>> Announcer: Live from Berlin, Germany, it's theCUBE, covering NetApp Insight 2017. Brought to you by NetApp. (upbeat music) >> Welcome back to theCUBE's live coverage of NetApp Insight 2017, here in Berlin, Germany. I'm your host, Rebecca Knight, along with my co-host, Peter Burris. We are joined by Shelia Fitzpatrick, she is the Chief Privacy Officer of NetApp, and Paul Stringfellow who is a Technical Director at Gardner Systems. Shelia, Paul, thanks so much for joining us. >> Thank you. >> Thank you for inviting us. >> So, I want to talk about data privacy. The general data protection regulation, the EU's forthcoming laws, GDPR, are going to take effect in May of next year. They represent a huge fundamental change about the way that companies use data. Can you just set the scene for our viewers and explain what these changes mean? >> Sure, happy to. As you said, GDPR is the newest regulation, it will replace the current EU directive, goes into effect May 25th of 2018. It has some fundamental changes that are massively different than any other data privacy laws you've ever seen. First and foremost, it is a legal, compliance and business issue as opposed to a technology issue. It's also the first extra-territorial regulation, meaning, it will apply to any organization anywhere in the world, regardless of whether or not they have a presence in Europe. But if they provide goods and services to an EU resident, or they have a website that EU residents would go to to enter data, they are going to have to comply with GDPR, and that is a massive change for companies. Not to mention the sanctions, the sanctions can be equal to 20 million Euro or 4% of a company's annual global turnover, pretty phenomenal sanctions. There are a lot of fundamental changes, but those are probably the biggest right there. >> What are some of the biggest challenges that companies are... I mean, you talked about the threat of sanctions and just the massive implications of what companies need to do to prepare? >> To really prepare, as I'm talking to customers, they really need, unfortunately a lot of companies are just thinking about security. And they're thinking, well as long as we have encryption, as long as we have tokenization, as long as we're locking down that data, we're going to be okay. I'm saying, no. It first and foremost starts with building that legal compliance program. What does your data privacy program look like? What personal data are you collecting? Why are you collecting it? Do you have the legal right to collect it? Part of GDPR requires unambiguous, explicit, freely-given consent. Companies can no longer force or imply consent. A lot of times when you go on to websites the terms and conditions are so impossible to understand that people just tick the box (laughs). Well, under GDPR, that will no longer be valid because it has to be very transparent, very easily understandable, very readable. And people have to know what organizations are doing with their data. And it puts ownership and more control of data back into the hands of the data subject, as opposed to the organizations that are collecting data. SO those are some of the fundamental changes. For the Cloud environment, for instance, for a lot of big hyperscalers, GDPR now puts obligations on data processors which is very different from the current regulation. SO that's going to be a fundamental change of business for a lot of organizations. >> Now, is it just customers or is it customers and employees as well? >> It's customers, employees, suppliers, it's any personal data that an organization collects, regardless of the relationship. >> SO what does it mean? Does it mean that I'm renting your data? Does it mean that I, 'cause you now own it, it's not me owning it. >> I own it, that's right. >> What are some of the implications of how folks are going to monetize some of these resources? >> SO what it actually means is, as an organization that's collecting data, you have to have a legal and valid business reason for needing that data. SO part of GDPR requires what's called, data minimization. You should only be collecting the minimal amount of data you need in order to provide the service you're going to provide, or manage the relationship you're going to manage. And you are never, as an organization, the owner of that data, you're the data steward. I am giving you permission to use my data for a very specific reason. You can't take liberties with that data. You can't do, what I call, scope-creep which is, once you have the data, "Oh, I can do whatever I want "with that data," no you can't. Unless I have consented to it, you cannot use that data. And so, that is going to be a major change for organizations to deal with and it doesn't matter if it's your employee data, your customer data, your partner data, your alternative worker data, your supplier data. Whose ever data you have, you better be transparent about that data. >> Shelia, you haven't once mentioned technology. Paul, what does this mean from a technology perspective? >> I suppose it's my job to mention technology? >> As Shelia will tell you, the GDPR, it should not be driven by IT. Because it's not an IT problem, it's absolutely a legal and compliance issue. However, I think there's a technology problem in there. So for lots of things that Shelia is talking about, in terms of understanding your data, in terms of being able to find data, being able to remove data when you no longer need to use it, that's absolutely a technology problem. And I think, actually, maybe something you won't hear said very often, I'm a real fan of GDPR, I think a it's long overdue it's probably because Shelia's been beating me round the head for the last 12 months >> I have. >> about it. But, I think it's one of those things that's long overdue to all of us within enterprises, within business, who hold and look after data. Because what we've done, traditionally, is that we just collected tons and tons of data and we bought storage 'cause storage could be relatively cheap, we're moving things to the Cloud. And, we've got absolutely no control, no management, no understanding of what the data is, where it is, who has access to it? Does anybody even access it, I'm paying for it, does anybody even use it? And I think what this is, for me, if GDPR wasn't a regulatory thing that we had to do, I think it's a set of really good practices that, as organizations, we should be looking to follow anyway. And technology plays a small part in that, it will enable organizations to understand the data better, it will enable those organizations to be able to find information as and when they need it. When somebody makes a subject access request, how are you going to find that data without appropriate technology? And I think, first and foremost, it's something that is forcing organizations to look at the way they culturally look after data within their business. This is no longer about, "Let me just keep things forever and I won't worry about it." This is a cultural shift that says data is actually an asset in your business. And as Shelia actually mentioned before, and something I'll pinch in future, the data is not mine, I'm just the custodian of that data while you allow me to be so. So I should treat that like anything else I'm looking after on your behalf. SO I think it's those kind of fundamental shifts that will drive technology adoption, no doubt, to allow you to do that, but actually, it's much more of a cultural shift in the way that we think of data and the way that we manage data in our businesses. >> Well you're talking about it as this regulation that is long overdue, and it will cause this cultural shift. So what will be different in the way that companies do business and the way that they treat their customer data, and their customer's privacy? And their employee's privacy, too, as you pointed out? >> Well, and part of the difference is going to be that need for transparency. So companies are going to have to be very upfront about what they're doing with the data, as Paul said. You know, why are they collecting that data, and they need to think differently about the need for data. Instead of collecting massive amounts of data that you really don't need, they need to take a step back and say, "This is the type of relationship "I'm trying to manage." Whether it's an employment relationship, whether it's a customer relationship, whether it's a partner relationship. What is the minimum amount of information I need in order to manage that relationship? So if I have an employee, for instance, I don't need to know what my employee does on their day off. Maybe that's a nice thing to know because I think well, maybe we can offer them a membership to a gym because they like to work out? That's not a must-have, that's a nice-to-have. And GDPR is going to force must-haves. In order to manage the employment relationship I have to be able to pay you, I have to be able to give you a job, I have to be able to provide benefits, I have to be able to provide performance evaluations and other requirements, but if it's not legally required, I don't need that data. And so it's going to change the way companies think about developing programs, policies, even technology. As they start to think about how they're developing new technology, what data do they need to make this technology work? And technology has actually driven the need for more privacy laws. If you think about IoT, artificial intelligence, Cloud. >> Mobile. >> Absolutely. Great technology, but from a privacy perspective, the privacy was never a part of the planning process. >> In fact, in many respects it was the exact opposite. There were a whole bunch of business models, I mean if you think about it in the technology industry, there's two fundamental business models. There's the ad-based business model, which is, "Give us all your data "and we'll figure out a way to monetize it." >> Absolutely. >> And there's a transaction-based business model which says, "We'll provide you a service "and you pay us, and we promise to do something "and only something with your data." >> Absolutely. >> It's the difference between the way Google and Facebook work, and say, Apple and Microsoft work. SO how is this going to impact these business models in ways of thinking about engaging customers at least where GDPR is the governing model? >> Well, it is going to force a fundamental change in their business model. SO the companies that you mentioned, that their entire business model is based on the collection and aggregation of data, and in some cases, the selling of personal data. >> Some might say screwing you. >> Some might definitely say that, especially if you're a privacy attorney, you might say that. They offer fabulous services and people willingly give up their privacy, that's part of the problem, is that they're ticking the box to say, "I want to use Facebook, I want to use Twitter, "I want to use LinkedIn "because these are great technologies." But, it's the scope-creep. It's what you're doing behind the scenes that I don't know how you're using my data. SO transparency is going to become more and more critical in the business model and that's going to be a cultural, as Paul said, a cultural shift for companies that their entire business model's based on personal data. They're struggling because they're the companies that, no matter what they do, they're going to have to change. They can't just make a simple, change their policy or procedure, they have to change their entire business model to meet the GDPR obligations. >> And I think from, like Shelia says there, and obviously GDPR's very much around, kind of, private data. Well, the conversation we're having with our customers is, is a much wider scope than that, it is all of the data that you own. And it's important, I think, organizations need to stop being fast and loose with the information that they hold because not only is the private information about those people there that, you know, me and you, and that we don't want that necessarily leaked across the well to somebody who might look to exploit that for some other reason. But, that might be, business confidential information, that might be price list, it might be your customer list. And, at the moment, I think in lots of organizations we have a culture where people from top to bottom in an organization don't necessarily understand that. SO they might be doing something where, we had a case in UK recently where some records, security arrangements for Heathrow Airport were found on a bus. So somebody copied them to a USB stick, no encryption, somebody copied it to a USB stick, thought it was okay to take home and leave in the back of, probably didn't think it was okay to leave in the back of the taxi, but certainly thought it was okay to take that information home. And you look at that and think, well, what other business asset that that organization held would they have treated with such disdain, almost to say "I just don't care, this is just ones and zeroes, "why would I care about it?" It's that shift that I think we're starting to see. And I think it's that shift that organizations should have taken a long time ago. We talk to customers, and you hear of events like this all the time, data is the new gold, data is the new precious material of your choice. >> Which it really isn't. It really isn't, here's why I say that because this is the important thing and leads to the next question I was going to ask you. Every asset that's ever been conceived follows the basic laws in economic scarcity. Take gold, you can apply to that purpose, you can make connectors for a chip, or you can use it as a basis for making jewelry or some other purpose. But, data is fungible in so many ways. You can connect it and in many respects, we talked about it a little bit earlier, the act of making it private is, in many respects, the act of turning it into an asset. SO one of the things I want to ask you about, if you think about it, is that, there will still be a lot of net new ways to capture data that's associated with a product or service in a relationship. SO we're not saying that GDPR is going to restrict the role that data plays, it's just going to make it more specific. We're still going to see more IoT, we're still going to see more mobile services, as long as the data that's being collected is in service to the relationship or the product that's being offered. >> Yeah, you're absolutely right. I mean, one of the things that I always say is that, GDPR's intent is not stop organizations from collecting data, data is your greatest asset, you need data to manage any kind of relationship. But, you're absolutely right in what it's going to do is force transparency, so instead of doing things behind the scenes where nobody has any idea what you're doing with my data, companies are going to have to be extremely transparent about it and think about how it's being used. You talked about data monetization, healthcare data today is ten times more valuable than financial data. It is the data that all hackers want. And the reason is, is because you take even aggregate and statistical information through, say trial clinics, information that you think there's no way to tie it back to a person, and by adding just little elements to it, you have now turned that data into greater value and you can now connect it back to a person. SO data that you think does not have value, the more we add to it and the more, sort of, profiling we do, the more valuable that data is going to become. >> But it's even more than that, right? Because not only are you connecting it back to a person, you're connecting it back to a human being. Whereas financial data is highly stylized, it's defined, it's like this transaction defining, and there's nothing necessarily real about it other than that's the convention that we used to for example, do accounting. But, healthcare data is real. It ties back to, what am I doing, what drugs am I taking, why am I taking them, when am I visiting somebody? This is real, real data that provides deep visibility into the human being, who they are, what they face, and any number of other issues. >> Well, if you think about GDPR, too, they expanded the definition of personal data under GDPR. SO it now includes data, like biometric and genetic information that is heavily used in the healthcare industry. It also includes location data, IP information, unique identifiers. SO a lot of companies say, "Well, we don't collect personal data "but we have the unique identifiers." Well, if you can go through any kind of process to tie that back to a person, that's now personal data. SO GDPR has actually the first entry into the digital age as opposed to the old fashioned processing. Where you can now take different aspects of data and combine it to identify a human being, as you say. >> So, I got one more question. This is something of a paradox, sorry for jumping in, but I'm fascinated by this subject. Something of a paradox. Because the act of making data private, at least to the corporation, is an act of creating an asset, and because the rules of GDPR are so much more specific and well thought through than most rules regarding data, does it mean that companies that follow GDPR are likely, in the long run, to be better at understanding, taking advantage of, and utilizing their data assets? That's the paradox. Most people say, "I need all the data." Well, GDPR says, "Maybe you need to be more specific "about how you handle your data assets." What do you think, is this going to create advantages for certain kinds of companies? >> I think it absolutely is going to create advantages in two ways. One, I see organizations that comply with GDPR as having a competitive advantage. Because, number one it goes down to trust. If I'm going to do business with Company A or Company B, I'm going to do business with the company that actually takes my personal data seriously. But, looking' at it from your point of view, absolutely. As companies become more savvy when it comes to data privacy compliance, not just GDPR, but data privacy laws around the world, they're also going to see more of that value in the data, be more transparent about it. But, that's also going to allow them to use the data for other purposes, because they're going to get very creative in how having your data is actually going to benefit you as an individual. SO they're going to have better ways of saying, "But, by having your data I can offer you these services." >> GDPR may be a catalyst for increased data maturity. >> Absolutely. >> Well, I wanna ask you about the cultural shift. We've been talking so much about it from the corporate standpoint, but will it actually force a cultural shift from the customer standpoint, too? I mean, this idea of forcing transparency and having the customer understand why do you need this from me, what do you want? I mean, famously, Europeans are more private than Americans. >> Oh much so. As you've said, "Just click accept, okay, fine, "tell me what I need to know, "or how can I use this website?" >> Well, the thing is that, it's not necessarily from a consumer point of view, but I do think it's from a personal point of view from everybody. SO whether you work inside an organization that keeps data, that's starting to understand just how valuable that data might be. And just to pick up on something, that just to pop at something you were saying before, I think one of the other areas where this has business benefit is that that better and increased management and maturity, actually I think is actually a great way, that better maturity around how we look after our data, has huge impact. Because, it has huge impact in the cost of storing' it, if we want to use Cloud services why am I putting things there that nobody looks at? And then, looking at maintaining this kind of cultural shift that says, "If I'm going to have data in my organization, "I'm no longer going to have it on a USB stick "and leave it in the back of a cab "when it's got security information "of a global major airport on it. "I'm going to think about that "because I'm now starting to understand." And this big drive about, people starting to understand how the information that people keep about you has a potential bigger impact, and it has a potential bigger impact if that data, yeah, we've seen data breach, after data breach after data breach. You can't look at the news any day of the week without some other data breach and that's partly because, a bit like health and safety legislation, GDPR's there because you can't trust all those organizations to be mature enough with the way that we look after our data to do these things. SO legislation and regulations come across and said, "Well, actually this stuff's really important "to me and you as individuals, "so stop being fast and loose with it, "stop leaving it in the back of taxis, "stop letting it leak out your organization "because nobody cares." And that's driving a two-way thing, here, it's partly we're having to think more about that because actually, we're not trusting organizations who are looking after our data. But, as Shelia said, if you become an organization that has a reputation for being good with the way they lock their data, and look after data, that will give you a competitive edge alongside, actually I'm being much more mature, I'm being much more controlled and efficient with how I look after my data. That's got big impact in how I deliver technology and certainly, within a company. Which is why I'm enthusiastic about GDPR, I think it's forcing lots and lots of long-overdue shift in the way that we, as people, look after data, architect technology, start to think about the kind of solutions and the kind of things that we do in the way that we deliver IT into business and enterprise across the globe. >> I think one of the things, too, and Paul brought it up, is he mentioned security several times. And, as Paul knows, one of my pet peeves is when companies say, "We have world-class security, "therefore we're compliant with GDPR." And I go, "Really, so you're basically locking down data "you're not legally allowed to have? That's "what you're telling me." >> Like you said earlier, it's not just about having encryption everywhere. >> Exactly, and it's funny how many companies say "Well, we're compliant with GDPR "because we encrypt the data." And I go, "Well, if you're not legally allowed "to have that data, that's not going to help you at all." And, unfortunately, I think that's what a lot of companies think, that as long as we're looking at the security side of the house, we're good. And they're missing the whole boat on GDPR. >> It's got to be secure. >> It's got to be secure. >> But-- >> You got to legally have it first. >> Exactly. The chicken and the egg. >> But, what's always an issue with security, around data and the stuff that Shelia talked about is quite a lot, is that one of the risks you have, is you can have all the great security in the world but, if the right person with the right access to the right data has all the things that they should have, that doesn't mean that they can't steal that data, lose that data, do something with that data that they shouldn't be doing, just because we've got it secured. SO we need to have policies and procedures in place that allow us to manage that better, a culture that understands the risk of doing those kinds of things, and maybe, alongside technologies that identify, unusual use of data are important within that. >> Well, Paul, Shelia, thank you so much for coming on the show, it's been a fascinating conversation. >> Thank you very much, appreciate it. >> Yeah, thanks for having us on, appreciate it. >> I'm Rebecca Knight for Peter Burris, we will have more from NetApp Insight here in Berlin in just a little bit. (upbeat music)

>> Narrator: Live from Las Vegas, it's The Cube, covering NetApp Insight 2017, brought to you by NetApp. >> Welcome back to our live coverage. It's The Cube here in Mandalay Bay in Las Vegas. I'm John Furrier, the co-host and co-founder of SiliconANGLE Media, with Keith Townsend my co-host, CTO Advisor. Our next two guests is Sheila Fitzpatrick, the Chief Privacy Officer for NetApp, and Michael Archuleta, CIO HIPPA and Information Security Officer at San Rafael Hospital. Thanks for joining us. >> Thank you. >> Thank you very much. >> Great topic, privacy, healthcare, ransomware, all these hacks going on, although it's not a security conversation, it really is about how data is changing, certainly with the HIPAA, which has got a history around protecting data, but is that good? So, all kinds of hornets' nest of issues are going on. Michael, all for the good, right? I mean, everything's for the good but, at what point are things foreclosed, the role of the tech? What's your update on healthcare and the role of data, and kind of the state of the union? >> Yeah, absolutely. So, data right now, is one of those assets that's really critical in a healthcare organization. When you look at value-based care, on improvements, utilization of real-time data, it's really critical that we have the data in place. But the thing though is, data is also very valuable to hackers, so it is really a major problem that we're basically having in healthcare organizations, because right now, healthcare organizations are one of the most attacked sectors out there. I was basically stating that there's an actual poll out there that stated that 43% of individuals don't even know what ransomware is. And you figure, in healthcare organizations, we're really behind the curve when it comes to technology. So when you bring that into, and you say okay guys, what's ransomware, what's cyber security? What's a breach? Everyone's like, well I-- >> Malware, resilient things. >> I don't know what it is. So it becomes an issue, and the thing though is the culture has not been fully developed in organizations like healthcare, because we're so behind in the curves. But what we've been focusing a lot on, is employee cyber security awareness, kind of bringing in that culture, having individuals understand, because as you were stating too, I mean, healthcare information is 10-times, 20-times more valuable than a Social Security and a credit card, on the dark net right now. If you figure, PHI contains a massive amount of data, so it is very profitable, and these individuals go in, hack these systems, because of course, healthcare organizations are so easy to hack, they place it out on the dark net, you go out, you buy some Bitcoins, you can go and have some good identity theft going on. And I mean, we have a massive issue here in the States, with substance abuse, so if you want basically a script, or you want multiple scripts with different identities, go out there and purchase those specific things. So, it is a problem, and then on my standpoint is, imagine if this was your mother's, your father's, your grandma's, any family member's information. That's why data is so valuable, and it's so critical that we take care of the information as securely as possible, but it starts with the people, because I always say at the end of the day, our employees hold the keys to either letting the individuals stay out, or inviting them in. So it is a problem, absolutely. >> Sheila, I want to get your thoughts, 'cause obviously this segment here is why data privacy is always one of the top-five concerns for CXOs. And obviously, the tagline NetApp has for the show is "Change the World With Data". There's a lot of societal impacts going on. We're seeing it every day, in front of our eyes, certainly here in Vegas and then throughout the world, with hacks, Equifax just still in memory there. And there's going to be another Equifax down the road. The hackers are out there, lots of security concern. You've got developers that are getting on the front lines, getting closer to business, that's a trend in the tech business. Data privacy has always been important, but this means that there's a confluence of two things happening right now, that's really that collision course: technology and policy. Privacies and policy things that people spend a lot of time trying to get right, and for all the right reasons, but I'll make some assumptions here, and could foreclose and all penaltize them, put a penalty for the future. How should CEOs, COOs, CDOs, Chief Data Officers, chief everybody, they're all CXOs, think about privacy? >> Well I think it starts with the fundamental, and you're absolutely right, there's a real misperception out there, around privacy. And I always tell people, people that know me know that my pet peeve is when people say to me we have world-class security, therefore we're good on privacy. I literally want to slap them, because they're not the same thing. If you think about-- >> She's closer to John. >> Yeah, you better move that way. If you think about the analogy of the wheel, data privacy is that full life-cycle of the wheel. It's that data that you're collecting, from the time you collect it to the time you destroy it. It's the legal and regulatory requirements that say what you can have, what you can do with that data, obtaining the consent of the individual to have that data. Certainly, protecting that data is very important, that's one spoke on that wheel, but if you're only looking at encryption, that wheel's not going to turn, 'cause you're literally encrypting data you're not legally allowed to have. So if you think about the healthcare industry, where I absolutely agree, the data that you deal with is one of the most valuable data and sensitive data individuals can have, but often times, even healthcare organizations don't even know what they're collecting, or they're collecting data that maybe they don't necessarily need, or they only think about protecting that protected health information, but they don't think about the other personal data they collect. They collect information on your name, your phone number, your home address, dependent information, emergency contact. That's not protected health information. That's personal data that's covered under privacy laws. >> Here's the dilemma I want to ask you guys to react to, because this is kind of the reality as we see it on The Cube. We go to hundreds of events a year, talk to a lot of thought leaders and experts. You guys are on the field every day. Here's the dilemma: I need to innovate my business, I got to do a digital transformation. Data is the new competitive advantage. I got a surface data, not in batch basis, real-time, so I can provide the kinds of services in real-time, using data, at the same time that's an innovative, organic growing, fast-paced technological advancement. At the same time, I'm really nervous, because the impact of ransomware and some of these backlash events, cause me to go pause. So the balancing out between governance and policy, which could make you go slower, versus the let's go, move fast, break stuff, you know, let's go build some new apps. I want to go faster, I want to innovate for my business and for my customers, but I don't want to screw myself at the same time. How do you think about that? How do you react to that? And how do you talk to customers about that when they try to figure it out? >> So that's something, that's an area that I spend a lot of time talking out, 'cause I'm very fortunate that I get to travel the globe and I'm meeting with our customers all over the world. And those same issues, they want to adapt to new technology. They want to invest in the cloud, they want to invest in AI, in internet-of-things, but at the same time, I keep going back to, it's like building a house, you have to start with the ground floor. You have to build your privacy compliance program, and understand what data do you need in order to drive your business? What data do you need to sort your customers, your patients, your employees? Once you've determined that fundamental need and what your legal requirements are, that's when you start looking at technology. What's the right technology to invest in? You don't start that journey by deciding on technology and then fit the data in. You have to start with what the data is, and what you want to do with that data, what service you're trying to provide, and what the basics are, and then you build up. >> So foundationally, data is the initial building block. >> Absolutely. You don't build a house by starting with the second floor. If you start looking at tools and technology to begin with, that house is going to collapse. So you start with the data and then you build up. >> Michael, you're on the front lines, and the realities are realities. Your thoughts? >> Absolutely. So you know, you have some excellent points. The thing is, at the end of the day, I always say security at times is inconvenience. I mean, we add two-factor authentication, we add all these additional fundamentals in what we basically do, but the bottom line is we're trying to secure this data. There has to be security governance, to really focus on okay, this is the information you need. We need to kind of go through legal, we need to go through compliance, and we need to kind of determine that this is going to be ease-of-access for your group, and we need to make sure that we are keeping you secure as well too. The bottom line is innovation, of course, it won't do so much disruption, et cetera. It's absolutely amazing. You know, I love innovation, honestly, but we still have to have some governance, and focus on that in keeping it secure, keeping it focused, and having the right individuals really-- >> How do you tackle that as a team, with your team? It's cultural organizational behavior, or project management, product planning. How do you deal with the balance? >> Well at the end of the day, the CEO of NetApp basically states it starts from the top down. You really have to have a data-driven CEO that basically understands at least the fundamentals of cyber security, information technology, innovation, have those all combined and together and having that main focus of governance, so everyone has that full fundamentals of understandment, if that makes sense. >> Let's talk tech. You know, we've talked at the high level. I love it that you brought in the global conversation into this, you're taking a global view. We talked a little bit before the show, there's a mismatch in taxonomy. Here in the U.S., we're focused first on security, maybe, and then secondarily on this concept of PII, which really doesn't exist outside of the U.S. Now we have GDPR. Talk to us about the gap in understanding of GDPR, and what we consider as PII, here in the U.S., and where U.S. companies need to get to. >> Okay, that's a great question. So, the minute an individual talks about PII, you automatically go, U.S.-centric, understanding that you must operate in a purely domestic environment. The global term for personal data is personal data, it's not PII. There is a fundamental difference: in the U.S. there is a respect for confidentiality, but there's no real respect for privacy. When you talk about GDPR, that is the biggest overhaul in data protection laws in 25 years. It is going to have ramifications and ripple-effect across the globe. It is the first extra-territorial data privacy law, and under GDPR, personal data is defined as any piece of information that is identifiable to an individual, or can identify an individual either directly or indirectly. But more importantly, it has expanded that definition to include location data, IP address, biometric information, genetic information, location data. So if you have that data and you say well I can't really tie that back to a person, if you can go through any kind of technology process to be able to tie it back to a person, it is now covered under GDPR. So one of the concepts under GDPR is privacy by design. So it's saying that you have to think about privacy very similar to where we've always sat about security up front, when you're investing in new technology, when you're investing in a new program, you need to think about, going back to what I said earlier, what data do you need? What problem are you trying to solve? What do you absolutely have to have to make this technology work? And then, what is the impact going to be on personal data? So I absolutely agree, security is incredibly important, because you need to build a fortress around that data. If you haven't dealt with the privacy component of GDPR, and other data protection laws, security would be like me going down and robbing a bank, coming home and putting that money in the vault in my house, locking it up, and going that money's secure, no one can get to it. When the police come knocking on my door, they're not going to care that I have that locked in a vault. That's not my money. And you have to think about personal data the same way, and certainly healthcare information the same way. You need the consent of the individual, and you need to articulate what you're going to do with that data, be transparent. So the laws are not trying to inhibit or prohibit technology, they're just trying to get you to think about-- >> So Michael, as we think about this, how it impacts GDPR specifically, the healthcare industry talked to dinner about this a little bit. We're talking about medical records, doctors, medical professionals like to keep as much data as possible. Researchers want to get to as much data as possible. What are some of the ramifications or considerations at least, for the medical industry? >> Yeah, absolutely. So you know, on your standpoint there, as you stated, at the end of the day when we basically look and we focus on our security governance, we go over the same fundamentals as you are going. What information is basically needed to access that information for the patient? What is needed from the physician's standpoint? What is needed from the nurse's standpoint? Because the thing is, we don't just open it up to everyone, like on a coming in by different specific job functionalities, you know. We kind of prioritize and put different levels of this is the level of data this individual basically needs, versus this individual. And the thing is, the beauty about what we basically have focused on a lot too, is we developed the overall security governance committee that kind of focuses on the specific datas from HIPAA, high-tech, and the different laws that we're focused on in healthcare. And you know, we really have started focusing a lot on two-factor authentication with accessing information, so we're really utilizing some of those VASCO tokens, RSA tokens, with algorithm changes, et cetera. But at the end of the day, the thing is, the main focus is what information do you need? And the bottom line too is, it has to have that specific culture of understanding that cyber security and data is very important. And the thing is, on a physician's standpoint, they want access to everything, literally everything, and that's understandable, because these individuals are saving lives, but the thing is though, there has to be governance in place, and they have to have that understanding that this can be an issue moving forward. These are the potential problems of a breach that could basically happen, this is the information that you need. If there's more information that is needed, it will go through the security compliance governance committee. >> It's a hard job. They want the nirvana, they want the holy grail, they want everything right there. Thanks for coming on, appreciate making aware of the data, privacy issues. Sheila, thanks so much for coming on. >> Thank you. >> Michael, I'll give you guys the final word on how management teams and executives should align around this important objective? Because there's some inconvenience, it happening in the short term, but automation is coming, machine learning, all this great stuff is being promised. Looks good off the tee as they say in golf. But, the reality is that there's a lot of lip service out there. So the taglines, oh, we're strong on privacy. So, walking the talk is about having a position, not just the tagline or the talking points, having a positioning around it first, and getting an executive alignment. So final point: what's your advice to folks out there who either are thinking this through hard? Is it a matter of reducing choices, evaluation? What is your thoughts on how to attack and think about, and start moving the ball down the field, on privacy? >> Well that's a great question. I think certainly at NetApp, and as you mentioned earlier, our executive team, and certainly George Kurian, our CEO, absolutely has a philosophical belief in that fundamental right to privacy, and respects the fact that privacy is key to what we do. It has become a competitive advantage, almost in an accidental way, because we take it so seriously. It's a matter of balance. Absolutely, we need to take advantage of new technology. We're a technology company, we're building technology, but we also have to respect the fact that we operate around the world, and there are laws that we have to comply with, and those laws dictate what data we can and cannot have, and what we can do with that data. So it's that balance between data's our greatest asset, we need to protect it, it can also be our greatest detriment if we're not treating it in a respectful manner, and if we're not building technology that enables our customers to protect that fundamental right to privacy. >> Michael, from a management team perspective, obviously, have functioning with an alignment, implies a well-oiled machine. Now always the case these days. But how do you get there? What's your advice? >> You know, my advice is speak the language. CEOs, CFOs, administration, they basically don't want to hear this tech lingo at times, okay? Have them understand the basic fundamentals of what cyber security is, what it can do to the operations of an organization, what a breach can do financially to an organization. Really have those kind of put in place. Bring that story to the Board of Directors, have them kind of focusing on the fundamentals on this is why we're protecting our information, and this is why it is so critical to keep this information safe. Because the thing is, if you don't know how to tell the story, and if you don't know how to sell it, and really sell it to the point, you will not be successful-- >> That's a great point, Michael. And you know, we hear all the time too, the trend now is, IT has always been kind of a cost center. Security and data governance around privacy should be looked at not so much as a profit center, but as a, you could go out of business. So you don't treat it as maximizing your efficiency on costs, the effectiveness of privacy is a stay-in-business table stake. And that has an impact on revenue, so it's quasi-top line. >> Well absolutely. If you think about the sanctions under the new GDPR alone, you could have one data privacy violation that could, the sanction could be equal to four-percent of your annual global turnover. So it is something-- >> It's a revenue driver. >> It's a revenue driver. It's something you need-- >> It's a revenue saver. >> Yeah. Well for some companies-- >> It's a revenue saver. >> It's become a revenue driver. Yeah, absolutely. >> Most people think P&L, oh, the cost structure, profit center. If net profit, and then sales, this is a new dynamic where risk management actually is a profit objective. >> Absolutely. >> Absolutely. >> Guys, great topic. We should continue this back in California. >> I'd love to. >> Michael, thanks for coming on and sharing the CIO perspective. >> Thank you very much. >> Great content. It's The Cube, breaking it down here, getting all the data and keeping it public. That's our job is to make all our data public and sharing it on SiliconANGLE.com and TheCube.net. More live coverage here in Las Vegas, with NetApp Insight 2017, after this short break. (electronic theme music) >> Narrator: Calling all barrier-breakers: status quo-smashers.

>> [Announcer] Live from Berlin, Germany, It's The Cube, covering NetApp Insight 2017, brought to you by NetApp. >> We are wrapping up a day of coverage at NetApp Insight on The Cube. I'm Rebecca Knight, along with My cohost, Peter Burris. So, we've had a lot of great interviews here today. We've heard from NetApp executives, customers, partners about this company's transformation, and about what it's doing now to help other companies have a similar transformation. What have been some of your impressions of where NetApp is right now, and what it's saying? >> I think it starts with the observation that NetApp realized a number of years ago that if it was just going to be a commodity storage company, it was gonna have a hard time, and so NetApp itself went through a digital transformation to try to improve its understanding of how customers really engaged with it, how it could improve its operational profile's financial footprint, and the result of that was a company that, first off, was more competitive, but also that had learned something about digital transformation, and realized the relationship between the products that they were selling, the services that they were providing, the ecosystem they had that they could tap, been working with customers, and said, what is we took this knowledge, applied it to those things, what would we end up with? And so we now have a company that is still talking about products, but very much it's also talking about what businesses could do in day to day differently to effect the type of transformation that NetApp itself has been going through, and it's a compelling story. >> And you're describing this introspection that the company did, as you said, if we can't survive with our old business model, what can we do differently, and now eating it's own dog food, but then telling other companies about its story, and how its made changes. I mean, do you think NetApp is where it should be today? Are you pleased with the progress you've seen? >> Well that's one of the great challenges in the tech industry today, is nobody's quite sure where they should be. >> [Rebecca] There are no benchmarks. >> Because nobody's sure what's going on underneath them. So many years ago, in response to a reporter's questions about IBM, they said, well what do you think? Is IBM going to be successful at moving the aircraft, turning the aircraft carrier? And I said, you don't get it. IBM's problem is not that they're trying to turn the aircraft carrier, it's that they're trying to rotate the ocean, so that they could go straight, and everybody else's position would change, and that's a lot of what's happening in the technology industry today, as the people are turning, the ocean's being rotated, and there are a couple of companies, like AWS, that seem to have their fingerprint, or their finger on some of those changes. I'm not sure NetApp has that kind of a presence in the industry, but what is clear is that the direction that NetApp has taken is generating improved financial results, a lot better customer satisfaction, and it's putting them into position to play in the next round, so to speak, of competition in this industry, and in an industry that's changing this fast, that, all by itself, is a pretty good position to be in. >> Well, you know, and you're talking about the changing industry, and then also the changing employment needs that this company has in terms of getting people in their workforce who really understand, not just that data in an asset, which is what we keep hearing today, too, but really understanding how to capture the data, tease out the right insights from the data, and then deploy a strategy based on those insights that actually will create value to the business, whether that's acquiring new customers, or saving money, or earning new lines of business, too. >> Well, for example, we had a great conversation with Sheila Fitzpatrick about GDPR, this phenomenal conversation. Sheila is in charge of privacy at NetApp, and the decision that she drove was to not just to GDPR, NetApp have to GDPR here in Europe, but to GDPR across the entire company. Now two years ago, I don't know that a NetApp person would have come onto The Cube and talked about GDPR, but that is a problem, that is a challenge that every business is facing, and bringing somebody on that has made some really consequential decisions for a company like NetApp to be able to say, here's how other businesses need to think about GDPR, think about data privacy, is a clear example of NetApp trying to establish itself as a thought leader about data, and not just a thought leader about commodity storage. So I think there's a lot of changes that NetApp's gonna go through. They still are talking about on tap, they still are talking about HCI, they're talking about all the various flash products that they have, so that's still part of their conversation, but increasingly they're positioning those products, not in terms of price performance, but in terms of applications to the business based on the practical realities of data. >> And I also think we've heard a number of executives talk about NetApp having a more consultative relationship with its clients and partners, and really learning from them, how they're doing things, and then sharing the learnings at events like NetApp Insight, here, and just really on the ground more, working in partnership with these companies, too. >> Data is a physical thing, and I think a lot of people forget that. A lot of people just look at data and say, oh it's this ephemeral thing, it's out there, and I don't much have to worry about it, but physics is an issue when you're working with data. Adam Steltzner, Dr. Adam, the gentleman from NASA, he talked about the role that data science is playing in NASA Mars exploration, talked about the need to worry about sparse data, because they have dial up speeds to send data back from a place like Mars. They're working on problems, but when you start thinking in those terms, the physical limitations, the physical realities, the physical constraints of data become very real. GDPR is not a physical constraint, but it's a legal constraint, and it might as well be physics. If a company does something, we heard, for example, that there are companies out there, based on their practices and how they were hacked, would have found themselves facing $160 billion liability. >> [Rebecca] Yeah. >> Now that may not be physics, you know, I can only move so much data back from Mars, but that is a very real legal constraint that would have put those companies out of business if GDPR governance rules had been in place. So what's happening today is companies, or enterprises are looking to work with people who understand the very physical, practical, legal, and intellectual property realities of data, and if NetApp is capable of demonstrating that, and showing how you could turn that into applications, and into infrastructure that works for the business, then that is a great partner for any enterprise. >> Well do you think that other companies get it? I mean, the sense of where we are today? You use this example of GDPR, and how it really could have sent companies out of business if those rules had been in place, and they had been hacked, or suffered some huge data breach. Do you think that NetApp is setting itself up as the thought leader, and in many ways is the thought leader? Are there companies on the same level? >> No, they're not, and certainly there are a lot of tech companies that are moving in that direction, and that they're comparable with NetApp, and working both close with NetApp, and in opposition to NetApp, at least competitively, but the reality is that most enterprises are, how best to put this? Well, what I like to say is William Gibson, the famous author who coined the term cyberspace, for example, once said, the future's here, it's just evenly distributed. So there are pockets of individuals in every company who are very cognizant of these challenges, the physical realities of data, what it means, what role data actually plays, what does it mean to actually call data an asset? What's the implications on the business of looking at data as a asset? That's in place in pockets, but it's not something that's broadly diffused within most businesses, certainly not our client base, not the Wikibon angle client base, is certainly not broadly aware of some of these challenges. A lot of things have to happen over the course of the next few years for executives, and rank and file folks to comprehend the characteristics, or the nature of these changes, start to internalize, start to act in concert with the possibilities of data, as opposed to in opposition to the impacts of data. >> And those are the people who, we had guests on today just talked about the data resisters, because there are those in companies, maybe they're just an individual in a company, but that can have a real impact on the company's strategy of moving forward, deploying its data smartly. >> Yeah, absolutely, and we also had the gentleman from The Economist who made the observation that concerns about artificial intelligence impacts employment might be a little overblown. >> [Rebecca] Right, right. >> So a lot of those data resisters might be sitting there asking the question, what will be the impact of additional data on my job? And it's a reasonable question to ask, because if your business, we also talked about physicians. A radiologist, for example, someone who looks at x-rays has historically not been a patient facing person. They would sit in the back and look at the x-rays, they would write up the results, and they would give them to the clinician, who would actually talk to the patient. I, not too long ago, saw this interesting television ad where radiologists presented themselves as being close to the patient. Why? Because radiology is one of those disciplines in medicine that's likely to be strongly impacted by AI, because AI can find those patterns better than, often, a physician can. Now the clinician may be a little less effected by AI, because the patient is a human being that needs to have their hand held. >> [Rebecca] And their life is on the line. >> Their life is on the line. The healing and treatment is about whether or not the person is able to step up and heal themselves. >> [Rebecca] Right. >> So there's going to be this kind of interesting observation over the next few years. Folks that work with other people will use data to inform. Folks that work with machines, folks that don't work with other people, are likely to find that other machines end up being really, really good at their job. >> [Rebecca] Right. >> Because of the speeds of data, at the compactness of data, human beings just cannot respond to data as fast as a machine, but machines still cannot respond to people as well as people can. >> And they don't have empathy. >> And they don't have empathy, so if I were to make a prediction, I would say that, in the future, if your job is more tied to using machines, yeah, you got a concern, but if your job is tied to working with people, your job is gonna be that much more important, and increasingly, the people that are working with machines are gonna have to find jobs that have them work with other people. >> Right, right. Well it's been a great day. It's fun to work with you. This is our first time together on The Cube. It was a great day. >> Well The Cube is a blast. >> The Cube is a blast. It's a constant party. I'm Rebecca Knight for Peter Burris, this has been NetApp Insight 2017 in Berlin. We will see you next time.

(light adventurous music) >> Hello everyone, welcome to theCUBE Studios here in Palo Alto. I'm John Furrier, the co-host of theCUBE, co-founder of SiliconANGLE Media. This is our CUBE Conversation Thought Leader Thursday and I'm here with Val Bercovici, who's the founder and CEO of a new startup called PencilDATA. Val, CUBE alumni, been on many times with NetApp and then a variety of other great startups, but now you're doing your own thing around cryptocurrency, blockchain, enterprise-like technical infrastructure. You've been a CTO, now entrepreneur, founder and CEO of PencilDATA. Congratulations, you're on the crypto wave, this wave is coming. >> I believe it's here. >> It's here. >> Timing couldn't be better. >> So, I interviewed Dr. Jian Wang who's the chairman of Alibaba's technology steering committee, also the founder of Alibaba Cloud, just recently in China. Presented by Intel, plug for Intel there, thanks Intel for supporting theCUBE. He said to me, and I put the clip out on Twitter, natively on the video clip, which was, I asked him about blockchain, you know China, they blocked the ICOs, he said, "Blockchain is fundamental, part of the Internet. "It's as fundamental as TCP/IP was." This is the nuance that is attracting a lot of tier one entrepreneurs. Obviously the money side is hyped up beyond all recognition right now. As Don Klein on our team was saying, "It's melting up in terms of hype." But this really speaks to the transformation of the web, and the Internet now, the web is the Internet, from distributed and decentralized. This is a big sea change. Kind of building on the fundamentals of the internet, formerly called the information superhighway, before the web came along, but the web was designed to withstand nuclear disaster, be resilient, be decentralized. >> It reminds me of Back to the Future in many, many ways, because if you're as old as we are, you remember those DARPA origins of the Internet and exactly that decentralized nature, and we've gone away from that, right? As Tim Berners-Lee brought on the HTTP protocol, we've had web protocols, and as major, the FANG vendors have really dominated their usage of that existing layer of technology we've gone away, we've gone to a very, very centralized approach, which as we're seeing with the tech hearings this week, carries all sorts of risks, it's not just business and legal and political. >> And you're referring to the senate hearings, where Facebook, Google, or Alphabet, and Twitter were in front of the senate committee, you're going to tell them about the Russians, the Russian political thing, but they're bringing up the issue of the role of these mega platforms that have all this data and the problem is that this is not what the users bargained for. I mean, I use Facebook as a free app, I love Facebook, Facebook, we love you, WhatsApp here and there, and Instagram, but you know, my bargain was simple. I'll use your free app and I'll let you use some of my data but now you're making billions, $10 billion quarter, fake news has infiltrated the country, I have a poor user experience every day, it's getting worse and worse, a lot of hate and division. This is not what I bargained for. >> Val: Exactly. >> So the world's kind of revolting against these mega-siloed platforms. >> That's the risk of having such centralized control of the technology. If you remember in the old days when Microsoft's dominance was rising, all you had to do was target Windows as a virus platform and you're able to impact thousands of businesses, even in the early Internet days, within hours. And it's the same thing happening right now, there's a weaponization of these social media platforms and Google's search engine technology and so forth. It's the same side effect now, the centralization of that control is the problem. One of the reasons I love the blockstack technology, and blockchain in general is the ability to decentralize these things right now, and the most passionate thing I care about nowadays is being driven out of Europe, where they have a lot more maturity in terms of handling these new scenarios. >> You mean the tech being driven out of Europe. >> The laws. >> The laws, okay. >> Being driven out of Europe. >> Be specific, we'd like an example. >> The major deadline that's coming up in May 25th of 2018 is GDPR, General Data Protection Regulation, where European citizens now in any company, American or otherwise, catering to European citizens, has to respond to things like the right to be forgotten request. You've got 24 hours, as a global corporation with European operations, to respond to European citizens', EU citizens', right to be forgotten request, where all the personally identifiable information, the PII, has to be removed and an audit trail, proving it's been removed, has to be gone from two, three hundred internal systems within 24 hours. And this has teeth by the way, it's not like the $2.7 billion fine that Google just flipped away casually, this has up to 4% of your global profits per incident where you don't meet that requirement. >> Well you bring up a good point, the GDPR is a good one, it has teeth and it's kind of in the weeds with the folks who might not know that regulation, but really it's about the privacy and the rights of the individual. But coming back to Facebook, to connect another dot is, what we're seeing with Facebook, Twitter, and Alphabet with the senate hearings is, and this is why the industry and the media is crumbling, publications are dying, the newspapers, the media's changing, is because knowing your customer is a really important thing. The people who want to be served need to have a closed loop with the publication, and these platforms are bogarting all the data, and so the right of the customer, the users are suffering, and that's what people are generally talking about. You know, personally, a guy can rent a truck and go mow people down in Manhattan, we should know who these people are, like the neighbors, so I think there's going to be a trend towards knowing who your neighbor is, knowing who the customers are, at a level that's not scary privacy violation, but we're going to know who the crazies are, we're going to know what's going on and then that's kind of out there, that's kind of my general feeling. But now, getting back to the impact. GDPR, these big mega platforms where the users are at the center of the value proposition, really comes down to the shift in user expectations around a decentralized Internet. That means agile goes to a whole other level. If I'm a user and I say, "Hey Facebook, "delete my digital exhaust or digital footprints "from Facebook over the past 10 years." I mean, that's hard to do. >> That's hard for them. >> That's not, technically is a really serious problem. >> And it's actually not just a technology challenge, I always love to go back to Conway's Law in these discussions, the org chart, you know, how information, infrastructure is budgeted for, and managed through various different departments within any large enterprise, data-savvy or not, is a challenge, as is coordinating these efforts, actually going beyond the talking phase, towards implementing a master data model. Those are the main challenges right now, and it's a movement that I believe now has political strength to actually migrate across the pond. Over here as well there's a groundswell movement called Digital Sovereignty as a response to GDPR in Europe, where people are realizing that they have the right to be sovereign over their data, their digital exhaust, their digital footprints online and that's a two-way street. You want and demand control over your data, but on the other hand your identity, which you control, has to be authentic as opposed to a fake identity, and your reputation has to be out there as well. >> These signals and these trends you were just referring to, to me are just like little tremors of the tectonic plates that are going to be changing, because if you look at the major shift in technology, let's take blockchain for instance, and look at the impact of a decentralized internet, now global, immutability with the ability now for more agile capability and not just permanent, "I want to erase things" that you're talking about, but three, the younger generation, if we look at what the young kids are doing, I have four kids, my oldest is 22, it's a gaming culture, right? It's a gaming culture, they're online all the time. They're not old like us, my son's like, "Dad, Google Search is for old people." I mean, that's a general sentiment, over-categorizing, but a combination of the new user experience, this younger generation, entrepreneurs and users, and these tremors we're seeing in the marketplace, signaling that, "hey Facebook, you might be too big for your britches," or, "hey Twitter, you got a bot problem, "hey all you gamers using Twitch," this is now a signal, where is it leading to? And where does blockchain in particular impact it? Because this is kind of where everything's converging to. >> So what I'd like to say right now is, you've got Marc Andreessen's premise that software is eating the world. If you extend that, data is feeding it, blockchain is valuing it, and it's AI that's automating it. So in my mind, particularly in my experience earlier this year in the AI industry, you realize that AI today really boils down to machine learning, which in itself boils down to deep learning, which boils down to data, your access to data. Professor Andrew Wang did this at the recent O'Reilly conference up in the city, he got up and lectured as the keynote instead of sharing slides and his number one, two, and three advice to everyone in the audience was, get the right datasets to train your model. If you don't have that you don't have a differentiated business, and that's what inspired PencilDATA, is my encountering of the cold start AI problem where the IP's in a public domain, public datasets are ubiquitous which is fantastic for academics, but as a business you can't differentiate unless you have access to the right datasets to train your models more specifically. >> Okay, as the founder and CEO of PencilDATA, that's your new startup, let's get into some of the reasons why you're starting it. What problem are you attacking? Obviously a pencil, I can see pencil and you erase things, it's got data... >> The internet is no longer written in ink, that's the premise. Now with Pencil you can erase some data. >> Well blockchain is immutable, so this is conflicting in my mind. Help me kind of rationalize this. The benefit of blockchain is everything's permanent, if you're on-chain as they say. >> Exactly. >> If you're off-chain, you could do some things. Is that kind of what we're getting at? >> We're mixing the best of both. So our premise is that again, whether you're an organization or an individual, you need to have, to survive in a new digital economy, control over your data. The blockchain part of it is the visibility side. If you don't know who's doing what to your data, you're far less likely to share it. And once you know who's doing what to your data, in an immutable blockchain, with a detailed audit trail, with strong authentication, of literally who's doing what to your data, gives you that visibility. Then you do what modern asset managers do. You can't really value an asset until you fully control it. And our premise is, you can't control something until you can take it back. So the notion of PencilDATA is the ability to go on-chain for the visibility and off-chain for managing data in encrypted containers, and if a data owner or publisher doesn't like how the subscriber's consuming their data, they have the power to revoke all downloaded copies. >> So is this kind of like a shadow blockchain model? I'm trying to find a mental model because I remember the old days back, I was breaking into the industry in the late '80s, early '90s, WORM drives, write once, read many. And you write it once, it's a laser, it was optical drives at the time. Also, demilitarized zones in networking was an area where there was a safe harbor kind of thing, where people could play around. What metaphor, what mental model can people take away from some of the things that you're trying to solve? Is it like a DMZ, is it like a-- >> The implementation's a lot like a DMZ and the business challenge and opportunity is that there's a lot of tension between protecting data, because we have an epidemic of data breaches right now, I think you're foolish if you're assuming that you haven't been breached yet but you might be, because everyone has been breached, personally and organizationally, so we have to deal with the rising need to protect data more and more. But at the same time, you can't stay in business if you don't optimize the monetization of the data you have. And so PencilDATA walks that fine line between letting you do both, letting you not just protect infrastructure, that's a whole other industry that we're not involved in, but literally protect data at the data level. If you look up terms like crypto anchor you'll see some of the technologies we're taking advantage of there. But being able to monetize data by unlocking all that latent value of data hidden behind firewalls. If you use a physics analogy of potential and kinetic energy, applied to data behind firewalls, there's hundreds of billions of dollars of value in latent data basically, potential data hiding behind firewalls, and when you can safely share it, give the owners control they've never had before, then you expose the value of that data for the first time. >> Alright, so let's take us through where you're at. Obviously super exciting, you're leveraging the blockchain and you've got an ICO, initial coin offering coming up but you're not just doing that for the sake of doing, there's a lot of scams out there, you're taking a little bit more of a pragmatic approach. Give us the status because you're the founder and CEO, what's the makeup of the team, how big are you guys, what are you guys looking for, obviously you're looking for team members most likely. >> We're looking for developers obviously. >> Where in the process are you? >> We are a two-month-old company. We're at the seed stage. And we've actually assembled a world-class team. You hear that a lot, but I'm really, really proud of the team members we have right now. >> World-class, are they from around the world and then they have class? Define world-class. >> They're worldly, like myself, I travel a lot. (laughter) An example, my chief privacy officer is Sheila Fitzpatrick, she's a worldwide recognized leader in data privacy, she's on many, many privacy boards in the US and EU and so forth, and she now is traveling nonstop lecturing on GDPR, itself specifically. She's one of those recognized-- >> Should you see yourself as a solution for GDPR, because that's, again, it does have teeth, I'll just say that we've been reporting on this through Wikibon, our research team as well as theCUBE, it comes up all the time and there's heavy fines associated with it, so it's not like- >> GDPR is the perfect use case because on the one hand, we have that audit trail that proves what you're doing with data. On the other hand we have a kill switch, that revocable use clause for data where you can literally comply with GDPR in minutes or seconds, as opposed to take a full 24 hours to scour database and delete selected records. >> Alright, so what about the product? Give us an example of the product. Will you be, first of all that's right around the corner, it's next year. >> Val: Yeah. >> I think it was a March or April's timeframe, I don't have the exact date but it's pretty soon. >> Public beta before the end of this year, version 1.0 first of second quarter next year. >> For you guys, PencilDATA. >> Yes. >> Clients, are you working with anyone right now, you have a handful? >> So we've actually got really interesting distribution partnerships that we're not in a position to announce right now but the top-tier brand name enterprise cloud vendors, both on the SaaS and infrastructure and database side, they're lining up to work with us. Because we're enabling amazing use cases in healthcare and life sciences, the ability to selectively share patient data with insurers, with healthcare providers, clinical trials now to share more information through differential privacy and collectively have more data to be processed and analyzed. Use cases are just off the charts. >> Well you know we go to all the big data shows, we're horizontally scaled on the event site circuit, but this is the number one thing that comes up, I want to move from batch marketing, batch process, batch business to real-time business, speed is essential, but it's always been a conflict between, how do I enable data to move really fast and be available for applications but protecting the privacy. >> Yeah. >> Do you solve that problem, is that something that you see yourselves solving? >> We aren't necessarily innovating on speed, of data movement, it's going to be a SaaS service. >> So it's availability model. >> It's availability of data that's really never been shared before and I think that's the key here, is we know there's a lot of value locked up behind corporate firewalls. The irony is, we don't even have to sell this outside firewalls initially, when you go to any medium-to-large size enterprise that has more than one site or more than one department, Sales doesn't trust Marketing and vice versa, Engineering doesn't trust Customer Support, neither of the four of them trust each other, so we're actually going to enable more data shared within an enterprise at first. >> So that's a starting point for you guys. >> That's a starting point, that's the easiest low-hanging fruit sale we have. >> Well PencilDATA, it's great stuff, Val, congratulations on that startup. I mean, you've got a world-class management team, and this kind of brings up a point that I've been banging on theCUBE pretty much every time I go out I'll talk about blockchain and ICO because you know, theCUBE is a very decentralized audience and that's a value that we're looking at as well with blockchain. I've got to ask you the personal question, from your own personal perspective, experience, executive and CTO, why is blockchain attracting so many A players? Because you're seeing a lot of what I call A players, entrepreneurs, technical geeks, really jumping into this because they can see it, they can smell the opportunity, and also, it also attracts the scammers as well, but specifically, why are these A players coming in? Is it, what are you hearing, what's the general vibe, what's the anecdotal reason? >> So as you said earlier on, it's a fundamental evolution of the core internet as a technology, as fundamental as HTTP and web was on top of TCP/IP back 20 years ago, but it's got that rare combination of not only being a technical innovation that empowers new use cases on the web, on the internet, it's also got immediate, amazing business applications as a store of value initially, as an actual valuation of various business processes, or datasets in my case, as an ability to exchange that value so transparently, so, in such a friction-less liquid manner, those are some of the amazing innovations it brings to the table and I think the most important thing is not to think of this as being able to do digital transformation or faster analog, it's about completely reimagining the exchange of value, measurement of value, and new kinds of businesses that just weren't possible before. >> And at all points of the stack, not the low levels and at the application level, the business logic, and to the geek side, right? >> Absolutely. >> You agree. I mean, that's great and as you know, theCUBE is looking at a blockchain ICO on down the horizon so keep an eye out for that, CUBEcoins could be in everyone's future, so we're super excited like you. >> I'm looking forward to your presale, just like I'm looking forward to mine. (laughing) >> Well, we'll see. But the bottom line is that this is what the reality is, you know, reimagining the applications is what people are thinking and I think people should beware of the scams out there, and then final question I want to ask you is, obviously we're both in the community together, with our teams. Share your perspective on the ecosystem, because obviously decentralization will change the nature of traditional ecosystems. >> Very much so. >> What's your vision on how the ecosystem will evolve, and how big is it now relative to these early markets? >> We're actually starting to enter the middle innings of the cloud game, if you will, we're seeing a very good maturity, a good diversification of profitable earnings and outcomes for the major cloud players, so I think we've gone well down the cloud path so far. But the decentralized world is in its infancy. It's embryonic right now. And I've always been a proponent of the multi-cloud environment and a multi-cloud world, and decentralization fundamentally is based on and depends on a multi-cloud, not just multi-region, but multi-data-center-in-a-closet scenario as well, to be able to actually have a democratic model for determining where the value is, where the value isn't, blockchain node style. And that is incredibly exciting to me, because that really cements this rebalancing of the pendulum between core and edge in terms of where processing and value happens. >> Yeah, and value exchange obviously now, markup links are becoming the du jour way to exchange value, users are in control, infrastructure equilibrium is interesting. Great stuff. And I'll say, perfect storm for innovation. The waves are coming. (laughing) >> You know, one thing I've learned over the years is, the innovation, change never stops. There's always an opportunity to innovate, and that's what I love about this movement. >> Blockchain, ICO, PencilDATA, check 'em out, Val Bercovici, founder and CEO, great friend of theCUBE, also really strong CTO, check these guys out. This wave of innovation around blockchain ICOs and infrastructure, reimagining, the future is here upon us at theCUBE, be right back with more, thanks for watching. (electronic music)

>> Voiceover: Live from Las Vegas it's theCUBE. Covering NetApp Insight 2017. Brought to you by NetApp. >> Okay, welcome back everyone. Live in Las Vegas, it's theCUBE's exclusive coverage of NetApp Insight 2017. I'm John Furrier, the cohost of theCUBE; co-founder of SiliconANGLE Media here with Keith Downson, my cohost for the day. CTO Advisor. Our next guest is Brett Roscoe; vice president of process solutions marketing at NetApp; and Madge Miller, who's the director of Worldwide Public Relations PR. So, how're you guys feeling? The end of the day. A lot of action. >> A lot of stuff going on. >> I thought that was why they reinvent; all these announcements. Almost we needed another keynote. >> We do. We definitely do. A lot of really great announcements happening this week, and a lot of really big excitement in the halls about what is happening with our announcements. And you know Microsoft, HCL. >> John: How many did you have, roughly? >> We had three but we wrapped them into our >> John: Oh really? >> Only three, three big ones >> John: Three big ones? >> Three press releases, right? >> Yeah three big ones >> We had multiple functions, multiple products in each one. >> I mean it felt like it was 60 announcements >> Yeah, yeah it did >> But you packaged them up into three >> Yes, to map to our three IT imperatives and to map back to the data visionary transformation that NetApp has been undergoing this past year. >> John: So you've been busy? >> Very busy. >> Herding the cats internally putting it all into blocks so three transformation zones are: 1. Data center, traditional data center modernization and extension. Next generation data center, and then power of cloud. >> Brett: Yeah, harnessing the power of cloud, absolutely. >> Harnessing the power of the cloud. Which is on everyone's mind. As a portfolio, not a product any more, because in the old days you had the product, now it's a portfolio the data fabric is really kicking new territory now. How do you put that together when you take it to the market? Because you know representative notations are great but customers are different; you can't just put one customer in a box and say there are ten other customers like that because they might have a mix of hybrid cloud, a little bit of on-prem. >> Yeah well if you hear, I'm sure you've heard, Data Fabric that is our, that's how we talk about connecting the hybrid cloud so that spans really all three of those so whether you're in a modernized next gen data center or a hard sparrow cloud the data fabric kind of spans all of those and it creates a unique story for NetApp about how we break down boundaries between traditional on-prem and cloud-based environments. So that really spans a portfolio right but then when you get into these different solutions even though there might be something around modernize we still talk about how you're going to harness the power of the cloud within that modernized capability. So all our announcements this week, it's really cool to see that hybrid cloud capability coming through all of that. It's one of the key investments in our product roadmap and you're seeing that come as we new capabilities. >> OK Jean did a great job on the marketing but I get excited by Sheila FitzPatrick because she's driving the passion around privacy which is not so much security but it's data security, data privacy, data as tech, data for developers. You've got governance going on, you got privacy; GDPR going on in Europe. So you guys are in a lot of touch-points you've got a lot of irons in the fire relative to the market opportunities outside the core base. >> Brett: Right. >> What's the plan, because everyone's like "What's my reference implementation, how do I use NetApp?" >> Well we started using use case terminology. We have nine different use cases that we use. So that's really about the issue or the problem or the project the customer's working on right so if they're trying to build, if they're trying to accelerate a traditional application or if they're trying to harness new modern data services from the cloud. Or if they're trying to build DevOps environments. So we use that buyer journey to come in and talk to the customer and say "This is what we think you're trying to do. Here's the unique capabilities with our portfolio that we can bring to that solution." So we really try to make the product the last part and we really talk about the capabilities across the portfolio; how they address and differentiate us into each of those use case environments. So that's really the way we try to simplify it so we're not talking about all these different products, we're talking about NetApp's capabilities. >> So I was pretty impressed with the keynote yesterday we got an hour into the keynote without even mentioning a product. However this conference has typically, has traditionally been a storage conference. So how has the average attendee as you've walked the floor and as you've talked to the customers and attendees. How have they been receptive of that message of data first and now today we get to the meat of actual speeds and fees? >> I think really the thing about the conversation that NetApp is having now and just like you saw on stage at the keynote is that we are allowing people to elevate their role within their organization. So everyone is coming to the IT department and saying you know "How do I create these new services, how do I monetize data?" and now we're giving our folks that we've worked with traditionally for years the opportunity to step in that conversation and be experts and really come and be the hero in that conversation just like you saw on stage. So they can take their knowledge of those speeds and fees and they can come in and interpret them for new services new revenue models for data. >> And you guys did a great job with the A-team you had a bunch of them on here in theCUBE. They had the greatest analysts come in because they're on the front lines. They're a mix of tech geeks and also partners. >> Yeah they're great advocates right? And I also spent the whole day meeting with our analyst community as they come away to get their impressions and they were very positive, very excited. They've kind of been on this journey with us and watched us transform as we go through our own digital transformation about becoming a data-focused company. Around meeting customer needs and how they extract value and create new customer touchpoints and optimize operations and look for new innovative ways to use data. >> Alright so where is the focus in the solutions and also the comms. is important to because as you have comms. and solutions. You're like on the landscape looking at all the community action going on. You've also got to look at what's going on in the narrative of the industry; for thought leadership. You got to come in and pick and choose your resources for instance the Cloud Native Compute Foundation is one of the hottest things on the planet for Cloud. So that's more open source but there's a lot of influencers in there; a lot of A-tea potential. You've got to make some choices So as you go out to the market how do you look at the landscape because there's almost too much to do for you guys. If you hit every single piece, where is the focus? >> Yeah, I think that's really where our core message of being the data authority in the hybrid cloud world comes in and looking back at those three IT imperatives that we talked about. Really our focus is on building out those core strengths and that's really what you saw from our announcements at the show, is building up to those core strengths that we have and continuing to build them out. >> About customer and community sectors. Open source obviously is still growing like crazy. >> Open source is important for us. Looking at hyperscalers is very important for us looking at cloud native partners as we go forward you know which is part of what our announcement with Microsoft was about today is moving more into that cloud native conversation as NetApp with our core services and things that we're really known for and made us who we are today. >> Brett you've got to look at the cloud thing with Microsoft, I mean now not only are they a great channel for you guys >> Brett: Yeah. >> And you guys have got to step up to the plate and deliver some good value because you know they're finicky, they have sales guys out on the streets. Got to be reliable to be rock solid so pressure's on you but this opens up a lot of doors for NetApp doesn't it? >> Well yeah I think it's a fantastic opportunity for us right? It's an honor that Microsoft chose us as a partner in this space but at the same time I do believe that we are the best, we have the best capability in this space right? A true scalable enterprise capability that we bring to others I think is going to be right. It's going to hit the heart of the market for them and really provide a high quality, high enterprise scale kind of service. So I think, I'm super excited that this partnership came together; I think it makes total sense you look at the number one hyperscaler, the number one data vendor out there and you say they've come together to address customer needs. >> Alright here's the trick question at the end of the day to see what I can get out of you Dave Alanti and I.. >> All: (laughter) >> You know we're good at trick questions. >> OK this is good. >> We always fall for them, we're totally good at that. >> I shouldn't have said that on theCUBE. This is more of a philosophical question because David Alanti always thought like, "Never fight fashion." Fashion is key in success because you can ride the wave and be fashionable. So the question is what is the fashion in the market that you see? Because you guys now are at a level in my opinion where you can walk in the front door of all the thought leader theaters and say "Hey cloud native guys, we've got a great story for you." "Hey governance, we've got a great story there." So you have now a whole new level of territory that you can take down and have conversations in. So that comes to the fashion question. What's fashionable that you guys are focused on? If that's the fashion trend then what is NetApp wearing? >> Which designer, what designer? >> Are they wearing designer cloud native? Are they wearing..? >> Not my best analogy; you didn't hit my strong point. You could have used a sports analogy or something like that. >> If you were a baseball team? >> No, no, no she's all ready. >> No go ahead you do fashion. >> You do yours Brett no no no do a sports analogy. >> Go ahead, go ahead. >> West Coast offense of course. >> Yes we could totally do a fashion analogy I think that what you saw us wearing today around our data fabric momentum, around our cloud announcements, even around the digital customer experience with Elio and Active IQ. The way we're using our partnership with Watson, IBM Watson. Those are the types of things that you'll see from us in the future. The customer experience message really is around us using our own systems and amplifying those in a way that we hope our customers will in the future so you'll see a lot more of those types of things from us into, you know, into the next fashion season. >> And the old expression, if you've got sizzle a bit have the steak and again nice fabric you're wearing. >> So, since we're talking in analogies you guys are actually building up a lot of political capital. The Microsoft announcement gives you, from an optics perspective you can, that gets you into the door. "Hold on, this NFS thing is powered by NetApp?" Opens up a set of conversations with a completely different set of customers. How do you spend that capital next? What's the next level of conversations with CIOs, CDOs, CMOs? >> John: CXOs, yeah. >> Well you know we're in those conversations today right. So we've had on-tap cloud and several even pure SaaS-based products for a while and they're making great traction, there's huge growth in those new products. Obviously with the Microsoft partnership it allows us to actually reach, I'm excited about hitting new buyers that may have not seen NetApp as a vendor that that would leverage, maybe just through association or maybe their persona or the job they do wouldn't put NetApp right in front of them so now we have a new audience, right? We have a whole new audience that we can show our value. You know we, I think will have ways to work with Microsoft to bring additional capabilities into that service that they're going to provide, and how do we work with them to do that and make sure that customers see value, see additional future capabilities that they can leverage from us, it's a tremendous opportunity. It's now, it's our market, to go this is our opportunity to go show value to them. This is a great opportunity and we need to take advantage of it, and it ours to dip into. >> You guys are going to take more territory, great stuff. We're going to give you guys the final word in the segment. but for the folks who couldn't make it, they're watching this segment. Share with them what were the key things here happening that they should know about and take away from NetApp Insight? What are the key things? >> Brett, you want to take this one? >> You start and I'll finish. >> OK, we'll tag team this one. I think the big thing obviously is the Microsoft announcement. It's us moving more into that cloud native territory. That's a really big one. Also the digital customer experience the Elio and Active IQ for customer support. I think those are very big too showing us using our own capabilities for our customers as a company. >> OK, look I think you said it earlier; portfolio announce. We continue to come with multiple, with several new capabilities across the portfolio, right? And I think if you look at our focus which is hey we're building more software capability, we are building more hybrid, more capabilities in the cloud. More capabilities in hybrid; enforcing that data fabric message. I tell you, I know I'm biased, but nobody does it better. Nobody can come in and provide the position that NetApp has to help customers through this transformation leveraging cloud, leveraging new technologies, new microservices into their architecture in a way that we do it that is seamless and easy. >> And the cloud orchestrator is just one example of that's multi-cloud. >> Absolutely. >> You've got to shift to be first to market with true multi-cloud right out of the gate so congratulations and sorry to hear about all the tragedy that happened around your event you guys handled it with class and respect, thank you. >> Yeah it was definitely a tough situation I thought the entire leadership team did a fantastic job of working through that. >> Props to the NetApp leadership and the whole team. It's theCUBE here live in Las Vegas, the Mandalay Bay for the NetApp insight 2017. We'll be back with more after this short break. (technology music) >> Narator: Calling all barrier-breakers, status quo

>> Announcer: Live from Las Vegas, it's The Cube, covering NetApp Insight 2017, brought to you by NetApp. >> Okay, welcome back everyone. We're here live in Las Vegas, Mandalay Bay. This is The Cube's exclusive coverage of NetApp Insight 2017. I'm John Furrier, the cohost of The Cube, co-founder of SiliconANGLE Media with my cohost, Keith Townsend with CTO Advisors. Our next guest is Jean English. She's the Chief Marketing Officer of NetApp. Great to see you, thanks for having us, and thanks for coming on The Cube. >> Oh, thank you, thank you guys for being here. >> So NetApp is no longer a storage company, we learned. But then last year, now this year, you're a data company. >> Jean: (laughs) That's right. >> The brand promise is still the same. Take us through, as the Chief Marketing Officer, you have to, it's a complex world. One of your concepts here we've been seeing is winning while in a tough environment and IT is a tough environment. I got application development going on. I got DevOps. I got data governance. I got security issues, internet of things. It's a challenging time for our customers. How is your brand promise evolving? >> So we really see that NetApp is the data authority for hybrid cloud, and the amazing thing is is that what we see is our customers aren't talking to us about storage anymore. They're talking to us about data, and what their data challenges are, and most companies are trying to think through if they're going to transform, how are they going to harness the wealth of the data. What are they going to do to maximize the value of the data? >> And the cloud too is center stage, 'cause the cloud is a forcing function that's changing the relationship of your partners, VARs who has a lot of folks on talking about the dynamics with customers around multiple clouds. We saw on stage the announcement with Microsoft. Congratulations. >> Jean: Thank you. >> So you've been in Amazon for a while. We've been covering that, but the on-premise work still is growing, where you have the data from Wikibon Research came out shows that the on-premise true private cloud, which is defined as cloud operation business model is actually growing. However, the decline in automation of non-differentiated labor is declining by 1.5 billion over the next five years, which means the SAS market is going to continue to explode and grow, so the on-premise is actually growing, as is the cloud. How does that change the narrative for you guys, or does it, or is that a tailwind for NetApp? >> We think it's a complete tailwind in for NetApp. When we think about data today, we see that it's really becoming more distributed across environments. It's definitely more dynamic, as you're looking for the latest source of truth. And the diversity of data, especially with machine learning. I mean, it is exploding. So, how do you start to be able to build that data together? We really think of it as that our customers want to maximize that value and the only way to do that is to start to think about how do they bring it together, and how do they get more insight from that data, and then how do they have more access and control of that data, and then the most questions we usually get from our customers around, how do I make sure it's secure? But the really big point is is that, as we think about what NetApp is doing, it has been about three things that we see with our customers. They have to make sure that they're modernizing what they have today, and that goes to the on-prem environment, so if it's going to be that they got to accelerate applications, they want to make sure that they have that. But this notions of building clouds, even building private clouds. And we think of that as a next-generation data center, especially with DevOp environments. Then harnessing the power of the cloud and hybrid cloud world. And if they are not able to really leverage the cloud for SAS applications, if they're leveraging the cloud for backup, or even disaster recovery, data protection, that's where we see that these three imperatives, when they come together, that they're truly, truly able to unleash the power. >> So we saw on stage, CEO George Kurian talking about his personal situations in light of what's happened in Las Vegas here. Data is changing the world, and your tagline is "Change the world with data." So I got to ask you, obviously, data, we see a lot of examples in society and also personal examples of data being harnessed for value. The cloud can be great there, it's all on-prem. How do you guys position NetApp as a company? I know there's a lot of positioning exercises in marketing you do, but positioning is really important. That's what you do. The tagline is kind of the emotional aspect of it, okay, changing the world, let's change the world with data. I believe that. But what's the positioning of NetApp? How would you say that the positioning- What's the positioning statement of NetApp? >> The positioning statement of NetApp, I think we've really seen a big break in the positioning in the last couple of years. And why is because the customers are demanding something different. They're really looking for more hybrid cloud data services. And what are those data services that accelerate and integrate data, and that notion of on-prem and in the cloud, that's where we see what's going to happen to accelerate digital transformation. And so, this notion of yes, thought about as storage before, customers are demanding more for their data and they need data services, especially in hybrid environments to really be able to drive their business. >> The old expression, "Position it, they will come." And you guys have done a good job with the data. Okay, now let's get to the customer reality. You have to go out and do the tactical marketing. They're busy, right? There's a lot of noise out there. We just came back from New York and our Big Data NYC event that we ran in conjunction with Strata, which is a separate event, and it's clear they don't want the hype. They want reality. The rubber's hitting the road because they're so busy, and with the the security and the governance challenges- GDPR, for instance, in Europe is a huge pressure point for data. A lot of challenges but they want the magic. (laughter) It should be easy, right? But it's not. How do you guys go out day to day and take that to the field message? What's your strategy? >> Well, you talked about changing the world with data. And it feels like a lofty promise, but we really believe that when we come down to the purpose of why NetApp exists, it is to empower our customers to change the world with data and that's something that NetApp has been focused on not just for today, but the 25 years of history, and then also into the future. So what makes that the reality? Well number one, they want something that's simple. And so this notion of simplicity, and no matter how they think about managing or optimizing their data, it's got to be simple and easy to manage. Optimized to protect, I think data protection is critically important. Things about safeguarding data across its life cycle. and I think that NetApp has always been focused on how to make sure data is secure and protected. And that now is what we're seeing in the cloud too. So, all the relationships and partnerships that we've been creating and solidifying, AWS has been for the last couple years, we've had some latest`announcements of what we're doing to really make sure we have stronger data protection in multi-cloud environments. Obviously, today from what we're doing with Microsoft Azure, in really providing- Not even having to know how to manage storage, you can do it easily in Azure, and- >> No, I'm sorry. I really love this, this message from NetApp. As a traditional technologist, I understand NetApp disrupting the original storage CN Market with Fowlers, you guys were one of the first in the cloud with AWS, so from a trusted partner inside of the infrastructure team, I understand the vision of NetApp. But the transformation also means that you're starting to expand that conversation beyond just that single customer of the storage admin, of the infrastructure group. How is that messaging been going towards that new group of customers within your customers who have said, "NetApp? Isn't that a storage company?" How is that transformation been going? >> (laughs) You know, when we talk about reinventing, NetApp is reinventing itself. And that's what we're going through right now. And what we see is, is that the customers that we know and love, the storage admins and the storage architects, those are definitely tried-and-true and we love our relationships with them. But we see that the demands around data are growing and those demands are starting to reach more into DevOps, application developers, definitely into cloud enterprise architects as we think about cloud environments. The CIO is now under more pressure to think through how- They have a mandate to move to the cloud. Now what? But who do they want to move with? Someone that they've trusted before, and by the way, because we've been first, and because we're so open with all our relationships with the cloud providers, why not move with us? Because we can help them think through it. >> So you're keeping the core. You're not pivoting off the core, you're building on top of the core, extending that. Is that what you're saying? >> We're building off of a really great foundation of who we've had as customers all along. We're establishing new relationships, though, as well, with cloud enterprise architects, and today, we actually just had here at Insight our first executive summit, where we brought together CIOs and CTOs and really talked about what's happening with data and organizations, what's happening with data that's being disruptive, what's happening if you want to thrive, based on data as well. >> There used to be an old expression back in the day when Polaroid was around, "What's the new Polaroid picture of something?" Now it's Instagram, so I have to ask this question. What is the new Instagram picture of NetApp with the customers that you have and for customers now in the data space, there's a lot of data conversations happening. What is that picture of NetApp? What should they know about NetApp? >> NetApp is in the cloud. >> Yeah, I love that messaging that NetApp is in the cloud. And how important is that moving forward? Especially as we look at technology such as ONTAP. They have been there from the beginning. I love the NFS on Azure story, but that's powered by ONTAP, which I kind of- It took me a few minutes to kind of get it, because I'm thinking, "ONTAP in Azure, that's bringing the old to the new." But that's not exactly what it is. What messaging do you want customers to get out of something like an NFS in Azure? >> We want them to understand that they don't have to know anything about storage to be able to protect and manage their data. No matter what environment that they're in. >> And by the way, we've been looking at and commenting critically on The Cube many events now that multi-cloud is a pipe dream. Now I say that only as folks know me. It's real. Customers want multi-cloud, but multi-cloud has been defined as, "Oh, I run 365 on Azure, and I got some analytics on Redshift on Amazon, I do some stuff on-prem. That's considered multi-cloud because there happen to be stuff on multiple clouds. You guys are doing something with cloud orchestrate that's quite interesting. It truly is multiple clouds in the sense that you can move data, if I get this right, across clouds. >> Jean: That's right. >> So it's in a complete transparent way, seamless way, so I don't have to code anything. Is that true? If that's true, then you might be one of the first multi-cloud use cases. >> We are one of the first multi-cloud use cases. We have created the data fabric, which is really looking at how do you seamlessly integrate across multiple clouds or on-prem environments? The data fabric, we've been talking about this vision for a couple of years. What we're seeing now is customers are seeing it come to reality. And now that we have more and more relationships expanding, as we mentioned we've been building SAS offerings with AWS for a couple years, we just had the big announcement today with Microsoft Azure. We're working with IBM Cloud. We're also working with Google Cloud, Alibaba, so as we think about a seamless data fabric, they want frictionless movement in and out of the cloud. >> Jean, I got to change gears for a second, because one of the things we've been observing over the past couple of months, certainly we were at the Open Source Summit, Linux Foundation. Open source is growing exponentially now. You've seen the new onboarding of developers in general and enterprise is going to take the bulk of that. Companies are supplying personnel to contribute on open source projects. That's continuing to happen. Nothing new there. But it's starting to change the game. You see Blockchain out there, getting some traction, ICOs and all that hype, but it points to one thing. Communities are really valuable. So as a marketer, I know you were at IBM, very community-oriented, very open source oriented, the role of communities is going to be super important as customers discover- So marketing is changing from batch marketing, you know, surge email marketing to real-time organic with communities. It's not just have a social handle. Really, have you guys looked at the B2B marketing transformation as customers start to make selections and take opinions in the new organic communities, because you have people in these projects, in open source, who are making decisions based on content. What's your view on communities and the importance of communities? >> Well, we believe highly in communities. Our A-Team is a community with us that is so strong, and they're our biggest advocates. They get brought in very, very early on in terms of learning about our new technologies and learning our story and understanding our strategy and where we're moving. I think you may have talked to some of our A-Team members before. >> John: Quite strong, very strong. >> But they are an amazing group of people and we believe highly that their advocacy is what is really going to help us to stay in touch and be really close to these new buyers as well. >> And you've got to really internalize that too in the company. Operationally, any best practices you can share with other CMOs? 'Cause this is a challenge for a lot of marketers is, how do you operationalize something new? >> Yes, well, we're finding that this notion of reinvention and it starts with the company itself. And it starts with their own employees. So when we talk about the shift from storage to data, we're even having our own employees talk about their own data story and how do they connect data. George talked about his data story, actually, on the main stage in our keynote the other day. But connecting to that's been really important. This notion of transforming to think about these new customers and new buyers, it starts with the customer needs, it's not about a product-out discussion. And so, a new story to a new buyer, relevancy, what's happening in their industry, and then engagement, engagement, engagement. >> I've been following NetApp since they were start-up and they went public, great story. They have a DNA of reinvention. David Hitz is going to to come out, I'm sure. We'll talk about that, because he's been an entrepreneur, but he's also had that entrepreneurial DNA. It's kind of still in the company, so my question to you is, from a personal perspective, what have you learned or observed at NetApp during this reinvention, not a pivot, it's not at all. It's more of an inflection point for NetApp and a new way, a new way to engage with customers, a new way to build products, a new way to do software development, a new way to use data. This is a theme we're seeing. What's your personal observation, learnings that you could share? >> Well, in my first month, what I really learned is just the absolute amazing culture of what NetApp has and this notion of we're always embracing what our customers want to where we move. So what our customer wants, we move with it. We embrace it holistically. Years and years ago, you know, Linux and Windows. A couple of years later, virtualization, virtualized environments. Could've killed us. Made us stronger. Now, embracing the cloud. A lot of our customers say, "I would have canceled the meeting with you, but now I understand that you're interested in the cloud and that you're in the cloud, I've totally changed my mind." And we say, "We love the cloud. We embrace the cloud holistically." >> You guys are progressive. I've noticed it's a competitive strategy kind of theory but as the old expression goes, "You got to eat your own to get to the new market. Some companies will milk the market share dry and then can't get to the new model. This is the reinvention challenge. When do you stop making profits to build for the future? It's a tough call. >> It is, but that's why we listen to what our customers say. And so, when they talked about wanting to move to the cloud a few years ago, we said, "We're going to be the first to holistically embrace the cloud." >> Okay, so you got the NetApp Insight 2017 going on in Berlin. Okay, that brings up the question, because it's in Germany, so I have to ask. GDPR has been super hot. The global landscape, how is that going on for NetApp? Obviously you have some experience in outside the US. It's not always the US, North America centric world. What's the global story for NetApp? >> It's not. I lived in China and Singapore, and I know that there are demands that are not just US-centric. When we talk about Germany, I was just there a few months ago, and this notion of how do we start to address the articles that are in GDPR that help to make sure that we have the right compliance and protection for data inside of a country and inside of Europe. We actually have expertise in that area. We've been actually consulting and talking with customers about what they want to do with data compliance and we're being asked now to say, "How does NetApp help address those articles? How do we come back with solutions to help control data and make sure we have the right access of data?" So, we're already consulting with customers. We know it's a top priority, and we have expertise to be able to help. >> We had Sheila FitzPatrick on. She's the Chief Privacy Officer. Very colorful, very dynamic, a lot of energy. >> Jean: She is. (laughs) >> She's going to slap anyone around who says you don't bolt on privacy. Good policy conversations, the policies converging in with that. It's interesting, the global landscape- The Cube will be in China next week for the Alibaba Cloud Conference, so we're going to go report, see what's going on there, so huge international challenge around regulations and policy. Does that affect the marketing at all? Because policy kind of is data privacy and security. Security super hot, obviously. Data security is number- A big thing. How does policy intersect with the technology? How as a CMO do you get that realized and put into action? >> Well, I think basing on the foundation that we're always optimized to protect. That's one of our key foundations of why people choose NetApp. We definitely know that there are other demands that are happening in local markets. I was just in Australia few weeks ago and was meeting with the New South Wales government, which they've had a mandate that all of the agencies need to use their own cloud platform. They've been working with NetApp to ensure that they can have the right data management solutions on that platform. And from a marketing perspective, we embrace that. And so we work with, whether it's Telstar, we're working with New South Wales, we're thinking about how do we ensure that that message is strong, because we know customers there have different demands than just what's in the US. >> So when you get CIOs and and senior executives together at a summit like you guys had over the past few days, ideas start to percolate, problem start to come across. What was some of the biggest policy concerns throughout those conversations? Was it GDPR? Was it something else? What's top-of-mind? >> What we're hearing top-of-mind right now is data governance. And I think that that could be towards data compliance in terms of GDPR for Europe. I think it expands beyond Europe, though. I just heard, like I said, in Australia, where they're having demands based on the government of what's needed to be really driven through a cloud platform. We're hearing through our customers in the last couple weeks about if I'm moving to the cloud, number one, I want to have seamless transition during the move in or out of the cloud, but I got to make sure I've got the right governance model in place. >> So we've heard this repeatedly. Customers moved into the cloud. How many customer are coming to you saying, "You know what, for whatever reason, whether it's cost, agility, the overall capability we thought we'd have available in the cloud, not really what we thought it would be. We need help moving it back." And what is that conversation like? >> Well, it's a conversation that we're able to help with pretty easily. Right now, we have had customers that have either had one, a cloud mandate, so they got to think about how am I going to move all my data to the cloud. Once they actually start getting into the detail, we do a design workshop where we help them think about maybe there's not all workloads going to the cloud. Maybe some workloads go in the cloud. We have had a customer who did move the majority of workloads in the cloud and then decided, actually, we think we'll get better cost performance and better efficiencies if we actually have those back on-prem. We said, "No problem. We can help you with that too." And I think that's the beauty of what we talked about with data fabric is, we're able to help them think through, no matter where they want their data, on-prem or in the cloud, we can help them. >> Jean, thanks for coming up here. I know your time is super valuable. I got to get one more point in, 'cause I want to make sure we get that out there. Public sector. NetApp's position strong, getting better? What's your thoughts? A quick update on public sector. >> We are very, very strong on public sector. We've actually had a strong presence in public sector with our customers for many years. And we're continuing to help them think about too how they start to look at cloud environments. >> All right, Jean English, CMO here on The Cube. Getting the hook here in the time. She's super busy. Thanks for coming. Congratulations- >> Jean: Thank you. >> On great positioning and looking forward to chatting further at The Cube. Live coverage here, Las Vegas at the Mandalay Bay. I'm John Furrier, Keith Townsend. We'll be right back with more live coverage after this short break. (upbeat music)