market, that's better for the world. >> The enemy of the enemy is my friend, kind of thing. >> That's right. >> Now, as it relates to, because you're right. I mean I, I see companies coming up, oh, we do IOT security. I'm like, okay, but what about cloud security? Do you that too? Oh no, that's somebody else. But, so that's another stove pipe. >> That's a huge, huge advantage of coming with someone like Cisco. Because we actually have the entire spectrum, and the broadest portfolio in the industry of anyone else. From the user, to the device, to the network, to the applications, we provide the entire end-to-end story for security, which then has the least amount of cracks that you can actually go out and penetrate through. The biggest challenges that happen in security is you've got way too many policy engines with way too much contention between the policies from these different systems. And eventually there's a collision course. Whereas with us, you've actually got a broad portfolio that operates as one platform. >> We were talking about the cloud guys earlier. You mentioned Microsoft. They're obviously a big competitor in the security space. >> Jeetu: But also a great partner. >> So that's right. To my opinion, the cloud has been awesome as a first line of defense if you will. But the shared responsibility model it's different for each cloud, right? So, do you feel that those guys are working together or will work together to actually improve? 'Cause I don't see that yet. >> Yeah so if you think about, this is where we feel like we have a structural advantage in this, because what does a company like Cisco become in the future? I think as the world goes multicloud and hybrid cloud, what'll end up happening is there needs to be a way, today all the CSPs provide everything from storage to computer network, to security, in their own stack. If we can abstract networking and security above them, so that we can acquire and steer any and all traffic with our service providers and steer it to any of those CSPs, and make sure that the security policy transcends those clouds, you would actually be able to have the public cloud economics without the public cloud lock-in. >> That's what we call super cloud Jeetu. It's securing the super cloud. >> Yeah. >> Hey, thanks so much for coming to theCUBE. >> Thank you for having me. >> Really appreciate you coming on our editorial program. >> Such a pleasure. >> All right, great to see you again. >> Cheers. >> All right, keep it right there. Dave Vellante with David Nicholson and Lisa Martin. We'll be back, right after this short break from MWC '23 live, in the Fira, in Barcelona. (bright music resumes) (music fades out)

>>From the Bellagio hotel in Las Vegas, it's the cube covering UI path forward for brought to you by >>Welcome to the cubes coverage of UI path forward for live from Las Vegas. We're here at the Bellagio. Lisa Martin, with Dave a long time, very excited to have in-person events back ish. I'll say we're going to be talking about automation as a boardroom imperative. We have two guests joining us here, James Matras here consulting principal. America's intelligent automation leader at UI and Irv. Dennis retired EA partner, and former CFO of HUD gentlemen. Welcome to the program. Exciting topic automation as a boardroom imperative, James says COO and start with you. How do you discuss the value of automation as being a key component and driver of transformation? >>That's a great question. I think what we've seen in the last couple of years is the evolution of what automation used to be. Two is going nine. And we've seen the shift from what we call generation one, which is very RPA centric type automation to more generation two, which is the combined integration of multiple technologies. It can target an intern process and it's quite important that you understand the pivotal shift because it's not enabling us to move from a task micro top agenda to a macro agenda actually impacts an organization at a strategic level. The ability to be able to look at processes more deeply to automate them in an end to end process collectively and use these different technologies in a synergistic manner truly becomes powerful because it shifts the narrative from a micro process agenda into more systemic area. >>So gen zero is an Emmanuel gen one is RPA point tools that individual maybe getting their personal productivity out. And then now you're saying gen three is across the enterprise. Where are we in terms of, you know, take your experience from your practical experience? Where do you think the world is? It's like probably between zero and one still. Right. But the advanced folks of thinking about gen three, w what's your, >>Yeah, it's a great question. And, um, when you and I, I can do the comparison being private and public sector on this because I was 37 years with E Y then went into retirement and CFL at HUD CFO. Ed was, was a HUD was nowhere. They had to just do all the intelligence digitalization, um, throughout, uh, from scratch. The private sector is probably five or six years ahead of them. But when you think about James talks about the gen one, two and three, the private sector is probably somewhere between two and three. And I know we're talking about the board in this conversation. Um, boards probably have one and two on their radar. Some boards may have three, some may not, but that's where the real strategic focus for boards needs to be is looking forward and, and getting ahead. But I think from a public sector standpoint, lot to go private sector, more to go as well. But, uh, there's a, there's a bit of a gap, but the public sector is probably only about three or four years behind the private sector >>To be okay. Let's look at the numbers, look at, look at the progress for the quarter. And now it's like discussion on cyber discussion on digital discussion on automated issue. It really changed the narrative over the last decade. >>Yeah, I think when you think of boards today, the lots of conversation on cyber that that conversation has been around for a while. A lot of conversation on ESG today, that conversation is getting, getting very popular. But I think when you think of next three, a Jen talks that bear James talks about, um, that's got to start elevating itself if it's not within the boardroom right now, because that will be the future of the company. And the way I think of it from a board's conversation is if a company doesn't think of themselves as a technology company in all aspects, no matter what you do, you are a technology company or you need to be. And if you're not thinking along that way, you're gonna, you're gonna lose market share and you're going to start falling behind your competitors. >>Well, and how much acceleration did the pandemic bring to just that organizations that weren't digital forward last year are probably gone? >>I think it certainly has shifted quite a lot. There's been a drive, the relevance of technology and hard plays for us in the modern workforce in the modern workplace has fundamentally changed the pandemic. We reimagine how we do things. Technology has progressed in itself significantly, and that made a big difference for, for all the environments as a result of that. So certainly is one of the byproducts of the pandemic has been certainly a good thing for everybody. >>Where does automation fit in the board? Virginia? You've got compensation committee. You've probably, I mean, there's somebody in charge of cyber. You got ESG now there's automation part of a broader digital agenda. Where's what's the right word. >>You know, I, I would personally put it in a enterprise risk management from a standpoint that if you're not focused on it, it's going to be a risk to the enterprise. And, um, when you think of automation and intelligent automation and RPA, uh, I think boards have a pretty good sense of how you interface with your customers and your vendors. I think a big push ought to be looking internally at your own infrastructure. You know, what are you, what are you doing in the HR space? What are you doing in a financial statement, close process? What are you doing your procurement process? I suspect there's still a lot of very routine transactions and processing within those, that infrastructure that if you just apply some RPA artificial intelligence, that data extraction techniques, you can probably eliminate a lot of man hours from the routine stuff. And, and the many man hours is probably not the right way to think of it. You could elevate people's work from being pushing numbers around to being data analyzers. And that's where the excitement is for people to see. >>It's not how it's viewed at organizations. We're not eliminating hours. Well focusing folks on much more strategic down at a test. >>Yes. I would say that that's exactly right now in the private sector, you're always going to have the efficiency play and profitability. So there will be an element of that. I know when at HUD we're, we're focused, we were not focused on eliminating hours because we needed people and we focused on creating efficiencies within the space and having people convert from, again, being Trent routine transactions, to being data analyzers and made the jobs, I'm sure. Fund for them as well. I mean, this is a lot of fun stuff. And, and if, uh, uh, companies need to be pushing this down through their entire infrastructure, not just dealing with our customers and the third parties that they deal with >>Catalyst or have been public sector. So you mentioned they may be five or six years behind, but I've seen certain public sector organizations really lean in, they learn from, from the private sector. And then even when you think about some of the military, how advanced they are absolutely. You know, the private could learn from them and if they could open it up. But >>So, yeah, I think that's, that's well said I was in this, you know, the that's the civilian part with, with the housing and urban development. I think the catalyst is, uh, bringing the expertise in, uh, I know when I, when I came, I went to HUD to elevate their financial infrastructure. It was, it was probably the worst of the cabinet agency. The financials were a mess. There was no, there was a, uh, there was not a clean audit opinion for eight years. And I was there to fix that and we fixed it through digitalization and digital transformation, as well as a financial transformation. The catalyst is just creating the education, letting people know what is, what, what technology can do. You don't have to be a programmer, but it's like driving a car. Anybody can drive a car, but we can't mechanic, you know, work as a mechanic on it. >>So I think it's creating education, letting people know what it can do. And at HUD, for example, we did a very simple, I was telling James earlier, we did a very simple RPA project on an, an, a financial statement, close process. It was 2,600 hours, six months. Once we implemented the RPA, brought that down to 70 hours, two weeks, people's eyes exploded with it. And then all of a sudden, I said, I want everyone to go back and come back with, with any manual process, any routine process that can convert to an RPA. And I got a list of a hundred, then it came then became trying to slow everything down. We're not going to do it overnight. Yeah, exactly. >>So, but it was self-funding. It was >>Self-funded. Yes. >>And, and how do you take that message to customers that it could be self-funding how how's that resonating >>Very well. And I think it was important. I always like to say, it's a point of differentiation because you look at, uh, mentioned earlier that organizations are basically technology companies. That's what they are. But now if you look across that we no longer compete at the ERP level without got SAP, Oracle, it's not a point of differentiation. We don't compete the application layer where they've got service. Now, black line, how we use them is helpful. We competed the digital layer and with automation is a major component of that. That's where your differentiation takes place. Now, if you have a point of differentiation, that is self-funding, it fundamentally changes the game. And that's why it's so important for boards to understand this, because that risk management, if you've not doing it, somebody is getting ahead of the game much faster than you are. >>Yeah. Yeah. You mentioned ERP and it, and it triggered something in my mind. Cause I, I said this 10 years ago about data. If in the nineties, you, you couldn't have picked SAP necessarily as the winner of ERP. But if you could have picked the companies that were using ERP could have made a lot of money in the stock market because they outperform their peers. And the same thing was true with data. And I think the same thing is going to be true with automation in the coming decade. >>Couldn't agree more. And I think that's exactly the point that differential acceleration happening this. And it's harder because of the Europeans. Once you knew what it was, you can put the boundaries on it. Digital, the options are infinite. It's just continuous progress as are from there. >>I've got a question for you. You talked about some great stats about how dramatically faster things were took far less time. How does that help from an adoption perspective? I know how much cultural change is very difficult for folks in any organization, but that sort of self-serving how does that help fuel adoption? >>Well, it's interesting. Um, it's, it is a, we're actually going to talk about this tomorrow. It is a framework and it's got to start at the leadership has got to start with governance. It's got to start with a detailed plan. That's executable. And it's got to start with getting buy-in from not only your, the, the organization, but the people you're dealing with outside the organization. Um, it's, it's, uh, I think that's absolutely critical. And when you bring this back to the boardroom, they are the leaders of the companies. And, and I, James, I talked about this as we're getting ready for tomorrow's session. I think the number one thing a board can do today is an own personal self assessment. Do they understand automation? Do they understand what next generation three is? Do they understand what the different components can do? And do they understand how the companies are implementing it? And if I was a board member, uh, on our boards, I say, we need to understand that or else this is nothing's going to happen. We're going to be here at the reliance of the CEO and the CFO strategy, which may or may not include or be thinking about this next three. So leadership at the top is going to drive this. And it's so critical. >>We were talking about catalyst before. And you mentioned education and expertise. I'm always curious as to what drew you to public sector because it's, yeah, I mean, very successful, you know, you're, you're with one of the global SIS directly, you can make a lot more money and that side. So what was it did, was it a desire to it's a great country? Was it >>Take one for the team and I'm going to do a selfish plug here. I just actually wrote a book in this whole thing called transforming a federal agency. What's the name of the book transforming and federal agency. And it's, uh, I spent my time at E Y for 37 years, fully retired. I wanted to give back and do meaningful work. And we lived in Columbus, Ohio, as I was talking about earlier, I was going to go teach and I got a call from the president's personnel office to see if I wanted to come. And these, the CFO at HUD with secretary Carson and change turn the agency around, uh, that took me a little while to say yes, because I wasn't sure I wanted something full time. It was a, it was in DC. So I'd be in a commuting role back and forth. My family's in Columbus. >>Um, but it was, uh, I did it and I loved it. It was, uh, I would pray, I would ask anyone that's has the ability to go into public service at any point in their career to do it. It's it was very rewarding. It was one of my favorite three years of life. And to your point, I didn't have to do it, but, uh, if I wanted to do something and give back and that met the criteria and we were very successful in turning it around with the digital transformation and a lot of stuff that we're talking about today gave me the ability to talk about it because I helped lead it >>For sharing that and did it. So did it start with the CFO's office? Because the first time I ever even heard about our RPO RPA was at a CFO conference and I started talking to him like, oh, this is going to be game changing. Is that where it started? Is that where it lands today? >>From an infrastructure standpoint, the CFO has the wonderful ability to see most processes within a company and its entire lifestyle from beginning to end. So CFO has that visibility to understand where efficiencies can happen in the process. And so the CFO plays a dramatically important role in this. And you think about a CFO's role today versus 20 years ago, it's no longer this, the bean counter rolling up numbers that become a business advisors to the board, to the CEO and to the executive suite. Um, so the CFO, I think has probably the best visibility of all the processes on a global basis. And they can see where the, the efficiencies and the implementation of automation can happen. >>So they can be catalysts and really fueling the actual >>Redesign of work. Yes, they, they, they probably need to be the catalyst. And as a board member, you want to be asking what is the CFO's strategic imperative for the next year? And if it doesn't include this, it's just got to get on the agenda. >>Well, curve ball here is his CFO question and you know, three years or two years ago, you wouldn't have even thought, I mean, let me set it up better. One of the industries that is highly automated is crypto. Yeah. You wouldn't even thought about crypto in your balance sheet a couple of years ago, but I'm not sure it's a widespread board level discussion, but as a CFO, what do you make of the trend to put Bitcoin on balance sheets? >>Yeah, I'm probably not the right person to ask because I'm a conservative guy. >>If somebody supported me and he said, Hey, why don't we put crypto on the balance sheet? >>I would get much more educated. I wouldn't shut it down. I would put it into, let's get more educated. Let's get the experts in here. Let's understand what's really happening with it. Let's understand what the risks are, what the rewards are. And can we absorb any sort of risk or reward with it? And when you say put it on the balance sheet, you can put it on in a small way to test it out. I wouldn't put the whole, I wouldn't make the whole balance sheet for Dell on day one. So that's why I would think about it. Just tell, tell me more, get me educated. How did you think about it? How can it help our business? How can I help our shareholders? How does it grow the bottom line? And then, then you start making decisions. >>Cause CFOs, let me find nature often conservative and most CFOs that I talked to just say no way, not a chance, but you're, maybe you're not as conservative as you think. Well, >>No, but I will never say go away on anything. I mean, cause I want to learn. I want to know. I mean, um, if you like all this stuff, that's new, it's easy to say go away, right? Yeah. But all of a sudden, three years later, the go away, all your competitors are doing it at a competitive advantage. So never say go away, get yourself educated before you jump into it. >>That's good advice. Yeah. In any walk of life question for you, or have you talked about the education aspect there? I'm curious from a risk mitigation perspective, especially given the last 18, 19 months, so tumultuous, so scary for all those organizations that were very digital, they're either gone or they accelerated very quickly. How much of an education do you have to provide certain industries? And are you seeing certain industries? I think healthcare manufacturing, financial services as being leaders in the uptake? >>Well, I think the financial service industries, for sure, they, they, they get this and then they need to, uh, cause they, you know, they're, they're a transaction and based, uh, industry. Uh, so they get it completely. Um, you know, I think maybe some manufacturing distribution, some of the old line businesses are, you know, they may not be thinking of this as progressively as they should. Um, but they'll get there. They're going to have to get there eventually. Um, you know, when you think about the education, my, I thought you were gonna ask a question about the education of the workforce. And I think as a board member, I would be really focused on, uh, how am I educating my workforce of the future? And do I have the workforce of the future today? Do I have to educate them to have to bring in hiring for it? Do I have to bring third-party service providers to get us there? So as a board member really focus on, do I have the right workforce to get us to this next stage? And if not, what do I need to do to get there? Because >>We'll allocate a percentage of their budgets to training and education. And the question is where do they put it >>In? Is it the right training and education, right? >>Where do they focus though? Right now we hear you iPad talking about they're a horizontal play, but James, when you and Lisa, we were asking about industry, when you go to market, are you, are you more focused on verticals? Are you thinking, >>No, it's on two things. So which often find is regardless of the sector with some nuanced variation, the back office functions are regionally the procure to pay process as the same fundamentals, regardless of the sector where the differentiation comes in at a sector of service is when you start going to the middle of the front office, I mean a mining has only one customer. They sold their product to image the retailer has an endless number of them. So when you get to the middle and front office and really start engaging with a customer and external vendors, then a differentiation is very unique and you'd have a lot of sort of customers having sector specific nuances and variations in how you use the platform. And that's where the shift now is happening as well is the back office functions that are largely driven by the CFO. If now getting good, robust value out of it, there's pivot to make it a differentiator in the market, comes in the front and middle office. And that's where we starting to say, sector specific genres solutions, nuances really come to the fall >>Deep industry expertise. Do you think digital at all changes that the reason I ask it because I see Amazon as a retail and then they're in cloud and they're in grocery other in content Apple's in, in financial services and you're seeing these internet giants with a dual agenda, they're disrupting horizontal technology and then there's disruptive industries. And my premise is it's because of data and digital. Do you ever see that industry specialization changing that value chain >>Without a doubt? And I think it's happens initially. It starts off. When people have started looking at the process, they realize there's such key dependencies on the upstream and downstream components of the value chain that they want to control it. So they actually start bridging out of what the core practices or the core business to own a broader agenda. And with digital, you can do it. You can actively interact more systemically that installs triggering, well, maybe I have a different product offering. Maybe I can own this. Could I monetize the information I had at my disposal today in a completely new line. And that really what gets truly innovative and starts creating a revenue increase as opposed as the cost saving. And that's what they're really going after. It's how do I, >>The vertical integration is not new. The plenty of ended up Koch industries, Tyson foods, but now it's digital. So presumably you can do it faster with greater greater scale >>Without a doubt. And you don't have to move your big ERP and things like that. Cause that's the only way it takes five years to move my technology backbone with digital. I can do the interaction tomorrow and we can build up enough to be able to sustain that in the short term. >>Right. And speaking of speed, unfortunately, guys, we are out of time, but thank you. Fantastic conversation automation as a board imperative guys, that's been great James or >>Thank you for your time. Thank you so much >>For Dave a long day. I'm Lisa Martin. You're watching the queue. We are live in Las Vegas at the Bellagio at UI path forward for stick around Dave and I will be right back. Okay.

>>President. >>Hello everyone and welcome to wien on 2021. My name is Dave Volonte and you're watching the cubes continuous coverage of the event. You know, VM is a company that made its mark riding the virtualization wave, but quite amazingly has continued to extend its product portfolio and catch the other major waves of the industry. Of course, we're talking about cloud backup. SaS data protection was one of the early players there making moves and containers. And this is the VM on power panel with me or Danny Allen, who is the Ceo and Senior vice president of product strategy at VM. Dave Russell is the vice President of enterprise Strategy, of course, said Vin and Rick Vanover, senior director of product strategy at VM. It's great to see you again. Welcome back to the cube. >>Good to be here. >>Well, it had to be here. >>Yeah, let's do it. >>Let's do this. So Danny, you know, we heard you kind of your keynotes and we saw the general sessions and uh sort of diving into the breakouts. But the thing that jumps out to me is this growth rate that you're on. Uh you know, many companies and we've seen this throughout the industry have really struggled, you know, moving from the traditional on prem model to an an A. R. R. Model. Uh they've had challenges doing so the, I mean, you're not a public company, but you're quite transparent and a lot of your numbers 25% a our our growth year of a year in the last quarter, You know, 400,000 plus customers. You're talking about huge numbers of downloads of backup and replication Danny. So what are your big takeaways from the last, You know, 6-12 months? I know it was a strange year obviously, but you guys just keep cranking. >>Yeah, so we're obviously hugely excited by this and it really is a confluence of various things. It's our, it's our partners, it's the channel. Um, it's our customers frankly that that guide us and give us direction on what to do. But I always focus in on the product because I, you know, we run product strategy here, this group and we're very focused on building good products and I would say there's three product areas that are on maximum thrust right now. One is in the data center. So we built a billion dollar business on being the very best in the data center for V sphere, hyper V, um, for Nutanix, HV and as we announced also with red hat virtualization. So data center obviously a huge thrust for us going forward. The second assess Office 3 65 is exploding. We already announced we're protecting 5.8 million users right now with being back up for Office 3 65 and there's a lot of room to grow there. There's 145 million daily users of Microsoft teams. So a lot of room to grow. And then the third areas cloud, we moved over 100 petabytes of data into the public cloud in Q one and there's a lot of opportunity there as well. So those three things are driving the growth, the data center SaAS and cloud >>Davis. I want to get your kind of former analyst perspective on this. Uh you know, I know, you know, it's kind of become cliche but you still got that D. N. A. And I'm gonna tap it. So when you think about and you were following beam, of course very closely during its ascendancy with virtualization. And back then you wouldn't just take your existing, you know, approaches to back up in your processes and just slap them on to virtualization. That that wouldn't have worked. You had to rethink your backup. And it seems like I want to ask you about cloud because people talk about lift and shift and what I hear from customers is, you know, if I just lift and shift to cloud, it's okay, but if I don't have a plan to change my operating model, you know, I don't get the real benefit out of it. And so I would think back up data protection, data management etcetera is a key part of that. So how are you thinking about cloud and the opportunity there? >>Yeah, that's a good point, David. You know, I think the key area right there is it's important to protect the workload of the environment. The way that that environment is naturally is best suited to be protected and also to interact in a way that the administrator doesn't have to rethink, doesn't have to change their process so early on. Um I think it was very successful because the interface is the work experience looked like what an active directory administrator was used to, seeing if they went to go and protect something with me where to go recover an item. Same is true in the cloud, You don't want to just take what's working well in one area and just force it, you know, around round peg into a square hole. This doesn't work well. So you've got to think about the environment and you've got to think about what's gonna be the real use case for getting access to this data. So you want to really tune things and there's obviously commonality involved, but from a workflow perspective, from an application perspective and then a delivery model perspective, Now, when it comes to hybrid cloud multi cloud, it's important to look like that you belong there, not a fish out of water. >>Well, so of course, Danny you were talking to talking about you guys have product first, Right? And so rick your your key product guy here. What's interesting to me is when you look at the history of the technology industry and disruption, it's it's so often that the the incumbent, which you knew now an incumbent, you know, you're not the startup anymore, but the incumbent has challenges riding these these new waves because you've got to serve the existing customer base, but you gotta ride the new momentum as well. So how rick do you approach that from a product standpoint? Because based on the numbers that we see it doesn't you seem to be winning in both the traditional business and the new business. So how do you adapt from a product standpoint? >>Well, Dave, that's a good question. And Danny set it up? Well, it's really the birth of the Wien platform and its relevance in the market. In my 11th year here at Wien, I've had all kinds of conversations. Right. You know, the perception was that, you know, this smb toy for one hyper Advisor those days are long gone. We can check the boxes across the data center and cloud and even cloud native apps. You know, one of the things that my team has done is invest heavily in both people and staff on kubernetes, which aligns to our casting acquisition, which was featured heavily here at V Mon. So I think that being able to have that complete platform conversation Dave has really given us incredible momentum but also credibility with the customers because more than ever, this fundamental promise of having data backed up and being able to drive a recovery for whatever may happen to data nowadays. You know, that's a real emotional, important thing for people and to be able to bring that kind of outcome across the data center, across the cloud, across changes in what they do kubernetes that's really aligned well to our success and you know, I love talking to customers now. It's a heck of a lot easier when you can say yes to so many things and get the technical win. So that kind of drives a lot of the momentum Dave, but it's really the platform. >>So let's talk about the future of it and I want all you guys to chime in here and Danny, you start up, How do you see it? I mean, I always say the last 10 years, the next 10 years ain't gonna be like the last 10 years whether it's in cloud or hybrid et cetera. But so how Danny do you see I. T. In the future of I. T. Where do you see VM fitting in, how does that inform your roadmap, your product strategy? Maybe you could kick that segment off? >>Yeah. I think of the kind of the two past decades that we've gone through starting back in 2000 we had a lot of digital services built for end users and it was built on physical infrastructure and that was fantastic. Obviously we could buy things online, we could order close we could order food, we we could do things interact with end users. The second era about a decade later was based on virtualization. Now that wasn't a benefit so much to the end user is a benefit to the business. The Y because you could put 10 servers on a single physical server and you could be a lot more flexible in terms of delivery. I really think this next era that we're going into is actually based on containers. That's why the cost of acquisition is so strategic to us. Because the unique thing about containers is they're designed for to be consumption friendly. You spin them up, you spin them down, you provision them, you d provisions and they're completely portable. You can move it >>from on >>premises if you're running open shift to e k s a k s G k E. And so I think the next big era that we're going to go through is this movement towards containerized infrastructure. Now, if you ask me who's running that, I still think there's going to be a data center operations team, platform ups is the way that I think about them who run that because who's going to take the call in the middle of the night. But it is interesting that we're going through this transformation and I think we're in the very early stages of this radical transformation to a more consumption based model. Dave. I don't know what you think about that. >>Yeah, I would say something pretty similar Danny. It sounds cliche day valenti, but I take everything back to digital transformation. And the reason I say that is to me, digital transformation is about improving customer intimacy and so that you can deliver goods and services that better resonate and you can deliver them in better time frame. So exactly what Danny said, you know, I think that the siloed approaches of the past where we built very hard in environments and we were willing to take a long time to stand those up and then we have very tight change control. I feel like 2020 sort of a metaphor for where the data center is going to throw all that out the window we're compiling today. We're shipping today and we're going to get experience today and we're going to refine it and do it again tomorrow. But that's the environment we live in. And to Danny's point why containers are so important. That notion of shift left meaning experience things earlier in the cycle. That is going to be the reality of the data center regardless of whether the data center is on prem hybrid cloud, multi cloud or for some of us potentially completely in the cloud. >>So rick when you think about some of your peeps like the backup admit right and how that role is changing in a big discussion in the economy now about the sort of skills gap we got all these jobs and and yet there's still all this unemployment now, you know the debate about the reasons why, but there's a there's a transition enrolls in terms of how people are using products and obviously containers brings that, what what are you seeing when you talk to like a guy called him your peeps? Yeah, it's >>an evolving conversation. Dave the audience, right. It has to be relevant. Uh you know, we were afforded good luxury in that data center wheelhouse that Danny mentioned. So virtualization platform storage, physical servers, that's a pretty good start. But in the software as a service wheelhouse, it's a different persona now, they used to talk to those types of people, there's a little bit of connection, but as we go farther to the cloud, native apps, kubernetes and some of the other SAAS platforms, it is absolutely an audience journey. So I've actually worked really hard on that in my team, right? Everything from what I would say, parachuting into a community, right? And you have to speak their language. Number one reason is just number one outcomes just be present. And if you're in these communities you can find these individuals, you can talk their language, you can resonate with their needs, right? So that's something uh you know, everything from Levin marketing strategy to the community strategy to even just seating products in the market, That's a recipe that beam does really well. So yeah, it's a moving target for sure. >>Dave you were talking about the cliche of digital transformation and I'll say this may be pre Covid, I really felt like it was a cliche, there was a lot of, you know, complacency, I'll call it, but then the force marks the digital change that uh and now we kind of understand if you're not a digital business, you're in trouble. Uh And so my question is how it relates to some of the trends that we've been talking about in terms of cloud containers, We've seen the SAs ification for the better part of a decade now, but specifically as it relates to migration, it's hard for customers to just migrate their application portfolio to the cloud. Uh It's hard to fund it. It takes a long time. It's complex. Um how do you see that cloud migration evolving? Maybe that's where hybrid comes in And again, I'm interested in how you guys think about it and how it affects your strategy. >>Yeah. Well it's a complex answer as you might imagine because 400,000 customers, we take the exact same code. The exact same ice so that I run on my laptop is the exact same being backup and replication image that a major bank protects almost 20,000 machines and a petabytes of data. And so what that means is that you have to look at things on a case by case basis for some of us continuing to operate proprietary systems on prem might be the best choice for a certain workload. But for many of us the Genie is kind of out of the bottle with 2020 we have to move faster. It's less about safety and a lot more about speed and favorable outcome. We'll fix it if it's broken but let's get going. So for organizations struggling with how to move to the cloud, believe it or not, backup and recovery is an excellent way to start to venture into that because you can start to move data backup ISm data movement engine. So we can start to see data there where it makes sense. But rick would be quick to point out we want to offer a safe return. We have instances of where people want to repatriate data back and having a portable data format is key to that Rick. >>Uh yeah, I had a conversation recently with an organization managing cloud sprawl. They decided to consolidate, we're going to use this cloud, so it was removing a presence from one cloud that starts with an A and migrating it to the other cloud that starts with an A. You know, So yeah, we've seen that need for portability repatriation on prem classic example going from on prem apps to software as a service models for critical apps. So data mobility is at the heart of VM and with all the different platforms, kubernetes comes into play as well. It's definitely aligning to the needs that we're seeing in the market for sure. >>So repatriation, I want to stay on that for a second because you're, you're an arms dealer, you don't care if they're in the cloud or on prem and I don't know, maybe you make more money in one or the other, but you're gonna ride whatever waves the market gives you so repatriation to me implies. Or maybe I'm just inferring that somebody's moved to the cloud and they feel like, wow, we've made a mistake, it was too fast, too expensive. It didn't work for us. So now we're gonna bring it back on prem. Is that what you're saying? Are you saying they actually want their data in both both places. As another layer of data protection Danny. I wonder if you could address that. What are you seeing? >>Well, one of the interesting things that we saw recently, Dave Russell actually did the survey on this is that customers will actually build their work laid loads in the cloud with the intent to bring it back on premises. And so that repatriation is real customers actually don't just accidentally fall into it, but they intend to do it. And the thing about being everyone says, hey, we're disrupting the market, we're helping you go through this transformation, we're helping you go forward. Actually take a slightly different view of this. The team gives them the confidence that they can move forward if they want to, but if they don't like it, then they can move back and so we give them the stability through this incredible pace, change of innovation. We're moving forward so so quickly, but we give them the ability to move forward if they want then to recover to repatriate if that's what they need to do in a very effective way. And Dave maybe you can touch on that study because I know that you talked to a lot of customers who do repatriate workloads after moving them to the cloud. >>Yeah, it's kind of funny Dave not in the analyst business right now, but thanks to Danny and our chief marketing Officer, we've got now half a dozen different research surveys that have either just completed or in flight, including the largest in the data protection industry's history. And so the survey that Danny alluded to, what we're finding is people are learning as they're going and in some cases what they thought would happen when they went to the cloud they did not experience. So the net kind of funny slide that we discovered when we asked people, what did you like most about going to the cloud and then what did you like least about going to the cloud? The two lists look very similar. So in some cases people said, oh, it was more stable. In other cases people said no, it was actually unstable. So rick I would suggest that that really depends on the practice that you bring to it. It's like moving from a smaller house to a larger house and hoping that it won't be messy again. Well if you don't change your habits, it's eventually going to end up in the same situation. >>Well, there's still door number three and that's data reuse and analytics. And I found a lot of organizations love the idea of at least manipulating data, running test f scenarios on yesterday's production, cloud workload completely removed from the cloud or even just analytics. I need this file. You know, those types of scenarios are very easy to do today with them. And you know, sometimes those repatriations, those portable recoveries, Sometimes people do that intentionally, but sometimes they have to do it. You know, whether it's fire, flood and blood and you know, oh, I was looks like today we're moving to the cloud because I've lost my data center. Right. Those are scenarios that, that portable data format really allows organizations to do that pretty easily with being >>it's a good discussion because to me it's not repatriation, it has this negative connotation, the zero sum game and it's not Danny what you describe and rick as well. It was kind of an experimentation, a purposeful. We're going to do it in the cloud because we can and it's cheap and low risk to spin it up and then we're gonna move it because we've always thought we're going to have it on prem. So, so you know, there is some zero sum game between the cloud and on prem. Clearly no question about it. But there's also this rising tide lifts all ship. I want to, I want to change the subject to something that's super important and and top of mind it's in the press and it ain't going away and that is cyber and specifically ransomware. I mean, since the solar winds hack and it seems to me that was a new milestone in the capabilities and aggressiveness of the adversary who is very well funded and quite capable. And what we're seeing is this idea of tucking into the supply chain of islands, so called island hopping. You're seeing malware that's self forming and takes different signatures very stealthy. And the big trend that we've seen in the last six months or so is that the bad guys will will lurk and they'll steal all kinds of sensitive data. And then when you have an incident response, they will punish you for responding. And they will say, okay, fine, you want to do that. We're going to hold you ransom. We're gonna encrypt your data. And oh, by the way, we stole this list of positive covid test results with names from your website and we're gonna release it if you don't pay their. I mean, it's like, so you have to be stealthy in your incident response. And this is a huge problem. We're talking about trillions of dollars lost each year in, in in cybercrime. And so, uh, you know, it's again, it's this uh the bad news is good news for companies like you. But how do you help customers deal with this problem? What are you seeing Danny? Maybe you can chime in and others who have thoughts? >>Well we're certainly seeing the rise of cyber like crazy right now and we've had a focus on this for a while because if you think about the last line of defense for customers, especially with ransomware, it is having secure backups. So whether it be, you know, hardened Linux repositories, but making sure that you can store the data, have it offline, have it, have it encrypted immutable. Those are things that we've been focused on for a long while. It's more than that. Um it's detection and monitoring of the environment, which is um certainly that we do with our monitoring tools and then also the secure recovery. The last thing that you want to do of course is bring your backups or bring your data back online only to be hit again. And so we've had a number of capabilities across our portfolio to help in all of these. But I think what's interesting is where it's going, if you think about unleashing a world where we're continuously delivering, I look at things like containers where you have continues delivery and I think every time you run that helm commander, every time you run that terra form command, wouldn't that be a great time to do a backup to capture your data so that you don't have an issue once it goes into production. So I think we're going towards a world where security and the protection against these cyber threats is built into the supply chain rather than doing it on just a time based uh, schedule. And I know rick you're pretty involved on the cyber side as well. Would you agree with that? I >>would. And you know, for organizations that are concerned about ransomware, you know, this is something that is taken very seriously and what Danny explained for those who are familiar with security, he kind of jumped around this, this universally acceptable framework in this cybersecurity framework there, our five functions that are a really good recipe on how you can go about this. And and my advice to IT professionals and decision makers across the board is to really align everything you do to that framework. Backup is a part of it. The security monitoring and user training. All those other things are are areas that that need to really follow that wheel of functions. And my little tip here and this is where I think we can introduce some differentiation is around detection and response. A lot of people think of backup product would shine in both protection and recovery, which it does being does, but especially on response and detection, you know, we have a lot of capabilities that become impact opportunities for organizations to be able to really provide successful outcomes through the other functions. So it's something we've worked on a lot. In fact we've covered here at the event. I'm pretty sure it will be on replay the updated white paper. All those other resources for different levels can definitely guide them through. >>So we follow up to the detection is what analytics that help you identify whatever lateral movement or people go in places they shouldn't go. I mean the hard part is is you know, the bad guys are living off the land, meaning they're using your own tooling to to hack you. So they're not it's not like they're introducing something new that shouldn't be there. They're they're just using making judo moves against you. So so specifically talk a little bit more about your your detection because that's critical. >>Sure. So I'll give you one example imagine we capture some data in the form of a backup. Now we have an existing advice that says, you know what Don't put your backup infrastructure with internet connectivity. Use explicit minimal permissions. And those three things right there and keep it up to date. Those four things right there will really hedge off a lot of the different threat vectors to the back of data, couple that with some of the mutability offline or air gapped capabilities that Danny mentioned and you have an additional level of resiliency that can really ensure that you can drive recovery from an analytic standpoint. We have an api that allows organizations to look into the backup data. Do more aggressive scanning without any exclusions with different tools on a flat file system. You know, the threats can't jump around in memory couple that with secure restore. When you reintroduce things into the environment From a recovery standpoint, you don't want to reintroduce threats. So there's protections, there's there's confidence building steps along the way with them and these are all generally available technologies. So again, I got this white paper, I think we're up to 50 pages now, but it's a very thorough that goes through a couple of those scenarios. But you know, it gets the uh, it gets quickly into things that you wouldn't expect from a backup product. >>Please send me a copy if you, if you don't mind. I this is a huge problem and you guys are global company. I admittedly have a bit of a US bias, but I was interviewing robert Gates one time the former defense secretary and we're talking about cyber war and I said, don't we have the best cyber, can't we let go on the offense? He goes, yeah, we can, but we got the most to lose. So this is really a huge problem for organizations. All right, guys, last question I gotta ask you. So what's life like under, under inside capital of the private equity? What's changed? What's, what's the same? Uh, do you hear from our good friend ratner at all? Give us the update there. >>Yes. Oh, absolutely fantastic. You know, it's interesting. So obviously acquired by insight partners in February of 2020, right, when the pandemic was hitting, but they essentially said light the fuse, keep the engine's going. And we've certainly been doing that. They haven't held us back. We've been hiring like crazy. We're up to, I don't know what the count is now, I think 4600 employees, but um, you know, people think of private equity and they think of cost optimizations and, and optimizing the business, That's not the case here. This is a growth opportunity and it's a growth opportunity simply because of the technology opportunity in front of us to keep, keep the engine's going. So we hear from right near, you know, on and off. But the new executive team at VM is very passionate about driving the success in the industry, keeping abreast of all the technology changes. It's been fantastic. Nothing but good things to say. >>Yes, insight inside partners, their players, we watched them watch their moves and so it's, you know, I heard Bill McDermott, the ceo of service now the other day talking about he called himself the rule of 60 where, you know, I always thought it was even plus growth, you know, add that up. And that's what he was talking about free cash flow. He's sort of changing the definition a little bit but but so what are you guys optimizing for you optimizing for growth? Are you optimising for Alberta? You optimizing for free cash flow? I mean you can't do All three. Right. What how do you think about that? >>Well, we're definitely optimizing for growth. No question. And one of the things that we've actually done in the past 12 months, 18 months is beginning to focus on annual recurring revenue. You see this in our statements, I know we're not public but we talk about the growth in A. R. R. So we're certainly focused on that growth in the annual recovering revenue and that that's really what we tracked too. And it aligns well with the cloud. If you look at the areas where we're investing in cloud native and the cloud and SAAS applications, it's very clear that that recurring revenue model is beneficial. Now We've been lucky, I think we're 13 straight quarters of double-digit growth. And and obviously they don't want to see that dip. They want to see that that growth continue. But we are optimizing on the growth trajectory. >>Okay. And you see you clearly have a 25% growth last quarter in A. R. R. Uh If I recall correctly, the number was evaluation was $5 billion last january. So obviously then, given that strategy, Dave Russell, that says that your tam is a lot bigger than just the traditional backup world. So how do you think about tam? I'll we'll close there >>and uh yeah, I think you look at a couple of different ways. So just in the backup recovery space or backup in replication to paying which one you want to use? You've got a large market there in excess of $8 billion $1 billion dollar ongoing enterprise. Now, if you look at recent i. D. C. Numbers, we grew and I got my handy HP calculator. I like to make sure I got this right. We grew 44.88 times faster than the market average year over year. So let's call that 45 times faster and backup. There's billions more to be made in traditional backup and recovery. However, go back to what we've been talking around digital transformation Danny talking about containers in the environment, deployment models, changing at the heart of backup and recovery where a data capture data management, data movement engine. We envision being able to do that not only for availability but to be able to drive the business board to be able to drive economies of scale faster for our organizations that we serve. I think the trick is continuing to do more of the same Danny mentioned, he knows the view's got lit. We haven't stopped doing anything. In fact, Danny, I think we're doing like 10 times more of everything that we used to be doing prior to the pandemic. >>All right, Danny will give you the last word, bring it home. >>So our goal has always been to be the most trusted provider of backup solutions that deliver modern data protection. And I think folks have seen at demon this year that we're very focused on that modern data protection. Yes, we want to be the best in the data center but we also want to be the best in the next generation, the next generation of I. T. So whether it be sas whether it be cloud VM is very committed to making sure that our customers have the confidence that they need to move forward through this digital transformation era. >>Guys, I miss flying. I mean, I don't miss flying, but I miss hanging with you all. We'll see you. Uh, for sure. Vim on 2022 will be belly to belly, but thanks so much for coming on the the virtual edition and thanks for having us. >>Thank you. >>All right. And thank you for watching everybody. This keeps continuous coverage of the mon 21. The virtual edition. Keep it right there for more great coverage. >>Mm

(upbeat music) >> Welcome everybody to VeeamON 2021 you're watching theCUBE. My name is Dave Villante. You know in 2020 cyber adversaries they seize the opportunity to really up their game and target workers from home and digital supply chains. It's become increasingly clear to observers that we're entering a new era of cyber threats where infiltrating companies via so-called Island Hopping and stealthily living off the land meaning they're using your own tools and infrastructure to steal your data. So they're not signaling with new tools that they're in there. It's becoming the norm for sophisticated hacks. Moreover, these well-funded and really sophisticated criminals and nation States are aggressively retaliating against incident responses. In other words, when you go to fix the problem they're not leaving the premises they're rather they're tightening the vice on victims by holding your data ransom and threatening to release previously ex filtrated and brand damaging information to the public. What a climate in which we live today. And with me to talk about these concerning trends and what you can do about it as Gil Vega, the CISO of Veeam Gil great to see you. Thanks for coming on. >> Great to see you, Dave. Thanks for having me. >> Yeah. So, you know, you're hearing my intro. It's probably understating the threat. You are a Veeam's first CISO. So how do you see the landscape right now? >> That's right. Yeah. And I've been with the company for just over a year now, but my background is in financial services and spent a lot of time managing cybersecurity programs at the classified level in Washington DC. So I've gleaned a lot of scar tissue from lots of sophisticated attacks and responses. But today I think what we're seeing is really a one-upmanship by a sophisticated potentially nation state sponsored adversaries, this idea of imprisoning your data and charging you to release it is it's quite frightening. And as we've seen in the news recently it can have devastating impacts not only for the economy, but for businesses. Look at the gas lines in the Northeast right now because of the quality of a pipeline, a ransomware attack. I just, the government just released an executive order this morning, that hopes to address some of the some of the nation's unpreparedness for these sophisticated attacks. And I think it's time. And I think everyone's excited about the opportunity to really apply a whole of government approach, to helping critical infrastructure to helping and partnering with private sector and imposing some risks, frankly, on some of the folks that are engaged in attacking our country. >> A number of years ago, I often tell this story. I had the pleasure of interviewing Robert Gates the former Defense Secretary. And it was a while ago we were talking about cyber and he sits on a number of boards. And we were talking about how it's a board level issue. And, and we're talking about cyber crime and the like and nation States. And I said, well, wait, cyber warfare, even. And I said, "But don't we have the best cyber tech. I mean, can't we go on the offense?" And he goes, "Yeah, we do. And we can, but we have more to lose." And to your point about critical infrastructure, it's not just like, okay, we have the most powerful weapons. It's really we have the most valuable infrastructure and a lot to lose. So it's really a tricky game. And this notion of having to be stealthy in your incident response is relatively new. Isn't it? >> It is. It is. And you know, there are, you mentioned that and I was surprised you mentioned because a lot of people really don't talk about it as you're going into your response your adversaries are watching or watching your every move. You have to assume in these days of perpetual state of compromise in your environments, which means that your adversaries have access to your environment to the point that they're watching your incident responders communicate with one another and they're countering your moves. So it's sort of a perverse spin on the old mutually assured destruction paradigm that you mentioned the United States has the world's largest economy. And quite frankly the world's most vulnerable, critical infrastructure. And I would concur with Director Gates or Secretary Gates rather it is assessment that we've got to be awfully careful and measured in our approach to imposing risks. I think the government has worked for many years on defining red lines. And I think this latest attack on the colonial pipeline affecting the economy and people's lives and potentially putting people's lives at risk is towing also the close to that red line. And I'm interested to see where this goes. I'm interested to see if this triggers even a, you know a new phase of cyber warfare, retaliation, you know proactive defense by the National Security Community of the United States government. Be interesting to see how this plays out. >> Yeah, you're absolutely right though. You've got this sort of asymmetric dynamic now which is unique for the United States as soon as strongest defense in the world. And I wanted to get it to ransomware a bit. And specifically this notion of ransomware as a service it's really concerning where criminals can actually outsource the hack as a service and the bad guys will set up, you know, on the dark web they'll have, you know, help desks and phone lines. They'll do the negotiations. I mean, this is a really concerning trend. And obviously Veeam plays a role here. I'm wondering as a, as a SecOps pro what should we be doing about this? >> Yeah, you mentioned ransomware as a service, whereas RWS it's an incredibly pernicious problem perpetrated by sophisticated folks who may or may not have nation state support or alliances. I think at a minimum certain governments are looking the other way as it relates to these criminal activities. But with ransomware as a service, you're essentially having very sophisticated folks create very complex ransomware code and distributed to people who are willing to pay for it. And oftentimes take a part of the ransom as their payment. The, issue with obviously ransomware is you know the age old question, are you going to pay a ransom or are you not going to pay a ransom? The FBI says, don't do it. It only encourages additional attacks. The Treasury Department put out some guidance earlier earlier in the year, advising companies that they could be subject to civil or criminal penalties. If they pay a ransom and the ransom goes to a sanction density. So there's danger on all sides. >> Wow okay. But so, and then the other thing is this infiltrating via digital supply chains I call it Island Hopping and the like, we saw that with the solar winds hack and the scary part is, you know different malware is coming in and self forming and creating different signatures. Not only is it very difficult to detect, but remediating, you know, one, you know combined self formed malware it doesn't necessarily take care of the others. And so, you know, you've got this sort of organic virus, like thing, you know, create mutating and that's something that's certainly relatively new to me in terms of its prevalence your thoughts on that and how to do it. >> Yeah, exactly right. You know, the advent of the polymorphic code that changes the implementation of advanced artificial intelligence and some of this malware is making our job increasingly difficult which is why I believe firmly. You've got to focus on the fundamentals and I think the best answers for protecting against sophisticated polymorphic code is,are found in the NIST cybersecurity framework. And I encourage everyone to really take a close look at implementing that cybersecurity framework across their environments, much like we've done here, here at Veeam implementing technologies around Zero Trust again assuming a perpetual state of compromise and not trusting any transaction in your environment is the key to combating this kind of attack. >> Well, and you know, as you mentioned, Zero Trust Zero Trust used to be a buzzword. Now it's like become a mandate. And you know, it's funny. I mean, in a way I feel like the crypto guys I know there's a lot of fraud in crypto, but but anybody who's ever traded crypto it's like getting into Fort Knox. I mean, you got to know your customer and you've got to do a little transaction. I mean, it's really quite sophisticated in terms of the how they are applying cybersecurity and you know, most even your bank isn't that intense. And so those kinds of practices, even though they're a bit of a pain in the neck, I mean it's worth the extra effort. I wonder if you could talk about some of the best practices that you're seeing how you're advising your clients in your ecosystem and the role that Veeam can play in helping here. >> Yeah, absolutely. As I mentioned so many recommendations and I think the thing to remember here so we don't overwhelm our small and medium sized businesses that have limited resources in this area is to remind them that it's a journey, right? It's not a destination that they can continually improve and focus on the fundamentals. As I mentioned, things like multi-factor authentication you know, a higher level topic might be micro-segmentation breaking up your environment into manageable components that you can monitor a real time. Real time monitoring is one of the key components to implementing Zero Trust architecture and knowing exactly what good looks like in your environment in a situation where you've got real-time monitoring you can detect the anomalies, the things that shouldn't be happening in your environment and to spin up your response teams, to focus and better understand what that is. I've always been a proponent of identity and access management controls and a key focus. We've heard it in this industry for 25 years is enforcing the concept of least privilege, making sure that your privileged users have access to the things they need and only the things that they need. And then of course, data immutability making sure that your data is stored in backups that verifiably has not been changed. And I think this is where Veeam comes into the equation where our products provide a lot of these very easily configured ransomware protections around data and your ability to the ability to instantly back up things like Office 365 emails, you know support for AWS and Azure. Your data can be quickly restored in the event that an attacker is able to in prison that with encryption and ransom demands. >> Well, and so you've certainly seen in the CISOs that I've talked to that they've had to obviously shift their priorities, thanks to the force march to digital, thanks to COVID, but Identity access management, end point security cloud security kind of overnight, you know, Zero Trust. We talked about that and you could see that in some of these, you know, high flying security stocks, Okta Zscaler, CrowdStrike, they exploded. And so what's in these many of these changes seem to be permanent sort of you're I guess, deeper down in the stack if you will, but you, you compliment these toolings with obviously the data protection approach the ransomware, the cloud data protection, air gaps, immutability. Maybe you could talk about how you fit in with the broader, you know, spate of tools. I mean, your, my eyes bleed when you look at all the security companies that are out there. >> Yeah for sure. You know, I'm just going to take it right back to the NIST cybersecurity framework and the five domains that you really need to focus on. Identify, protect, detect, respond, and recover, you know and until recently security practitioners and companies have really focused on on the protect, identify and protect, right and defend rather where they're focused on building, you know, moats and castles and making sure that they've got this, you know hard exterior to defend against attacks. I think there's been a shift over the past couple of years where companies have recognized that the focus needs to be on and respond and recover activities, right? Assuming that people are going to breach or near breach, your entities is a safe way to think about this and building up capabilities to detect those breaches and respond effectively to those breaches are what's key in implementing a successful cybersecurity program where Veeam fits into this since with our suite of products that that can help you through the recovery process, right? That last domain of the NIST cybersecurity framework it'll allow you to instantaneously. As I mentioned before, restore data in the event of a catastrophic breach. And I think it provides companies with the assurances that while they're protecting and building those Zero Trust components into their environments to protect against these pernicious and well-resourced adversaries there's the opportunity for them to recover very quickly using the VM suite of tools? >> Well, I see, I think there's an interesting dynamic here. You're pointing out Gil. There's not no longer is it that, you know, build a moat the Queen's leaving her castle. I always say, you know there is no hardened perimeter anymore. And so you've seen, you know, the shift obviously from hardware based firewalls and you I mentioned those other companies that are doing great but to me, it's all about these layers and response is a big in recovery is a huge part of that. So I'm seeing increasingly companies like Veeam is a critical part of that, that security cyber data protection, you know, ecosystem. I mean, to me it's just as important as the frontline pieces of even identity. And so you see those markets exploding. I think it's, there's a latent value that's building in companies like Veeam that are a key part of those that data protection layer you think about you know, defense strategies. It's not just you, the frontline it's maybe it's airstrikes, maybe it's, you know, C etcetera. And I see that this market is actually a huge opportunity for for organizations like yours. >> I think you're right. And I think the proof is in, you know in the pudding, in terms of how this company has grown and what we've delivered in version 11 of our suite, including, you know features like continuous data protection, we talked about that reliable ransomware protection support for AWS S3 Glacier and Azure archive the expanded incident recovery, and then support for disaster recovery and backup as a service. You know, what I found most interesting in my year here at Veeam is just how much our administrators the administrators in our company and our customers companies that are managing backups absolutely love our products that ease of use the instant backup capabilities and the support they receive from Veeam. It's almost cultish in terms of how our customers are using these products to defend themselves in today's pretty intense cyber threat environment. >> Well, and you talked about the NIST framework, and again big part of that is recovery, because we talked about earlier about, do you pay the ransom or not? Well, to the extent that I can actually recover from having all my data encrypted then I've got obviously a lot more leverage and in many ways, I mean, let's face it. We all know that it's not a matter of if it's, when you get infiltrated. And so to the extent that I can actually have systems that allow me to recover, I'm now in a much much stronger position in many respects, you know and CISOs again, will tell you this that's where we're shifting our investments >> Right. And you've got to do all of them. It's not just there's no silver bullet, but but that seems to me to be just a a misunderstood and undervalued part of the equation. And I think there's tremendous upside there for companies like yours. >> I think you're right. I think what I'll just add to that is the power of immutability, right? Just verifiably ensuring that your data has not changed because oftentimes you'll have attackers in these low and slow live off the land types of attacks change your data and affect its integrity with the Veeam suite of tools. You're able to provide for immutable or unchanged verifiable data and your backup strategy which is really the first step to recovery after a significant event. >> And that's key because a lot of times the hackers would go right after the backup Corpus you know, they'll sometimes start there is that all the data, you know, but if you can make that immutable and again, it, you know there's best practices there too, because, you know if you're not paying the cloud service for that immutability, if you stop paying then you lose that. So you have to be very careful about, you know how you know, who has access to that and you know what the policies are there, but again, you know you can put in, you know so a lot of this, as you know, is people in process. It's not just tech, so I'll give you the last word. I know you got to jump, but really appreciate.. >> Yeah, sure. >> You know, the only, the only thing that we didn't mention is user awareness and education. I think that is sort of the umbrella key focus principle for any successful cybersecurity program making sure your people understand, you know how to deal with phishing emails. You know, ransomware is a huge threat of our time at 90% of ransomware malware is delivered by phishing. So prepare your workforce to deal with phishing emails. And I think you'll save yourself quite a few headaches. >> It's great advice. I'm glad you mentioned that because because bad user behavior or maybe uninformed user behaviors is the more fair way to say it. It will trump good security every time. Gil, thanks so much for coming to the CUBE and and keep fighting the fight. Best of luck going forward. >> Great. Thank you, Dave. >> All right. And thank you for watching everybody. This is Dave Villante for the CUBEs continuous coverage VeeamON 2021, the virtual edition. We will be right back. (upbeat music)

>> Narrator: From theCUBE studios in Palo Alto in Boston, connecting with thought leaders all around the world. This is a CUBE conversation. >> As you know by now, Jeff Bezos, CEO of Amazon, is stepping aside from his CEO role and AWS CEO, Andy Jassy, is being promoted to head all of Amazon. Bezos, of course, is going to remain executive chairman. Now, 15 years ago, next month, Amazon launched it's simple storage service, which was the first modern cloud offering. And the man who wrote the business plan for AWS, was Andy Jassy, and he's navigated the meteoric rise and disruption that has seen AWS grow into a $45 billion company that draws off the vast majority of Amazon's operating profits. No one in the media has covered Jassy more intimately and closely than John Furrier, the founder of SiliconANGLE. And John joins us today to help us understand on theCUBE this move and what we can expect from Jassy in his new role, and importantly what it means for AWS. John, thanks for taking the time to speak with us. >> Hey, great day. Great to see you as always, we've done a lot of interviews together over the years and we're on our 11th year with theCUBE and SiliconANGLE. But I got to be excited too, that we're simulcasters on Clubhouse, which is kind of cool. Love Clubhouse but not since the, in December. It's awesome. It's like Cube radio. It's like, so this is a Cube talk. So we opened up a Clubhouse room while we're filming this. We'll do more live hits in studio and syndicate the Clubhouse and then take questions after. This is a huge digital transformation moment. I'm part of the digital transformation club on Clubhouse which has almost 5,000 followers at the moment and also has like 500 members. So if you're not on Clubhouse, yet, if you have an iPhone go check it out and join the digital transformation club. Android users you'll have to wait until that app is done but it's really a great club. And Jeremiah Owyang is also doing a lot of stuff on digital transformation. >> Or you can just buy an iPhone and get in. >> Yeah, that's what people are doing. I can see all the influences are on there but to me, the digital transformation, it's always been kind of a cliche, the consumerization of IT, information technology. This has been the boring world of the enterprise over the past, 20 years ago. Enterprise right now is super hot because there's no distinction between enterprise and society. And that's clearly the, because of the rise of cloud computing and the rise of Amazon Web Services which was a side project at AWS, at Amazon that Andy Jassy did. And it wasn't really pleasant at the beginning. It was failed. It failed a lot and it wasn't as successful as people thought in the early days. And I have a lot of stories with Andy that he told me a lot of the inside baseball and we'll share that here today. But we started covering Amazon since the beginning. I was as an entrepreneur. I used it when it came out and a huge fan of them as a company because they just got a superior product and they have always had been but it was very misunderstood from the beginning. And now everyone's calling it the most important thing. And Andy now is becoming Andy Jassy, the most important executive in the world. >> So let's get it to the, I mean, look at, you said to me over holidays, you thought this might have something like this could happen. And you said, Jassy is probably in line to get this. So, tell us, what can you tell us about Jassy? Why is he qualified for this job? What do you think he brings to the table? >> Well, the thing that I know about Amazon everyone's been following the Amazon news is, Jeff Bezos has a lot of personal turmoil. They had his marriage fail. They had some issues with the smear campaigns and all this stuff going on, the run-ins with Donald Trump, he bought the Washington post. He's got a lot of other endeavors outside of Amazon cause he's the second richest man in the world competing with Elon Musk at Space X versus Blue Origin. So the guy's a billionaire. So Amazon is his baby and he's been running it as best he could. He's got an executive team committee they called the S team. He's been grooming people in the company and that's just been his mode. And the rise of AWS and the business performance that we've been documenting on SiliconANGLE and theCUBE, it's just been absolutely changing the game on Amazon as a company. So clearly Amazon Web Services become a driving force of the new Amazon that's emerging. And obviously they've got all their retail business and they got the gaming challenges and they got the studios and the other diversified stuff. So Jassy is just, he's just one of those guys. He's just been an Amazonian from day one. He came out of Harvard business school, drove across the country, very similar story to Jeff Bezos. He did that in 1997 and him and Jeff had been collaborating and Jeff tapped him to be his shadow, they call it, which is basically technical assistance and an heir apparent and groomed him. And then that's how it is. Jassy is not a climber as they call it in corporate America. He's not a person who is looking for a political gain. He's not a territory taker, but he's a micromanager. He loves details and he likes to create customer value. And that's his focus. So he's not a grandstander. In fact, he's been very low profile. Early days when we started meeting with him, he wouldn't meet with press regularly because they weren't writing the right stories. And everyone is, he didn't know he was misunderstood. So that's classic Amazon. >> So, he gave us the time, I think it was 2014 or 15 and he told us a story back then, John, you might want to share it as to how AWS got started. Why, what was the main spring Amazon's tech wasn't working that great? And Bezos said to Jassy, going to go figure out why and maybe explain how AWS was born. >> Yeah, we had, in fact, we were the first ones to get access to do his first public profile. If you go to the Google and search Andy Jassy, the trillion dollar baby, we had a post, we put out the story of AWS, Andy Jassy's trillion dollar baby. This was in early, this was January 2015, six years ago. And, we back then, we posited that this would be a trillion dollar total addressable market. Okay, people thought we were crazy but we wrote a story and he gave us a very intimate access. We did a full drill down on him and the person, the story of Amazon and that laid out essentially the beginning of the rise of AWS and Andy Jassy. So that's a good story to check out but really the key here is, is that he's always been relentless and competitive on creating value in what they call raising the bar outside Amazon. That's a term that they use. They also have another leadership principle called working backwards, which is like, go to the customer and work backwards from the customer in a very Steve Job's kind of way. And that's been kind of Jobs mentality as well at Apple that made them successful work backwards from the customer and make things easier. And that was Apple. Amazon, their philosophy was work backwards from the customer and Jassy specifically would say it many times and eliminate the undifferentiated heavy lifting. That was a key principle of what they were doing. So that was a key thesis of their entire business model. And that's the Amazonian way. Faster, cheaper, ship it faster, make it less expensive and higher value. While when you apply the Amazon shipping concept to cloud computing, it was completely disrupted. They were shipping code and services faster and that became their innovation strategy. More announcements every year, they out announced their competition by huge margin. They introduced new services faster and they're less expensive some say, but in the aggregate, they make more money but that's kind of a key thing. >> Well, when you, I was been listening to the TV today and there was a debate on whether or not, this support tends that they'll actually split the company into two. To me, I think it's just the opposite. I think it's less likely. I mean, if you think about Amazon getting into grocery or healthcare, eventually financial services or other industries and the IOT opportunity to me, what they do, John, is they bring in together the cloud, data and AI and they go attack these new industries. I would think Jassy of all people would want to keep this thing together now whether or not the government allows them to do that. But what are your thoughts? I mean, you've asked Andy this before in your personal interviews about splitting the company. What are your thoughts? >> Well, Jon Fortt at CNBC always asked the same question every year. It's almost like the standard question. I kind of laugh and I ask it now too because I liked Jon Fortt. I think he's an awesome dude. And I'll, it's just a tongue in cheek, Jassy. He won't answer the question. Amazon, Bezos and Jassy have one thing in common. They're really good at not answering questions. So if you ask the same question. They'll just say, nothing's ever, never say never, that's his classic answer to everything. Never say never. And he's always said that to you. (chuckles) Some say, he's, flip-flopped on things but he's really customer driven. For example, he said at one point, no one should ever build a data center. Okay, that was a principle. And then they come out and they have now a hybrid strategy. And I called them out on that and said, hey, what, are you flip-flopping? You said at some point, no one should have a data center. He's like, well, we looked at it differently and what we meant was is that, it should all be cloud native. Okay. So that's kind of revision, but he's cool with that. He says, hey, we'll revise based on what customers are doing. VMware working with Amazon that no one ever thought that would happen. Okay. So, VMware has some techies, Raghu, for instance, over there, super top notch. He worked with Jassy, directly in his team Sanjay Poonen when they went to business school together, they cut a deal. And now Amazon essentially saved VMware, in my opinion. And Pat Gelsinger drove that deal. Now, Pat Gelsinger, CEO, Intel, and Pat told me that directly in candid conversation off theCUBE, he said, hey, we have to make a decision either we're going to be in cloud or we're not going to be in cloud, we will partner. And I'll see, he was Intel. He understood the Intel inside mentality. So that's good for VMware. So Jassy does these kinds of deals. He's not afraid he's got a good stomach for business and a relentless competitor. >> So, how do you think as you mentioned Jassy is a micromanager. He gets deep into the technology. Anybody who's seen his two hour, three hour keynotes. No, he has a really fine grasp of the technology across the entire stack. How do you think John, he will approach things like antitrust, the big tech lash of the unionization of the workforce at Amazon? How do you think Jassy will approach that? >> Well, I think one of the things that emerges Jassy, first of all, he's a huge sports fan. And many people don't know that but he's also progressive person. He's very progressive politically. He's been on the record and off the record saying things like, obviously, literacy has been big on, he's been on basically unrepresented minorities, pushing for that, and certainly cloud computing in tech, women in tech, he's been a big proponent. He's been a big supporter of Teresa Carlson. Who's been rising star at Amazon. People don't know who Teresa Carlson is and they should check out her. She's become one of the biggest leaders inside Amazon she's turned around public sector from the beginning. She ran that business, she's a global star. He's been a great leader and he's been getting, forget he's a micromanager, he's on top of the details. I mean, the word is, and nothing gets approved without Andy, Andy seeing it. But he's been progressive. He's been an Amazon original as they call it internally. He's progressive, he's got the business acumen but he's perfect for this pragmatic conversation that needs to happen. And again, because he's so technically strong having a CEO that's that proficient is going to give Amazon an advantage when they have to go in and change how DC works, for instance, or how the government geopolitical landscape works, because Amazon is now a global company with regions all over the place. So, I think he's pragmatic, he's open to listening and changing. I think that's a huge quality >> Well, when you think of this, just to set the context here for those who may not know, I mean, Amazon started as I said back in 2006 in March with simple storage service that later that year they announced EC2 which is their compute platform. And that was the majority of their business, is still a very large portion of their business but Amazon, our estimates are that in 2020, Amazon did 45 billion, 45.4 billion in revenue. That's actually an Amazon reported number. And just to give you a context, Azure about 26 billion GCP, Google about 6 billion. So you're talking about an industry that Amazon created. That's now $78 billion and Amazon at 45 billion. John they're growing at 30% annually. So it's just a massive growth engine. And then another story Jassy told us, is they, he and Jeff and the team talked early on about whether or not they should just sort of do an experiment, do a little POC, dip their toe in and they decided to go for it. Let's go big or go home as Michael Dell has said to us many times, I mean, pretty astounding. >> Yeah. One of the things about Jassy that people should know about, I think there's some compelling relative to the newest ascension to the CEO of Amazon, is that he's not afraid to do new things. For instance, I'll give you an example. The Amazon Web Services re-invent their annual conference grew to being thousands and thousands of people. And they would have a traditional after party. They called a replay, they'd have a band like every tech conference and their conference became so big that essentially, it was like setting up a live concert. So they were spending millions of dollars to set up basically a one night concert and they'd bring in great, great artists. So he said, hey, what's been all this cash? Why don't we just have a festival? So they did a thing called Intersect. They got LA involved from creatives and they basically built a weekend festival in the back end of re-invent. This was when real life was, before COVID and they turned into an opportunity because that's the way they think. They like to look at the resources, hey, we're already all in on this, why don't we just keep it for the weekend and charge some tickets and have a good time. He's not afraid to take chances on the product side. He'll go in and take a chance on a new market. That comes from directly from Bezos. They try stuff. They don't mind failing but they put a tight leash on measurement. They work backwards from the customer and they are not afraid to take chances. So, that's going to board well for him as he tries to figure out how Amazon navigates the contention on the political side when they get challenged for their dominance. And I think he's going to have to apply that pragmatic experimentation to new business models. >> So John I want you to take on AWS. I mean, despite the large numbers, I talked about 30% growth, Azure is growing at over 50% a year, GCP at 83%. So despite the large numbers and big growth the growth rates are slowing. Everybody knows that, we've reported it extensively. So the incoming CEO of Amazon Web Services has a TAM expansion challenge. And at some point they've got to decide, okay, how do we keep this growth engine? So, do you have any thoughts as to who might be the next CEO and what are some of their challenges as you see it? >> Well, Amazon is a real product centric company. So it's going to be very interesting to see who they go with here. Obviously they've been grooming a lot of people. There's been some turnover. You had some really strong executives recently leave, Jeff Wilkes, who was the CEO of the retail business. He retired a couple of months ago, formerly announced I think recently, he was probably in line. You had Mike Clayville, is now the chief revenue officer of Stripe. He ran all commercial business, Teresa Carlson stepped up to his role as well as running public sector. Again, she got more power. You have Matt Garman who ran the EC2 business, Stanford grad, great guy, super strong on the product side. He's now running all commercial sales and marketing. And he's also on the, was on Bezos' S team, that's the executive kind of team. Peter DeSantis is also on that S team. He runs all infrastructure. He took over for James Hamilton, who was the genius behind all the data center work that they've done and all the chip design stuff that they've innovated on. So there's so much technical innovation going on. I think you still going to see a leadership probably come from, I would say Matt Garman, in my opinion is the lead dog at this point, he's the lead horse. You could have an outside person come in depending upon how, who might be available. And that would probably come from an Andy Jassy network because he's a real fierce competitor but he's also a loyalist and he likes trust. So if someone comes in from the outside, it's going to be someone maybe he trusts. And then the other wildcards are like Teresa Carlson. Like I said, she is a great woman in tech who's done amazing work. I've profiled her many times. We've interviewed her many times. She took that public sector business with Amazon and changed the game completely. Outside the Jedi contract, she was in competitive for, had the big Trump showdown with the Jedi, with the department of defense. Had the CIA cloud. Amazon set the standard on public sector and that's directly the result of Teresa Carlson. But she's in the field, she's not a product person, she's kind of running that group. So Amazon has that product field kind of structure. So we'll see how they handle that. But those are the top three I think are going to be in line. >> So the obvious question that people always ask and it is a big change like this is, okay, in this case, what is Jassy going to bring in? And what's going to change? Maybe the flip side question is somewhat more interesting. What's not going to change in your view? Jassy has been there since nearly the beginning. What are some of the fundamental tenets that he's, that are fossilized, that won't change, do you think? >> I think he's, I think what's not going to change is Amazon, is going to continue to grow and develop their platform business and enable more SaaS players. That's a little bit different than what Microsoft's doing. They're more SaaS oriented, Office 365 is becoming their biggest application in terms of revenue on Microsoft side. So Amazon is going to still have to compete and enable more ecosystem partners. I think what's not going to change is that Bezos is still going to be in charge because executive chairman is just a code word for "not an active CEO." So in the corporate governance world when you have an executive chairman, that's essentially the person still in charge. And so he'll be in charge, will still be the boss of Andy Jassy and Jassy will be running all of Amazon. So I think that's going to be a little bit the same, but Jassy is going to be more in charge. I think you'll see a team change over, whether you're going to see some new management come in, Andy's management team will expand, I think Amazon will stay the same, Amazon Web Services. >> So John, last night, I was just making some notes about notable transitions in the history of the tech business, Gerstner to Palmisano, Gates to Ballmer, and then Ballmer to Nadella. One that you were close to, David Packard to John Young and then John Young to Lew Platt at the old company. Ellison to Safra and Mark, Jobs to Cook. We talked about Larry Page to Sundar Pichai. So how do you see this? And you've talked to, I remember when you interviewed John Chambers, he said, there is no rite of passage, East coast mini-computer companies, Edson de Castro, Ken Olsen, An Wang. These were executives who wouldn't let go. So it's of interesting to juxtapose that with the modern day executive. How do you see this fitting in to some of those epic transitions that I just mentioned? >> I think a lot of people are surprised at Jeff Bezos', even stepping down. I think he's just been such the face of Amazon. I think some of the poll numbers that people are doing on Twitter, people don't think it's going to make a big difference because he's kind of been that, leader hand on the wheel, but it's been its own ship now, kind of. And so depending on who's at the helm, it will be different. I think the Amazon choice of Andy wasn't obvious. And I think a lot of people were asking the question who was Andy Jassy and that's why we're doing this. And we're going to be doing more features on the Andy Jassy. We got a tons, tons of content that we've we've had shipped, original content with them. We'll share more of those key soundbites and who he is. I think a lot of people scratching their head like, why Andy Jassy? It's not obvious to the outsiders who don't know cloud computing. If you're in the competing business, in the digital transformation side, everyone knows about Amazon Web Services. Has been the most successful company, in my opinion, since I could remember at many levels just the way they've completely dominated the business and how they change others to be dominant. So, I mean, they've made Microsoft change, it made Google change and even then he's a leader that accepts conversations. Other companies, their CEOs hide behind their PR wall and they don't talk to people. They won't come on Clubhouse. They won't talk to the press. They hide behind their PR and they feed them, the media. Jassy is not afraid to talk to reporters. He's not afraid to talk to people, but he doesn't like people who don't know what they're talking about. So he doesn't suffer fools. So, you got to have your shit together to talk to Jassy. That's really the way it is. And that's, and he'll give you mind share, like he'll answer any question except for the ones that are too tough for him to answer. Like, are you, is facial recognition bad or good? Are you going to spin out AWS? I mean these are the hard questions and he's got a great team. He's got Jay Carney, former Obama press secretary working for him. He's been a great leader. So I'm really bullish on, is a good choice. >> We're going to jump into the Clubhouse here and open it up shortly. John, the last question for you is competition. Amazon as a company and even Jassy specifically I always talk about how they don't really focus on the competition, they focus on the customer but we know that just observing these folks Bezos is very competitive individual. Jassy, I mean, you know him better than I, very competitive individual. So, and he's, Jassy has been known to call out Oracle. Of course it was in response to Larry Ellison's jabs at Amazon regarding database. But, but how do you see that? Do you see that changing at all? I mean, will Amazon get more publicly competitive or they stick to their knitting, you think? >> You know this is going to sound kind of a weird analogy. And I know there's a lot of hero worshiping on Elon Musk but Elon Musk and Andy Jassy have a lot of similarities in the sense of their brilliance. They got both a brilliant people, different kinds of backgrounds. Obviously, they're running different things. They both are builders, right? If you were listening to Elon Musk on Clubhouse the other night, what was really striking was not only the magic of how it was all orchestrated and what he did and how he interviewed Robin Hood. He basically is about building stuff. And he was asked questions like, what advice do you give startups? He's like, if you need advice you shouldn't be doing startups. That's the kind of mentality that Jassy has, which is, it's not easy. It's not for the faint of heart, but Elon Musk is a builder. Jassy builds, he likes to build stuff, right? And so you look at all the things that he's done with AWS, it's been about enabling people to be successful with the tools that they need, adding more services, creating things that are lower price point. If you're an entrepreneur and you're over the age of 30, you know about AWS because you know what, it's cheaper to start a business on Amazon Web Services than buying servers and everyone knows that. If you're under the age of 25, you might not know 50 grand to a hundred thousand just to start something. Today you get your credit card down, you're up and running and you can get Clubhouses up and running all day long. So the next Clubhouse will be on Amazon or a cloud technology. And that's because of Andy Jassy right? So this is a significant executive and he continue, will bring that mindset of building. So, I think the digital transformation, we're in the digital engine club, we're going to see a complete revolution of a new generation. And I think having a new leader like Andy Jassy will enable in my opinion next generation talent, whether that's media and technology convergence, media technology and art convergence and the fact that he digs music, he digs sports, he digs tech, he digs media, it's going to be very interesting to see, I think he's well-poised to be, and he's soft-spoken, he doesn't want the glamorous press. He doesn't want the puff pieces. He just wants to do what he does and he puts his game do the talking. >> Talking about advice at startups. Just a quick aside. I remember, John, you and I when we were interviewing Scott McNealy former CEO of Sun Microsystems. And you asked him advice for startups. He said, move out of California. It's kind of tongue in cheek. I heard this morning that there's a proposal to tax the multi-billionaires of 1% annually not just the one-time tax. And so Jeff Bezos of course, has a ranch in Texas, no tax there, but places all over. >> You see I don't know. >> But I don't see Amazon leaving Seattle anytime soon, nor Jassy. >> Jeremiah Owyang did a Clubhouse on California. And the basic sentiment is that, it's California is not going away. I mean, come on. People got to just get real. I think it's a fad. Yeah. This has benefits with remote working, no doubt, but people will stay here in California, the network affects beautiful. I think Silicon Valley is going to continue to be relevant. It's just going to syndicate differently. And I think other hubs like Seattle and around the world will be integrated through remote work and I think it's going to be much more of a democratizing effect, not a win lose. So that to me is a huge shift. And look at Amazon, look at Amazon and Microsoft. It's the cloud cities, so people call Seattle. You've got Google down here and they're making waves but still, all good stuff. >> Well John, thanks so much. Let's let's wrap and let's jump into the Clubhouse and hear from others. Thanks so much for coming on, back on theCUBE. And many times we, you and I've done this really. It was a pleasure having you. Thanks for your perspectives. And thank you for watching everybody, this is Dave Vellante for theCUBE. We'll see you next time. (soft ambient music)

>>From around the globe. It's the cube with digital coverage, a BizOps manifesto unveiled brought to you by biz ops coalition. >>Hey, welcome back everybody. Jeff Frick here with the cube. Welcome back to our ongoing coverage of the biz ops manifesto. Unveil. Something has been in the works for a little while. Today's the formal unveiling, and we're excited to have three of the core of founding members of the manifesto authors of the manifesto. If you will, uh, joining us again, we've had them all on individually. Now we're going to have a great power panel first up. We're gab Mitt, Kirsten returning he's the founder and CEO of Tasktop mic. Good to see you again. Where are you dialing in from? >>Great to see you again, Jeff I'm dialing from Vancouver, >>We're Canada, Vancouver, Canada. One of my favorite cities in the whole wide world. Also we've got Tom Davenport come in from across the country. He's a distinguished professor and author from Babson college, Tom. Great to see you. And I think you said you're at a fun, exotic place on the East coast >>Realm of Memphis shoe sits on Cape Cod. >>Great to see you again and also joining surge Lucio. He is the VP and general manager enterprise software division at Broadcom surge. Great to see you again, where are you coming in from? >>Uh, from Boston right next to kickoff. >>Terrific. So welcome back, everybody again. Congratulations on this day. I know it's, it's been a lot of work to get here for this unveil, but let's just jump into it. The biz ops manifesto, what was the initial reason to do this? And how did you decide to do it in a kind of a coalition, a way bringing together a group of people versus just making it an internal company, uh, initiative that, you know, you can do better stuff within your own company, surge, why don't we start with you? >>Yeah, so, so I think we were at a really critical juncture, right? Many, um, large enterprises are basically struggling with their digital transformation. Um, in fact, um, many recognize that, uh, the, the business side, it collaboration has been, uh, one of the major impediments, uh, to drive that kind of transformation. And if we look at the industry today, many people are, whether we're talking about vendors or, um, you know, system integrators, consulting firms are talking about the same kind of concepts, but using very different language. And so we believe that bringing all these different players together, um, as part of the coalition and formalizing, uh, basically the core principles and values in a BizOps manifesto, we can really start to F could have a much bigger movement where we can all talk about kind of the same concepts and we can really start to provide, could have a much better support for large organizations to transform. Uh, so whether it is technology or services or, um, we're training, I think that that's really the value of bringing all of these players together, right. >>And Nick to you, why did you get involved in this, in this effort? >>So Ben close and follow the agile movement since it started two decades ago with that manifesto. >>And I think we got a lot of improvement at the team level, and I think as satisfies noted, uh, we really need to improve at the business level. Every company is trying to become a software innovator, uh, trying to make sure that they can adapt quickly and the changing market economy and what everyone's dealing with in terms of needing to deliver the customer sooner. However, agile practices have really focused on these metrics, these measures and understanding processes that help teams be productive. Those things now need to be elevated to the business as a whole. And that just hasn't happened. Uh, organizations are actually failing because they're measuring activities and how they're becoming more agile, how teams are functioning, not how much quickly they're delivering value to the customer. So we need to now move past that. And that's exactly what the that's manifested provides. Right, >>Right, right. And Tom, to you, you've been covering tech for a very long time. You've been looking at really hard challenges and a lot of work around analytics and data and data evolution. So there's a definitely a data angle here. I wonder if you could kind of share your perspective of what you got excited to, uh, to sign onto this manifesto. >>Sure. Well, I have, you know, for the past 15 or 20 years, I've been focusing on data and analytics and AI, but before that I was a process management guy and a knowledge management guy. And in general, I think, you know, we've just kind of optimized that to narrow a level, whether you're talking about agile or dev ops or ML ops, any of these kinds of ops oriented movements, we're making individual project, um, performance and productivity better, but we're not changing the business, uh, effectively enough. And that's the thing that appealed to me about the biz ops idea that we're finally creating a closer connection between what we do with technology and how it changes the business and provides value to it. >>Great. Uh, surge back to you, right? I mean, people have been talking about digital transformation for a long time and it's been, you know, kind of trucking along and then covert hit and it was instant lights, which everyone's working from home. You've got a lot more reliance on your digital tools, digital communication, uh, both within your customer base and your partner base, but also then your employees when you're, if you could share how that really pushed this all along. Right? Because now suddenly the acceleration of digital transformation is higher. Even more importantly, you got much more critical decisions to make into what you do next. So kind of your portfolio management of projects has been elevated significantly when maybe revenues are down, uh, and you really have to, uh, to prioritize and get it right. >>Yeah. Maybe I'll just start by quoting Satina Nello basically recently said that they're speeding the two years of digital preservation just last two months in any many ways. That's true. Um, but, but yet when we look at large enterprises, they're >>Still struggling with the kind of a changes in culture that they really need to drive to be able to disrupt themselves. And not surprisingly, you know, when we look at certain parts of the industry, you know, we see some things which are very disturbing, right? So about 40% of the personal loans today, or being, uh, origin data it's by fintechs, uh, of a like of Sophie or, uh, or a lending club, right? Not to a traditional brick and mortar for BEC. And so the, well, there is kind of a much more of an appetite and it's a, it's more of a survival type of driver these days. Uh, the reality is that's in order for these large enterprises to truly transform and engage with this digital transformation, they need to start to really align the business. And it, you know, in many ways, uh, make covered that agile really emerged from the core desire to truly improve software predictability between which we've really missed is all that we, we start to aligning the software predictability to business predictability and to be able to have continual sleep continuous improvement and measurement of business outcomes. So by aligning kind of these, uh, kind of inward metrics, that's, it is typically being using to business outcomes. We think we can start to really ELP different stakeholders within the organization to collaborate. So I think there is more than ever. There's an imperative to act now. Um, and, and resolves, I think is kind of the right approach to drive that transformation. Right. >>I want to follow up on the culture comment, uh, with Utah, because you've talked before about kind of process flow and process flow throughout a whore and an organization. And, you know, we talk about people process and tech all the time. And I think the tech is the easy part compared to actually changing the people the way they think. And then the actual processes that they put in place. It's a much more difficult issue than just the tech issue to get this digital transformation in your organization. >>Yeah. You know, I've always found that the soft stuff about, you know, the culture of the behavior, the values is the hard stuff to change and more and more, we, we realized that to be successful with any kind of digital transformation you have to change people's behaviors and attitudes. Um, we haven't made as much progress in that area as we might have. I mean, I've done some surveys suggesting that, um, most organizations still don't have data-driven cultures. And in many cases there is a lower percentage of companies that say they have that then, um, did a few years ago. So we're kind of moving in the wrong direction, which means I think that we have to start explicitly addressing that, um, cultural, behavioral dimension and not just assuming that it will happen if we, if we build a system, >>If we build it, they won't necessarily come. Right. >>Right. So I want to go to, to you Nick cause you know, we're talking about workflows and flow, um, and, and you've written about flow both in terms of, um, you know, moving things along a process and trying to find bottlenecks, identify bottlenecks, which is now even more important again, when these decisions are much more critical. Cause you have a lot less, uh, wiggle room in tough times, but you also talked about flow from the culture side and the people side. So I wonder if you can just share your thoughts on, you know, using flow as a way to think about things, to get the answers better. >>Yeah, absolutely. And I'll refer back to what Tom has said. If you're optimized, you need to optimize your system. You need to optimize how you innovate and how you deliver value to the business and the customer. Now, what we've noticed in the data, since that we've learned from customers, value streams, enterprise organizations, value streams, is that when it's taking six months at the end to deliver that value with the flow is that slow. You've got a bunch of unhappy developers, unhappy customers when you're innovating house. So high performing organizations we can measure at antenna flow time and dates. All of a sudden that feedback loop, the satisfaction, your developers measurably, it goes up. So not only do you have people context, switching glass, you're delivering so much more value to customers at a lower cost because you've optimized for flow rather than optimizing for these, these other approximate tricks that we use, which is how efficient is my adult team. How quickly can we deploy software? Those are important, but they do not provide the value of agility of fast learning of adaptability to the business. And that's exactly what the biz ops manifesto pushes your organization to do. You need to put in place this new operating model that's based on flow on the delivery of business value and on bringing value to market much more quickly than you were before. Right. >>I love that. And I'm gonna back to you Tom, on that to follow up. Cause I think, I don't think people think enough about how they prioritize what they're optimizing for, because you know, if you're optimizing for a versus B, you know, you can have a very different product that, that you kick out. And, you know, my favorite example is with Clayton Christianson and innovator's dilemma talking about the three inch hard drive, if you optimize it for power, you know, is one thing, if you optimize it for vibration is another thing and sure enough, you know, they missed it on the poem because it was the, it was the game console, which, which drove that whole business. So when you're talking to customers and we think we hear it with cloud all the time, people optimizing for a cost efficiency, instead of thinking about it as an innovation tool, how do you help them kind of rethink and really, you know, force them to, to look at the, at the prioritization and make sure they're prioritizing on the right thing is make just that, what are you optimizing for? >>Oh yeah. Um, you have one of the most important aspects of any decision or attempt to resolve a problem in an organization is the framing process. And, um, you know, it's, it's a difficult aspect to have the decision to confirm it correctly in the first place. Um, there, it's not a technology issue. In many cases, it's largely a human issue, but if you frame >>That decision or that problem incorrectly to narrowly say, or you frame it as an either or situation where you could actually have some of both, um, it, it's very difficult for the, um, process to work out correctly. So in many cases, I think we need to think more at the beginning about how we bring this issue or this decision in the best way possible before we charge off and build a system to support it. You know, um, it's worth that extra time to think, think carefully about how the decision has been structured. Right, >>Sir, I want to go back to you and talk about the human factors because as we just discussed, you can put it in great technology, but if the culture doesn't adopt it and people don't feel good about it, you know, it's not going to be successful and that's going to reflect poorly on the technology, even if that had nothing to do with it. And you know, when you look at the, the, the, the core values, uh, of the Bezos manifesto, you know, a big one is trust and collaboration, you know, learn, respond, and pivot. Wonder if you can share your thoughts on, on trying to get that cultural shift, uh, so that you can have success with the people, or excuse me, with the technology in the process and helping customers, you know, take this more trustworthy and kind of proactive, uh, position. >>So I think, I think at the ground level, it truly starts with the realization that we're all different. We come from different backgrounds. Uh, oftentimes we tend to blame the data. It's not uncommon my experiments that we spend the first 30 minutes of any kind of one hour conversation to debate the validity of the data. Um, and so, um, one of the first kind of, uh, probably manifestations that we've had or revelations as we start to engage with our customers is spoke just exposing, uh, high-fidelity data sets to different stakeholders from their different lens. We start to enable these different stakeholders to not debate the data. That's really collaborate to find a solution. So in many ways, when, when, when we think about kind of the types of changes we're trying to, to truly affect around data driven decision making, he told about bringing the data in context and the context that is relevant and understandable for, for different stakeholders, whether we're talking about an operator or develop for a business analyst. >>So that's, that's the first thing. The second layer I think, is really to provide context to what people are doing in their specific silo. And so I think one of the best examples I have is if you start to be able to align business KPI, whether you are counting, you know, sales per hour, or the engagements of your users on your mobile applications, whatever it is, you can start to connect that PKI to business KPI, to the KPIs that developers might be looking at, whether it is all the number of defects or velocity or whatever over your metrics that you're used to, to actually track you start to be able to actually contextualize in what we are, the effecting, basically a metric of that that is really relevant. And then what we see is that this is a much more systematic way to approach the transformation than say, you know, some organizations kind of creating some of these new products or services or initiatives, um, to, to drive engagements, right? >>So if you look at zoom, for instance, zoom giving away a it service to, uh, to education, he's all about, I mean, there's obviously a marketing aspect in there, but it's, it's fundamentally about trying to drive also the engagement of their own teams. And because now they're doing something for good and many organizations are trying to do that, but you only can do this kind of things in the limited way. And so you really want to start to rethink how you connect to, everybody's kind of a business objective fruit data, and now you start to get people to stare at the same data from their own lens and collaborate on all the data. Right, >>Right. That's a good, uh, Tom, I want to go back to you. You've been studying it for a long time, writing lots of books and getting into it. Um, why now, you know, what, why, why now are we finally aligning business objectives with, with it objectives? You know, why didn't this happen before? And, you know, what are the factors that are making now the time for this, this, this move with the, uh, with the biz ops? >>Well, and much of a past, it was sort of a back office related activity. And, you know, it was important for, um, uh, producing your paychecks and, uh, capturing the customer orders, but the business wasn't built around it now, every organization needs to be a software business, a data business, a digital business, the auntie has been raised considerably. And if you aren't making that connection between your business objectives and the technology that supports it, you run a pretty big risk of, you know, going out of business or losing out to competitors. Totally. So, um, and even if you're in, uh, an industry that hasn't historically been terribly, um, technology oriented customer expectations flow from, uh, you know, the digital native, um, companies that they work with to basically every industry. So you're compared against the best in the world. So we don't really have the luxury anymore of screwing up our it projects or building things that don't really work for the business. Um, it's mission critical that we do that well. Um, almost every time, I just want to fall by that, Tom, >>In terms of the, you've talked extensively about kind of these evolutions of data and analytics from artismal stage to the big data stage, the data economy stage, the AI driven stage and what I find diff interesting that all those stages, you always put a start date, you never put an end date. Um, so you know, is the, is the big data I'm just going to use that generically a moment in time finally here where we're, you know, off mahogany row with the data scientists, but actually can start to see the promise of delivering the right insight to the right person at the right time to make that decision. >>Well, I think it is true that in general, these previous stages never seemed to go away. The, um, the artisinal stuff is still being done, but we would like for less and less of it to be artisinal, we can't really afford for everything to be artisinal anymore. It's too labor and, and time consuming to do things that way. So we shift more and more of it to be done through automation and B to be done with a higher level of productivity. And, um, you know, at some point maybe we reached the stage where we don't do anything artisanally anymore. I'm not sure we're there yet, but we are, we are making progress. Right. >>Right. And Mick, back to you in terms of looking at agile, cause you're, you're such a student of agile. When, when you look at the opportunity with biz ops and taking the lessons from agile, you know, what's been the inhibitor to stop this in the past. And what are you so excited about? You know, taking this approach will enable. >>Yeah. I think both search and Tom hit on this is that in agile what's happened is that we've been measuring tiny subsets of the value stream, right? We need to elevate the data's there. Developers are working on these tools that delivering features that the foundations for for great culture are there. I spent two decades as a developer. And when I was really happy is when I was able to deliver value to customers, the quicker I was able to do that the fewer impediments are in my way, that quicker was deployed and running in the cloud, the happier I was, and that's exactly what's happening. If we can just get the right data, uh, elevated to the business, not just to the agile teams, but really this, these values of ours are to make sure that you've got these data driven decisions with meaningful data that's oriented around delivering value to customers. Not only these legacies that Tom touched on, which has cost center metrics. So when, from where for it being a cost center and something that provided email and then back office systems. So we need to rapidly shift to those new, meaningful metrics that are customized business centric and make sure that every development the organization is focused on those as well as the business itself, that we're measuring value. And that will help you that value flow without interruptions. >>I love that mic. Cause if you don't measure it, you can't improve on it and you gotta, but you gotta be measuring the right thing. So gentlemen, uh, thank you again for, for your time. Uh, congratulations on the, uh, on the unveil of the biz ops manifesto and bringing together this coalition, uh, of, of, uh, industry experts to get behind this. And, you know, there's probably never been a more important time than now to make sure that your prioritization is in the right spot and you're not wasting resources where you're not going to get the ROI. So, uh, congratulations again. And thank you for sharing your thoughts with us here on the cube. >>Thank you. >>Alright, so we had surge Tom and Mick I'm. Jeff, you're watching the cube. It's a biz ops manifesto unveil. Thanks for watching. We'll see you next time >>From around the globe. It's the cube with digital coverage of biz ops manifesto unveiled brought to you by biz ops coalition. >>Hey, welcome back. Variety. Jeff Frick here with the cube. We're in our Palo Alto studios, and we'd like to welcome you back to our continuing coverage of biz ops manifesto unveil some exciting day to really, uh, kind of bring this out into public. There's been a little bit of conversation, but today's really the official unveiling and we're excited to have our next guest is share a little bit more information on it. He's Patrick tickle. He's a chief product officer for planned view. Patrick. Great to see you. >>Yeah, it's great to be here. Thanks for the invite. So why >>The biz ops manifesto, why the biz ops coalition now when you guys have been at it, it's relatively mature marketplace businesses. Good. What was missing? Why, why this, why this coalition? >>Yeah. So, you know, again, why is, why is biz ops important and why is this something that I'm, you know, I'm so excited about, but I think companies as well, right? Well, no, in some ways or another, this is a topic that I've been talking to the market and our customers about for a long time. And it's, you know, I really applaud this whole movement. Right. And, um, it resonates with me because I think one of the fundamental flaws, frankly, of the way we have talked about technology and business literally for decades, uh, has been this idea of, uh, alignment. Those who know me, I occasionally get off on this little rant about the word alignment, right. But to me, the word alignment is, is actually indicative of the, of the, of the flaw in a lot of our organizations and biz ops is really, I think now trying to catalyze and expose that flaw. >>Right. Because, you know, I always say that, you know, you know, alignment implies silos, right. Instantaneously, as soon as you say there's alignment, there's, there's obviously somebody who's got a direction and other people that have to line up and that kind of siloed, uh, nature of organizations then frankly, the passive nature of it. Right. I think so many technology organizations are like, look, the business has the strategy you guys need to align. Right. And, and, you know, as a product leader, right. That's where I've been my whole career. Right. I can tell you that I never sit around. I almost never use the word alignment. Right. I mean, whether, you know, I never sit down and say, you know, the product management team has to get aligned with dev, right. Or the dev team has to get aligned with the delivery and ops teams. I mean, what I say is, you know, are we on strategy, right? >>Like we've, we have a strategy as a, as a full end to end value stream. Right. And that there's no silos. And I mean, look, every on any given day we got to get better. Right. But the context, the context we operate is not about alignment. Right. It's about being on strategy. And I think I've talked to customers a lot about that, but when I first read the manifesto, I was like, Oh yeah, this is exactly. This is breaking down. Maybe trying to eliminate the word alignment, you know, from a lot of our organizations, because we literally start thinking about one strategy and how we go from strategy to delivery and have it be our strategy, not someone else's that we're all aligning to. And I, and it's a great way to catalyze that conversation that I've, it's been in my mind for years, to be honest. Right. >>So, so much to unpack there. One of the things obviously, uh, stealing a lot from, from dev ops and the dev ops manifesto from 20 years ago. And, and as I look through some of the principles and I looked through some of the values, which are, you know, really nicely laid out here, you know, satisfy customer, do continuous delivery, uh, measure, output against real results. Um, the ones that, that jumps out though is really about, you know, change, change, right? Requirements should change frequently. They do change frequently, but I'm curious to get your take from a, from a software development point, it's easy to kind of understand, right. We're making this widget and our competitors, beta widget plus X, and now we need to change our plans and make sure that the plus X gets added to the plan. Maybe it wasn't in the plan, but you talked a lot about product strategy. So in this kind of continuous delivery world, how does that meld with, I'm actually trying to set a strategy, which implies the direction for a little bit further out on the horizon and to stay on that while at the same time, you're kind of doing this real time continual adjustments because you're not working off a giant PRD or MRD anymore. >>Yeah, yeah, totally. Yeah. You know, one of the terms, you know, that we use internally a lot and even with my customers, our customers is we talk about this idea of rewiring, right. And I think, you know, it's kind of a, now an analogy for transformation. And I think a lot of us have to rewire the way we think about things. Right. And I think at Planview where we have a lot of customers who live in that, you know, who operationalize that traditional PPM world. Right. And are shifting to agile and transforming that rewire is super important. And, and to your point, right, it's, you've just, you've got to embrace this idea of, you know, just iterative getting better every day and iterating, iterating, iterating as opposed to building annual plans or, you know, I get customers occasionally who asked me for two or three year roadmap. >>Right. And I literally looked at them and I go, there's no, there's no scenario where I can build a two or three year roadmap. Right. You, you, you think you want that, but that's not, that's not the way we run. Right. And I will tell you the biggest thing that for us, you know, that I think is matched the planning, uh, you know, patents is a word I like to use a lot. So the thing that we've like, uh, that we've done from a planning perspective, I think is matched impedance to continuous delivery is instituting the whole program, implement, you know, the program, increment planning, capabilities, and methodologies, um, in the scaled agile world. Right. And over the last 18 months to two years, we really have now, you know, instrumented our company across three value streams. You know, we do quarterly PI program increment 10 week planning, you know, and that becomes, that becomes the Terra firma of how we plan. >>Right. And it's, what are we doing for the next 10 weeks? And we iterate within those 10 weeks, but we also know that 10 weeks from now, we're gonna, we're gonna adjust iterate again. Right. And that shifting of that planning model to, you know, to being as cross-functional is that as that big room planning kind of model is, um, and also, uh, you know, on that shorter increment, when you get those two things in place, also the impedance really starts to match up, uh, with continuous delivery and it changes, it changes the way you plan and it changes the way you work. Right? >>Yeah. Their thing. Right. So obviously a lot of these things are kind of process driven, both within the values, as well as the principles, but there's a whole lot, really about culture. And I just want to highlight a couple of the values, right? We already talked about business outcomes, um, trust and collaboration, uh, data driven decisions, and then learn, respond and pivot. Right. A lot of those are cultural as much as they are process. So again, is it the, is it the need to really kind of just put them down on paper and, you know, I can't help, but think of, you know, the hammer and up the, a, the thing in the Lutheran church with it, with their manifesto, is it just good to get it down on paper? Because when you read these things, you're like, well, of course we should trust people. And of course we need an environment of collaboration and of course we want data driven decisions, but as we all know saying it and living, it are two very, very different things. >>Yeah. Good question. I mean, I think there's a lot of ways to bring that to life you're right. And just hanging up, you know, I think we've all been through the hanging up posters around your office, which these days, right. Unless you're going to hang a poster in everybody's home office. Right. You can't even, you can't even fake it that you think that might work. Right. So, um, you know, you really, I think we've attacked that in a variety of ways. Right. And you definitely have to, you know, you've got to make the shift to a team centric culture, right. Empowered teams, you know, that's a big deal. Right. You know, a lot of, a lot of the people that, you know, we lived in a world of quote, unquote work. We lived in a deep resource management world for a long, long time, and right. >>A lot of our customers still do that, but, you know, kind of moving to that team centric world is, uh, is really important and core to the trust. Um, I think training is super important, right. I mean, we've, you know, we've internally, right. We've trained hundreds employees over the last a year and a half on the fundamentals really of safe. Right. Not necessarily, you know, we've had, we've had teams delivering in scrum and the continuous delivery for, you know, for years, but the scaling aspect of it, uh, is where we've done a lot of training investment. Um, and then, you know, I think a leadership has to be bought in. Right. You know? And so when we pie plan, you know, myself and Cameron and the other members of our leadership, you know, we're NPI planning, you know, for, for four days. Right. I mean, it's, it's, you've got to walk the walk, you know, from top to bottom and you've got to train on the context. Right. And then you, and then, and, and then once you get through a few cycles where you've done a pivot, right. Or you brought a new team in, and it just works, it becomes kind of this virtuous circle where he'll go, man, this really works so much better than what we used to do. Right. >>Right. The other really key principle to this whole thing is, is aligning, you know, the business leaders and the business prioritization, um, so that you can get to good outcomes with the development and the delivery. Right. And we know again, and kind of classic dev ops to get the dev and the production people together. So they can, you know, quickly ship code that works. Um, but adding the business person on there really puts, puts a little extra responsibility that they, they understand the value of a particular feature or particular priority. Uh, they, they can make the, the, the trade offs and that they kind of understand the effort involved too. So, you know, bringing them into this continuous again, kind of this continuous development process, um, to make sure that things are better aligned and really better prioritize. Cause ultimately, you know, we don't live in an infinite resources situation and people gotta make trade offs. They gotta make decisions as to what goes and what doesn't go in for everything that goes. Right. I always say you pick one thing. Okay. That's 99 other things that couldn't go. So it's really important to have, you know, this, you said alignment of the business priorities as well as, you know, the execution within, within the development. >>Yeah. I think that, you know, uh, you know, I think it was probably close to two years ago. Forester started talking about the age of the customer, right. That, that was like their big theme at the time. Right. And I think to me what that, the age of the customer actually translates to and Mick, Mick and I are both big fans of this whole idea of the project, the product shift, mixed book, you know, it was a great piece on a, you're talking to Mick, you know, as part of the manifesto is one of the authors as well, but this shift from project to product, right? Like the age of the customer, in my opinion, the, the, the embodiment of that is the shift to a product mentality. Right. And, and the product mentality in my opinion, is what brings the business and technology teams together, right? >>Once you, once you're focused on a customer experience, that's delivered through a product or a service that's when I that's, when I started to go with the alignment problem goes away, right. Because if you look at software companies, right, I mean, we run product management models, you know, with software development teams, customer success teams, right. That, you know, the software component of these products that people are building is obviously becoming bigger and bigger, you know, in an, in many ways, right. More and more organizations are trying to model themselves over as operationally like software companies. Right. Um, they obviously have lots of other components in their business than just software, but I think that whole model of customer experience equaling product, and then the software component of product, the product is the essence of what changes that alignment equation and brings business and teams together because all of a sudden, everyone knows what the customer's experiencing. Right. And, and that, that, that makes a lot of things very clear, very quickly. >>Right. I'm just curious how far along this was as a process before, before covert hit, right. Because serendipitous, whatever. Right. But th the sudden, you know, light switch moment, everybody had to go work from home and in March 15th compared to now, we're in October, and this is going to be going on for a while, and it is a new normal and whatever that whatever's going to look like a year from now, or two years from now is TBD, you know, had you guys already started on this journey cause again, to sit down and actually declare this coalition and declare this manifesto is a lot different than just trying to do better within your own organization. >>Yeah. So we had started, uh, you know, w we definitely had started independently, you know, some, some, you know, I think people in the community know that, uh, we, we came together with a company called lean kit a handful of years ago, and I give John Terry actually one of the founders leaned to immense credit for, you know, kind of spearheading our cultural change and not, and not because of, we were just going to be, you know, bringing agile solutions to our customers, but because, you know, he believed that it was going to be a fundamentally better way for us to work. Right. And we kind of, you know, when we started with John and built, you know, out of concentric circles of momentum and, and we've gotten to the place where now it's just part of who we are, but, but I do think that, you know, COVID has, you know, um, I think pre COVID a lot of companies, you know, would, would adopt, you know, the, you would adopt digital slash agile transformation. >>Um, traditional industries may have done it as a reaction to disruption. Right. You know, and in many cases, the disruption to these traditional industries was, I would say a product oriented company, right. That probably had a larger software component, and that disruption caused a competitive issue or a customer issue that caused companies and tried to respond by transforming. I think COVID, you know, all of a sudden flatten that out, right. We literally all got disrupted. Right. And, and so all of a sudden, every one of us is dealing with some degree of market uncertainty, customer uncertainty, uh, and also know none of us were insulated from the need to be able to pivot faster, deliver incrementally, you know, and operate in a different, completely more agile way, uh, you know, post COVID. Right. Yeah. That's great. >>So again, a very, very, very timely, you know, a little bit of serendipity, a little bit of, of planning. And, you know, as, as with all important things, there's always a little bit of luck and a lot of hard work involved. So a really interesting thank you for, for your leadership, Patrick. And, you know, it really makes a statement. I think when you have a bunch of leaderships across an industry coming together and putting their name on a piece of paper, uh, that's aligned around us some principles and some values, which again, if you read them who wouldn't want to get behind these, but if it takes, you know, something a little bit more formal, uh, to kind of move the ball down the field, and then I totally get it and a really great work. Thanks for, uh, thanks for doing it. >>Oh, absolutely. No. Like I said, the first time I read it, I was like, yeah, like you said, this is all, this all makes complete sense, but just documenting it and saying it and talking about it moves the needle. I'll tell you as a company, you gotta, we're pushing really hard on, uh, you know, on our own internal strategy on diversity inclusion. Right? And, and like, once we wrote the words down about what, you know, what we aspire to be from a diversity and inclusion perspective, it's the same thing. Everybody reads the words and goes, why wouldn't we do this? Right. But until you write it down and kind of have again, a manifesto or a Terrafirma of what you're trying to accomplish, you know, then you can rally behind it. Right. As opposed to it being something that's, everybody's got their own version of the flavor. Right. And I think it's a very analogous, you know, kind of, uh, initiative, right. And, uh, and this happening, both of those things, right. Are happening across the industry these days. Right. >>And measure it too. Right. And measure it, measure, measure, measure, get a baseline. Even if you don't like to measure, even if you don't like what the, even if you can argue against the math, behind the measurement, measure it, and at least you can measure it again and you can, and you've got some type of a comp and that is really the only way to, to move it forward. Well, Patrick really enjoyed the conversation. Thanks for, uh, for taking a few minutes out of your day. >>It's great to be here. It's an awesome movement and we're glad >>That'd be part of it. All right. Thanks. And if you want to check out the biz ops, Manifesta go to biz ops, manifesto.org, read it. You might want to sign it. It's there for you. And thanks for tuning in on this segment will continuing coverage of the biz op manifesto unveil here on the cube. I'm Jeff, thanks for watching >>From around the globe. It's the cube with digital coverage of biz ops manifesto unveiled brought to you by biz ops coalition. >>Hey, welcome back, everybody Jeffrey here with the cube. We're coming to you from our Palo Alto studios. And welcome back to this event is the biz ops manifesto unveiling. So the biz ops manifesto and the biz ops coalition had been around for a little while, but today's the big day. That's kind of the big public unveiling or excited to have some of the foundational people that, you know, have put their, put their name on the dotted, if you will, to support this initiative and talk about why that initiative is so important. And so the next guest we're excited to have is dr. Mick Kirsten. He is the founder and CEO of Tasktop mic. Great to see you coming in from Vancouver, Canada, I think, right? Yes. Thank you. Absolutely. I hope your air is a little better out there. I know you had some of the worst air of all of us, a couple, a couple of weeks back. So hopefully things are, uh, are getting a little better and we get those fires under control. Yeah. >>Things have cleared up now. So yeah, it's good. It's good to be close to the U S and it's going to have the Arabic cleaner as well. >>Absolutely. So let's, let's jump into it. So you you've been an innovation guy forever starting way back in the day and Xerox park. I was so excited to do an event at Xerox park for the first time last year. I mean, that, that to me represents along with bell labs and, and some other, you know, kind of foundational innovation and technology centers, that's gotta be one of the greatest ones. So I just wonder if you could share some perspective of getting your start there at Xerox park, you know, some of the lessons you learned and what you've been able to kind of carry forward from those days. >>Yeah. I was fortunate to join Xerox park in the computer science lab there at a very early point in my career, and to be working on open source programming languages. So back then in the computer science lab, where some of the inventions around programming around software development teams, such as object oriented programming, and a lot of what we had around really modern programming levels constructs, those were the teams I have the fortune of working with, and really our goal was. And of course there's as, as you know, uh, there's just this DNA of innovation and excitement and innovation in the water. And really it was the model back then was all about changing the way that we work, uh, was looking at for how we could make it 10 times easier to write code. But this is back in 99. And we were looking at new ways of expressing, especially business concerns, especially ways of enabling people who are, who want to innovate for their business to express those concerns in code and make that 10 times easier than what that would take. >>So we create a new open source programming language, and we saw some benefits, but not quite quite what we expected. I then went and actually joined Charles Stephanie, that former to fucking Microsoft who was responsible for, he actually got Microsoft word as a spark and into Microsoft and into the hands of bill Gates on that company. I was behind the whole office suite and his vision. And then when I was trying to execute with, working for him was to make PowerPoint like a programming language, make everything completely visual. And I realized none of this was really working in that there was something else, fundamentally wrong programming languages, or new ways of building software. Like let's try and do with Charles around intentional programming. That was not enough. >>That was not enough. So, you know, the agile movement got started about 20 years ago, and we've seen the rise of dev ops and really this kind of embracing of, of, of sprints and, you know, getting away from MRDs and PRDs and these massive definitions of what we're going to build and long build cycles to this iterative process. And this has been going on for a little while. So what was still wrong? What was still missing? Why the BizOps coalition, why the biz ops manifesto? >>Yeah, so I basically think we nailed some of the things that the program language levels of teams can have effective languages deployed soften to the cloud easily now, right? And at the kind of process and collaboration and planning level agile two decades, decades ago was formed. We were adopting and all the, all the teams I was involved with and it's really become a self problem. So agile tools, agile teams, agile ways of planning, uh, are now very mature. And the whole challenge is when organizations try to scale that. And so what I realized is that the way that agile was scaling across teams and really scaling from the technology part of organization to the business was just completely flawed. The agile teams had one set of doing things, one set of metrics, one set of tools. And the way that the business was working was planning was investing in technology was just completely disconnected and using a whole different set of advisors. >>Interesting. Cause I think it's pretty clear from the software development teams in terms of what they're trying to deliver. Cause they've got a feature set, right. And they've got bugs and it's easy to, it's easy to see what they deliver, but it sounds like what you're really honing in on is this disconnect on the business side, in terms of, you know, is it the right investment? You know, are we getting the right business ROI on this investment? Was that the right feature? Should we be building another feature or should we building a completely different product set? So it sounds like it's really a core piece of this is to get the right measurement tools, the right measurement data sets so that you can make the right decisions in terms of what you're investing, you know, limited resources. You can't, no one has unlimited resources and ultimately have to decide what to do, which means you're also deciding what not to do. And it sounds like that's a really big piece of this, of this whole effort. >>Yeah. Jeff, that's exactly it, which is the way that the agile team measures their own way of working is very different from the way that you measure business outcomes. The business outcomes are in terms of how happy your customers are, but are you innovating fast enough to keep up with the pace of a rapidly changing economy, rapidly changing market. And those are, those are all around the customer. And so what I learned on this long journey of supporting many organizations transformations and having them try to apply those principles of agile and dev ops, that those are not enough, those measures technical practices, those measured sort of technical excellence of bringing code to the market. They don't actually measure business outcomes. And so I realized that it really was much more around having these entwined flow metrics that are customer centric and business centric and market centric where we need it to go. Right. >>So I want to shift gears a little bit and talk about your book because you're also a bestselling author, a project, a product, and, and, and you, you brought up this concept in your book called the flow framework. And it's really interesting to me cause I know, you know, flow on one hand is kind of a workflow and a process flow and, and you know, that's how things get done and, and, and embrace the flow. On the other hand, you know, everyone now in, in a little higher level existential way is trying to get into the flow right into the workflow and, you know, not be interrupted and get into a state where you're kind of at your highest productivity, you know, kind of your highest comfort, which flow are you talking about in your book or is it a little bit about, >>Well, that's a great question. It's not what I get asked very often. Just to me, it's absolutely both. So that the thing that we want to get to, we've learned how to master individual flow. That is this beautiful book by me, how he teaches me how he does a beautiful Ted talk by him as well about how we can take control of our own flow. So my question with the book with project replies, how can we bring that to entire teams and really entire organizations? How can we have everyone contributing to a customer outcome? And this is really what if you go to the biz ops manifesto, it says, I focus on outcomes on using data to drive whether we're delivering those outcomes rather than a focus on proxy metrics, such as, how quickly did we implement this feature? No, it's really how much value did the customer go to the feature and how quickly did you learn and how quickly did you use that data to drive to that next outcome? >>Really that with companies like Netflix and Amazon have mastered, how do we get that to every large organization, every it organization and make everyone be a software innovator. So it's to bring that co that concept of flow to these entwined value streams. And the fascinating thing is we've actually seen the data. We've been able to study a lot of value streams. We see when flow increases, when organizations deliver value to a customer faster, developers actually become more happy. So things like the employee net promoter scores rise, and we've got empirical data for this. So the beautiful thing to me is that we've actually been able to combine these two things and see the results in the data that you increase flow to the customer. Your developers are more happy. >>I love it, right, because we're all more, we're all happier when we're in the flow and we're all more productive when we're in the flow. So I, that is a great melding of, of two concepts, but let's jump into the, into the manifesto itself a little bit. And, you know, I love that, you know, took this approach really of having kind of four key values and then he gets 12 key principles. And I just want to read a couple of these values because when you read them, it sounds pretty brain dead. Right? Of course. Right. Of course you should focus on business outcomes. Of course you should have trust and collaboration. Of course you should have database decision making processes and not just intuition or, you know, whoever's the loudest person in the room, uh, and to learn and respond and pivot. But what's the value of actually just putting them on a piece of paper, because again, this is not this, these are all good, positive things, right? When somebody reads these to you or tells you these are sticks it on the wall, of course. But unfortunately of course isn't always enough. >>No. And I think what's happened is some of these core principles originally from the agile manifesto two decades ago, uh, the whole dev ops movement of the last decade of flow feedback and continue learning has been key. But a lot of organizations, especially the ones that are undergoing digital transformations have actually gone a very different way, right? The way that they measure value in technology and innovation is through costs for many organizations. The way that they actually are looking at that they're moving to cloud is actually as a reduction in cost. Whereas the right way of looking at moving to cloud is how much more quickly can we get to the value to the customer? How quickly can we learn from that? And how quickly can we drive the next business outcome? So really the key thing is, is to move away from those old ways of doing things, a funny projects and cost centers, uh, to actually funding and investing in outcomes and measuring outcomes through these flow metrics, which in the end are your fast feedback and how quickly you're innovating for your customer. >>So these things do seem, you know, very obvious when you look at them. But the key thing is what you need to stop doing to focus on these. You need to actually have accurate realtime data of how much value your phone to the customer every week, every month, every quarter. And if you don't have that, your decisions are not driven on data. If you don't know what your boggling like is, and this is something that in decades of manufacturing, a car manufacturers, other manufacturers, master, they always know where the bottom back in their production processes. You ask a random CIO when a global 500 company where their bottleneck is, and you won't get a clear answer because there's not that level of understanding. So let's, you actually follow these principles. You need to know exactly where you fall. And I guess because that's, what's making your developers miserable and frustrated around having them context, which on thrash. So it, the approach here is important and we have to stop doing these other things, >>Right? There's so much there to unpack. I love it. You know, especially the cloud conversation, because so many people look at it wrong as, as, as a cost saving device, as opposed to an innovation driver and they get stuck, they get stuck in the literal and the, and you know, I think at the same thing, always about Moore's law, right? You know, there's a lot of interesting real tech around Moore's law and the increasing power of microprocessors, but the real power, I think in Moore's laws is the attitudinal change in terms of working in a world where you know that you've got all this power and what you build and design. I think it's funny to your, your comment on the flow and the bottleneck, right? Cause, cause we know manufacturing, as soon as you fix one bottleneck, you move to your next one, right? You always move to your next point of failure. So if you're not fixing those things, you know, you're not, you're not increasing that speed down the line, unless you can identify where that bottleneck is or no matter how many improvements you make to the rest of the process, it's still going to get hung up on that one spot. >>That's exactly it. And you also make it sound so simple, but again, if you don't have the data driven visibility of where that bottom line is, and these bottlenecks are adjusted to say defense just whack them. All right. So we need to understand is the bottleneck because our security reviews are taking too long and stopping us from getting value for the customer. If it's that automate that process. And then you move on to the next bottleneck, which might actually be that deploying yourself into the cloud. It's taking too long. But if you don't take that approach of going flow first, rather than again, that sort of cost reduction. First, you have to think of the approach of customer centricity and you only focused on optimizing costs. Your costs will increase and your flow will slow down. And this is just one of these fascinating things. >>Whereas if you focus on getting closer to the customer and reducing your cycles out on getting value, your flow time from six months to two weeks or two, one week or two event, as we see with the tech giants, you actually can both lower your costs and get much more value for us to get that learning loop going. So I think I've, I've seen all these cloud deployments and one of the things happened that delivered almost no value because there was such big bottlenecks upfront in the process and actually the hosting and the AP testing was not even possible with all of those inefficiencies. So that's why going float us rather than costs when we started our project versus silky. >>I love that. And, and, and, and it, it begs repeating to that right within the subscription economy, you know, you're on the hook to deliver value every single month because they're paying you every single month. So if you're not on top of how you're delivering value, you're going to get sideways because it's not like they pay a big down payment and a small maintenance fee every month. But once you're in a subscription relationship, you know, you have to constantly be delivering value and upgrading that value because you're constantly taking money from the customer. So it's such a different kind of relationship than kind of the classic, you know, big bang with a maintenance agreement on the back end really important. Yeah. >>And I think in terms of industry shifts that that's, it that's, what's catalyzed. This industry shift is in this SAS and subscription economy. If you're not delivering more and more value to your customers, someone else's, and they're winning the business, not you. So, one way we know is to delight our customers with great user experience as well. That really is based on how many features you delivered or how much, how much, how many quality improvements or scalar performance improvements we delivered. So the problem is, and this is what the business manifesto, as well as the flow frame of touch on is if you can't measure how much value you deliver to a customer, what are you measuring? You just backed again, measuring costs, and that's not a measure of value. So we have to shift quickly away from measuring costs to measuring value, to survive. And in the subscription economy, >>We could go for days and days and days. I want to shift gears a little bit into data and, and a data driven decision making a data driven organization cause right day has been talked about for a long time, the huge big data meme with, with Hadoop over, over several years and, and data warehouses and data lakes and data oceans and data swamps. And you can go on and on and on. It's not that easy to do, right? And at the same time, the proliferation of data is growing exponentially. We're just around the corner from, from IOT and five G. So now the accumulation of data at machine scale, again, is this gonna overwhelm? And one of the really interesting principles, uh, that I wanted to call out and get your take right, is today's organizations generate more data than humans can process. So informed decisions must be augmented by machine learning and artificial intelligence. I wonder if you can, again, you've got some great historical perspective, um, reflect on how hard it is to get the right data, to get the data in the right context, and then to deliver it to the decision makers and then trust the decision makers to actually make the data and move that down. You know, it's kind of this democratization process into more and more people and more and more frontline jobs making more and more of these little decisions every day. >>Yeah. I definitely think the front parts of what you said are where the promises of big data have completely fallen on their face into the swamps as, as you mentioned, because if you don't have the data in the right format, you've cannot connect, collected that the right way you want it, that way, the right way you can't use human or machine learning on it effectively. And there've been the number of data where, how has this in a typical enterprise organization and the sheer investment is tremendous, but the amount of intelligence being extracted from those is, is, is a very big problem. So the key thing that I've noticed is that if you can model your value streams, so you actually understand how you're innovating, how you're measuring the delivery of value and how long that takes, what is your time to value through these metrics like full time? >>You can actually use both the intelligence that you've got around the table and push that down as well, as far as getting to the organization, but you can actually start using that those models to understand and find patterns and detect bottlenecks that might be surprising, right? Well, you can detect interesting bottlenecks when you shift to work from home. We detected all sorts of interesting bottlenecks in our own organization that were not intuitive to me that have to do with, you know, more senior people being overloaded and creating bottlenecks where they didn't exist. Whereas we thought we were actually an organization that was very good at working from home because of our open source roots. So the data is highly complex. Software value streams are extremely complicated. And the only way to really get the proper analysts and data is to model it properly and then to leverage these machine learning and AI techniques that we have. But that front part of what you said is where organizations are just extremely immature in what I've seen, where they've got data from all their tools, but not modeled in the right way. Right, right. >>Right. Well, all right. So before I let you go, you know, let's say you get a business leader. He, he buys in, he reads the manifesto, he signs on the dotted line and he says, Mick, how do I get started? I want to be more aligned with the, with the development teams. I know I'm in a very competitive space. We need to be putting out new software features and engage with our customers. I want to be more data-driven how do I get started? Well, you know, what's the biggest inhibitor for most people to get started and get some early wins, which we know is always the key to success in any kind of a new initiative. >>Right? So I think you can reach out to us through the website, uh, for the manifesto. But the key thing is just, it's definitely set up it's to get started and to get the key wins. So take a product value stream. That's mission critical if it'd be on your mobile and web experiences or part of your cloud modernization platform where your analytics pipeline, but take that and actually apply these principles to it and measure the end to end flow of value. Make sure you have a value metric that everyone is on the same page on, but the people on the development teams that people in leadership all the way up to the CEO, and one of the, where I encourage you to start is actually that end to end flow time, right? That is the number one metric. That is how you measure it, whether you're getting the benefit of your cloud modernization, that is the one metric that when the people I respect tremendously put into his cloud for CEOs, the metric, the one, the one way to measure innovation. So basically take these principles, deploy them on one product value stream measure, Antonin flow time, uh, and then you'll actually be well on your path to transforming and to applying the concepts of agile and dev ops all the way to, to the, to the way >>You're offering model. >>Well, Mick really great tips, really fun to catch up. I look forward to a time when we can actually sit across the table and, and get into this. Cause I just, I just love the perspective and, you know, you're very fortunate to have that foundational, that foundational base coming from Xerox park and they get, you know, it's, it's a very magical place with a magical history. So to, to incorporate that into, continue to spread that well, uh, you know, good for you through the book and through your company. So thanks for sharing your insight with us today. >>Thanks so much for having me, Jeff. Absolutely. >>All right. And go to the biz ops manifesto.org, read it, check it out. If you want to sign it, sign it. They'd love to have you do it. Stay with us for continuing coverage of the unveiling of the business manifesto on the cube. I'm Jeff. Rick. Thanks for watching. See you next time >>From around the globe. It's the cube with digital coverage, a biz ops manifesto unveiled brought to you by biz ops coalition. >>Hey, welcome back. You're ready. Jeff Frick here with the cube for our ongoing coverage of the big unveil. It's the biz ops manifesto manifesto unveil. And we're going to start that again from the top three And a Festo >>Five, four, three, two. >>Hey, welcome back everybody. Jeff Frick here with the cube come to you from our Palo Alto studios today for a big, big reveal. We're excited to be here. It's the biz ops manifesto unveiling a thing's been in the works for a while and we're excited to have our next guest. One of the, really the powers behind this whole effort. And he's joining us from Boston it's surge, Lucio, the vice president, and general manager enterprise software division at Broadcom surge. Great to see you. >>Hi, good to see you, Jeff. Glad to be here. >>Absolutely. So you've been in this business for a very long time. You've seen a lot of changes in technology. What is the biz ops manifesto? What is this coalition all about? Why do we need this today and in 2020? >>Yeah. So, so I've been in this business for close to 25 years, right? So about 20 years ago, the agile manifesto was created. And the goal of the agile manifesto was really to address the uncertainty around software development and the inability to predict the efforts to build software. And, uh, if you, if you roll that kind of 20 years later, and if you look at the current state of the industry of the product, the project management Institute, estimates that we're wasting about a million dollars, every 20 seconds in digital transformation initiatives that do not deliver on business results. In fact, we were recently served a third of the, a, a number of executives in partnership with Harvard >>Business review and 77% of those executives think that one of the key challenges that they have is really the collaboration between business and it, and that that's been kind of a case for, uh, almost 20 years now. Um, so the, the, the key challenge that we're faced with is really that we need a new approach. And many of the players in the industry, including ourselves have been using different terms, right? Some are being, are talking about value stream management. Some are talking about software delivery management. If you look at the site, reliability engineering movement, in many ways, it embodies a lot of these kind of concepts and principles. So we believed that it became really imperative for us to crystallize around, could have one concept. And so in many ways, the, a, the BizOps concept and the BizOps manifesto are bringing together a number of ideas, which has been emerging in the last five years or so, and, and defining the key values and principles to finally help these organizations truly transform and become digital businesses. And so the hope is that by joining our forces and defining public key principles and values, we can help the industry, uh, not just, uh, by, you know, providing them with support, but also tools and consulting that is required for them to truly achieve the kind of transformation that everybody's taking. >>Right. Right. So COVID now we're six months into it, approximately seven months into it. Um, a lot of pain, a lot of bad stuff still happening. We've got a ways to go, but one of the things that on the positive side, right, and you've seen all the memes and social media is, is a driver of digital transformation and a driver of change. Cause we had this light switch moment in the middle of March, and there was no more planning. There was no more conversation. You've suddenly got remote workforces, everybody's working from home and you got to go, right. So the reliance on these tools increases dramatically, but I'm curious, you know, kind of short of, of the beginnings of this effort in short of kind of COVID, which, you know, came along unexpectedly. I mean, what were those inhibitors because we've been making software for a very long time, right? The software development community has, has adopted kind of rapid change and, and iterative, uh, delivery and, and sprints, what was holding back the connection with the business side to make sure that those investments were properly aligned with outcomes. >>Well, so, so you have to understand that it is, is kind of a its own silos. And traditionally it has been treated as a cost center within large organizations and not as a value center. And so as a result, kind of a, the traditional dynamic between it and the business is basically one of a kind of supplier up to kind of a business. Um, and you know, if you go back to, uh, I think you'll unmask a few years ago, um, basically at this concept of the machines to build the machines and you went as far as saying that, uh, the, the machines or the production line is actually the product. So, uh, meaning that the core of the innovation is really about, uh, building, could it be engine to deliver on the value? And so in many ways, you know, we, we have missed on this shift from, um, kind of it becoming this kind of value center within the enterprises and end. >>He talks about culture. Now, culture is a, is a sum total of behaviors. And the reality is that if you look at it, especially in the last decade, uh, we've agile with dev ops with, um, I bring infrastructures, uh, it's, it's way more volatile today than it was 10 years ago. And so the, when you start to look at the velocity of the data, the volume of data, the variety of data to analyze the system, um, it's, it's very challenging for it to actually even understand and optimize its own processes, let alone, um, to actually include business as sort of an integral part of kind of a delivery chain. And so it's both kind of a combination of, of culture, um, which is required, uh, as well as tools, right? To be able to start to bring together all these data together, and then given the volume of variety of philosophy of the data. Uh, we have to apply some core technologies, which have only really, truly emerged in the last five to 10 years around machine learning and analytics. And so it's really kind of a combination of those freaks, which are coming together today, truly out organizations kind of get to the next level. Right, >>Right. So let's talk about the manifesto. Let's talk about, uh, the coalition, uh, the BizOps coalition. I just liked that you put down these really simple, you know, kind of straightforward core values. You guys have four core values that you're highlighting, you know, business outcomes, over individual projects and outputs, trust, and collaboration, oversight, load teams, and organizations, data driven decisions, what you just talked about, uh, you know, over opinions and judgment and learned, respond and pivot. I mean, surgery sounds like pretty basic stuff, right? I mean, aren't, isn't everyone working to these values already. And I think he touched on it on culture, right? Trust and collaboration, data driven decisions. I mean, these are fundamental ways that people must run their business today, or the person that's across the street, that's doing it. It's going to knock them out right off their block. >>Yeah. So that's very true. But, uh, so I'll, I'll mention an hour survey. We did, uh, I think about six months ago and it was in partnership with, uh, with, uh, an industry analyst and we serve at a, again, a number of it executives to understand only we're tracking business outcomes. I'm going to get the software executives, it executives we're tracking business outcomes. And the, there were less than 15% of these executives were actually tracking the outcomes of the software delivery. And you see that every day. Right? So in my own teams, for instance, we've been adopting a lot of these core principles in the last year or so, and we've uncovered that 16% of our resources were basically aligned around initiatives, which are not strategic for us. Um, I take another example, for instance, one of our customers in the, uh, in the airline industry and Harvard, for instance, that a number of, uh, um, that they had software issues that led to people searching for flights and not returning any kind of availability. >>And yet, um, you know, the it teams, whether it's operation software environments were completely oblivious to that because they were completely blindsided to it. And so the connectivity between kind of the inwards metrics that RT is using, whether it's database time, cycle time, or whatever metric we use in it are typically completely divorced from the business metrics. And so at its core, it's really about starting to align the business metrics with the, the, the software delivery chain, right? This, uh, the system, which is really a core differentiator for these organizations. It's about connecting those two things and starting to, um, infuse some of the agile culture and principles. Um, that's emerged from the software side into the business side. Um, of course the lean movement and other movements have started to change some of these dynamics on the business side. And so I think this, this is the moment where we are starting to see kind of the imperative to transform. Now, you know, Covina obviously has been a key driver for that. The, um, the technology is right to start to be able to weave data together and really kind of, uh, also the cultural shifts, uh, Prue agile through dev ops through, uh, the SRE movement, uh frulein um, business transformation, all these things are coming together and that are really creating kind of the conditions for the BizOps manifestor to exist, >>Uh, Clayton Christianson, great, uh, Harvard professor innovator's dilemma might steal my all time. Favorite business books, you know, talks about how difficult it is for incumbents to react to, to disruptive change, right? Because they're always working on incremental change cause that's what their customers are asking for. And there's a good ROI when you talk about, you know, companies not measuring the right thing. I mean, clearly it has some portion of their budget that has to go to keeping the lights on, right. That that's always the case, but hopefully that's an ever decreasing percentage of their total activity. So, you know, what should people be measuring? I mean, what are kind of the new metrics, um, in, in biz ops that drive people to be looking at the right things, measuring the right things and subsequently making the right decisions, investment decisions on whether they should do, you know, move project a along or project B. >>So there, there are only two things, right? So, so I think what you're talking about is portfolio management, investment management, right. And, um, which, which is a key challenge, right? Um, in my own experience, right? Uh, driving strategy or a large scale kind of software organization for years, um, it's very difficult to even get kind of a base data as to who is doing what, uh, um, I mean, some of our largest customers we're engaged with right now are simply trying to get a very simple answer, which is how many people do I have and that specific initiative at any point in time and just tracking that information is extremely difficult. So, and, and again, back to a product project management Institute, um, they're, they've estimated that on average, it organizations have anywhere between 10 to 20% of their resources focused on initiatives, which are not strategically aligned. >>So that's one dimension on portfolio management. I think the key aspect though, that we are really keen on is really around kind of the alignment of a business metrics to the it metrics. Um, so I'll use kind of two simple examples, right? And my background is around quality. And so I've always believed that fitness for purpose is really kind of a key, um, uh, philosophy if you will. And so if you start to think about quality as fitness for purpose, you start to look at it from a customer point of view, right. And fitness for purpose for core banking application or mobile application are different, right? So the definition of a business value that you're trying to achieve is different. Um, and so the, and yet, if you look at our, it, operations are operating, they were using kind of a same type of, uh, kind of inward metrics, uh, like a database of time or a cycle time, or what is my point of velocity, right? >>And, uh, and so the challenge really is this inward facing metrics that it is using, which are divorced from ultimately the outcome. And so, you know, if I'm, if I'm trying to build a poor banking application, my core metric is likely going to be uptime, right? If I'm trying to build a mobile application or maybe your social mobile app, it's probably going to be engagement. And so what you want is for everybody across it, to look at these metric, and what's hard, the metrics within the software delivery chain, which ultimately contribute to that business metric and some cases cycle time may be completely irrelevant, right? Again, my core banking app, maybe I don't care about cycle time. And so it's really about aligning those metrics and be able to start to differentiate, um, the key challenges you mentioned, uh, around the, the, um, uh, around the disruption that we see is, or the investors is the dilemma now is really around the fact that many it organizations are essentially applying the same approaches of, for innovation, right, for basically scrap work, then they would apply to kind of over more traditional projects. And so, you know, there's been a lot of talk about two-speed it, and yes, it exists, but in reality are really organizations, um, truly differentiating, um, all of the operate, their, their projects and products based on the outcomes that they're trying to achieve. And this is really where BizOps is trying to affect. >>I love that, you know, again, it doesn't seem like brain surgery, but focus on the outcomes, right. And it's horses for courses, as you said, this project, you know, what you're measuring and how you define success, isn't necessarily the same as, as on this other project. So let's talk about some of the principles we've talked about the values, but, you know, I think it's interesting that, that, that the BizOps coalition, you know, just basically took the time to write these things down and they don't seem all that, uh, super insightful, but I guess you just gotta get them down and have them on paper and have them in front of your face. But I want to talk about, you know, one of the key ones, which you just talked about, which is changing requirements, right. And working in a dynamic situation, which is really what's driven, you know, this, the software to change in software development, because, you know, if you're in a game app and your competitor comes out with a new blue sword, you've got to come out with a new blue sword. >>So whether you had that on your Kanban wall or not. So it's, it's really this embracing of the speed of change and, and, and, and making that, you know, the rule, not the exception. I think that's a phenomenal one. And the other one you talked about is data, right? And that today's organizations generate more data than humans can process. So informed decisions must be generated by machine learning and AI, and, you know, in the, the big data thing with Hadoop, you know, started years ago, but we are seeing more and more that people are finally figuring it out, that it's not just big data, and it's not even generic machine learning or artificial intelligence, but it's applying those particular data sets and that particular types of algorithms to a specific problem, to your point, to try to actually reach an objective, whether that's, you know, increasing the, your average ticket or, you know, increasing your checkout rate with, with, with shopping carts that don't get left behind and these types of things. So it's a really different way to think about the world in the good old days, probably when you got started, when we had big, giant, you know, MRDs and PRDs and sat down and coded for two years and came out with a product release and hopefully not too many patches subsequently to that. >>It's interesting. Right. Um, again, back to one of these surveys that we did with, uh, with about 600, the ITA executives, and, uh, and, and we, we purposely designed those questions to be pretty open. Um, and, and one of them was really role requirements and, uh, and it was really a wrong kind of what do you, what is the best approach? What is your preferred approach towards requirements? And if I remember correctly over 80% of the it executives set that the best approach they'll prefer to approach is for requirements to be completely defined before software development starts. Let me pause there where 20 years after the agile manifesto, right? And for 80% of these idea executives to basically claim that the best approach is for requirements to be fully baked before salt, before software development starts, basically shows that we still have a very major issue. >>And again, our hypothesis in working with many organizations is that the key challenge is really the boundary between business and it, which is still very much contract based. If you look at the business side, they basically are expecting for it deliver on time on budget, right. But what is the incentive for it to actually delivering all the business outcomes, right? How often is it measured on the business outcomes and not on an SLA or on a budget type criteria. And so that, that's really the fundamental shift that we need to, we really need to drive up as an industry. Um, and you know, we, we talk about kind of this, this imperative for organizations to operate that's one, and back to the innovator's dilemma. The key difference between these larger organization is, is really kind of a, if you look at the amount of capital investment that they can put into pretty much anything, why are they losing compared to, um, you know, startups? What, why is it that, uh, more than 40% of, uh, personal loans today or issued not by your traditional brick and mortar banks, but by, um, startups? Well, the reason, yes, it's the traditional culture of doing incremental changes and not disrupting ourselves, which Christiansen covered at length, but it's also the inability to really fundamentally change kind of a dynamic picture. We can business it and, and, and partner right. To, to deliver on a specific business outcome. Right. >>I love that. That's a great, that's a great summary. And in fact, getting ready for this interview, I saw you mentioning another thing where, you know, the, the problem with the agile development is that you're actually now getting more silos because you have all these autonomous people working, you know, kind of independently. So it's even a harder challenge for, for the business leaders to, to, to, as you said, to know, what's actually going on, but, but certainly I w I want to close, um, and talk about the coalition. Um, so clearly these are all great concepts. These are concepts you want to apply to your business every day. Why the coalition, why, you know, take these concepts out to a broader audience, including your, your competition and, and the broader industry to say, Hey, we, as a group need to put a stamp of approval on these concepts, values, these principles. >>So, first I think we, we want, um, everybody to realize that we are all talking about the same things, the same concepts. I think we were all from our own different vantage point, realizing that, um, things after change, and again, back to, you know, whether it's value stream management or site reliability engineering, or biz ops, we're all kind of using slightly different languages. Um, and so I think one of the important aspects of BizOps is for us, all of us, whether we're talking about, you know, consulting agile transformation experts, uh, whether we're talking about vendors, right, provides kind of tools and technologies, or these large enterprises to transform for all of us to basically have kind of a reference that lets us speak around kind of, um, in a much more consistent way. The second aspect is for, to me is for, um, these concepts to start to be embraced, not just by us or trying, or, you know, vendors, um, system integrators, consulting firms, educators, thought leaders, but also for some of our old customers to start to become evangelists of their own in the industry. >>So we, our, our objective with the coalition needs to be pretty, pretty broad. Um, and our hope is by, by starting to basically educate, um, our, our joint customers or partners, that we can start to really foster these behaviors and start to really change, uh, some of dynamics. So we're very pleased at if you look at, uh, some of the companies which have joined the, the, the, the manifesto. Um, so we have vendors and suggest desktop or advance, or, um, uh, PagerDuty for instance, or even planned view, uh, one of my direct competitors, um, but also thought leaders like Tom Davenport or, uh, or cap Gemini or, um, um, smaller firms like, uh, business agility, institutes, or agility elf. Um, and so our, our goal really is to start to bring together, uh, thought leaders, people who have been LP, larger organizations do digital transformation vendors, were providing the technologies that many of these organizations use to deliver on these digital preservation and for all of us to start to provide the kind of, uh, education support and tools that the industry needs. Yeah, >>That's great surge. And, uh, you know, congratulations to you and the team. I know this has been going on for a while, putting all this together, getting people to sign onto the manifesto, putting the coalition together, and finally today getting to unveil it to the world in a little bit more of a public, uh, opportunity. So again, you know, really good values, really simple principles, something that, that, uh, shouldn't have to be written down, but it's nice cause it is, and now you can print it out and stick it on your wall. So thank you for, uh, for sharing this story. And again, congrats to you and the team. Thank you. Appreciate it. My pleasure. Alrighty, surge. If you want to learn more about the biz ops, Manifesta go to biz ops manifesto.org, read it, and you can sign it and you can stay here for more coverage. I'm the cube of the biz ops manifesto unveiled. Thanks for watching. See you next time >>From around the globe. It's the cube with digital coverage of this ops manifesto unveiled and brought to you by >>This obstacle volition. Hey, welcome back, everybody Jeffrey here with the cube. Welcome back to our ongoing coverage of the biz ops manifesto unveiling. It's been in the works for awhile, but today's the day that it actually kind of come out to the, to the public. And we're excited to have a real industry luminary here to talk about what's going on, why this is important and share his perspective. And we're happy to have from Cape Cod, I believe is Tom Davenport. He's a distinguished author and professor at Babson college. We could go on, he's got a lot of great titles and, and really illuminary in the area of big data and analytics Thomas. Great to see you. >>Thanks Jeff. Happy to be here with you. >>Great. So let's just jump into it, you know, and getting ready for this. I came across your LinkedIn posts. I think you did earlier this summer in June and right off the bat, the first sentence just grabbed my attention. I'm always interested in new attempts to address longterm issues, uh, in how technology works within businesses, biz ops. What did you see in biz ops, uh, that, that kind of addresses one of these really big longterm problems? >>Well, yeah, but the longterm problem is that we've had a poor connection between business people and it people between business objectives and the, it solutions that address them. This has been going on, I think since the beginning of information technology and sadly it hasn't gone away. And so biz ops is a new attempt to deal with that issue with a, you know, a new framework, eventually a broad set of solutions that increase the likelihood that will actually solve a business problem with an it capability. >>Right. You know, it's interesting to compare it with like dev ops, which I think a lot of people are probably familiar with, which was, you know, built around, uh, agile software development and a theory that we want to embrace change that that changes. Okay. And we want to be able to iterate quickly and incorporate that. And that's been happening in the software world for, for 20 plus years. What's taken so long to get that to the business side, because as the pace of change has changed on the software side, you know, that's a strategic issue in terms of execution, the business side that they need now to change priorities. And, you know, there's no PRDs and MRDs and big, giant strategic plans that sit on the shelf for five years. That's just not the way business works anymore. It took a long time to get here. >>Yeah, it did. And, you know, there had been previous attempts to make a better connection between business and it, there was the so called strategic alignment framework that a couple of friends of mine from Boston university developed, I think more than 20 years ago, but you know, now we have better technology for creating that linkage. And the, you know, the idea of kind of ops oriented frameworks is pretty pervasive now. So I think it's time for another serious attempt at it. >>And do you think doing it this way, right. With the, with the BizOps coalition, you know, getting a collection of, of, of kind of likeminded individuals and companies together, and actually even having a manifesto, which we're making this declarative statement of, of principles and values, you think that's what it takes to kind of drive this kind of beyond the experiment and actually, you know, get it done and really start to see some results in, in, uh, in production in the field. >>I think certainly no one vendor organization can pull this off single handedly. It does require a number of organizations collaborating and working together. So I think our coalition is a good idea and a manifesto is just a good way to kind of lay out what you see as the key principles of the idea. And that makes it much easier for everybody to understand and act on. >>I, I think it's just, it's really interesting having, you know, having them written down on paper and having it just be so clearly articulated both in terms of the, of the values as well as, as the, uh, the principles and the values, you know, business outcomes matter trust and collaboration, data-driven decisions, which is the number three of four, and then learn, respond and pivot. It doesn't seem like those should have to be spelled out so clearly, but, but obviously it helps to have them there. You can stick them on the wall and kind of remember what your priorities are, but you're the data guy. You're the analytics guy, uh, and a big piece of this is data and analytics and moving to data driven decisions. And principle number seven says, you know, today's organizations generate more data than humans can process and informed decisions can be augmented by machine learning and artificial intelligence right up your alley. You know, you've talked a number of times on kind of the mini stages of analytics. Um, and how has that evolved over over time, you know, as you think of analytics and machine learning, driving decisions beyond supporting decisions, but actually starting to make decisions in machine time. What's that, what's that thing for you? What does that make you, you know, start to think, wow, this is this going to be pretty significant. >>Yeah. Well, you know, this has been a longterm interest of mine. Um, the last generation of AI, I was very interested in expert systems. And then, um, I think, uh, more than 10 years ago, I wrote an article about automated decision-making using what was available then, which was rule-based approaches. Um, but you know, this addresses an issue that we've always had with analytics and AI. Um, you know, we, we tended to refer to those things as providing decision support, but the problem is that if the decision maker didn't want their support, didn't want to use them in order to make a decision, they didn't provide any value. And so the nice thing about automating decisions, um, with now contemporary AI tools is that we can ensure that data and analytics get brought into the decision without any possible disconnection. Now, I think humans still have something to add here, and we often will need to examine how that decision is being made and maybe even have the ability to override it. But in general, I think at least for, you know, repetitive tactical decisions, um, involving a lot of data, we want most of those, I think to be at least, um, recommended if not totally made by an algorithm or an AI based system. And that I believe would add to, um, the quality and the precision and the accuracy of decisions and in most organizations, >>No, I think, I think you just answered my next question before I, before I asked it, you know, we had dr. Robert Gates on the former secretary of defense on a few years back, and we were talking about machines and machines making decisions. And he said at that time, you know, the only weapon systems, uh, that actually had an automated trigger on it were on the North Korea and South Korea border. Um, everything else, as you said, had to go through a sub person before the final decision was made. And my question is, you know, what are kind of the attributes of the decision that enable us to more easily automated? And then how do you see that kind of morphing over time, both as the data to support that as well as our comfort level, um, enables us to turn more and more actual decisions over to the machine? >>Well, yeah, as I suggested we need, um, data and the data that we have to kind of train our models has to be high quality and current, and we need to know the outcomes of that data. You know, um, most machine learning models, at least in business are supervised. And that means we need to have labeled outcomes in the, in the training data. But I, you know, um, the pandemic that we're living through is a good illustration of the fact that, that the data also have to be reflective of current reality. And, you know, one of the things that we're finding out quite frequently these days is that, um, the data that we have do not reflect, you know, what it's like to do business in a pandemic. Um, I wrote a little piece about this recently with Jeff cam at wake forest university, we call it data science quarantined, and we interviewed with somebody who said, you know, it's amazing what eight weeks of zeros will do to your demand forecast. We just don't really know what happens in a pandemic. Um, our models maybe have to be put on the shelf for a little while and until we can develop some new ones or we can get some other guidelines into making decisions. So I think that's one of the key things with automated decision making. We have to make sure that the data from the past and that's all we have of course, is a good guide to, you know, what's happening in the present and the future as far as we understand it. >>Yeah. I used to joke when we started this calendar year 2020, it was finally the year that we know everything with the benefit of hindsight, but I turned down 20, 20 a year. We found out we actually know nothing and everything and thought we knew, but I want to, I want to follow up on that because you know, it did suddenly change everything, right? We've got this light switch moment. Everybody's working from home now we're many, many months into it, and it's going to continue for a while. I saw your interview with Bernard Marr and you had a really interesting comment that now we have to deal with this change. We don't have a lot of data and you talked about hold fold or double down. And, and I can't think of a more, you know, kind of appropriate metaphor for driving the value of the biz ops when now your whole portfolio strategy, um, these to really be questioned and, and, you know, you have to be really, uh, well, uh, executing on what you are, holding, what you're folding and what you're doubling down with this completely new environment. >>Well, yeah, and I hope I did this in the interview. I would like to say that I came up with that term, but it actually came from a friend of mine. Who's a senior executive at Genpact. And, um, I, um, used it mostly to talk about AI and AI applications, but I think you could, you could use it much more broadly to talk about your entire sort of portfolio of digital projects. You need to think about, well, um, given some constraints on resources and a difficult economy for a while, which of our projects do we want to keep going on pretty much the way we were and which ones are not that necessary anymore? You see a lot of that in AI, because we had so many pilots, somebody told me, you know, we've got more pilots around here than O'Hare airport and, and AI. Um, and then, but the ones that involve doubled down, they're even more important to you. They are, you know, a lot of organizations have found this out, um, in the pandemic on digital projects, it's more and more important for customers to be able to interact with you, um, digitally. And so you certainly wouldn't want to cancel those projects or put them on hold. So you double down on them and get them done faster and better. Right, >>Right. Uh, another, another thing that came up in my research that, that you quoted, um, was, was from Jeff Bezos, talking about the great bulk of what we do is quietly, but meaningfully improving core operations. You know, I think that is so core to this concept of not AI and machine learning and kind of the general sense, which, which gets way too much buzz, but really applied right. Applied to a specific problem. And that's where you start to see the value. And, you know, the, the BizOps, uh, manifesto is, is, is calling it out in this particular process. But I'd love to get your perspective as you know, you speak generally about this topic all the time, but how people should really be thinking about where are the applications where I can apply this technology to get direct business value. >>Yeah, well, you know, even talking about automated decisions, um, uh, the kind of once in a lifetime decisions, uh, the ones that, um, ag Lafley, the former CEO of Procter and gamble used to call the big swing decisions. You only get a few of those. He said in your tenure as CEO, those are probably not going to be the ones that you're automating in part because, um, you don't have much data about them. You're only making them a few times and in part, because, um, they really require that big picture thinking and the ability to kind of anticipate the future, that the best human decision makers, um, have. Um, but, um, in general, I think where they, I, the projects that are working well are, you know, what I call the low hanging fruit ones, the, some people even report to it referred to it as boring AI. >>So, you know, sucking data out of a contract in order to compare it to a bill of lading for what arrived at your supply chain companies can save or make a lot of money with that kind of comparison. It's not the most exciting thing, but AI, as you suggested is really good at those narrow kinds of tasks. It's not so good at the, at the really big moonshots, like curing cancer or, you know, figuring out well what's the best stock or bond under all or even autonomous vehicles. Um, we, we made some great progress in that area, but everybody seems to agree that they're not going to be perfect for quite a while, and we really don't want to be driving around on, um, and then very much unless they're, you know, good and all kinds of weather and with all kinds of pedestrian traffic and you know, that sort of thing, right? >>That's funny you bring up contract management. I had a buddy years ago, they had a startup around contract management and I've like, and this was way before we had the compute power today and cloud proliferation. I said, you know, how can you possibly build software around contract management? It's language, it's legal, ease. It's very specific. And he's like, Jeff, we just need to know where's the contract. And when does it expire? And who's the signatory. And he built a business on those, you know, very simple little facts that weren't being covered because their contracts are in people's drawers and files and homes. And Lord only knows. So it's really interesting, as you said, these kind of low hanging fruit opportunities where you can extract a lot of business value without trying to, you know, boil the ocean. >>Yeah. I mean, if you're Amazon, um, uh, Jeff Bezos thinks it's important to have some kind of billion dollar project. And he even says it's important to have a billion dollar failure or two every year. But I think most organizations probably are better off being a little less aggressive and, you know, sticking to, um, what AI has been doing for a long time, which is, you know, making smarter decisions based on, based on data. >>Right? So Tom, I want to shift gears one more time before, before we let you go on, on kind of a new topic for you, not really new, but you know, not, not a, the vast majority of, of your publications and that's the new way to work, you know, as, as the pandemic hit in mid March, right. And we had this light switch moment, everybody had to work from home and it was, you know, kind of crisis and get everybody set up. Well, you know, now we're five months, six months, seven months. A number of companies have said that people are not going to be going back to work for a while. And so we're going to continue on this for a while. And then even when it's not what it is now, it's not going to be what it was before. So, you know, I wonder, and I know you, you, uh, you teased, you're working on a new book, you know, some of your thoughts on, you know, kind of this new way to work and, and, and the human factors in this new, this new kind of reality that we're kind of evolving into, I guess. >>Yeah. I missed was an interest of mine. I think, um, back in the nineties, I wrote an article called, um, a coauthored, an article called two cheers for the virtual office. And, you know, it was just starting to emerge. Then some people were very excited about it. Some people were skeptical and, uh, we said two cheers rather than three cheers because clearly there's some shortcomings. And, you know, I keep seeing these pop up. It's great that we can work from our homes. It's great that we can, most of what we need to do with a digital interface, but, um, you know, things like innovation and creativity, and certainly, um, uh, a good, um, happy social life kind of requires some face to face contact every now and then. And so I, you know, I think we'll go back to an environment where there is some of that. >>Um, we'll have, um, times when people convene in one place so they can get to know each other face to face and learn from each other that way. And most of the time, I think it's a huge waste of people's time to commute into the office every day and to jump on airplanes, to, to, um, give every little, um, uh, sales call or give every little presentation. Uh, we just have to really narrow down what are the circumstances where face to face contact really matters. And when can we get by with digital? You know, I think one of the things in my current work I'm finding is that even when you have AI based decision making, you really need a good platform in which that all takes place. So in addition to these virtual platforms, we need to develop platforms that kind of structure the workflow for us and tell us what we should be doing next, then make automated decisions when necessary. And I think that ultimately is a big part of biz ops as well. It's not just the intelligence of an AI system, but it's the flow of work that kind of keeps things moving smoothly throughout your organization. >>I think such, such a huge opportunity as you just said, cause I forget the stats on how often we're interrupted with notifications between email texts, Slack, a sauna, Salesforce, the list goes on and on. So, you know, to put an AI layer between the person and all these systems that are begging for attention, you've written a book on the attention economy, which is a whole nother topic, we'll say for another day, you know, it, it really begs, it really begs for some assistance because you know, you just can't get him picked, you know, every two minutes and really get quality work done. It's just not, it's just not realistic. And you know what? I don't think that's a feature that we're looking for. >>I agree. Totally >>Tom. Well, thank you so much for your time. Really enjoyed the conversation. I got to dig into the library. It's very long. So I might start at the attention economy. I haven't read that one. And to me, I think that's the fascinating thing in which we're living. So thank you for your time and, uh, great to see you. >>My pleasure, Jeff. Great to be here. >>All right. He's Tom I'm Jeff. You are watching the continuing coverage of the biz ops manifesto and Vail. Thanks for watching the cube. We'll see you next time.

>>from around the globe. It's the Cube with digital coverage of biz ops Manifesto unveiled. Brought to you by biz ops Coalition. Hey, welcome back your body, Jeffrey here with the Cube. Welcome back to our ongoing coverage of the busy ops manifesto unveiling its been in the works for a while. But today is the day that it actually kind of come out to the to the public. And we're excited to have a real industry luminary here to talk about what's going on, Why this is important and share his perspective. And we're happy to have from Cape Cod, I believe, is Tom Davenport. He is a distinguished author on professor at Babson College. We could go on. He's got a lot of great titles and and really illuminate airy in the area of big data and analytics. Thomas, great to see you. >>Thanks, Jeff. Happy to be here with you. Great. >>So let's just jump into it, you know, and getting ready for this. I came across your LinkedIn post. I think you did earlier this summer in June and right off the bat, the first sentence just grabbed my attention. I'm always interested in new attempts to address long term issues, Uh, in how technology works within businesses. Biz ops. What did you see in biz ops? That that kind of addresses one of these really big long term problems? >>Well, yeah. The long term problem is that we've had a poor connection between business people and I t people between business objectives and the i t. Solutions that address them. This has been going on, I think, since the beginning of information technology, and sadly, it hasn't gone away. And so busy ops is new attempt to deal with that issue with a, you know, a new framework. Eventually a broad set of solutions that increase the likelihood that will actually solve a business problem with a nightie capability. >>Right. You know, it's interesting to compare it with, like, Dev ops, which I think a lot of people are probably familiar with, which was, you know, built around a agile software development and the theory that we want to embrace change that that changes okay on. We wanna be able to iterate quickly and incorporate that, and that's been happening in the software world for for 20 plus years. What's taking so long to get that to the business side because the pace of change is change on the software side. You know, that's a strategic issue in terms of execution on the business side that they need now to change priorities. And, you know, there's no P R D S and M R. D s and big giant strategic plans that sit on the shelf for five years. That's just not the way business works anymore. Took a long time to get here. >>Yeah, it did. And, you know, there have been previous attempts to make a better connection between business and i t. There was the so called strategic alignment framework that a couple of friends of mine from Boston University developed, I think more than 20 years ago. But, you know, now we have better technology for creating that linkage. And the, you know, the idea of kind of ops oriented frameworks is pretty pervasive now. So I think it's, um you know, time for another serious attempt at it, >>right? And do you think doing it this way right with the bizarre coalition, you know, getting a collection of of kind of like minded individuals and companies together and actually even having a manifesto which were making this declarative statement of principles and values. You think that's what it takes to kind of drive this, you know, kind of beyond the experiment and actually, you know, get it done and really start to see some results in, in in production in the field. >>I think certainly no one vendor organization can pull this off single handedly. It does require a number of organizations collaborating and working together. So I think a coalition is a good idea, and a manifesto is just a good way to kind of lay out. What you see is the key principles of the idea, and that makes it much easier for everybody. Toe I understand and act on. >>Yeah, I I think it's just it's really interesting having, you know, having them written down on paper and having it just be so clearly articulated both in terms of the of the values as well as as the the principles and and the values, you know. Business outcomes, matter, trust and collaboration, data driven decisions, which is the number three or four and then learn, responded pivot. It doesn't seem like those should have to be spelled out so clearly. But obviously it helps to have them there. You can stick them on the wall and kind of remember what your priorities are. But you're the data guy. You're the analytics guy. Yeah, And a big piece of this is data analytics and moving to data driven decisions. And principle number seven says, you know, today's organizations generate more data than humans can process. And informed decisions can be augmented by machine learning and artificial intelligence right up your alley. You know, you've talked a number of times on kind of the many stages of analytics. Onda. How has that's evolved over over time? You know, it is You think of analytics and machine learning driving decisions beyond supporting decisions, but actually starting to make decisions in machine time. What's that? What's that think for you? What does that make you? You know, start to think Wow, this is This is gonna be pretty significant. >>Yeah, well, you know, this has been a long term interest of mine. Um, the last generation of a I I was very interested in expert systems. And then e think more than 10 years ago, I wrote an article about automated decision making using, um, what was available then, which is rule based approaches. But, you know, this address is an issue that we've always had with analytics and ai. Um, you know, we tended Thio refer to those things as providing decision support. The problem is that if the decision maker didn't want their support, didn't want to use them in order to make a decision, they didn't provide any value. And so the nice thing about automating decisions with now contemporary ai tools is that we can ensure that data and analytics get brought into the decision without any possible disconnection. Now, I think humans still have something to add here, and we often will need to examine how that decision is being made and maybe even have the ability to override it. But in general, I think, at least for, you know, repetitive tactical decisions, um, involving a lot of data. We want most of those I think, to be at least, um, recommended, if not totally made by analgesic rhythm or an AI based system, and that, I believe would add to the quality and the precision and the accuracy of decisions. And in most organizations, >>you know, I think I think you just answered my next question before I Before I asked it. You know, we had Dr Robert Gates on the former secretary of Defense on a few years back, and we were talking about machines and machines making decisions, and he said at that time, you know, the only weapon systems that actually had an automated trigger on it, We're on the North Korean South Korea border. Um, everything else that you said had to go through some person before the final decision was made. And my question is, you know what are kind of the attributes of the decision that enable us that more easily automated? And then how do you see that kind of morphing over time both as the the data to support that as well as our comfort level, Um, enables us to turn mawr mawr actual decisions over to the machine? >>Well, yeah, I suggested we need data, and the data that we have to kind of train our models has to be high quality and current, and we need to know the outcomes of the that data. You know, most machine learning models, at least in business, are supervised, and that means we need tohave labeled outcomes in the in the training data. But you know, the pandemic that we're living through is a good illustration of the fact that the data also have to be reflective of current reality. And, you know, one of the things that were finding out quite frequently these days is that the data that we have a do not reflect you know what it's like to do business in a pandemic. I wrote a little piece about this recently with Jeff Cam at Wake Forest University. We call it Data Science Quarantined and it we interviewed somebody who said, You know, it's amazing what eight weeks of zeros will do to your demand forecast. We just don't really know what happens in a pandemic. Our models may be have to be put on the shelf for a little while and until we can develop some new ones or we can get some other guidelines into making decisions. So I think that's one of the key things with automated decision making. We have toe make sure that the data from the past and you know that's all we have, of course, is a good guide toe. You know what's happening in the present and in the future, as far as we understand it. >>Yeah, I used to joke when we started this calendar year 2020 was finally the year that we know everything with the benefit of hindsight. But it turned out 2020 the year we found out we actually know nothing and everything >>we thought we d >>o. But I wanna I wanna follow up on that because, you know, it did suddenly change everything, right? We got this light switch moment. Everybody's working from home now. We're many, many months into it, and it's going to continue for a while. I saw your interview with Bernard Marr and you had a really interesting comment that now we have to deal with this change. We don't have a lot of data and you talked about hold, fold or double down, and And I can't think of, um or, you know, kind of appropriate metaphor for driving the value of the biz ops. When now your whole portfolio strategy, um, needs to really be questioned. And, you know, you have to be really well executing on what you are holding. What you're folding and what you're doubling down with this completely new environment? >>Well, yeah, And I hope I did this in the interview. I would like to say that I came up with that term, but it actually came from a friend of mine was a senior executive at gen. Packed, and I used it mostly to talk about AI and AI applications, but I think you could You could use it much more broadly to talk about your entire sort of portfolio. Digital projects you need to think about. Well, um, given some constraints on resource is and a difficulty economy for a while. Which of our projects do we wanna keep going on Pretty much the way we were for and which ones, um, are not that necessary anymore. You see a lot of that in a I because we had so many pilots. Somebody told me, You know, we've got more pilots around here than O'Hare Airport in a I, um and then the the ones that involve double down there, even mawr Important to you, they are. You know, a lot of organizations have found this out in the pandemic on digital projects. It's more and more important for customers to be ableto interact with you digitally. And so you certainly wouldn't want toe cancel those projects or put them on hold. So you double down on them, get them done faster and better. >>Another. Another thing I came up in my research that that you quoted um, was was from Jeff. Bezos is talking about the great bulk of what we do is quietly but meaning fleeing, improving core operations. You know, I think that is so core to this concept of not AI and machine learning and kind of the general sense, which which gets way too much buzz but really applied, applied to a specific problem. And that's where you start to see the value. And, you know, the biz ops manifesto is calling it out in this particular process. But I just love to get your perspective. As you know, you speak generally about this topic all the time, but how people should really be thinking about where the applications where I can apply this technology to get direct business value. >>Yeah, well, you know, even talking about automated decisions, um, the kind of once in a lifetime decisions, uh, the ones that a G laugh. Li, the former CEO of Proctor and Gamble, used to call the big swing decisions. You only get a few of those, he said. In your tenure as CEO, those air probably not going to be the ones that you're automating in part because you don't have much data about them. Your you know, only making them a few times and in part because they really require that big picture thinking and the ability to kind of anticipate the future that the best human decision makers have. Um, but in general, I think where they I The projects that are working well are you know what I call the low hanging fruit ones? The some people even report to refer to it as boring A. I so you know, sucking data out of a contract in order to compare it Thio bill of lading for what arrived at your supply chain. Companies can save or make a lot of money with that kind of comparison. It's not the most exciting thing, but a I, as you suggest, is really good at those narrow kinds of tasks. Um, it's not so good at the at the really big Moonshots like curing cancer or, you know, figuring out well, what's the best stock or bond under all circumstances or even autonomous vehicles. We made some great progress in that area, but everybody seems to agree that they're not gonna be perfect for quite a while. And we really don't wanna be driving around on, um in that very much, unless they're, you know, good and all kinds of weather and with all kinds of pedestrian traffic. And you know that sort of thing, right? >>That's funny. Bring up contract management. I had a buddy years ago. They had a startup around contract management, and I'm like and this was way before we had the compute power today and cloud proliferation. I said, You know how How could you possibly built off around contract management? It's language. It's legalese. It's very specific. He's like Jeff. We just need to know where's the contract and when does it expire? And who's the signatory? And he built a business on those you know, very simple little facts that weren't being covered because their contracts from people's drawers and files and homes and Lord only knows so it's really interesting as you said. These kind of low hanging fruit opportunities where you could extract a lot of business value without trying to, you know, boil the ocean. >>Yeah, I mean, if you're Amazon, Jeff Bezos thinks it's important toe have some kind of billion dollar projects, and he even says it's important to have a billion dollar failure or two every year. But I think most organizations probably are better off being a little less aggressive and, you know, sticking to what a I has been doing for a long time, which is, you know, making smarter decisions based on based on data. >>Right? So, Tom, I want to shift gears one more time before before you let Ugo on on kind of a new topic for you, not really new, but you know, not not the vast majority of your publications. And that's the new way toe work, you know, as as the pandemic hit in mid March, right? And we had this light switch moment. Everybody had to work from home, and it was, you know, kind of crisis and get everybody set up. Well, you know, now we're five months, six months, seven months. A number of companies have said that people are not gonna be going back to work for a while, and so we're going to continue on this for a while, and then even when it's not what it is now, it's not gonna be what it was before. So, you know, I wonder and I know you, you tease. You're working on a a new book, you know, some of your thoughts on, you know, kind of this new way, uh, toe work and and and the human factors in this new, this new kind of reality that we're kind of evolving into, I guess, >>Yeah, this was an interest of mine. I think. Back in the nineties, I wrote an article called a co authored an article called Two Cheers for the Virtual Office. And, you know, it was just starting to emerge than some people were very excited about it. Some people were skeptical, and we said to cheers rather than three cheers because clearly there's some shortcomings and, you know, I keep seeing these pop up. It's it's great that we can work from our homes. It's great that we can accomplish most of what we need to do with a digital interface, but you know, things like innovation and creativity and certainly, um a A good, um, happy social life kind of requires some face to face contact every now and then. And so you know, I think we'll go back to an environment where there is some of that. Um, will have, um, time when people convene in one place so they can get to know each other face to face and learn from each other that way. And most of the time, I think it's a huge waste of people's time to commute into the office every day and toe jump on airplanes. Thio, Thio, give every little sales call or give every little presentation we just have to really narrow down. What are the circumstances, where face to face contact really matters and when can we get by with digital? You know, I think one of the things in my current work on finding is that even when you have AI based decision making, you really need a good platform in which that all takes place. So in addition to these virtual platforms, we need to develop platforms that kind of structure the workflow for us and tell us what we should be doing next and make automated decisions when necessary. And I think that ultimately is a big part of biz ops as well. It's not just the intelligence of an AI system, but it's the flow of work that kind of keeps things moving smoothly throughout your organization. Yeah, >>I think such such a huge opportunity as you just said, because I forget the stats on how often were interrupted with notifications between email text, slack asana, salesforce The list goes on and on. So, you know, t put an AI layer between the person and all these systems that are begging for attention. And you've written a you know, a book on the attention economy, which is a whole nother topic will say for another day. You know, it really begs. It really begs for some assistance because, you know, you just can't get him picked, you know, every two minutes and really get quality work done. It's just not it's just not realistic. And you know what? I don't think that's the future that we're looking for. >>Great. Totally. Alright, >>Tom. Well, thank you so much for your time. Really enjoyed the conversation. I got to dig into the library. It's very long song. I might started the attention economy. I haven't read that one in to me. I think that's the fascinating thing in which we're living. So thank you for your time. And, uh, great to see you. >>My pleasure, Jeff. Great to be here. >>All right, take care. Alright. East, Tom. I'm Jeff. You are watching the continuing coverage of the biz ops manifesto. Unveil. Thanks for watching the Cube. We'll see you next time.

>>from around the globe. It's the Cube with digital coverage of biz ops Manifesto unveiled. Brought to you by biz ops Coalition. Hey, welcome back your body, Jeffrey here with the Cube. Welcome back to our ongoing coverage of the busy ops manifesto unveiling its been in the works for a while. But today is the day that it actually kind of come out to the to the public. And we're excited to have a real industry luminary here to talk about what's going on, Why this is important and share his perspective. And we're happy to have from Cape Cod, I believe, is Tom Davenport. He is a distinguished author on professor at Babson College. We could go on. He's got a lot of great titles and and really illuminate airy in the area of big data and analytics. Thomas, great to see you. >>Thanks, Jeff. Happy to be here with you. Great. >>So let's just jump into it, you know, and getting ready for this. I came across your LinkedIn post. I think you did earlier this summer in June and right off the bat, the first sentence just grabbed my attention. I'm always interested in new attempts to address long term issues, Uh, in how technology works within businesses. Biz ops. What did you see in biz ops? That that kind of addresses one of these really big long term problems? >>Well, yeah. The long term problem is that we've had a poor connection between business people and I t people between business objectives and the i t. Solutions that address them. This has been going on, I think, since the beginning of information technology, and sadly, it hasn't gone away. And so busy ops is new attempt to deal with that issue with a, you know, a new framework. Eventually a broad set of solutions that increase the likelihood that will actually solve a business problem with a nightie capability. >>Right. You know, it's interesting to compare it with, like, Dev ops, which I think a lot of people are probably familiar with, which was, you know, built around a agile software development and the theory that we want to embrace change that that changes okay on. We wanna be able to iterate quickly and incorporate that, and that's been happening in the software world for for 20 plus years. What's taking so long to get that to the business side because the pace of change is change on the software side. You know, that's a strategic issue in terms of execution on the business side that they need now to change priorities. And, you know, there's no P R D S and M R. D s and big giant strategic plans that sit on the shelf for five years. That's just not the way business works anymore. Took a long time to get here. >>Yeah, it did. And, you know, there have been previous attempts to make a better connection between business and i t. There was the so called strategic alignment framework that a couple of friends of mine from Boston University developed, I think more than 20 years ago. But, you know, now we have better technology for creating that linkage. And the, you know, the idea of kind of ops oriented frameworks is pretty pervasive now. So I think it's, um you know, time for another serious attempt at it, right? >>And do you think doing it this way right with the bizarre coalition, you know, getting a collection of of kind of like minded individuals and companies together and actually even having a manifesto which were making this declarative statement of principles and values. You think that's what it takes to kind of drive this, you know, kind of beyond the experiment and actually, you know, get it done and really start to see some results in, in in production in the field. >>Well, you know, the manifesto approach worked for Karl Marx and communism. So maybe it'll work. Here is Well, now, I think certainly no one vendor organization can pull this off single handedly. It does require a number of organizations collaborating and working together. So I think a coalition is a good idea, and a manifesto is just a good way to kind of lay out. What you see is the key principles of the idea, and that makes it much easier for everybody. Toe I understand and act on. >>Yeah, I I think it's just it's really interesting having you know, having them written down on paper and having it just be so clearly articulated both in terms of the of the values as well as as the the principles and and the values, you know, business outcomes, matter, trust and collaboration, data driven decisions, which is the number three or four and then learn responded Pivot, It doesn't seem like those should have to be spelled out so clearly, but obviously it helps to have them there. You can stick them on the wall and kind of remember what your priorities are. But you're the data guy. You're the analytics guy. Uh, and a big piece of this is data analytics and moving to data driven decisions. And principle number seven says, you know, today's organizations generate more data than humans can process. And informed decisions can be augmented by machine learning and artificial intelligence right up your alley. You know, you've talked a number of times on kind of the many stages of analytics Onda how that's evolved over over time. You know, it is you think of analytics and machine learning driving decisions beyond supporting decisions, but actually starting to make decisions in machine time. What's that? What's that think for you? What does that make you? You know, start to think Wow, this is this is gonna be pretty significant. >>Yeah, well, you know, this has been a long term interest of mine. Um, the last generation of a I I was very interested in expert systems. And then e think more than 10 years ago I wrote an article about automated decision making using, um, what was available then, which is rule based approaches. But, you know, this address is an issue that we've always had with analytics and ai. Um, you know, we tended Thio refer to those things as providing decision support. The problem is that if the decision maker didn't want their support, didn't want to use them in order to make a decision, they didn't provide any value. And so the nice thing about automating decisions with now contemporary ai tools is that we can ensure that data and analytics get brought into the decision without any possible disconnection. Now, I think humans still have something to add here, and we often will need to examine how that decision is being made and maybe even have the ability to override it. But in general, I think, at least for, you know, repetitive tactical decisions, um, involving a lot of data. We want most of those I think, to be at least, um, recommended, if not totally made by analgesic rhythm or an AI based system, and that I believe would add to the quality and the precision and the accuracy of decisions in in most organizations. >>You know, I think I think you just answered my next question before I before I asked it. You know, we had Dr Robert Gates on the former secretary of Defense on a few years back, and we were talking about machines and machines making decisions, and he said at that time, you know, the only weapon systems that actually had an automated trigger on it, We're on the North Korea and South Korea border. Everything else, as you said, had to go through some person before the final decision was made. And my question is, you know what are kind of the attributes of the decision that enable us to more easily automated? And then how do you see that kind of morphing over time both as the data to support that as well as our comfort level, Um, enables us to turn Maura Maura actual decisions over to the machine? >>Well, yeah, I suggested we need data and the data that we have to kind of train our models has to be high quality and current, and we need to know the outcomes of that data. You know, most machine learning models, at least in business, are supervised, and that means we need tohave labeled outcomes in the in the training data. But, you know, the pandemic that we're living through is a good illustration of the fact that the the data also have to be reflective of current reality. And, you know, one of the things that we're finding out quite frequently these days is that the data that we have do not reflect. You know what it's like to do business in it. Pandemic it. I wrote a little piece about this recently with Jeff Cam at Wake Forest University. We call it Data Science quarantined, and we interviewed somebody who said, You know, it's amazing what eight weeks of zeros will do to your demand forecast. We just don't really know what happens in a pandemic. Our models may be have to be put on the shelf for a little while and until we can develop some new ones or we can get some other guidelines into making decisions. So I think that's one of the key things with automated decision making. We have toe, make sure that the data from the past and you know, that's all we have, of course, is a good guide toe. You know what's happening in the present and and the future as far as we understand it. >>Yeah, I used to joke when we started this calendar year 2020 is finally the year that we know everything with the benefit of hindsight. But it turned out 2020 the year we found out we actually know nothing and everything way. But I wanna I wanna follow up on that because, you know, it did suddenly change everything, right? We got this light switch moment. Everybody's working from home now. We're many, many months into it, and it's going to continue for a while. I saw your interview with Bernard Marr and you had a really interesting comment that now we have to deal with this change. We don't have a lot of data and you talked about hold, fold or double down and and I can't think of, um or, you know, kind of appropriate metaphor for driving the value of the biz ops. When now your whole portfolio strategy, um, needs to really be questioned. And, you know, You have to be really well, executing on what you are holding, what you're folding and what you're doubling down with this completely new environment. >>Well, yeah, And I hope I did this in the interview. I would like to say that I came up with that term, but it actually came from a friend of mine who's a senior executive at gen. Packed. And I used it mostly to talk about AI and AI applications, but I think you could You could use it much more broadly to talk about your entire sort of portfolio of digital projects you need to think about. Well, um, given some constraints on resource is and a difficulty economy for a while. Which of our projects do we wanna keep going on Pretty much the way we were And which ones, um, are not that necessary anymore. You see a lot of that in a I because we had so many pilots, somebody for me, you know, we've got more pilots around here, then O'Hare airport in a I, um and then the the ones that involve double down there, even mawr Important to you, they are, you know, a lot of organizations have found this out in the pandemic on digital projects, it's more and more important for customers to be ableto interact with you, um, digitally. And so you certainly wouldn't want toe cancel those projects or put them on hold. So you double down on them, get them done faster and better. >>Another. Another thing that came up in my research that that you quoted, um, was was from Jeff. Bezos is talking about the great bulk of what we do is quietly but meaning fleeing, improving core operations. You know, I think that is so core to this concept of not AI and machine learning and kind of the general sense, which which gets way too much buzz but really applied, applied to a specific problem. And that's where you start to see the value and, you know, the biz ops. Uh, manifesto is calling it out in this particular process, but I just love to get your perspective. As you know, you speak generally about this topic all the time, but how people should really be thinking about where the applications where I can apply this technology to get direct business value. >>Yeah, well, you know, even talking about automated decisions? Uh, the kind of once in a lifetime decisions, uh, the ones that a g laugh Li, the former CEO of Proctor and Gamble, used to call the big swing decisions. You only get a few of those, he said. In your tenure as CEO, those air probably not going to be the ones that you're automating in part because you don't have much data about them. You're only making them a few times, and in part because they really require that big picture thinking and the ability to kind of anticipate the future that the best human decision makers have. Um, but in general, I think where they I the projects that are working well are you know what I call the low hanging fruit ones? The some people even report to refer to it as boring A I so you know, sucking data out of a contract in order to compare it Thio bill of lading for what arrived at your supply chain. Companies can save or make a lot of money with that kind of comparison. It's not the most exciting thing, but a I, as you suggest, is really good at those narrow kinds of tasks. Um, it's not so good at the at the really big Moonshots like curing cancer or, you know, figuring out well, what's the best stock or bond under all circumstances or even autonomous vehicles. We made some great progress in that area, but everybody seems to agree that they're not going to be perfect for quite a while. And we really don't wanna be driving around on, um in that very much, unless they're, you know, good and all kinds of weather and with all kinds of pedestrian traffic. And you know that sort of thing, right? >>That's funny. Bring up contract management. I had a buddy years ago. They had a startup around contract management, and I'm like, and this was way before we had the compute power today and and cloud proliferation. I said, You know how How could you possibly built off around contract management? It's language. It's legalese. It's very specific. He's like Jeff. We just need to know where's the contract and when does it expire? And who's a signatory? And he built a business on those you know, very simple little facts that weren't being covered because their contracts from People's drawers and files and homes, and Lord only knows So it's really interesting, as you said, these kind of low hanging fruit opportunities where you could extract a lot of business value without trying to, you know, boil the ocean. >>Yeah, I mean, if you're Amazon, Jeff Bezos thinks it's important toe have some kind of billion dollar projects, and he even says it's important to have a billion dollar failure or two every year. But I think most organizations probably are better off being a little less aggressive and, you know, sticking to what a I has been doing for a long time, which is, you know, making smarter decisions based on based on data. >>Right? So, Tom, I want to shift gears one more time before before you let Ugo on on kind of a new topic for you, not really new, but you know, not not the vast majority of your publications. And that's the new way toe work, you know, as as the pandemic hit in mid March, right? And we had this light switch moment. Everybody had to work from home, and it was, you know, kind of crisis and get everybody set up well you know, Now we're five months, six months, seven months. A number of companies have said that people are not gonna be going back to work for a while. And so we're going to continue on this for a while, and then even when it's not what it is now, it's not gonna be what it was before. So, you know, I wonder and I know you, you tease. You're working on a a new book, you know, some of your thoughts on, you know, kind of this new way. Uh, toe work and and and the human factors in this new, this new kind of reality that we're kind of evolving into, I guess. >>Yeah, This was an interest of mine. I think back in the nineties, I wrote an article called Ah Co authored an article called Two Cheers for the Virtual Office. And, you know, it was just starting to emerge. Then some people were very excited about it. Some people were skeptical and we said to cheers rather than three cheers because clearly there's some shortcomings and, you know, I keep seeing these pop up. It's great that we can work from our homes. It's great that we can accomplish most of what we need to do with a digital interface. But you know, things like innovation and creativity and certainly a a good, um, happy social life kind of requires some face to face contact every now and then. And so you know, I think we'll go back to an environment where there is some of that. We'll have, um, time when people convene in one place so they can get to know each other face to face and learn from each other that way. And most of the time, I think it's a huge waste of people's time to commute into the office every day and toe jump on airplanes. Thio, Thio give every little mhm, uh, sales call or give every little presentation. We just have to really narrow down. What are the circumstances, where face to face contact really matters and when can we get by with digital? You know, I think one of the things in my current work I'm finding is that even when you have a I based decision making, you really need a good platform in which that all takes place. So in addition to these virtual platforms, We need to develop platforms that kind of structure the workflow for us and tell us what we should be doing next and make automated decisions when necessary. And I think that ultimately is a big part of biz ops as well. It's not just the intelligence oven, a isis some, but it's the flow of work that kind of keeps things moving smoothly throughout your organization. Yeah, >>I think such such a huge opportunity as you just said, because I forget the stats on how often were interrupted with notifications between email text, slack asana, salesforce The list goes on on and on. So, you know, t put an AI layer between the person and all these systems that are begging for attention. And you've written a you know, a book on the attention economy, which is a whole nother topic will say for another day. You know, it really begs. It really begs for some assistance because, you know, you just can't get him picked, you know, every two minutes and really get quality work done. It's just not it's just not realistic. And you know what? I don't think that's the future that we're looking for. >>Great totally alright, >>Tom. Well, thank you so much for your time. Really enjoyed the conversation. I gotta dig into the library. It's very long song. I might started the attention economy. I haven't read that one in to me. I think that's the fascinating thing in which we're living. So thank you for your time. And, uh, great to see you. >>My pleasure, Jeff. Great to be here. >>All right, take care. Alright. He's Tom. I'm Jeff. You are watching the continuing coverage of the biz ops manifesto. Unveil. Thanks for watching. The Cube will see you next time.

>>from around the globe. It's the Cube covering space and cybersecurity. Symposium 2020 hosted by Cal Poly >>Oven. Welcome back to the Space and Cyber Security Symposium. 2020 I'm John for your host with the Cuban silicon angle, along with Cal Poly, representing a great session here on industry success in developing space and cybersecurity. Resource is Got a great lineup. Brigadier General Steve Hotel, whose are also known as Bucky, is Call Sign director of Space Portfolio Defense Innovation Unit. Preston Miller, chief information security officer at JPL, NASA and Major General retired Clint Crozier, director of aerospace and satellite solutions at Amazon Web services, also known as a W s. Gentlemen, thank you for for joining me today. So the purpose of this session is to spend the next hour talking about the future of workforce talent. Um, skills needed and we're gonna dig into it. And Spaces is an exciting intersection of so many awesome disciplines. It's not just get a degree, go into a track ladder up and get promoted. Do those things. It's much different now. Love to get your perspectives, each of you will have an opening statement and we will start with the Brigadier General Steve Hotel. Right? >>Thank you very much. The Defense Innovation Unit was created in 2015 by then Secretary of Defense Ash Carter. To accomplish three things. One is to accelerate the adoption of commercial technology into the Department of Defense so that we can transform and keep our most relevant capabilities relevant. And also to build what we call now called the national Security Innovation Base, which is inclusive all the traditional defense companies, plus the commercial companies that may not necessarily work with focus exclusively on defense but could contribute to our national security and interesting ways. Um, this is such an exciting time Azul here from our other speakers about space on and I can't, uh I'm really excited to be here today to be able to share a little bit of our insight on the subject. >>Thank you very much. Precedent. Miller, Chief information security officer, Jet Propulsion Lab, NASA, Your opening statement. >>Hey, thank you for having me. I would like to start off by providing just a little bit of context of what brings us. Brings us together to talk about this exciting topic for space workforce. Had we've seen In recent years there's been there's been a trend towards expanding our space exploration and the space systems that offer the great things that we see in today's world like GPS. Um, but a lot of that has come with some Asian infrastructure and technology, and what we're seeing as we go towards our next generation expects of inspiration is that we now want to ensure that were secured on all levels. And there's an acknowledgement that our space systems are just a susceptible to cyber attacks as our terrestrial assistance. We've seen a recent space, uh, policy Directive five come out from our administration, that that details exactly how we should be looking at the cyber principle for our space systems, and we want to prevent. We want to prevent a few things as a result of that of these principles. Spoofing and jamming of our space systems are not authorized commands being sent to those space systems, lots of positive control of our space vehicles on lots of mission data. We also acknowledge that there's a couple of frameworks we wanna adopt across the board of our space systems levers and things like our nice miss cybersecurity frameworks. eso what has been a challenge in the past adopted somebody Cyber principles in space systems, where there simply has been a skill gap in a knowledge gap. We hire our space engineers to do a few things. Very well designed space systems, the ploy space systems and engineer space systems, often cybersecurity is seen as a after thought and certainly hasn't been a line item and in any budget for our spaces in racing. Uh, in the past in recent years, the dynamic started to change. We're now now integrating cyber principles at the onset of development of these life cycle of space. Systems were also taking a hard look of how we train the next generation of engineers to be both adequate. Space engineers, space system engineers and a cyber engineers, as a result to Mrs success on DWI, also are taking a hard look at What do we mean when we talk about holistic risk management for our space assistance, Traditionally risk management and missing insurance for space systems? I've really revolved around quality control, but now, in recent years we've started to adopt principles that takes cyber risk into account, So this is a really exciting topic for me. It's something that I'm fortunate to work with and live with every day. I'm really excited to get into this discussion with my other panel members. Thank you. >>You Preston. Great insight there. Looking forward. Thio chatting further. Um, Clint Closure with a W. S now heading up. A director of aerospace and satellite Solutions, formerly Major General, Your opening statement. >>Thanks, John. I really appreciate that introduction and really appreciate the opportunity to be here in the Space and Cybersecurity Symposium. And thanks to Cal Poly for putting it together, you know, I can't help, but as I think to Cal Poly there on the central California coast, San Luis Obispo, California I can't help but to think back in this park quickly. I spent two years of my life as a launch squadron commander at Vandenberg Air Force Base, about an hour south of Cal Poly launching rockets, putting satellites in orbit for the national intelligence community and so some really fond memories of the Central California coast. I couldn't agree more with the theme of our symposium this week. The space and cyber security we've all come to know over the last decade. How critical spaces to the world, whether it's for national security intelligence, whether it's whether communications, maritime, agriculture, development or a whole host of other things, economic and financial transactions. But I would make the case that I think most of your listeners would agree we won't have space without cybersecurity. In other words, if we can't guaranteed cybersecurity, all those benefits that we get from space may not be there. Preston in a moment ago that all the threats that have come across in the terrestrial world, whether it be hacking or malware or ransomware or are simple network attacks, we're seeing all those migrate to space to. And so it's a really important issue that we have to pay attention to. I also want to applaud Cow Pauling. They've got some really important initiatives. The conference here, in our particular panel, is about developing the next generation of space and cyber workers, and and Cal Poly has two important programs. One is the digital transformation hub, and the other is space data solutions, both of which, I'm happy to say, are in partnership with a W. S. But these were important programs where Cal Poly looks to try to develop the next generation of space and cyber leaders. And I would encourage you if you're interested in that toe. Look up the program because that could be very valuable is well, I'm relatively new to the AWS team and I'm really happy Thio team, as John you said recently retired from the U. S. Air Force and standing up the U. S. Space force. But the reason that I mentioned that as the director of the aerospace and satellite team is again it's in perfect harmony with the theme today. You know, we've recognized that space is critically important and that cyber security is critically important and that's been a W s vision as well. In fact, a W s understands how important the space domain is and coupled with the fact that AWS is well known that at a W s security is job zero and stolen a couple of those to fax A. W. S was looking to put together a team the aerospace and satellite team that focus solely and exclusively every single day on technical innovation in space and more security for the space domain through the cloud and our offerings there. So we're really excited to reimagine agree, envision what space networks and architectures could look like when they're born on the cloud. So that's important. You know, talk about workforce here in just a moment, but but I'll give you just a quick sneak. We at AWS have also recognized the gap in the projected workforce, as Preston mentioned, Um, depending on the projection that you look at, you know, most projections tell us that the demand for highly trained cyber cyber security cloud practitioners in the future outweighs what we think is going to be the supply. And so a ws has leaned into that in a number of ways that we're gonna talk about the next segment. I know. But with our workforce transformation, where we've tried to train free of charge not just a W s workers but more importantly, our customers workers. It s a W s we obsessed over the customer. And so we've provided free training toe over 7000 people this year alone toe bring their cloud security and cyber security skills up to where they will be able to fully leverage into the new workforce. So we're really happy about that too? I'm glad Preston raised SPD five space policy Directive five. I think it's gonna have a fundamental impact on the space and cyber industry. Uh, now full disclosure with that said, You know, I'm kind of a big fan of space policy directives, ESPN, Or was the space policy directive that directed to stand up of the U. S. Space Force and I spent the last 18 months of my life as the lead planner and architect for standing up the U. S. Space force. But with that said, I think when we look back a decade from now, we're going to see that s p d five will have as much of an impact in a positive way as I think SPD for on the stand up of the space Force have already done so. So I'll leave it there, but really look forward to the dialogue and discussion. >>Thank you, gentlemen. Clint, I just wanna say thank you for all your hard work and the team and the people who were involved in standing up Space force. Um, it is totally new. It's a game changer. It's modern, is needed. And there's benefits on potential challenges and opportunities that are gonna be there, so thank you very much for doing that. I personally am excited. I know a lot of people are excited for what the space force is today and what it could become. Thank you very much. >>Yeah, Thanks. >>Okay, So >>with >>that, let me give just jump in because, you know, as you're talking about space force and cybersecurity and you spend your time at Vanderburgh launching stuff into space, that's very technical. Is operation okay? I mean, it's complex in and of itself, but if you think about like, what's going on beyond in space is a lot of commercial aspect. So I'm thinking, you know, launching stuff into space on one side of my brain and the other side of brain, I'm thinking like air travel. You know, all the logistics and the rules of the road and air traffic control and all the communications and all the technology and policy and, you >>know, landing. >>So, Major General Clint, what's your take on this? Because this is not easy. It's not just one thing that speaks to the diversity of workforce needs. What's your reaction to that? >>Yeah. I mean, your observation is right on. We're seeing a real boom in the space and aerospace industry. For all the good reasons we talked about, we're recognizing all the value space from again economic prosperity to exploration to being ableto, you know, improve agriculture and in weather and all those sorts of things that we understand from space. So what I'm really excited about is we're seeing this this blossom of space companies that we sort of referred to his new space. You know, it used to be that really only large governments like the United States and a handful of others could operate in the space domain today and largely infused because of the technological innovation that have come with Cyber and Cyrus Space and even the cloud we're seeing more and more companies, capabilities, countries, all that have the ability, you know. Even a well funded university today can put a cube sat in orbit, and Cal Poly is working on some of those too, by the way, and so it's really expanded the number of people that benefits the activity in space and again, that's why it's so critically important because we become more and more reliant and we will become more and more reliant on those capabilities that we have to protect him. It's fundamental that we do. So, >>Bucky, I want you to weigh in on this because actually, you you've flown. Uh, I got a call sign which I love interviewing people. Anyone who's a call sign is cool in my book. So, Bucky, I want you to react to that because that's outside of the technology, you know, flying in space. There's >>no >>rule. I mean, is there like a rules? I mean, what's the rules of the road? I mean, state of the right. I mean, what I mean, what what's going? What's gonna have toe happen? Okay, just logistically. >>Well, this is very important because, uh and I've I've had access thio information space derived information for most of my flying career. But the amount of information that we need operate effectively in the 21st century is much greater than Thanet has been in the past. Let me describe the environment s so you can appreciate a little bit more what our challenges are. Where, from a space perspective, we're going to see a new exponential increase in the number of systems that could be satellites. Uh, users and applications, right? And so eso we're going we're growing rapidly into an environment where it's no longer practical to just simply evolved or operate on a perimeter security model. We and with this and as I was brought up previously, we're gonna try to bring in MAWR commercial capabilities. There is a tremendous benefit with increasing the diversity of sources of information. We use it right now. The military relies very heavily on commercial SAT com. We have our military capabilities, but the commercial capabilities give us capacity that we need and we can. We can vary that over time. The same will be true for remote sensing for other broadband communications capabilities on doing other interesting effects. Also, in the modern era, we doom or operations with our friends and allies, our regional partners all around the world, in order to really improve our interoperability and have rapid exchange of information, commercial information, sources and capabilities provides the best means of doing that. So that so that the imperative is very important and what all this describes if you want to put one word on it. ISS, we're involving into ah hybrid space architectures where it's gonna be imperative that we protect the integrity of information and the cyber security of the network for the things most important to us from a national security standpoint. But we have to have the rules that that allows us to freely exchange information rapidly and in a way that that we can guarantee that the right users are getting the right information at the right. >>We're gonna come back to that on the skill set and opportunities for people driving. That's just looking. There's so much opportunity. Preston, I want you to react to this. I interviewed General Keith Alexander last year. He formerly ran Cyber Command. Um, now he's building Cyber Security Technologies, and his whole thesis is you have to share. So the question is, how do you share and lock stuff down at the same time when you have ah, multi sided marketplace in space? You know, suppliers, users, systems. This is a huge security challenge. What's your reaction to this? Because we're intersecting all these things space and cybersecurity. It's just not easy. What's your reaction? >>Absolutely, Absolutely. And what I would say in response to that first would be that security really needs to be baked into the onset of how we develop and implement and deploy our space systems. Um, there's there's always going to be the need to collect and share data across multiple entities, particularly when we're changing scientific data with our mission partners. Eso with that necessitates that we have a security view from the onset, right? We have a system spaces, and they're designed to share information across the world. How do we make sure that those, uh, those other those communication channels so secure, free from interception free from disruption? So they're really done? That necessitates of our space leaders in our cyber leaders to be joining the hip about how to secure our space systems, and the communications there in Clinton brought up a really good point of. And then I'm gonna elaborate on a little bit, just toe invite a little bit more context and talk about some the complexities and challenges we face with this advent of new space and and all of our great commercial partners coming into therefore way, that's going to present a very significant supply chain risk management problems that we have to get our hands around as well. But we have these manufacturers developing these highly specialized components for the space instruments, Um, that as it stands right now, it's very little oversight And how those things air produced, manufactured, put into the space systems communication channels that they use ports protocols that they use to communicate. And that's gonna be a significant challenge for us to get get our hands around. So again, cybersecurity being brought in. And the very onset of these development thes thes decisions in these life cycles was certainly put us in a best better position to secure that data in our in our space missions. >>Yeah, E just pick up on that. You don't mind? Preston made such a really good point there. But you have to bake security in up front, and you know there's a challenge and there's an opportunity, you know, with a lot of our systems today. It was built in a pre cyber security environment, especially our government systems that were built, you know, in many cases 10 years ago, 15 years ago are still on orbit today, and we're thankful that they are. But as we look at this new environment and we understand the threats, if we bake cybersecurity in upfront weaken balance that open application versus the risk a long as we do it up front. And you know, that's one of the reasons that our company developed what we call govcloud, which is a secure cloud, that we use thio to manage data that our customers who want to do work with the federal government or other governments or the national security apparatus. They can operate in that space with the built in and baked in cybersecurity protocols. We have a secret region that both can handle secret and top secret information for the same reasons. But when you bake security into the upfront applications, that really allows you to balance that risk between making it available and accessible in sort of an open architecture way. But being sure that it's protected through things like ITAR certifications and fed ramp, uh, another ice T certifications that we have in place. So that's just a really important point. >>Let's stay high level for a man. You mentioned a little bit of those those govcloud, which made me think about you know, the tactical edge in the military analogy, but also with space similar theater. It's just another theater and you want to stand stuff up. Whether it's communications and have facilities, you gotta do it rapidly, and you gotta do it in a very agile, secure, I high availability secure way. So it's not the old waterfall planning. You gotta be fast is different. Cloud does things different? How do you talk to the young people out there, whether it's apparent with with kids in elementary and middle school to high school, college grad level or someone in the workforce? Because there are no previous jobs, that kind of map to the needs out there because you're talking about new skills, you could be an archaeologist and be the best cyber security guru on the planet. You don't have to have that. There's no degree for what, what we're talking about here. This >>is >>the big confusion around education. I mean, you gotta you like math and you could code you can Anything who wants to comment on that? Because I think this >>is the core issue. I'll say there are more and more programs growing around that educational need, and I could talk about a few things we're doing to, but I just wanna make an observation about what you just said about the need. And how do you get kids involved and interested? Interestingly, I think it's already happening, right. The good news. We're already developing that affinity. My four year old granddaughter can walk over, pick up my iPad, turn it on. Somehow she knows my account information, gets into my account, pulls up in application, starts playing a game. All before I really even realized she had my iPad. I mean, when when kids grow up on the cloud and in technology, it creates that natural proficiency. I think what we have to do is take that natural interest and give them the skill set the tools and capabilities that go with it so that we're managing, you know, the the interest with the technical skills. >>And also, like a fast I mean, just the the hackers are getting educated. Justus fast. Steve. I mean e mean Bucky. What do you do here? You CIt's the classic. Just keep chasing skills. I mean, there are new skills. What are some of those skills? >>Why would I amplify eloquent? Just said, First of all, the, uh, you know, cyber is one of those technology areas where commercial side not not the government is really kind of leading away and does a significant amount of research and development. Ah, billions of dollars are spent every year Thio to evolve new capabilities. And a lot of those companies are, you know, operated and and in some cases, led by folks in their early twenties. So the S O. This is definitely an era and a generation that is really poised in position. Well, uh, Thio take on this challenge. There's some unique aspects to space. Once we deploy a system, uh, it will be able to give me hard to service it, and we're developing capabilities now so that we could go up and and do system upgrades. But that's not a normal thing in space that just because the the technical means isn't there yet. So having software to find capabilities, I's gonna be really paramount being able to dio unique things. The cloud is huge. The cloud is centric to this or architectural, and it's kind of funny because d o d we joke because we just discovered the cloud, you know, a couple years ago. But the club has been around for a while and, uh, and it's going to give us scalability on and the growth potential for doing amazing things with a big Data Analytics. But as Preston said, it's all for not if if we can't trust the data that we receive. And so one of the concepts for future architectures is to evolve into a zero trust model where we trust nothing. We verify and authenticate everyone. And, uh, and that's that's probably a good, uh, point of departure as we look forward into our cybersecurity for space systems into the future. >>Block everyone. Preston. Your reaction to all this gaps, skills, What's needed. I mean it Z everyone's trying to squint through this >>absolutely. And I wanna want to shift gears a little bit and talk about the space agencies and organizations that are responsible for deploying these spaces into submission. So what is gonna take in this new era on, and what do we need from the workforce to be responsive to the challenges that we're seeing? First thing that comes to mind is creating a culture of security throughout aerospace right and ensuring that Azzawi mentioned before security isn't an afterthought. It's sort of baked into our models that we deploy and our rhetoric as well, right? And because again we hire our spaces in years to do it very highly. Specialized thing for a highly specialized, uh, it's topic. Our effort, if we start to incorporate rhetorically the importance of cybersecurity two missing success and missing assurance that's going to lend itself toe having more, more prepared on more capable system engineers that will be able to respond to the threats accordingly. Traditionally, what we see in organizational models it's that there's a cyber security team that's responsible for the for the whole kit kaboodle across the entire infrastructure, from enterprise systems to specialize, specialize, space systems and then a small pocket of spaces, years that that that are really there to perform their tasks on space systems. We really need to bridge that gap. We need to think about cybersecurity holistically, the skills that are necessary for your enterprise. I t security teams need to be the same skills that we need to look for for our system engineers on the flight side. So organizationally we need we need to address that issue and approach it, um todo responsive to the challenges we see our our space systems, >>new space, new culture, new skills. One of the things I want to bring up is looking for success formulas. You know, one of the things we've been seeing in the past 10 years of doing the Cube, which is, you know, we've been called the ESPN of Tech is that there's been kind of like a game ification. I want to. I don't wanna say sports because sports is different, but you're seeing robotics clubs pop up in some schools. It's like a varsity sport you're seeing, you know, twitch and you've got gamers out there, so you're seeing fun built into it. I think Cal Poly's got some challenges going on there, and then scholarships air behind it. So it's almost as if, you know, rather than going to a private sports training to get that scholarship, that never happens. There's so many more scholarship opportunities for are not scholarship, but just job opportunities and even scholarships we've covered as part of this conference. Uh, it's a whole new world of culture. It's much different than when I grew up, which was you know, you got math, science and English. You did >>it >>and you went into your track. Anyone want to comment on this new culture? Because I do believe that there is some new patterns emerging and some best practices anyone share any? >>Yeah, I do, because as you talked about robotics clubs and that sort of things, but those were great and I'm glad those air happening. And that's generating the interest, right? The whole gaming culture generating interest Robotic generates a lot of interest. Space right has captured the American in the world attention as well, with some recent NASA activities and all for the right reasons. But it's again, it's about taking that interested in providing the right skills along the way. So I'll tell you a couple of things. We're doing it a w s that we found success with. The first one is a program called A W s Academy. And this is where we have developed a cloud, uh, program a cloud certification. This is ah, cloud curriculum, if you will, and it's free and it's ready to teach. Our experts have developed this and we're ready to report it to a two year and four year colleges that they can use is part of the curriculum free of charge. And so we're seeing some real value there. And in fact, the governor's in Utah and Arizona recently adopted this program for their two year schools statewide again, where it's already to teach curriculum built by some of the best experts in the industry s so that we can try to get that skills to the people that are interested. We have another program called A W s educate, and this is for students to. But the idea behind this is we have 12 cracks and you can get up to 50 hours of free training that lead to A W s certification, that sort of thing. And then what's really interesting about that is all of our partners around the world that have tied into this program we manage what we call it ws educate Job board. And so if you have completed this educate program now, you can go to that job board and be linked directly with companies that want people with those skills we just helped you get. And it's a perfect match in a perfect marriage there. That one other piece real quickly that we're proud of is the aws Uh restart program. And that's where people who are unemployed, underemployed or transitioning can can go online. Self paced. We have over 500 courses they can take to try to develop those initial skills and get into the industry. And that's been very popular, too, So that those air a couple of things we're really trying to lean into >>anyone else want to react. Thio that question patterns success, best practices, new culture. >>I'd like Thio. The the wonderful thing about what you just touched on is problem solving, right, And there's some very, very good methodologies that are being taught in the universities and through programs like Hacking for Defense, which is sponsored by the National Security Innovation Network, a component of the I you where I work but the But whether you're using a lien methodologies or design school principals or any other method, the thing that's wonderful right now and not just, uh, where I work at the U. The Space force is doing this is well, but we're putting the problem out there for innovators to tackle, And so, rather than be prescriptive of the solutions that we want to procure, we want we want the best minds at all levels to be able to work on the problem. Uh, look at how they can leverage other commercial solutions infrastructure partnerships, uh, Thio to come up with a solution that we can that we can rapidly employ and scale. And if it's a dual use solution or whether it's, uh, civil military or or commercial, uh, in any of the other government solutions. Uh, that's really the best win for for the nation, because that commercial capability again allows us to scale globally and share those best practices with all of our friends and allies. People who share our values >>win win to this commercial. There's a business model potential financial benefits as well. Societal impact Preston. I want to come to you, JPL, NASA. I mean, you work in one of the most awesome places and you know, to me, you know, if you said to me, Hey, John, come working JP like I'm not smart enough to go there like I mean, like, it's a pretty It's intimidating, it might seem >>share folks out there, >>they can get there. I mean, it's you can get there if you have the right skills. I mean I'm just making that up. But, I mean, it is known to be super smart And is it attainable? So share your thoughts on this new culture because you could get the skills to get there. What's your take on all this >>s a bucket. Just missing something that really resonated with me, right? It's do it your love office. So if you put on the front engineer, the first thing you're gonna try to do is pick it apart. Be innovative, be creative and ways to solve that issue. And it has been really encouraging to me to see the ground welcome support an engagement that we've seen across our system. Engineers in space. I love space partners. A tackling the problem of cyber. Now that they know the West at risk on some of these cyber security threats that that they're facing with our space systems, they definitely want to be involved. They want to take the lead. They want to figure things out. They wanna be innovative and creative in that problem solving eso jpl We're doing a few things. Thio Raise the awareness Onda create a culture of security. Andi also create cyber advocates, cybersecurity advocates across our space engineers. We host events like hacked the lad, for example, and forgive me. Take a pause to think about the worst case scenarios that could that could result from that. But it certainly invites a culture of creative problem solving. Um, this is something that that kids really enjoy that are system engineers really enjoyed being a part off. Um, it's something that's new refreshing to them. Eso we were doing things like hosting a monthly cybersecurity advocacy group. When we talk about some of the cyber landscape of our space systems and invite our engineers into the conversation, we do outweighs programs specifically designed to to capture, um, our young folks, uh, young engineers to deceive. They would be interested and show them what this type of security has to offer by ways of data Analytic, since the engineering and those have been really, really successful identifying and bringing in new talent to address the skill gaps. >>Steve, I want to ask you about the d. O. D. You mentioned some of the commercial things. How are you guys engaging the commercial to solve the space issue? Because, um, the normalization in the economy with GPS just seeing spaces impacts everybody's lives. We we know that, um, it's been talked about. And and there's many, many examples. How are you guys the D o. D. From a security standpoint and or just from an advancement innovation standpoint, engaging with commercials, commercial entities and commercial folks? >>Well, I'll throw. I'll throw a, uh, I'll throw ah, compliment to Clint because he did such an outstanding job. The space forces already oriented, uh, towards ah, commercial where it's appropriate and extending the arms. Leveraging the half works on the Space Enterprise Consortium and other tools that allow for the entrepreneurs in the space force Thio work with their counterparts in a commercial community. And you see this with the, uh, you know, leveraging space X away to, uh, small companies who are doing extraordinary things to help build space situational awareness and, uh, s So it's it's the people who make this all happen. And what we do at at the D. O. D level, uh, work at the Office of Secretary defense level is we wanna make sure that they have the right tools to be able to do that in a way that allows these commercial companies to work with in this case of a space force or with cyber command and ways that doesn't redefine that. The nature of the company we want we want We want commercial companies to have, ah, great experience working with d o d. And we want d o d toe have the similar experience working, working with a commercial community, and and we actually work interagency projects to So you're going to see, uh, General Raymond, uh, hey, just recently signed an agreement with the NASA Esa, you're gonna see interagency collaborations on space that will include commercial capabilities as well. So when we speak as one government were not. You know, we're one voice, and that's gonna be tremendous, because if you're a commercial company on you can you can develop a capability that solves problems across the entire space enterprise on the government side. How great is that, Right. That's a scaling. Your solution, gentlemen. Let >>me pick you back on that, if you don't mind. I'm really excited about that. I mentioned new space, and Bucky talked about that too. You know, I've been flying satellites for 30 years, and there was a time where you know the U. S. Government national security. We wouldn't let anybody else look at him. Touch him. Plug into, um, anything else, right. And that probably worked at the time. >>But >>the world has changed. And more >>importantly, >>um, there is commercial technology and capability available today, and there's no way the U. S government or national security that national Intel community can afford economically >>to >>fund all that investment solely anymore. We don't have the manpower to do it anymore. So we have this perfect marriage of a burgeoning industry that has capabilities and it has re sources. And it has trained manpower. And we are seeing whether it's US Space Force, whether it's the intelligence community, whether it's NASA, we're seeing that opened up to commercial providers more than I've ever seen in my career. And I can tell you the customers I work with every day in a W s. We're building an entire ecosystem now that they understand how they can plug in and participate in that, and we're just seeing growth. But more importantly, we're seeing advanced capability at cheaper cost because of that hybrid model. So that really is exciting. >>Preston. You know you mentioned earlier supply chain. I don't think I think you didn't use the word supply chain. Maybe you did. But you know about the components. Um, you start opening things up and and your what you said baking it in to the beginning, which is well known. Uh, premise. It's complicated. So take me through again, Like how this all gonna work securely because And what's needed for skill sets because, you know, you're gonna open. You got open source software, which again, that's open. We live in a free society in the United States of America, so we can't lock everything down. You got components that are gonna be built anywhere all around the world from vendors that aren't just a certified >>or maybe >>certified. Um, it's pretty crazy. So just weigh in on this key point because I think Clint has it right. And but that's gonna be solved. What's your view on this? >>Absolutely. And I think it really, really start a top, right? And if you look back, you know, across, um in this country, particularly, you take the financial industry, for example, when when that was a burgeoning industry, what had to happen to ensure that across the board. Um, you know, your your finances were protected these way. Implemented regulations from the top, right? Yeah. And same thing with our health care industry. We implemented regulations, and I believe that's the same approach we're gonna need to take with our space systems in our space >>industry >>without being too directive or prescriptive. Instance she ating a core set of principles across the board for our manufacturers of space instruments for deployment and development of space systems on for how space data and scientific data is passed back and forth. Eso really? We're gonna need to take this. Ah, holistic approach. Thio, how we address this issue with cyber security is not gonna be easy. It's gonna be very challenging, but we need to set the guard rails for exactly what goes into our space systems, how they operate and how they communicate. >>Alright, so let's tie this back to the theme, um, Steve and Clint, because this is all about workforce gaps, opportunities. Um, Steve, you mentioned software defined. You can't do break fix in space. You can't just send a technician up in the space to fix a component. You gotta be software defined. We're talking about holistic approach, about commercial talk about business model technology with software and policy. We need people to think through, like you know. What the hell are you gonna do here, right? Do you just noticed road at the side of the road to drive on? There's no rules of engagement. So what I'm seeing is certainly software Check. If you wanna have a job for the next millennial software policy who solves two problems, what does freedom looked like in space Congestion Contention and then, obviously, business model. Can you guys comment on these three areas? Do you agree? And what specific person might be studying in grad school or undergraduate or in high school saying, Hey, I'm not a techie, but they can contribute your thoughts. I'll >>start off with, uh, speak on on behalf of the government today. I would just say that as policy goes, we need to definitely make sure that we're looking towards the future. Ah, lot of our policy was established in the past under different conditions, and, uh, and if there's anything that you cannot say today is that space is the same as it was even 10 years ago. So the so It's really important that our policy evolves and recognizes that that technology is going to enable not just a new ways of doing things, but also force us to maybe change or or get rid of obsolete policies that will inhibit our ability to innovate and grow and maintain peace with with a rapid, evolving threat. The for the for the audience today, Uh, you know, you want some job assurance, cybersecurity and space it's gonna be It's gonna be an unbelievable, uh, next, uh, few decades and I couldn't think of a more exciting for people to get into because, you know, spaces Ah, harsh environment. We're gonna have a hard time just dud being able differentiate, you know, anomalies that occur just because of the environment versus something that's being hacked. And so JPL has been doing this for years on they have Cem Cem great approaches, but but this is this is gonna be important if you put humans on the moon and you're going to sustain them there. Those life support systems are gonna be using, you know, state of the art computer technology, and which means, is also vulnerable. And so eso the consequences of us not being prepared? Uh, not just from our national security standpoint, but from our space exploration and our commercial, uh, economic growth in space over the long term all gonna be hinged on this cyber security environment. >>Clint, your thoughts on this too ill to get. >>Yeah. So I certainly agree with Bucky. But you said something a moment ago that Bucky was talking about as well. But that's the idea that you know in space, you can't just reach out and touch the satellite and do maintenance on the satellite the way you can't a car or a tank or a plane or a ship or something like that. And that is true. However, right, comma, I want to point out. You know, the satellite servicing industry is starting to develop where they're looking at robotic techniques in Cape abilities to go up in services satellite on orbit. And that's very promising off course. You got to think through the security policy that goes with that, of course. But the other thing that's really exciting is with artificial intelligence and machine learning and edge computing and database analytics and all those things that right on the cloud. You may not even need to send a robotic vehicle to a satellite, right? If you can upload and download software defined, fill in the blank right, maybe even fundamentally changing the mission package or the persona, if you will, of the satellite or the spacecraft. And that's really exciting to, ah, lot >>of >>security policy that you've gotta work through. But again, the cloud just opens up so many opportunities to continue to push the boundaries. You know, on the AWS team, the aerospace and satellite team, which is, you know, the new team that I'm leading. Now our motto is to the stars through the cloud. And there are just so many exciting opportunities right for for all those capabilities that I just mentioned to the stars through the cloud >>President, your thoughts on this? >>Yes, eso won >>a >>little bit of time talking about some of the business model implications and some of the challenges that exists there. Um, in my experience, we're still working through a bit of a language barrier of how we define risk management for our space systems. Traditionally traditionally risk management models is it is very clear what poses a risk to a flight mission. Our space mission, our space system. Um, and we're still finding ways to communicate cyber risk in the same terms that are system engineers are space engineers have traditionally understood. Um, this is a bit of a qualitative versus quantitative, a language barrier. But however adopting a risk management model that includes cybersecurity, a za way to express wish risk to miss the success, I think I think it would be a very good thing is something that that we have been focused on the J. P o as we Aziz, we look at the 34 years beyond. How do >>we >>risk that gap and not only skills but communication of cyber risk and the way that our space engineers and our project engineers and a space system managers understand >>Clinton, like Thio talk about space Force because this is the most popular new thing. It's only a couple of nine months in roughly not even a year, uh, already changing involving based on some of the reporting we've done even here at this symposium and on the Internet. Um, you know, when I was growing up, you know, I wasn't there when JFK said, you know, we're gonna get to the moon. I was born in the sixties, so, you know, when I was graduating my degree, you know, Draper Labs, Lincoln Lab, JPL, their pipeline and people wasn't like a surge of job openings. Um, so this kind of this new space new space race, you know, Kennedy also said that Torch has been passed to a new generation of Americans. So in a way that's happening right now with space force. A new generation is here is a digital generation. It's multi disciplinary generation. Could you take a minute and share, uh, for for our audience? And here at this symposium, um, the mission of Space Force and where you see it going because this truly is different. And I think anyone who's young e I mean, you know, if this was happening when I was in college would be like dropping everything. I'm in there, I think, cause there's so many areas thio jump into, um, it's >>intellectually challenging. >>It's intoxicating in some level. So can you share your thoughts? >>Yeah. Happy to do that. Of course. I I need to remind everybody that as a week ago I'm formally retired. So I'm not an official spokesman for US forces. But with that, you know, it said I did spend the last 18 months planning for it, designing and standing it up. And I'll tell you what's really exciting is you know, the commander of, uh, US Base Force General J. Raymond, who's the right leader at the right time. No question in my >>mind. But >>he said, I want to stand up the Space Force as the first fully digital service in the United States. Right? So he is trying >>to bake >>cloud baked cybersecurity, baked digital transformational processes and everything we did. And that was a guidance he gave us every day, every day. When we rolled in. He said, Remember, guys, I don't wanna be the same. I don't wanna be stale. I want new thinking, new capabilities and I want it all to be digital on. That's one of the reasons When we brought the first wave of people into the space force, we brought in space operations, right. People like me that flew satellites and launch rockets, we brought in cyber space experts, and we brought in intelligence experts. Those were the first three waves of people because of that, you know, perfect synergy between space and cyber and intel all wrapped in >>it. >>And so that was really, really smart. The other thing I'll say just about, you know, Kennedy's work. We're going to get to the moon. So here we are. Now we're going back to the Moon Project Artemus that NASA is working next man first woman on the moon by 2024 is the plan and >>then >>with designs to put a permanent presence on the moon and then lean off to march. So there was a lot to get excited about. I will tell you, as we were taking applications and looking at rounding out filling out the village in the U. S. Space Force, we were overwhelmed with the number of people that wanted, and that was a really, really good things. So they're off to a good start, and they're just gonna accomplishment major things. I know for sure. >>Preston, your thoughts on this new generation people out there were like I could get into this. This is a path. What's your what's your opinion on this? And what's your >>E could, uh, you so bold as to say >>that >>I feel like I'm a part of that new generation eso I grew up very much into space. Uh, looking at, um, listen to my, uh, folks I looked up to like Carl Sagan. Like like Neil Tyson. DeGrasse on did really feeling affinity for what What this country has done is for is a space program are focused on space exploration on bond. Through that, I got into our security, as it means from the military. And I just because I feel so fortunate that I could merge both of those worlds because of because of the generational, um, tailoring that we do thio promote space exploration and also the advent of cybersecurity expertise that is needed in this country. I feel like that. We are We are seeing a conversions of this too. I see a lot of young people really getting into space exploration. I see a lot of young people as well. Um uh, gravitating toward cybersecurity as a as a course of study. And to see those two worlds colliding and converse is something that's very near and dear to me. And again, I I feel like I'm a byproduct of that conversion, which is which, Really, Bothwell for space security in the future, >>we'll your great leader and inspiration. Certainly. Senior person as well. Congratulations, Steve. You know, young people motivational. I mean, get going. Get off the sidelines. Jump in Water is fine, Right? Come on in. What's your view on motivating the young workforce out there and anyone thinking about applying their skills on bringing something to the table? >>Well, look at the options today. You have civil space President represents you have military space. Uh, you have commercial space on and even, you know, in academia, the research, the potential as a as an aspiring cyber professional. All of you should be thinking about when we when we When? When we first invented the orbit, which eventually became the Internet, Uh, on Lee, we were, uh if all we had the insight to think Well, geez, you know whether the security implications 2030 years from now of this thing scaling on growing and I think was really good about today's era. Especially as Clint said, because we were building this space infrastructure with a cyber professionals at ground zero on dso the So the opportunity there is to look out into the future and say we're not just trying to secure independent her systems today and assure the free for all of of information for commerce. You know, the GPS signal, Uh, is Justus much in need of protection as anything else tied to our economy, But the would have fantastic mission. And you could do that. Uh, here on the ground. You could do it, uh, at a great companies like Amazon Web services. But you can also one of these states. Perhaps we go and be part of that contingency that goes and does the, uh, the se's oh job that that president has on the moon or on Mars and, uh, space will space will get boring within a generation or two because they'll just be seen as one continuum of everything we have here on Earth. And, uh, and that would be after our time. But in the meantime, is a very exciting place to be. And I know if I was in in my twenties, I wanna be, uh, jumping in with both feet into it. >>Yeah, great stuff. I mean, I think space is gonna be around for a long long time. It's super exciting and cybersecurity making it secure. And there's so many areas defeating on. Gentlemen, thank you very much for your awesome insight. Great panel. Um, great inspiration. Every one of you guys. Thank you very much for for sharing for the space and cybersecurity symposium. Appreciate it. Thank you very much. >>Thanks, John. Thank you. Thank you. Okay, >>I'm >>John for your host for the Space and Cybersecurity Symposium. Thanks for watching.

from around the globe it's thecube covering space and cyber security symposium 2020 hosted by cal poly hello everyone welcome to the space and cyber security symposium 2020 hosted by cal poly where the intersection of space and security are coming together i'm john furrier your host with thecube here in california i want to welcome our featured guest lieutenant general john f thompson with the united states space force approach to cyber security that's the topic of this session and of course he's the commander of the space and missile system center in los angeles air force base also heading up space force general thank you for coming on really appreciate you kicking this off welcome to the symposium hey so uh thank you very much john for that very kind introduction also uh very much thank you to cal poly uh for this opportunity to speak to this audience today also a special shout out to one of the organizers uh dustin brun for all of his work uh helping uh get us uh to this point uh ladies and gentlemen as uh as uh john mentioned uh i'm jt thompson uh i lead the 6 000 men and women of the united states space forces space and missile system center which is headquartered here at los angeles air force base in el segundo if you're not quite sure where that's at it's about a mile and a half from lax this is our main operating location but we do have a number of other operating locations around the country with about 500 people at kirtland air force base in albuquerque new mexico uh and about another 500 people on the front range of the rockies uh between colorado springs and uh and denver plus a smattering of other much smaller operating locations nationwide uh we're responsible for uh acquiring developing and sustaining the united states space force's critical space assets that includes the satellites in the space layer and also on the ground layer our ground segments to operate those satellites and we also are in charge of procuring launch services for the u.s space force and a number of our critical mission partners across the uh department of defense and the intelligence community um just as a couple of examples of some of the things we do if you're unfamiliar with our work we developed and currently sustained the 31 satellite gps constellation that satellite constellation while originally intended to help with global navigation those gps signals have provided trillions of dollars in unanticipated value to the global economy uh over the past three decades i mean gps is everywhere i think everybody realizes that agriculture banking the stock market the airline industry uh separate and distinct navigation systems it's really pervasive across both the capabilities for our department of defense and capabilities for our economy and and individuals billions of individuals across our country and the planet some of the other work we do for instance in the communications sector uh secure communications satellites that we design and build that link america's sons and daughters serving in the military around the world and really enable real-time support and comms for our deployed forces and those of our allies we also acquire uh infrared missile warning satellites uh that monitor the planet for missile launches and provide advanced warning uh to the u.s homeland and to our allies uh in case some of those missile launches are uh nefarious um on a note that's probably a lot closer to home maybe a lot closer to home than many of us want to think about here in the state of california in 2018 smc jumped through a bunch of red tape and bureaucracy uh to partner with the u.s forest service during the two of the largest wildfires in the state's history the camp and woolsey fires in northern california as those fires spread out of control we created processes on the fly to share data from our missile warning satellites those are satellites that are systems that are purpose built to see heat sources from thousands of miles above the planet and we collaborated with the us forest service so that firefighters on the ground uh could track those fires more in real time and better forecast fires and where they were spreading thereby saving lives and and property by identifying hot spots and flare-ups for firefighters that data that we were able to working with our contractors pass to the u.s forest service and authorities here in california was passed in less than an hour as it was collected to get it into the hands of the emergency responders the first responders as quickly as possible and doing that in an hour greatly surpassed what was available from some of the other assets in the airborne and ground-based fire spotters it was really instrumental in fighting those fires and stopping their spread we've continued uh that involvement in recent years using multiple systems to support firefighters across the western u.s this fall as they battled numerous wildfires that unfortunately continue working together with the u.s forest service and with other partners uh we like to make uh we like to think that we made a difference here but there's still a lot more work to go and i think that we should always be asking ourselves uh what else can space data be used for and how can we more rapidly get that space data to uh stakeholders so that they can use it for for purposes of good if you will how else can we protect our nation how else can we protect our friends and allies um i think a major component of the of the discussion that we will have throughout this conference is that the space landscape has changed rapidly and continues to change rapidly um just over the past few years uh john and i were talking before we went live here and 80 nations now have uh space programs 80 nearly 80 space faring nations on the planet um if you just look at one mission area that uh the department of defense is interested in and that's small launch there are currently over a hundred different small launch companies uh within the u.s industrial base vying for commercial dod and civil uh payload capabilities uh mostly to low earth orbit it's it's just truly a remarkable time if you factor in those things like artificial intelligence and machine learning um where we're revolutionary revolutionizing really uh the ways that we generate process and use data i mean it's really remarkable in 2016 so if you think about this four years ago uh nasa estimated that there were 28 terabytes of information transiting their space network each day and that was four years ago um uh obviously we've got a lot of desire to work with a lot of the people in the audience of this congress or in this conference uh we need to work with big thinkers like many of you to answer questions on how best we apply data analytics to extract value and meaning from that data we need new generations of thinkers to help apply cutting edge edge theories of data mining cyber behaviorism and internet of things 2.0 it's just truly a remarkable time uh to be in the space business and the cyber aspects of the states of the space business are truly truly daunting and important to uh to all of us um integrating cyber security into our space systems both commercial and government is a mandate um it's no longer just a nice to have as the us space force and department of the air force leadership has said many times over the past couple of years space is becoming congested and contested and that contested aspect means that we've got to focus on cyber security uh in the same way that the banking industry and cyber commerce focus on uh cyber security day in and day out the value of the data and services provided is really directly tied to the integrity and availability of that data and services from the space layer from the ground control segments associated with it and this value is not just military it's also economic and it's not just american it's also a value for the entire world particularly particularly our allies as we all depend upon space and space systems your neighbors and friends here in california that are employed at the space and missile system center uh work with network defenders we work with our commercial contractors and our systems developers um our international allies and partners to try and build as secure and resilient systems as we can from the ground up that keep the global commons of space free and open for exploration and for commerce um as john and i were talking earlier before we came online there's an aspect of cyber security for space systems especially for some of our legacy systems that's more how do we bolt this on because we fielded those space systems a number of years ago and the the challenges of cyber security in the space domain have grown so we have a part that we have to worry about bolting it on but then we have to worry about building it in as we as we field new systems and build in a flexibility that that realizes that the cyber threat or the cyber security landscape will evolve over time it's not just going to be stagnant there will always be new vulnerabilities and new threat vectors that we always have to look at look uh as secretary barrett who is our secretary of the air force likes to say most americans use space before they have their first cup of coffee in the morning the american way of life really depends on space and as part of the united states space force we work with defense leaders our congress joint and international military teammates and industry to ensure american leadership in space i really thank you for this opportunity to address the audience today john and thanks so much to cal poly for letting me be one of the speakers at this event i really look forward to this for uh several months and so with that i look forward to your questions as we kind of move along here general thank you very much for the awesome uh introductory statement uh for the folks watching on the stream brigadier general carthan is going to be in the chat answering any questions feel free to chat away he's the vice commander of space and missile systems center he'll be available um a couple comments from your keynote before i get to my questions because it just jumped in my head you mentioned the benefits of say space but the fires in california we're living that here that's really real time that's a benefit you also mentioned the ability for more people launching payloads into space and i only imagine moore's law smaller faster cheaper applies to rockets too so i'm imagining you have the benefits of space and you have now more potential objects flying out sanctioned and maybe unsanctioned so you know is it going to be more rules around that i mean this is an interesting question because it's exciting space force but for all the good there is potentially bad out there yeah so i i john i think the uh i think the basics of your question is as space becomes more congested and contested is there a need for more international norms of how satellites fly in space what kind of basic features satellites have to perhaps deorbit themselves what kind of basic protections does do all satellites should all satellites be afforded as part of a peaceful global commons of space i think those are all fantastic questions and i know that u.s and many uh allied policy makers are looking very very hard at those kinds of questions in terms of what are the norms of behavior and how we uh you know how how we field and field is the military term but you know how we uh populate uh using civil or uh commercial terms uh that space layer at different altitudes uh low earth orbit mid mid-earth orbit geosynchronous earth orbit different kinds of orbits uh what the kind of mission areas we accomplish from space that's all things that need to be definitely taken into account as uh as the place gets a little bit not a little bit as the place gets increasingly more popular day in and day out well i'm super excited for space force i know that a new generation of young folks are really interested in it's an emerging changing great space the focus here at this conference is space and cyber security intersection i'd like to get your thoughts on the approach that space force is taking to cyber security and how it impacts our national goals here in the united states yeah yeah so that's a that's a great question john let me let me talk about in two uh two basic ways but number one is and and i know um some people in the audience this might make them a little bit uncomfortable but i have to talk about the threat right um and then relative to that threat i really have to talk about the importance of uh of cyber and specifically cyber security as it relates to that threat um the threats that we face um really represent a new era of warfare and that new era of warfare involves both space and cyber uh we've seen a lot of action in recent months uh from certain countries notably china and russia uh that have threatened what i referred to earlier as the peaceful global commons of space for example uh it through many unclassified sources and media sources everybody should understand that um uh the russians have been testing on orbit uh anti-satellite capabilities it's been very clear if you were following just the week before last the department of defense released its uh 2020 military and security developments involving the people's republic of china um uh and uh it was very clear that china is developing asats electronic jammers directed energy weapons and most relevant to today's discussion offensive cyber uh capabilities there are kinetic threats uh that are very very easy to see but a cyber attack against a critical uh command and control site or against a particular spacecraft could be just as devastating to the system and our war fighters in the case of gps and important to note that that gps system also impacts many civilians who are dependent upon those systems from a first response perspective and emergency services a cyber attack against a ground control site could cause operators to lose control of a spacecraft or an attacker could feed spoofed data to a system to mislead operators so that they send emergency services personnel to the to the wrong address right attacks on spacecraft on orbit whether directly via a network of intrusion or enabled through malware introduced during the systems production uh while we're building the satellite can [ __ ] or corrupt the data denial of service type attacks on our global networks obviously would disrupt our data flow and interfere with ongoing operations and satellite control i mean if gps went down i you know i hesitate to say it this way because we might elicit some screams from the audience but if gps went down a starbucks wouldn't be able to handle your mobile order uber drivers wouldn't be able to find you and domino's certainly certainly wouldn't be able to get there in 30 minutes or less right so with a little bit of tongue-in-cheek there from a military operations perspective it's dead serious um uh we have become accustomed in the commercial world to threats like lance ransomware and malware and those things have unfortunately become commonplace in commercial terrestrial networks and computer systems however what we're seeing is that our adversaries with the increased competition in space these same techniques are being retooled if you will to use against our national security space systems uh day in and day out um as i said during my opening remarks on the importance of cyber the value of these systems is directly tied to their integrity if commanders in the field uh firefighters in california or baristas in in starbucks can't trust the data they see they're receiving then that really harms their decision-making capabilities one of the big trends we've recently seen is the mood move towards proliferated leo uh uh constellations obviously uh spacex's uh starlink uh on the commercial side and on the military side the work that darpa and my organization smc are doing on blackjack and casino as well as some space transport layer constellation work that the space development agency is designing are all really really important types of mesh network systems that will revolutionize how we plan and field warfighting systems and commercial communications and internet providing systems but they're also heavily reliant on cyber security uh we've got to make sure that they are secured to avoid an accident or international damage uh loss of control of these constellations really could be catastrophic from both a mission perspective or from uh you know satellites tumbling out of low earth orbit perspective another trend is introductions in artificial intelligence and machine learning on board spacecraft or at the edge our satellites are really not so much hardware systems with a little software anymore in the commercial sector and in the defense sector they're basically flying boxes full of software right and we need to ensure the data that we're getting out of those flying boxes full of software are helping us base our decisions on accurate data and algorithms govern governing the right actions and that those uh that those systems are impervious to the extent possible uh to nefarious uh modifications so in summation a cyber security is vital element of everything in our national security space goals and i would argue for our national uh goals uh writ large including uh economic and information uh uh dimensions uh the space force leadership at all levels uh from uh some of the brand new second lieutenants that general raymond uh swore into the space force this morning uh ceremonially from the uh air force association's air space and cyberspace conference uh to the various highest levels general raymond uh general d t thompson myself and a number of other senior leaders in this enterprise we've got to make sure that we're all working together to keep cyber security at the forefront of our space systems because it they absolutely depend on it you know you mentioned uh hardware software threats opportunities challenges i want to ask you because you you got me thinking of the minute there around infrastructure i mean we've heard critical infrastructure you know grids here on on earth you're talking about critical infrastructure a redefinition of what critical infrastructure is an extension of what we have so i'd love to get your thoughts about space force's view of that critical infrastructure vis-a-vis the threat vectors because you know the term threat vectors has been kicked around in the cyber space oh yeah threat vectors they're always increasing the surface area well if the surface area is from space it's an unlimited surface area so you got different vectors so you got new critical infrastructure developing real time really fast and you got an expanded threat vector landscape putting that in perspective for the folks that aren't really inside the ropes on these critical issues how would you explain this and how would you talk about those two things well so i tell you um i just like um uh just like uh i'm sure people in the security side or the cyber security side of the business in the banking industry feel they feel like it's uh all possible threat vectors represent a dramatic and protect potentially existential threat to all of the dollars that they have in the banking system to the financial sector on the department of defense side we've got to have sort of the same mindset um that threat vector from to and through space against critical space systems ground segments the launch enterprise or transportation uh to orbit and the various different uh domains within uh within space itself like i mentioned before uh leo mio and geo-based satellites with different orbits all of the different mission areas that are accomplished from space that i mentioned earlier some that i didn't mention like weather tactical or wide band communications uh various new features of space control all of those are things that we have to worry about from a cyber security uh threat perspective and it's a it's a daunting challenge right now right yeah it's awesome and one of the things we've been following on the hardware side here in the on the ground is the supply chain we've seen you know malware being you know really put into really obscure hardware who manufactures it as being outsourced obviously government has restrictions but with the private sector uh you mentioned china and and the us kind of working together across these these peaceful areas but you got to look at the supply chain how does the supply chain the security aspect impact the mission of the u.s space force yeah yeah so so um how about another um just in terms of an example another kind of california-based historical example right um the very first u.s satellite uh explorer one was built by uh the jet propulsion uh laboratory folks uh not far from here in el segundo up in uh up in pasadena um that satellite when it was first built in the late 50s uh weighed a little bit over 30 pounds and i'm sure that each and every part was custom made and definitely made by u.s companies fast forward to today the global supply chain is so tightly coupled and frankly many industries are so specialized almost specialized regionally around the planet we focus every day to guarantee the integrity of every component that we put in our space systems is absolutely critical to the operations of those satellites and we're dependent upon them but it becomes more difficult and more difficult to understand the the heritage if you will of some of the parts that are used the thousands of parts that are used in some of our satellites that are literally school bus sized right the space industry especially uh national security space sector um uh is relatively small compared to other commercial industries and we're moving to towards using more and more parts uh from non-us companies uh cyber security and cyber awareness have to be baked in from the beginning if we're going to be using parts that maybe we don't necessarily um understand 100 percent like an explorer one uh the the lineage of that particular part the environmental difficulties in space are well known the radiation environment the temperature extremes the vacuum those require specialized component and the us military is not the only uh customer in that space in fact we're definitely not the dominant customer uh in space anymore all those factors require us along with our other government partners and many different commercial space organizations to keep a very close eye on our supply chains from a quality perspective a security perspective and availability um there's open source reporting on supply training intrusions from um many different breaches of commercial retailers to the infectious spread of uh you know compromised patches if you will and our adversaries are aware of these techniques as i mentioned earlier with other forms of attack considering our supply chains and development networks really becomes fair game for our adversaries so we have to uh take that threat seriously um between the government and industry sectors here in the u.s we're also working with our industry partners to enact stronger defenses and assess our own vulnerabilities last fall we completed an extensive review of all of our major contracts here at space and missile system center to determine the levels of cyber security requirements we've implemented across our portfolio and it sounds really kind of you know businessy geeky if you will you know hey we looked at our contracts to make sure that we had the right clauses in our contracts to address cyber security as dynamically as we possibly could and so we found ourselves having to add new language to our contracts to require system developers to implement some more advanced uh protective measures in this evolving cyber security environment so that data handling and supply chain perspective uh protections um from contract inception to launch and operations were taken into account uh cyber security really is a key performance parameter for us now it's as important as the the mission performance of the system it's as important as cost it's as important as schedule because if we deliver the perfect system on time and on cost uh it can perform that missile warning or that communications mis mission perfectly but it's not cyber secure if it doesn't have cyber protections built into it or the ability to implement mitigations against cyber uh threats then we've essentially fielded a shoe box in space that doesn't do the k the the war fighter or the nation uh any good um supply chain risk management is a is a major challenge for us uh we're doing a lot to coordinate with our industry partners uh we're all facing it head on uh to try and build secure and trusted components uh that keep our confidence as leaders firefighters and baristas uh as the case may be uh but it is a challenge and we're trying to rise to that challenge you know this so exciting this new area because it really touches everything you know talk about geeking out on on the tech the hardware the systems but also you put your kind of mba hat on you go what's the roi of the extra development and how you how things get built because the always the exciting thing for space geeks is like you're building cool stuff people love it's it's exciting but you still have to build and cyber security has proven that security has to be baked in from the beginning and be thought as a system architecture so you're still building things which means you've got to acquire things you got to acquire parts you got to acquire build software and and sustain it how is security impacting the acquisition and the sustainment of these systems for space yeah from initial development uh through planning for the acquisition design development fielding or production fielding and sustainment it impacts all aspects of of the life cycle john uh we simply especially from the concept of baking in cyber security uh we can't wait until something is built and then try and figure out how to make it cyber secure so we've moved way further uh towards working side by side with our system developers to strengthen cyber security from the very beginning of a system's development cyber security and the resilience associated with it really have to be treated as a key system attribute as i mentioned earlier equivalent with data rates or other metrics of performance we like to talk in uh in the space world about uh mission assurance and mission assurance has always you know sort of taken us as we as we technically geek out right mission assurance has always taken us to the will this system work in space right can it work in a vacuum can it work in you know as it as it uh you know transfers through uh the van allen radiation belt or through the the um the southern hemisphere's electromagnetic anomaly right will it work out in space and now from a resiliency perspective yeah it has to work in space it's got to be functional in space but it's also got to be resistant to these cyber security threats it's it's not just i think uh general dt thompson quoted this term it's not just widget assurance anymore it's mission assurance um uh how does that satellite uh operator that ground control segment operate while under attack so let me break your question a little bit uh just for purposes of discussion into into really two parts uh cyber uh for cyber security for systems that are new and cyber security uh for systems that are in sustainment or kind of old and legacy um obviously there's cyber vulnerabilities that threaten both and we really have to employ different strategies for for defense of of each one for new systems uh we're desperately trying to implement across the department of defense in particular in the space world a kind of a devsecops methodology and practice to delivering software faster and with greater security for our space systems here at smc we have a program called enterprise ground services which is a tool kit basically a collection of tools for common command and control of different satellite systems egs as we call it has an integrated suite for defensive cyber capabilities network operators can use these tools to gain unprecedented insight to data flows and to monitor space network traffic for anomalies or other potential indicators of of bad behavior malicious behavior if you will um uh it's rudimentary at this point but because we're using devsecops and that incremental development approach as we scale it it just becomes more and more capable you know every every product increment that we field here at uh at uh la air force base uh uh we have the united space space forces west coast software factory which we've dubbed kobayashi maru they're using those agile devops uh software development practices uh to deliver uh space awareness software uh to the combined space operations center uh affectionately called the csp that c-spock is just down the road uh from cal poly uh there in san luis obispo at vandenberg air force base they've securely linked the c-spock with other space operation centers around the planet our allies australia canada and the uk uh we're partnering with all of them to enable secure and enhanced combined space operations so lots of new stuff going on as we bake in new development uh capabilities for our our space systems but as i mentioned earlier we've got large constellations on satellite of satellites on orbit right now some of them are well in excess of a decade or more old on orbit and so the design aspects of those satellites are several decades old and so but we still have to worry about them because they're critical to our space capabilities um we've been working with an air force materiel command organization uh called crows which stands for the cyber resiliency office for uh weapon systems to assess all of those legacy platforms from a cyber security perspective and develop defensive strategies and potential hardware and software upgrades to those systems to better enable them to to live through this increasingly cyber security uh concerned era that we currently live in our industry partners have been critical to to both of those different avenues both new systems and legacy systems we're working closely with them to defend and upgrade uh national assets and develop the capabilities to do similar with uh with new national assets coming online the vulnerabilities of our space systems really kind of threaten the way we've done business in the past both militarily and in the case of gps economically the impacts of that cyber security risk are clear in our acquisition and sustainment processes but i've got to tell you it that as the threat vectors change as the vulnerabilities change we've got to be nimble enough agile enough to be able to bounce back and forth we can't just say uh many people in the audience are probably familiar with the rmf or the risk management framework approach to um to reviewing uh the cyber security of a system we can't have program managers and engineers just accomplish an rmf on a system and then hey high five we're all good uh it's a journey not a destination that's cyber security and it's a constant battle rhythm throughout a weapon systems life cycle not just a single event i want to get to this commercial business needs and your needs on the next question but before i go there you mentioned the agile and i see that clearly because when you have accelerated innovation cycles you've got to be faster and we saw this in the computer industry mainframes mini computers and then when you started getting beyond me when the internet hit and pcs came out you saw the big enterprises the banks and and government start to work with startups it used to be a joke in the entrepreneurial circles is that you know there's no way if you're a startup you're ever going to get a contract with a big business enterprise now that used to be for public sector and certainly uh for you guys so as you see startups out there and there's acquisition involved i'm sure would love to love to have a contract with space force there's an roi calculation where if it's in space and you have a sustainment view edit software you might have a new kind of business model that could be attractive to startups could you share your thoughts on the folks who want to be a supplier to you uh whether they're a startup or an existing business that wants to be agile but they might not be that big company we are john that's a fantastic question we are desperately trying to reach out to to those new space advocates to those startups to those um what we sometimes refer to within the department of defense those non-traditional uh defense contractors a couple of things just for uh thinking purposes on some of the things that we're trying to highlight um uh three years ago we created here at uh space and missile system center uh the space enterprise consortium uh to provide a platform uh a contractual vehicle really to enable us to rapidly prototype uh development of space systems and to collaborate uh between the u.s space force uh traditional defense contractors non-traditional vendors like startups and even some academic institutions uh spec as we call it space enterprise consortium uses a specialized contracting tool to get contracts uh awarded quickly many in the audience may be familiar with other transaction agreements and that's what spec is based on and so far in just three years spec has awarded 75 different uh prototyping contracts worth over 800 million dollars with a 36 reduction in time to award and because it's a consortium based competition for um for these kinds of prototyping efforts the barrier to entry for small and non-traditional for startups even for academic institutions to be able to compete for these kinds of prototypings is really lowered right um uh these types of partnerships uh that we've been working through on spec uh have really helped us work with smaller companies who might not have the background or expertise in dealing with the government or in working with cyber security uh for their systems both their developmental systems and the systems that they're designing and trying to build we want to provide ways for companies large and small to partner together and support um uh kind of mutually beneficial uh relationships between all um recently uh at the annual air force association uh conference that i mentioned earlier i moderated a panel with several space industry leaders uh all from big traditional defense contractors by the way and they all stressed the importance of building bridges and partnerships uh between major contractors in the defense industry and new entrants uh and that helps us capture the benefits of speed and agility that come with small companies and startups as well as the expertise and specialized skill sets of some of those uh larger contractors uh that we rely on day in and day out advanced cyber security protections and utilization of secure facilities are just a couple of things that i think we could be prioritizing more so in those collaborations as i mentioned earlier the spec has been very successful in awarding a number of different prototyping contracts and large dollar values and it's just going to get better right there's over 400 members of the space enterprise consortium 80 of them are non-traditional kinds of vendors and we just love working with them another thing that many people in the audience may be familiar with in terms of our outreach to innovators uh if you will and innovators that include uh cyber security experts is our space pitch day events right so we held our first event last november in san francisco uh where we awarded over a two-day period about 46 million dollars to 30 different companies um that had potentially game-changing ideas these were phase two small business innovative research efforts uh that we awarded with cash on the spot uh we're planning on holding our second space pitch day in the spring of 2021. uh we're planning on doing it right here in los angeles uh covent 19 environment permitting um and we think that these are you know fantastic uh uh venues for identifying and working with high-speed startups startups and small businesses who are interested in uh really truly partnering with the us air force it's a as i said before it's a really exciting time to be a part of this business uh and working with the innovation economy uh is something that the department of defense uh really needs to do in that um the innovation that we used to think was ours you know that 80 percent of the industrial-based innovation that came from the department of defense uh the the script has been flipped there and so now more than 70 percent uh particularly in space innovation uh comes from the commercial sector not from uh not from the defense business itself and so um that's a tsunami of uh investment and a tsunami of uh capability and i need to figure out how to get my surfboard out and ride it you know what i mean yeah i mean it's one of those things where the flip the script has been flipped but it's exciting because it's impacting everything are you talking about systems architecture you're talking about software you're talking about a business model you talk about devsecops from a technical perspective but now you have a business model innovation all the theaters of uh are exploding in innovation technical business personnel this brings up the workforce challenge you've got the cyber needs for the u.s space force there's probably a great roi model for new kinds of software development that could be priced into contracts that's a entrepreneurial innovation you got the the business model theater you've got the personnel how does the industry adopt and change you guys are clearly driving this how does the industry adjust to you yeah so um i think a great way to answer that question is to just talk about the kind of people that we're trying to prioritize in the u.s space force from a from an acquisition perspective and in this particular case from a from a cyber security perspective as i mentioned earlier it's the most exciting time to be in space programs uh really since the days of apollo um uh you know just to put it in terms that you know maybe have an impact with the audience uh from 1957 until today approximately 9 000 satellites uh have been launched from the various space faring countries around the planet uh less than two thousand of those nine thousand are still up on orbit and operational and yet in the new space regime um players like spacex have plans to launch you know 12 000 satellites for some of their constellations alone it really is a remarkable time in terms of innovation and fielding of space capabilities and all of those space capabilities whether they're commercial civil or defense are going to require appropriate cyber security uh protections it's just a really exciting time uh to be working in stuff like this and so uh folks like the folks in this audience who have a passion about space and a passion about cyber security are just the kind of people that we want to work with because we need to make sure our systems are are secure and resilient we need folks that have technical and computing expertise engineering skills to be able to design cybersecure systems that can detect and mitigate attacks uh but we also as you alluded to we need people that have that business and um you know business acumen human networking background so that we can launch the startups and work with the non-traditional businesses uh help to bring them on board help to secure both their data and our data and uh and and make sure our processes and systems are are free as much as possible from uh uh from attack um for preparation for for audience members who are young and maybe thinking about getting into this uh trade space um you gotta be smart on digital networking uh you gotta understand basic internet protocols concepts uh programming languages uh database design uh learn what you can from penetration or vulnerability testing and and uh risk assessment i will tell you this and i don't think he will i know he will not mind me telling you this but you've got to be a lifelong learner and so two years ago i'm at home one evening and i get a phone call on my cell phone and it's my boss the commander of air force space command uh general j raymond who is now currently the chief of space operations and he is on temporary duty flying overseas he lands where he's going and he first thing he does when he lands is he calls me and he goes jt um while i was traveling um i noticed that there were e-books available on the commercial airliner i was traveling on and there was an e-book on something called scrumming and agile devsecops and i read it have you read it um and i said no sir but if you tell me what the title of the book is i will read it and so i got to go to my staff meeting um you know the very next week the next time we had a staff meeting and tell everybody in the stab meeting hey if the four star and the three star can read the book about scrumming then i'm pretty sure all of you around this table and all our lieutenants and our captains our gs13s all of our government employees can get smart on uh the scrumming development process and interestingly as another side i had a telephone call with him last year during the holidays where he was trying to take some leave and i said sir what are you up to today are you are you you know making eggnog for the event tonight or whatever and the chief of space operations told me no i'm trying to teach myself python i'm at lesson two and it's not going so well but i'm i'm gonna figure this out and so that kind of thing if the chief of staff or the you know the the the chief of space operations can prioritize scrumming and python language and innovation in his daily schedule then we're definitely looking for other people who can do that and we'll just say lower levels of rank uh throughout our entire space force enterprise um look i i we don't need to need people that can code a satellite from scratch but we need to know we need to have people that have a basic grasp of the programming basics and cyber security requirements and that can turn those things into into meaningful actions obviously in the space domain things like basic physics and orbital mechanics are also important uh space is not an intuitive uh domain so under understanding how things survive uh on orbit is really critical to making the right design and operational decisions and you know i know there's probably a lot because of this conference i know there's a probably a whole lot of high-speed cyber security experts out in the audience and i need those people in the u.s space force the the country is counting on it but i wouldn't discount having people that are just cyber aware or cyber savvy right i have contracting officers and logisticians and program managers and they don't have to be high-end cyber security experts but they have to be aware enough about it to be able to implement cyber security protections um into our space system so the skill set is is really really broad um our adversaries are pouring billions of dollars into uh define designing uh and fielding offensive and destructive space cyber security weapons right they've repeatedly shown really a blatant disregard of safety and international norms for good behavior on orbit and the cyber security aspects of our space systems is really a key battleground going forward so that we can maintain that as i mentioned before peaceful uh global commons of space we really need all hands on deck if you're interested in helping in uniform if you're interested in helping uh not in uniform uh but as a government employee a commercial or civil employee to help us make cyber security more important uh or more cape more able to be developed for our space systems then we'd really love to uh to work with you or have you on the team to build that safe and secure future for our space systems lieutenant general john thompson great insight thank you for sharing all that awesome stories too and motivation for the young next generation the united states space force approach of cyber security really amazing talk thank you for your time final parting question is as you look out and you had your magic wand what's your view for the next few years in terms of things that we could accomplish it's a super exciting time what do you hope for so um um first of all john thanks to you and and thanks to cal poly uh for the invitation and and thanks to everybody for uh for their interest in cyber security especially as it relates to space systems that's here at the conference um uh there's a quote and i'll read it here uh from uh bernard schriever who was the uh the founder if you will uh a legend in uh dod space the founder of the western development division which was a predecessor organization to space and missile systems center general shrever i think captures the essence of what how we see the next couple of years the world has an ample supply of people who can always come up with a dozen good reasons why new ideas will not work and should not be tried but the people who produce progress are breed apart they have the imagination the courage and the persistence to find solutions and so i think if you're hoping that the next few years of space innovation and cyber security innovation are going to be a pony ride at the county fair then perhaps you should look for another line of work because i think the next few years in space and cyber security innovation are going to be more like a rodeo um and a very dynamic rodeo as it goes it is a an awesome privilege to be part of this ecosystem it's really an honor for me to um to be able to play some small role uh in the space ecosystem and trying to improve it uh while i'm trying to improve the chances of uh of the united states of america in a uh in a space war fighting uh uh environment um and so i thank all of you for uh participating today and for this little bit of time that you've allowed me to share with you thank you sir thank you for your leadership and thank you for the for the time for this awesome event space and cyber security symposium 2020 i'm john furrier on behalf of cal poly thanks for watching [Music]

>>From around the globe. It's the queue cover >>Space and cyber security >>Symposium 2020 hosted by Cal poly. >>Hello and welcome to the space and cybersecurity symposium 2020 hosted by Cal poly and the cube I'm chilling for a, your host. We have a great session here. Space, cyber security, the department of defense perspective. We have bond Google hall, director of C four ISR directorate office of the undersecretary of defense for acquisition and sustainment for the DOD and Chris Henson, technical director space and weapons, cybersecurity solutions for the national security agency. Gentlemen, thank you for taking the time for this awesome session. Thank you, John. Thank you. So we're gonna talk about the perspective of the DOD relative to space cybersecurity, a lot, going on congestion, contention, freedom, evolution innovation. So Paul, I'd like to have you start with your opening statement on how you see the space cybersecurity perspective, Don, thanks for the intro. Really appreciate it. First, let me give my thanks to Cal poly for a convening, the space and cybersecurity symposium this year, you know, and despite the pandemic, the organization and the content delivery spreading impressive, I really foot stomping. >>What can possibly be done with a number of these virtual platforms? This has been awesome. Thanks for the opportunity. I also want to recognize my colleague, Chris Nissen from NSA was actually assigned to our staff that LSD, but he brings both policy and technical perspective in this whole area. So I think you'll, you'll find his commentary, uh, and positions on things very refreshing or for today's seminar. Now space cyber security is a pretty interesting terminology for us all. Uh, cyber security means protecting against cyber threats and it's really more than just computers here on earth, right? Uh, space is the newest war fighting domain, and cybersecurity's perhaps even more of a challenge in this domain that and others. Uh, I'm sure it'll turn journal Thompson and major journals Shaw discuss the criticality of this new dorm space force. It's the newest military service in the earlier sessions and they're at the risk of repeating what they already addressed. >>Let me start by talking about what space means to DOD and what we're doing directly from my vantage point as part of the acquisition and sustainment arm of the Pentagon. Uh, what I want to share with you today is how the current space strategy ties into the national defense strategy and supports the department's operational objectives. As the director of CFRI SAR. I have come to understand how the integration of CFRI Sarcic. Billy is a powerful asset to enhance the lethality of the joint war fighter. Secretary Lord, our boss, the sec, the undersecretary for acquisition and sustainment is diligent in her pursuit to adapt and modernize acquisition processes, to influence the strategy and to focus our efforts domain are to make our objectives a reality. I think first and foremost, we are building a more lethal force. This joint force will project low Valley and custom contested environments and across all domains through an operationally integrated and resiliency for ISR infrastructure. >>We are also called debating our alliances, deepening interoperability, which is very important in a future fight and collab, collaboratively planning with those partner with us in the fight most significantly for our work in acquisition and sustainment, we continue to optimize the department for greater performance and affordability through reform of the acquisition process. Now space is our newest war fighting domain. And while it is indeed unique, it shares many common traits with the others land, air and sea all are important to the defense of the U S in conflict. No doubt about this. They will be contested and they must be defended. One domain will not win future conflicts in a joint operation in a future fight in the future conflict. They must all succeed. I see three areas being key to a DOD strategic success in space, one, developing our whole of government approach in close partnership with the private sector and our allies to prioritizing our investments in resiliency, innovation, and adaptive operations, and third responding rapidly and effectively to leverage emerging technologies and seize opportunities to advance your strengths, partnerships and alliances. >>Let me emphasize that space is increasingly congested and tested and demanded as essential delete Valley operational effectiveness and the security of our nation. Now the commercialization of space offers a broad set of investments in satellite technology, potential opportunities to leverage those investments and pathways to develop cost efficient space architecture, where the department and the nation. It's funny, there's a new race, a race for space. If you will, between commercial companies buying for dominance of space. Now the joint staff within DOD is currently building an operational construct to employ and engage as a unified force, coordinated across all domains. We call it the joint, all domain command and control. It is the framework that is under development to allow us to conduct integrated operations in the future. The objective of Jesse too is to provide the war fighter access to the decision making information while providing mission assurance of the information and resilience of the underlying terrestrial air in space networks that support them operationally. >>six to maintain seamless integration, adaptation, and employment of our capability. To sense signal connect, transmit, process control, direct, and deliver lethal capabilities against the enemy. We gain a strategic advantage through the integration of these capabilities across all the domains, by providing balance bowel space, awareness, horse protection, and weapons controlled and deployment capabilities. Now successfully any ratings, the systems and capabilities will provide our war fighters overwhelming superiority on the battlefield environment, challenged by near peer adversaries, as well as non state actors in space. The character of its employment is changing, driven by increasing demands, not just by DOD, but by the commercial sector as well. You know, more and more, uh, we see greater use of small satellite systems to address a myriad of emerging questions, ubiquitous communications, awareness, sensor diversity, and many more. Uh, as I said before, the commercial world is pioneering high rate production of small satellites in our efforts to deploy hundreds, if not thousands of nodes space X, Darlene constellation is one example. >>Another one is Amazon's Kiper, uh, Kuyper just received FCC approval to deploy like over 3000 of these different notes. While a number of these companies continue to grow. Some have struggled. They some pointed as one web, uh, nevertheless, the appetite remains strong and DOD is taking advantage of these advances to support our missions. We are currently exploring how to better integrate the DOD activities involving small satellites under the small satellite coordinating activity, scholarly call it. We want to ensure collaboration and interoperability to maximize efficiency in acquisition and operation. When we started this activity on over a year and a half ago, we documented over 70 plus separate small, small sat programs within DOD. And now we've developed a very vibrant community of interest surrounding a small satellites. Now, part of the work we have identified nine focus areas for further development. These are common areas to all systems and by continuing to expand on these, our plan is they enable a standard of practice that can be applied across all of the domains. >>This includes lawn services, ground processing distribution, and of course, a topic of interest to the symposium space security and Chris we'll, we'll talk more about that being the Houston expert, uh, in this area. Uh, one challenge that we can definitely start working on today is workforce development. Cybersecurity's unique as it straddles STEM and security and policy, the trade craft is different. And unfortunately I've seen estimates recently, so suggesting a workforce gap in the next several years, much like the STEM fields, uh, during the next session, I am a part of a panel with precedent, Armstrong, Cal poly, and Steve Jake's the founder of the national security space association to address workforce development. But for this panel, I'll look forward to having further dialogue surrounding space, opera security with Chris and John. Thank you, John >>Bob, thank you for that whole thing, Steven. Yes. Workforce gaps. We need the new skill space is here. Thank you very much. Chris Henson, technical director of space and weapons, cybersecurity solutions for the national security agency. Your statement, >>Thank you for having me. Uh, I'm one of several technical leaders in space at the national security agency. And I'm currently on a joint duty assignment at the office of under secretary of defense for acquisition and sustainment. I work under mr. GUMA hot in the C four ISR area, but almost 63 years ago on the 4th of October, 1957, Sputnik was the first artificial satellite launched by the Soviet union in space. History was made in each of you can continue to write future space history in your careers. And just like in 1957, the U S isn't alone in space to include our close partnerships and longterm activities with organizations like the Japanese space agency, the European space agency, and, uh, the Canadian space agency, just to name a few. And when we tackle cybersecurity per space, we have to address, address the idea that the communications command and control, uh, and those mission datas will transverse networks owned and operated by a variety of partners, not only.go.mil.com.edu, et cetera. We need to have all the partners address the cyber effects of those systems because the risk excepted by one is shared by all and sharing cyber best practices, lessons learned, uh, data vulnerabilities, threat data, mitigation, mitigation procedures, all our valuable takeaways, uh, in expanding this space community, improving overall conditions for healthy environment. So thank you for having me, and I appreciate the opportunity to speak to you and your audience. And I look forward to the discussion questions. Thank you. >>Thank you, Chris. Thank you, Bob. Okay. I mean open innovation, the internet, you see plenty of examples. The theme here is partners, commercial government. It's going to take a lot of people and tech companies and technologies to make space work. So we asked my first question, Bonnie, we'll start with you is what do you see as the DOD his role in addressing cybersecurity in space? Uh, it's real, uh, it's a new frontier. Um, it's not going away. It's only going to get more innovative, more open, more contested. It seems like a lot to do there. So what's your role in addressing cyber security in space? >>I think our role is to be the leader in developing and only is it the strategy, but the, uh, the implementation plan is to ensure a full of cybersecurity. If you look at the national cyber cyber strategy, I think publishing 2018 calls for like-minded countries, industry academia, and civil society. Once you mentioned John, the support technology development, uh, digital safety policy advocacy, and research you here today, and those listening are fulfilling their strategy. When you, when you develop, enable use cyber hygiene products, as examples of capabilities, you're pushing the goal to fruition. When you know, what's on your network patron network backup, you're in encrypt your network, you're hardening and preventing cyber attacks. And we in government academia in the case of Cal poly civil networks and in commercial companies, we all benefit from doing that cyber security. Uh, and I think Chris will, we'll, we'll definitely back me up on this more than passwords encryption or pharma. It's truly a mindset and a culture of enabling missions to succeed in assured in a resilient fashion. >>Chris, you're taking reaction to, to the cybersecurity challenge involved here, >>That's it, it's starting really at the highest level of governments. We have, uh, you know, the, the recent security policy directive five that just came out just a couple of days ago, recognize all the factors of cybersecurity that need to come into play. And probably the most important outcome of that as mr said, is the leadership role and that leadership, uh, blends out very well into partnership. So partnership with industry partnership with academia partnership, with, uh, other people that are exploring space. And those partnerships lend itself very naturally to sharing cybersecurity issues, topics as we come up with best practices as we come up with mitigation strategies. And as we come up with vulnerabilities and share that information, the, uh, we're not going to go alone in space, just like we're probably not going to go alone in many other industries or areas, uh, that the DOD has to be, uh, involved in many spectrums of deploying to space. >>And that deployment involves as Mr. Guzman said, encryption authentication, knowing what's on the network, knowing the, the fabric of that network. And if nothing else, this, uh, this, uh, internet of things and work from home environment that we've, uh, partaken of these last few months has even explored and expanded that notion even more dramatically as we have people dial in from all over the different, uh, locations, well space will be that natural node that, uh, natural, uh, next network and mesh involvement that we'll have to protect and explore on not just from a terrestrial involvement, but all segments of it. Th the comm segment, the space vehicle and the ground portion, >>No bond. We talked about this in our other segment, um, around with the president of Cal poly, but the operating models of the space force and the DOD and getting space. It's a software defined world, right? So cybersecurity is a real big issue. Cause you have an operating model that's requiring software to power, these low hanging satellites. That's just an extension to the network. It's distributed computing, know what this is. If you understand what technology we do in space, it's no different, it's just a different environment. So it's software defined that just lends itself well to hacking. I mean, if I'm a hacker I'm going, Hey, why not just take out a satellite and crash it down or make the GPS do something different? I mean, it's definitely an attack vector. This is a big deal. It's not just like getting credentials that are cashed on a server. You gotta really protect, >>Right? Because in one hand it space will carry not only, uh, uh, you know, for local national security information. Uh, but the, uh, I feel like at the economic wellbeing, the financial state of allowed a lot of countries and institutions, you know, more and more John lb, they'll be using space assets to, uh, uh, to make, uh, make, make all that happen. Right. So, and if you look at the, you talk, you mentioned the attack vectors in space, you know, it's not just the computers in the ground, but if you look at the whole life cycle for satellite systems in space, you know, that the, the, the tasking that you need to do that the command, the controlling of the vehicle, the data that comes down in the ground, even when you launch the, the birds, the satellites, you know, they only need to be protected because they're all somewhat vulnerable to, uh, to hacking, uh, to cyber attacks. Especially as we grow into commercialization space, it's going to be a lot more people out there playing in this world. It's going to be a lot more companies out there. And, you know, it's hard to track, uh, uh, you know, the, the potential of, of, of foreign influences as an example, and therefore the potential of being vulnerable in terms of the cyber threat. >>Gentlemen, I like you guys said to move on to this leadership role, you mentioned that you want to be a leader. I get it. The DOD is department of defense. That's a new frontier to defend war time zone. You mentioned war time opportunity potentially, but how do you guys assist that's term hat to getting done? Because there's public and private space operations happening, um, there's security challenge. What does being a leader mean? And how does the DOD department of defense assist driving the public and private? Do you lead from a project standpoint, you lead from a funding standpoint? Is it architectural? I mean, you're talking about now a new end to end architecture. It's not just cloud it's on premise. It's in devices, it's offloaded with new AI technology and Nicks and devices. It's IOT, it's all, this is all new, this is all new. What does it mean for the DOD to be a leader and how do you assist others to get involved? And what does that mean? >>Yeah, I think, uh, the one hand, you know, DOD used to lead, uh, in terms of, uh, uh, being the only source of funding for a lot of, uh, highly developmental efforts. Uh, we're seeing a different story in space. Again, I keep going back to the commercialization of space. We're seeing a lot more players, right? So in many ways >>Ally's commercial companies are actually legally leading the R and D uh, of a lot of different technologies. So we want to take, we certainly want to take advantage of that. So from a leadership standpoint, I think we, we, Lucia can come in, you know, by partnering a lot more with, with the commercial companies, uh, in 2022, the DOD released the defense, uh, uh, space strategy as an example that highlights the threats, the challenges and opportunities the United States has faced by, by sending a example of how we, how we, uh, how we counter, uh, the threats that are out there, not just the DOD, but, but the disability and the commercial sector as well. Our current conditions are strong, but we want to use four lines of effort to meet our challenges and capitalize on our desire state space, uh, lines of effort include building a comprehensive military badges space, integrating space into a national joint and combined operations. Like I mentioned before, shaping that strategic environment and cooperating with allies, partners, and industry and other U S governmental agencies, departments, and agencies to advance the cost of space to take full advantage of what space can provide us, uh, in DOD, uh, and the nation. Chris has a domain. Now, what's your take on all that? >>That's because again, it's going to take more people, >>More diverse, potentially more security >>Halls. What's your view on it? >>Well, let's, let's look at how innovation and new technologies can help us in these areas. So, uh, and, and mentioned it a couple of topics that you hit on already. One of the areas that we can improve on is certainly in the, uh, the architecture, uh, where we look at a zero trust architecture, one of the NIST standards that's come about where it talks about the authentication, uh, the need to know a granular approach, this idea of being able to protect, not just data, but the resources and how people can get access to those, whether they're coming in through an identification, authentication Prudential, or, uh, other aspects of, uh, the, the idea of not just anybody should be able to have access to data or anybody should have access once they're on the inside of the network. So that zero trust architecture is, is one approach where we can show some leadership and guidance. >>Another area is in, uh, a topic that you touched on as well was in the software area. So some innovations are coming on very rapidly and strong in this artificial intelligence and machine learning. So if we can take this AI and ML and apply it to our software development areas, they can parse so much information very quickly. And, uh, you know, this vast array of code that's going into system nowadays, and then that frees up our human, uh, explicit talent and developers that can then look at other areas and not focus on minor bawling to Beverly fix a vulnerability. Uh, they, they can really use their unique skills and talents to come up with a better process, a better way, and let the artificial intelligence and machine learning, find those common problems, those, those unknown, hidden lines of code that, uh, get put into a software alarm Prairie, and then pull down over and over again from system to system. So I think between, uh, an architecture leadership role and employee innovation are two areas that we can show, uh, some benefits and process improvement to this whole system. >>That's a great point, Chris, and you think about just the architectural computer architecture, you know, S you know, network attached storage is an advantage software defined there. You could have flash all flash arrays for storage. You could have multiple cores on a device and this new architecture, offloads things, and it's a whole new way to gain efficiencies. I mean, you got Intel, you got Nvidia, you've got armed all the processors all built in. Um, so there's definitely been commercial best practices and benefits to a new kind of architecture that takes advantage of these new things. It's just, just efficiencies. Um, but this brings up the whole supply chain conversation. I want to get your thoughts on this, because there is talk about predatory investments and access and tactics to gain supply chain access to space systems, your thoughts. >>Yeah. It's a serious threat and not just for, uh, the U S uh, space. So supply chain, if you will, is the supply chain. And I says, you know, writ large, I think, uh, I think it's a, it's a, it's a threat that's, that's real, we're we're seeing today. I just saw an example recently, uh, involving, uh, our, I think our launch services were, there was a, uh, a foreign, uh, threat that was those trying to get into a true through with predatory investments. Uh, so, uh, it is something that we need to, uh, be aware of it it's happening, uh, and is continuing to happen. Uh, it's an easy way to gain access, to, uh, do our IP. Uh, and, uh, so it's something that we, uh, are serious about in terms of, uh, awareness and, and countering >>Chris, your thoughts. I mean, we've see, I mean, I'm an open source guy. I was seen it when I grew up in the industry in the eighties, open source became a revolution, but with that, it enabled new tactics for, um, state sponsored attacks on it that became a domain in of itself. Um, that's well-documented and people talk about that all the time in cyber. Now you have open innovation with hardware, software connected systems. This is going to bring supply chain nightmare. How do you track it all? Who's got what software and what device, where the chip come from, who made it, this is the potential is everywhere. How do you see the, these tactics, whether it's a VC firm from another country or this, that, and the other thing startup. >>Yeah. So when we see, when we see coal companies being purchased by foreign investors, and, you know, we can get blocked out of those, whether it's in the food industry, or if it's in a microchip, then that microchip could be used in a cell phone or a satellite or an automobile. So all of our industries that have these companies that are being purchased, or a large born investment influx into those, you know, that could be suspect. And we, we have to be very careful with those, uh, and, and do the tracking of those, especially when those, uh, some of those parts of mechanisms are coming from off shore. And then going again, going back to, uh, the space policy directive five, it calls out for better supply chain, resource management, the tracking, the knowing the pedigree and the, the quantitative of ability of knowing where those software libraries came from, where the parts came from and the tracking and delivery of that from an end to end system. >>And typically when we have a really large vendor, they can, they can do that really well. But when we have a subcontractor to a subcontractor, to a subcontractor, their resources may not be such that they can do that. Try tracking in mitigation for counterfeits or fraudulent materials going into our systems. So it's a very difficult challenge, and we want to ensure as best we can that as we ingest those parts, as we ingest those software libraries and technologies into the system, that, uh, before we employ them, we have to do some robust testing. And I don't want to say that the last line of defense, but that certainly is a mechanism for finding out, do the systems perform as they stated, uh, on a test bench or a flat set, whatever the case may be before we actually deploy it. And then we're relying on the output or the data that comes from that, that system that may have some corrupt or suspect parts in it. >>Great point, this federal grant, >>The problem with space systems is kind of, you know, is once you, once you launch the bird or the sunlight, uh, your access to it is, is diminished significantly, right? Unless you, you go up there and take it down. Uh, so, you know, kind of to Chris's point, we need to be able to test all the different parts of insurer that is performing as, as described there ass, I spent as specified, uh, with, with good knowledge that it's, uh, it's, uh, it's trustworthy. Uh, and, uh, so we that all on the ground before we, we take it up to launch it. >>It's funny. You want agility, you want speed and you want security, and you want reliability and risk management all aggressive, and it's a technical problem. It says it's a business model problem. I'd love to get real quick. Before we jump into some of the more workforce and gap issues on the personnel side, have you guys should just take a minute to explain quickly what's the federal view. If you had to kind of summarize the federal view of the DOD and the roll with it wants to take, so all the people out there on the commercial side or students out there who are, you know, wanting to jump in, what is the current modern federal view of space cybersecurity. >>Chris, why don't you take that on I'll follow up. Okay. Uh, I don't know that I can give you the federal view, but I can certainly give you the department of defense. That cybersecurity is extremely important. And as our vendors and our suppliers, uh, take on a very, very large and important role, one area that we're looking at improving on is a cyber certification maturity model, where we, where we look at the vendors and how they implement an employee cyber hygiene. So that guidance in and of itself shows the emphasis of cyber security that when we want to write a contract or a vendor, uh, for, for a purchase, that's going to go into a space system. We'd like to know from a third party audit capability, can that vendor, uh, protect and defend to some extent the amount that that part or piece or software system is going to have a cyber protection already built into it from that vendor, from the ground floor up before it even gets put into a larger system. >>So that shows a level of the CMMC process that we've thought about and, uh, started to employ, uh, beginning in 2021 and will be further built on in, in the out years. How, how important the DOD takes that. And other parts of the government are looking at this, in fact, other nations are looking at the CMMC model. So I think it shows a concern in very many areas, uh, not just in the department of defense that they're going to adopt an approach like this. Uh, so it shows the, the pluses and the benefits of a cybersecurity model that, uh, all can build on boggy reaction. Yeah, I'll just, uh, I'll just add to that, John, you, you, you, you asked earlier about, you know, how do we, uh, track, uh, commercial entities or, or people in the space and cyber security domains? Uh, I can tell you that, uh, at least my view of it, you know, space and cyber security are new, it's exciting, it's challenging a lot technical challenges there. So I think in >>Terms of attracting the right people, personnel to work those areas, uh, I think it's, it's not only intellectually challenging, uh, but it's important for, for the dependency that NASA States, uh, and it's important for, for, for economic security, uh, writ large for, for us as well. So I think, uh, in terms of a workforce and trying to get people interested in, in those domains, uh, I hope that they see the same thing we do in terms of, of the challenges and the opportunities it presents itself in the future. >>Awesome. I love your talk on intro track there falling. You mentioned, uh, the three key areas of DOD sec success, developing a government whole government approach to partnership with the private sector. I think that's critical and the allies prioritizing the right investments on resilience, innovation, adaptive operations, and responding to rapidly to effectively emerging technology. So you can be fast, all think are all things. I all, all those things are relevant. So given that, I want to get your thoughts on the defense space strategy in 2020, the DOD released dispense defense space, strategy, highlighting threats, and challenges and opportunities. How would you summarize those threats and those challenges and opportunities? What are the, what are those things that you're watching in the defense space area? Right. >>Well, I think, I think I saw, as I said before, of course, as well, you know, uh, or, or seeing that a space will be highly contested, uh, because it's a critical element in our, in our war fighting construct, uh, Dwayne, a future conflict, I think we need to, to win space as well. So when you, when you look at our near peer adversaries, there's a lot of efforts, uh, in trying to, to, to take that advantage away from the United States. So, so the threat is real, uh, and I think it's going to continue to evolve and grow. Uh, and the more we use space, both commercial and government, I think you're going to see a lot more when these threads some AFAs itself, uh, in, in forms of cyber, cyber attacks, or even kinetic attacks in some cases as needed. Uh, so yeah, so with the, the, the threat is need growing, uh, space is congested, as we talked about, it will continually be contested in the future as well. So we need to have, uh, like we do now in, in, in all the other domains, a way to defend it. And that's what we're working on with India, with the, how do we pilot with tech, our assets in space, and how do we make sure that the data information that traverses through space assets are trust 40, um, and, uh, and, and, and free of any, uh, uh, interference >>Chris, exciting time. I'm your, if you're in technology, um, this is crossing many lines here, tech society will war time, defense, new areas, new tech. I mean, it's security, it's intoxicating at many levels, because if you think about it, it's not one thing. It's not one thing anymore. It spans a broader spectrum, these opportunities. >>Yeah. And I, and I think that expansion is, is a natural outgrowth from, as our microprocessors and chips and technology continue to shrink smaller and smaller. You know, we, we think of our, our cell phones and our handheld devices and tablets, and so on that have just continued to, uh, get embedded in our everyday society, our everyday way of life. And that's a natural extension when we start applying those to space systems. When we think of smallsats and cube sets and the technology that's, uh, can be repurposed into, uh, a small vehicle and the cost has come down so dramatically that, you know, we, we can afford to get a rapid experiments, rapid, um, exploitations and, and different approaches in space and learn from those and repeat them very quickly and very rapidly. And that applies itself very well to an agile development process, dev sec ops, and this notion of spins and cycles and refreshing and re uh, addressing priorities very quickly so that when we do put a new technology up, that the technology is very lean and cutting edge, and hasn't been years and years in the making, but it's, uh, relevant and new, and the, uh, the cybersecurity and the vulnerabilities of that have to be addressed because of, and allow that DevSecOps process to take place so that we can look at those vulnerabilities and get that new technology and those new, new experiments and demonstrations in space and get lessons learned from them over and over again. >>Well, that brings us to the next big topic I want to spend the remainder of our time on that is workforce this next generation. If I wasn't so old, I would quit my job and I would join medially. It's so much, it's a fun, it's exciting. And it's important. And this is what I think is a key point is that cybersecurity in and of itself has got a big gap of shortage of workers, nevermind, adding space to it. So this is, uh, the intersection of space and cybersecurity. There is a workforce opportunity for this next generation, a young person to person re-skilling, this is a big deal. Bong, you have thoughts on this. It's not just STEM, it's everything. >>Yeah. It's everything, you know, uh, the opportunities would have in space it's significant and tremendous. And I think, uh, if I were young, again, as you pointed out, John, uh, you know, I'm, I'm, I'm lucky that I'm in this domain in this world and I started years ago. Uh, but it continues to be exciting, uh, lots of, lots of opportunities, you know, and when you, when you look at, uh, some of the commercial space, uh, systems that are being, being put up, uh, if you look at, I mentioned Starlink before, and, and, uh, Amazon's Kuyper constellation. These guys are talking about couple of thousand satellites in space to provide ubiquitous communications for internet globally and that sort of thing. Uh, and they're not the only ones that are out there producing capability. Uh, we're seeing a lot more commercial imagery products being developed by bike, by companies, both within the U S and, and, uh, foreign foreign elements as well. So I think it's an exciting time to be in space. Certainly lots of opportunities, there's technical challenges, uh, galore in terms of, you know, not only the overcoming the physics of space, but being able to operate, uh, flexibly, uh, in, uh, get the most you can out of the capabilities we have, uh, uh, operating up as high as being cool. I mean, everyone looks at launch. >>She gets millions of views on live streams, the on demand, reruns get millions and millions of views. Um, it's, there's a lot of things there. Um, so Chris, what specifically could you share are things that people would work on? Um, jobs skills, what are some, what's the aperture, what's it look like if you zoom out and look at all the opportunities from a scale standpoint, what's out there, >>We'll talk to the aperture, but I want to give a shout out to our space force. And I mean, their, their job is to train and equip, uh, future space and, uh, that, that space talent. And I think that's going to be a huge plus up, uh, to have, uh, uh, a space force that's dedicated to training equipping, uh, the, an acquisition and a deployment model that, uh, will benefit not just the other services, but all of our national defense and our, uh, you know, our, our strategic way of, uh, how, how this company, country, employees space, uh, altogether. So having, having a space for us, I think, as a, is a huge, uh, a huge issue. And then to get to that aperture aspect of, of what you're, what you're asking and, you know, that addresses a larger workforce. Uh, we need so many different talents in, in this area. >>Uh, we can, we can have, we can employ a variety of people, uh, from technical writers to people who write, uh, write in developed software to those who, uh, are bending metal and actually, uh, working in a hardware environment. And, uh, those that do planning and launch operations and all of those spectrums and issues of jobs, or are directly related to a workforce that can contribute to, to space. And then once that data gets to the ground and employed out to a user, whether it's a data or we're looking at, uh, from a sensor recent, uh, recent events on, uh, shipping lanes, those types of things. So space has such a wide and diverse swath that the aperture's really wide open, uh, for a variety of backgrounds. And, and those that, uh, really just want to take an opportunity, take a, take a technical degree or a degree that, uh, can apply itself to a tough problem, uh, because they certainly exist in space. And we can, we can use that mindset of problem solving, whether you come at it from a hacker mindset, an ethical, a white hat approach to testing and vulnerability exploration, or somebody who knows how to actually, um, make, uh, operations, uh, safer, better, uh, through space situation awareness. So there's a, there's a huge swath of opportunity for us >>Bon talk about the, um, the cyber security enabled environment, the use cases that are possible when you have cybersecurity in play with space systems, um, which is in and of itself, a huge range of jobs, codings supply chain. We just talked about a bunch of them. There's still more connected use cases that go beyond that, that, that are enabled by it. If you think about it, and this is what the students at Cal poly and every other college and university community college, you name it, or watching videos on YouTube, anyone with a brain can jump in. If they, if they see the future, it's an all net new space force is driving awareness, but there's a whole slew of these new use cases that I call space enabled by cybersecurity systems. Your thoughts. >>Absolutely. I, you know, I was, uh, had planned on attending the, uh, uh, the cyber challenge that's Cal poly had planned in June, of course, a pandemic, uh, uh, took care of that plan. But, but I was intrigued by, by the approach that the Cal poly was taking with, with, uh, middle school and high school kids of, of, of, of exposing him to a problem set here. You have a, a satellite that came down from space, uh, and, uh, part of the challenge was to do Porensic analysis on the debris, uh, the remaining pieces of the sound like to figure out what happened. Uh, it had a, uh, a cybersecurity connotation. It was hacked. It was attacked by, by cyber threat nation, took it down. And the beauty of having these kids kind of play with, with the remaining parts of the satellite figure out what happened. >>So I was pretty exciting. I was really looking forward to participating in that, but again, the pandemic kind of blew that up, but I, I look forward to future events like that to, to get our young people intrigued and interested in, uh, in this new field of space. Now, you know, Chris was talking earlier about opportunities, the opportunity that you talk about, you know, while I would like to have people come to the government, right. To help us out. It's not, it's not just focused on government, right? There's not lots of opportunities in commercial space. I, if you will, uh, for, for a lot of talent to, uh, uh, to have, uh, to participate in. So the challenge is a man's government and the commercial sector, John, >>I mean, you get the hardcore, you know, I want to work for the DOD. I want to work for NSA. I want to work for the government. You clearly got people who want to have that kind of mission, but for the folks out there, Chris and bong that are like, I'll do I qualify it? It's like the black box of the DOD. It's like a secret thing. You got any clearance, you've got to get all these certifications. And you've got to take all kinds of tests and background checks. And, um, is it like that? And will that continue? Cause some people might say, Hey, can I even get involved? What do I do? So I know there's some private partnerships going on with companies out there in the private sector. So this is now a new, you guys seem to be partnering and going outside the comfort zone of the old kind of tactical things. What are some of those opportunities that people could get involved that they might not know about >>PR for NSA, there's a variety of workforce, uh, initiatives that, uh, uh, for anybody from a high school work study can take advantage of to, uh, those that would like have to have internships. And those that are in a traditional academic environment, there's, uh, several NSA schools across the country that have a academic and cyber acts, uh, sites of excellence that participate in projects that are shepherded and mentored by those at NSA that can get those tough problems that don't have maybe a classified or super sensitive, uh, nature that that can be worked in and in an academia environment. So, so those are two or three examples of how somebody can break into, uh, the, uh, an intelligence organization and the, and the other agencies have those, uh, opportunities as well across the intelligence community and the, the partnership between and collaborative collaboration between private industry and the agencies and the department of defense just continue to grow over and over again. And even myself being able to take care advantage of a joint duty assignment between my home organization and the Pentagon just shows another venue of somebody that's in one organization can partner and leverage with another organization as well. So I'm an example of, of that partnering that's going on today. >>So there's some innovation, bong, non traditional pathways to find talent. What are out there? What are new, what are these new nontraditional ways >>I was going to add to what Chris was, was mentioning John? Yeah. Even within view and under the purview of our chief information officer, back in 2013, the deputy surfed dirty defense signed the, uh, what we call the DOD cyberspace workforce strategy, uh, into effect. And that included a program called the cyber information technology exchange program. It's an exchange program in which a, uh, you know, private sector employee and worked for the DOD in cyber security positions, uh, span across multiple mission critical areas. So this is one opportunity to learn, uh, you know, in inside the DOD what's happening as a private sector person, if you will, uh, going back to what we talked about, you know, kinda, uh, opportunities, uh, within the government for, for somebody who might be interested, uh, you know, you don't have to be super smart, Bork and space. Uh, there's a lot of like, like Chris pointed out, there's a lot of different areas that we need to have people down within people to do, uh, to conduct the mission space. So you don't have to be mathematician mathematician. You don't have to be an engineer to succeed in this business. I think there's plenty of opportunities for, for any types of, of talent, any type of academic disciplines that, that, that, that they're out there. >>And I think, you know, Chris is shout out to the space force is really worth calling out again, because I think to me, that's a big deal. It's a huge deal. It's going to change the face of our nation and society. So super, super important. And that's going to rise the tide. I think it's gonna create, uh, some activation, uh, for a younger generation, certainly, and kind of new opportunities, new problems to solve new threats to take on and, and move it on. So really super conversation space in cybersecurity, the department of defense perspective, Von and Chris, thank you for taking the time. I'd love you guys just to close out. We'll start with you bong. And then Chris summarize for the folks watching, whether it's a student at Cal poly or other university or someone in industry and government, what is the department of defense perspective for space cybersecurity? >>Chris, won't go and take that on. I started, thank you. Uh, cyber security applies to much more than just the launch and download of mission data or human led exploration and the planning, testing, and experiments in the lab prior to launch require that cyber protection, just as much as any other space link, ground segment, trust rail network, or user data, and any of that loss of intellectual property or proprietary data is an extremely valuable and important, and really warrants, cybersecurity safeguards in any economic espionage or data exfiltration or denied access to that data I E ransomware or some other, uh, attack that can cripple any business or government endeavor. Uh, no matter how small or large, if it's left in our economic backbone, uh, clearly depends on space and GPS is more than just a direction finding our banking needs that a T and timing from P and T or whether it says systems that protect our shipping and airline industry of whether they can navigate and go through a particular storm or not, uh, even fighting forest fires picked up by a remote sensor. >>All those space-based assets, uh, require protection from spoofing date, uh, data denial or total asset loss. An example would be if a satellite sensitive optics were intentionally pointed at the sun and damaged, or if a command, uh, to avoid collision with another space vehicle was delayed or disrupted or a ground termination command. As we just saw just a few days ago at T minus three seconds prior to liftoff, if those all don't go as planned, uh, those losses are real and can be catastrophic. So the threat to space is pervasive real and genuine, and your active work across all those platforms is a necessary and appreciated. And your work in this area is critical, uh, going forward going forward. Uh, thank you for this opportunity to speak with you and, uh, talking on this important topic. >>Thank you, Chris Henson, goodbye. >>Closing remarks. Yeah. Likewise, John, uh, again, uh, as, as Chris said, thank you for, for the opportunity to discuss this very important, uh, around space, cyber security, as well as addressing, uh, at the end there, we were talking about workforce development and the need to have, uh, people, uh, in the mix for four features. We discussed with you. We need to start that recruiting early, uh, as we're doing to address, uh, the STEM gap today, we need to apply the same thing for cybersecurity. We, we absolutely need smart, innovative people to protect both Iraq. Anomic wellbeings a nation as well as our national defense. So this is the right conversation to have at this time, John and I, again, thank you and our Cal poly hose for, or, uh, having a symposium and, and having this opportunity to have this dialogue. Thank you, >>Gentlemen. Thank you for your time and great insights. We couldn't be there in person. We're here virtual for the space and cybersecurity symposium, 2020, the Cal poly I'm Jennifer with Silicon angle and the cube, your host. Thank you for watching.

>>from around the globe. It's the Cube covering >>space and cybersecurity. Symposium 2020 hosted by Cal Poly >>Over On Welcome to this Special virtual conference. The Space and Cybersecurity Symposium 2020 put on by Cal Poly with support from the Cube. I'm John for your host and master of ceremonies. Got a great topic today in this session. Really? The intersection of space and cybersecurity. This topic and this conversation is the cybersecurity workforce development through public and private partnerships. And we've got a great lineup. We have Jeff Armstrong's the president of California Polytechnic State University, also known as Cal Poly Jeffrey. Thanks for jumping on and Bang. Go ahead. The second director of C four s R Division. And he's joining us from the office of the Under Secretary of Defense for the acquisition Sustainment Department of Defense, D O D. And, of course, Steve Jake's executive director, founder, National Security Space Association and managing partner at Bello's. Gentlemen, thank you for joining me for this session. We got an hour conversation. Thanks for coming on. >>Thank you. >>So we got a virtual event here. We've got an hour, have a great conversation and love for you guys do? In opening statement on how you see the development through public and private partnerships around cybersecurity in space, Jeff will start with you. >>Well, thanks very much, John. It's great to be on with all of you. Uh, on behalf Cal Poly Welcome, everyone. Educating the workforce of tomorrow is our mission to Cal Poly. Whether that means traditional undergraduates, master students are increasingly mid career professionals looking toe up, skill or re skill. Our signature pedagogy is learn by doing, which means that our graduates arrive at employers ready Day one with practical skills and experience. We have long thought of ourselves is lucky to be on California's beautiful central Coast. But in recent years, as we have developed closer relationships with Vandenberg Air Force Base, hopefully the future permanent headquarters of the United States Space Command with Vandenberg and other regional partners, we have discovered that our location is even more advantages than we thought. We're just 50 miles away from Vandenberg, a little closer than u C. Santa Barbara, and the base represents the southern border of what we have come to think of as the central coast region. Cal Poly and Vandenberg Air force base have partner to support regional economic development to encourage the development of a commercial spaceport toe advocate for the space Command headquarters coming to Vandenberg and other ventures. These partnerships have been possible because because both parties stand to benefit Vandenberg by securing new streams of revenue, workforce and local supply chain and Cal Poly by helping to grow local jobs for graduates, internship opportunities for students, and research and entrepreneurship opportunities for faculty and staff. Crucially, what's good for Vandenberg Air Force Base and for Cal Poly is also good for the Central Coast and the US, creating new head of household jobs, infrastructure and opportunity. Our goal is that these new jobs bring more diversity and sustainability for the region. This regional economic development has taken on a life of its own, spawning a new nonprofit called Reach, which coordinates development efforts from Vandenberg Air Force Base in the South to camp to Camp Roberts in the North. Another factor that is facilitated our relationship with Vandenberg Air Force Base is that we have some of the same friends. For example, Northrop Grumman has has long been an important defense contractor, an important partner to Cal poly funding scholarships and facilities that have allowed us to stay current with technology in it to attract highly qualified students for whom Cal Poly's costs would otherwise be prohibitive. For almost 20 years north of grimness funded scholarships for Cal Poly students this year, their funding 64 scholarships, some directly in our College of Engineering and most through our Cal Poly Scholars program, Cal Poly Scholars, a support both incoming freshman is transfer students. These air especially important because it allows us to provide additional support and opportunities to a group of students who are mostly first generation, low income and underrepresented and who otherwise might not choose to attend Cal Poly. They also allow us to recruit from partner high schools with large populations of underrepresented minority students, including the Fortune High School in Elk Grove, which we developed a deep and lasting connection. We know that the best work is done by balanced teams that include multiple and diverse perspectives. These scholarships help us achieve that goal, and I'm sure you know Northrop Grumman was recently awarded a very large contract to modernized the U. S. I. C B M Armory with some of the work being done at Vandenberg Air Force Base, thus supporting the local economy and protecting protecting our efforts in space requires partnerships in the digital realm. How Polly is partnered with many private companies, such as AWS. Our partnerships with Amazon Web services has enabled us to train our students with next generation cloud engineering skills, in part through our jointly created digital transformation hub. Another partnership example is among Cal Poly's California Cybersecurity Institute, College of Engineering and the California National Guard. This partnership is focused on preparing a cyber ready workforce by providing faculty and students with a hands on research and learning environment, side by side with military, law enforcement professionals and cyber experts. We also have a long standing partnership with PG and E, most recently focused on workforce development and redevelopment. Many of our graduates do indeed go on to careers in aerospace and defense industry as a rough approximation. More than 4500 Cal Poly graduates list aerospace and defense as their employment sector on linked in, and it's not just our engineers and computer sciences. When I was speaking to our fellow Panelists not too long ago, >>are >>speaking to bang, we learned that Rachel sins, one of our liberal arts arts majors, is working in his office. So shout out to you, Rachel. And then finally, of course, some of our graduates sword extraordinary heights such as Commander Victor Glover, who will be heading to the International space station later this year as I close. All of which is to say that we're deeply committed the workforce, development and redevelopment that we understand the value of public private partnerships and that were eager to find new ways in which to benefit everyone from this further cooperation. So we're committed to the region, the state in the nation and our past efforts in space, cybersecurity and links to our partners at as I indicated, aerospace industry and governmental partners provides a unique position for us to move forward in the interface of space and cybersecurity. Thank you so much, John. >>President, I'm sure thank you very much for the comments and congratulations to Cal Poly for being on the forefront of innovation and really taking a unique progressive. You and wanna tip your hat to you guys over there. Thank you very much for those comments. Appreciate it. Bahng. Department of Defense. Exciting you gotta defend the nation spaces Global. Your opening statement. >>Yes, sir. Thanks, John. Appreciate that day. Thank you, everybody. I'm honored to be this panel along with President Armstrong, Cal Poly in my long longtime friend and colleague Steve Jakes of the National Security Space Association, to discuss a very important topic of cybersecurity workforce development, as President Armstrong alluded to, I'll tell you both of these organizations, Cal Poly and the N S. A have done and continue to do an exceptional job at finding talent, recruiting them in training current and future leaders and technical professionals that we vitally need for our nation's growing space programs. A swell Asare collective National security Earlier today, during Session three high, along with my colleague Chris Hansen discussed space, cyber Security and how the space domain is changing the landscape of future conflicts. I discussed the rapid emergence of commercial space with the proliferations of hundreds, if not thousands, of satellites providing a variety of services, including communications allowing for global Internet connectivity. S one example within the O. D. We continue to look at how we can leverage this opportunity. I'll tell you one of the enabling technologies eyes the use of small satellites, which are inherently cheaper and perhaps more flexible than the traditional bigger systems that we have historically used unemployed for the U. D. Certainly not lost on Me is the fact that Cal Poly Pioneer Cube SATs 2020 some years ago, and they set the standard for the use of these systems today. So they saw the valiant benefit gained way ahead of everybody else, it seems, and Cal Poly's focus on training and education is commendable. I especially impressed by the efforts of another of Steve's I colleague, current CEO Mr Bill Britain, with his high energy push to attract the next generation of innovators. Uh, earlier this year, I had planned on participating in this year's Cyber Innovation Challenge. In June works Cal Poly host California Mill and high school students and challenge them with situations to test their cyber knowledge. I tell you, I wish I had that kind of opportunity when I was a kid. Unfortunately, the pandemic change the plan. Why I truly look forward. Thio feature events such as these Thio participating. Now I want to recognize my good friend Steve Jakes, whom I've known for perhaps too long of a time here over two decades or so, who was in acknowledge space expert and personally, I truly applaud him for having the foresight of years back to form the National Security Space Association to help the entire space enterprise navigate through not only technology but Polly policy issues and challenges and paved the way for operational izing space. Space is our newest horrifying domain. That's not a secret anymore. Uh, and while it is a unique area, it shares a lot of common traits with the other domains such as land, air and sea, obviously all of strategically important to the defense of the United States. In conflict they will need to be. They will all be contested and therefore they all need to be defended. One domain alone will not win future conflicts in a joint operation. We must succeed. All to defending space is critical as critical is defending our other operational domains. Funny space is no longer the sanctuary available only to the government. Increasingly, as I discussed in the previous session, commercial space is taking the lead a lot of different areas, including R and D, A so called new space, so cyber security threat is even more demanding and even more challenging. Three US considers and federal access to and freedom to operate in space vital to advancing security, economic prosperity, prosperity and scientific knowledge of the country. That's making cyberspace an inseparable component. America's financial, social government and political life. We stood up US Space force ah, year ago or so as the newest military service is like the other services. Its mission is to organize, train and equip space forces in order to protect us and allied interest in space and to provide space capabilities to the joint force. Imagine combining that US space force with the U. S. Cyber Command to unify the direction of space and cyberspace operation strengthened U D capabilities and integrate and bolster d o d cyber experience. Now, of course, to enable all of this requires had trained and professional cadre of cyber security experts, combining a good mix of policy as well as high technical skill set much like we're seeing in stem, we need to attract more people to this growing field. Now the D. O. D. Is recognized the importance of the cybersecurity workforce, and we have implemented policies to encourage his growth Back in 2013 the deputy secretary of defense signed the D. O d cyberspace workforce strategy to create a comprehensive, well equipped cyber security team to respond to national security concerns. Now this strategy also created a program that encourages collaboration between the D. O. D and private sector employees. We call this the Cyber Information Technology Exchange program or site up. It's an exchange programs, which is very interesting, in which a private sector employees can naturally work for the D. O. D. In a cyber security position that spans across multiple mission critical areas are important to the d. O. D. A key responsibility of cybersecurity community is military leaders on the related threats and cyber security actions we need to have to defeat these threats. We talk about rapid that position, agile business processes and practices to speed up innovation. Likewise, cybersecurity must keep up with this challenge to cyber security. Needs to be right there with the challenges and changes, and this requires exceptional personnel. We need to attract talent investing the people now to grow a robust cybersecurity, workforce, streets, future. I look forward to the panel discussion, John. Thank you. >>Thank you so much bomb for those comments and you know, new challenges and new opportunities and new possibilities and free freedom Operating space. Critical. Thank you for those comments. Looking forward. Toa chatting further. Steve Jakes, executive director of N. S. S. A Europe opening statement. >>Thank you, John. And echoing bangs thanks to Cal Poly for pulling these this important event together and frankly, for allowing the National Security Space Association be a part of it. Likewise, we on behalf the association delighted and honored Thio be on this panel with President Armstrong along with my friend and colleague Bonneau Glue Mahad Something for you all to know about Bomb. He spent the 1st 20 years of his career in the Air Force doing space programs. He then went into industry for several years and then came back into government to serve. Very few people do that. So bang on behalf of the space community, we thank you for your long life long devotion to service to our nation. We really appreciate that and I also echo a bang shot out to that guy Bill Britain, who has been a long time co conspirator of ours for a long time and you're doing great work there in the cyber program at Cal Poly Bill, keep it up. But professor arms trying to keep a close eye on him. Uh, I would like to offer a little extra context to the great comments made by by President Armstrong and bahng. Uh, in our view, the timing of this conference really could not be any better. Um, we all recently reflected again on that tragic 9 11 surprise attack on our homeland. And it's an appropriate time, we think, to take pause while the percentage of you in the audience here weren't even born or babies then For the most of us, it still feels like yesterday. And moreover, a tragedy like 9 11 has taught us a lot to include to be more vigilant, always keep our collective eyes and ears open to include those quote eyes and ears from space, making sure nothing like this ever happens again. So this conference is a key aspect. Protecting our nation requires we work in a cybersecurity environment at all times. But, you know, the fascinating thing about space systems is we can't see him. No, sir, We see Space launches man there's nothing more invigorating than that. But after launch, they become invisible. So what are they really doing up there? What are they doing to enable our quality of life in the United States and in the world? Well, to illustrate, I'd like to paraphrase elements of an article in Forbes magazine by Bonds and my good friend Chuck Beans. Chuck. It's a space guy, actually had Bonds job a fuse in the Pentagon. He is now chairman and chief strategy officer at York Space Systems, and in his spare time he's chairman of the small satellites. Chuck speaks in words that everyone can understand. So I'd like to give you some of his words out of his article. Uh, they're afraid somewhat. So these are Chuck's words. Let's talk about average Joe and playing Jane. Before heading to the airport for a business trip to New York City, Joe checks the weather forecast informed by Noah's weather satellites to see what pack for the trip. He then calls an uber that space app. Everybody uses it matches riders with drivers via GPS to take into the airport, So Joe has lunch of the airport. Unbeknownst to him, his organic lunch is made with the help of precision farming made possible through optimized irrigation and fertilization, with remote spectral sensing coming from space and GPS on the plane, the pilot navigates around weather, aided by GPS and nose weather satellites. And Joe makes his meeting on time to join his New York colleagues in a video call with a key customer in Singapore made possible by telecommunication satellites. Around to his next meeting, Joe receives notice changing the location of the meeting to another to the other side of town. So he calmly tells Syria to adjust the destination, and his satellite guided Google maps redirects him to the new location. That evening, Joe watches the news broadcast via satellite. The report details a meeting among world leaders discussing the developing crisis in Syria. As it turns out, various forms of quote remotely sensed. Information collected from satellites indicate that yet another band, chemical weapon, may have been used on its own people. Before going to bed, Joe decides to call his parents and congratulate them for their wedding anniversary as they cruise across the Atlantic, made possible again by communications satellites and Joe's parents can enjoy the call without even wondering how it happened the next morning. Back home, Joe's wife, Jane, is involved in a car accident. Her vehicle skids off the road. She's knocked unconscious, but because of her satellite equipped on star system, the crash is detected immediately and first responders show up on the scene. In time, Joe receives the news books. An early trip home sends flowers to his wife as he orders another uber to the airport. Over that 24 hours, Joe and Jane used space system applications for nearly every part of their day. Imagine the consequences if at any point they were somehow denied these services, whether they be by natural causes or a foreign hostility. And each of these satellite applications used in this case were initially developed for military purposes and continue to be, but also have remarkable application on our way of life. Just many people just don't know that. So, ladies and gentlemen, now you know, thanks to chuck beans, well, the United States has a proud heritage being the world's leading space faring nation, dating back to the Eisenhower and Kennedy years. Today we have mature and robust systems operating from space, providing overhead reconnaissance to quote, wash and listen, provide missile warning, communications, positioning, navigation and timing from our GPS system. Much of what you heard in Lieutenant General J. T. Thompson earlier speech. These systems are not only integral to our national security, but also our also to our quality of life is Chuck told us. We simply no longer could live without these systems as a nation and for that matter, as a world. But over the years, adversary like adversaries like China, Russia and other countries have come to realize the value of space systems and are aggressively playing ketchup while also pursuing capabilities that will challenge our systems. As many of you know, in 2000 and seven, China demonstrated it's a set system by actually shooting down is one of its own satellites and has been aggressively developing counter space systems to disrupt hours. So in a heavily congested space environment, our systems are now being contested like never before and will continue to bay well as Bond mentioned, the United States has responded to these changing threats. In addition to adding ways to protect our system, the administration and in Congress recently created the United States Space Force and the operational you United States Space Command, the latter of which you heard President Armstrong and other Californians hope is going to be located. Vandenberg Air Force Base Combined with our intelligence community today, we have focused military and civilian leadership now in space. And that's a very, very good thing. Commence, really. On the industry side, we did create the National Security Space Association devoted solely to supporting the national security Space Enterprise. We're based here in the D C area, but we have arms and legs across the country, and we are loaded with extraordinary talent. In scores of Forman, former government executives, So S s a is joined at the hip with our government customers to serve and to support. We're busy with a multitude of activities underway ranging from a number of thought provoking policy. Papers are recurring space time Webcast supporting Congress's Space Power Caucus and other main serious efforts. Check us out at NSS. A space dot org's One of our strategic priorities in central to today's events is to actively promote and nurture the workforce development. Just like cow calling. We will work with our U. S. Government customers, industry leaders and academia to attract and recruit students to join the space world, whether in government or industry and two assistant mentoring and training as their careers. Progress on that point, we're delighted. Be delighted to be working with Cal Poly as we hopefully will undertake a new pilot program with him very soon. So students stay tuned something I can tell you Space is really cool. While our nation's satellite systems are technical and complex, our nation's government and industry work force is highly diverse, with a combination of engineers, physicists, method and mathematicians, but also with a large non technical expertise as well. Think about how government gets things thes systems designed, manufactured, launching into orbit and operating. They do this via contracts with our aerospace industry, requiring talents across the board from cost estimating cost analysis, budgeting, procurement, legal and many other support. Tasker Integral to the mission. Many thousands of people work in the space workforce tens of billions of dollars every year. This is really cool stuff, no matter what your education background, a great career to be part of. When summary as bang had mentioned Aziz, well, there is a great deal of exciting challenges ahead we will see a new renaissance in space in the years ahead, and in some cases it's already begun. Billionaires like Jeff Bezos, Elon Musk, Sir Richard Richard Branson are in the game, stimulating new ideas in business models, other private investors and start up companies. Space companies are now coming in from all angles. The exponential advancement of technology and microelectronics now allows the potential for a plethora of small SAT systems to possibly replace older satellites the size of a Greyhound bus. It's getting better by the day and central to this conference, cybersecurity is paramount to our nation's critical infrastructure in space. So once again, thanks very much, and I look forward to the further conversation. >>Steve, thank you very much. Space is cool. It's relevant. But it's important, as you pointed out, and you're awesome story about how it impacts our life every day. So I really appreciate that great story. I'm glad you took the time Thio share that you forgot the part about the drone coming over in the crime scene and, you know, mapping it out for you. But that would add that to the story later. Great stuff. My first question is let's get into the conversations because I think this is super important. President Armstrong like you to talk about some of the points that was teased out by Bang and Steve. One in particular is the comment around how military research was important in developing all these capabilities, which is impacting all of our lives. Through that story. It was the military research that has enabled a generation and generation of value for consumers. This is kind of this workforce conversation. There are opportunities now with with research and grants, and this is, ah, funding of innovation that it's highly accelerate. It's happening very quickly. Can you comment on how research and the partnerships to get that funding into the universities is critical? >>Yeah, I really appreciate that And appreciate the comments of my colleagues on it really boils down to me to partnerships, public private partnerships. You mentioned Northrop Grumman, but we have partnerships with Lockie Martin, Boeing, Raytheon Space six JPL, also member of organization called Business Higher Education Forum, which brings together university presidents and CEOs of companies. There's been focused on cybersecurity and data science, and I hope that we can spill into cybersecurity in space but those partnerships in the past have really brought a lot forward at Cal Poly Aziz mentioned we've been involved with Cube set. Uh, we've have some secure work and we want to plan to do more of that in the future. Uh, those partnerships are essential not only for getting the r and d done, but also the students, the faculty, whether masters or undergraduate, can be involved with that work. Uh, they get that real life experience, whether it's on campus or virtually now during Covic or at the location with the partner, whether it may be governmental or our industry. Uh, and then they're even better equipped, uh, to hit the ground running. And of course, we'd love to see even more of our students graduate with clearance so that they could do some of that a secure work as well. So these partnerships are absolutely critical, and it's also in the context of trying to bring the best and the brightest and all demographics of California and the US into this field, uh, to really be successful. So these partnerships are essential, and our goal is to grow them just like I know other colleagues and C. S u and the U C are planning to dio, >>you know, just as my age I've seen I grew up in the eighties, in college and during that systems generation and that the generation before me, they really kind of pioneered the space that spawned the computer revolution. I mean, you look at these key inflection points in our lives. They were really funded through these kinds of real deep research. Bond talk about that because, you know, we're living in an age of cloud. And Bezos was mentioned. Elon Musk. Sir Richard Branson. You got new ideas coming in from the outside. You have an accelerated clock now on terms of the innovation cycles, and so you got to react differently. You guys have programs to go outside >>of >>the Defense Department. How important is this? Because the workforce that air in schools and our folks re skilling are out there and you've been on both sides of the table. So share your thoughts. >>No, thanks, John. Thanks for the opportunity responded. And that's what you hit on the notes back in the eighties, R and D in space especially, was dominated by my government funding. Uh, contracts and so on. But things have changed. As Steve pointed out, A lot of these commercial entities funded by billionaires are coming out of the woodwork funding R and D. So they're taking the lead. So what we can do within the deal, the in government is truly take advantage of the work they've done on. Uh, since they're they're, you know, paving the way to new new approaches and new way of doing things. And I think we can We could certainly learn from that. And leverage off of that saves us money from an R and D standpoint while benefiting from from the product that they deliver, you know, within the O D Talking about workforce development Way have prioritized we have policies now to attract and retain talent. We need I I had the folks do some research and and looks like from a cybersecurity workforce standpoint. A recent study done, I think, last year in 2019 found that the cybersecurity workforce gap in the U. S. Is nearing half a million people, even though it is a growing industry. So the pipeline needs to be strengthened off getting people through, you know, starting young and through college, like assess a professor Armstrong indicated, because we're gonna need them to be in place. Uh, you know, in a period of about maybe a decade or so, Uh, on top of that, of course, is the continuing issue we have with the gap with with stamps students, we can't afford not to have expertise in place to support all the things we're doing within the with the not only deal with the but the commercial side as well. Thank you. >>How's the gap? Get? Get filled. I mean, this is the this is again. You got cybersecurity. I mean, with space. It's a whole another kind of surface area, if you will, in early surface area. But it is. It is an I o t. Device if you think about it. But it does have the same challenges. That's kind of current and and progressive with cybersecurity. Where's the gap Get filled, Steve Or President Armstrong? I mean, how do you solve the problem and address this gap in the workforce? What is some solutions and what approaches do we need to put in place? >>Steve, go ahead. I'll follow up. >>Okay. Thanks. I'll let you correct. May, uh, it's a really good question, and it's the way I would. The way I would approach it is to focus on it holistically and to acknowledge it up front. And it comes with our teaching, etcetera across the board and from from an industry perspective, I mean, we see it. We've gotta have secure systems with everything we do and promoting this and getting students at early ages and mentoring them and throwing internships at them. Eyes is so paramount to the whole the whole cycle, and and that's kind of and it really takes focused attention. And we continue to use the word focus from an NSS, a perspective. We know the challenges that are out there. There are such talented people in the workforce on the government side, but not nearly enough of them. And likewise on industry side. We could use Maura's well, but when you get down to it, you know we can connect dots. You know that the the aspect That's a Professor Armstrong talked about earlier toe where you continue to work partnerships as much as you possibly can. We hope to be a part of that. That network at that ecosystem the will of taking common objectives and working together to kind of make these things happen and to bring the power not just of one or two companies, but our our entire membership to help out >>President >>Trump. Yeah, I would. I would also add it again. It's back to partnerships that I talked about earlier. One of our partners is high schools and schools fortune Margaret Fortune, who worked in a couple of, uh, administrations in California across party lines and education. Their fifth graders all visit Cal Poly and visit our learned by doing lab and you, you've got to get students interested in stem at a early age. We also need the partnerships, the scholarships, the financial aid so the students can graduate with minimal to no debt to really hit the ground running. And that's exacerbated and really stress. Now, with this covert induced recession, California supports higher education at a higher rate than most states in the nation. But that is that has dropped this year or reasons. We all understand, uh, due to Kobe, and so our partnerships, our creativity on making sure that we help those that need the most help financially uh, that's really key, because the gaps air huge eyes. My colleagues indicated, you know, half of half a million jobs and you need to look at the the students that are in the pipeline. We've got to enhance that. Uh, it's the in the placement rates are amazing. Once the students get to a place like Cal Poly or some of our other amazing CSU and UC campuses, uh, placement rates are like 94%. >>Many of our >>engineers, they have jobs lined up a year before they graduate. So it's just gonna take key partnerships working together. Uh, and that continued partnership with government, local, of course, our state of CSU on partners like we have here today, both Stephen Bang So partnerships the thing >>e could add, you know, the collaboration with universities one that we, uh, put a lot of emphasis, and it may not be well known fact, but as an example of national security agencies, uh, National Centers of Academic Excellence in Cyber, the Fast works with over 270 colleges and universities across the United States to educate its 45 future cyber first responders as an example, so that Zatz vibrant and healthy and something that we ought Teoh Teik, banjo >>off. Well, I got the brain trust here on this topic. I want to get your thoughts on this one point. I'd like to define what is a public private partnership because the theme that's coming out of the symposium is the script has been flipped. It's a modern error. Things air accelerated get you got security. So you get all these things kind of happen is a modern approach and you're seeing a digital transformation play out all over the world in business. Andi in the public sector. So >>what is what >>is a modern public private partnership? What does it look like today? Because people are learning differently, Covert has pointed out, which was that we're seeing right now. How people the progressions of knowledge and learning truth. It's all changing. How do you guys view the modern version of public private partnership and some some examples and improve points? Can you can you guys share that? We'll start with the Professor Armstrong. >>Yeah. A zai indicated earlier. We've had on guy could give other examples, but Northup Grumman, uh, they helped us with cyber lab. Many years ago. That is maintained, uh, directly the software, the connection outside its its own unit so that students can learn the hack, they can learn to penetrate defenses, and I know that that has already had some considerations of space. But that's a benefit to both parties. So a good public private partnership has benefits to both entities. Uh, in the common factor for universities with a lot of these partnerships is the is the talent, the talent that is, that is needed, what we've been working on for years of the, you know, that undergraduate or master's or PhD programs. But now it's also spilling into Skilling and re Skilling. As you know, Jobs. Uh, you know, folks were in jobs today that didn't exist two years, three years, five years ago. But it also spills into other aspects that can expand even mawr. We're very fortunate. We have land, there's opportunities. We have one tech part project. We're expanding our tech park. I think we'll see opportunities for that, and it'll it'll be adjusted thio, due to the virtual world that we're all learning more and more about it, which we were in before Cove it. But I also think that that person to person is going to be important. Um, I wanna make sure that I'm driving across the bridge. Or or that that satellites being launched by the engineer that's had at least some in person training, uh, to do that and that experience, especially as a first time freshman coming on a campus, getting that experience expanding and as adult. And we're gonna need those public private partnerships in order to continue to fund those at a level that is at the excellence we need for these stem and engineering fields. >>It's interesting People in technology can work together in these partnerships in a new way. Bank Steve Reaction Thio the modern version of what a public, successful private partnership looks like. >>If I could jump in John, I think, you know, historically, Dodi's has have had, ah, high bar thio, uh, to overcome, if you will, in terms of getting rapid pulling in your company. This is the fault, if you will and not rely heavily in are the usual suspects of vendors and like and I think the deal is done a good job over the last couple of years off trying to reduce the burden on working with us. You know, the Air Force. I think they're pioneering this idea around pitch days where companies come in, do a two hour pitch and immediately notified of a wooden award without having to wait a long time. Thio get feedback on on the quality of the product and so on. So I think we're trying to do our best. Thio strengthen that partnership with companies outside the main group of people that we typically use. >>Steve, any reaction? Comment to add? >>Yeah, I would add a couple of these air. Very excellent thoughts. Uh, it zits about taking a little gamble by coming out of your comfort zone. You know, the world that Bond and Bond lives in and I used to live in in the past has been quite structured. It's really about we know what the threat is. We need to go fix it, will design it says we go make it happen, we'll fly it. Um, life is so much more complicated than that. And so it's it's really to me. I mean, you take you take an example of the pitch days of bond talks about I think I think taking a gamble by attempting to just do a lot of pilot programs, uh, work the trust factor between government folks and the industry folks in academia. Because we are all in this together in a lot of ways, for example. I mean, we just sent the paper to the White House of their requests about, you know, what would we do from a workforce development perspective? And we hope Thio embellish on this over time once the the initiative matures. But we have a piece of it, for example, is the thing we call clear for success getting back Thio Uh, President Armstrong's comments at the collegiate level. You know, high, high, high quality folks are in high demand. So why don't we put together a program they grabbed kids in their their underclass years identifies folks that are interested in doing something like this. Get them scholarships. Um, um, I have a job waiting for them that their contract ID for before they graduate, and when they graduate, they walk with S C I clearance. We believe that could be done so, and that's an example of ways in which the public private partnerships can happen to where you now have a talented kid ready to go on Day one. We think those kind of things can happen. It just gets back down to being focused on specific initiatives, give them giving them a chance and run as many pilot programs as you can like these days. >>That's a great point, E. President. >>I just want to jump in and echo both the bank and Steve's comments. But Steve, that you know your point of, you know, our graduates. We consider them ready Day one. Well, they need to be ready Day one and ready to go secure. We totally support that and and love to follow up offline with you on that. That's that's exciting, uh, and needed very much needed mawr of it. Some of it's happening, but way certainly have been thinking a lot about that and making some plans, >>and that's a great example of good Segway. My next question. This kind of reimagining sees work flows, eyes kind of breaking down the old the old way and bringing in kind of a new way accelerated all kind of new things. There are creative ways to address this workforce issue, and this is the next topic. How can we employ new creative solutions? Because, let's face it, you know, it's not the days of get your engineering degree and and go interview for a job and then get slotted in and get the intern. You know the programs you get you particularly through the system. This is this is multiple disciplines. Cybersecurity points at that. You could be smart and math and have, ah, degree in anthropology and even the best cyber talents on the planet. So this is a new new world. What are some creative approaches that >>you know, we're >>in the workforce >>is quite good, John. One of the things I think that za challenge to us is you know, we got somehow we got me working for with the government, sexy, right? The part of the challenge we have is attracting the right right level of skill sets and personnel. But, you know, we're competing oftentimes with the commercial side, the gaming industry as examples of a big deal. And those are the same talents. We need to support a lot of programs we have in the U. D. So somehow we have to do a better job to Steve's point off, making the work within the U. D within the government something that they would be interested early on. So I tracked him early. I kind of talked about Cal Poly's, uh, challenge program that they were gonna have in June inviting high school kid. We're excited about the whole idea of space and cyber security, and so on those air something. So I think we have to do it. Continue to do what were the course the next several years. >>Awesome. Any other creative approaches that you guys see working or might be on idea, or just a kind of stoked the ideation out their internship. So obviously internships are known, but like there's gotta be new ways. >>I think you can take what Steve was talking about earlier getting students in high school, uh, and aligning them sometimes. Uh, that intern first internship, not just between the freshman sophomore year, but before they inter cal poly per se. And they're they're involved s So I think that's, uh, absolutely key. Getting them involved many other ways. Um, we have an example of of up Skilling a redeveloped work redevelopment here in the Central Coast. PG and e Diablo nuclear plant as going to decommission in around 2020 24. And so we have a ongoing partnership toe work on reposition those employees for for the future. So that's, you know, engineering and beyond. Uh, but think about that just in the manner that you were talking about. So the up skilling and re Skilling uh, on I think that's where you know, we were talking about that Purdue University. Other California universities have been dealing with online programs before cove it and now with co vid uh, so many more faculty or were pushed into that area. There's going to be much more going and talk about workforce development and up Skilling and Re Skilling The amount of training and education of our faculty across the country, uh, in in virtual, uh, and delivery has been huge. So there's always a silver linings in the cloud. >>I want to get your guys thoughts on one final question as we in the in the segment. And we've seen on the commercial side with cloud computing on these highly accelerated environments where you know, SAS business model subscription. That's on the business side. But >>one of The >>things that's clear in this trend is technology, and people work together and technology augments the people components. So I'd love to get your thoughts as we look at the world now we're living in co vid um, Cal Poly. You guys have remote learning Right now. It's a infancy. It's a whole new disruption, if you will, but also an opportunity to enable new ways to collaborate, Right? So if you look at people and technology, can you guys share your view and vision on how communities can be developed? How these digital technologies and people can work together faster to get to the truth or make a discovery higher to build the workforce? These air opportunities? How do you guys view this new digital transformation? >>Well, I think there's there's a huge opportunities and just what we're doing with this symposium. We're filming this on one day, and it's going to stream live, and then the three of us, the four of us, can participate and chat with participants while it's going on. That's amazing. And I appreciate you, John, you bringing that to this this symposium, I think there's more and more that we can do from a Cal poly perspective with our pedagogy. So you know, linked to learn by doing in person will always be important to us. But we see virtual. We see partnerships like this can expand and enhance our ability and minimize the in person time, decrease the time to degree enhanced graduation rate, eliminate opportunity gaps or students that don't have the same advantages. S so I think the technological aspect of this is tremendous. Then on the up Skilling and Re Skilling, where employees air all over, they can be reached virtually then maybe they come to a location or really advanced technology allows them to get hands on virtually, or they come to that location and get it in a hybrid format. Eso I'm I'm very excited about the future and what we can do, and it's gonna be different with every university with every partnership. It's one. Size does not fit all. >>It's so many possibilities. Bond. I could almost imagine a social network that has a verified, you know, secure clearance. I can jump in, have a little cloak of secrecy and collaborate with the d o. D. Possibly in the future. But >>these are the >>kind of kind of crazy ideas that are needed. Are your thoughts on this whole digital transformation cross policy? >>I think technology is gonna be revolutionary here, John. You know, we're focusing lately on what we call digital engineering to quicken the pace off, delivering capability to warfighter. As an example, I think a I machine language all that's gonna have a major play and how we operate in the future. We're embracing five G technologies writing ability Thio zero latency or I o t More automation off the supply chain. That sort of thing, I think, uh, the future ahead of us is is very encouraging. Thing is gonna do a lot for for national defense on certainly the security of the country. >>Steve, your final thoughts. Space systems are systems, and they're connected to other systems that are connected to people. Your thoughts on this digital transformation opportunity >>Such a great question in such a fun, great challenge ahead of us. Um echoing are my colleague's sentiments. I would add to it. You know, a lot of this has I think we should do some focusing on campaigning so that people can feel comfortable to include the Congress to do things a little bit differently. Um, you know, we're not attuned to doing things fast. Uh, but the dramatic You know, the way technology is just going like crazy right now. I think it ties back Thio hoping Thio, convince some of our senior leaders on what I call both sides of the Potomac River that it's worth taking these gamble. We do need to take some of these things very way. And I'm very confident, confident and excited and comfortable. They're just gonna be a great time ahead and all for the better. >>You know, e talk about D. C. Because I'm not a lawyer, and I'm not a political person, but I always say less lawyers, more techies in Congress and Senate. So I was getting job when I say that. Sorry. Presidential. Go ahead. >>Yeah, I know. Just one other point. Uh, and and Steve's alluded to this in bonded as well. I mean, we've got to be less risk averse in these partnerships. That doesn't mean reckless, but we have to be less risk averse. And I would also I have a zoo. You talk about technology. I have to reflect on something that happened in, uh, you both talked a bit about Bill Britton and his impact on Cal Poly and what we're doing. But we were faced a few years ago of replacing a traditional data a data warehouse, data storage data center, and we partner with a W S. And thank goodness we had that in progress on it enhanced our bandwidth on our campus before Cove. It hit on with this partnership with the digital transformation hub. So there is a great example where, uh, we we had that going. That's not something we could have started. Oh, covitz hit. Let's flip that switch. And so we have to be proactive on. We also have thio not be risk averse and do some things differently. Eyes that that is really salvage the experience for for students. Right now, as things are flowing, well, we only have about 12% of our courses in person. Uh, those essential courses, uh, and just grateful for those partnerships that have talked about today. >>Yeah, and it's a shining example of how being agile, continuous operations, these air themes that expand into space and the next workforce needs to be built. Gentlemen, thank you. very much for sharing your insights. I know. Bang, You're gonna go into the defense side of space and your other sessions. Thank you, gentlemen, for your time for great session. Appreciate it. >>Thank you. Thank you. >>Thank you. >>Thank you. Thank you. Thank you all. >>I'm John Furry with the Cube here in Palo Alto, California Covering and hosting with Cal Poly The Space and Cybersecurity Symposium 2020. Thanks for watching.

>> Voiceover: From around the globe, it's theCUBE, covering Space and Cybersecurity Symposium 2020 hosted by Cal Poly. >> Hello everyone? Welcome to the Space and Cybersecurity Symposium 2020 hosted by Cal Poly and theCUBE. I'm John Furrier, your host. We have a great session here. Space cybersecurity, the Department of Defense perspective. We have Bong Gumahad, Director of C4ISR, Directorate Office of the Under Secretary of Defense for Acquisition and Sustainment for the DOD. And Chris Henson, Technical Director Space and Weapons, Cybersecurity Solutions for the National Security Agency. Gentlemen, thank you for taking the time for this awesome session. >> Thank you, John. >> Thank you. >> So we're going to talk about the perspective of the DOD relative to space cybersecurity. A lot going on, congestion, contention, freedom, evolution, innovation. So Bong, I'd like to have you start with your opening statement on how you see the space cybersecurity perspective. >> John, thanks for the intro, really appreciate it. First, let me give my thanks to Cal Poly for convening the Space and Cybersecurity Symposium this year. And despite the pandemic, the organization and the content delivery is pretty impressive. I really foot stomping what can possibly be done with a number of these virtual platforms. This has been awesome, thanks for the opportunity. I also want to recognize my colleague, Chris Henson from NSA, who is actually assigned to our staff at the OUSD, but he brings both policy and technical perspective in this whole area. So I think you'll find his commentary and positions on things very refreshing for today's seminar. Now space cybersecurity is a pretty interesting terminology for us all. Cybersecurity means protecting against cyber threats. And it's really more than just computers here on earth. Space is the newest war fighting domain and cybersecurity is perhaps even more of a challenge in this domain than others. I'm sure Lieutenant General Thompson and Major John Shaw discuss the criticality of this new Space Force. It's the newest military service in the earlier sessions and they're at the risk of repeating what they already addressed. Let me start by talking about what space means to DOD and what we're doing directly from my advantage point as part of the Acquisition and Sustainment arm of the Pentagon. Well, what I want to share with you today is how the current space strategy ties into the National Defense strategy and supports the department's operational objectives. As the director of C4ISR, I have come to understand how the integration of C4ISR capability is a powerful asset to enhance the lethality of the joint war fighter. Secretary Lord, our boss, the Under Secretary for Acquisition and Sustainment is diligent in her pursuit to adapt and modernize acquisition processes, to influence the strategy and to focus our efforts to make our objectives a reality. I think first and foremost, we are building a more lethal force. This joint force will project lethality in contested environments and across all domains through an operationally integrated and resiliency 4ISR infrastructure. We are also cultivating our alliances, deepening interoperability, which is very important in a future fight and collaboratively planning with those who partner with us in the fight. Most significantly for our work in acquisition and sustainment, we continue to optimize the department for greater performance and affordability through reform of the acquisition process. Now space is our newest fighting domain. And while it is indeed unique, it shares many common traits with the others, land, air and sea. All are important to the defense of the US. In conflict, no doubt about this, they will be contested and they must be defended. One domain will not win future conflicts and in a joint operation in a future fight and the future conflict they must all succeed. I see three areas being key toward DOD strategic success in space. One, developing our whole of government approach in close partnership with the private sector and our allies. Two, prioritizing our investments in resiliency, innovation and adaptive operations. And third, responding rapidly and effectively to leverage emerging technologies and seize opportunities to advance US strengths, partnerships and alliances. Let me emphasize that space is increasingly congested and tested and demanded as essential to lethality operational effectiveness and the security of our nation. Now the commercialization space offers a broad set of investments in satellite technology, potential opportunities to leverage those investments and pathways to develop cost efficient space architecture, for the department and the nation. It's funny, there's a new race, a race for space, if you will, between commercial companies buying for dominance of space. Now the joint staff within DOD is currently building an operational construct to employ and engage as a unified force coordinated across all domains. We call it the Joint All Domain Command and Control, JADC2. It is the framework that is under development to allow us to conduct integrated operations in the future. The objective of JADC2 is to provide the war fighter access to the decision making information while providing mission assurance of the information and resilience of the underlying terrestrial air in space networks that support them. Operationally, JADC2 seeks to maintain seamless integration, adaptation, and employment of our capability to sense signal, connect, transmit, process control, direct, and deliver lethal capabilities against the enemy. We gain a strategic advantage through the integration of these capabilities across all the domains, by providing balance space awareness, horse protection, and weapons controlled and deployment capabilities. Now successfully any ratings in these systems and capabilities will provide our war fighters overwhelming superiority on the battlefield in an environment challenged by near peer adversaries, as well as non state actors. In space, the character of its employment is changing, driven by increasing demands, not just by DOD, but by the commercial sector as well. You know, more and more we see greater use of small satellite systems to address a myriad of emerging questions, ubiquitous communications, awareness, sensory diversity, and many more. As I said before, the commercial world is pioneering high rate production of small satellites in their efforts to deploy hundreds, if not thousands of nodes. SpaceX Starlink Constellation is one example. Another one is Amazon's Kuiper. Kuiper just received FCC approval to deploy like over 3000 of these different nodes. While a number of these companies continue to grow, some have struggled. Case in point is OneWeb. Nevertheless, the appetite remains strong and DOD is taken advantage of these advances to support our missions. We are currently exploring how to better integrate the DOD activities involving small satellites under the small satellite coordinating activity, scholarly call it. We want to ensure collaboration and interoperability to maximize efficiency in acquisition and operation. When we started this activity on over a year and a half ago, we documented over 70 plus separate small sat programs within DOD. And now we've developed a very vibrant community of interest surrounding our small satellites. Now, part of the work we have identified nine focus areas for further development. These are common areas to all systems and by continuing to expand on these, our plan is to enable a standard of practice that can be applied across all of the domains. This includes lawn services, ground processing distribution, and of course, a topic of interest to the symposium space security and Chris will talk more about that, being that he's the expert in this area. One challenge that we can definitely start working on today is workforce development. Cybersecurity is unique as it straddles STEM and security and policy. The trade craft is different. And unfortunately I've seen estimates recently suggesting a workforce gap in the next several years, much like the STEM fields. During the next session, I am a part of a panel with president Armstrong at Cal Poly, and Steve Jacques, the founder of the National Security Space Association to address workforce development. But for this panel, I'll look forward to having this dialogue surrounding space cybersecurity with Chris and John. Thank you, John. >> Bong, thank you for that opening statement and yes, workforce gaps, we need the new skill space is here. Thank you very much. Chris Henson's Technical Director of Space and Weapons, Cybersecurity Solutions for the National Security Agency. Your opening statement. >> Thank you for having me. I'm one of several technical leaders in space at the National Security Agency. And I'm currently on a joint duty assignment at the office of Under Secretary of Defense for Acquisition and Sustainment. I work under Mr. Gumahad in the C4ISR area. But almost 63 years ago, on the 4th of October, 1957, Sputnik was the first artificial satellite launched by the Soviet Union and space history was made. And each of you can continue to write future space history in your careers. And just like in 1957, the US isn't alone in space to include our close partnerships and longterm activities with organizations like the Japanese Space Agency, the European Space Agency and the Canadian Space Agency, just to name a few. And when we tackle cybersecurity per space, we have to address the idea that the communications command and control and those mission datas will transverse networks owned and operated by a variety of partners, not only .go, .mil, .com, .edu, et cetera. We need to have all the partners address the cyber effects of those systems because the risk accepted by one is shared by all. And sharing cyber best practices, lessons learned, data vulnerabilities, threat data mitigation procedures, all our valuable takeaways in expanding the space community, improving overall conditions for healthy environment. So thank you for having me, and I appreciate the opportunity to speak to you and your audience. And I look forward to the discussion questions, thank you. >> Thank you, Chris, thank you, Bong. Okay, I mean, open innovation, the internet, you see plenty of examples. The theme here is partners, commercial, government. It's going to take a lot of people and tech companies and technologies to make space work. So we asked my first question, Bong, we'll start with you is what do you see as the DOD's role in addressing cybersecurity in space? It's real, it's a new frontier. It's not going away, it's only going to get more innovative, more open, more contested. It seems like a lot to do there. What's your role in addressing cyber security in space? >> I think our role is to be the leader in developing not only is it the strategy, but the implementation plans to ensure a full of cybersecurity. If you look at the National Cyber Strategy, I think published in 2018, calls for like-minded countries, industry academia, and civil society. Once you mentioned John, the support technology development, digital safety policy, advocacy, and research. You here today, and those listening are fulfilling their strategy. When you develop, enable use cyber hygiene products as examples and capabilities, you're pushing the goal to provision. When you know what's on your network, patch network, backup and encrypt your network, you're hardening and preventing cyber attacks. And we in government academia, in the case of Cal Poly, civil networks and in commercial companies, we all benefit from doing that. Cyber security, and I think Chris will definitely back me up on this, more than passwords encryption or firewall. It's truly a mindset and a culture of enabling mission to succeed in assured and in a resilient fashion. >> Chris, you're take and reaction to the cybersecurity challenge involved here. >> It's starting really at the highest level of governments. We have, you know, the recent security policy Directive-5 that just came out just a couple of days ago, recognize all the factors of cybersecurity that need to come into play. And probably the most important outcome of that as Mr. Gumahad said, is the leadership role. And that leadership blends out very well into partnership. So partnership with industry, partnership with academia, partnership with other people that are exploring space. And those partnerships blend itself very naturally to sharing cybersecurity issues, topics, as we come up with best practices, as we come up with mitigation strategies, and as we come up with vulnerabilities and share that information. We're not going to go alone in space, just like we're probably not going to go alone in many other industries or areas. That the DOD has to be involved in many spectrums of deploying to space. And that deployment involves, as Mr. Gumahad said, encryption, authentication, knowing what's on the network, knowing the fabric of that network, and if nothing else, this internet of things and work from home environment that we've partaken of these last few months has even explored and expanded that notion even more dramatically as we have people dial in from all over the different locations. Well, space will be that natural node, that natural next network in measure involvement that we'll have to protect and explore on, not just from a terrestrial involvement, but all segments of it. The calm segment, the space vehicle, and the ground portion. >> You know, Bong, we talked about this in our other segment around with the president of Cal Poly, but the operating models of the Space Force and of the DOD and getting to space. But it's a software defined world, right? So cybersecurity is a real big issue 'cause you have an operating model that's requiring software to power these low hanging satellites. That's just an extension to the network. It's distributed computing, we know what this is. If you understand what technology we do in space, it's no different, it's just a different environment so it's software defined. That just lends itself well to hacking. I mean, if I'm a hacker I'm going, "Hey, why not just take out a satellite and crash it down "or make the GPS do something different?" I mean, it's definitely an attack vector. This is a big deal. It's not just like getting credentials that are cashed on a server, you got to really protect. >> Right, because in one hand it space will carry not only focal national security information, but if you look at the economic wellbeing, the financial state of a lot of countries, institutions, you know, more and more John, they'll be using space assets to make all that happen. So, and if you look at the, you mentioned the attack vectors in space. It's not just the computers in the ground, but if you look at the whole life cycle for satellite systems in space, the tasking that you need to do, the command and controlling of the vehicle, the data that comes down in the ground, even when you launch the birds, the satellites, you know, they all need to be protected because they're all somewhat vulnerable to hacking, to cyber attacks. Especially as we grow into commercialization space, it's going to be a lot more people out there playing in this world. It's going to be a lot more companies out there. And, you know, it's hard to track, the potential of foreign influences as an example, and therefore the potential of being vulnerable in terms of the cyber threat. >> Gentlemen, like you guys said to move on to this leadership role, Bong, you mentioned it. You want to be a leader, I get it, the DOD is Department of Defense, it's a new frontier to defend war time zone, you mentioned war time opportunity potentially. But how do you guys assist that's term hat to getting done? Because there's public and private space operations happening, there's security challenge. What does being a leader mean? And how does the DOD, Department of Defense assist driving the public and private? Do you lead from a project standpoint? Do you lead from a funding standpoint? Is it architectural? I mean, you're talking about now a new end-to-end architecture. It's not just cloud it's on premise, it's in devices, it's offloaded with new AI technology and nix and devices. It's IOT, it's all this and all new. This is all new. What does it mean for the DOD to be a leader and how do you assist others to get involved? And what does that mean? >> Yeah, I think the one hand, you know, DOD used to lead in terms of being the only source of funding for a lot of highly developmental efforts. We're seeing a different story in space. Again, I keep going back to the commercialization of space. We're seeing a lot more players, right? So in many ways allies commercial companies are actually leading the R&D of a lot different technology. So we certainly want to take advantage of that. So from a leadership standpoint, I think leadership can come in, by partnering a lot more with the commercial companies. In 2020, the DOD released the Defense Space Strategy, as an example, that highlights the threats, the challenges and opportunities the United States has faced by setting example of how we counter the threats that are out there, not just the DOD, but the civilian and the commercial sector as well. Our current conditions are strong, but we want to use four lines of effort to meet our challenges and capitalize on our desire to state space. Our lines of effort include building a comprehensive military badges space, integrating space into a national joint and combined operations, like I mentioned before. Shaping that strategic environment and cooperating with allies, partners in industry and other US governmental departments and agencies to advance the cost of space. To take full advantage of what space can provide us in DOD and the nation. >> Chris as a domain now, what's your take on all of this? Because again, it's going to take more people, more diverse, potentially more security hauls. What's your view on this? >> Well, let's look at how innovation and new technologies can help us in these areas. So, and mentioned it a couple of topics that you hit on already. One of the areas that we can improve on is certainly in the architecture. Where we look at a zero trust architecture, one of the NIST standards that's come about. Where it talks about the authentication, the need to know a granular approach, this idea of being able to protect, not just data, but the resources and how people can get access to those, whether they're coming in through an identification, authentication credential, or other aspects of the idea of not just anybody should be able to have access to data or anybody should have access once they're on the inside of the network. So that zero trust architecture is one approach where we can show some leadership and guidance. Another area is in a topic that you touched on as well, was in the software area. So some innovations are coming on very rapidly and strong in this artificial intelligence and machine learning. So if we can take this AI and ML and apply it to our software development areas, they can parse so much information very quickly. And you know, this vast array of software code that's going into system nowadays. And then that frees up our human exquisite talent and developers that can then look at other areas and not focus on minor vulnerability, fix a vulnerability. They can really use their unique skills and talents to come up with a better process, a better way, and let the artificial intelligence and machine learning, find those common problems, those unknown hidden lines of code that get put into a software library and then pull down over and over again from system to system. So I think between an architecture leadership role and employee innovation are two areas that we can show some benefits and process improvement to this whole system. >> That's a great point, Chris, and you think about just the architectural computer architecture network attached storage is an advantage software defined there. You could have flash, all flash arrays for storage. You could have multiple cores on a device. And this new architecture, offloads things, and it's a whole new way to gain efficiencies. I mean, you got Intel, you got Nvidia, you've got armed, all the processors all built in. So there's definitely been commercial best practices and benefits to a new kind of architecture that takes advantage of these new things. It's just efficiencies. But this brings up the whole supply chain conversation. I want to get your thoughts on this because there is talk about predatory investments and access and tactics to gain supply chain access to space systems, your thoughts? >> Yeah, it's a serious threat and not just for the US space supply chain, if you will, is the supply chain you access with large, I think it's a threat that's this real we're seeing today. I just saw an example recently involving, I think our law and services, where there was a foreign threat that was trying to get into a troop through with predatory investments. So it is something that we need to be aware of, it's happening and will continue to happen. It's an easy way to gain access to do our IP. And so it's something that we are serious about in terms of awareness and countering. >> Chris, your thoughts? I mean, I'm an open source guy. We've seen it when I grew up in the industry in the '80s open source became a revolution. But with that, it enabled new tactics for state sponsored attacks and that became a domain in of itself. That's well-documented and people talk about that all the time in cyber. Now you have open innovation with hardware, software connected systems. This is going to bring a supply chain nightmare. How do you track it all? (chuckles) Who's got what software and what device... Where the chip from? Who made it? Just the potential is everywhere. How do you see these tactics? Whether it's a VC firm from another country or this, that, and the other thing, startup, big company-- >> Yeah, so when we see coal companies being purchased by foreign investors, and, you know, we can get blocked out of those, whether it's in the food industry, or if it's in a microchip. Then that microchip could be used in a cell phone or a satellite or an automobile. So all of our are industries that have these companies that are being purchased or a large born investment influx into those, they can be suspect. And we have to be very careful with those and do the tracking of those, especially when those, some of those parts and mechanisms are coming from off shore. And again, going back to the Space Policy Directive-5, it calls out for better supply chain, resource management, the tracking, the knowing the pedigree and the quantitative ability of knowing where those software libraries came from, where the parts came from, and the tracking and delivery of that from an end-to-end system. And typically when we have a really large vendor, they can do that really well. But when we have a subcontractor to a subcontractor, to a subcontractor, their resources may not be such that they can do that tracking in mitigation for counterfeits or fraudulent materials going into our systems. So it's a very difficult challenge, and we want to ensure as best we can that as we ingest those parts, as we ingest those software libraries and technologies into the system, that before we employ them, we have to do some robust testing. And I don't want to say that's the last line of defense, but that certainly is a mechanism for finding out do the systems perform as they stated on a test bench or a flat set, whatever the case may be, before we actually deploy it. And then we're relying on the output or the data that comes from that system that may have some corrupt or suspect parts in it. >> Great point, this federal views-- >> The problem with space systems is kind of, you know, is once you launch the bird or the satellite, your access to it is diminished significantly, right? Unless you go up there and take it down. So, you know, kind of to Chris's point, we need to be able to test all the different parts to ensure that is performing as described there, as specified with good knowledge that it's trustworthy. And so we do that all on the ground before we take it up to launch it. >> It's funny, you want agility, you want speed, and you security, and you want reliability, and risk management. All aggressive, and it's a technical problem, it's a business model problem. Love to get real quick before we jump into some of the more workforce and gap issues on the personnel side, have you guys to just take a minute to explain quickly what's the federal view? If you had to kind of summarize the federal view of the DOD and the role with it wants to take, so all the people out there on the commercial side or students out there who are wanting to jump in, what is the current modern federal view of space cybersecurity? >> Chris, why don't you take that on and I'll follow up. >> Okay, I don't know that I can give you the federal view, but I can certainly give you the Department of Defense that cyber security is extremely important. And as our vendors and our suppliers take on a very, very large and important role, one area that we're looking at improving on is a cyber certification maturity model, where we look at the vendors and how they implement and employee cyber hygiene. So that guidance in and of itself shows the emphasis of cyber security. That when we want to write a contract or a vendor for a purchase that's going to go into a space system, we'd like to know from a third party audit capability, can that vendor protect and defend to some extent the amount that that part or piece or software system is going to have a cyber protection already built into it from that vendor, from the ground floor up, before it even gets put into a larger system. So that shows a level of the CMMC process that we've thought about and started to employ beginning in 2021 and will be further built on in the out years. How important the DOD takes that. And other parts of the government are looking at this. In fact, other nations are looking at the CMMC model. So I think it shows a concern in very many areas, not just in the Department of Defense, that they're going to adopt an approach like this. So it shows the pluses and the benefits of a cybersecurity model that all can build on. >> Bong, your reaction. >> Yeah, I'll just add to that. John, you asked earlier about, you know, how do we track commercial entities or people into the space and cyber security domains? I can tell you that at least my view of it, space and cybersecurity are new. It's exciting, it's challenging, a lot of technical challenges there. So I think in terms of attracting the right people and personnel to work those areas, I think it's not only intellectually challenging, but it's important for the defensing and near States. And it's important for economic security at large for us as well. So I think in terms of a workforce and trying to get people interested in those domains, I hope that they see the same thing we do in terms of the challenges and the opportunities it presents itself in the future. >> Awesome, I loved your talk on intro track there. Bong, you mentioned the three key areas of DOD success, developing a whole government approach to partnership with the private sector. I think that's critical, and the allies. Prioritizing the right investments on resilience, innovation, adaptive operations, and responding to rapidly to effectively emerging technology seem to be fast. I think all those things are relevant. So given that, I want to get your thoughts on the Defense Space Strategy. In 2020, the DOD released dispense Defense Space Strategy, highlighting threats, and challenges and opportunities. How would you summarize those threats and those challenges and opportunities? What are those things that you're watching in the defense space area? >> Right, well, I think as I said before, Chris as well, you know, we're seeing that space will be highly contested because it's a critical element in our war fighting construct. To win our future conflict, I think we need to win space as well. So when you look at our near peer adversaries, there's a lot of efforts in China to take that advantage away from the United States. So the threat is real, and I think it's going to continue to evolve and grow. And the more we use space, for both commercial and government, I think you're going to see a lot more when these threats, some AFAs itself in forms of cyber attacks, or even kinetic attacks in some cases as needed. So, yeah, so the threat is indeed growing, space is congested, as we talked about, it will continually be contested in the future as well. So we need to have, like we do now in all the other domains, a way to defend it. And that's what we're working on within DOD. How do we protect our assets in space, and how do we make sure that the data information that traverses through space assets are trustworthy and free of any interference. >> Chris, exciting time, I'm mean, if you're in technology, this is crossing many lines here, tech, society, war time defense, new areas, new tech. I mean, it's security, it's intoxicating at many levels because if you think about it, it's not one thing. It's not one thing anymore. It spans a broader spectrum, these opportunities. >> Yeah and I think that expansion is a natural outgrowth from, as our microprocessors and chips and technology continue to shrink smaller and smaller. You know, we think of our cell phones and our handheld devices and tablets and so on that have just continued to get embedded in our everyday society, our everyday way of life. And that's a natural extension when we start applying those to space systems, when we think of smallsats and cube sets and the technology that's can be repurposed into a small vehicle, and the cost has come down so dramatically that, you know, we can afford to get rapid experiments, rapid exploitations and different approaches in space and learn from those and repeat them very quickly and very rapidly. And that applies itself very well to an agile development process, DevSecOps, and this notion of spins and cycles and refreshing and re-addressing priorities very quickly so that when we do put a new technology up, that the technology is very lean and cutting edge, and hasn't been years and years in the making, but it's relevant and new. And the cybersecurity and the vulnerabilities of that have to be addressed and allow that DevSecOps process to take place so that we can look at those vulnerabilities and get that new technology and those new experiments and demonstrations in space and get lessons learned from them over and over again. >> Well, that brings us to the next big topic. I want to spend the remainder of our time on, that is workforce, this next generation. If I wasn't so old, I would quit my job and I would join immediately. It's so much fun, it's exciting, and it's important. And this is what I think is a key point is that cybersecurity in and of itself has got a big gap of shortage of workers, nevermind adding space to it. So this is the intersection of space and cybersecurity. There is a workforce opportunity for this next generation, young person to person re-skilling, this is a big deal. Bong, you have thoughts on this? It's not just STEM, it's everything. >> Yeah, it's everything, you know, the opportunities we have in space, it's significant and tremendous. And I think if I were young again, as you pointed out, John, you know, I'm lucky that I'm in this domain in this world and I started years ago, but it continues to be exciting, lots of opportunities, you know. When you look at some of the commercial space systems are being put up, if you look at, I mentioned Starlink before and Amazon's Kuiper Constellation. These guys are talking about couple of thousand satellites in space to provide ubiquitous communications for internet globally, and that sort of thing. And they're not the only ones that are out there producing capability. We're seeing a lot more commercial imagery products being developed by companies, both within the US and foreign elements as well. So I think it's an exciting time to be in space. Certainly lots of opportunities. There's technical challenges galore in terms of not only the overcoming the physics of space, but being able to operate flexibly and get the most you can out of the capabilities we have operating up in space. >> Besides being cool, I mean, everyone looks at launch of space gets millions of views on live streams, the On-Demand reruns get millions and millions of views. There's a lot of things there. So, Chris, what specifically could you share are things that people would work on? Jobs, skills, what's the aperture? What's it look like if you zoom out and look at all the opportunities from a scale standpoint, what's out there? >> I'll talk to the aperture, but I want to give a shout out to our Space Force. And I mean, their job is to train and equip each air space and that space talent. And I think that's going to be a huge plus up to have a Space Force that's dedicated to training, equipping, an acquisition and a deployment model that will benefit not just the other services, but all of our national defense and our strategic way of how this company, country employees space altogether. So having a Space Force, I think, is a huge issue. And then to get to that aperture aspect of what you're asking and that addresses a larger workforce, we need so many different talents in this area. We can employ a variety of people from technical writers, to people who write and develop software to those who bending metal and actually working in a hardware environment. And those that do planning and launch operations and all of those spectrums and issues of jobs, are directly related to a workforce that can contribute to space. And then once that data gets to the ground and employed out to a user, whether it's a weather data, or we're looking at from a sensor, recent events on shipping lanes, those types of things. So space has such a wide and diverse swath that the aperture's really wide open for a variety of backgrounds. And those that really just want to take an opportunity, take a technical degree, or a degree that can apply itself to a tough problem, because they certainly exist in space. And we can use that mindset of problem solving, whether you come at it from a hacker mindset, an ethical, white hat approach to testing and vulnerability exploration. Or somebody who knows how to actually make operations safer, better through space situation awareness. So there's a huge swath of opportunity for us. >> Bong, talk about the cybersecurity enabled environment, the use cases that are possible when you have cybersecurity in play with space systems, which is in and of itself, a huge range of jobs, codings, supply chain, we just talked about a bunch of them. There's still more connected use cases that go beyond that, that are enabled by it, if you think about it. And this is what the students at Cal Poly and every other college and university, community college, you name it, who are watching videos on YouTube. Anyone with a brain can jump in if they see the future. It's all net news. Space Force is driving awareness, but there's a whole slew of these new use cases that I call space enabled by cyber secure systems. Your thoughts? >> Absolutely, I was had planned on attending the Cyber Challenge that's Cal Poly had planned in June. Of course, the pandemic took care of that plan, but I was intrigued by the approach that the Cal Poly was taking with middle school and high school kids of exposing him to a problem set. Here, you have a satellite that came down from space and part of the challenge was to do forensic analysis on the debris, the remaining pieces of the satellite to figure out what happened. It had a cyber cybersecurity connotation. It was hacked, it was attacked by cyber threat nation, took it down. And the beauty of having these kids kind of play with the remaining parts of the satellite, figure out what happened. So it was pretty exciting. I was really looking forward to participating in that, but again, the pandemic kind of blew that up, but I look forward to future events like that, to get our young people intrigued and interested in this new field of space. Now, Chris was talking earlier about opportunities, there're opportunities that you talk about, while I would like to have people come to the government, to help us out, it's not just focused on government. There's lots of opportunities in commercial space, if you will, for a lot of talent to participate in. So the challenge is immense, both government and the commercial sector, John. >> I mean, you get the hardcore, you know, I want to work for the DOD, I want to work for NSA, I want to work for the government. You clearly got people who want to have that kind of mission. But for the folks out there, Chris and Bong that are like, "Do I qualify?" It's like the black box of the DOD, it's like a secret thing, you got to get clearance, you've got to get all these certifications. And you got to take all kinds of tests and background checks. Is it like that, and will that continue? 'Cause some people might say, "Hey, can I even get involved? "What do I do?" So I know there's some private partnerships going on with companies out there in the private sector. So this is now a new, you guys seem to be partnering and going outside the comfort zone of the old kind of tactical things. What are some of those opportunities that people could get involved in that they might not know about? >> For NSA, there's a variety of workforce initiatives that for anybody from a high school work study can take advantage of to those that would like have to have internships. And those that are in a traditional academic environment, there's several NSA schools across the country that have academic and cyber sites of excellence that participate in projects that are shepherded and mentored by those at NSA that can get those tough problems that don't have maybe a classified or super sensitive nature that can be worked in and in an academia environment. So those are two or three examples of how somebody can break into an intelligence organization. And the other agencies have those opportunities as well across the intelligence community. And the partnership between and collaboration between private industry and the agencies and the Department of Defense just continue to grow over and over again. And even myself being able to take advantage of a joint duty assignment between my home organization and the Pentagon, just shows another venue of somebody that's in one organization can partner and leverage with another organization as well. So I'm an example of that partnering that's going on today. >> So there's some innovation. Bong, nontraditional pathways to find talent, what are out there, what are new? What are these new nontraditional ways? >> I was going to add to what Chris was mentioning, John. Even within DOD and under the purview of our chief information officer, back in 2013, the Deputy Secretary Defense signed the, what we call the DOD Cyberspace Workforce Strategy into effect. And that included a program called the Cyber Information Technology Exchange Program. It's an exchange program in which a private sector employee can work for the DOD in cyber security positions span across multiple mission critical areas. So this is one opportunity to learn, inside the DOD what's happening as a private sector person, if you will. Going back to what we talked about, kind of opportunities within the government for somebody who might be interested. You don't have to be super smart, dork in space, there's a lot of, like Chris pointed out, there's a lot of different areas that we need to have people, talented people to conduct the mission in space. So you don't have to be mathematician. You don't have to be an engineer to succeed in this business. I think there's plenty of opportunities for any types of talent, any type of academic disciplines that are out there. >> All right, thank you, and Chris's shout out to the Space Force is really worth calling out again, because I think to me, that's a big deal. It's a huge deal. It's going to change the face of our nation and society. So super, super important. And that's going to rise the tide. I think it's going to create some activation for a younger generation, certainly, and kind of new opportunities, new problems to solve, new threats to take on, and move it on. So really super conversation, space and cybersecurity, the Department of Defense perspective. Bong and Chris, thank you for taking the time. I'd love you guys just to close out. We'll start with you Bong and then Chris. Summarize for the folks watching, whether it's a student at Cal Poly or other university or someone in industry and government, what is the Department of Defense perspective for space cybersecurity? >> Chris, want to go and take that on? >> That's right, thank you. Cybersecurity applies to much more than just the launch and download of mission data or human led exploration. And the planning, testing, and experiments in the lab prior to launch require that cyber protection, just as much as any other space link, ground segment, trust rail network, or user data, and any of that loss of intellectual property or proprietary data is an extremely valuable and important, and really warrants cyber security safeguards. In any economic espionage, your data exfiltration, or denied access to that data, i.e. ransomware or some other attack, that can cripple any business or government endeavor, no matter how small or large, if it's left unprotected. And our economic backbone clearly depends on space. And GPS is more than just a direction finding, banking needs that T and timing from P and T or whether it just systems that protect our shipping and airline industry of whether they can navigate and go through a particular storm or not. Even fighting forest fires picked up by a remote sensor. All those space space assets require protection from spoofing date, data denial, or total asset loss. An example would be if a satellite sensitive optics or intentionally pointed at the sun and damaged, or if a command to avoid collision with another space vehicle was delayed or disrupted or a ground termination command as we just saw just a few days ago at T minus three seconds prior to liftoff, if those all don't go as planned, those losses are real and can be catastrophic. So the threat to space is pervasive, real and genuine, and your active work across all those platforms is necessary and appreciated. And your work in this area is critical going forward. Thank you for this opportunity to speak with you and talking on this important topic. Thank you, Chris Henson. Bong Gumahad, closing remarks? >> Yeah, likewise, John, again, as Chris said, thank you for the opportunity to discuss this very important around space cybersecurity, as well as addressing at the end there, we were talking about workforce development and the need to have people in the mix for future. (indistinct) We discussed, we need to start that recruiting early as we're doing to address the STEM gap today, we need to apply the same thing for cybersecurity. We absolutely need smart and innovative people to protect both our economic wellbeing as a nation, as well as our national defense. So this is the right conversation to have at this time, John. And again, thank you and Cal Poly host for having this symposium and having this opportunity to have this dialogue. Thank you. >> Gentlemen, thank you for your time and great insights. We couldn't be there in person. We're here virtual for the Space and Cybersecurity Symposium 2020, the Cal Poly. I'm John Furrier with SiliconANGLE and theCUBE, your host. Thank you for watching. (soft music)

>> Announcer: From around the globe, it's The Cube, covering Space and Cybersecurity Symposium 2020, hosted by Cal Poly. >> Everyone, welcome to this special virtual conference, the Space and Cybersecurity Symposium 2020 put on by Cal Poly with support from The Cube. I'm John Furey, your host and master of ceremony's got a great topic today, and this session is really the intersection of space and cybersecurity. This topic, and this conversation is a cybersecurity workforce development through public and private partnerships. And we've got a great lineup, we've Jeff Armstrong is the president of California Polytechnic State University, also known as Cal Poly. Jeffrey, thanks for jumping on and Bong Gumahad. The second, Director of C4ISR Division, and he's joining us from the Office of the Under Secretary of Defense for the acquisition and sustainment of Department of Defense, DOD, and of course Steve Jacques is Executive Director, founder National Security Space Association, and managing partner at Velos. Gentlemen, thank you for joining me for this session, we've got an hour of conversation, thanks for coming on. >> Thank you. >> So we've got a virtual event here, we've got an hour to have a great conversation, I'd love for you guys to do an opening statement on how you see the development through public and private partnerships around cybersecurity and space, Jeff, we'll start with you. >> Well, thanks very much, John, it's great to be on with all of you. On behalf of Cal Poly, welcome everyone. Educating the workforce of tomorrow is our mission at Cal Poly, whether that means traditional undergraduates, masters students, or increasingly, mid-career professionals looking to upskill or re-skill. Our signature pedagogy is learn by doing, which means that our graduates arrive at employers, ready day one with practical skills and experience. We have long thought of ourselves as lucky to be on California's beautiful central coast, but in recent years, as we've developed closer relationships with Vandenberg Air Force Base, hopefully the future permanent headquarters of the United States Space Command with Vandenberg and other regional partners, We have discovered that our location is even more advantageous than we thought. We're just 50 miles away from Vandenberg, a little closer than UC Santa Barbara and the base represents the Southern border of what we have come to think of as the central coast region. Cal Poly and Vandenberg Air Force Base have partnered to support regional economic development, to encourage the development of a commercial space port, to advocate for the space command headquarters coming to Vandenberg and other ventures. These partnerships have been possible because both parties stand to benefit. Vandenberg, by securing new streams of revenue, workforce, and local supply chain and Cal Poly by helping to grow local jobs for graduates, internship opportunities for students and research and entrepreneurship opportunities for faculty and staff. Crucially, what's good for Vandenberg Air Force Base and for Cal Poly is also good for the central coast and the U.S., creating new head of household jobs, infrastructure, and opportunity. Our goal is that these new jobs bring more diversity and sustainability for the region. This regional economic development has taken on a life of its own, spawning a new nonprofit called REACH which coordinates development efforts from Vandenberg Air Force Base in the South to Camp Roberts in the North. Another factor that has facilitated our relationship with Vandenberg Air Force Base is that we have some of the same friends. For example, Northrop Grumman has as long been an important defense contractor and an important partner to Cal Poly, funding scholarships in facilities that have allowed us to stay current with technology in it to attract highly qualified students for whom Cal Poly's costs would otherwise be prohibitive. For almost 20 years, Northrop Grumman has funded scholarships for Cal Poly students. This year, they're funding 64 scholarships, some directly in our College of Engineering and most through our Cal Poly Scholars Program. Cal Poly scholars support both incoming freshmen and transfer students. These are especially important, 'cause it allows us to provide additional support and opportunities to a group of students who are mostly first generation, low income and underrepresented, and who otherwise might not choose to attend Cal Poly. They also allow us to recruit from partner high schools with large populations of underrepresented minority students, including the Fortune High School in Elk Grove, which we developed a deep and lasting connection. We know that the best work is done by balanced teams that include multiple and diverse perspectives. These scholarships help us achieve that goal and I'm sure you know Northrop Grumman was recently awarded a very large contract to modernize the U.S. ICBM armory with some of the work being done at Vandenberg Air Force Base, thus supporting the local economy and protecting... Protecting our efforts in space requires partnerships in the digital realm. Cal Poly has partnered with many private companies such as AWS. Our partnerships with Amazon Web Services has enabled us to train our students with next generation cloud engineering skills, in part, through our jointly created digital transformation hub. Another partnership example is among Cal Poly's California Cyber Security Institute College of Engineering and the California National Guard. This partnership is focused on preparing a cyber-ready workforce, by providing faculty and students with a hands on research and learning environment side by side with military law enforcement professionals and cyber experts. We also have a long standing partnership with PG&E most recently focused on workforce development and redevelopment. Many of our graduates do indeed go on to careers in aerospace and defense industry. As a rough approximation, more than 4,500 Cal Poly graduates list aerospace or defense as their employment sector on LinkedIn. And it's not just our engineers in computer sciences. When I was speaking to our fellow panelists not too long ago, speaking to Bong, we learned that Rachel Sims, one of our liberal arts majors is working in his office, so shout out to you, Rachel. And then finally, of course, some of our graduates soar to extraordinary heights, such as Commander Victor Glover, who will be heading to the International Space Station later this year. As I close, all of which is to say that we're deeply committed to workforce development and redevelopment, that we understand the value of public-private partnerships, and that we're eager to find new ways in which to benefit everyone from this further cooperation. So we're committed to the region, the state and the nation, in our past efforts in space, cyber security and links to our partners at, as I indicated, aerospace industry and governmental partners provides a unique position for us to move forward in the interface of space and cyber security. Thank you so much, John. >> President Armstrong, thank you very much for the comments and congratulations to Cal Poly for being on the forefront of innovation and really taking a unique, progressive view and want to tip a hat to you guys over there, thank you very much for those comments, appreciate it. Bong, Department of Defense. Exciting, you've got to defend the nation, space is global, your opening statement. >> Yes, sir, thanks John, appreciate that. Thank you everybody, I'm honored to be in this panel along with Preston Armstrong of Cal Poly and my longtime friend and colleague Steve Jacques of the National Security Space Association to discuss a very important topic of a cybersecurity workforce development as President Armstrong alluded to. I'll tell you, both of these organizations, Cal Poly and the NSSA have done and continue to do an exceptional job at finding talent, recruiting them and training current and future leaders and technical professionals that we vitally need for our nation's growing space programs, as well as our collective national security. Earlier today, during session three, I, along with my colleague, Chris Samson discussed space cyber security and how the space domain is changing the landscape of future conflicts. I discussed the rapid emergence of commercial space with the proliferation of hundreds, if not thousands of satellites, providing a variety of services including communications, allowing for global internet connectivity, as one example. Within DOD, we continued to look at how we can leverage this opportunity. I'll tell you, one of the enabling technologies, is the use of small satellites, which are inherently cheaper and perhaps more flexible than the traditional bigger systems that we have historically used and employed for DOD. Certainly not lost on me is the fact that Cal Poly pioneered CubeSats 28, 27 years ago, and they set a standard for the use of these systems today. So they saw the value and benefit gained way ahead of everybody else it seems. And Cal Poly's focus on training and education is commendable. I'm especially impressed by the efforts of another of Steven's colleague, the current CIO, Mr. Bill Britton, with his high energy push to attract the next generation of innovators. Earlier this year, I had planned on participating in this year's cyber innovation challenge in June, Oops, Cal Poly hosts California middle, and high school students, and challenge them with situations to test their cyber knowledge. I tell you, I wish I had that kind of opportunity when I was a kid, unfortunately, the pandemic changed the plan, but I truly look forward to future events such as these, to participate in. Now, I want to recognize my good friend, Steve Jacques, whom I've known for perhaps too long of a time here, over two decades or so, who was an acknowledged space expert and personally I've truly applaud him for having the foresight a few years back to form the National Security Space Association to help the entire space enterprise navigate through not only technology, but policy issues and challenges and paved the way for operationalizing space. Space, it certainly was fortifying domain, it's not a secret anymore, and while it is a unique area, it shares a lot of common traits with the other domains, such as land, air, and sea, obviously all are strategically important to the defense of the United States. In conflict, they will all be contested and therefore they all need to be defended. One domain alone will not win future conflicts, and in a joint operation, we must succeed in all. So defending space is critical, as critical as to defending our other operational domains. Funny, space is the only sanctuary available only to the government. Increasingly as I discussed in a previous session, commercial space is taking the lead in a lot of different areas, including R&D, the so-called new space. So cybersecurity threat is even more demanding and even more challenging. The U.S. considers and futhered access to and freedom to operate in space, vital to advancing security, economic prosperity and scientific knowledge of the country, thus making cyberspace an inseparable component of America's financial, social government and political life. We stood up US Space Force a year ago or so as the newest military service. Like the other services, its mission is to organize, train and equip space forces in order to protect U.S. and allied interest in space and to provide spacecape builders who joined force. Imagine combining that U.S. Space Force with the U.S. Cyber Command to unify the direction of the space and cyberspace operation, strengthen DOD capabilities and integrate and bolster a DOD cyber experience. Now, of course, to enable all of this requires a trained and professional cadre of cyber security experts, combining a good mix of policy, as well as a high technical skill set. Much like we're seeing in STEM, we need to attract more people to this growing field. Now, the DOD has recognized the importance to the cybersecurity workforce, and we have implemented policies to encourage its growth. Back in 2013, the Deputy Secretary of Defense signed a DOD Cyberspace Workforce Strategy, to create a comprehensive, well-equipped cyber security team to respond to national security concerns. Now, this strategy also created a program that encourages collaboration between the DOD and private sector employees. We call this the Cyber Information Technology Exchange program, or CITE that it's an exchange program, which is very interesting in which a private sector employee can naturally work for the DOD in a cyber security position that spans across multiple mission critical areas, important to the DOD. A key responsibility of the cyber security community is military leaders, unrelated threats, and the cyber security actions we need to have to defeat these threats. We talked about rapid acquisition, agile business processes and practices to speed up innovation, likewise, cyber security must keep up with this challenge. So cyber security needs to be right there with the challenges and changes, and this requires exceptional personnel. We need to attract talent, invest in the people now to grow a robust cybersecurity workforce for the future. I look forward to the panel discussion, John, thank you. >> Thank you so much, Bob for those comments and, you know, new challenges or new opportunities and new possibilities and freedom to operate in space is critical, thank you for those comments, looking forward to chatting further. Steve Jacques, Executive Director of NSSA, you're up, opening statement. >> Thank you, John and echoing Bongs, thanks to Cal Poly for pulling this important event together and frankly, for allowing the National Security Space Association be a part of it. Likewise, on behalf of the association, I'm delighted and honored to be on this panel of President Armstrong, along with my friend and colleague, Bong Gumahad. Something for you all to know about Bong, he spent the first 20 years of his career in the Air Force doing space programs. He then went into industry for several years and then came back into government to serve, very few people do that. So Bong, on behalf of the space community, we thank you for your lifelong devotion to service to our nation, we really appreciate that. And I also echo a Bong shout out to that guy, Bill Britton. who's been a long time co-conspirator of ours for a long time, and you're doing great work there in the cyber program at Cal Poly, Bill, keep it up. But Professor Armstrong, keep a close eye on him. (laughter) I would like to offer a little extra context to the great comments made by President Armstrong and Bong. And in our view, the timing of this conference really could not be any better. We all recently reflected again on that tragic 9/11 surprise attack on our homeland and it's an appropriate time we think to take pause. While a percentage of you in the audience here weren't even born or were babies then, for the most of us, it still feels like yesterday. And moreover, a tragedy like 9/11 has taught us a lot to include, to be more vigilant, always keep our collective eyes and ears open, to include those "eyes and ears from space," making sure nothing like this ever happens again. So this conference is a key aspect, protecting our nation requires we work in a cyber secure environment at all times. But you know, the fascinating thing about space systems is we can't see 'em. Now sure, we see space launches, man, there's nothing more invigorating than that. But after launch they become invisible, so what are they really doing up there? What are they doing to enable our quality of life in the United States and in the world? Well to illustrate, I'd like to paraphrase elements of an article in Forbes magazine, by Bongs and my good friend, Chuck Beames, Chuck is a space guy, actually had Bongs job a few years in the Pentagon. He's now Chairman and Chief Strategy Officer at York Space Systems and in his spare time, he's Chairman of the Small Satellites. Chuck speaks in words that everyone can understand, so I'd like to give you some of his words out of his article, paraphrase somewhat, so these are Chuck's words. "Let's talk about average Joe and plain Jane. "Before heading to the airport for a business trip "to New York city, Joe checks the weather forecast, "informed by NOAA's weather satellites, "to see what to pack for the trip. "He then calls an Uber, that space app everybody uses, "it matches riders with drivers via GPS, "to take him to the airport. "So Joe has launched in the airport, "unbeknownst to him, his organic lunch is made "with the help of precision farming "made possible to optimize the irrigation and fertilization "with remote spectral sensing coming from space and GPS. "On the plane, the pilot navigates around weather, "aided by GPS and NOAA's weather satellites "and Joe makes his meeting on time "to join his New York colleagues in a video call "with a key customer in Singapore, "made possible by telecommunication satellites. "En route to his next meeting, "Joe receives notice changing the location of the meeting "to the other side of town. "So he calmly tells Siri to adjust the destination "and his satellite-guided Google maps redirect him "to the new location. "That evening, Joe watches the news broadcast via satellite, "report details of meeting among world leaders, "discussing the developing crisis in Syria. "As it turns out various forms of "'remotely sensed information' collected from satellites "indicate that yet another banned chemical weapon "may have been used on its own people. "Before going to bed, Joe decides to call his parents "and congratulate them for their wedding anniversary "as they cruise across the Atlantic, "made possible again by communication satellites "and Joe's parents can enjoy the call "without even wondering how it happened. "The next morning back home, "Joe's wife, Jane is involved in a car accident. "Her vehicle skids off the road, she's knocked unconscious, "but because of her satellite equipped OnStar system, "the crash is detected immediately, "and first responders show up on the scene in time. "Joe receives the news, books an early trip home, "sends flowers to his wife "as he orders another Uber to the airport. "Over that 24 hours, "Joe and Jane used space system applications "for nearly every part of their day. "Imagine the consequences if at any point "they were somehow denied these services, "whether they be by natural causes or a foreign hostility. "In each of these satellite applications used in this case, "were initially developed for military purposes "and continued to be, but also have remarkable application "on our way of life, just many people just don't know that." So ladies and gentlemen, now you know, thanks to Chuck Beames. Well, the United States has a proud heritage of being the world's leading space-faring nation. Dating back to the Eisenhower and Kennedy years, today, we have mature and robust systems operating from space, providing overhead reconnaissance to "watch and listen," provide missile warning, communications, positioning, navigation, and timing from our GPS system, much of which you heard in Lieutenant General JT Thomson's earlier speech. These systems are not only integral to our national security, but also to our quality of life. As Chuck told us, we simply no longer can live without these systems as a nation and for that matter, as a world. But over the years, adversaries like China, Russia and other countries have come to realize the value of space systems and are aggressively playing catch up while also pursuing capabilities that will challenge our systems. As many of you know, in 2007, China demonstrated its ASAT system by actually shooting down one of its own satellites and has been aggressively developing counterspace systems to disrupt ours. So in a heavily congested space environment, our systems are now being contested like never before and will continue to be. Well, as a Bong mentioned, the United States have responded to these changing threats. In addition to adding ways to protect our system, the administration and the Congress recently created the United States Space Force and the operational United States Space Command, the latter of which you heard President Armstrong and other Californians hope is going to be located at Vandenberg Air Force Base. Combined with our intelligence community, today we have focused military and civilian leadership now in space, and that's a very, very good thing. Commensurately on the industry side, we did create the National Security Space Association, devoted solely to supporting the National Security Space Enterprise. We're based here in the DC area, but we have arms and legs across the country and we are loaded with extraordinary talent in scores of former government executives. So NSSA is joined at the hip with our government customers to serve and to support. We're busy with a multitude of activities underway, ranging from a number of thought-provoking policy papers, our recurring spacetime webcasts, supporting Congress's space power caucus, and other main serious efforts. Check us out at nssaspace.org. One of our strategic priorities and central to today's events is to actively promote and nurture the workforce development, just like Cal-Poly. We will work with our U.S. government customers, industry leaders, and academia to attract and recruit students to join the space world, whether in government or industry, and to assist in mentoring and training as their careers progress. On that point, we're delighted to be working with Cal Poly as we hopefully will undertake a new pilot program with them very soon. So students stay tuned, something I can tell you, space is really cool. While our nation's satellite systems are technical and complex, our nation's government and industry workforce is highly diverse, with a combination of engineers, physicists and mathematicians, but also with a large non-technical expertise as well. Think about how government gets these systems designed, manufactured, launching into orbit and operating. They do this via contracts with our aerospace industry, requiring talents across the board, from cost estimating, cost analysis, budgeting, procurement, legal, and many other support tasks that are integral to the mission. Many thousands of people work in the space workforce, tens of billions of dollars every year. This is really cool stuff and no matter what your education background, a great career to be part of. In summary, as Bong had mentioned as well, there's a great deal of exciting challenges ahead. We will see a new renaissance in space in the years ahead and in some cases it's already begun. Billionaires like Jeff Bezos, Elon Musk, Sir Richard Branson, are in the game, stimulating new ideas and business models. Other private investors and startup companies, space companies are now coming in from all angles. The exponential advancement of technology and micro electronics now allows a potential for a plethora of small sat systems to possibly replace older satellites, the size of a Greyhound bus. It's getting better by the day and central to this conference, cybersecurity is paramount to our nation's critical infrastructure in space. So once again, thanks very much and I look forward to the further conversation. >> Steve, thank you very much. Space is cool, it's relevant, but it's important as you pointed out in your awesome story about how it impacts our life every day so I really appreciate that great story I'm glad you took the time to share that. You forgot the part about the drone coming over in the crime scene and, you know, mapping it out for you, but we'll add that to the story later, great stuff. My first question is, let's get into the conversations, because I think this is super important. President Armstrong, I'd like you to talk about some of the points that was teased out by Bong and Steve. One in particular is the comment around how military research was important in developing all these capabilities, which is impacting all of our lives through that story. It was the military research that has enabled a generation and generation of value for consumers. This is kind of this workforce conversation, there are opportunities now with research and grants, and this is a funding of innovation that is highly accelerated, it's happening very quickly. Can you comment on how research and the partnerships to get that funding into the universities is critical? >> Yeah, I really appreciate that and appreciate the comments of my colleagues. And it really boils down to me to partnerships, public-private partnerships, you have mentioned Northrop Grumman, but we have partnerships with Lockheed Martin, Boeing, Raytheon, Space X, JPL, also member of an organization called Business Higher Education Forum, which brings together university presidents and CEOs of companies. There's been focused on cybersecurity and data science and I hope that we can spill into cybersecurity and space. But those partnerships in the past have really brought a lot forward. At Cal Poly, as mentioned, we've been involved with CubeSat, we've have some secure work, and we want to plan to do more of that in the future. Those partnerships are essential, not only for getting the R&D done, but also the students, the faculty, whether they're master's or undergraduate can be involved with that work, they get that real life experience, whether it's on campus or virtually now during COVID or at the location with the partner, whether it may be governmental or industry, and then they're even better equipped to hit the ground running. And of course we'd love to see more of our students graduate with clearance so that they could do some of that secure work as well. So these partnerships are absolutely critical and it's also in the context of trying to bring the best and the brightest in all demographics of California and the U.S. into this field, to really be successful. So these partnerships are essential and our goal is to grow them just like I know our other colleagues in the CSU and the UC are planning to do. >> You know, just as my age I've seen, I grew up in the eighties and in college and they're in that system's generation and the generation before me, they really kind of pioneered the space that spawned the computer revolution. I mean, you look at these key inflection points in our lives, they were really funded through these kinds of real deep research. Bong, talk about that because, you know, we're living in an age of cloud and Bezos was mentioned, Elon Musk, Sir Richard Branson, you got new ideas coming in from the outside, you have an accelerated clock now in terms of the innovation cycles and so you got to react differently, you guys have programs to go outside of the defense department, how important is this because the workforce that are in schools and/or folks re-skilling are out there and you've been on both sides of the table, so share your thoughts. >> No, thanks Johnny, thanks for the opportunity to respond to, and that's what, you know, you hit on the nose back in the 80's, R&D and space especially was dominated by government funding, contracts and so on, but things have changed as Steve pointed out, allow these commercial entities funded by billionaires are coming out of the woodwork, funding R&D so they're taking the lead, so what we can do within the DOD in government is truly take advantage of the work they've done. And since they're, you know, paving the way to new approaches and new way of doing things and I think we can certainly learn from that and leverage off of that, saves us money from an R&D standpoint, while benefiting from the product that they deliver. You know, within DOD, talking about workforce development, you know, we have prioritized and we have policies now to attract and retain the talent we need. I had the folks do some research and it looks like from a cybersecurity or workforce standpoint, a recent study done, I think last year in 2019, found that the cyber security workforce gap in U.S. is nearing half a million people, even though it is a growing industry. So the pipeline needs to be strengthened, getting people through, you know, starting young and through college, like Professor Armstrong indicated because we're going to need them to be in place, you know, in a period of about maybe a decade or so. On top of that, of course, is the continuing issue we have with the gap with STEM students. We can't afford not have expertise in place to support all the things we're doing within DoD, not only DoD but the commercial side as well, thank you. >> How's the gap get filled, I mean, this is, again, you've got cybersecurity, I mean, with space it's a whole other kind of surface area if you will, it's not really surface area, but it is an IOT device if you think about it, but it does have the same challenges, that's kind of current and progressive with cybersecurity. Where's the gap get filled, Steve or President Armstrong, I mean, how do you solve the problem and address this gap in the workforce? What are some solutions and what approaches do we need to put in place? >> Steve, go ahead., I'll follow up. >> Okay, thanks, I'll let you correct me. (laughter) It's a really good question, and the way I would approach it is to focus on it holistically and to acknowledge it upfront and it comes with our teaching, et cetera, across the board. And from an industry perspective, I mean, we see it, we've got to have secure systems in everything we do, and promoting this and getting students at early ages and mentoring them and throwing internships at them is so paramount to the whole cycle. And that's kind of, it really takes a focused attention and we continue to use the word focus from an NSSA perspective. We know the challenges that are out there. There are such talented people in the workforce, on the government side, but not nearly enough of them and likewise on the industry side, we could use more as well, but when you get down to it, you know, we can connect dots, you know, the aspects that Professor Armstrong talked about earlier to where you continue to work partnerships as much as you possibly can. We hope to be a part of that network, that ecosystem if you will, of taking common objectives and working together to kind of make these things happen and to bring the power, not just of one or two companies, but of our entire membership thereabout. >> President Armstrong-- >> Yeah, I would also add it again, it's back to the partnerships that I talked about earlier, one of our partners is high schools and schools Fortune, Margaret Fortune, who worked in a couple of administrations in California across party lines and education, their fifth graders all visit Cal Poly, and visit our learned-by-doing lab. And you've got to get students interested in STEM at an early age. We also need the partnerships, the scholarships, the financial aid, so the students can graduate with minimal to no debt to really hit the ground running and that's exacerbated and really stress now with this COVID induced recession. California supports higher education at a higher rate than most states in the nation, but that has brought this year for reasons all understand due to COVID. And so our partnerships, our creativity, and making sure that we help those that need the most help financially, that's really key because the gaps are huge. As my colleagues indicated, you know, half a million jobs and I need you to look at the students that are in the pipeline, we've got to enhance that. And the placement rates are amazing once the students get to a place like Cal Poly or some of our other amazing CSU and UC campuses, placement rates are like 94%. Many of our engineers, they have jobs lined up a year before they graduate. So it's just going to take a key partnerships working together and that continued partnership with government local, of course, our state, the CSU, and partners like we have here today, both Steve and Bong so partnerships is the thing. >> You know, that's a great point-- >> I could add, >> Okay go ahead. >> All right, you know, the collaboration with universities is one that we put on lot of emphasis here, and it may not be well known fact, but just an example of national security, the AUC is a national centers of academic excellence in cyber defense works with over 270 colleges and universities across the United States to educate and certify future cyber first responders as an example. So that's vibrant and healthy and something that we ought to take advantage of. >> Well, I got the brain trust here on this topic. I want to get your thoughts on this one point, 'cause I'd like to define, you know, what is a public-private partnership because the theme that's coming out of the symposium is the script has been flipped, it's a modern era, things are accelerated, you've got security, so you've got all of these things kind of happenning it's a modern approach and you're seeing a digital transformation play out all over the world in business and in the public sector. So what is a modern public-private partnership and what does it look like today because people are learning differently. COVID has pointed out, which is that we're seeing right now, how people, the progressions of knowledge and learning, truth, it's all changing. How do you guys view the modern version of public-private partnership and some examples and some proof points, can you guys share that? We'll start with you, Professor Armstrong. >> Yeah, as I indicated earlier, we've had, and I could give other examples, but Northrop Grumman, they helped us with a cyber lab many years ago that is maintained directly, the software, the connection outside it's its own unit so the students can learn to hack, they can learn to penetrate defenses and I know that that has already had some considerations of space, but that's a benefit to both parties. So a good public-private partnership has benefits to both entities and the common factor for universities with a lot of these partnerships is the talent. The talent that is needed, what we've been working on for years of, you know, the undergraduate or master's or PhD programs, but now it's also spilling into upskilling and reskilling, as jobs, you know, folks who are in jobs today that didn't exist two years, three years, five years ago, but it also spills into other aspects that can expand even more. We're very fortunate we have land, there's opportunities, we have ONE Tech project. We are expanding our tech park, I think we'll see opportunities for that and it'll be adjusted due to the virtual world that we're all learning more and more about it, which we were in before COVID. But I also think that that person to person is going to be important, I want to make sure that I'm driving across a bridge or that satellite's being launched by the engineer that's had at least some in person training to do that in that experience, especially as a first time freshman coming on campus, getting that experience, expanding it as an adult, and we're going to need those public-private partnerships in order to continue to fund those at a level that is at the excellence we need for these STEM and engineering fields. >> It's interesting people and technology can work together and these partnerships are the new way. Bongs too with reaction to the modern version of what a public successful private partnership looks like. >> If I could jump in John, I think, you know, historically DOD's had a high bar to overcome if you will, in terms of getting rapid... pulling in new companies, miss the fall if you will, and not rely heavily on the usual suspects, of vendors and the like, and I think the DOD has done a good job over the last couple of years of trying to reduce that burden and working with us, you know, the Air Force, I think they're pioneering this idea around pitch days, where companies come in, do a two-hour pitch and immediately notified of, you know, of an a award, without having to wait a long time to get feedback on the quality of the product and so on. So I think we're trying to do our best to strengthen that partnership with companies outside of the main group of people that we typically use. >> Steve, any reaction, any comment to add? >> Yeah, I would add a couple and these are very excellent thoughts. It's about taking a little gamble by coming out of your comfort zone, you know, the world that Bong and I, Bong lives in and I used to live in the past, has been quite structured. It's really about, we know what the threat is, we need to go fix it, we'll design as if as we go make it happen, we'll fly it. Life is so much more complicated than that and so it's really, to me, I mean, you take an example of the pitch days of Bong talks about, I think taking a gamble by attempting to just do a lot of pilot programs, work the trust factor between government folks and the industry folks and academia, because we are all in this together in a lot of ways. For example, I mean, we just sent a paper to the white house at their request about, you know, what would we do from a workforce development perspective and we hope to embellish on this over time once the initiative matures, but we have a piece of it for example, is a thing we call "clear for success," getting back to president Armstrong's comments so at a collegiate level, you know, high, high, high quality folks are in high demand. So why don't we put together a program that grabs kids in their underclass years, identifies folks that are interested in doing something like this, get them scholarships, have a job waiting for them that they're contracted for before they graduate, and when they graduate, they walk with an SCI clearance. We believe that can be done, so that's an example of ways in which public-private partnerships can happen to where you now have a talented kid ready to go on day one. We think those kinds of things can happen, it just gets back down to being focused on specific initiatives, giving them a chance and run as many pilot programs as you can, like pitch days. >> That's a great point, it's a good segue. Go ahead, President Armstrong. >> I just want to jump in and echo both the Bong and Steve's comments, but Steve that, you know, your point of, you know our graduates, we consider them ready day one, well they need to be ready day one and ready to go secure. We totally support that and love to follow up offline with you on that. That's exciting and needed, very much needed more of it, some of it's happening, but we certainly have been thinking a lot about that and making some plans. >> And that's a great example, a good segue. My next question is kind of re-imagining these workflows is kind of breaking down the old way and bringing in kind of the new way, accelerate all kinds of new things. There are creative ways to address this workforce issue and this is the next topic, how can we employ new creative solutions because let's face it, you know, it's not the days of get your engineering degree and go interview for a job and then get slotted in and get the intern, you know, the programs and you'd matriculate through the system. This is multiple disciplines, cybersecurity points at that. You could be smart in math and have a degree in anthropology and be one of the best cyber talents on the planet. So this is a new, new world, what are some creative approaches that's going to work for you? >> Alright, good job, one of the things, I think that's a challenge to us is, you know, somehow we got me working for, with the government, sexy right? You know, part of the challenge we have is attracting the right level of skill sets and personnel but, you know, we're competing, oftentimes, with the commercial side, the gaming industry as examples is a big deal. And those are the same talents we need to support a lot of the programs that we have in DOD. So somehow we have do a better job to Steve's point about making the work within DOD, within the government, something that they would be interested early on. So attract them early, you know, I could not talk about Cal Poly's challenge program that they were going to have in June inviting high school kids really excited about the whole idea of space and cyber security and so on. Those are some of the things that I think we have to do and continue to do over the course of the next several years. >> Awesome, any other creative approaches that you guys see working or might be an idea, or just to kind of stoke the ideation out there? Internships, obviously internships are known, but like, there's got to be new ways. >> Alright, I think you can take what Steve was talking about earlier, getting students in high school and aligning them sometimes at first internship, not just between the freshman and sophomore year, but before they enter Cal Poly per se and they're involved. So I think that's absolutely key, getting them involved in many other ways. We have an example of upskilling or work redevelopment here in the central coast, PG&E Diablo nuclear plant that is going to decommission in around 2024. And so we have a ongoing partnership to work and reposition those employees for the future. So that's, you know, engineering and beyond but think about that just in the manner that you were talking about. So the upskilling and reskilling, and I think that's where, you know, we were talking about that Purdue University, other California universities have been dealing with online programs before COVID, and now with COVID so many more Faculty were pushed into that area, there's going to be a much more going and talk about workforce development in upskilling and reskilling, the amount of training and education of our faculty across the country in virtual and delivery has been huge. So there's always a silver linings in the cloud. >> I want to get your guys' thoughts on one final question as we end the segment, and we've seen on the commercial side with cloud computing on these highly accelerated environments where, you know, SAS business model subscription, and that's on the business side, but one of the things that's clear in this trend is technology and people work together and technology augments the people components. So I'd love to get your thoughts as we look at a world now, we're living in COVID, and Cal Poly, you guys have remote learning right now, it's at the infancy, it's a whole new disruption, if you will, but also an opportunity enable new ways to encollaborate, So if you look at people and technology, can you guys share your view and vision on how communities can be developed, how these digital technologies and people can work together faster to get to the truth or make a discovery, hire, develop the workforce, these are opportunities, how do you guys view this new digital transformation? >> Well, I think there's huge opportunities and just what we're doing with this symposium, we're filming this on Monday and it's going to stream live and then the three of us, the four of us can participate and chat with participants while it's going on. That's amazing and I appreciate you, John, you bringing that to this symposium. I think there's more and more that we can do. From a Cal Poly perspective, with our pedagogy so, you know, linked to learn by doing in-person will always be important to us, but we see virtual, we see partnerships like this, can expand and enhance our ability and minimize the in-person time, decrease the time to degree, enhance graduation rate, eliminate opportunity gaps for students that don't have the same advantages. So I think the technological aspect of this is tremendous. Then on the upskilling and reskilling, where employees are all over, they can re be reached virtually, and then maybe they come to a location or really advanced technology allows them to get hands on virtually, or they come to that location and get it in a hybrid format. So I'm very excited about the future and what we can do, and it's going to be different with every university, with every partnership. It's one size does not fit all, There's so many possibilities, Bong, I can almost imagine that social network that has a verified, you know, secure clearance. I can jump in, and have a little cloak of secrecy and collaborate with the DOD possibly in the future. But these are the kind of crazy ideas that are needed, your thoughts on this whole digital transformation cross-pollination. >> I think technology is going to be revolutionary here, John, you know, we're focusing lately on what we call visual engineering to quicken the pace of the delivery capability to warfighter as an example, I think AI, Machine Language, all that's going to have a major play in how we operate in the future. We're embracing 5G technologies, and the ability for zero latency, more IOT, more automation of the supply chain, that sort of thing, I think the future ahead of us is very encouraging, I think it's going to do a lot for national defense, and certainly the security of the country. >> Steve, your final thoughts, space systems are systems, and they're connected to other systems that are connected to people, your thoughts on this digital transformation opportunity. >> Such a great question and such a fun, great challenge ahead of us. Echoing my colleagues sentiments, I would add to it, you know, a lot of this has, I think we should do some focusing on campaigning so that people can feel comfortable to include the Congress to do things a little bit differently. You know, we're not attuned to doing things fast, but the dramatic, you know, the way technology is just going like crazy right now, I think it ties back to, hoping to convince some of our senior leaders and what I call both sides of the Potomac river, that it's worth taking this gamble, we do need to take some of these things you know, in a very proactive way. And I'm very confident and excited and comfortable that this is going to be a great time ahead and all for the better. >> You know, I always think of myself when I talk about DC 'cause I'm not a lawyer and I'm not a political person, but I always say less lawyers, more techies than in Congress and Senate, so (laughter)I always get in trouble when I say that. Sorry, President Armstrong, go ahead. >> Yeah, no, just one other point and Steve's alluded to this and Bong did as well, I mean, we've got to be less risk averse in these partnerships, that doesn't mean reckless, but we have to be less risk averse. And also, as you talk about technology, I have to reflect on something that happened and you both talked a bit about Bill Britton and his impact on Cal Poly and what we're doing. But we were faced a few years ago of replacing traditional data, a data warehouse, data storage, data center and we partnered with AWS and thank goodness, we had that in progress and it enhanced our bandwidth on our campus before COVID hit, and with this partnership with the digital transformation hub, so there's a great example where we had that going. That's not something we could have started, "Oh COVID hit, let's flip that switch." And so we have to be proactive and we also have to not be risk-averse and do some things differently. That has really salvaged the experience for our students right now, as things are flowing well. We only have about 12% of our courses in person, those essential courses and I'm just grateful for those partnerships that I have talked about today. >> And it's a shining example of how being agile, continuous operations, these are themes that expand the space and the next workforce needs to be built. Gentlemen, thank you very much for sharing your insights, I know Bong, you're going to go into the defense side of space in your other sessions. Thank you gentlemen, for your time, for a great session, I appreciate it. >> Thank you. >> Thank you gentlemen. >> Thank you. >> Thank you. >> Thank you, thank you all. I'm John Furey with The Cube here in Palo Alto, California covering and hosting with Cal Poly, the Space and Cybersecurity Symposium 2020, thanks for watching. (bright atmospheric music)

>> Narrator: From around the globe. It's theCUBE covering space in cybersecurity symposium 2020 hosted by Cal Poly. >> Hello, everyone. Welcome to the space and cybersecurity symposium, 2020 hosted by Cal Poly where the intersection of space and security are coming together. I'm John Furrier, your host with theCUBE here in California. I want to welcome our featured guest, Lieutenant General, John F. Thompson with the United States Space Force approach to cybersecurity. That's the topic of this session. And of course he's the commander of the space and missile system center in Los Angeles Air Force Base. Also heading up Space Force. General, thank you for coming on. I really appreciate to you kicking this off. Welcome to the symposium. >> Hey, so thank you very much, John, for that very kind introduction. Also very much thank you to Cal Poly for this opportunity to speak to this audience today. Also a special shout out to one of the organizers, Dustin Debrun, for all of his work, helping get us to this point. Ladies and gentlemen as a John mentioned, I'm JT Thompson. I lead the 6,000 men and women of the United States Space Force's Space and Missile System Center, which is headquartered here at Los Angeles Air Force Base and El Segundo. If you're not quite sure where that's at, it's about a mile and a half from LAX. This is our main operating location, but we do have a number of other operating locations around the country. We're about 500 people at Kirtland Air Force Base in Albuquerque, New Mexico, and an about another 500 people on the front range of the Rockies between Colorado Springs and Denver plus a smattering of other much smaller operating locations nationwide. We're responsible for acquiring, developing and sustaining the United States Space Force's, critical space assets. That includes the satellites in the space layer and also on the ground layer our ground segments to operate those satellites. And we also are in charge of procuring launch services for the US Space Force and a number of our critical mission partners across the Department of Defense and the intelligence community. Just as a couple of examples of some of the things we do, if you're unfamiliar with our work we developed and currently sustain the 31 satellite GPS constellation that satellite constellation, while originally intended to help with global navigation, those GPS signals have provided trillions of dollars in unanticipated value to the global economy over the past three decades. GPS is everywhere. I think everybody realizes that. Agriculture, banking, the stock market, the airline industry, separate and distinct navigation systems. It's really pervasive across both capabilities for our Department of Defense and capabilities for our economy and individuals, billions of individuals across our country and the planet. Some of the other work we do for instance, in the communications sector, secure communications satellites that we designed and build that link America's sons and daughters serving in the military around the world and really enable real time support and comms for our deployed forces. And those of our allies. We also acquire infrared missile warning satellites that monitor the planet for missile launches that provide advanced warning to the US Homeland and to our allies in case some of those missile launches are nefarious. On a note, that's probably a lot closer to home, maybe a lot closer to home than many of us want to think about here in the state of California. In 2018, SMC jumped through a bunch of red tape and bureaucracy to partner with the US Forest Service during two of the largest wildfires in the state's history, the Camp and Woolsey fires in Northern California. As those fires spread out of control, we created processes on the fly to share data from our missile warning satellites. Those are satellites that are systems that are purpose built to see heat sources from thousands of miles above the planet. And we collaborated with the US Forest Service so that firefighters on the ground could track those fires more in real time and better forecast fires and where they were spreading, thereby saving lives and property by identifying hotspots and flareups for firefighters. That data that we were able to working with our contractors pass to the US Forest Service and authorities here in California, was passed in less than an hour as it was collected to get it into the hands of the emergency responders, the first responders as quickly as possible and doing that in an hour greatly surpassed what was available from some of the other assets in the airborne and ground-based fire spotters. It was really instrumental in fighting those fires and stopping their spread. We've continued that involvement in recent years, using multiple systems to support firefighters across the Western US this fall, as they battled numerous wildfires that unfortunately continue. Working together with the US Forest Service and with other partners we'd like to think that we've made a difference here, but there's still a lot more work to go. And I think that we should always be asking ourselves what else can space data be used for and how can we more rapidly get that space data to stakeholders so that they can use it for purposes of good, if you will. How else can we protect our nation? How else can we protect our friends and allies? I think a major component of the discussion that we will have throughout this conference is that the space landscape has changed rapidly and continues to change rapidly. Just over the past few years, John and I were talking before we went live here and 80 nations now have space programs. Nearly 80 space faring nations on the planet. If you just look at one mission area that the Department of Defense is interested in, and that's small launch, there are currently over 100 different small launch companies within the US industrial base vying for commercial DoD and civil payload capabilities, mostly to lower earth orbit. It's truly a remarkable time. If you factor in those things like artificial intelligence and machine learning, where we're revolutionizing really, the ways that we generate process and use data. It's really remarkable. In 2016, so if you think about this four years ago, NASA estimated that there were 28 terabytes of information transiting their space network each day. And that was four years ago. Obviously we've got a lot of desire to work with a lot of the people in the audience in this conference, we need to work with big thinkers, like many of you to answer questions on how best we apply data analytics to extract value and meaning from that data. We need new generations of thinkers to help apply cutting edge theories of data mining, cyber behaviorism, and Internet of Things 2.0, it's just truly a remarkable time to be in the space business and the cyber aspects of the space business are truly, truly daunting and important to all of us. Integrating cyber security into our space systems, both commercial and government is a mandate. it's no longer just a nice to have as the US Space Force and Department of the Air Force leadership has said many times over the past couple of years, space is becoming congested and contested. And that contested aspect means that we've got to focus on cyber security in the same way that the banking industry and cyber commerce focus on cybersecurity day in and day out. The value of the data and services provided is really directly tied to the integrity and availability of that data and services from the space layer, from the ground control segments associated with it. And this value is not just military, it's also economic and it's not just American, it's also a value for the entire world, particularly our allies, as we all depend upon space and space systems. Your neighbors and friends here in California that are employed at the space and missile system center work with network defenders. We work with our commercial contractors and our systems developers, our international allies and partners to try and build as secure and resilient systems as we can from the ground up that keep the global comments of space free and open for exploration and for commerce as John and I were talking earlier, before we came online, there's an aspect of cybersecurity for space systems, especially for some of our legacy systems, that's more, how do we bolt this on? Cause we fielded those space systems a number of years ago, and the challenges of cybersecurity in the space domain have grown. So we have a part that we have to worry about, bolting it on, but then we have to worry about building it in as we field new systems and build in a flexibility that realizes that the cyber threat or the cybersecurity landscape will evolve over time. It's not just going to be stagnant. There will always be new vulnerabilities and new threat vectors that we all have to look at. Look, as Secretary Barrett, who is our secretary of the air force likes to say most Americans use space before they have their first cup of coffee in the morning. The American way of life really depends on space. And as part of the United States Space Force, we work with defense leaders, our Congress joint, and international military teammates and industry to ensure American leadership in space. I really thank you for this opportunity to address the audience today, John, and thanks so much to Cal Poly for letting me be one of the speakers at this event. I've really looked forward to this for several months. And so with that, I look forward to your questions as we kind of move along here. >> General, thank you very much for those awesome introductory statement. For the folks watching on the stream, Brigadier General Carthan's going to be in the chat, answering any questions, feel free to chat away. He's the vice commander of Space and Missile System Center, he'll be available. A couple of comments from your keynote before I get to my questions. Cause it just jumped into my head. You mentioned the benefits of say space with the fires in California. We're living that here. That's really realtime. That's a benefit. You also mentioned the ability for more people launching payloads into space. I'm only imagined Moore's law smaller, faster, cheaper applies to rockets too. So I'm imagining you have the benefits of space and you have now more potential objects flying out sanctioned and maybe unsanctioned. So is it going to be more rules around that? This is an interesting question cause it's exciting Space Force, but for all the good there is potentially bad out there. >> Yeah. So John, I think the basics of your question is as space becomes more congested and contested, is there a need for more international norms of how satellites fly in space? What kind of basic features satellites have to perhaps de orbit themselves? What kind of basic protections should all satellites be afforded as part of a peaceful global commons of space? I think those are all fantastic questions. And I know that US and many allied policy makers are looking very, very hard at those kinds of questions in terms of what are the norms of behavior and how we field, and field as the military term. But how we populate using civil or commercial terms that space layer at different altitudes, lower earth orbit, mid earth orbit, geosynchronous earth orbit, different kinds of orbits, what the kind of mission areas we accomplished from space. That's all things that need to be definitely taken into account as the place gets a little bit, not a little bit as the place gets increasingly more popular day in and day out. >> I'm super excited for Space Force. I know that a new generation of young folks are really interested in it's an emerging, changing great space. The focus here at this conference is space and cybersecurity, the intersection. I'd like to get your thoughts on the approach that a space force is taking to cybersecurity and how it impacts our national goals here in the United States. >> Yeah. So that's a great question John, let me talk about it in two basic ways. At number one is an and I know some people in the audience, this might make them a little bit uncomfortable, but I have to talk about the threat. And then relative to that threat, I really have to talk about the importance of cyber and specifically cyber security, as it relates to that threat. The threats that we face really represented a new era of warfare and that new era of warfare involves both space and cyber. We've seen a lot of action in recent months from certain countries, notably China and Russia that have threatened what I referred to earlier as the peaceful global commons of space. For example, it threw many unclassified sources and media sources. Everybody should understand that the Russians have been testing on orbit anti-satellite capabilities. It's been very clear if you were following just the week before last, the Department of Defense released its 2020 military and security developments involving the People's Republic of China. And it was very clear that China is developing ASATs, electronic jammers, directed energy weapons, and most relevant to today's discussion, offensive cyber capabilities. There are kinetic threats that are very, very easy to see, but a cyber attack against a critical command and control site or against a particular spacecraft could be just as devastating to the system and our war fighters in the case of GPS and important to note that that GPS system also impacts many civilians who are dependent on those systems from a first response perspective and emergency services, a cyber attack against a ground control site could cause operators to lose control of a spacecraft or an attacker could feed spoofed data to assist them to mislead operators so that they sent emergency services personnel to the wrong address. Attacks on spacecraft on orbit, whether directly via a network intrusion or enabled through malware introduced during the system's production while we're building the satellite can cripple or corrupt the data. Denial-of-service type attacks on our global networks obviously would disrupt our data flow and interfere with ongoing operations and satellite control. If GPS went down, I hesitate to say it this way, cause we might elicit some screams from the audience. But if GPS went down a Starbucks, wouldn't be able to handle your mobile order, Uber drivers wouldn't be able to find you. And Domino's certainly wouldn't be able to get there in 30 minutes or less. So with a little bit of tongue in cheek there from a military operations perspective, it's dead serious. We have become accustomed in the commercial world to threats like ransomware and malware. And those things have unfortunately become commonplace in commercial terrestrial networks and computer systems. However, what we're seeing is that our adversaries with the increased competition in space these same techniques are being retooled, if you will, to use against our national security space systems day in and day out. As I said, during my opening remarks on the importance of cyber, the value of these systems is directly tied to their integrity. If commanders in the field, firefighters in California or baristas in Starbucks, can't trust the data they're receiving, then that really harms their decision making capabilities. One of the big trends we've recently seen is the move towards proliferated LEO constellations, obviously Space X's Starlink on the commercial side and on the military side, the work that DARPA and my organization SMC are doing on Blackjack and Casino, as well as some space transport layer constellation work that the space development agency is designing are all really, really important types of mesh network systems that will revolutionaries how we plan and field war fighting systems and commercial communications and internet providing systems. But they're also heavily reliant on cybersecurity. We've got to make sure that they are secured to avoid an accident or international damage. Loss of control of these constellations really could be catastrophic from both a mission perspective or from a satellites tumbling out of low earth orbit perspective. Another trend is introductions in artificial intelligence and machine learning, onboard spacecraft are at the edge. Our satellites are really not so much hardware systems with a little software anymore in the commercial sector and in the defense sector, they're basically flying boxes full of software. And we need to ensure that data that we're getting out of those flying boxes full of software are helping us base our decisions on accurate data and algorithms, governing the right actions and that those systems are impervious to the extent possible to nefarious modifications. So in summation, cybersecurity is a vital element of everything in our national security space goals. And I would argue for our national goals, writ large, including economic and information dimensions, the Space Force leadership at all levels from some of the brand new second lieutenants that general Raymond swore in to the space force this morning, ceremonially from the air force associations, airspace and cyberspace conference to the various highest levels, General Raymond, General DT Thompson, myself, and a number of other senior leaders in this enterprise. We've got to make sure that we're all working together to keep cyber security at the forefront of our space systems cause they absolutely depend on it. >> You mentioned hardware, software threats, opportunities, challenges. I want to ask you because you got me thinking of the minute they're around infrastructure. We've heard critical infrastructure, grids here on earth. You're talking about critical infrastructure, a redefinition of what critical infrastructure is, an extension of what we have. So I'd love to get your thoughts about Space Force's view of that critical infrastructure vis-a-vis the threat vectors, because the term threat vectors has been kicked around in the cyberspace. Oh you have threat vectors. They're always increasing the surface area. If the surface area is from space, it's an unlimited service area. So you got different vectors. So you've got new critical infrastructure developing real time, really fast. And you got an expanded threat vector landscape. Putting that in perspective for the folks that aren't really inside the ropes on these critical issues. How would you explain this and how would you talk about those two things? >> So I tell you, just like, I'm sure people in the security side or the cybersecurity side of the business in the banking industry feel, they feel like it's all possible threat vectors represent a dramatic and protect potentially existential threat to all of the dollars that they have in the banking system, to the financial sector. On the Department of Defense side, we've got to have sort of the same mindset. That threat vector from, to, and through space against critical space systems, ground segments, the launch enterprise, or transportation to orbit and the various different domains within space itself. Like I mentioned before, LEO, MEO and GEO based satellites with different orbits, all of the different mission areas that are accomplished from space that I mentioned earlier, some that I did mention like a weather tactical or wide band communications, various new features of space control. All of those are things that we have to worry about from a cyber security threat perspective. And it's a daunting challenge right now. >> Yeah, that's awesome. And one of the things we've been falling on the hardware side on the ground is the supply chain. We've seen, malware being, really put in a really obscure hardware. Who manufactures it? Is it being outsourced? Obviously government has restrictions, but with the private sector, you mentioned China and the US kind of working together across these peaceful areas. But you got to look at the supply chain. How does the supply chain in the security aspect impact the mission of the US space Force? >> Yeah. Yeah. So how about another, just in terms of an example, another kind of California based historical example. The very first US Satellite, Explorer 1, was built by the jet propulsion laboratory folks, not far from here in El Segundo, up in Pasadena, that satellite, when it was first built in the late 50s weighing a little bit, over 30 pounds. And I'm sure that each and every part was custom made and definitely made by US companies. Fast forward to today. The global supply chain is so tightly coupled, and frankly many industries are so specialized, almost specialized regionally around the planet. We focus every day to guarantee the integrity of every component that we put in our space systems is absolutely critical to the operations of those satellites and we're dependent upon them, but it becomes more difficult and more difficult to understand the heritage, if you will, of some of the parts that are used, the thousands of parts that are used in some of our satellites that are literally school bus sized. The space industry, especially national security space sector is relatively small compared to other commercial industries. And we're moving towards using more and more parts from non US companies. Cybersecurity and cyber awareness have to be baked in from the beginning if we're going to be using parts that maybe we don't necessarily understand 100% like an Explorer one, the lineage of that particular part. The environmental difficulties in space are well known. The radiation environment, the temperature extremes, the vacuum, those require specialized component. And the US military is not the only customer in that space. In fact, we're definitely not the dominant customer in space anymore. All those factors require us along with our other government partners and many different commercial space organizations to keep a very close eye on our supply chains, from a quality perspective, a security perspective and availability. There's open source reporting on supply training intrusions from many different breaches of commercial retailers to the infectious spread of compromised patches, if you will. And our adversaries are aware of these techniques. As I mentioned earlier, with other forms of attack, considering our supply chains and development networks really becomes fair game for our adversaries. So we have to take that threat seriously. Between the government and industry sectors here in the US. We're also working with our industry partners to enact stronger defenses and assess our own vulnerabilities. Last fall, we completed an extensive review of all of our major contracts here at Space and Missile System Center to determine the levels of cyber security requirements we've implemented across our portfolio. And it sounds really kind of businessy geeky, if you will. Hey, we looked at our contracts to make sure that we had the right clauses in our contracts to address cybersecurity as dynamically as we possibly could. And so we found ourselves having to add new language to our contracts, to require system developers, to implement some more advanced protective measures in this evolving cyber security environment. So that data handling and supply chain protections from contract inception to launch and operations were taken into account. Cyber security really is a key performance parameter for us now. Performance of the system, It's as important as cost, it's as important as schedule, because if we deliver the perfect system on time and on cost, it can perform that missile warning or that communications mission perfectly, but it's not cyber secure. If it's doesn't have cyber protections built into it, or the ability to implement mitigations against cyber threats, then we've essentially fielded a shoe box in space that doesn't do the CA the war fighter or the nation any good. Supply chain risk management is a major challenge for us. We're doing a lot to coordinate with our industry partners. We're all facing it head on to try and build secure and trusted components that keep our confidence as leaders, firefighters, and baristas as the case may be. But it is a challenge. And we're trying to rise to that challenge. >> This is so exciting this new area, because it really touches everything. Talk about geeking out on the tech, the hardware, the systems but also you put your kind of MBA hat on you go, what's the ROI of extra development and how things get built. Because the always the exciting thing for space geeks is like, if you're building cool stuff, it's exciting, but you still have to build. And cybersecurity has proven that security has to be baked in from the beginning and be thought as a system architecture. So you're still building things, which means you got to acquire things, you got to acquire parts, you got acquire build software and sustain it. How is security impacting the acquisition and the sustainment of these systems for space? >> Yeah. From initial development, through planning for the acquisition, design, development, our production fielding and sustainment, it impacts all aspects of the life cycle, John. We simply, especially from the concept of baking in cybersecurity, we can't wait until something is built and then try and figure out how to make it cyber secure. So we've moved way further towards working side by side with our system developers to strengthen cybersecurity from the very beginning of a systems development, cyber security, and the resilience associated with it really have to be treated as a key system attribute. As I mentioned earlier, equivalent with data rates or other metrics of performance. We like to talk in the space world about mission assurance and mission assurance has always sort of taken us as we technically geek out. Mission assurance has always taken us to the will this system work in space. Can it work in a vacuum? Can it work in as it transfers through the Van Allen radiation belt or through the Southern hemisphere's electromagnetic anomaly? Will it work out in space? And now from a resiliency perspective, yeah, it has to work in space. It's got to be functional in space, but it's also got to be resistant to these cybersecurity threats. It's not just, I think a General D.T Thompson quoted this term. It's not just widget assurance anymore. It's mission assurance. How does that satellite operator that ground control segment operate while under attack? So let me break your question a little bit, just for purposes of discussion into really two parts, cybersecurity, for systems that are new and cybersecurity for systems that are in sustainment are kind of old and legacy. Obviously there's cyber vulnerabilities that threatened both, and we really have to employ different strategies for defensive of each one. For new systems. We're desperately trying to implement across the Department of Defense and particularly in the space world, a kind of a dev sec ops methodology and practice to delivering software faster and with greater security for our space systems. Here at SMC, we have a program called enterprise ground services, which is a toolkit, basically a collection of tools for common command and control of different satellite systems, EGS as we call it has an integrated suite for defensive cyber capabilities. Network operators can use these tools to gain unprecedented insight to data flows and to monitor space network traffic for anomalies or other potential indicators of a bad behavior, malicious behavior, if you will, it's rudimentary at this point, but because we're using DevSecOps and that incremental development approach, as we scale it, it just becomes more and more capable. Every product increment that we feel. Here at LA Air Force Base, we have the United Space Force's West Coast Software Factory, which we've dubbed the Kobayashi Maru. They're using those agile DevOps software development practices to deliver a space awareness software to the combined space operations center. Affectionately called the CSpock that CSpock is just on the road from Cal Poly there in San Luis Obispo at Vandenberg Air Force Base. They've so securely linked the sea Spock with other space operation centers around the planet, our allies, Australia, Canada, and the UK. We're partnering with all of them to enable secure and enhanced combined space operations. So lots of new stuff going on as we bake in new development capabilities for our space systems. But as I mentioned earlier, we've got large constellations of satellites on orbit right now. Some of them are well in excess of a decade or more or old on orbit. And so the design aspects of those satellites are several decades old. But we still have to worry about them cause they're critical to our space capabilities. We've been working with an air force material command organization called CROWS, which stands for the Cyber Resiliency Office for Weapon Systems to assess all of those legacy platforms from a cyber security perspective and develop defensive strategies and potential hardware and software upgrades to those systems to better enable them to live through this increasingly cybersecurity concerned era that we currently live in. Our industry partners have been critical to both of those different avenues. Both new systems and legacy systems. We're working closely with them to defend and upgrade national assets and develop the capabilities to do similar with new national assets coming online. The vulnerabilities of our space systems really kind of threatened the way we've done business in the past, both militarily and in the case of GPS economically. The impacts of that cybersecurity risk are clear in our acquisition and sustainment processes, but I've got to tell you, as the threat vectors change, as the vulnerabilities change, we've got to be nimble enough, agile enough, to be able to bounce back and forth. We can't just say, many people in the audience are probably familiar with the RMF or the Risk Management Framework approach to reviewing the cyber security of a system. We can't have program managers and engineers just accomplish an RMF on a system. And then, hey, high five, we're all good. It's a journey, not a destination, that's cybersecurity. And it's a constant battle rhythm through our weapon systems lifecycle, not just a single event. >> I want to get to this commercial business needs and your needs on the next question. But before I go there, you mentioned agile. And I see that clearly because when you have accelerated innovation cycles, you've got to be faster. And we saw this in the computer industry, mainframes, mini computers, and then we started getting beyond maybe when the internet hit and PCs came out, you saw the big enterprises, the banks and government start to work with startups. And it used to be a joke in the entrepreneurial circles is that, there's no way if you are a startup you're ever going to get a contract with a big business enterprise. Now that used to be for public sector and certainly for you guys. So as you see startups out there and there's acquisition involved, I'm sure would love to have a contract with Space Force. There's an ROI calculation where if it's in space and you have a sustainment view and it's software, you might have a new kind of business model that could be attractive to startups. Could you share your thoughts on the folks who want to be a supplier to you, whether they're a startup or an existing business that wants to be agile, but they might not be that big company. >> John, that's a fantastic question. We're desperately trying to reach out to those new space advocates, to those startups, to those what we sometimes refer to, within the Department of Defense, those non traditional defense contractors. A couple of things just for thinking purposes on some of the things that we're trying to highlight. Three years ago, we created here at Space and Missile System Center, the Space Enterprise Consortium to provide a platform, a contractual vehicle, really to enable us to rapidly prototype, development of space systems and to collaborate between the US Space Force, traditional defense contractors, non traditional vendors like startups, and even some academic institutions. SPEC, as we call it, Space Enterprise Consortium uses a specialized contracting tool to get contracts awarded quickly. Many in the audience may be familiar with other transaction agreements. And that's what SPEC is based on. And so far in just three years, SPEC has awarded 75 different prototyping contracts worth over $800 million with a 36% reduction in time to award. And because it's a consortium based competition for these kinds of prototyping efforts, the barrier to entry for small and nontraditional, for startups, even for academic institutions to be able to compete for these kinds of prototyping has really lowered. These types of partnerships that we've been working through on spec have really helped us work with smaller companies who might not have the background or expertise in dealing with the government or in working with cyber security for their systems, both our developmental systems and the systems that they're designing and trying to build. We want to provide ways for companies large and small to partner together in support kind of mutually beneficial relationships between all. Recently at the Annual Air Force Association conference that I mentioned earlier, I moderated a panel with several space industry leaders, all from big traditional defense contractors, by the way. And they all stressed the importance of building bridges and partnerships between major contractors in the defense industry and new entrance. And that helps us capture the benefits of speed and agility that come with small companies and startups, as well as the expertise and specialized skill sets of some of those larger contractors that we rely on day in and day out. Advanced cyber security protections and utilization of secure facilities are just a couple of things that I think we could be prioritizing more so in those collaborations. As I mentioned earlier, the SPEC has been very successful in awarding a number of different prototyping contracts and large dollar values. And it's just going to get better. There's over 400 members of the space enterprise consortium, 80% of them are non traditional kinds of vendors. And we just love working with them. Another thing that many people in the audience may be familiar with in terms of our outreach to innovators, if you will, and innovators that include cyber security experts is our space pitch day events. So we held our first event last November in San Francisco, where we awarded over a two day period about $46 million to 30 different companies that had potentially game changing ideas. These were phase two small business innovative research efforts that we awarded with cash on the spot. We're planning on holding our second space pitch day in the spring of 2021. We're planning on doing it right here in Los Angeles, COVID-19 environment permitting. And we think that these are fantastic venues for identifying and working with high-speed startups, and small businesses who are interested in really, truly partnering with the US Air Force. It's, as I said before, it's a really exciting time to be a part of this business. And working with the innovation economy is something that the Department of Defense really needs to do in that the innovation that we used to think was ours. That 80% of the industrial base innovation that came from the Department of Defense, the script has been flipped there. And so now more than 70%, particularly in space innovation comes from the commercial sector, not from the defense business itself. And so that's a tsunami of investment and a tsunami of a capability. And I need to figure out how to get my surfboard out and ride it, you know what I mean? >> Yeah, It's one of those things where the script has been flipped, but it's exciting because it's impacting everything. When you're talking about systems architecture? You're talking about software, you're talking about a business model. You're talking about dev sec opsx from a technical perspective, but now you have a business model innovation. All the theaters are exploding in innovation, technical, business, personnel. This brings up the workforce challenge. You've got the cyber needs for the US Space Force, It's probably great ROI model for new kinds of software development that could be priced into contracts. That's a entrepreneurial innovation, you've got the business model theater, you've got the personnel. How does the industry adopt and change? You guys are clearly driving this. How does the industry adjust to you? >> Yeah. So I think a great way to answer that question is to just talk about the kind of people that we're trying to prioritize in the US Space Force from an acquisition perspective, and in this particular case from a cybersecurity perspective. As I mentioned earlier, it's the most exciting time to be in space programs, really since the days of Apollo. Just to put it in terms that maybe have an impact with the audience. From 1957 until today, approximately 9,000 satellites have been launched from the various space varying countries around the planet. Less than 2000 of those 9,000 are still up on orbit and operational. And yet in the new space regime players like Space X have plans to launch, 12,000 satellites for some of their constellations alone. It really is a remarkable time in terms of innovation and fielding of space capabilities and all of those space capabilities, whether they're commercial, civil, or defense are going to require appropriate cybersecurity protections. It's just a really exciting time to be working in stuff like this. And so folks like the folks in this audience who have a passion about space and a passion about cybersecurity are just the kind of people that we want to work with. Cause we need to make sure our systems are secure and resilient. We need folks that have technical and computing expertise, engineering skills to be able to design cyber secure systems that can detect and mitigate attacks. But we also, as you alluded to, we need people that have that business and business acumen, human networking background, so that we can launch the startups and work with the non traditional businesses. Help to bring them on board help, to secure both their data and our data and make sure our processes and systems are free as much as possible from attack. For preparation, for audience members who are young and maybe thinking about getting into this trade space, you got to be smart on digital networking. You got to understand basic internet protocols, concepts, programming languages, database design. Learn what you can for penetration or vulnerability testing and a risk assessment. I will tell you this, and I don't think he will, I know he will not mind me telling you this, but you got to be a lifelong learner and so two years ago, I'm at home evening and I get a phone call on my cell phone and it's my boss, the commander of Air Force Space command, General, J. Raymond, who is now currently the Chief of Space Operations. And he is on temporary duty, flying overseas. He lands where he's going and first thing he does when he lands is he calls me and he goes JT, while I was traveling, I noticed that there were eBooks available on the commercial airliner I was traveling on and there was an ebook on something called scrumming and agile DevSecOps. And I read it, have you read it? And I said, no, sir. But if you tell me what the title of the book is, I will read it. And so I got to go to my staff meeting, the very next week, the next time we had a staff meeting and tell everybody in the staff meeting, hey, if the four star and the three star can read the book about scrumming, then I'm pretty sure all of you around this table and all our lieutenants and our captains our GS13s, All of our government employees can get smart on the scrumming development process. And interestingly as another side, I had a telephone call with him last year during the holidays, where he was trying to take some leave. And I said, sir, what are you up to today? Are you making eggnog for the event tonight or whatever. And the Chief of Space Operations told me no, I'm trying to teach myself Python. I'm at lesson two, and it's not going so well, but I'm going to figure this out. And so that kind of thing, if the chief of staff or the Chief of Space Operations can prioritize scrumming and Python language and innovation in his daily schedule, then we're definitely looking for other people who can do that. And we'll just say, lower levels of rank throughout our entire space force enterprise. Look, we don't need people that can code a satellite from scratch, but we need to know, we need to have people that have a basic grasp of the programming basics and cybersecurity requirements. And that can turn those things into meaningful actions, obviously in the space domain, things like basic physics and orbital mechanics are also important spaces, not an intuitive domain. So under understanding how things survive on orbit is really critical to making the right design and operational decisions. And I know there's probably a lot, because of this conference. I know there's probably a whole lot of high speed cybersecurity experts out in the audience. And I need those people in the US Space Force. The country is counting on it, but I wouldn't discount having people that are just cyber aware or cyber savvy. I have contracting officers and logisticians and program managers, and they don't have to be high end cybersecurity experts, but they have to be aware enough about it to be able to implement cyber security protections into our space systems. So the skill set is really, really broad. Our adversaries are pouring billions of dollars into designing and fielding offensive and destructive space, cybersecurity weapons. They repeatedly shown really a blatant disregard of safety and international norms for good behavior on orbit. And the cyber security aspects of our space systems is really a key battleground going forward so that we can maintain that. As I mentioned before, peaceful global comments of space, we really need all hands on deck. If you're interested in helping in uniform, if you're interested in helping, not in uniform, but as a government employee, a commercial or civil employee to help us make cyber security more important or more able to be developed for our space systems. And we'd really love to work with you or have you on the team to build that safe and secure future for our space systems. >> Lieutenant General John Thompson, great insight. Thank you for sharing all that awesome stories too, and motivation for the young next generation. The United States Space Force approach to cybersecurity. Really amazing talk, thank you for your time. Final parting question is, as you look out and you have your magic wand, what's your view for the next few years in terms of things that we could accomplish? It's a super exciting time. What do you hope for? >> So first of all, John, thanks to you and thanks to Cal Poly for the invitation and thanks to everybody for their interest in cybersecurity, especially as it relates to space systems, that's here at the conference. There's a quote, and I'll read it here from Bernard Schriever, who was the founder, if you will, a legend in a DoD space, the founder of the Western development division, which was a predecessor organization to Space and Missile System Center, General Schriever, I think captures the essence of how we see the next couple of years. "The world has an ample supply of people "who can always come up with a dozen good reasons "why new ideas will not work and should not be tried, "but the people who produce progress are breed apart. "They have the imagination, "the courage and the persistence to find solutions." And so I think if you're hoping that the next few years of space innovation and cybersecurity innovation are going to be upon a pony ride at the County fair, then perhaps you should look for another line of work, because I think the next few years in space and cybersecurity innovation are going to be more like a rodeo and a very dynamic rodeo as it goes. It is an awesome privilege to be part of this ecosystem. It's really an honor for me to be able to play some small role in the space ecosystem and trying to improve it while I'm trying to improve the chances of the United States of America in a space war fighting environment. And so I thank all of you for participating today and for this little bit of time that you've allowed me to share with you. Thank you. >> Sir, thank you for your leadership and thank you for the time for this awesome event, Space and Cyber Cybersecurity Symposium 2020, I'm John Furrier on behalf of Cal Poly, thanks for watching. (mellow music)