>> Narrator: "TheCUBE" presents Ignite 22. Brought to you by Palo Alto Networks. >> Hey everyone. Welcome back to "TheCUBE's" live coverage of Palo Alto Network's Ignite 22 from the MGM Grand in beautiful Las Vegas. I am Lisa Martin here with Dave Vellante. Dave, we just had a great conversa- First of all, we got to hear the keynote, most of it. We also just had a great conversation with the CEO and chairman of Palo Alto Networks, Nikesh Arora. You know, this is a company that was founded back in 2005, he's been there four years, a lot has happened. A lot of growth, a lot of momentum in his tenure. You were saying in your breaking analysis, that they are on track to nearly double revenues from FY 20 to 23. Lots of momentum in this cloud security company. >> Yeah, I'd never met him before. I mean, I've been following a little bit. It's interesting, he came in as, sort of, a security outsider. You know, he joked today that he, the host, I forget the guy's name on the stage, what was his name? Hassan. Hassan, he said "He's the only guy in the room that knows less about security than I do." Because, normally, this is an industry that's steeped in deep expertise. He came in and I think is given a good compliment to the hardcore techies at Palo Alto Network. The company, it's really interesting. The company started out building their own data centers, they called it. Now they look back and call it cloud, but it was their own data centers, kind of like Salesforce did, it's kind of like ServiceNow. Because at the time, you really couldn't do it in the public cloud. The public cloud was a little too unknown. And so they needed that type of control. But Palo Alto's been amazing story since 2020, we wrote about this during the pandemic. So what they did, is they began to pivot to the the true cloud native public cloud, which is kind of immature still. They don't tell you that, but it's kind of still a little bit immature, but it's working. And when they were pivoting, it was around the same time, at Fortinet, who's a competitor there's like, I call 'em a poor man's Palo Alto, and Fortinet probably hates that, but it's kind of true. It's like a value play on a comprehensive platform, and you know Fortinet a little bit. And so, but what was happening is Fortinet was executing on its cloud strategy better than Palo Alto. And there was a real divergence in the valuations of these stocks. And we said at the time, we felt like Palo Alto, being the gold standard, would get through it. And they did. And what's happened is interesting, I wrote about this two weeks ago. If you go back to the pandemic, peak of the pandemic, or just before the peak, kind of in that tech bubble, if you will. Splunk's down 44% from that peak, Okta's down, sorry, not down 44%. 44% of the peak. Okta's 22% of their peak. CrowdStrike, 41%, Zscaler, 36%, Fortinet, 71%. Not so bad. Palo Altos maintained 93% of its peak value, right? So it's a combination of two things. One is, they didn't run up as much during the pandemic, and they're executing through their cloud strategy. And that's provided a sort of softer landing. And I think it's going to be interesting to see where they go from here. And you heard Nikesh, we're going to double, and then double again. So that's 7 billion, 14 billion, heading to 30 billion. >> Lisa: Yeah, yeah. He also talked about one of the things that he's done in his tenure here, as really a workforce transformation. And we talk all the time, it's not just technology and processes, it's people. They've also seemed to have done a pretty good job from a cultural transformation perspective, which is benefiting their customers. And they're also growing- The ecosystem, we talked a little bit about the ecosystem with Nikesh. We've got Google Cloud on, we've got AWS on the program today alone, talking about the partnerships. The ecosystem is expanding, as well. >> Have you ever met Nir Zuk? >> I have not, not yet. >> He's the founder and CTO. I haven't, we've never been on "theCUBE." He was supposed to come on one day down in New York City. Stu and I were going to interview him, and he cut out of the conference early, so we didn't interview him. But he's a very opinionated dude. And you're going to see, he's basically going to come on, and I mean, I hope he is as opinionated on "TheCUBE," but he'll talk about how the industry has screwed it up. And Nikesh sort of talked about that, it's a shiny new toy strategy. Oh, there's another one, here's another one. It's the best in that category. Okay, let's get, and that's how we've gotten to this point. I always use that Optive graphic, which shows the taxonomy, and shows hundreds and hundreds of suppliers in the industry. And again, it's true. Customers have 20, 30, sometimes 40 different tool sets. And so now it's going to be interesting to see. So I guess my point is, it starts at the top. The founder, he's an outspoken, smart, tough Israeli, who's like, "We're going to take this on." We're not afraid to be ambitious. And so, so to your point about people and the culture, it starts there. >> Absolutely. You know, one of the things that you've written about in your breaking analysis over the weekend, Nikesh talked about it, they want to be the consolidator. You see this as they're building out the security supercloud. Talk to me about that. What do you think? What is a security supercloud in your opinion? >> Yeah, so let me start with the consolidator. So Palo Alto obviously is executing on that strategy. CrowdStrike as well, wants to be a consolidator. I would say Zscaler wants to be a consolidator. I would say that Microsoft wants to be a consolidator, so does Cisco. So they're all coming at it from different angles. Cisco coming at it from network security, which is Palo Alto's wheelhouse, with their next gen firewalls, network security. What Palo Alto did was interesting, was they started out with kind of a hardware based firewall, but they didn't try to shove everything into it. They put the other function in there, their cloud. Zscaler. Zscaler is the one running around saying you don't need firewalls anymore. Just run everything through our cloud, our security cloud. I would think that as Zscaler expands its TAM, it's going to start to acquire, and do similar types of things. We'll see how that integrates. CrowdStrike is clearly executing on a similar portfolio strategy, but they're coming at it from endpoint, okay? They have to partner for network security. Cisco is this big and legacy, but they've done a really good job of acquiring and using services to hide some of that complexity. Microsoft is, you know, they probably hate me saying this, but it's the just good enough strategy. And that may have hurt CrowdStrike last quarter, because the SMB was a soft, we'll see. But to specifically answer your question, the opportunity, we think, is to build the security supercloud. What does that mean? That means to have a common security platform across all clouds. So irrespective of whether you're running an Amazon, whether you're running an on-prem, Google, or Azure, the security policies, and the edicts, and the way you secure your enterprise, look the same. There's a PaaS layer, super PaaS layer for developers, so that that the developers can secure their code in a common framework across cloud. So that essentially, Nikesh sort of balked at it, said, "No, no, no, we're not, we're not really building a super cloud." But essentially they kind of are headed in that direction, I think. Although, what I don't know, like CrowdStrike and Microsoft are big competitors. He mentioned AWS and Google. We run on AWS, Google, and in their own data centers. That sounds like they don't currently run a Microsoft. 'Cause Microsoft is much more competitive with the security ecosystem. They got Identity, so they compete with Okta. They got Endpoint, so they compete with CrowdStrike, and Palo Alto. So Microsoft's at war with everybody. So can you build a super cloud on top of the clouds, the hyperscalers, and not do Microsoft? I would say no. >> Right. >> But there's nothing stopping Palo Alto from running in the Microsoft cloud. I don't know if that's a strategy, we should ask them. >> Yeah. They've done a great job in our last few minutes, of really expanding their TAM in the last few years, particularly under Nikesh's leadership. What are some of the things that you heard this morning that you think, really they've done a great job of expanding that TAM. He talked a little bit about, I didn't write the number down, but he talked a little bit about the market opportunity there. What do you see them doing as being best of breed for organizations that have 30 to 50 tools and need to consolidate that? >> Well the market opportunity's enormous. >> Lisa: It is. >> I mean, we're talking about, well north of a hundred billion dollars, I mean 150, 180, depending on whose numerator you use. Gartner, IDC. Dave's, whatever, it's big. Okay, and they've got... Okay, they're headed towards 7 billion out of 180 billion, whatever, again, number you use. So they started with network security, they put most of the network function in the cloud. They moved to Endpoint, Sassy for the edge. They've done acquisitions, the Cortex acquisition, to really bring automated threat intelligence. They just bought Cider Security, which is sort of the shift left, code security, developer, assistance, if you will. That whole shift left, protect right. And so I think a lot of opportunities to continue to acquire best of breed. I liked what Nikesh said. Keep the founders on board, sell them on the mission. Let them help with that integration and putting forth the cultural aspects. And then, sort of, integrate in. So big opportunities, do they get into Endpoint and compete with Okta? I think Okta's probably the one sort of outlier. They want to be the consolidator of identity, right? And they'll probably partner with Okta, just like Okta partners with CrowdStrike. So I think that's part of the challenge of being the consolidator. You're probably not going to be the consolidator for everything, but maybe someday you'll see some kind of mega merger of these companies. CrowdStrike and Okta, or Palo Alto and Okta, or to take on Microsoft, which would be kind of cool to watch. >> That would be. We have a great lineup, Dave. Today and tomorrow, full days, two full days of cube coverage. You mentioned Nir Zuk, we already had the CEO on, founder and CTO. We've got the chief product officer coming on next. We've got chief transformation officer of customers, partners. We're going to have great conversations, and really understand how this organization is helping customers ultimately achieve their SecOps transformation, their digital transformation. And really moved the needle forward to becoming secure data companies. So I'm looking forward to the next two days. >> Yeah, and Wendy Whitmore is coming on. She heads Unit 42, which is, from what I could tell, it's pretty much the competitor to Mandiant, which Google just bought. We had Kevin Mandia on at September at the CrowdStrike event. So that's interesting. That's who I was poking Nikesh a little bit on industry collaboration. You're tight with Google, and then he had an interesting answer. He said "Hey, you start sharing data, you don't know where it's going to go." I think Snowflake could help with that problem, actually. >> Interesting. >> Yeah, little Snowflake and some of the announcements ar Reinvent with the data clean rooms. Data sharing, you know, trusted data. That's one of the other things we didn't talk about, is the real tension in between security and regulation. So the regulators in public policy saying you can't move the data out of the country. And you have to prove to me that you have a chain of custody. That when you say you deleted something, you have to show me that you not only deleted the file, then the data, but also the metadata. That's a really hard problem. So to my point, something that Palo Alto might be able to solve. >> It might be. It'll be an interesting conversation with Unit 42. And like we said, we have a great lineup of guests today and tomorrow with you, so stick around. Lisa Martin and Dave Vellante are covering Palo Alto Networks Ignite 22 for you. We look forward to seeing you in our next segment. Stick around. (light music)

>> From "theCube" Studios in Palo Alto in Boston bringing you data-driven insights from "theCube" and ETR. This is "Breaking Analysis" with Dave Vellante. >> As an independent pure play company, Palo Alto Networks has earned its status as the leader in security. You can measure this in a variety of ways. Revenue, market cap, execution, ethos, and most importantly, conversations with customers generally. In CISO specifically, who consistently affirm this position. The company's on track to double its revenues in fiscal year 23 relative to fiscal year 2020. Despite macro headwinds, which are likely to carry through next year, Palo Alto owes its position to a clarity of vision and strong execution on a TAM expansion strategy through acquisitions and integration into its cloud and SaaS offerings. Hello and welcome to this week's "Wikibon Cube Insights" powered by ETR and this breaking analysis and ahead of Palo Alto Ignite the company's user conference, we bring you the next chapter on top of the last week's cybersecurity update. We're going to dig into the ETR data on Palo Alto Networks as we promised and provide a glimpse of what we're going to look for at "Ignite" and posit what Palo Alto needs to do to stay on top of the hill. Now, the challenges for cybersecurity professionals. Dead simple to understand. Solving it, not so much. This is a taxonomic eye test, if you will, from Optiv. It's one of our favorite artifacts to make the point the cybersecurity landscape is a mosaic of stovepipes. Security professionals have to work with dozens of tools many legacy combined with shiny new toys to try and keep up with the relentless pace of innovation catalyzed by the incredibly capable well-funded and motivated adversaries. Cybersecurity is an anomalous market in that the leaders have low single digit market shares. Think about that. Cisco at one point held 60% market share in the networking business and it's still deep into the 40s. Oracle captures around 30% of database market revenue. EMC and storage at its peak had more than 30% of that market. Even Dell's PC market shares, you know, in the mid 20s or even over that from a revenue standpoint. So cybersecurity from a market share standpoint is even more fragmented perhaps than the software industry. Okay, you get the point. So despite its position as the number one player Palo Alto might have maybe three maybe 4% of the total market, depending on what you use as your denominator, but just a tiny slice. So how is it that we can sit here and declare Palo Alto as the undisputed leader? Well, we probably wouldn't go that far. They probably have quite a bit of competition. But this CISO from a recent ETR round table discussion with our friend Eric Bradley, summed up Palo Alto's allure. We thought pretty well. The question was why Palo Alto Networks? Here's the answer. Because of its completeness as a platform, its ability to integrate with its own products or they acquire, integrate then rebrand them as their own. We've looked at other vendors we just didn't think they were as mature and we already had implemented some of the Palo Alto tools like the firewalls and stuff and we thought why not go holistically with the vendor a single throat to choke, if you will, if stuff goes wrong. And I think that was probably the primary driver and familiarity with the tools and the resources that they provided. Now here's another stat from ETR's Eric Bradley. He gave us a glimpse of the January survey that's in the field now. The percent of IT buyers stating that they plan to consolidate redundant vendors, it went from 34% in the October survey and now stands at 44%. So we fo we feel this bodes well for consolidators like Palo Alto networks. And the same is true from Microsoft's kind of good enough approach. It should also be true for CrowdStrike although last quarter we saw softness reported on in their SMB market, whereas interestingly MongoDB actually saw consistent strength from its SMB and its self-serve. So that's something that we're watching very closely. Now, Palo Alto Networks has held up better than most of its peers in the stock market. So let's take a look at that real quick. This chart gives you a sense of how well. It's a one year comparison of Palo Alto with the bug ETF. That's the cyber basket that we like to compare often CrowdStrike, Zscaler, and Okta. Now remember Palo Alto, they didn't run up as much as CrowdStrike, ZS and Okta during the pandemic but you can see it's now down unquote only 9% for the year. Whereas the cyber basket ETF is off 27% roughly in line with the NASDAQ. We're not showing that CrowdStrike down 44%, Zscaler down 61% and Okta off a whopping 72% in the past 12 months. Now as we've indicated, Palo Alto is making a strong case for consolidating point tools and we think it will have a much harder time getting customers to switch off of big platforms like Cisco who's another leader in network security. But based on the fragmentation in the market there's plenty of room to grow in our view. We asked breaking analysis contributor Chip Simington for his take on the technicals of the stock and he said that despite Palo Alto's leadership position it doesn't seem to make much difference these days. It's all about interest rates. And even though this name has performed better than its peers, it looks like the stock wants to keep testing its 52 week lows, but he thinks Palo Alto got oversold during the last big selloff. And the fact that the company's free cash flow is so strong probably keeps it at the one 50 level or above maybe bouncing around there for a while. If it breaks through that under to the downside it's ne next test is at that low of around one 40 level. So thanks for that, Chip. Now having get that out of the way as we said on the previous chart Palo Alto has strong opinions, it's founder and CTO, Nir Zuk, is extremely clear on that point of view. So let's take a look at how Palo Alto got to where it is today and how we think you should think about his future. The company was founded around 18 years ago as a network security company focused on what they called NextGen firewalls. Now, what Palo Alto did was different. They didn't try to stuff a bunch of functionality inside of a hardware box. Rather they layered network security functions on top of its firewalls and delivered value as a service through software running at the time in its own cloud. So pretty obvious today, but forward thinking for the time and now they've moved to a more true cloud native platform and much more activity in the public cloud. In February, 2020, right before the pandemic we reported on the divergence in market values between Palo Alto and Fort Net and we cited some challenges that Palo Alto was happening having transitioning to a cloud native model. And at the time we said we were confident that Palo Alto would make it through the knot hole. And you could see from the previous chart that it has. So the company's architectural approach was to do the heavy lifting in the cloud. And this eliminates the need for customers to deploy sensors on prem or proxies on prem or sandboxes on prem sandboxes, you know for instance are vulnerable to overwhelming attacks. Think about it, if you're a sandbox is on prem you're not going to be updating that every day. No way. You're probably not going to updated even every week or every month. And if the capacity of your sandbox is let's say 20,000 files an hour you know a hacker's just going to turn up the volume, it'll overwhelm you. They'll send a hundred thousand emails attachments into your sandbox and they'll choke you out and then they'll have the run of the house while you're trying to recover. Now the cloud doesn't completely prevent that but what it does, it definitely increases the hacker's cost. So they're going to probably hit some easier targets and that's kind of the objective of security firms. You know, increase the denominator on the ROI. All right, the next thing that Palo Alto did is start acquiring aggressively, I think we counted 17 or 18 acquisitions to expand the TAM beyond network security into endpoint CASB, PaaS security, IaaS security, container security, serverless security, incident response, SD WAN, CICD pipeline security, attack service management, supply chain security. Just recently with the acquisition of Cider Security and Palo Alto by all accounts takes the time to integrate into its cloud and SaaS platform called Prisma. Unlike many acquisitive companies in the past EMC was a really good example where you ended up with a kind of a Franken portfolio. Now all this leads us to believe that Palo Alto wants to be the consolidator and is in a good position to do so. But beyond that, as multi-cloud becomes more prevalent and more of a strategy customers tell us they want a consistent experience across clouds. And is going to be the same by the way with IoT. So of the next wave here. Customers don't want another stove pipe. So we think Palo Alto is in a good position to build what we call the security super cloud that layer above the clouds that brings a common experience for devs and operational teams. So of course the obvious question is this, can Palo Alto networks continue on this path of acquire and integrate and still maintain best of breed status? Can it? Will it? Does it even have to? As Holger Mueller of Constellation Research and I talk about all the time integrated suites seem to always beat best of breed in the long run. We'll come back to that. Now, this next graphic that we're going to show you underscores this question about portfolio. Here's a picture and I don't expect you to digest it all but it's a screen grab of Palo Alto's product and solutions portfolios, network cloud, network security rather, cloud security, Sassy, CNAP, endpoint unit 42 which is their threat intelligence platform and every imaginable security service and solution for customers. Well, maybe not every, I'm sure there's more to come like supply chain with the recent Cider acquisition and maybe more IoT beyond ZingBox and earlier acquisition but we're sure there will be more in the future both organic and inorganic. Okay, let's bring in more of the ETR survey data. For those of you who don't know ETR, they are the number one enterprise data platform surveying thousands of end customers every quarter with additional drill down surveys and customer round tables just an awesome SaaS enabled platform. And here's a view that shows net score or spending momentum on the vertical axis in provision or presence within the ETR data set on the horizontal axis. You see that red dotted line at 40%. Anything at or over that indicates a highly elevated net score. And as you can see Palo Alto is right on that line just under. And I'll give you another glimpse it looks like Palo Alto despite the macro may even just edge up a bit in the next survey based on the glimpse that Eric gave us. Now those colored bars in the bottom right corner they show the breakdown of Palo Alto's net score and underscore the methodology that ETR uses. The lime green is new customer adoptions, that's 7%. The forest green at 38% represents the percent of customers that are spending 6% or more on Palo Alto solutions. The gray is at that 40 or 8% that's flat spending plus or minus 5%. The pinkish at 5% is spending is down on Palo Alto network products by 6% or worse. And the bright red at only 2% is churn or defections. Very low single digit numbers for Palo Alto, that's a real positive. What you do is you subtract the red from the green and you get a net score of 38% which is very good for a company of Palo Alto size. And we'll note this is based on just under 400 responses in the ETR survey that are Palo Alto customers out of around 1300 in the total survey. It's a really good representation of Palo Alto. And you can see the other leading companies like CrowdStrike, Okta, Zscaler, Forte, Cisco they loom large with similar aspirations. Well maybe not so much Okta. They don't necessarily rule want to rule the world. They want to rule identity and of course the ever ubiquitous Microsoft in the upper right. Now drilling deeper into the ETR data, let's look at how Palo Alto has progressed over the last three surveys in terms of market presence in the survey. This view of the data shows provision in the data going back to October, 2021, that's the gray bars. The blue is July 22 and the yellow is the latest survey from October, 2022. Remember, the January survey is currently in the field. Now the leftmost set of data there show size a company. The middle set of data shows the industry for a select number of industries in the right most shows, geographic region. Notice anything, yes, Palo Alto up across the board relative to both this past summer and last fall. So that's pretty impressive. Palo Alto network CEO, Nikesh Aurora, stressed on the last earnings call that the company is seeing somewhat elongated deal approvals and sometimes splitting up size of deals. He's stressed that certain industries like energy, government and financial services continue to spend. But we would expect even a pullback there as companies get more conservative. But the point is that Nikesh talked about how they're hiring more sales pros to work the pipeline because they understand that they have to work harder to pull deals forward 'cause they got to get more approvals and they got to increase the volume that's coming through the pipeline to account for the possibility that certain companies are going to split up the deals, you know, large deals they want to split into to smaller bite size chunks. So they're really going hard after they go to market expansion to account for that. All right, so we're going to wrap by sharing what we expect and what we're going to probe for at Palo Alto Ignite next week, Lisa Martin and I will be hosting "theCube" and here's what we'll be looking for. First, it's a four day event at the MGM with the meat of the program on days two and three. That's day two was the big keynote. That's when we'll start our broadcasting, we're going for two days. Now our understanding is we've never done Palo Alto Ignite before but our understanding it's a pretty technically oriented crowd that's going to be eager to hear what CTO and founder Nir Zuk has to say. And as well CEO Nikesh Aurora and as in addition to longtime friend of "theCube" and current president, BJ Jenkins, he's going to be speaking. Wendy Whitmore runs Unit 42 and is going to be several other high profile Palo Alto execs, as well, Thomas Kurian from Google is a featured speaker. Lee Claridge, who is Palo Alto's, chief product officer we think is going to be giving the audience heavy doses of Prisma Cloud and Cortex enhancements. Now, Cortex, you might remember, came from an acquisition and does threat detection and attack surface management. And we're going to hear a lot about we think about security automation. So we'll be listening for how Cortex has been integrated and what kind of uptake that it's getting. We've done some, you know, modeling in from the ETR. Guys have done some modeling of cortex, you know looks like it's got a lot of upside and through the Palo Alto go to market machine, you know could really pick up momentum. That's something that we'll be probing for. Now, one of the other things that we'll be watching is pricing. We want to talk to customers about their spend optimization, their spending patterns, their vendor consolidation strategies. Look, Palo Alto is a premium offering. It charges for value. It's expensive. So we also want to understand what kind of switching costs are customers willing to absorb and how onerous they are and what's the business case look like? How are they thinking about that business case. We also want to understand and really probe on how will Palo Alto maintain best of breed as it continues to acquire and integrate to expand its TAM and appeal as that one-stop shop. You know, can it do that as we talked about before. And will it do that? There's also an interesting tension going on sort of changing subjects here in security. There's a guy named Edward Hellekey who's been in "theCube" before. He hasn't been in "theCube" in a while but he's a security pro who has educated us on the nuances of protecting data privacy, public policy, how it varies by region and how complicated it is relative to security. Because securities you technically you have to show a chain of custody that proves unequivocally, for example that data has been deleted or scrubbed or that metadata does. It doesn't include any residual private data that violates the laws, the local laws. And the tension is this, you need good data and lots of it to have good security, really the more the better. But government policy is often at odds in a major blocker to sharing data and it's getting more so. So we want to understand this tension and how companies like Palo Alto are dealing with it. Our customers testing public policy in courts we think not quite yet, our government's making exceptions and policies like GDPR that favor security over data privacy. What are the trade-offs there? And finally, one theme of this breaking analysis is what does Palo Alto have to do to stay on top? And we would sum it up with three words. Ecosystem, ecosystem, ecosystem. And we said this at CrowdStrike Falcon in September that the one concern we had was the pace of ecosystem development for CrowdStrike. Is collaboration possible with competitors? Is being adopted aggressively? Is Palo Alto being adopted aggressively by global system integrators? What's the uptake there? What about developers? Look, the hallmark of a cloud company which Palo Alto is a cloud security company is a thriving ecosystem that has entries into and exits from its platform. So we'll be looking at what that ecosystem looks like how vibrant and inclusive it is where the public clouds fit and whether Palo Alto Networks can really become the security super cloud. Okay, that's a wrap stop by next week. If you're in Vegas, say hello to "theCube" team. We have an unbelievable lineup on the program. Now if you're not there, check out our coverage on theCube.net. I want to thank Eric Bradley for sharing a glimpse on short notice of the upcoming survey from ETR and his thoughts. And as always, thanks to Chip Symington for his sharp comments. Want to thank Alex Morrison, who's on production and manages the podcast Ken Schiffman as well in our Boston studio, Kristen Martin and Cheryl Knight they help get the word out on social and of course in our newsletters, Rob Hoof, is our editor in chief over at Silicon Angle who does some awesome editing, thank you to all. Remember all these episodes they're available as podcasts. Wherever you listen, all you got to do is search "Breaking Analysis" podcasts. I publish each week on wikibon.com and silicon angle.com where you can email me at david.valante@siliconangle.com or dm me at D Valante or comment on our LinkedIn post. And please do check out etr.ai. They've got the best survey data in the enterprise tech business. This is Dave Valante for "theCube" Insights powered by ETR. Thanks for watching. We'll see you next week on "Ignite" or next time on "Breaking Analysis". (upbeat music)

(corporate electronic xylophone jingle intro) >> Good afternoon and welcome back to our very last segment of Tuesday's live broadcast here on theCUBE from AWS re:Invent in fabulous Las Vegas, Nevada. My name is Savannah Peterson and I am joined here by the brilliant Paul Gillin. Paul, end of our first day. You holding up, are you still feeling overwhelmed with fire hose... >> Savannah, yet my feet are killing me. (savannah laughs) >> Yeah, we've done so much walking in these chairs. >> 14,000 steps already today. It's not even dinner time. >> Hey, well, at least you've earned your dinner, Paul. I love that. I love that. I'm very excited about our next guests. We have Krishna and Sowmya joining us from Tata Consultancy Services. Now, I was impressed when I was doing my background research on you all. The Tata Group has locations in 150 different spots, 46 different countries. You have over 600,000 employees on the team. We are talking about absolutely massive scale here but, today we're going to be focused specifically on the Tata Consultancy Services. Sowmya, can you tell me what you all do? What is that team specifically in charge of? >> Yeah, TCS, first of all, thank you very much for inviting us. >> Savannah: Our pleasure. >> Maybe the last session but, we'll make it very lively. >> Savannah: It's going to be the best session. That's the best part of the day. >> Yes, that's the attitude. From a company standpoint, we are a 50 plus year old company. Part of the Tata group. We focus on IT services. We are categorized as industry verticals and we have horizontal services where AWS is one of the horizontal services that we have. And, when I talk about TCS, we focus a lot more on growth and transformation of our customers. That is one of the key objectives of the current company's growth, I would say. So, that is TCS in a nutshell. >> Extraordinarily important topic to be focused on right now. Growth, transformation, pretty much the core topics of the show. I know you're on the hospitality and transportation side of the business, which is very exciting. And, we're going to dig into that a little bit more. Krishna, you're overseeing the world. Tell us a little bit more about your role within the whole ecosystem. >> Yeah, thank you for the opportunity. Great meeting all of you. It's been awesome experience here. re:Invent is coming back, catching up, right? 50,000 people compared to 25,000 last year. So, great to see and meet all of you. Coming to my role, I am responsible for AWS Business Unit within TCS. That means I am responsible for anything that happens on cloud, on AWS. It's a Full Stack unit. I have the global responsibility. That's whether it's a applications, data, infrastructure, transformation that happens, as well as OT at the edge. So, that's my responsibility. >> Savannah: Well, I love talking about the edge. One of my favorite. >> Transformation is a theme of what you do. We heard that the pandemic accelerated digital transformation initiatives at many companies. How did you see the pandemic affecting your business, affecting the customers you were working with? >> Pandemic definitely kind of accelerated a lot of cloud adoption, right? A lot of companies initially focused on resiliency, coming back to handling the pandemic, the situation. But, it also drove a lot of innovation in the business models. They had to think on their feet, re-look at their business models, change the channels and that continued. Pandemic is thankfully gone by but, the transformation actually continued. The way that we actually see on cloud, especially transformation, it has evolved. What we call as Cloud 2.0. Now, cloud is actually more focused on future-proofing the businesses. And, the initial days it was more about future-proofing the technology and technology architecture. But, it has evolved to future-proofing businesses. That means implementing new business models, bringing in agility, measuring the business value. And, that's where we see a significant traction. >> So, it's not about technology then. It's not about infrastructure. >> It is about technology but, really delivering business value. It's about, how can I improve the customer experience? >> Well, can you give us a couple of examples of companies you work with that embody this idea? >> I can imagine in the travel and hospitality zone. Probably few communities more sensitive than when someone's having a disruption or frustration within that process. And, perhaps few time periods less chaotic than the last few years. Tell us about your experience and what you've seen. >> Absolutely. To answer your question, first of all, coming out of pandemic, right? Many customers in the travel and hospitality industry where legacy, did not modernize for the last decade or so because, there have been many ups and downs in the industry. So, during pandemic, post-pandemic, one of the the way they wanted to rebound was, can we do the transformation? First of all, cloud as a technology adoption, but, beyond that, how do customers derive value, business value? That is one of the key aspects of the old transformation. And, if you take, I can give a couple of examples. Avis Car Rental, they had monolith mainframe applications and, that was there for almost couple of decades, right? But, over a period of time, they were not able to have the availability of those applications. There were many outages. As a result, businesses could not do the bookings. Like OTAs, customers could not do the bookings, the application was not available most of the time. And, it's all legacy, right? So, that is where we all came in, TCS. How do we first of all, simplify the complexity of the landscape? That is one. Then, second is, modernize the legacy application. That's the second thing. Third is, how do you scale it? Because, everyone wants to go faster, right? How do you scale it? That is where we partnered with AWS as well, to bring in some specific solutions. One example for Avis', their Rent Shop. Because, of the lack of availability, because, it's monolith application and legacy application. It was not available. So, as a result, we partnered and we brought in our contextual knowledge of the car rental industry to kind of transform, move it to cloud. And, today, as a result of it, Avis was able to save millions of dollars from a MIB standpoint. Second, in terms of availability, that was 99.9% availability. As a result, they had a pick in their business revenue as well. So, this is one of the ways that its helped. The second example I want to quote is, United Airlines. Here again, we've been present for a long time. We have a deep industry knowledge of the airline industry. So, we brought in our airline contextual knowledge and the United landscape to bring in a TCS's solution that we developed. It's called the Aviana. It's an intelligent operations solution for the airline industry, which we have developed. It's on AWS as well, that is being implemented in United. As a result, the ground staff, they have to take decisions on the moment when there is a irregular operation. That could be flight delays, as a result, customers connections will be lost. >> Savannah: Baggage. >> Baggage, right? Baggage delays. >> So many variables. The complexity... >> exactly >> in this matrix is wild. >> So, leveraging the Aviana solution, the ground staff were able to take decisions based on exceptions. They were able to take decisions quickly so that, they improved the customer experience. I think that was one of the key successes for United in the recent times. So, those two are the examples that I would call where customers have the right business value. So, cloud was not just for technology. They all are deriving a lot of business value as well. I would say. >> How important do you think it is for companies facing these unique challenges and scaling to work with partners like TCS? And, I'm sure you would say very important, but, tell me a little bit more why it's so important and those core benefits that they're going to get. Krishna, let's start off with you. Yeah, let me take again the AWS cloud transformation, right? TCS has formed AWS Business Unit two years back. So, we are a covid baby in a way. We have been working with the AWS for more than a decade but, we formed a dedicated Full-Stack Unit to drive cloud transformation on AWS. In these last two years, we've grown three X and customers we have added 400 new customers we have added. >> Nicely done. Just want to see you there. That's huge. Especially during these times. Congratulations. >> So, it's basically about the scale that we bring in. What we have done as a differentiation is, if you look at the entire cloud journey, right from taking a decision which cloud is, right, all the way to the cloud migration modernization and running operations. So, we have built complete platform. AML based platforms, where we have taken our delivery wisdom and codified it onto these platforms. So, we support around thousand plus customers on AWS in varying capacity. All of that knowledge is codified and, that is what we bring to the table, to the customers. And, so, customers obviously appreciate that value that best practices that are coming. And, coupled with that, the industry knowledge that we have on banking, life sciences, healthcare, automotive. So, it's partly the IT, it is the industry transformation as well. Because, we are working on connected cars, for example, in automotive. We are working on accelerated drug development platforms. We're working on complete banks as a platform that we have. TCS has built on AWS. So, 400 customers are there. It's the complete banking and insurance platform. So, this is the combination of the technical expertize that is digitized using platforms, as well as the industry knowledge, is the reason why customers work with us on the cloud transformation. >> So, we're seeing you talk about the vertical industry knowledge. AWS also has its own vertical industry plays. How do you, I guess, coordinate with them or, do you compete with them or, do you stay out of each other's way? >> No, we actually collaborate aggressively. >> Savannah: I like that (laughs) >> Right, so, it's not.. >> Savannah: With vigor. >> With vigor. TCS supports approximately 14 verticals. With AWS, we went with the focused industry play. We said we look at financial services, travel, transportation, hospitality, healthcare, life sciences and automotive, to start with. And, we have Go Big plans with AWS. very focused. The collaboration is actually at the industry solutions because, AWS is a great platform, ever evolving, keeps you on on your toes to really adapt it. But, that is always going on, the collaboration. But, the industry, I'm actually glad AWS last year took a pivot on focusing on industries. Now, we talk the same language when we go in front of a board or a CEO or COO. Present it. We are talking about the future of the industry not just the future of the technology. So, it's a win-win. >> You are also developing products on top of AWS that are not industry verticals, that build on the platform. What kinds of products are those? >> For cloud transformation, for example, consulting. We have a product called Cloud Counsell. We have a decision engine on the data side. We have something called Cloud Foundation, Mason. CloudMason. It's just the foundation, right? And, entire migration and modernization factory. And, the last one on cloud operations is actually Cloud Exponence. So, these are time tested. You have Fortune 500 customers using this regularly actively leveraging that. And, these are all AWS in a well architecture framework certified. So, they work well and they're designed to work on cloud, not only in the native environment, but, also legacy environment. Because, enterprises is not just only native, cloud-native. There is a lot of legacy. Sowmya spoke about the mainframe model... >> So much legacy, we were talking about it. >> So, you have to have a combination of solutions. So, the platforms that we're building, the products we're building, work in both the environments. >> Yeah, and that agility and ability to help customers navigate that prioritization. I mean, there's so many options. We talk about how many new companies there are every year. New solutions. Our adoption of technology is accelerating. As, McKinsey said, we went through 10 years of technological evolution and workplace evolution over the first six months of the pandemic. So, really everything's moving at unprecedented velocity unlike ever before. We have a new game here on theCUBE specifically for this show. And, we are challenging our guests, prompting our guests, to give us a 30 second sizzly sound bite with your hot take on the most important themes of this year's show. Think of it as a thought leadership moment. Opportunity to plug if you really want it. Krishna, you've just given me the nod. I'm going to start with you first and then we'll then we'll pass it along, yeah >> Sure. I think on thought leadership, the way that on cloud, business value is the focus, not the technology. Technology is important, but business value is the focus. And, the way that I see it evolving is with quantum computing coming out more and more, becoming relevant, and Edge is actually becoming quite active as well. All this while on cloud, we focused on business value at the centralized place at the corporate. But, I think the real value of cloud is when you deliver the results, business results, where the customers consume it, that is at the edge. I think that's basically the combination of centralized and the edge is where the real value of cloud is, right. And, I also loud, I know you said 30 seconds but, give me 30 more seconds. >> I like your answer right now. So, I'm going to give you a little more time. Yeah, thank you. >> You've earned more time. (laughs) >> So, I like the way Adam said in the keynote, if you look at it broadly, I categorizes two things. There are a lot of offerings that are becoming comprehensive, like AWS Connect, bringing in workforce management into it, making it a complete end to end product. Similarly, Security Lake, all bringing in the entire security and compliance under one, similarly data. So, there are lot of things that he announced where it is an end to end comprehensiveness of the thing. But, what I love about is, what Amazon is known for, supply chain. So, they rolled out AWS Supply Chain offering. Walk Out technology. So, the Amazon proposition is actually being brought to AWS as a core proposition. I think that's very futuristic and I think we can see more and more customers, enterprise customers, adopting AWS more to drive transformation >> Badly needed right now. Supply chain resiliency. >> Supply chain really having its moment the last two years. File under two words. No one knew, many of us did who worked in it before this. And, here we are, soon as we lost our toilet paper, everyone's freaked out. I love that you talked about business value and also that the end customer is on the edge and, everyone kind of forgets we are essentially the edge device. This is the edge device, it's all around us. And, all the technology that we're all using that you're even talking about is built right inside here from my airlines app to my car rentals to all of it. All right Sowmya, give us your 30 second hot take, roughly. >> Taking the cue from Krishna, right? Today, things are available on AWS Marketplace. So, tomorrow, somebody wants to start an airline, they just have to come and plug and play the apps that are available in the marketplace. Especially your supply chain. The Amazon is known for that. And, a small and medium business they want to start something, right, a .com. It's very easy. So, that's something that we are all looking for. The future is going to be very, very bright and great for the businesses, is what I would say because, most of it could be plug and play with all the solutions. >> Paul: It's already been built. >> On the cloud, so, we are looking forward to it. The second thing I would talk about is, we have to take it to scale. How more and more people can leverage AWS, right? The talent is very important and, that is where partners like us focus on re-scaling our talent. We have 600,000 people, right? We are not just... >> 600,000 people! That's basically as many people live in the San Francisco Bay area for contexts for our listeners. It's how many people work for Walmart? >> It's 1.2 million in Walmart? >> Is it really? >> It is, yes, yes. That's work for Walmart, sidebar. >> So from that standpoint, as the company, we are focusing on re-skilling, up-skilling our talent in order to work AWS cloud and so on, so, that they can go and support our customers. That is something that is very important and that's going to be the future as well. Bring it to scale, go faster. >> I love that you just touched on the fact that you essentially have to practice what you preach because, you've got to think about those 600,000 people in a 100 locations across 40 plus different countries. I love it. Sowmya, I'm going to close on that note. The future is bright, just like your fabulous blazer. >> Thank you so much. Krishna, Sowmya, thank you so much for being here with us. We can't wait to see what happens next, who you help next, and how Tata continues to transform. Thank all of you for tuning in today. A full jam packed day of coverage live here from Las Vegas, Nevada. We are at AWS re:Invent with Paul Gillin. I'm Savannah Peterson. We're theCUBE, the leader in High-Tech Coverage. (corporate electronic xylophone jingle outro)

>> Welcome to this Cube Conversation, I'm Lisa Martin. I'm joined by Derek Manky next, the Chief Security Insights and Global Threat Alliances at Fortiguard Labs. Derek, welcome back to the program. >> Hey, it's great to be here again. A lot of stuff's happened since we last talked. >> So Derek, one of the things that was really surprising from this year's Global Threat Landscape Report is a 10, more than 10x increase in ransomware. What's going on? What have you guys seen? >> Yeah so this is massive. We're talking over a thousand percent over a 10x increase. This has been building Lisa, So this has been building since December of 2020. Up until then we saw relatively low high watermark with ransomware. It had taken a hiatus really because cyber criminals were going after COVID-19 lawyers and doing some other things at the time. But we did see a seven fold increase in December, 2020. That has absolutely continued this year into a momentum up until today, it continues to build, never subsided. Now it's built to this monster, you know, almost 11 times increase from, from what we saw back last December. And the reason, what's fueling this is a new verticals that cyber criminals are targeting. We've seen the usual suspects like telecommunication, government in position one and two. But new verticals that have risen up into this third and fourth position following are MSSP, and this is on the heels of the Kaseya attack of course, that happened in 2021, as well as operational technology. There's actually four segments, there's transportation, automotive, manufacturing, and then of course, energy and utility, all subsequent to each other. So there's a huge focus now on, OT and MSSP for cyber criminals. >> One of the things that we saw last year this time, was that attackers had shifted their focus away from enterprise infrastructure devices, to home networks and consumer grade products. And now it looks like they're focusing on both. Are you seeing that? >> Yes, absolutely. In two ways, so first of all, again, this is a kill chain that we talk about. They have to get a foothold into the infrastructure, and then they can load things like ransomware on there. They can little things like information stealers as an example. The way they do that is through botnets. And what we reported in this in the first half of 2021 is that Mirai, which is about a two to three-year old botnet now is number one by far, it was the most prevalent botnet we've seen. Of course, the thing about Mirai is that it's an IOT based botnet. So it sits on devices, sitting inside consumer networks as an example, or home networks, right. And that can be a big problem. So that's the targets that cyber criminals are using. The other thing that we saw that was interesting was that one in four organizations detected malvertising. And so what that means Lisa, is that cyber criminals are shifting their tactics from going just from cloud-based or centralized email phishing campaigns to web born threats, right. So they're infecting sites, waterhole attacks, where, you know, people will go to read their daily updates as an example of things that they do as part of their habits. They're getting sent links to these sites that when they go to it, it's actually installing those botnets onto those systems, so they can get a foothold. We've also seen scare tactics, right. So they're doing new social engineering lures, pretending to be human resource departments. IT staff and personnel, as an example, with popups through the web browser that look like these people to fill out different forms and ultimately get infected on home devices. >> Well, the home device use is proliferate. It continues because we are still in this work from home, work from anywhere environment. Is that, you think a big factor in this increase from 7x to nearly 11x? >> It is a factor, absolutely. Yeah, like I said, it's also, it's a hybrid of sorts. So a lot of that activity is going to the MSSP angle, like I said to the OT. And to those new verticals, which by the way, are actually even larger than traditional targets in the past, like finance and banking, is actually lower than that as an example. So yeah, we are seeing a shift to that. And like I said, that's, further backed up from what we're seeing on with the, the botnet activity specifically with Mirai too. >> Are you seeing anything in terms of the ferocity, we know that the volume is increasing, are they becoming more ferocious, these attacks? >> Yeah, there is a lot of aggression out there, certainly from, from cyber criminals. And I would say that the velocity is increasing, but the amount, if you look at the cyber criminal ecosystem, the stakeholders, right, that is increasing, it's not just one or two campaigns that we're seeing. Again, we're seeing, this has been a record cases year, almost every week we've seen one or two significant, cyber security events that are happening. That is a dramatic shift compared to last year or even, two years ago too. And this is because, because the cyber criminals are getting deeper pockets now. They're becoming more well-funded and they have business partners, affiliates that they're hiring, each one of those has their own methodology, and they're getting paid big. We're talking up to 70 to 80% commission, just if they actually successfully, infect someone that pays for the ransom as an example. And so that's really, what's driving this too. It's a combination of this kind of perfect storm as we call it, right. You have this growing attack surface, work from home environments and footholds into those networks, but you have a whole bunch of other people now on the bad side that are orchestrating this and executing the attacks too. >> So what can organizations do to start- to slow down or limit the impacts of this growing ransomware as a service? >> Yeah, great question. Everybody has their role in this, I say, right? So if we look at, from a strategic point of view, we have to disrupt cyber crime, how do we do that? It starts with the kill chain. It starts with trying to build resilient networks. So things like ZTA and a zero trust network access, SD-WAN as an example for protecting that WAN infrastructure. 'Cause that's where the threats are floating to, right. That's how they get the initial footholds. So anything we can do on the preventative side, making networks more resilient, also education and training is really key. Things like multi-factor authentication are all key to this because if you build that preventatively and it's a relatively small investment upfront Lisa, compared to the collateral damage that can happen with these ransomware paths, the risk is very high. That goes a long way, it also forces the attackers to- it slows down their velocity, it forces them to go back to the drawing board and come up with a new strategy. So that is a very important piece, but there's also things that we're doing in the industry. There's some good news here, too, that we can talk about because there's things that we can actually do apart from that to really fight cyber crime, to try to take the cyber criminals offline too. >> All right, hit me with the good news Derek. >> Yeah, so a couple of things, right. If we look at the botnet activity, there's a couple of interesting things in there. Yes, we are seeing Mirai rise to the top right now, but we've seen big problems of the past that have gone away or come back, not as prolific as before. So two specific examples, EMOTET, that was one of the most prolific botnets that was out there for the past two to three years, there is a take-down that happened in January of this year. It's still on our radar but immediately after that takedown, it literally dropped to half of the activity it had before. And it's been consistently staying at that low watermark now at that half percentage since then, six months later. So that's very good news showing that the actual coordinated efforts that were getting involved with law enforcement, with our partners and so forth, to take down these are actually hitting their supply chain where it hurts, right. So that's good news part one. Trickbot was another example, this is also a notorious botnet, takedown attempt in Q4 of 2020. It went offline for about six months in our landscape report, we actually show that it came back online in about June this year. But again, it came back weaker and now the form is not nearly as prolific as before. So we are hitting them where it hurts, that's that's the really good news. And we're able to do that through new, what I call high resolution intelligence that we're looking at too. >> Talk to me about that high resolution intelligence, what do you mean by that? >> Yeah, so this is cutting edge stuff really, gets me excited, keeps me up at night in a good way. 'Cause we we're looking at this under the microscope, right. It's not just talking about the what, we know there's problems out there, we know there's ransomware, we know there's a botnets, all these things, and that's good to know, and we have to know that, but we're able to actually zoom in on this now and look at- So we, for the first time in the threat landscape report, we've published TTPs, the techniques, tactics, procedures. So it's not just talking about the what, it's talking about the how, how are they doing this? What's their preferred method of getting into systems? How are they trying to move from system to system? And exactly how are they doing that? What's the technique? And so we've highlighted that, it's using the MITRE attack framework TTP, but this is real time data. And it's very interesting, so we're clearly seeing a very heavy focus from cyber criminals and attackers to get around security controls, to do defense innovation, to do privilege escalation on systems. So in other words, trying to be common administrator so they can take full control of the system. As an example, lateral movement, there's still a preferred over 75%, 77 I believe percent of activity we observed from malware was still trying to move from system to system, by infecting removable media like thumb drives. And so it's interesting, right. It's a brand new look on these, a fresh look, but it's this high resolution, is allowing us to get a clear image, so that when we come to providing strategic guides and solutions in defense, and also even working on these takedown efforts, allows us to be much more effective. >> So one of the things that you said in the beginning was we talked about the increase in ransomware from last year to this year. You said, I don't think that we've hit that ceiling yet, but are we at an inflection point? Data showing that we're at an inflection point here with being able to get ahead of this? >> Yeah, I would like to believe so, there is still a lot of work to be done unfortunately. If we look at, there's a recent report put out by the Department of Justice in the US saying that, the chance of a criminal to be committing a crime, to be caught in the US is somewhere between 55 to 60%, the same chance for a cyber criminal lies less than 1%, well 0.5%. And that's the bad news, the good news is we are making progress in sending messages back and seeing results. But I think there's a long road ahead. So, there's a lot of work to be done, We're heading in the right direction. But like I said, they say, it's not just about that. It's, everyone has their role in this, all the way down to organizations and end users. If they're doing their part of making their networks more resilient through this, through all of the, increasing their security stack and strategy. That is also really going to stop the- really ultimately the profiteering that wave, 'cause that continues to build too. So it's a multi-stakeholder effort and I believe we are getting there, but I continue to still, I continue to expect the ransomware wave to build in the meantime. >> On the end-user front, that's always one of the vectors that we talk about, it's people, right? There's so much sophistication in these attacks that even security folks and experts are nearly fooled by them. What are some of the things that you're saying that governments are taking action on some recent announcements from the White House, but other organizations like Interpol, the World Economic Forum, Cyber Crime Unit, what are some of the things that governments are doing that you're seeing that as really advantageous here for the good guys? >> Yeah, so absolutely. This is all about collaboration. Governments are really focused on public, private sector collaboration. So we've seen this across the board with Fortiguard Labs, we're on the forefront with this, and it's really exciting to see that, it's great. There's always been a lot of will to work together, but we're starting to see action now, right? Interpol is a great example, they recently this year, held a high level forum on ransomware. I actually spoke and was part of that forum as well too. And the takeaways from that event were that we, this was a message to the world, that public, private sector we need. They actually called ransomware a pandemic, which is what I've referred to it as before in itself as well too. Because it is becoming that much of a problem and that we need to work together to be able to create action, action against this, measure success, become more strategic. The World Economic Forum were leading a project called the Partnership Against Cyber Crime Threat Map Project. And this is to identify, not just all this stuff we talked about in the threat landscape report, but also looking at, things like, how many different ransomware gangs are there out there. What do the money laundering networks look like? It's that side of the supply chain to map out, so that we can work together to actually take down those efforts. But it really is about this collaborative action that's happening and it's innovation and there's R&D behind this as well, that's coming to the table to be able to make it impactful. >> So it sounds to me like ransomware is no longer a- for any organization in any industry you were talking about the expansion of verticals. It's no longer a, "If this happens to us," but a matter of when and how do we actually prepare to remediate, prevent any damage? >> Yeah, absolutely, how do we prepare? The other thing is that there's a lot of, with just the nature of cyber, there's a lot of connectivity, there's a lot of different, it's not just always siloed attacks, right. We saw that with Colonial obviously, this year where you have attacks on IT, that can affect consumers, right down to consumers, right. And so for that very reason, everybody's infected in this. it truly is a pandemic I believe on its own. But the good news is, there's a lot of smart people on the good side and that's what gets me excited. Like I said, we're working with a lot of these initiatives. And like I said, some of those examples I called up before, we're actually starting to see measurable progress against this as well. >> That's good, well never a dull day I'm sure in your world. Any thing that you think when we talk about this again, in a few more months of the second half of 2021, anything you predict crystal ball wise that we're going to see? >> Yeah, I think that we're going to continue to see more of the, I mean, ransomware, absolutely, more of the targeted attacks. That's been a shift this year that we've seen, right. So instead of just trying to infect everybody for ransom, as an example, going after some of these new, high profile targets, I think we're going to continue to see that happening from the ransomware side and because of that, the average costs of these data breaches, I think they're going to continue to increase, it already did in 2021 as an example, if we look at the cost of a data breach report, it's gone up to about $5 million US on average, I think that's going to continue to increase as well too. And then the other thing too is, I think that we're going to start to see more, more action on the good side like we talked about. There was already a record amount of takedowns that have happened, five takedowns that happened in January. There were arrests made to these business partners, that was also new. So I'm expecting to see a lot more of that coming out towards the end of the year too. >> So as the challenges persist, so do the good things that are coming out of this. Where can folks go to get this first half 2021 Global Threat Landscape? What's the URL that they can go to? >> Yeah, you can check it out, all of our updates and blogs including the threat landscape reports on blog.fortinet.com under our threat research category. >> Excellent, I read that blog, it's fantastic. Derek, always a pleasure to talk to you. Thanks for breaking this down for us, showing what's going on. Both the challenging things, as well as the good news. I look forward to our next conversation. >> Absolutely, it was great chatting with you again, Lisa. Thanks. >> Likewise for Derek Manky, I'm Lisa Martin. You're watching this Cube Conversation. (exciting music)

(radio calls) >> Announcer: From around the globe, its theCUBE covering Space & Cybersecurity Symposium 2020, hosted by Cal poly. Hello, welcome back to theCUBE virtual coverage with Cal Poly for the Space and Cybersecurity Symposium, a day four and the wrap up session, keynote session with the Lieutenant Governor of California, Eleni Kounalakis. She's here to deliver her keynote speech on the topic of California's role in supporting America's Cybersecurity future. Eleni, take it away. >> Thank you, John, for the introduction. I am Lieutenant Governor Eleni Kounalakis. It is an honor to be part of Cal Poly Space and Cybersecurity Symposium. As I speak kind of Pierre with the governor's office of business and economic development is available on the chat, too ready to answer any questions you might have. California and indeed the world are facing significant challenges right now. Every day we are faced with the ongoing COVID-19 pandemic and the economic downturn that is ensued. We have flattened the curve in California and are moving in the right direction but it is clear that we're not out of the woods yet. It is also impossible right now to escape the reality of climate change from the fire sparked by exceptionally rare, dry lightening events to extreme heat waves threatening public health and putting a strain on our electricity grid. We see that climate change is here now. And of course we've been recently confronted with a series of brutal examples of institutionalized racism that have created an awakening among people of all walks of life and compelled us into the streets to march and protest. In the context of all this, we cannot forget that we continue to be faced with other less visible but still very serious challenges. Cybersecurity threats are one of these. We have seen cities, companies and individuals paralyzed by attacks costing time and money and creating an atmosphere of uncertainty and insecurity. Our state agencies, local governments, police departments, utilities, news outlets and private companies from all industries are target. The threats around cybersecurity are serious but not unlike all the challenges we face in California. We have the tools and fortitude to address them. That is why this symposium is so important. Thank you, Cal Poly and all the participants for being here and for the important contributions you bring to this conference. I'd like to also say a few words about California's role in America's future in space. California has been at the forefront of the aerospace industry for more than a century through all the major innovations in aerospace from wooden aircraft, to World War II Bombers, to rockets and Mars rovers. California has played a pivotal role. Today, California is the number one state in total defense spending, defense contract spending and total number of personnel. It is estimated the Aerospace and Defense Industry, provides $168 billion in economic impact to our state. And America's best trained and most experienced aerospace and technology workforce lives here in California. The fact that the aerospace and defense sector, has had a strong history in California is no accident. California has always had strong innovation ecosystem and robust infrastructure that puts many sectors in a position to thrive. Of course, a big part of that infrastructure is a skilled workforce. And at the foundation of a skilled workforce is education. California has the strongest system of public higher education in the world. We're home to 10 university of California campuses, 23 California State university campuses and 116 California Community Colleges. All told nearly 3 million students are enrolled in public higher education. We also have world renowned private universities including the California Institute of Technology and Stanford University numbers one and three in the country for aerospace engineering. California also has four national laboratories and several NASA facilities. California possesses a strong spirit of innovation, risk taking and entrepreneurship. Half of all venture capital funding in the United States, goes to companies here in California. Lastly, but certainly no less critical to our success, California is a diverse state. 27% of all Californians are foreign born, 27% more than one in four of our population of 40 million people are immigrants from another country, Europe central and South America, India, Asia, everywhere. Our rich cultural diversity is our strength and helps drive our economy. As I look to the future of industries like cybersecurity and the growing commercial space industry, I know our state will need to work with those industries to make sure we continue to train our workforce for the demands of an evolving industry. The office of the lieutenant governor has a unique perspective on higher education and workforce development. I'm on the UC Board of Regents, the CSU Board of Trustees. And as of about two weeks ago, the Community Colleges Board of Governors. The office of the lieutenant governor is now the only office that is a member of every governing board, overseeing our public higher education system. Earlier in the symposium, we heard a rich discussion with Undersecretary Stewart Knox from the California Labor and Workforce Development Agency about what the state is doing to meet the needs of space and cybersecurity industries. As he mentioned, there are over 37,000 job vacancies in cybersecurity in our state. We need to address that gap. To do so, I see an important role for public private partnerships. We need input from industry and curriculum development. Some companies like Lockheed Martin, have very productive partnerships with universities and community colleges that train students with skills they need to enter aerospace and cyber industries. That type of collaboration will be key. We also need help from the industry to make sure students know that fields like cybersecurity even exist. People's early career interests are so often shaped by the jobs that members of their family have or what they see in popular culture. With such a young and evolving field like cybersecurity, many students are unaware of the job opportunities. I know for my visits to university campuses that students are hungry for STEM career paths where they see opportunities for good paying jobs. When I spoke with students at UC Merced, many of them were first generation college students who went through community college system before enrolling in a UC and they gravitated to STEM majors. With so many job opportunities available to STEM students, cybersecurity ought to be one that they are aware of and consider. Since this symposium is being hosted by Cal Poly, I wanted to highlight the tremendous work they're doing as leaders in the space and cybersecurity industry. Cal Poly California Cybersecurity Institute, does incredible work bringing together academia, industry and government training the next generation of cyber experts and researching emerging cybersecurity issues. As we heard from the President of Cal Poly, Jeff Armstrong the university is in the perfect location to contribute to a thriving space industry. It's close to Vandenberg Air Force Base and UC Santa Barbara and could be home to the future permanent headquarters of US Space Command. The state is also committed to supporting this space industry in the Central Coast. In July, the State of California, Cal poly US-based force and the others signed a memorandum of understanding to develop a commercial space port at Vandenberg Air Force Base and to develop a master plan to grow the commercial space industry in the region. Governor Newsom has made a commitment to lift up all regions of the state. And this strategy will position the Central Coast to be a global leader in the future of the space industry. I'd like to leave you with a few final thoughts, with everything we're facing. Fires, climate change, pandemic. It is easy to feel overwhelmed but I remain optimistic because I know that the people of the State of California are resilient, persistent, and determined to address our challenges and show a path toward a better future for ourselves and our families. The growth of the space industry and the economic development potential of projects like the Spaceport at Vandenberg Air Force Base, our great example of what we can look forward to. The potential for the commercial space industry to become a $3 trillion industry by mid century, as many experts predict is another. There are so many opportunities, new companies are going to emerge doing things we never could have dreamed of today. As Lieutenant General John Thompson said in the first session, the next few years of space and cyber innovation are not going to be a pony ride at the state fair, they're going to be a rodeo. We should all saddle up. Thank you. >> Okay, thank you very much, Eleni. I really appreciate it. Thank you for your participation and all your support to you and your staff. You guys doing a lot of work, a lot going on in California but cybersecurity and space as it comes together, California's playing a pivotal role in leading the world and the community. Thank you very much for your time. >> Okay, this session is going to continue with Bill Britton. Who's the vice president of technology and CIO at Cal Poly but more importantly, he's the director of the cyber institute located at Cal Poly. It's a global organization looking at the intersection of space and cybersecurity. Bill, let's wrap this up. Eleni had a great talk, talking about the future of cybersecurity in America and its future. The role California is playing, Cal Poly is right in the Central Coast. You're in the epicenter of it. We've had a great lineup here. Thanks for coming on. Let's put a capstone on this event. >> Thank you, John. But most importantly, thanks for being a great partner helping us get this to move forward and really changing the dynamic of this conversation. What an amazing time we're at, we had quite an unusual group but it's really kind of the focus and we've moved a lot of space around ourselves. And we've gone from Lieutenant General Thompson and the discussion of the opposition and space force and what things are going on in the future, the importance of cyber in space. And then we went on and moved on to the operations. And we had a private company who builds, we had the DOD, Department Of Defense and their context and NASA and theirs. And then we talked about public private partnerships from President Armstrong, Mr. Bhangu Mahad from the DOD and Mr. Steve Jacques from the National Security Space Association. It's been an amazing conference for one thing, I've heard repeatedly over and over and over, the reference to digital, the reference to cloud, the reference to the need for cybersecurity to be involved and really how important that is to start earlier than just at the employment level. To really go down into the system, the K through 12 and start there. And what an amazing time to be able to start there because we're returning to space in a larger capacity and it's now all around us. And the lieutenant governor really highlighted for us that California is intimately involved and we have to find a way to get our students involved at that same level. >> I want to ask you about this inflection point that was a big theme of this conference and symposium. It was throughout the interviews and throughout the conversations, both on the chat and also kind of on Twitter as well in the social web. Is that this new generation, it wasn't just space and government DOD, all the normal stuff you see, you saw JPL, the Hewlett Foundation, the Defense Innovation Unit, Amazon Web Services, NASA. Then you saw entrepreneurs come in, who were doing some stuff. And so you had this confluence of community. Of course, Cal Poly had participated in space. You guys does some great job, but it's not just the physical face-to-face show up, gets to hear some academic papers. This was a virtual event. We had over 300 organizations attend, different organizations around the world. Being a virtual event you had more range to get more people. This isn't digital. This symposium isn't about Central California anymore. It's global. >> No, it really has gone. >> What really happened to that? >> It's really kind of interesting because at first all of this was word of mouth for this symposium to take place. And it just started growing and growing and the more that we talk to organizations for support, the more we found how interconnected they were on an international scale. So much so that we've decided to take our cyber competition next year and take it globally as well. So if in fact as Major General Shaw said, this is about a multinational support force. Maybe it's time our students started interacting on that level to start with and not have to grow into it as they get older, but do it now and around space and around cybersecurity and around that digital environment and really kind of reduce the digital dividing space. >> Yeah, General Thompson mentioned this, 80 countries with programs. This is like the Olympics for space and we want to have these competitions. So I got great vision and I love that vision, but I know you have the number... Not number, the scores and from the competition this year that happened earlier in the week. Could you share the results of that challenge? >> Yeah, absolutely. We had 83 teams participate this year in the California Cyber Innovation Challenge. And again, it was based around a spacecraft scenario where a spacecraft, a commercial spacecraft was hacked and returned to earth. And the students had to do the forensics on the payload. And then they had to do downstream network analysis, using things like Wireshark and autopsy and other systems. It was a really tough competition. The students had to work hard and we had middle school and high school students participate. We had an intermediate league, new schools who had never done it before or even some who didn't even have STEM programs but were just signing up to really get involved in the experience. And we had our ultimate division which was those who had competed in several times before. And the winner of that competition was North Hollywood. They've been the winning team for four years in a row. Now it's a phenomenal program, they have their hats off to them for competing and winning again. Now what's really cool is not only did they have to show their technical prowess in the game but they also have to then brief and out-brief what they've learned to a panel of judges. And these are not pushovers. These are experts in the field of cybersecurity in space. We even had a couple of goons participating from DefCon and the teams present their findings. So not only are we talking technical, we're talking about presentation skills. The ability to speak and understand. And let me tell you, after reading all of their texts to each other over the weekend adds a whole new language they're using to interact with each other. It's amazing. And they are so more advanced and ready to understand space problems and virtual problems than we are. We have to challenge them even more. >> Well, it sounds like North Hollywood got the franchise. It's likethe Patriots, the Lakers, they've got a dynasty developing down there in North Hollywood. >> Well, what happens when there's a dynasty you have to look for other talent. So next year we're going global and we're going to have multiple states involved in the challenge and we're going to go international. So if North Hollywood pulls it off again next year, it's going to be because they've met the best in the world than defeated >> Okay, the gauntlet has been thrown down, got to take down North Hollywood from winning again next year. We'll be following that. Bill, great to get those results on the cyber challenge we'll keep track and we'll put a plug for it on our site. So we got to get some press on that. My question to you is now as we're going digital, other theme was that they want to hire digital natives into the space force. Okay, the DOD is looking at new skills. This was a big theme throughout the conference not just the commercial partnerships with government which I believe they had kind of put more research and personally, that's my personal opinion. They should be putting in way more research into academic and these environments to get more creative. But the skill sets was a big theme. What's your thoughts on how you saw some of the highlight moments there around skill sets? >> John, it's really interesting 'cause what we've noticed is in the past, everybody thinks skill sets for the engineering students. And it's way beyond that. It's all the students, it's all of them understanding what we call cyber cognizance. Understanding how cybersecurity works whatever career field they choose to be in. Space, there is no facet of supporting space that doesn't need that cyber cognizance. If you're in the back room doing the operations, you're doing the billing, you're doing the contracting. Those are still avenues by which cybersecurity attacks can be successful and disrupt your space mission. The fact that it's international, the connectivities, all of those things means that everyone in that system digitally has to be aware of what's going on around them. That's a whole new thought process. It's a whole new way of addressing a problem and dealing with space. And again it's virtual to everyone. >> That's awesome. Bill, great to have you on. Thank you for including theCUBE virtual, our CUBE event software platform that we're rolling out. We've been using it for the event and thank you for your partnership in this co-creation opening up your community, your symposium to the world, and we're so glad to be part of it. I want to thank you and Dustin and the team and the President of Cal Poly for including us. Thank you very much. >> Thank you, John. It's been an amazing partnership. We look forward to it in the future. >> Okay, that's it. That concludes the Space and Cybersecurity Symposium 2020. I'm John Furrier with theCUBE, your host with Cal Poly, who put on an amazing virtual presentation, brought all the guests together. And again, shout out to Bill Britton and Dustin DeBrum who did a great job as well as the President of Cal poly who endorsed and let them do it all. Great event. See you soon. (flash light sound)

>>from around the globe. It's the Cube covering space and cybersecurity. Symposium 2020 hosted by Cal Poly >>Oven. Welcome back to the Space and Cyber Security Symposium. 2020 I'm John for your host with the Cuban silicon angle, along with Cal Poly, representing a great session here on industry success in developing space and cybersecurity. Resource is Got a great lineup. Brigadier General Steve Hotel, whose are also known as Bucky, is Call Sign director of Space Portfolio Defense Innovation Unit. Preston Miller, chief information security officer at JPL, NASA and Major General retired Clint Crozier, director of aerospace and satellite solutions at Amazon Web services, also known as a W s. Gentlemen, thank you for for joining me today. So the purpose of this session is to spend the next hour talking about the future of workforce talent. Um, skills needed and we're gonna dig into it. And Spaces is an exciting intersection of so many awesome disciplines. It's not just get a degree, go into a track ladder up and get promoted. Do those things. It's much different now. Love to get your perspectives, each of you will have an opening statement and we will start with the Brigadier General Steve Hotel. Right? >>Thank you very much. The Defense Innovation Unit was created in 2015 by then Secretary of Defense Ash Carter. To accomplish three things. One is to accelerate the adoption of commercial technology into the Department of Defense so that we can transform and keep our most relevant capabilities relevant. And also to build what we call now called the national Security Innovation Base, which is inclusive all the traditional defense companies, plus the commercial companies that may not necessarily work with focus exclusively on defense but could contribute to our national security and interesting ways. Um, this is such an exciting time Azul here from our other speakers about space on and I can't, uh I'm really excited to be here today to be able to share a little bit of our insight on the subject. >>Thank you very much. Precedent. Miller, Chief information security officer, Jet Propulsion Lab, NASA, Your opening statement. >>Hey, thank you for having me. I would like to start off by providing just a little bit of context of what brings us. Brings us together to talk about this exciting topic for space workforce. Had we've seen In recent years there's been there's been a trend towards expanding our space exploration and the space systems that offer the great things that we see in today's world like GPS. Um, but a lot of that has come with some Asian infrastructure and technology, and what we're seeing as we go towards our next generation expects of inspiration is that we now want to ensure that were secured on all levels. And there's an acknowledgement that our space systems are just a susceptible to cyber attacks as our terrestrial assistance. We've seen a recent space, uh, policy Directive five come out from our administration, that that details exactly how we should be looking at the cyber principle for our space systems, and we want to prevent. We want to prevent a few things as a result of that of these principles. Spoofing and jamming of our space systems are not authorized commands being sent to those space systems, lots of positive control of our space vehicles on lots of mission data. We also acknowledge that there's a couple of frameworks we wanna adopt across the board of our space systems levers and things like our nice miss cybersecurity frameworks. eso what has been a challenge in the past adopted somebody Cyber principles in space systems, where there simply has been a skill gap in a knowledge gap. We hire our space engineers to do a few things. Very well designed space systems, the ploy space systems and engineer space systems, often cybersecurity is seen as a after thought and certainly hasn't been a line item and in any budget for our spaces in racing. Uh, in the past in recent years, the dynamic started to change. We're now now integrating cyber principles at the onset of development of these life cycle of space. Systems were also taking a hard look of how we train the next generation of engineers to be both adequate. Space engineers, space system engineers and a cyber engineers, as a result to Mrs success on DWI, also are taking a hard look at What do we mean when we talk about holistic risk management for our space assistance, Traditionally risk management and missing insurance for space systems? I've really revolved around quality control, but now, in recent years we've started to adopt principles that takes cyber risk into account, So this is a really exciting topic for me. It's something that I'm fortunate to work with and live with every day. I'm really excited to get into this discussion with my other panel members. Thank you. >>You Preston. Great insight there. Looking forward. Thio chatting further. Um, Clint Closure with a W. S now heading up. A director of aerospace and satellite Solutions, formerly Major General, Your opening statement. >>Thanks, John. I really appreciate that introduction and really appreciate the opportunity to be here in the Space and Cybersecurity Symposium. And thanks to Cal Poly for putting it together, you know, I can't help, but as I think to Cal Poly there on the central California coast, San Luis Obispo, California I can't help but to think back in this park quickly. I spent two years of my life as a launch squadron commander at Vandenberg Air Force Base, about an hour south of Cal Poly launching rockets, putting satellites in orbit for the national intelligence community and so some really fond memories of the Central California coast. I couldn't agree more with the theme of our symposium this week. The space and cyber security we've all come to know over the last decade. How critical spaces to the world, whether it's for national security intelligence, whether it's whether communications, maritime, agriculture, development or a whole host of other things, economic and financial transactions. But I would make the case that I think most of your listeners would agree we won't have space without cybersecurity. In other words, if we can't guaranteed cybersecurity, all those benefits that we get from space may not be there. Preston in a moment ago that all the threats that have come across in the terrestrial world, whether it be hacking or malware or ransomware or are simple network attacks, we're seeing all those migrate to space to. And so it's a really important issue that we have to pay attention to. I also want to applaud Cow Pauling. They've got some really important initiatives. The conference here, in our particular panel, is about developing the next generation of space and cyber workers, and and Cal Poly has two important programs. One is the digital transformation hub, and the other is space data solutions, both of which, I'm happy to say, are in partnership with a W. S. But these were important programs where Cal Poly looks to try to develop the next generation of space and cyber leaders. And I would encourage you if you're interested in that toe. Look up the program because that could be very valuable is well, I'm relatively new to the AWS team and I'm really happy Thio team, as John you said recently retired from the U. S. Air Force and standing up the U. S. Space force. But the reason that I mentioned that as the director of the aerospace and satellite team is again it's in perfect harmony with the theme today. You know, we've recognized that space is critically important and that cyber security is critically important and that's been a W s vision as well. In fact, a W s understands how important the space domain is and coupled with the fact that AWS is well known that at a W s security is job zero and stolen a couple of those to fax A. W. S was looking to put together a team the aerospace and satellite team that focus solely and exclusively every single day on technical innovation in space and more security for the space domain through the cloud and our offerings there. So we're really excited to reimagine agree, envision what space networks and architectures could look like when they're born on the cloud. So that's important. You know, talk about workforce here in just a moment, but but I'll give you just a quick sneak. We at AWS have also recognized the gap in the projected workforce, as Preston mentioned, Um, depending on the projection that you look at, you know, most projections tell us that the demand for highly trained cyber cyber security cloud practitioners in the future outweighs what we think is going to be the supply. And so a ws has leaned into that in a number of ways that we're gonna talk about the next segment. I know. But with our workforce transformation, where we've tried to train free of charge not just a W s workers but more importantly, our customers workers. It s a W s we obsessed over the customer. And so we've provided free training toe over 7000 people this year alone toe bring their cloud security and cyber security skills up to where they will be able to fully leverage into the new workforce. So we're really happy about that too? I'm glad Preston raised SPD five space policy Directive five. I think it's gonna have a fundamental impact on the space and cyber industry. Uh, now full disclosure with that said, You know, I'm kind of a big fan of space policy directives, ESPN, Or was the space policy directive that directed to stand up of the U. S. Space Force and I spent the last 18 months of my life as the lead planner and architect for standing up the U. S. Space force. But with that said, I think when we look back a decade from now, we're going to see that s p d five will have as much of an impact in a positive way as I think SPD for on the stand up of the space Force have already done so. So I'll leave it there, but really look forward to the dialogue and discussion. >>Thank you, gentlemen. Clint, I just wanna say thank you for all your hard work and the team and the people who were involved in standing up Space force. Um, it is totally new. It's a game changer. It's modern, is needed. And there's benefits on potential challenges and opportunities that are gonna be there, so thank you very much for doing that. I personally am excited. I know a lot of people are excited for what the space force is today and what it could become. Thank you very much. >>Yeah, Thanks. >>Okay, So >>with >>that, let me give just jump in because, you know, as you're talking about space force and cybersecurity and you spend your time at Vanderburgh launching stuff into space, that's very technical. Is operation okay? I mean, it's complex in and of itself, but if you think about like, what's going on beyond in space is a lot of commercial aspect. So I'm thinking, you know, launching stuff into space on one side of my brain and the other side of brain, I'm thinking like air travel. You know, all the logistics and the rules of the road and air traffic control and all the communications and all the technology and policy and, you >>know, landing. >>So, Major General Clint, what's your take on this? Because this is not easy. It's not just one thing that speaks to the diversity of workforce needs. What's your reaction to that? >>Yeah. I mean, your observation is right on. We're seeing a real boom in the space and aerospace industry. For all the good reasons we talked about, we're recognizing all the value space from again economic prosperity to exploration to being ableto, you know, improve agriculture and in weather and all those sorts of things that we understand from space. So what I'm really excited about is we're seeing this this blossom of space companies that we sort of referred to his new space. You know, it used to be that really only large governments like the United States and a handful of others could operate in the space domain today and largely infused because of the technological innovation that have come with Cyber and Cyrus Space and even the cloud we're seeing more and more companies, capabilities, countries, all that have the ability, you know. Even a well funded university today can put a cube sat in orbit, and Cal Poly is working on some of those too, by the way, and so it's really expanded the number of people that benefits the activity in space and again, that's why it's so critically important because we become more and more reliant and we will become more and more reliant on those capabilities that we have to protect him. It's fundamental that we do. So, >>Bucky, I want you to weigh in on this because actually, you you've flown. Uh, I got a call sign which I love interviewing people. Anyone who's a call sign is cool in my book. So, Bucky, I want you to react to that because that's outside of the technology, you know, flying in space. There's >>no >>rule. I mean, is there like a rules? I mean, what's the rules of the road? I mean, state of the right. I mean, what I mean, what what's going? What's gonna have toe happen? Okay, just logistically. >>Well, this is very important because, uh and I've I've had access thio information space derived information for most of my flying career. But the amount of information that we need operate effectively in the 21st century is much greater than Thanet has been in the past. Let me describe the environment s so you can appreciate a little bit more what our challenges are. Where, from a space perspective, we're going to see a new exponential increase in the number of systems that could be satellites. Uh, users and applications, right? And so eso we're going we're growing rapidly into an environment where it's no longer practical to just simply evolved or operate on a perimeter security model. We and with this and as I was brought up previously, we're gonna try to bring in MAWR commercial capabilities. There is a tremendous benefit with increasing the diversity of sources of information. We use it right now. The military relies very heavily on commercial SAT com. We have our military capabilities, but the commercial capabilities give us capacity that we need and we can. We can vary that over time. The same will be true for remote sensing for other broadband communications capabilities on doing other interesting effects. Also, in the modern era, we doom or operations with our friends and allies, our regional partners all around the world, in order to really improve our interoperability and have rapid exchange of information, commercial information, sources and capabilities provides the best means of doing that. So that so that the imperative is very important and what all this describes if you want to put one word on it. ISS, we're involving into ah hybrid space architectures where it's gonna be imperative that we protect the integrity of information and the cyber security of the network for the things most important to us from a national security standpoint. But we have to have the rules that that allows us to freely exchange information rapidly and in a way that that we can guarantee that the right users are getting the right information at the right. >>We're gonna come back to that on the skill set and opportunities for people driving. That's just looking. There's so much opportunity. Preston, I want you to react to this. I interviewed General Keith Alexander last year. He formerly ran Cyber Command. Um, now he's building Cyber Security Technologies, and his whole thesis is you have to share. So the question is, how do you share and lock stuff down at the same time when you have ah, multi sided marketplace in space? You know, suppliers, users, systems. This is a huge security challenge. What's your reaction to this? Because we're intersecting all these things space and cybersecurity. It's just not easy. What's your reaction? >>Absolutely, Absolutely. And what I would say in response to that first would be that security really needs to be baked into the onset of how we develop and implement and deploy our space systems. Um, there's there's always going to be the need to collect and share data across multiple entities, particularly when we're changing scientific data with our mission partners. Eso with that necessitates that we have a security view from the onset, right? We have a system spaces, and they're designed to share information across the world. How do we make sure that those, uh, those other those communication channels so secure, free from interception free from disruption? So they're really done? That necessitates of our space leaders in our cyber leaders to be joining the hip about how to secure our space systems, and the communications there in Clinton brought up a really good point of. And then I'm gonna elaborate on a little bit, just toe invite a little bit more context and talk about some the complexities and challenges we face with this advent of new space and and all of our great commercial partners coming into therefore way, that's going to present a very significant supply chain risk management problems that we have to get our hands around as well. But we have these manufacturers developing these highly specialized components for the space instruments, Um, that as it stands right now, it's very little oversight And how those things air produced, manufactured, put into the space systems communication channels that they use ports protocols that they use to communicate. And that's gonna be a significant challenge for us to get get our hands around. So again, cybersecurity being brought in. And the very onset of these development thes thes decisions in these life cycles was certainly put us in a best better position to secure that data in our in our space missions. >>Yeah, E just pick up on that. You don't mind? Preston made such a really good point there. But you have to bake security in up front, and you know there's a challenge and there's an opportunity, you know, with a lot of our systems today. It was built in a pre cyber security environment, especially our government systems that were built, you know, in many cases 10 years ago, 15 years ago are still on orbit today, and we're thankful that they are. But as we look at this new environment and we understand the threats, if we bake cybersecurity in upfront weaken balance that open application versus the risk a long as we do it up front. And you know, that's one of the reasons that our company developed what we call govcloud, which is a secure cloud, that we use thio to manage data that our customers who want to do work with the federal government or other governments or the national security apparatus. They can operate in that space with the built in and baked in cybersecurity protocols. We have a secret region that both can handle secret and top secret information for the same reasons. But when you bake security into the upfront applications, that really allows you to balance that risk between making it available and accessible in sort of an open architecture way. But being sure that it's protected through things like ITAR certifications and fed ramp, uh, another ice T certifications that we have in place. So that's just a really important point. >>Let's stay high level for a man. You mentioned a little bit of those those govcloud, which made me think about you know, the tactical edge in the military analogy, but also with space similar theater. It's just another theater and you want to stand stuff up. Whether it's communications and have facilities, you gotta do it rapidly, and you gotta do it in a very agile, secure, I high availability secure way. So it's not the old waterfall planning. You gotta be fast is different. Cloud does things different? How do you talk to the young people out there, whether it's apparent with with kids in elementary and middle school to high school, college grad level or someone in the workforce? Because there are no previous jobs, that kind of map to the needs out there because you're talking about new skills, you could be an archaeologist and be the best cyber security guru on the planet. You don't have to have that. There's no degree for what, what we're talking about here. This >>is >>the big confusion around education. I mean, you gotta you like math and you could code you can Anything who wants to comment on that? Because I think this >>is the core issue. I'll say there are more and more programs growing around that educational need, and I could talk about a few things we're doing to, but I just wanna make an observation about what you just said about the need. And how do you get kids involved and interested? Interestingly, I think it's already happening, right. The good news. We're already developing that affinity. My four year old granddaughter can walk over, pick up my iPad, turn it on. Somehow she knows my account information, gets into my account, pulls up in application, starts playing a game. All before I really even realized she had my iPad. I mean, when when kids grow up on the cloud and in technology, it creates that natural proficiency. I think what we have to do is take that natural interest and give them the skill set the tools and capabilities that go with it so that we're managing, you know, the the interest with the technical skills. >>And also, like a fast I mean, just the the hackers are getting educated. Justus fast. Steve. I mean e mean Bucky. What do you do here? You CIt's the classic. Just keep chasing skills. I mean, there are new skills. What are some of those skills? >>Why would I amplify eloquent? Just said, First of all, the, uh, you know, cyber is one of those technology areas where commercial side not not the government is really kind of leading away and does a significant amount of research and development. Ah, billions of dollars are spent every year Thio to evolve new capabilities. And a lot of those companies are, you know, operated and and in some cases, led by folks in their early twenties. So the S O. This is definitely an era and a generation that is really poised in position. Well, uh, Thio take on this challenge. There's some unique aspects to space. Once we deploy a system, uh, it will be able to give me hard to service it, and we're developing capabilities now so that we could go up and and do system upgrades. But that's not a normal thing in space that just because the the technical means isn't there yet. So having software to find capabilities, I's gonna be really paramount being able to dio unique things. The cloud is huge. The cloud is centric to this or architectural, and it's kind of funny because d o d we joke because we just discovered the cloud, you know, a couple years ago. But the club has been around for a while and, uh, and it's going to give us scalability on and the growth potential for doing amazing things with a big Data Analytics. But as Preston said, it's all for not if if we can't trust the data that we receive. And so one of the concepts for future architectures is to evolve into a zero trust model where we trust nothing. We verify and authenticate everyone. And, uh, and that's that's probably a good, uh, point of departure as we look forward into our cybersecurity for space systems into the future. >>Block everyone. Preston. Your reaction to all this gaps, skills, What's needed. I mean it Z everyone's trying to squint through this >>absolutely. And I wanna want to shift gears a little bit and talk about the space agencies and organizations that are responsible for deploying these spaces into submission. So what is gonna take in this new era on, and what do we need from the workforce to be responsive to the challenges that we're seeing? First thing that comes to mind is creating a culture of security throughout aerospace right and ensuring that Azzawi mentioned before security isn't an afterthought. It's sort of baked into our models that we deploy and our rhetoric as well, right? And because again we hire our spaces in years to do it very highly. Specialized thing for a highly specialized, uh, it's topic. Our effort, if we start to incorporate rhetorically the importance of cybersecurity two missing success and missing assurance that's going to lend itself toe having more, more prepared on more capable system engineers that will be able to respond to the threats accordingly. Traditionally, what we see in organizational models it's that there's a cyber security team that's responsible for the for the whole kit kaboodle across the entire infrastructure, from enterprise systems to specialize, specialize, space systems and then a small pocket of spaces, years that that that are really there to perform their tasks on space systems. We really need to bridge that gap. We need to think about cybersecurity holistically, the skills that are necessary for your enterprise. I t security teams need to be the same skills that we need to look for for our system engineers on the flight side. So organizationally we need we need to address that issue and approach it, um todo responsive to the challenges we see our our space systems, >>new space, new culture, new skills. One of the things I want to bring up is looking for success formulas. You know, one of the things we've been seeing in the past 10 years of doing the Cube, which is, you know, we've been called the ESPN of Tech is that there's been kind of like a game ification. I want to. I don't wanna say sports because sports is different, but you're seeing robotics clubs pop up in some schools. It's like a varsity sport you're seeing, you know, twitch and you've got gamers out there, so you're seeing fun built into it. I think Cal Poly's got some challenges going on there, and then scholarships air behind it. So it's almost as if, you know, rather than going to a private sports training to get that scholarship, that never happens. There's so many more scholarship opportunities for are not scholarship, but just job opportunities and even scholarships we've covered as part of this conference. Uh, it's a whole new world of culture. It's much different than when I grew up, which was you know, you got math, science and English. You did >>it >>and you went into your track. Anyone want to comment on this new culture? Because I do believe that there is some new patterns emerging and some best practices anyone share any? >>Yeah, I do, because as you talked about robotics clubs and that sort of things, but those were great and I'm glad those air happening. And that's generating the interest, right? The whole gaming culture generating interest Robotic generates a lot of interest. Space right has captured the American in the world attention as well, with some recent NASA activities and all for the right reasons. But it's again, it's about taking that interested in providing the right skills along the way. So I'll tell you a couple of things. We're doing it a w s that we found success with. The first one is a program called A W s Academy. And this is where we have developed a cloud, uh, program a cloud certification. This is ah, cloud curriculum, if you will, and it's free and it's ready to teach. Our experts have developed this and we're ready to report it to a two year and four year colleges that they can use is part of the curriculum free of charge. And so we're seeing some real value there. And in fact, the governor's in Utah and Arizona recently adopted this program for their two year schools statewide again, where it's already to teach curriculum built by some of the best experts in the industry s so that we can try to get that skills to the people that are interested. We have another program called A W s educate, and this is for students to. But the idea behind this is we have 12 cracks and you can get up to 50 hours of free training that lead to A W s certification, that sort of thing. And then what's really interesting about that is all of our partners around the world that have tied into this program we manage what we call it ws educate Job board. And so if you have completed this educate program now, you can go to that job board and be linked directly with companies that want people with those skills we just helped you get. And it's a perfect match in a perfect marriage there. That one other piece real quickly that we're proud of is the aws Uh restart program. And that's where people who are unemployed, underemployed or transitioning can can go online. Self paced. We have over 500 courses they can take to try to develop those initial skills and get into the industry. And that's been very popular, too, So that those air a couple of things we're really trying to lean into >>anyone else want to react. Thio that question patterns success, best practices, new culture. >>I'd like Thio. The the wonderful thing about what you just touched on is problem solving, right, And there's some very, very good methodologies that are being taught in the universities and through programs like Hacking for Defense, which is sponsored by the National Security Innovation Network, a component of the I you where I work but the But whether you're using a lien methodologies or design school principals or any other method, the thing that's wonderful right now and not just, uh, where I work at the U. The Space force is doing this is well, but we're putting the problem out there for innovators to tackle, And so, rather than be prescriptive of the solutions that we want to procure, we want we want the best minds at all levels to be able to work on the problem. Uh, look at how they can leverage other commercial solutions infrastructure partnerships, uh, Thio to come up with a solution that we can that we can rapidly employ and scale. And if it's a dual use solution or whether it's, uh, civil military or or commercial, uh, in any of the other government solutions. Uh, that's really the best win for for the nation, because that commercial capability again allows us to scale globally and share those best practices with all of our friends and allies. People who share our values >>win win to this commercial. There's a business model potential financial benefits as well. Societal impact Preston. I want to come to you, JPL, NASA. I mean, you work in one of the most awesome places and you know, to me, you know, if you said to me, Hey, John, come working JP like I'm not smart enough to go there like I mean, like, it's a pretty It's intimidating, it might seem >>share folks out there, >>they can get there. I mean, it's you can get there if you have the right skills. I mean I'm just making that up. But, I mean, it is known to be super smart And is it attainable? So share your thoughts on this new culture because you could get the skills to get there. What's your take on all this >>s a bucket. Just missing something that really resonated with me, right? It's do it your love office. So if you put on the front engineer, the first thing you're gonna try to do is pick it apart. Be innovative, be creative and ways to solve that issue. And it has been really encouraging to me to see the ground welcome support an engagement that we've seen across our system. Engineers in space. I love space partners. A tackling the problem of cyber. Now that they know the West at risk on some of these cyber security threats that that they're facing with our space systems, they definitely want to be involved. They want to take the lead. They want to figure things out. They wanna be innovative and creative in that problem solving eso jpl We're doing a few things. Thio Raise the awareness Onda create a culture of security. Andi also create cyber advocates, cybersecurity advocates across our space engineers. We host events like hacked the lad, for example, and forgive me. Take a pause to think about the worst case scenarios that could that could result from that. But it certainly invites a culture of creative problem solving. Um, this is something that that kids really enjoy that are system engineers really enjoyed being a part off. Um, it's something that's new refreshing to them. Eso we were doing things like hosting a monthly cybersecurity advocacy group. When we talk about some of the cyber landscape of our space systems and invite our engineers into the conversation, we do outweighs programs specifically designed to to capture, um, our young folks, uh, young engineers to deceive. They would be interested and show them what this type of security has to offer by ways of data Analytic, since the engineering and those have been really, really successful identifying and bringing in new talent to address the skill gaps. >>Steve, I want to ask you about the d. O. D. You mentioned some of the commercial things. How are you guys engaging the commercial to solve the space issue? Because, um, the normalization in the economy with GPS just seeing spaces impacts everybody's lives. We we know that, um, it's been talked about. And and there's many, many examples. How are you guys the D o. D. From a security standpoint and or just from an advancement innovation standpoint, engaging with commercials, commercial entities and commercial folks? >>Well, I'll throw. I'll throw a, uh, I'll throw ah, compliment to Clint because he did such an outstanding job. The space forces already oriented, uh, towards ah, commercial where it's appropriate and extending the arms. Leveraging the half works on the Space Enterprise Consortium and other tools that allow for the entrepreneurs in the space force Thio work with their counterparts in a commercial community. And you see this with the, uh, you know, leveraging space X away to, uh, small companies who are doing extraordinary things to help build space situational awareness and, uh, s So it's it's the people who make this all happen. And what we do at at the D. O. D level, uh, work at the Office of Secretary defense level is we wanna make sure that they have the right tools to be able to do that in a way that allows these commercial companies to work with in this case of a space force or with cyber command and ways that doesn't redefine that. The nature of the company we want we want We want commercial companies to have, ah, great experience working with d o d. And we want d o d toe have the similar experience working, working with a commercial community, and and we actually work interagency projects to So you're going to see, uh, General Raymond, uh, hey, just recently signed an agreement with the NASA Esa, you're gonna see interagency collaborations on space that will include commercial capabilities as well. So when we speak as one government were not. You know, we're one voice, and that's gonna be tremendous, because if you're a commercial company on you can you can develop a capability that solves problems across the entire space enterprise on the government side. How great is that, Right. That's a scaling. Your solution, gentlemen. Let >>me pick you back on that, if you don't mind. I'm really excited about that. I mentioned new space, and Bucky talked about that too. You know, I've been flying satellites for 30 years, and there was a time where you know the U. S. Government national security. We wouldn't let anybody else look at him. Touch him. Plug into, um, anything else, right. And that probably worked at the time. >>But >>the world has changed. And more >>importantly, >>um, there is commercial technology and capability available today, and there's no way the U. S government or national security that national Intel community can afford economically >>to >>fund all that investment solely anymore. We don't have the manpower to do it anymore. So we have this perfect marriage of a burgeoning industry that has capabilities and it has re sources. And it has trained manpower. And we are seeing whether it's US Space Force, whether it's the intelligence community, whether it's NASA, we're seeing that opened up to commercial providers more than I've ever seen in my career. And I can tell you the customers I work with every day in a W s. We're building an entire ecosystem now that they understand how they can plug in and participate in that, and we're just seeing growth. But more importantly, we're seeing advanced capability at cheaper cost because of that hybrid model. So that really is exciting. >>Preston. You know you mentioned earlier supply chain. I don't think I think you didn't use the word supply chain. Maybe you did. But you know about the components. Um, you start opening things up and and your what you said baking it in to the beginning, which is well known. Uh, premise. It's complicated. So take me through again, Like how this all gonna work securely because And what's needed for skill sets because, you know, you're gonna open. You got open source software, which again, that's open. We live in a free society in the United States of America, so we can't lock everything down. You got components that are gonna be built anywhere all around the world from vendors that aren't just a certified >>or maybe >>certified. Um, it's pretty crazy. So just weigh in on this key point because I think Clint has it right. And but that's gonna be solved. What's your view on this? >>Absolutely. And I think it really, really start a top, right? And if you look back, you know, across, um in this country, particularly, you take the financial industry, for example, when when that was a burgeoning industry, what had to happen to ensure that across the board. Um, you know, your your finances were protected these way. Implemented regulations from the top, right? Yeah. And same thing with our health care industry. We implemented regulations, and I believe that's the same approach we're gonna need to take with our space systems in our space >>industry >>without being too directive or prescriptive. Instance she ating a core set of principles across the board for our manufacturers of space instruments for deployment and development of space systems on for how space data and scientific data is passed back and forth. Eso really? We're gonna need to take this. Ah, holistic approach. Thio, how we address this issue with cyber security is not gonna be easy. It's gonna be very challenging, but we need to set the guard rails for exactly what goes into our space systems, how they operate and how they communicate. >>Alright, so let's tie this back to the theme, um, Steve and Clint, because this is all about workforce gaps, opportunities. Um, Steve, you mentioned software defined. You can't do break fix in space. You can't just send a technician up in the space to fix a component. You gotta be software defined. We're talking about holistic approach, about commercial talk about business model technology with software and policy. We need people to think through, like you know. What the hell are you gonna do here, right? Do you just noticed road at the side of the road to drive on? There's no rules of engagement. So what I'm seeing is certainly software Check. If you wanna have a job for the next millennial software policy who solves two problems, what does freedom looked like in space Congestion Contention and then, obviously, business model. Can you guys comment on these three areas? Do you agree? And what specific person might be studying in grad school or undergraduate or in high school saying, Hey, I'm not a techie, but they can contribute your thoughts. I'll >>start off with, uh, speak on on behalf of the government today. I would just say that as policy goes, we need to definitely make sure that we're looking towards the future. Ah, lot of our policy was established in the past under different conditions, and, uh, and if there's anything that you cannot say today is that space is the same as it was even 10 years ago. So the so It's really important that our policy evolves and recognizes that that technology is going to enable not just a new ways of doing things, but also force us to maybe change or or get rid of obsolete policies that will inhibit our ability to innovate and grow and maintain peace with with a rapid, evolving threat. The for the for the audience today, Uh, you know, you want some job assurance, cybersecurity and space it's gonna be It's gonna be an unbelievable, uh, next, uh, few decades and I couldn't think of a more exciting for people to get into because, you know, spaces Ah, harsh environment. We're gonna have a hard time just dud being able differentiate, you know, anomalies that occur just because of the environment versus something that's being hacked. And so JPL has been doing this for years on they have Cem Cem great approaches, but but this is this is gonna be important if you put humans on the moon and you're going to sustain them there. Those life support systems are gonna be using, you know, state of the art computer technology, and which means, is also vulnerable. And so eso the consequences of us not being prepared? Uh, not just from our national security standpoint, but from our space exploration and our commercial, uh, economic growth in space over the long term all gonna be hinged on this cyber security environment. >>Clint, your thoughts on this too ill to get. >>Yeah. So I certainly agree with Bucky. But you said something a moment ago that Bucky was talking about as well. But that's the idea that you know in space, you can't just reach out and touch the satellite and do maintenance on the satellite the way you can't a car or a tank or a plane or a ship or something like that. And that is true. However, right, comma, I want to point out. You know, the satellite servicing industry is starting to develop where they're looking at robotic techniques in Cape abilities to go up in services satellite on orbit. And that's very promising off course. You got to think through the security policy that goes with that, of course. But the other thing that's really exciting is with artificial intelligence and machine learning and edge computing and database analytics and all those things that right on the cloud. You may not even need to send a robotic vehicle to a satellite, right? If you can upload and download software defined, fill in the blank right, maybe even fundamentally changing the mission package or the persona, if you will, of the satellite or the spacecraft. And that's really exciting to, ah, lot >>of >>security policy that you've gotta work through. But again, the cloud just opens up so many opportunities to continue to push the boundaries. You know, on the AWS team, the aerospace and satellite team, which is, you know, the new team that I'm leading. Now our motto is to the stars through the cloud. And there are just so many exciting opportunities right for for all those capabilities that I just mentioned to the stars through the cloud >>President, your thoughts on this? >>Yes, eso won >>a >>little bit of time talking about some of the business model implications and some of the challenges that exists there. Um, in my experience, we're still working through a bit of a language barrier of how we define risk management for our space systems. Traditionally traditionally risk management models is it is very clear what poses a risk to a flight mission. Our space mission, our space system. Um, and we're still finding ways to communicate cyber risk in the same terms that are system engineers are space engineers have traditionally understood. Um, this is a bit of a qualitative versus quantitative, a language barrier. But however adopting a risk management model that includes cybersecurity, a za way to express wish risk to miss the success, I think I think it would be a very good thing is something that that we have been focused on the J. P o as we Aziz, we look at the 34 years beyond. How do >>we >>risk that gap and not only skills but communication of cyber risk and the way that our space engineers and our project engineers and a space system managers understand >>Clinton, like Thio talk about space Force because this is the most popular new thing. It's only a couple of nine months in roughly not even a year, uh, already changing involving based on some of the reporting we've done even here at this symposium and on the Internet. Um, you know, when I was growing up, you know, I wasn't there when JFK said, you know, we're gonna get to the moon. I was born in the sixties, so, you know, when I was graduating my degree, you know, Draper Labs, Lincoln Lab, JPL, their pipeline and people wasn't like a surge of job openings. Um, so this kind of this new space new space race, you know, Kennedy also said that Torch has been passed to a new generation of Americans. So in a way that's happening right now with space force. A new generation is here is a digital generation. It's multi disciplinary generation. Could you take a minute and share, uh, for for our audience? And here at this symposium, um, the mission of Space Force and where you see it going because this truly is different. And I think anyone who's young e I mean, you know, if this was happening when I was in college would be like dropping everything. I'm in there, I think, cause there's so many areas thio jump into, um, it's >>intellectually challenging. >>It's intoxicating in some level. So can you share your thoughts? >>Yeah. Happy to do that. Of course. I I need to remind everybody that as a week ago I'm formally retired. So I'm not an official spokesman for US forces. But with that, you know, it said I did spend the last 18 months planning for it, designing and standing it up. And I'll tell you what's really exciting is you know, the commander of, uh, US Base Force General J. Raymond, who's the right leader at the right time. No question in my >>mind. But >>he said, I want to stand up the Space Force as the first fully digital service in the United States. Right? So he is trying >>to bake >>cloud baked cybersecurity, baked digital transformational processes and everything we did. And that was a guidance he gave us every day, every day. When we rolled in. He said, Remember, guys, I don't wanna be the same. I don't wanna be stale. I want new thinking, new capabilities and I want it all to be digital on. That's one of the reasons When we brought the first wave of people into the space force, we brought in space operations, right. People like me that flew satellites and launch rockets, we brought in cyber space experts, and we brought in intelligence experts. Those were the first three waves of people because of that, you know, perfect synergy between space and cyber and intel all wrapped in >>it. >>And so that was really, really smart. The other thing I'll say just about, you know, Kennedy's work. We're going to get to the moon. So here we are. Now we're going back to the Moon Project Artemus that NASA is working next man first woman on the moon by 2024 is the plan and >>then >>with designs to put a permanent presence on the moon and then lean off to march. So there was a lot to get excited about. I will tell you, as we were taking applications and looking at rounding out filling out the village in the U. S. Space Force, we were overwhelmed with the number of people that wanted, and that was a really, really good things. So they're off to a good start, and they're just gonna accomplishment major things. I know for sure. >>Preston, your thoughts on this new generation people out there were like I could get into this. This is a path. What's your what's your opinion on this? And what's your >>E could, uh, you so bold as to say >>that >>I feel like I'm a part of that new generation eso I grew up very much into space. Uh, looking at, um, listen to my, uh, folks I looked up to like Carl Sagan. Like like Neil Tyson. DeGrasse on did really feeling affinity for what What this country has done is for is a space program are focused on space exploration on bond. Through that, I got into our security, as it means from the military. And I just because I feel so fortunate that I could merge both of those worlds because of because of the generational, um, tailoring that we do thio promote space exploration and also the advent of cybersecurity expertise that is needed in this country. I feel like that. We are We are seeing a conversions of this too. I see a lot of young people really getting into space exploration. I see a lot of young people as well. Um uh, gravitating toward cybersecurity as a as a course of study. And to see those two worlds colliding and converse is something that's very near and dear to me. And again, I I feel like I'm a byproduct of that conversion, which is which, Really, Bothwell for space security in the future, >>we'll your great leader and inspiration. Certainly. Senior person as well. Congratulations, Steve. You know, young people motivational. I mean, get going. Get off the sidelines. Jump in Water is fine, Right? Come on in. What's your view on motivating the young workforce out there and anyone thinking about applying their skills on bringing something to the table? >>Well, look at the options today. You have civil space President represents you have military space. Uh, you have commercial space on and even, you know, in academia, the research, the potential as a as an aspiring cyber professional. All of you should be thinking about when we when we When? When we first invented the orbit, which eventually became the Internet, Uh, on Lee, we were, uh if all we had the insight to think Well, geez, you know whether the security implications 2030 years from now of this thing scaling on growing and I think was really good about today's era. Especially as Clint said, because we were building this space infrastructure with a cyber professionals at ground zero on dso the So the opportunity there is to look out into the future and say we're not just trying to secure independent her systems today and assure the free for all of of information for commerce. You know, the GPS signal, Uh, is Justus much in need of protection as anything else tied to our economy, But the would have fantastic mission. And you could do that. Uh, here on the ground. You could do it, uh, at a great companies like Amazon Web services. But you can also one of these states. Perhaps we go and be part of that contingency that goes and does the, uh, the se's oh job that that president has on the moon or on Mars and, uh, space will space will get boring within a generation or two because they'll just be seen as one continuum of everything we have here on Earth. And, uh, and that would be after our time. But in the meantime, is a very exciting place to be. And I know if I was in in my twenties, I wanna be, uh, jumping in with both feet into it. >>Yeah, great stuff. I mean, I think space is gonna be around for a long long time. It's super exciting and cybersecurity making it secure. And there's so many areas defeating on. Gentlemen, thank you very much for your awesome insight. Great panel. Um, great inspiration. Every one of you guys. Thank you very much for for sharing for the space and cybersecurity symposium. Appreciate it. Thank you very much. >>Thanks, John. Thank you. Thank you. Okay, >>I'm >>John for your host for the Space and Cybersecurity Symposium. Thanks for watching.

from the cube studios in Palo Alto in Boston connecting with thought leaders all around the world this is a cube conversation hello and welcome to the cube conversation here in the Palo Alto studio I'm John four host of the cube we are here at the quarantine crew of the cube having the conversations that matter the most now and sharing that with you got a great guest here Phil Quaid was the chief information security officer of Fortinet also the author of book digital bing-bang which I just found out he wrote talking about the difference cybersecurity and the physical worlds coming together and we're living that now with kovat 19 crisis were all sheltering in place Phil thank you for joining me on this cube conversation so I want to get in this quickly that I think the main top thing is that we're all sheltering in place anxiety is high but people are now becoming mainstream aware of what we all in the industry have been known for a long time role of data cybersecurity access to remote tools and we're seeing the work at home the remote situation really putting a lot of pressure on as I've been reporting what I call at scale problems and one of them is security right one of them is bandwidth we're starting to see you know the throttling of the packets people are now living with the reality like wow this is really a different environment but it's been kind of a disruption and has created crimes of opportunity for bad guys so this has been a real thing everyone's aware of it across the world this is something that's now aware on everyone's mind what's your take on this because you guys are fighting the battle and providing solutions and we're doing for a long time around security this highlights a lot of the things in the surface area called the world with what's your take on this carbon 19 orton s been advocating for architectures and strategies that allow you to defend anywhere from the edge through the core all the way up to the cloud boom so with you know high speed and integration and so all the sudden what we're seeing not just you know in the US but the world as well is that that edge is being extended in places that we just hadn't thought about or our CV that people just hadn't planned for before so many people or telecommunication able to move that edge securely out to people's homes and more remote locations and do so providing the right type of security of privacy if those communications that are coming out of those delicate ears I noticed you have a flag in the background and for the folks that might not know you spent a lot of time at the NSA government agency doing a lot of cutting-edge work I mean going back to you know really you know post 9/11 - now you're in the private sector with Fortinet so you don't really speak with the agency but you did live through a time of major transformation around Homeland Security looking at data again different physical thing you know terrorist attacks but it did bring rise to large-scale data to bring to those things so I wanted to kind of point out I saw the flag there nice nice touch there but now that you're in the private sector it's another transformation it's not a transition we're seeing a transformation and people want to do it fast and they don't want to have disruption this is a big problem what's your reaction to that yeah I think what you're reporting out that sometimes sometimes there's catalysts that cause major changes in the way you do things I think we're in one of those right now that we're already in the midst of an evolutionary trend towards more distributed workforces and as I mentioned earlier doing so with the right type of security privacy but I would think what I think the global camp in debt endemic is showing is that we're all going to be accelerating that that thing is like it's gonna be a lot less evolutionary and a little bit more faster that's what happens when you have major world events like this being 911 fortunate tragedies it causes people to think outside the box or accelerate what they're already doing I think wearing that in that world today yeah it pulls forward a lot of things that are usually on the planning side and it makes them reality I want to get your thoughts because not only are CEOs and their employees all thinking about the new work environment but the chief information security officer is people in your role have to be more aware as more things happening what's on the minds of CISOs around the world these days obviously the pandemics there what are you seeing what are some of the conversations what are some of the thought processes what specifically is going on in the of the chief information security officer yeah I think there's probably a there's probably two different two different things there's the there's the emotional side and there's the analytic side on the emotional side you might say that some Caesars are saying finally I get to show how cyber security can be in an abler of business right I can allow you to to to maintain business continuity by allowing your workers to work from home and trying sustain business and allow you to keep paying their salary is very very important to society there's a very important time to step up as the seaso and do what's helpful to sustain mission in on the practical side you say oh my goodness my job's gotten a whole lot harder because I can rely less and less on someone's physical controls that use some of the physical benefits you get from people coming inside the headquarters facility through locked doors and there's personal congress's and personal identification authentication you need to move those those same security strategies and policies and you need to move it out to this broad eggs it's gotten a lot bigger and a lot more distributed so I want to ask you around some of the things they're on cyber screws that have been elevated to the top of the list obviously with the disruption of working at home it's not like an earthquake or a tornado or hurricane or flood you know this backup and recovery for that you know kind of disaster recovery this has been an unmitigated disaster in the sense of it's been unfor casted I was talking to an IT guy he was saying well we provisioned rvv lands to be your VPNs to be 30% and now they need a hundred percent so that disruption is causing I was an under forecast so in cyber as you guys are always planning in and protecting has there been some things that have emerged that are now top of mind that are 100 percent mindshare base or new solutions or new challenges why keep quite done what we're referring to earlier is that yep any good see so or company executive is going to prepare for unexpected things to a certain degree you need it whether it be spare capacity or the ability to recover from something an act of God as you mentioned maybe a flood or tornado or hurricane stuff like that what's different now is that we have a disruption who which doesn't have an end date meaning there's a new temporal component that's been introduced that most companies just can't plan for right even the best of companies that let's say Ronald very large data centers they have backup plans where they have spare fuel to run backup generators to provide electricity to their data centers but the amount of fuel they have might only be limited to 30 days or so it's stored on-site we might think well that's pretty that's a lot of for thinking by storing that much fuel on site for to allow you to sort of work your way through a hurricane or other natural disaster what we have now is a is a worldwide crisis that doesn't have a 30-day window on it right we don't know if it's gonna be 30 days or 120 days or or you know even worse than that so what's different now is that it's not just a matter of surging in doing something with band-aids and twine or an extra 30 days what we need to do is as a community is to prepare solutions that can be enduring solutions you know I have some things that if the absent I might like to provide a little color what those types of solutions are but that that would be my main message that this isn't just a surge for 30 days this is a surge or being agile with no end in sight take a minute explain some of those solutions what are you seeing whatever specific examples and solutions that you can go deeper on there yeah so I talked earlier about the the edge meaning the place where users interact with machines and company data that edge is no longer at the desktop down the hallway it could be 10 miles 450 miles away to where anyone where I'm telling you I'm commuting crumb that means we need to push the data confidentiality things out between the headquarters and the edge you do that with things like a secure secured tunnel it's called VPNs you also need to make sure that the user identification authentication this much is a very very secure very authentic and with high integrity so you do that with multi-factor authentication there's other things that we like that that are very very practical that you do to support this new architecture and the good news is that they're available today in the good news at least with some companies there already had one foot in that world but as I mentioned earlier not all companies had yet embraced the idea of where you're going to have a large percentage of your workforce - until a community so they're not quite so they're there they're reacting quickly to to make sure this edge is better protected by identification and authentication and begins I want to get to some of those edge issues that now translate to kind of physical digital virtualization of of life but first I want to ask you around operational technology and IT OT IT these are kind of examples where you're seeing at scale problem with the pandemic being highlighted so cloud providers etc are all kind of impacted and bring solutions to the table you guys at Foot are doing large scale security is there anything around the automation side of it then you've seen emerge because all the people that are taking care of being a supplier in this new normal or this crisis certainly not normal has leveraged automation and data so this has been a fundamental value proposition that highlights what we call the DevOps movement in the cloud world but automation has become hugely available and a benefit to this can you share your insights into how automation is changing with cyber I think you up a nice question for me is it allowed me to talk about not only automation but convergence so it's let's hit automation first right we all even even pre-crisis we need to be better at leveraging automation to do things that machines do best allow people to do higher-order things whether it's unique analysis or something else with a with a more distributed workforce and perhaps fewer resources automation is more important ever to automatically detect bad things that are about to happen automatically mitigating them before they get or they get to bad you know in the cybersecurity world you use things like agile segmentation and you use like techniques called soar it's a type of security orchestration and you want to eat leverage those things very very highly in order to leverage automation to have machines circum amount of human services but you also brought up on my favorite topics which is ot graceful technology though OTS you know are the things that are used to control for the past almost a hundred years now things in the physical world like electric generators and pipes and valves and things like that often used in our critical infrastructures in my company fort net we provide solutions that secure both the IT world the traditional cyber domain but also the OT systems of the world today where safety and reliability are about most important so what we're seeing with the co19 crisis is that supply chains transportation research things like that a lot of things that depend on OT solutions for safety and reliability are much more forefront of mine so from a cybersecurity strategy perspective what you want to do of course is make sure your solutions in the IT space are well integrated with you solutions in the OT space to the so an adversary or a mistake in cause a working to the crack in causing destruction that convergence is interesting you know we were talking before you came on camera around the fact that all these events are being canceled but that really highlights the fact that the physical spaces are no longer available the so-called ot operational technologies of events is the plumbing the face-to-face conversations but everyone's trying to move to digital or virtual eyes that it's not as easy as just saying we did it here we do it there there is a convergence and some sort of translation this new there's a new roles there's new responsibilities new kinds of behaviors and decision making that goes on in the physical and digital worlds that have to then come together and get reimagined and so what's your take on all this because this is not so much about events but although that's kind of prime time problem zooming it is not the answer that's a streaming video how do you replicate the value of physical into the business value in digital it's not a one-to-one so it's quite possible that that we might look back on this event to cover 19 experience we might look back at it in five or ten years and say that was simply a foreshadowing of our of the importance of making sure that our physical environment is appropriate in private what I mean is that with the with the rapid introduction of Internet of Things technologies into the physical world we're going to have a whole lot of dependencies on the thing inconveniences tendencies inconveniences on things an instrument our physical space our door locks or automobiles paths our temperatures color height lots of things to instrument the physical space and so there's gonna be a whole lot of data that's generated in that cyber in a physical domain increasingly in the future and we're going to become dependent upon it well what happens if for whatever reason in the in the future that's massively disruptive so all of a sudden we have a massive disruption in the physical space just like we're experiencing now with open 19 so again that's why it makes sense now to start your planning now with making sure that your safety and reliability controls in the physical domain are up to the same level security and privacy as the things in your IT delete and it highlights what's the where the value is to and it's a transformation I was just reading an article around spatial economics around distance not being together it's interesting on those points you wrote a book about this I want to get your thoughts because in this cyber internet or digital or virtualization of physical to digital whether it's events or actual equipment is causing people to rethink architectures you mentioned a few of them what's the state of the art thinking around someone who has the plan for this again is in its complex it's not just creating a gateway or a physical abstraction layer of software between two worlds there's almost a blending or convergence here what's your what's your thoughts on what's the state of the art thinking on this area yeah the book that I number of a very esteemed colleagues contribute to what we said is that it's time to start treating cybersecurity like a science let's not pretend it's a dark art that we have to relearn every couple years and what what we said in the in the digital Big Bang is that humankind started flourishing once we admitted our ignorance in ultimately our ignorance in the physical world and discovered or invented you can right word the disciplines of physics and chemistry and once we recognize that our physical world was driven by those scientific disciplines we started flourishing right the scientific age led to lots of things whether it would be transportation health care or lots of other things to improve our quality of life well if you fast forward 14 billion years after that cosmic Big Bang which was driven by physics 50 years ago or so we had a digital Big Bang where there was a massive explosion of bits with the invention of the internet and what we argue in the book is that let's start treating cybersecurity like a science or the scientific principle is that we ought to write down and follow a Rousseau's with you so we can thrive in the in the in a digital Big Bang in the digital age and one more point if you don't mind what we what we noted is that the internet was invented to do two things one connect more people or machines than ever imagined in to do so in speeds that were never imagined so the in the Internet is is optimized around speed in connectivity so if that's the case it may be a fundamental premise of cybersecurity science is make sure that your cyber security solutions are optimized around those same two things that the cyber domains are optimized around speed in integration continue from there you can you can build on more and more complex scientific principles if you focus on those fundamental things and speed and integration yeah that's awesome great insight they're awesome I wanted to throw in while you had the internet history lesson down there also was interesting was a very decentralization concept how does that factor in your opinion to some of the security paradigms is that helped or hurt or is it create opportunities for more secure or does it give the act as an advantage yeah I love your questions is your it's a very informed question and you're in a give me good segue to answer the way you know it should be answer yeah the by definition the distributed nature of the Internet means it's an inherently survivable system which is a wonderful thing to have for a critical infrastructure like that if one piece goes down the hole doesn't go down it's kind of like the power grid the u.s. the u.s. electrical power grid there's too many people who say the grid will go down well that's that's just not a practical thing it's not a reality thing the grades broken up into three major grades and there's AB ulis strategies and implementations of diversification to allow the grid to fail safely so it's not catastrophic Internet's the same thing so like my nipple like I was saying before we ought to de cyber security around a similar principle that a catastrophic failure in one partner to start cybersecurity architecture should result in cascading across your whole architecture so again we need to borrow some lessons from history and I think he bring up a good one that the internet was built on survivability so our cybersecurity strategies need to be the same one of the ways you do that so that's all great theory but one of the ways you do that of course is by making your cybersecurity solutions so that they're very well integrated they connect with each other so that you know speaking in cartoon language you know if one unit can say I'm about to fail help me out and another part of your architecture can pick up a slack and give you some more robust security in that that's what a connected the integrated cyber security architecture do for you yeah it's really fascinating insight and I think resiliency and scale are two things I think are going to be a big wave is going to be added into the transformations that going on now it's it's very interesting you know Phil great conversation I could do a whole hour with you and do a fish lead a virtual panel virtualize that our own event here keynote speech thanks so much for your insight one of things I want to get your thoughts on is something that I've been really thinking a lot lately and gathering perspectives and that is on biosecurity and I say biosecurity I'm referring to covet 19 as a virus because biology involves starting a lab or some people debate all that whether it's true or not but but that's what people work on in the biology world but it spreads virally like malware and has a similar metaphor to cybersecurity so we're seeing conversation starting to happen in Washington DC in Silicon Valley and some of my circles around if biology weapon or it's a tool like open-source software could be a tool for spreading cybersecurity Trojans or other things and techniques like malware spear phishing phishing all these things are techniques that could be deployed metaphorically to viral distribution a biohazard or bio warfare if you will will it look the same and how do you defend against the next covet 19 this is what you know average Americans are seeing the impact of the economy with the shelter in place is that what happens again and how do we prevent it and so a lot of people are thinking about this what is your thoughts because it kind of feels the same way as cybersecurity you got to see it early you got to know what's going on you got to identify it you got to respond to it time to close your contain similar concepts what's your thoughts on with BIOS we don't look with all due respect to the the the bio community let me make a quick analogy to the cyber security strategy right cyber security strategy starts with we start as an attacker so I parts of my previous career I'm an authorized had the opportunity to help develop tools that are very very precisely targeted against foreign adversaries and that's a harder job than you think I mean I think the same is true of anyone of a natural-born or a custom a buyer buyer is that not just any virus has the capability to do a lot of harm to a lot of people selling it so it's it's if that doesn't mean though you can sit back and say since it's hard it'll never happen you need to take proactive measures to look for evidence of a compromise of something whether it's a cyber cyber virus or otherwise you have to actively look for that you have to harm yourself to make sure you're not susceptible to it and once you detect one you need to make sure you have a the ability to do segmentation or quarantine very rapidly very very effectively right so in the cyber security community of course the fundamental strategy is about segmentation you keep different types of things separate that don't need to interact and then if you do have a compromise not everything is compromised and then lastly if you want to gradually say bring things back up to recover you can do some with small chunks I think it's a great analogy segmentation is a good analogy to I think what the nation is trying to do right now by warranty kneeing and gradually reopening up things in in segments in actually mention earlier that some of the other techniques are very very similar you want to have good visibility of where you're at risk and then you can automatically detect and then implement some some mitigations based on that good visibility so I agree with you that it turns out that the cyber security strategies might have a whole lot in common with biohazard I address it's interesting site reliability engineers which is a term that Google coined when they built out their large-scale cloud has become a practice that kind of mindset combined with some of the things that you're saying the cyber security mindset seemed to fit this at scale problem space and I might be an alarmist but I personally believe that we've been having a digital war for many many years now and I think that you know troops aren't landing but it's certainly digital troops and I think that we as a country and a global state and global society have to start thinking about you know these kinds of things where a virus could impact the United States shut down the economy devastating impact so I think Wars can be digital and so I may be an alarmist and a conspirators but I think that you know thinking about it and talking about it might be a good thing so appreciate your insights there Phil appreciated what one other point that might be interesting a few years back I was doing some research with the National Lab and we're looking for novel of cybersecurity analytics and we hired some folks who worked in the biology the bio the biomedical community who were studying a biome fires at the time and it was in recognition that there's a lot of commonality between those who are doing cybersecurity analytics and those reviewing bio biology or biomedical type analytics in you know there was a lot of good cross fertilization between our teams and it kind of helps you bring up one more there's one more point which is what we need to do in cybersecurity in general is have more diversity of workforces right now I don't mean just the traditional but important diversities of sex or color but diversity of experiences right some of the best people I've worked with in the cyber analytics field weren't computer science trained people and that's because they came in problems differently with a different background so one of the things that's really important to our field at large and of course the company my company fort net is to massively increase the amount of cyber security training that's available to people not just the computer scientists the world and the engineers but people in other areas as well the other degree to non-greek people and with that a you know higher level of cyber security training available to a more diverse community not only can we solve the problem of numbers we don't have enough cybersecurity people but we can actually increase our ability to defend against these things I have more greater diversity of thought experience you know that's such a great point I think I just put an exclamation point on that I get that question all the time and the skills gap is should I study computer science and like actually if you can solve problems that's a good thing but really diversity about diversity is a wonderful thing in the age of unlimited compute power because traditionally diversity whether it was protocol diversity or technical diversity or you know human you know makeup that's tend to slow things down but you get higher quality so that's a generalization but you get the point diversity does bring quality and if you're doing a data science you don't want have a blind spot I'm not have enough data so yeah I think a good diverse data set is a wonderful thing you're going to a whole nother level saying bringing diversely skill sets to the table because the problems are diverse is that what you're getting at it is it's one of our I'll say our platforms that we're talking about during the during the covered nineteen crisis which is perhaps there's perhaps we could all make ourselves a little bit better by taking some time out since we're not competing taking some time out and doing a little bit more online training where you can where you can either improve your current set of cybersecurity skills of knowledge or be introduced to them for the first time and so there's one or some wonderful Fortinet training available that can allow both the brand-new folks the field or or the the intermediate level folks with you become higher level experts it's an opportunity for all of us to get better rather than spending that extra hour on the road every day why don't we take at least you know 30 of those 60 minutes or former commute time and usually do some online soccer security treaty feel final question for you great insight great conversation as the world and your friends my friends people we don't know other members of society as they start to realize that the virtualization of life is happening just in your section it's convergence what general advice would you have for someone just from a mental model or mindset standpoint to alleviate any anxiety or change it certainly will be happening so how they can better themselves in their life was it is it thinking more about the the the experiences is it more learning how would you give advice to folks out there who are gonna come out of this post pandemic certainly it's gonna be a different world we're gonna be heightened to digital and virtual but as things become virtualized how can someone take this and make a positive outcome out of all this I I think that the future the future remains bright earlier we talked about sci-fi the integration of the cyber world in the physical world that's gonna provide great opportunities to make us more efficient gives us more free time detect bad things from happening earlier and hopefully mitigating those bad things from happening earlier so a lot of things that some people might use as scare tactics right convergence and Skynet in in robotics and things like that I believe these are things that will make our lives better not worse our responsibilities though is talking about those things making sure people understand that they're coming why they're important and make sure we're putting the right security and privacy to those things as these worlds this physical world and the soccer worlds converged I think the future is bright but we still have some work to do in terms of um making sure we're doing things at very high speeds there's no delay in the cybersecurity we put on top of these applications and make sure we have very very well integrated solutions that don't cause things to become more complex make make things easier to do certainly the winds of change in the big waves with the transformations happening I guess just summarize by saying just make it a head win I mean tailwind not a headwind make it work for you at the time not against it Phil thank you so much for your insights I really appreciate this cube conversation remote interview I'm John Ford with the cube talking about cybersecurity and the fundamentals of understanding what's going on in this new virtual world that we're living in to being virtualized as we get back to work and as things start to to evolve further back to normal the at scale problems and opportunities are there and of course the key was bringing it to you here remotely from our studio I'm John Ferrier thanks for watching [Music]

>> Live from San Francisco. It's the Cube covering artists. A conference twenty nineteen brought to you by for scout. >> Hey, Welcome back, everybody. Geoffrey here with the cue, We're at the arse. A >> conference in Mosconi. They finally finished The remodel. Looks beautiful in the rain is not coming in. Which is a good thing. We're excited. >> Have a next guests of many time Keep alumni. >> He's Sean Connery, the VP and GM of Security and Risk Business Unit at service now Song. Great to see you. It's great Sea again, Jeff. Thanks for having us. Absolutely. So it's been probably six months or so since we last talked What's been going on its service down the security space? >> Well, one of the things that's been most interesting is, as our customers have started to get into production now with the security capabilities as well as our risk capabilities there, realizing the benefits of having I t security and risk on the same platform. So when we were talking last time, we're talking a lot about, you know, security, hygiene, vulnerability, management, security incidents and that's all very much mainstream now on R and R install base. But now folks are saying, Wait a minute if I've got it. Data risk, data, compliance, data and security and vulnerability to it on the same platform. What kinds of things could I now do that >> I couldn't do before? Right? So what are they doing? >> Well, big thing they're doing is they're starting to manage risk in a holistic way by leveraging operational data on the platform. So if you think about the way risk tools have historically worked, you know, you're basically in what is essentially a glorified spreadsheet building dashboards for how to represent the various risks to your organisation. But if you think about what auditors and compliance people need to do there, essentially checking the state of all these compliance tasked throughout an organization. But it's essentially a survey. Like I'll ask you like, Hey, tell me about the data protection strategy for your application. You have to tell me while we're using crypto or we're not using krypto. The data is in this country. Well, all that date is already in service now. So how do you now automate? So we take all those mundane tasks around compliance and risk and be able to roll that up to clear, visible risk indicators manage that in a continuous way, what we call continuous monitoring for risk, which is just a brand new way to think about this problem, >> right? I'm curious how the changing of the assessment of the risk changes over time you've got the compliance stuff, which you just have to do, right? You have to check the box you've got, you know, kind of your business crown jewels. But then now we're seeing with kind of these nation state attacks and political attacks and sees things that aren't necessarily just trying to steal your personal information and not trying to steal your your your big money. But they're looking for other data that maybe you wouldn't have assigned an appropriate risk level in a time before because you were kind of really protecting the money and the and the and the obvious crown jewels. How >> does that >> how's that risk kind of profile continue to modify and change over time? >> I think that that's gonna be the state, uh, for you know, forever, right? The right profile. Going to continue to modify. I think what's important for security team's risk teams teams is to make sure they're actually using risk as we talked about last time. Is there North Star for guiding their security investments were here surrounded, like in the lion's den. All these security vendors, I was just walking the halls, all the startups that air, trying to do different things. And, you know, there's always gonna be another tool that somebody's going to want to sell you to solve a problem. But ultimately you need to be looking at the risks to your organisation. As you said, the evolving risk people shipped a cloud. You know, they deal with nation state attacks. They deal with, you know, whatever is going to come tomorrow. And how do you guide your security investments in favor of that? What we're seeing it service now is a renewed interest in hygiene and back to basics. How do I manage my vulnerabilities? Is my patch program effective? How am I dealing with exceptions and that? What's that channel to it? Because, as you know, almost everything about security was actually done by from an operational standpoint. So that channel of communication is something that we've been really heavily focused on. >> Yeah, it's a pretty state, As you say. We're surrounded by many shiny many bright, shiny lights, and people have something yourself. But you can't you can't buy your way out of this thing. You can't technology. You're way out of it. You can't hire out of it. So you really need to use a kind of a sophisticated strategy of integrated tools with the right amount of automation to help you get through this morass. >> Absolutely. And one of the ways we liketo help our customers think about >> this is, >> you know, your teams want to be focused on the interesting parts of their jobs. They came into the security industry because they want to help save the world right now, they watch some movie, they imagine some amazing role. And then when they get into the role, if they're dealing with mundane, you know, uh, fishing response. You know, vulnerability, prioritization. It just, you know, it takes the wind out of their sails, right? But if you can, if you can automate those mundane task using a digital work folk platform like service now, then suddenly free that time up so they could be focused on what you were just describing much more advanced attacks where you want creative humans. Sort >> of. This is so funny, right? It's almost like any type of a job like painting. You know the more time he spilled, spend prepping the house and sanding everything except painting better. The painting goes, and it's kind of the same thing here. It's the Boring is the mundane is applying the patches, as you said, but it's all of those things that make the exciting part when you get there. Now you can focus on real problems was just shoot, you know, we forgot to apply that match two weeks ago, >> you reminded me. I think my dad taught me a measure twice cut once that. S O s. Oh, it's absolutely right. So one way to think about that is that a concrete example is attack surface. So people, a lot of people on this hall are talking about your attack surface. What are the areas that can be attacked within your organization? Well, one of the best ways to reduce your attack surfaces to manage your vulnerability program in an effective way. Because if you can deal with patching much more efficiently patching the right assets the ones that have active exploits that are available, then suddenly you're inflow of incidents reduces, and then you automate the incidents that remain. And then suddenly you've got a mass the time savings versus If you just sort of scattershot said All right, T Max is going to work on vulnerabilities. Team wise, going toe workout incidents. They're really not gonna coordinate. And they're especially not gonna coordinate with tea. That's when things start to fall apart. >> Right. Right. So we're here in the Fourth Scout Booth. Um, so how long have you guys been working for Scout? How does how did the two systems work together? >> Yeah. So we've been working for Scott for awhile. We've actually got a number of integrations that are live on the surface now store. Uh, in fact, we have customers in production using for scout. So we really see, with force got in service now is a couple of things. First off, just on the asset management asset Discovery side of the house for Scott has a wealth of capabilities around giving us information about endpoint assets, whether they be traditional assets or coyote assets. And we can feed that directly into the seem to be our configuration management database. Right To help manage the overall assets within an organization that's sort of step one for Scout is a terrific partner to help pull that data in. And then the second thing we can do is we can men using the security capabilities inside service. Now we can trigger actions inside for scouts environment to then block re mediate, isolate. When we see something bad happening related to an incident or a vulnerability >> that we discover, right, I just can't help, but they're gonna know Asset management is eighty beady little piece of of the service now offering and all we hear about force. God just going in and finding out all kinds of stuff that you had out there that can. And I'm like, who found it first. You guys in the asset management or were the four scout sniffer? But I I imagine a lot of that stuff is not in your asset management system because it's things that people have just plugged in here and there and along the way. >> Yeah, well, we've got our we have a discovery capability is part of service now, which is which is fantastic. And that is primarily focused on server assets and the relationship between those server assets. So you want to understand, What is the total footprint of my AARP infrastructure? The load balancers, the network equipment, the servers. We can do that very, very well. What? What we really rely on coming like forced God to help us with is like you said, somebody plugged something in on the wireless network on the local network. You know, we don't know what it is. And for school can help us, you know? What is it? Where is it on DH that that information's changing so quickly that it really helped us out tohave having integrated solution. We've actually got Customersdata, Utah was in production now, with sixty thousand devices being managed with force got in service now working together, it's curious >> if you somehow integrate those back in and say, You know, it's not just me plugging in my phone, but it's actually something that needs to be more actively managed. If there's a discovery process there within service in ours, and it's mainly just temporary stuff, plug it in, plug it in and out, plug it in, plug it out. >> Yeah, I wouldn't think of the integrations with force got his temporary in anyway. It's just more. It's more dynamic environment so that our people are people are plugging systems in, you know, typically, you want to do that in an agent lis way, right? You don't want to have a heavyweight agent on the end point. And that's what force guys really known for discovering, analyzing what these devices are. And for us, the more incoming data we have into our CM, D B, the more valuable that is to our customers. And so we're really excited Team to do more with force. Go >> right. All right, I give you the last word. What priorities? For twenty nineteen. >> Prices for twenty nineteen is really to build on what we what we just announced. So Madrid are major service not released. Just hit today, right? Thanks. Thanks very much. We have exploit enrichments and our vulnerability system now so we can know, you know. Is there a phone? How How How critical is it? But also has it been exploited or not? Right. Is it publicly available? Exploit doesn't require local access, remote access so that we've done that on the security side. Wait. Did some continuous monitoring that we already talked about. But the big thing for us, that service now is mobile in twenty nineteen. Right? So big capability we announced, is native mobile capabilities. So essentially, we're positioning everyday work is the next killer out for mobile? Because, as you know, service now is all about Inter connecting all these various departments and making these classic processes digital work clothes. And now you can have that same sort of consumer grade mobile experience on your enterprise infrastructure. And so being able to build that out about all of our products and continue to drive Alodor customers are really excited about it. >> I just can't help But think of Fred coming out. I think it like twenty fifteen with, like, the first. I might be off by year to the first, You know, service now on mobile and the crowd went wild. >> It was awesome at the time. Right now, that was a that was a essentially a scaled down web capability. Right foot inside of a container. Now, this is Native mobile. So GPS face I d three d touch to use IOS. Examples are all capabilities you can expose in a code lis environment tio to developers so you could build a custom application custom workflow. And you don't have to know anything about how to code and the APC and get pushed down to users devices right away. >> Very good. Well, I think that's a good place to focus on. Right, Sean? Well, thanks for taking a few minutes to stop >> by course. Thanks, Tio. Pleasure. All right. He shot on. Jeff. You're watching the cube? Where are say in San Francisco? Thanks for watching. >> We'LL see you next time.

>> Announcer: Live from Las Vegas, it's theCUBE. Covering ServiceNow Knowledge 2018. Brought to you by ServiceNow. >> Welcome back to Las Vegas, everybody. This is theCUBE, the leader in live tech coverage and we're here at Knowledge18. This is our sixth CUBE at ServiceNow Knowledge. Jeff Frick is my co-host. Jeff when we started covering ServiceNow Knowledge I think it was under 4,000 people. >> The Aria. >> At The Aria, it was a very hip conference, but now we're talking about 18,000 people at K18. How ironic. Sean Convrey is here. He's the Vice President and General Manager of the ServiceNow Security Business Unit. Welcome back to theCUBE, it's good to see you again, Sean. >> It's great to be back. >> So you know I'm a huge fan of your security initiative because you focused what, in our opinion, is really the real problem which is response. You're going to get hacked, you're going to get penetrated. It takes almost a year to find out when somebody has infiltrated your organization, they're exfiltrating data. You guys are focused on that problem. So, really have a lot of hope for this business in terms of addressing some of those challenges. But, give us the update on the ServiceNow Security Business. >> Sure yeah, so the business is continuing to grow nicely. I think we released at the end of 2017 on our earnings report that security and the other emerging businesses met their aggressive sales targets from 2017. So, we're seeing, you know we're into the hundreds of customers stage now. We've got very mature customers that are deployed in production. I think almost 40% of our customer base is Global 2000 so that's one of the benefits of being on the ServiceNow platform is, we aren't perceived as a 1.0 or a 2.0, even though we've only been around for two years, you know people are thinking of us as an application on top of an already very stable platform. >> One of the things we talk about a lot, you and I have talked about is, what's the right regime for security? All to often it's the sec-ops problem, or it's an I.T. problem. You know, we preach that it's a team sport, it's everybody's problem, but when you extend into an organization from whatever ITSM, or whatever it is, to whom to you sell? Who are your constituents? Are they figuring out that right regime? Or is it really still the sec-ops team? >> Yeah, so there's two major use cases in the security operations product. One is focused on security incident response, and that we're definitely selling primarily to the SOC, to the security operations center. But, we have another growing use case on vulnerability response, which is more the proactive side where we're addressing, really just security good hygiene. How do you reduce the attack surface area in your environment by having less vulnerable software in your environment, and that has a very tight tie to I.T. Actually, they both have very tight ties to I.T. Because in almost all cases, I.T. and I.T. operations are the actual execution arm of whatever changes you need to make to your infrastructure in response to something bad happening. >> Right, it's funny because we were at RSA this year, we've gone for a couple years. 40,000 people, that's a crazy big conference, but a couple of really interesting things that came out this year. One is that, you're going to get penetrated, right, so just a whole change of attitude in terms of not necessarily assuming you won't be, but how are you going to react when you are? How are you going to find out? And the other thing that comes up time and time again when you hear about breaches is this hygiene issue. It's, somebody forgot to hit a switch, forgot to do a correct setting, forgot to do a patch, all these really kind of fundamental things that you need to do at a baseline to at least give you a chance to be able to put up a defense against these people. >> We actually just did a study with Ponemon Institute of nearly 3,000 security professionals focused in on this hygiene problem, on vulnerability response, and some of the stats are just staggering. 70% of respondents said security and I.T. don't have the same visibility into applications and systems. 55% said they spend more time coordinating a response among teams manually than they actually do in the act of patching itself. People are losing 12 days per update in manual coordination, because think about it, you've got not just I.T. and security, but you've got GRC team, you've got the business owner, you've got the application owner, it's not just two folks sitting down at the table, it's a huge team looking at a multi-hundred thousand long spreadsheet of vulnerabilities that they're trying to respond to. >> It's funny, we talk often, it's an often quoted stat, how many days have you been penetrated before you figure it out, but what's less talked about is what you just talked about, is once you find out, then what's the delay where you can start taking proactive action and start taking care of all of these things. That's just as complicated, if not more. >> That's what the study actually bore out. So, one of the things we did was, we broke the data up into those that had been breached and those that had not been breached, and it was about 50/50. But, the biggest difference between the ones that had had a breach in the last two years and the ones that didn't, is the ones that had not been breached self-reported they're vulnerability response program as 40% more effective than those that were breached. So, this hygiene thing this is just fundamental. Actually, my personal theory is, it's not as exciting and undertaking. It's much more fun to talk about how Thor'd the bad guy that was knocking at your front door, trying to find a way in. The sort of proactive, you know execution of a strategy to reduce your attack surface area is much less sexy. >> So, we've always talked about that magic number, or scary number, of the number of days that it takes a company to realize they've been penetrated. Whatever, it ranges from 225, I've seen them higher than 300 and it's a couple years in now, and I'm curious as to what kind of data you have within your customer base. Have you been able to compress that time, and as Jeff points out, even more importantly, have you been able to compress the response time? >> So there's two stats I'll give you. One is, for many organizations they had zero reporting within their own organization. So if they were trying to report out, they were in the land of spreadsheets and emails, so they couldn't tell you how big an impact it had. We actually commissioned a study with Forrester. They did a total economic impact, a TEI study, with our sec-ops customers and found out that the average reduction in their incident response time was 45% improvement, or 45% reduction in their response time, which is just dramatic. That's very meaningful to an organization, especially when there's a prediction of an almost two million cyber-security job shortfall in 2019. So there simply aren't the people to solve this problem, even if you could hire your way out of this. >> So what you would expect is if you could reduce that response time, obviously you're freeing up resource, and then hopefully you could create some kind of flywheel effect, in terms of improving the situation. It's early, but what have you seen there? >> That's exactly what we're seeing. So we're seeing people take the things that are painful and frequent and trying to automate those tasks so that they don't occur as often and require people's time. The analogy that I always use is, if you've watched a medical drama, you always see the doctor racing down the hallway, holding up an X-ray to the fluorescent lights and making a call, telling the nurse five milliliters of this or 10 milliliters of that. >> Stat, stat, stat. >> It's always stat. >> Whatever that means. >> They're saving the day right? They're saving the day. That's what a security person wants to feel like. They want to feel like they're making that insightful call, in the moment, and saving the day, but instead, they're the doctor, they're the nurse, they're the orderly, they're the radiologist, they're the administrative people. They have to play all those roles, and what security automation is really about is, let's take those mundane tasks that you don't like anyway, and get rid of them so you can focus on what truly matters. >> It's such an important piece because like I said, RSA, there's 40,000 people, ton of, ton of vendors, and the CISO cannot buy all those solutions, right? And for you guys, to find a place to fit where you can have nice ROI because you just can't buy it all and to me it's kind of like insurance. At some point you just can't buy more insurance, you can just buy and replace whatever it is that you're insuring, so it's a real interesting kind of dilemma, but you have to be secure. You don't want to be in the Wall Street Journal next week. >> Right. >> Tough challenge. >> It's a very tough challenge and the notion that you can find a product to buy for every problem you have is something that the security community, if you go to RSA, it feels that way, right? Like, "Oh I just need to buy another thing." But, organizations have on average 80 security tools already. So, the challenge is how do you actually reframe and think about prioritization in a different way? So we're actually seeing our customers start to take advantage of the governance risk and compliance capability, that are also part of ServiceNow to use risk as a North Star for their security investments rather than just saying, "Oh this is the latest attack so I need to go buy a thing "that stops that attack." Saying instead, what are my most valuable assets? What is the financial impact of a breach to those services? How do I invest accordingly? >> I was watching a CUBE interview, I think it was from KubeCon, John Furry was doing an interview, and the gentleman he was interviewing said, "The problem with security is for years, organizations "thought they could just buy some piece of technology, "install it, and solve the problem." Couldn't be further from the truth, right? So, describe what you're seeing as to those who are successful and best practice as to solving the problem. >> Sure, well that thinking you can buy your way out of the problem goes all the way back to the early days of firewalls. I mean, I remember earlier in my career trying to convince people that a firewall by itself wasn't enough. So we're seeing in organizations that are adopting best practices around response, is they're taking a much more structured approach to how they respond to the most common attacks. Things like, suspected phishing email, right? Processing a phishing email that's reported by an employee, by a user, takes anywhere from 15 to 20 minutes to check manually to see if it really is phishing or not. You know, with ServiceNow Security Operations we can automate that down to seconds and allow that time for an analyst to go back to focusing on maybe a more advanced attack that does require more human ingenuity to be applied. >> Right, the other thing that keeps coming up time and time again within the ServiceNow application and the platform, is you like having lots of different data sources to pull from. You like being kind of that automated overflow and workflow to leverage those investments for the boxes that they do have in the systems and all those things. You want to use them, but how do you get the most value out of those investments as well? >> Exactly, we're seeing that most organizations don't feel that they're getting the value out of the assets that they've already invested in as well. So, to steal one of our CEO's lines, he talks about this idea of one plus one plus one equals magic. The idea that if you can bring together the right pieces of information you can create this transformational outcome and I think with security technology, if we can bring the data and the insights together on a common platform that allows you to investigate in a more automated way, to draw on the insights that you need from the various systems, and then to respond in the right capacity at the right time, it's a completely different way of solving this problem that I think we are just beginning to explore. >> And a whole nother place to apply A.I. And machine learning down the road as well. So, you can start automating the responses at that tier, and a whole nother level of automation to get the crap that I don't need to pay attention to off my screen, so that I can focus on the stuff that's most important. >> Oh absolutely, I think the headroom in the response category of technology, we're just beginning to see what's going to be possible as we continue to go down this path. >> Can you talk about the ecosystem a little bit? Obviously it's critical. Just to be clear, ServiceNow it not trying to replace Palo Alto Networks, you know, or other security tools. You partner with those guys much in the same way as you're not trying to replace Workday and SAP and HR. Talk about that a little bit, the partner ecosystem, how that's growing and what role they play, where they leave off, and where you pick up. >> Absolutely. So, as you said, we're not in the business of building prevention technology, detection technology, we are all about taking the investments you've already made and bringing them together. So, we consider ourselves a neutral player in this market. We integrate with all sorts of different security technologies because again, the goal is, let's take all these insights that are already in the various pieces of infrastructure. You know, we had one of our customers onstage yesterday during our keynote describing swivel chair. This notion of, I'm swiveling from console to console to console and I'm burning time. If you can give me one place where I can bring that data together, it's really valuable. So, we're quite different than many other ServiceNow products in that, it's often not a human being that initiates the request. You know, a human says, "hey my laptop needs help," right? But, in security it's a third party tool that says, "Hey, go take a look at service X, we're seeing "some weird behavior there." >> So, staying on the ecosystem for a minute. You know, big space; security, crowded space. You were just at RSA. >> It was crazy. >> Crazy, tons of startups. When I talk to startups, in fact I was talking to one the other day, it's a phishing startup, guys out of the NSA doing some really interesting stuff. They got to place bets, small companies, and I'm like, "Have you seen what ServiceNow is doing? "It's kind of an interesting play. "You might be able to participate in "that ecosystem someway, somehow." Is it reasonable to think that startups actually can participate, how can they participate? Can they bring their innovation to you? Or are you really looking for established players with an installed base that you can draft off of? >> Sure, we're actually doing both right now. So, you can think about it, you know, being a new player in the security community, credibility is something we are always seeking to grow and develop over time. So, while we really like to integrate with the large, established security vendors that our customers expect us to integrate with, we also love talking to the innovative startups and integrating with them as well. So, we have a whole technology partner program that allows people to tie into the ecosystem. We have a whole business development team at my organization where we work actively with these companies to help them take best advantage of what integrating with ServiceNow can do. >> I think it's key. If you think about the innovation sandwich we often talk about, for years this industry has marched to the cadence of Moore's Law. It was doubling microprocessor speeds every two years that drove innovation. That was nice, that got us a long way, but seems like innovation today is a combination of data, applying machine intelligence, and cloud, cloud economics. And part of cloud economics you get, scale economies, zero marginal costs at volume, but it's also the ability to attract startups. We see that as critical for innovation. Do you agree? >> Yeah, absolutely. I think that the innovation we are seeing in the security world overall, I think is going to continue to grow, as you saw at RSA, there is always another several hundred vendors it seems like, that are out there. And I think we have, as an industry, toyed with the idea of a suite or consolidation. It's always been, next year is going to be this massive consolidation and it's never seemed to really happen and what I'm thinking is this notion of something like what security operations can do from ServiceNow, where you're sort of making a suite by building an abstractional error that integrates all the technology. So you get the benefits of a suite, while still being able to go best of breed with the individual technologies that you want. >> Yeah, consolidation of technologies and becoming safer every year. Those are two things that haven't happened. Hopefully Sean's ServiceNow can help us with that problem. Put a bow on Knowledge18. What's the takeaway? >> The takeaway for us is that security automation and security orchestration is now here, right? Two years ago, the conversation was "What is ServiceNow doing in security?" Now my conversations with customers are, "I understand, I'm looking at this market overall. "I see the value that it can provide to me." We've got customers on stage, we've got customers leading sessions that are talking about their own transformational experience. So I think the technology is here. Gardner has labeled this category: security orchestration, automation, and response. Which is big for the industry overall. So I think it's here now, and I think we've got a great capability tying into a common platform and of course tightly tying to I.T., where many of our 4,000 customers already are using ServiceNow. >> Who's your favorite superhero? >> Wolverine, no doubt. >> John: Alright, you know why I'm asking. (laughing) >> I don't know why you're asking. >> Oh come on, you're the one that told me that all security guys, when they're little kids, they dreamed about saving the world, so you've got to have a favorite superhero. >> Well, Wolverine's a pretty dark guy, I don't know that that works very well. >> Sells more movies. (laughing) Sean, thanks very much for coming on theCUBE. >> Thanks so much. >> Alright, keep it right there everybody. We'll be back with our next guest right after this short break. You're watching theCUBE live from ServiceNow Knowledge18. (upbeat music)