>> From theCUBE Studios in Palo Alto and Boston bringing you data driven insights from theCUBE and ETR. This is Breaking Analysis with Dave Vellante. >> After a two year hiatus, AWS re:Inforce is back on as an in-person event in Boston next week. Like the All-Star break in baseball, re:Inforce gives us an opportunity to evaluate the cyber security market overall, the state of cloud security and cross cloud security and more specifically what AWS is up to in the sector. Welcome to this week's Wikibon cube insights powered by ETR. In this Breaking Analysis we'll share our view of what's changed since our last cyber update in May. We'll look at the macro environment, how it's impacting cyber security plays in the market, what the ETR data tells us and what to expect at next week's AWS re:Inforce. We start this week with a checkpoint from Breaking Analysis contributor and stock trader Chip Simonton. We asked for his assessment of the market generally in cyber stocks specifically. So we'll summarize right here. We've kind of moved on from a narrative of the sky is falling to one where the glass is half empty you know, and before today's big selloff it was looking more and more like glass half full. The SNAP miss has dragged down many of the big names that comprise the major indices. You know, earning season as always brings heightened interest and this time we're seeing many cross currents. It starts as usual with the banks and the money centers. With the exception of JP Morgan the numbers were pretty good according to Simonton. Investment banks were not so great with Morgan and Goldman missing estimates but in general, pretty positive outlooks. But the market also shrugged off IBM's growth. And of course, social media because of SNAP is getting hammered today. The question is no longer recession or not but rather how deep the recession will be. And today's PMI data was the weakest since the start of the pandemic. Bond yields continue to weaken and there's a growing consensus that Fed tightening may be over after September as commodity prices weaken. Now gas prices of course are still high but they've come down. Tesla, Nokia and AT&T all indicated that supply issues were getting better which is also going to help with inflation. So it's no shock that the NASDAQ has done pretty well as beaten down as tech stocks started to look oversold you know, despite today's sell off. But AT&T and Verizon, they blamed their misses in part on people not paying their bills on time. SNAP's huge miss even after guiding lower and then refusing to offer future guidance took that stock down nearly 40% today and other social media stocks are off on sympathy. Meta and Google were off, you know, over 7% at midday. I think at one point hit 14% down and Google, Meta and Twitter have all said they're freezing new hires. So we're starting to see according to Simonton for the first time in a long time, the lower income, younger generation really feeling the pinch of inflation. Along of course with struggling families that have to choose food and shelter over discretionary spend. Now back to the NASDAQ for a moment. As we've been reporting back in mid-June and NASDAQ was off nearly 33% year to date and has since rallied. It's now down about 25% year to date as of midday today. But as I say, it had been, you know much deeper back in early June. But it's broken that downward trend that we talked about where the highs are actually lower and the lows are lower. That's started to change for now anyway. We'll see if it holds. But chip stocks, software stocks, and of course the cyber names have broken those down trends and have been trading above their 50 day moving averages for the first time in around four months. And again, according to Simonton, we'll see if that holds. If it does, that's a positive sign. Now remember on June 24th, we recorded a Breaking Analysis and talked about Qualcomm trading at a 12 X multiple with an implied 15% growth rate. On that day the stock was 124 and it surpassed 155 earlier this month. That was a really good call by Simonton. So looking at some of the cyber players here SailPoint is of course the anomaly with the Thoma Bravo 7 billion acquisition of the company holding that stock up. But the Bug ETF of basket of cyber stocks has definitely improved. When we last reported on cyber in May, CrowdStrike was off 23% year to date. It's now off 4%. Palo Alto has held steadily. Okta is still underperforming its peers as it works through the fallout from the breach and the ingestion of its Auth0 acquisition. Meanwhile, Zscaler and SentinelOne, those high flyers are still well off year to date, with Ping Identity and CyberArk not getting hit as hard as their valuations hadn't run up as much. But virtually all these tech stocks generally in cyber issues specifically, they've been breaking their down trend. So it will now come down to earnings guidance in the coming months. But the SNAP reaction is quite stunning. I mean, the environment is slowing, we know that. Ad spending gets cut in that type of market, we know that too. So it shouldn't be a huge surprise to anyone but as Chip Simonton says, this shows that sellers are still in control here. So it's going to take a little while to work through that despite the positive signs that we're seeing. Okay. We also turned to our friend Eric Bradley from ETR who follows these markets quite closely. He frequently interviews CISOs on his program, on his round tables. So we asked to get his take and here's what ETR is saying. Again, as we've reported while CIOs and IT buyers have tempered spending expectations since December and early January when they called for an 8% plus spending growth, they're still expecting a six to seven percent uptick in spend this year. So that's pretty good. Security remains the number one priority and also is the highest ranked sector in the ETR data set when you measure in terms of pervasiveness in the study. Within security endpoint detection and extended detection and response along with identity and privileged account management are the sub-sectors with the most spending velocity. And when you exclude Microsoft which is just dominant across the board in so many sectors, CrowdStrike has taken over the number one spot in terms of spending momentum in ETR surveys with CyberArk and Tanium showing very strong as well. Okta has seen a big dropoff in net score from 54% last survey to 45% in July as customers maybe put a pause on new Okta adoptions. That clearly shows in the survey. We'll talk about that in a moment. Look Okta still elevated in terms of spending momentum, but it doesn't have the dominant leadership position it once held in spend velocity. Year on year, according to ETR, Tenable and Elastic are seeing the biggest jumps in spending momentum, with SailPoint, Tanium, Veronis, CrowdStrike and Zscaler seeing the biggest jump in new adoptions since the last survey. Now on the downside, SonicWall, Symantec, Trellic which is McAfee, Barracuda and TrendMicro are seeing the highest percentage of defections and replacements. Let's take a deeper look at what the ETR data tells us about the cybersecurity space. This is a popular view that we like to share with net score or spending momentum on the Y axis and overlap or pervasiveness in the data on the X axis. It's a measure of presence in the data set we used to call it market share. With the data, the dot positions, you see that little inserted table, that's how the dots are plotted. And it's important to note that this data is filtered for firms with at least 100 Ns in the survey. That's why some of the other ones that we mentioned might have dropped off. The red dotted line at 40% that indicates highly elevated spending momentum and there are several firms above that mark including of course, Microsoft, which is literally off the charts in both dimensions in the upper right. It's quite incredible actually. But for the rest of the pack, CrowdStrike has now taken back its number one net score position in the ETR survey. And CyberArk and Okta and Zscaler, CloudFlare and Auth0 now Okta through the acquisition, are all above the 40% mark. You can stare at the data at your leisure but I'll just point out, make three quick points. First Palo Alto continues to impress and as steady as she goes. Two, it's a very crowded market still and it's complicated space. And three there's lots of spending in different pockets. This market has too many tools and will continue to consolidate. Now I'd like to drill into a couple of firms net scores and pick out some of the pure plays that are leading the way. This series of charts shows the net score or spending velocity or granularity for Okta, CrowdStrike, Zscaler and CyberArk. Four of the top pure plays in the ETR survey that also have over a hundred responses. Now the colors represent the following. Bright red is defections. We're leaving the platform. The pink is we're spending less, meaning we're spending 6% or worse. The gray is flat spend plus or minus 5%. The forest green is spending more, i.e, 6% or more and the lime green is we're adding the platform new. That red dotted line at the 40% net score mark is the same elevated level that we like to talk about. All four are above that target. Now that blue line you see there is net score. The yellow line is pervasiveness in the data. The data shown in each bar goes back 10 surveys all the way back to January 2020. First I want to call out that all four again are seeing down trends in spending momentum with the whole market. That's that blue line. They're seeing that this quarter, again, the market is off overall. Everybody is kind of seeing that down trend for the most part. Very few exceptions. Okta is being hurt by fewer new additions which is why we highlighted in red, that red dotted area, that square that we put there in the upper right of that Okta bar. That lime green, new ads are off as well. And the gray for Okta, flat spending is noticeably up. So it feels like people are pausing a bit and taking a breather for Okta. And as we said earlier, perhaps with the breach earlier this year and the ingestion of Auth0 acquisition the company is seeing some friction in its business. Now, having said that, you can see Okta's yellow line or presence in the data set, continues to grow. So it's a good proxy from market presence. So Okta remains a leader in identity. So again, I'll let you stare at the data if you want at your leisure, but despite some concerns on declining momentum, notice this very little red at these companies when it comes to the ETR survey data. Now one more data slide which brings us to our four star cyber firms. We started a tradition a few years ago where we sorted the ETR data by net score. That's the left hand side of this graphic. And we sorted by shared end or presence in the data set. That's the right hand side. And again, we filtered by companies with at least 100 N and oh, by the way we've excluded Microsoft just to level the playing field. The red dotted line signifies the top 10. If a company cracks the top 10 in both spending momentum and presence, we give them four stars. So Palo Alto, CrowdStrike, Okta, Fortinet and Zscaler all made the cut this time. Now, as we pointed out in May if you combined Auth0 with Okta, they jumped to the number two on the right hand chart in terms of presence. And they would lead the pure plays there although it would bring down Okta's net score somewhat, as you can see, Auth0's net score is lower than Okta's. So when you combine them it would drag that down a little bit but it would give them bigger presence in the data set. Now, the other point we'll make is that Proofpoint and Splunk both dropped off the four star list this time as they both saw marked declines in net score or spending velocity. They both got four stars last quarter. Okay. We're going to close on what to expect at re:Inforce this coming week. Re:Inforce, if you don't know, is AWS's security event. They first held it in Boston back in 2019. It's dedicated to cloud security. The past two years has been virtual and they announced that reinvent that it would take place in Houston in June, which everybody said, that's crazy. Who wants to go to Houston in June and turns out nobody did so they postponed the event, thankfully. And so now they're back in Boston, starting on Monday. Not that it's going to be much cooler in Boston. Anyway, Steven Schmidt had been the face of AWS security at all these previous events as the Chief Information Security Officer. Now he's dropped the I from his title and is now the Chief Security Officer at Amazon. So he went with Jesse to the mothership. Presumably he dropped the I because he deals with physical security now too, like at the warehouses. Not that he didn't have to worry about physical security at the AWS data centers. I don't know. Anyway, he and CJ Moses who is now the new CISO at AWS will be keynoting along with some others including MongoDB's Chief Information Security Officer. So that should be interesting. Now, if you've been following AWS you'll know they like to break things down into, you know, a couple of security categories. Identity, detection and response, data protection slash privacy slash GRC which is governance, risk and compliance, and we would expect a lot more talk this year on container security. So you're going to hear also product updates and they like to talk about how they're adding value to services and try to help, they try to help customers understand how to apply services. Things like GuardDuty, which is their threat detection that has machine learning in it. They'll talk about Security Hub, which centralizes views and alerts and automates security checks. They have a service called Detective which does root cause analysis, and they have tools to mitigate denial of service attacks. And they'll talk about security in Nitro which isolates a lot of the hardware resources. This whole idea of, you know, confidential computing which is, you know, AWS will point out it's kind of become a buzzword. They take it really seriously. I think others do as well, like Arm. We've talked about that on previous Breaking Analysis. And again, you're going to hear something on container security because it's the hottest thing going right now and because AWS really still serves developers and really that's what they're trying to do. They're trying to enable developers to design security in but you're also going to hear a lot of best practice advice from AWS i.e, they'll share the AWS dogfooding playbooks with you for their own security practices. AWS like all good security practitioners, understand that the keys to a successful security strategy and implementation don't start with the technology, rather they're about the methods and practices that you apply to solve security threats and a top to bottom cultural approach to security awareness, designing security into systems, that's really where the developers come in, and training for continuous improvements. So you're going to get heavy doses of really strong best practices and guidance and you know, some good preaching. You're also going to hear and see a lot of partners. They'll be very visible at re:Inforce. AWS is all about ecosystem enablement and AWS is going to host close to a hundred security partners at the event. This is key because AWS doesn't do it all. Interestingly, they don't even show up in the ETR security taxonomy, right? They just sort of imply that it's built in there even though they have a lot of security tooling. So they have to apply the shared responsibility model not only with customers but partners as well. They need an ecosystem to fill gaps and provide deeper problem solving with more mature and deeper security tooling. And you're going to hear a lot of positivity around how great cloud security is and how it can be done well. But the truth is this stuff is still incredibly complicated and challenging for CISOs and practitioners who are understaffed when it comes to top talent. Now, finally, theCUBE will be at re:Inforce in force. John Furry and I will be hosting two days of broadcast so please do stop by if you're in Boston and say hello. We'll have a little chat, we'll share some data and we'll share our overall impressions of the event, the market, what we're seeing, what we're learning, what we're worried about in this dynamic space. Okay. That's it for today. Thanks for watching. Thanks to Alex Myerson, who is on production and manages the podcast. Kristin Martin and Cheryl Knight, they helped get the word out on social and in our newsletters and Rob Hoff is our Editor in Chief over at siliconangle.com. You did some great editing. Thank you all. Remember all these episodes they're available, this podcast. Wherever you listen, all you do is search Breaking Analysis podcast. I publish each week on wikibon.com and siliconangle.com. You can get in touch with me by emailing avid.vellante@siliconangle.com or DM me @dvellante, or comment on my LinkedIn post and please do check out etr.ai for the best survey data in the enterprise tech business. This is Dave Vellante for theCUBE Insights powered by ETR. Thanks for watching and we'll see you in Boston next week if you're there or next time on Breaking Analysis (soft music)

>> Narrator: From theCUBE Studios in Palo Alto in Boston, connecting with thought leaders all around the world, this is theCUBE conversation. >> Hi everybody, this is Dave Vellante and welcome to this week's CUBE insights powered by ETR. In this breaking analysis, we're going to bring in Sagar Kadakia who's the Director of Research at ETR. He's been away for the last couple of weeks, he's really digging into the latest data set, ETR of course it was in it's quiet period. And today, what we want to do is give you three of the macro takeaways from that last two-week analysis and drill into to some of the sectors. So Sagar, that's for coming on, great to see you again. Let's get right into it. >> Let's do it, thanks for having me. >> You've been crazy busy, we started the year at a plus 4%, consensus IT spend. We reported for several weeks and ended up at minus 4%. We're now at minus 5%, after you've gone through and done some additional analysis. So bring us up to date the IT spend projection. >> Yeah no problem, and that's our first macro takeaway, is we're seeing declines in IT budget, a decline of 5%. And remember, coming into the year as you mentioned, consensus assessments were right around that 4% number. And so we've seen this kind of 900 basis point shift downward so that's kind of where we are today, if we kind of look at that chart that we've been tracking for the last few weeks. And then for those that have seen this chart before, you've kind of seen where we've been kind of going the last two, three weeks. And for those that haven't seen the chart, I'll kind of go through it now. So, as many of you know, kind of launched its COVID-19 drill down survey to measure the impact that the virus was going to have on total spend this year and so we kind of launched that drill down on March 11th and so if you kind of look at that blue line there, what you're looking at, is we asked individuals, estimate what percentage impact you think the virus is going to have on your budget versus your original expectations. And since we launched this on March 11th, on that blue line that you're looking at, we got a lot of positivity in the beginning. And so if you look at the blue line all the way through, you follow that, you get about zero percent growth. Now the issue is, as I just mentioned is, we launched on the 11th, and there wasn't a tremendous amount of information available as to how severe the virus was, and so we kind of did this in Venn analysis and we talked about this last time, on the last breaking analysis, where it's probably more appropriate to look at a start date closer to 3/17 or 3/23 when the market really understood the severity of COVID-19. NYC became the epicenter. And if we look at just those customers who indicated a spend impact after that date, you can see it's coming out to about four or 5% decline. And so that's kind of one of our big macro takeaways, and the other thing on this chart, kind of focus on is, and even though we're not looking at, some of the vendors here, is when you think about declines, it's not across the full IT stack, and I think that's really important for the audience to understand. We're seeing focused declines among on-prem legacy pure plays. You're still seeing CIO spend on cloud and SaaS. In fact, they're doubling down there. And so when you kind of think about how things are going to shape up the next three, six, nine months, there's going to be a lot of bifurcation. And we think cloud and SaaS are going to be well positioned with a lot of legacy and on-prem. That's where you're going to see a majority of those declines that you're seeing here kind of play out. >> I've made the case, statement many times that cloud is good, or downturns have been to cloud. You saw this in 2008, 2009 with the shift from CapEx to OpEx. We came out of 2009 into the decade of cloud. And very clearly we're seeing some similar things here as people shift to that work-from-home. We had one CIO on the recent Venns that I want to just delete my data centers. Unfortunately, he's not going to be able to do that overnight, but I think, as Eric Bradley pointed out last week, a lot of customers who weren't even thinking about cloud, or really were sort of reticent to go all in, really have flipped and changed their tune. Let's talk about some of the industries that are impacted by this COVID-19 and the stay-at-home. This slide really kind of underscores that. Why don't you take us through it? >> Yeah, no problem. So on the last slide, you were looking at kind of our COVID-19 drill-down study. On this slide, what we're now going to focus on is a study that we did in tandem, which is called our Technology Spending Intentions Survey. And specifically we conducted this in April. What we did is we asked CIOs to update their 2020 spending intentions versus how they spent in '19. So this survey was originally posed in January and then we're essentially asking for a three-month update now. So we're trying to get an understanding of how much has changed in the last three months because of COVID-19. And when we asked these CIOs, we give them essentially a list of 400 vendors. And they're able to then indicate which ones they're flattening on, decreasing on, maybe accelerating on. And so what you're looking at here is we've aggregated that data by industry. And if you look at the X-axis here, you're going to look at spend intensity versus three months ago. And the Y-axis will be spend intensity versus a year ago. And so what you're seeing here is over the last three months, look at how much verticals, like retail/consumer, airlines, delivery services, financials/insurance, IT/TelCo, services/consulting. Those have really seen some of the largest pullbacks in spend versus three months ago. And those are also some of the industries that have indicated the largest pullback in demand from consumers and businesses. And so this is where we think a lot of the declines that we showed you earlier really kind of focus on some of these verticals. And that's how, when you kind of think about which organization are going to be hurt, which ones might see the most impact, three, six months from now, this is a really good chart to view. >> Yeah, a couple of points I would make on this data. Retail and consumer, again, even that's bifurcated. Obviously the physical stores getting crushed. You see Amazon now trading at all-time highs. Target announced today, I think they said a 200% increase in online shopping, which, of course, is fulfilled. 85% of Target's demand is fulfilled by their stores. So that's kind of mixed. You're going to see an accelerated move toward digital transformation there. Airlines, it's really unclear what's going to happen there. IT/TelCo, on one of the last Venns we talked about MPLS, people trying to get off of MPLS, really moving toward a SD-WAN. Healthcare, pharma, healthcare doesn't have time to do anything right now. No time to take a breather. Financials is interesting. I mean, they're down right now, but they still have a lot of cash. Liquidity is good. And then energy, I mean oil, I've just never seen anything like it. We're concerned obviously about credit risk there and oil companies being able to pay off their debts. So it's really not a pretty picture, is it? >> Yeah, and if focus on energy, even though you're not seeing a huge pullback versus three months ago in energy, it's really important to understand when we did this survey in January, energy was all the way on the left side of that chart. And so it already looked really bad coming into the year. So it got worse. But because of the severity versus last year, like they're just not seeing that much more of a negative impact now. This was before, this survey closed before everything happened the last few days with oil prices. So it is very possible that that data is going to get worse. And we'll know if it gets really-- >> We're not laughing a lot these days, but if you haven't filled up your car in a while, I mean it's, Anyway, let's go into the security piece. We talked about, you guys were really the first to report this work-from-home pivot. Others have sort of more recently coming to that conclusion. And it wasn't just Zoom and WebEx and video collaboration, Teams, et cetera. It really was all kinds of infrastructure, including security. So we can bring up the next chart, guys. Let's sort of get into this. We're going to talk about the sector and some of the vendors in here. Let's go. >> Yeah, no problem, so if we kind of step away from the macro and really start getting into the sectors and vendors in here. If we start with security, what we're really saying is that, look, a remote workforce is really kind of revealing best-in-breed. And we think it's going to lead to the permanent changes. So what you're looking at here is these are the net scores for each individual vendor currently versus three months ago as well as a year ago levels. The yellow bars will be what's currently. And the way to think about net score is just kind of spend intensity. And so the higher your net score, the more spend intensity, the more spend velocity you're seeing from enterprise customers. And what we're really seeing here, if you kind of look at the vendors on the left, you're seeing a lot of acceleration among secure web gateway end point, mobile security, cloud SaaS application security, identity, and these make sense. As we mentioned earlier, as you really accelerate your cloud and SaaS spend, you're going to want to use vendors that best protect those areas. And so if you look to the left here, Okta and Zscaler, Cloudflare, CrowdStrike, some of these really look best positioned moving forward. Palo Alto looks good longer term. Splunk at this point also looked good longer term. And then the other thing to kind of hit on here is the other side in terms of, we talked about the bifurcation that we expect. We're seeing significant declines in net scores among a lot of these legacy vendors. Check points come down quite a bit. Juniper, Trend Micro, Broadcom, Barracuda Networks, SonicWALL, and so you can see the disparity here. It's pretty clear on the image. But we think there's some pretty clear winners and losers here. And I think we may see permanent changes moving forward. >> Yeah, so Twistlock, of course, is now owned by Palo Alto. CrowdStrike, they're a hot company in the sector. Okta, I have the Chief Product Officer coming on shortly here for part of my CXO series. We've talked about Palo Alto and how they sort of fell behind a little bit in the cloud. But you talk to customers, they really see Palo Alto as in the mix. Zscaler came up in the Venn as, to your point, securing gateways and doing a really good job in that space. And so I think the fragmentation, the fragmentation probably continues, but there's also bifurcation, as you pointed out. Let's talk about cloud. As you've said and I said, downturns have been good to cloud. People are obviously looking more toward cloud, whether it's SaaS or cloud type of consumption. Let's bring up the next slide, which looks at the big three, Azure, AWS, and GCP. First of all, all three have very strong net scores. Up in the 60% plus range. But you have Azure pulling away. I'd love to hear your thoughts on that. >> Yeah, that's right, and we've kind of been using this analogy of kind of a horse race. Just kind of as context, coming into January you see really GCP accelerating. And so one of the things we said in January was it's becoming more of a three-horse race. Even though GCP doesn't have the same type of market share as the other two, you are seeing the spend intensity increase. And now what you're seeing is Azure pulling away a little bit because of, we think, COVID-19. When you look at Azure's data set, it really looks robust and healthy across all verticals, across most regions. And that is what you're seeing here where it's continuing to kind of accelerate. It looks good. AWS, GCP, it also looks good here, but you're not seeing the same uniform strength. There's a couple verticals for AWS where we're seeing a little bit of a pullback in spend, like retail and industrials. For GCP we're seeing a pullback in mid-size and small enterprises. So that's causing a couple of cracks here and there. Even though they look overall healthy, but we did want to kind of indicate here on cloud where, look one vendor looks like they're pulling away when it comes to spend velocity. >> It's going to be interesting to see. I mean, we reported on the sort of deltas between Azure and AWS and the cloud, the quality of the cloud. I think we're going to carefully watch the quarterly reports. You always have to kind of squint through the Azure numbers to see what's in there. But there's no question that Microsoft, across the board, is really very, very strong. All right, let's talk about collaboration, productivity, video conferencing. I mean, we've certainly seen upticks. But as shown on this slide, you guys, if you could bring the next slide up. You know, it's not all rosy. Talk about this a little bit. >> Yeah, I think, look, there's been a lot of coverage around which vendors look best. And so I kind of want to take the opposite view on this chart for the audience, and say hey look, which vendors are not benefiting? And this is kind of like a hodgepodge sector of productivity and collaboration, video conferencing. What we're saying is it's now of never, so to speak. And you're looking at replacement rates. So if you look at, if you see something on this chart that says 20% replacement, that means one out of five customers indicated for that vendor in our survey, indicated a replacement for them, which is not good. And so you're seeing vendors here like Dropbox, Box and Slack having elevated or accelerating replacement levels. And these vendors, pitch themselves as collaboration tools. And if they're not doing well now and they're seeing elevated replacements, especially as everyone is working from home, that doesn't bode well for the future. >> I think people who know me know I'm not a huge fan of Box and Slack. They drive me crazy. And so this is interesting to see. I mean, we're a Zoom shop, so obviously you Zoom, you like Zoom. I had my first experience very recently with Microsoft teams. I was quite impressed. I thought it was easy to use. Skype, hell was just terrible. And so, much, much improved. Very interesting cut on that one. So again, it's a bifurcated story. Let's drill into teams a little bit. Guys, have you bring up the next slide, Movements reporting. And you guys are really again, first on this, how strong Microsoft is across the board. But really going after it and collaboration. >> On that previous slide you saw that, Dropbox and Slack, we're all seeing replacements. So again, a lot of customers like where was all that spend going? Well, it's going to Microsoft Teams. It's going to One Drive. This is a Slack drilled out, or sorry, a Slack and teams drill down. That we did, earlier this year. And what we're trying to do is measure, how these products were going to do in the next 12 months. And so what you're looking at here is Fortune 500 organizations. What we did is we asked them how much of your organization, is using Microsoft Teams today. What percentage of your organization is going to be using Microsoft Teams 12 months from now? That's going to be in the yellow bars. And you can see the big upticks in 12 months. And we took some mid point averages. Look at how much Microsoft Teams is going to grow, within Fortune 500 accounts in the next 12 months. And if we look at Slack on the next slide, you're really now seeing the exact opposite. Same question, how many folks in your Fortune 500 organization are using Slack today? And what does that look like in 12 months? And the mid point average is actually coming down. And so, it's like Slack is a seat-based model. And so when you have less users that's going to generate less revenue. And so again, this is amongst the existing Fortune 500 customers. This doesn't include new Fortune 500, but this spells problems for Slack, when you kind of think about the next six to 12 months ahead. >> Well it's one thing if you're competing with Microsoft and your AWS. I've not really not worried about AWS, Microsoft, take a note AWS. If you're one of these collaboration platforms, Microsoft, we've seen over the years, first of all, they got great developer affinity. They know how to bundle different products together. Now they got the cloud working so they got their flywheel effect in the cloud. There's just not a ton of room. The thing is they have such a huge software estate, such a giant customer install base and it's just makes it easy for them. The products are good enough or in some cases really good. So that's going to be something to watch, because there's a lot of high valuations going on right now in their collaboration space. >> That's right. And I think, it really hits on the previous slide, or the previous slides on collaboration that we saw, was when you think again about the declines, a lot of that is impacting some of these pure plays. So in security you saw a lot of the legacy names getting in. On the collaboration side, you saw a lot of these pure plays your getting in. And so this is kind of, again when you think about where budgets are going and which vendors are being impacted, it's really concentrated into some specific areas. >> So now, one of the hardest hit areas, and you guys reported on this earlier, was the IT consulting and outsourcing IT. You guys have you bring up that the chart, it's pretty ugly. Maybe you can explain what you're seeing here and why you think that is. >> Yeah, no problem. So again, this is from our technology spending intention survey. We're measuring spend velocity here. Spend intensity, and you can see across, these are just a handful of IT consulting firms. If you look at the blue bars to the yellow bar. So the blue bar is, 2020 spending intent that we captured in January and now we're asking for updated 2020 spending intentions. You can see the deceleration in just the last three months. If you look at our COVID-19 drill down side that we conducted, one of the questions in there we asked was, are you freezing new IT projects or deployments? Almost, 1/4 percentage of customers said they are. And so, that is going to spell problems for this space. When you think about, look, if you're going into uncertain times an easy way to reduce your budget is by, spending less with consulting vendors since you know, you can just less than the number of deliverables, these individuals get paid based on. How many deliverables they can complete. So this is another area that when you kind of think about where the declines are coming from, this is certainly an area to look at. >> A lot of the customers we've talked to have said, we've basically shut down spending on some of the large projects. We're still focusing on some digital transformation, but that's maybe a longer term priority. And then the IBM piece of this chart, guys, if you could bring it back is interesting to me because look, they paid 34 billion for Red Hat. I've always said a key to the Red Hat acquisition was being able to point it at the large consulting base and modernize those applications. IBM actually had a pretty good quarter in services. Although they did mention that respect especially in software that in the month of the quarter software spending shutdown. I don't think we got visibility that this piece of the business, but this could be, somewhat of a concern going forward. I think that's going to be one of the areas that gets slow rolled coming back, Sagar. I don't think it's going to come back tomorrow. So please your thoughts. >> Just to kind of quickly wrap up IBM. So yeah, one of the things we kind of saw in the data was not only eroding spending intention data on a lot of their SaaS portfolio but also eroding market share. And we saw big down takes on Red Hat products and IT services. Even in cloud. And I know they indicated pretty healthy numbers on Red Hat and cloud. But again, we're asking about 2020, forward-looking spending intentions. And of course they pulled their guidance. So we don't know how that's going to look. But in our data, things are really coming down versus three months ago. And so I think just overall, that is a data set that we're quite negative one. >> I think IBM has that sense. Like I said, March was not good for software. That's when the big deals come through. You're right. Red Hat, I think route 20% in the quarter and is now accredited from a cashflow basis, which is one of their targets. I think they beat their target there. Still good cashflow. But I think there's just so much uncertainty, And IBM have to be prepared for that and I'm sure will. That we're at minus 5% now. We're seeing cloud SaaS, we're seeing a bifurcation. We talked about some of the areas that are in trouble. That's kind of part one. Next week we'll be talking about part two. What can we expect? >> Yeah, we'll start going through networking, CDN, ITSM, IT workflows, database, data warehousing, and we'll kind of go through that as well. But again, you're going to see a lot of what we talked about today. Just the bifurcation span where, vendors that are more next gen, more work-from-home friendly like all of the SaaS guys, they're doing really well. And on the on-prem and the legacy, you're just seeing elevated replacements, elevated decreased rates. This is the most bifurcated, I've seen this data set and I've been doing this at ETR for, almost seven, probably going on eight years now. So I think that kind of says something about the environment that we're in and what to kind of expect in the next three to six months. >> And it's kind of like the stock market is right now. You're actually seeing, some great momentum in certain stocks and terrible in others. Those were great balance sheets and maybe COVID is a tailwind for them. Others, tons of uncertainty, a lot of concern. I know in poking around the data set, like you said, some of the analytics, the data warehouses, you see Snowflake, UiPath, Automation Anywhere. A lot of the automation, RPA, momentum is there. Security, we talked about that. There's some real bright spots there but a lot of the on-prem stuff. We'll see product cycles affect that, in the second half of of 2020. We'll continue to report on this Sagar. Thank you so much for we're coming on and we'll definitely see you next week. >> Thanks for having me again, Dave. Looking forward. >> All right, and thank you for watching, this CUBE insights powered by ETR. We will see you next time. Don't forget, all these episodes are available as podcasts, wherever you listen. Go to etr.plus, checkout what's happening there. Siliconangle.com has all the news I publish in there weekly. I also publish on wikibond.com. Thanks for watching this breaking analysis. This is Dave Vellante and Sagar Kadakia, we'll see you next time. (upbeat music)

>> From the SiliconANGLE Media office in Boston, Massachusetts, it's theCUBE. Now, here's your host, Dave Vellante. >> Hello, everyone, and welcome to this week's Cube Insights, powered by ETR. Today is November 8, 2019 and I'd like to address one of the most important topics in the minds of a lot of executives. I'm talking about CEOs, CIOs, Chief Information Security Officers, Boards of Directors, governments and virtually every business around the world. And that's the topic of cyber security. The state of cyber security has changed really dramatically over the last 10 years. I mean, as a cyber security observer I've always been obsessed with Stuxnet, which the broader community discovered the same year that theCUBE started in 2010. It was that milestone that opened my eyes. Think about this. It's estimated that Stuxnet cost a million dollars to create. That's it. Compare that to an F-35 fighter jet. It costs about $85-$100 million to build one. And that's on top of many billions of dollars in R&D. So Stuxnet, I mean, it hit me like a ton of bricks. That the future of war was all about cyber, not about tanks. And the barriers to entry were very, very low. Here's my point. We've gone from an era where thwarting hacktivists was our biggest cyber challenge to one where we're now fighting nation states and highly skilled organized criminals. And of course, cyber crime and monetary theft is the number one objective behind most of these security breaches that we see in the press everyday. It's estimated that by 2021 cyber crime is going to cost society $6 trillion in theft, lost productivity, recovery costs. I mean, that's just a staggeringly large number. It's even hard to fathom. Now, the other C-change is how organizations have had to respond to the bad guys. It used to be pretty simple. I got a castle and the queen is inside. We need to protect her, so what do we do? We built a mote, put it around the perimeter. Now, think of the queen as data. Well, what's happened? The queen has cloned herself a zillion times. She's left the castle. She's gone up to the sky with the clouds. She's gone to the edge of the kingdom and beyond. She's also making visits to machines and the factories and hanging out with the commoners. She's totally exposed. Listen, by 2020, there's going to be hundreds of billions of IP addresses. These are going to be endpoints and phones, TVs, cameras, tablets, automobiles, factory machines, and all these represent opportunities for the bad guys to infiltrate. This explosion of endpoints that I'm talking about is created massive exposures, and we're seeing it manifest itself in the form of phishing, malware, and of course the weaponization of social media. You know, if you think that 2016 was nuts, wait 'til you see how the 2020 presidential election plays out. And of course, there's always the threat of ransomware. It's on everybody's minds these days. So I want to try to put some of this in context and share with you some insights that we've learned from the experts on theCUBE. And then let's drill into some of the ETR data and assess the state of security, the spending patterns. We're going to try to identify some of those companies with momentum and maybe some of those that are a little bit exposed. Let me start with the macro and the challenged faced by organization and that's complexity. Here's Robert Herjavec on theCUBE. Now, you know him from the Shark Tank, but he's also a security industry executive. Herjavec told me in 2017 at the Splunk.com Conference that he thought the industry was overly complex. Let's take a look and listen. >> I think that the industry continues to be extremely complicated. There's a lot of vendors. There's a lot of products. The average Fortune 500 company has 72 security products. There's a stat that RSA this year, that there's 1500 new security start-ups every year. Every single year. How are they going to survive? And which ones do you have to buy because they're critical and provide valuable insights? And which ones are going to be around for a year or two and you're never going to hear about again? So it's a extremely challenging complex environment. >> So it's that complexity that had led people like Pat Gelsinger to say security is a do-over, and that cyber security is broken. He told me this years ago on theCUBE. And this past VM World we talked to Pat Gelsinger and remember, VMware bought Carbon Black, which is an endpoint security specialist, for $2.1 billion. And he said that he's basically creating a cloud security division to be run by Patrick Morley, who is the Carbon Black CEO. Now, many have sort of questioned and been skeptical about VMware's entrance into the space. But here's a clip that Pat Gelsinger shared with us on theCUBE this past VM World. Let's listen and we'll come back and talk about it. >> And this move in security, I am just passionate about this, and as I've said to my team, if this is the last I do in my career is I want to change security. We just not are satisfying our customers. They shouldn't put more stuff on our platforms. >> National defense issues, huge problems. >> It's just terrible. And I said, if it kills me, right, I'm going to get this done. And they says, "It might kill you, Pat." >> So this brings forth an interesting dynamic in the industry today. Specifically, Steven Smith, the CISO of AWS, at this year's Reinforce, which is their security conference, Amazon's big cloud security conference, said that this narrative that security is broken, it's just not true, he said. It's destructive and it's counterproductive. His and AWS's perspective is that the state of cloud security is actually strong. Kind of reminded me of a heavily messaged State of the Union address by the President of the United States. At the same time, in many ways, AWS is doing security over. It's coming at it from the standpoint of a clean slate called cloud and infrastructure as a surface. Here's my take. The state of security in this union is not good. Every year we spend more, we lose more, and we feel less safe. So why does AWS, the security czar, see if differently? Well, Amazon uses this notion of a shared responsibility security model. In other words, they secure the S3 buckets, maybe the EC2 infrastructure, not maybe, the EC2 infrastructure. But it's up to the customer to make sure that she is enforcing the policies and configuring systems that adhere to the EDIX of the corporation. So I think the shared security model is a bit misunderstood by a lot of people. What do I mean by that? I think sometimes people feel like well, my data's in the cloud, and AWS has better security than I do. Here I go, I'm good. Well, AWS probably does have better security than you do. Here's the problem with that. You still have all these endpoints and databases and file servers that you're managing, and that you have to make sure comply with your security policies. Even if you're all on the cloud, ultimately, you are responsible for securing your data. Let's take a listen to Katie Jenkins, the CISO of Liberty Mutual, on this topic and we'll come back. >> Yeah, so the shared responsibility model is, I think that's an important speaking point to this whole ecosystem. At the end of the day, Liberty Mutual, our duty is to protect policyholder data. It doesn't matter if it's in the cloud, if it's in our data centers, we have that duty to protect. >> It's on you. >> All right, so there you have it from a leading security practitioner. The cloud is not a silver bullet. Bad user behavior is going to trump good security every time. So unfortunately the battle goes on. And here's where it gets tricky. Security practitioners are drowning in a sea of incidents. They have to prioritize and respond to, and as you heard Robert Herjavec say, the average large company has 75 security products installed. Now, we recently talked to another CISO, Brian Lozada, and asked him what's the number one challenge for security pros. Here's what he said. >> Lack of talent. I mean, we're starving for talent. Cyber security's the only field in the world with negative unemployment. We just don't have the actual bodies to actually fill the gaps that we have. And in that lack of talent CISOs are starving. We're looking for the right things or tools to actually patch these holes and we just don't have it. Again, we have to force the industry to patch all of those resource gaps with innovation and automation. I think CISOs really need to start asking for more automation and innovation within their programs. >> So bottom line is we can't keep throwing humans at the problem. Can't keep throwing tools at the problem. Automation is the only way in which we're going to be able to keep up. All right, so let's pivot and dig in to some of the ETR data. First, I want to share with you what ETR is saying overall, what their narrative looks like around spending. So in the overall security space, it's pretty interesting what ETR says, and it dovetails into some of the macro trends that I've just shared with you. Let's talk about CIOs and CISOs. ETR is right on when they tell me that these executives no longer have a blank check to spend on security. They realize they can't keep throwing tools and people at the problem. They don't have the bodies, and as we heard from Brian Lozada. And so what you're seeing is a slowdown in the growth, somewhat of a slowdown, in security spending. It's still a priority. But there's less redundancy. In other words, less experimentation with new vendors and less running systems in parallel with legacy products. So there's a slowdown adoption of new tools and more replacement of legacy stuff is what we're seeing. As a result, ETR has identified this bifurcation between those vendors that are very well positioned and those that are losing wallet share. Let me just mention a few that have the momentum, and we're going to dig into this data in more detail. Palo Alto Networks, CrowdStrike, Okta, which does identity management, Cisco, who's coming at the problem from its networking strength. Microsoft, which recently announced Sentinel for Azure. These are the players, and some of them that are best positioned, I'll mention some others, from the standpoint spending momentum in the ETR dataset. Now, here's a few of those that are losing momentum. Checkpoint, SonicWall, ArcSight, Dell EMC, which is RSA, is kind of mixed. We'll talk about that a little bit. IBM, Symantec, even FireEye is seeing somewhat higher citations of decreased spending in the ETR surveys and dataset. So there's a little bit of a cause for concern. Now, let's remember the methodology here. Every quarter ETR asks are you green, meaning adopting this vendor as new or spending more? Are you neutral, which is gray, are you spending the same? Or are you red, meaning that you're spending less or retiring? You subtract the red from the green and you get what's called a net score. The higher the net score, the better. So here's a chart that shows a ranking of security players and their net scores. The bars show survey data from October '18, July '19, and October '19. In here, you see strength from CrowdStrike, Okta, Twistlock, which was acquired by Palo Alto Networks. You see Elastic, Microsoft, Illumio, the core, Palo Alto Classic, Splunk looking strong, Cisco, Fortinet, Zscaler is starting to show somewhat slowing net score momentum. Look at Carbon Black. Carbon Black is showing a meaningful drop in net score. So VMware has some work to do. But generally, the companies to the left are showing spending momentum in the ETR dataset. And I'll show another view on net score in a moment. But I want to show a chart here that shows replacement spending and decreased spending citations. Notice the yellow. That's the ETR October '19 survey of spending intentions. And the bigger the yellow bar, the more negative. So Sagar, the director of research at ETR, pointed this out to me, that, look at this. There are about a dozen companies where 20%, a fifth of the customer base is decreasing spend or ripping them out heading into the year end. So you can see SonicWall, CA, ArcSight, Symantec, Carbon Black, again, a big negative jump. IBM, same thing. Dell EMC, which is RSA, slight uptick. That's a bit of a concern. So you can see this bifurcation that ETR has been talking about for awhile. Now, here's a really interesting kind of net score. What I'm showing here is the ETR data sorted by net score, again, higher is better, and shared N, which is the number of shared accounts in the survey, essentially the number of mentions in that October survey with 1,336 IT buyers responded. So how many of that 1,300 identified these companies? So essentially it's a proxy for the size of the install base. So showing up on both charts is really good. So look, CrowdStrike has a 62% net score with a 133 shared account. So a fairly sizable install base and a very high net score. Okta, similar. Palo Alto Networks and Splunk, both large, continue to show strength. They got net scores of 44% and 313 shared N. Fortinet shows up in both. Proofpoint. Look at Microsoft and Cisco. With 521 and 385 respectively on the right hand side. So big install bases with very solid net scores. Now look at the flip side. Go down to the bottom right to IBM. 132 shared accounts with a 14.4% net score. That's very low. Check Point similarly. Same with Symantec. Again, bifurcation that ETR has been citing. Really stark in this chart. All right, so I want to wrap. In some respects from a practitioner perspective, the sky erectus is falling. You got increased attack surface. You've got exploding number of IP addresses. You got data distributed all over the place, tool creep. You got sloppy user behavior, overwork security op staff, and a scarcity of skills. And oh, by the way, we're all turning into a digital business, which is all about data. So it's a very, very dangerous time for companies. And it's somewhat chaotic. Now, chaos, of course, can mean cash for cyber security companies and investors. This is still a very vibrant space. So just by the way of comparison and looking at some of the ETR data, check this out. What I'm showing is companies in two sectors, security and storage, which I've said in previous episodes of breaking analysis, storage, and especially traditional storage disk arrays are on the back burner spending wise for many, many shops. This chart shows the number of companies in the ETR dataset with a net score greater than a specific target. So look, security has seven companies with a 49% net score or higher. Storage has one. Security has 18 above 39%. Storage has five. Security has 31 companies in the ETR dataset with a net score higher than 30%. Storage only has nine. And I like to think of 30% as kind of that the point at which you want to be above that 30%. So as you can see, relatively speaking, security is an extremely vibrant space. But in many ways it is broken. Pat Gelsinger called it a do-over and is affecting a strategy to fix it. Personally, I don't think one company can solve this problem. Certainly not VMware, or even AWS, or even Microsoft. It's too complicated, it's moving too fast. It's so lucrative for the bad guys with very low barriers to entry, as I mentioned, and as the saying goes, the good guys have to win every single day. The bad guys, they only have to win once. And those are just impossible odds. So in my view, Brian Lozada, the CISO that we interviewed, nailed it. The focus really has to be on automation. You know, we can't just keep using brute force and throwing tools at the problem. Machine intelligence and analytics are definitely going to be part of the answer. But the reality is AI is still really complicated too. How do you operationalize AI? Talk to companies trying to do that. It's very, very tricky. Talk about lack of skills, that's one area that is a real challenge. So I predict the more things change the more you're going to see this industry remain a game of perpetual whack a mole. There's certainly going to be continued consolidation, and unquestionably M&A is going to be robust in this space. So I would expect to see continued storage in the trade press of breaches. And you're going to hear scare tactics by the vendor community that want to take advantage of the train wrecks. Now, I wish I had better news for practitioners. But frankly, this is great news for investors if they can follow the trends and find the right opportunities. This is Dave Vellante for Cube Insights powered by ETR. Connect with me at David.Vellante@siliconangle.com, or @dvellante on Twitter, or please comment on what you're seeing in the marketplace in my LinkedIn post. Thanks for watching. Thank you for watching this breaking analysis. We'll see you next time. (energetic music)

(upbeat music) >> From our studios in the heart of Silicon Valley, Palo Alto, California, this is a CUBE conversation. >> Hi, and welcome to theCUBE Studios, for another CUBE Conversation, where we go in-depth with thought leaders driving innovation across the tech industry. I'm your host, Peter Burris. One of the banes of every enterprise is complexity, especially in the security world. The more devices, the more things, the greater the surface attack areas. One of the biggest or best approaches to reducing the challenges of security is to try to increase the overall simplicity of what it is you're trying to secure and the practices that you use. Now, today to talk about that, we're here with Ken Athanasiou, who is the VP and CISO of AutoNation. Ken, welcome to theCUBE! >> Thanks, thanks for having me. >> So I said up front that challenges of complexity and simplicity are very real, we're going to get into that, but let's start with AutoNation. Tell us a little bit about AutoNation, tell us a little bit about yourself. >> Sure, so AutoNation is the nation's largest new car dealership, we have about 300 dealerships across the country, we're all North American-based. We sell thousands of cars a year and we're about a $22 billion a year business. >> Well that's pretty sizable, and as a company that has to actually deliver something physical, it means you have a pretty broad network of locations where AutoNation has to operate. Have I got that right? >> Yeah that's correct. We have, as I said, about 300 different locations across the country. We also have about seven parts distribution centers, we have collision centers where we actually repair vehicles that have been involved in accidents as well, so it's an extensive network. >> So AutoNation is a company that requires a fair amount of security, you're taking a lot of personal and private information from your customers, you're enacting or effecting pretty significant transactions, at least in their lives, tell us a little bit about some of the challenges that AutoNation was facing and what you had to do to reduce the complexity of your overall security stance. >> Sure, so I've been with the organization about not quite five years now, I'm actually the first CSO that the organization has had, and I was brought in because they had a small breach of a third-party company that was handling some of their customer information. That obviously is enough to raise the awareness of the executives, the general counsel, et cetera. So the focus was to ensure that they were being as diligent as necessary, so they, at the recommendation of an outside party, hired in me to build a cybersecurity program. One of the first things I noticed when I got here was that each of the independent locations, the store locations, had an Internet point of presence as well as a circuit back to our data centers. Those Internet points of presence were protected with fairly antiquated software techniques, so that was kind of exposing some significant risk to the organization. That was one of the main problems that I had to solve the first few months. >> So you had Internet in, you had points of presence and then you had connections back to the data center which meant that someone could, if they breached one of those POPs, one of those dealerships, could actually effect a fair amount of chaos within your overall corporate network and application infrastructure, have I got that right? >> Yeah, absolutely, and obviously as a car dealership we take credit applications from folks on a daily basis. Those applications contain pretty significant privacy information, and basically have most everything you need to be able to compromise someone's identity, steal their identity, and/or commit all sorts of different fraud activities. So we take that very seriously, and while we do treat our stores' environment not as untrusted but we do segment our stores' environment from our back-end systems. That lack of adequate perimeter protection in the stores was a significant risk. >> So you come in, you look at the situation, a fair amount of locations where problems could arise, a fair amount of personal data that, if compromised, would affect your brand. Ken, how did you think through the way forward? >> Sure, so the traditional approach to an Internet point of presence is to put a firewall in place. And then of course, you put a web proxy in place, and then you put an SSL interceptor in place and then you put some network-based malware detection engine in place, and then your layer on these controls, until you get to the point where, hey, we think we're okay. The cost associated with doing that sort of thing at 300 different locations, not just the cost of purchasing and implementing a small stack of iron at every one of those locations, but then the ongoing costs of trying to manage it, most of these devices, you're not intended to actually run 300 of these devices across the country, so managing them, replacing them when they fail, it was something that was a pretty significant challenge, so we decided it was time to think outside the box, and look for something that was cloud-based, that we could leverage across the entire enterprise, with much less investment in resources. >> So, what you looked at was this large number of devices, the inability to put talent close to them, which would have led to both a lot of cost in the actual devices and a lot of uncertainty in their operation. You looked at using the Internet as a way of securing the points of presence themselves. What direction did you take? >> So we started looking at cloud-based services. I'd been in discussions with a couple of these folks while I was at my previous engagement. I was at American Eagle Outfitters as their CSO for about seven years. But that organization was very much a hub-and-spoke environment, and we were backhauling all of the traffic from the stores to the data center and then out to the Internet. The environment at AutoNation is significantly different, that I think a much more modern approach of having local breakouts at the stores, taking advantage of the capacity of the Internet, that sort of thing, but to do that, your privacy requires that you still control those, so we started looking at cloud-based services. We looked at Zscaler, we looked at Blue Coat, we looked at Websense, we looked at Cisco stuff, and we also looked at some of the hardware-based solutions, such as SonicWall and some of the Palo Alto devices. We didn't immediately discount the idea that, hey maybe hardware in each of these stores like a sub-host, small home-office device, would work for us, but it became quickly apparent that an Internet-based cloud solution was the right way to go. >> And you chose Zscaler. >> We did, we did. When we were going through the evaluation and looking at the various products, Zscaler definitely had the most complete solution. Most of the other products were not truly a full protocol next generation firewall in-the-cloud solution. Some of the solutions were quote unquote cloud-based, but they basically were talking about putting a virtual instance or multiple virtual instances of a firewall in the cloud, right, which was actually just somebody else's data center, and then pumping that traffic through those virtual instances. That would have reduced the number of instances that we would had to have managed significantly, but it would still be a traditional hardware-based firewall approach just stuck into someone else's data center, as a quote unquote cloud solution. So Zscaler really had the most comprehensive of all the solutions that we looked at. We started to pilot it and roll things out and it was working very very well. >> So right now you've got Zscaler to handle your endpoint security from a cloud-based solution. How's that changed your security posture? Let's start there. >> As soon as we started rolling Zscaler out, as a prophylactic around the environment, it gave us some pretty excellent visibility. We were running McAfee Antivirus at the time, we were using Microsoft SCCM to do patching, we were doing a number of other things in the environment. As soon as we rolled Zscaler out, we started getting the visibility into the traffic, we started really seeing what was actually happening in our environment. It was very clear that those solutions were significantly deficient. We were seeing commodity malware infections happen on a fairly regular basis. We were seeing bot traffic originating from our systems. It was obvious that our internal controls were not where they needed to be. Using that as empirical evidence, right, and taking that to my executives and my risk committee, it was very easy to justify additional investments in other security tools to really clean up the environment. We deployed a brand-new endpoint protection solution, we deployed a brand-new solution for management and patching of the endpoints. We made a lot of very significant changes in the environment, and all of that was generated out of the visibility we got from pumping all that client traffic through Zscaler. >> Well it sounds like Zscaler has had a significant impact on the overall security posture of AutoNation. How's made your CSO feel? >> Yeah well I can sleep at night for the most part. Whenever you get into a new organization, you get a perspective on the level of risk that you're subjected to. Your reaction is along a spectrum, and it's either complete panic to oh, okay, this isn't so bad. I will say that I wasn't in complete panic when I got down here and fully understood the situation, but I will say that I wasn't on the oh, it's not too bad side of the spectrum either. There's a significant amount of work that needed to be done, and again, I can't stress how much that visibility actually helped us drive new controls into the environment. >> Ken Athanasiou talking about the impact of Zscaler and how it simplified the security posture of AutoNation. Thanks very much for being on theCUBE! >> Thanks very much for having me. >> Once again I'm Peter Burris. This has been another CUBE Conversation, see you next time! (upbeat music)

(upbeat music) >> From our studios in the heart of Silicon Valley, Palo Alto, California, this is a Cube conversation. >> Welcome back, everybody, Jeff Frick here with the Cube. We're in our Palto Alto studios today for a Cube conversation, kind of an interesting conversation around trying to connect big enterprises who are always trying to be innovative with small companies who are usually innovative but don't necessarily have the connections the big companies that have a little bit more resources and might be interested in the things that they're working on. Really doing that through podcasts, which is a really growing venue. It's been going on for a while, but we're seeing a big uptake in, I think, the consumption of podcasts, who's doing podcasts, the brands behind podcasts. So we're really happy to have them all the way from Texas. It's Erin Gregor and Syya Yasotornrat, the cofounders of Innovation Calling. So welcome. >> Thank you for having us. >> Thank for having us. >> Absolutely, so did I get the description right of Innovation Calling, or give everyone kind of your overview of what you guys are up to. >> Yeah, so Innovation Calling was developed with the fact of there's, being in Dallas, we've got a lot of large corporations with innovation labs. They're trying to stand out. They're trying to connect with great talent, but a lot of these people, everybody's got an innovation lab, and we've talked about this before. If you're in the Fortune 500, you are a tech company whether you like it or not. And so we just saw this potential to highlight these companies to be able to hopefully get talent. And then on the other side enterprise companies are trying to connect with start-ups, established start-ups, not ideas, but established and there's a lot to sift through. Hopefully the goal of the podcast is to highlight these companies and help with that sifting and help with the talent pool and really connecting the creators with the companies that are trying to create. >> What's kind of the objective of that matching 'cause clearly it's not a hiring, you're not a hiring service. >> Right. >> You're talking about companies, not people, so what's kind of the objective? What's kind of your best case if this connection works? >> So for us our best case scenario is, obviously, we are at the forefront of innovation with emerging technologies today. Obviously Silicon Valley has a lot of talent and a lot of corporations already in that space, but when you think of the mid-tier, second-tier cities like Dallas, for example, you don't have as many tech workers, but there's still need for that type of talent, right? >> Right. >> With podcasting as our venue and medium to communicate that, we also realized that there was a great potential for these corporations to leverage podcasting as a way to communicate and do their outreach. Again, we're on those mid-tier second-tier cities where you might not have the plethora of folks here in the Bay Area. >> Right, right, but even if they connect with that company, are you thinking that there's going to be some type of technical alliance, some type of partnership, an OEM agreement, or what again kind of if you're pitching this to the small company, what am I like "Yay! You're finally getting" Ya know I listened to your podcast the other day. You had a woman on from Erickson, and I'm building some 5G widget. What's kind of my anticipated outcome of participating and kind of following your funnel and connecting with Erickson? >> So we have a couple of different ways. First of all, we can through us, we've actually made a lot of handshakes, so that's what I love to do is help create the handshakes and we've done that personally. The other side is we are taking the next step and doing live events. So that podcast that you talked about was a series of women in tech leadership where it's not just a live podcasting event but a networking event. So we're really taking the next step in creating these opportunities that you can be in the same room more exclusive type room that we're putting together, a lot of invite only perspective, but helping to make those connections where I see somebody from Erickson is going to be there, I want to make sure and now I can actually be in person and make that happen too. >> Okay. Why podcast? How did you come to use podcast as kind of your medium? >> So I think there's been a tradition in the last five six years that podcast does have the potential to blow up. I think now in 2019 we've actually hit that threshold where there's actually consumer response and with enough studies what they've discovered is most podcast listeners are actually educated business professionals. They tend to lean towards technology, yet you don't see a lot of technology-branded podcasts. And so we looked at the market. A lot of hobbyist type and personal branded podcasts, but we think now is the right time for corporations to make the investment to understand that the medium of traditional advertising is actually evolving and podcast is leading that forefront. You're seeing a lot of huge investments. Actually here there's a hundred million dollar plus investments for the purpose of growing the podcast community. >> Is that for the infrastructure? Or is that for the actual talent and the community and the content generation? >> Yes, the answer is yes, it's everything. (laughter) A company that does a lot of production but builds the community too. >> So I listen to Malcolm Gladwell's all the time. We got to interview him at Quickbooks Connect a couple years ago. You know, really interesting podcast. There's guys like Joe Rogan and stuff that obviously got a ton of great pub when he had Elon Musk on, who smoked not really a joint but kind of a joint and that, but I'm curious on the business side, are there some kind of lighthouse podcasts that you guys see that you use either as an example for what you're trying to develop or as an example to show? I'm just going to keep using Erickson just 'cause it's top of mind from what I just watched. To show them to say hey this is the type of thing that you guys should be trying to do. Who are some of your favorites? >> I'm a big fan of Hackable McAfee that has rolled out. When you think of tech branding and that is what we do focus on is technology based corporations, we tend to lead toward speeds and feeds. That's kind of our, we're engineered background folks in general, right? But I thought Hackable does a great job of pulling in some technology but then using stories or using events of being hacked, for example, something that the audience can relate to. And it's a storytelling, and that's the story arc that I think in general we're helping corporations understand the value of storytelling. It's not just about a product. It's not just selling a cup per se, but the story around it. How good that cup of coffee will feel when you drink it or you know, the experience or memories that you have it evokes. >> So how far are you along on your journey? You have a number of podcasts up already on your site. Are you the first inning, the third inning, is this still kind of early days or where are you in your development of your concept and your company? >> Well, we have a couple of different components to our business, so the podcast has What I was telling you about too we have a network component, we've got a consulting services. Our goal for Innovation Calling was let's first prove the concept. Let's plug into a network. Let's make sure we We'll be the test case essentially, and we've proven that. So from that perspective of that component, we're hitting, we're almost at 100,000 downloads of our podcasts. You know, we're doing pretty well with that. And now as we build it's the next component, so we're bringing on a couple customers from a consulting basis and we help not just with the production but with the promotion. So you spoke earlier about, I always kind of look at if the tree falls in the forest but no one was there to hear it, did it actually happen? I feel that saying fits with a lot of corporate podcasts. They're out there, but no one knows they're out there. So are you going to continue spending that kind of money on production and time with your employees if you're not going to do anything to promote it. And no one knows it exists? So we help on both sides of that scale. >> So on your podcast, which has been the women in tech theme, is that kind of the theme you're going to continue, or is that kind of a launching thing and you're going to turn into other themes? >> That's just a component. So Innovation Calling, there's men on the actual podcast. But we started that specific series to yes talk about the technology perspective of women, but how did you get there? What's your story of growing? So that's just a segment of that podcast again to bring in to really theme the live events to help grow that community on a segment basis? So as that grows, our goal is to do a couple different other types of segments. We talked about a channel. The idea of that yesterday with a client, so we want to actually take the bigger part of Innovation Calling and niche it down bit by bit on the live event scale. >> And then on the event side, how often are you doing them? What's the format, how many people, frequency, and what's the format? >> Syya is ready to go. >> She's ready to go. >> Let me tell you, I'm ready to go. First off, there's wine and hors d'oeuvres, so if we can't wine you and dine you I suppose, but no, really again we're about building community first and foremost. The Dallas Fort Worth area is making great strides in the entrepreneurial side. Big investments to get major corporations to come in the area, so we think this is a great opportunity for these folk to come together. A lot of folks from outside of town, who are looking to build their network again because they've been relocated. And then, you know, our themes. Women in technology is our first theme because, quite frankly we're sort of biased a little bit towards that. >> Well it's a good theme. >> Got to help our people. >> But again it is a very casual format right now. It's interview-based. >> Is it a hundred people? Five hundred people? >> We actually started and we want it to be intimate. We want the value of the network to actually make genuine connections as opposed to if it gets too large, I feel like some individual might be left off the side. So we actually started off our very first one that sold out was forty people and we did not want more than that in a room. Quite frankly then it gets claustrophobic. >> What about frequency? >> Once a month. >> Once a month. >> Our goal is to keep the size about 75-100 of those, max out at 100, but make sure to Syya's point keep them at an intimate scale. >> What about geography? Obviously you guys are based out of Dallas Fort Worth area. You're here in Silicon Valley. What's kind of your geographic plan? How do you see this kind of evolving? >> Absolutely. We would love to share this across the United States. Again we want to make sure Dallas is viable, proves a point. It is a second-tier city versus something like the Silicon Valley area or Chicago, New York, etc. We are not trying to create a brand new women in technology group, if you will. We're actually working in collaboration with existing women technology groups. We're just simply leveraging the networking opportunity through live podcasting. Again, growing the podcast medium. >> Yeah, I would say by early 2020 our goal is to be in, to come out here and to be able to have an audience to do a live event. We actually had drinks with someone last night about that collaboration, so we'd love to grow it on a perspective and be able to do it in different communities 'cause I've been podcasting for about five years through other businesses and the live event, it's just really. I mean you know you do live interviews. >> I do a lot of live events. >> There's just something special about that connection and then being there live to do the interview. It's a really fun format. >> Right. So do you have any upcoming guests you can plug or share with us today on your next couple podcasts? >> Our next event is actually April 9th. (laughter) (mumbles) April 9th and we're going to have Crystal Christensen, VP of Tech Support at SonicWall. We're very excited to have her onboard. We're still in confirmation, but we're going to be expecting folks from SalesForce, HPE, and Facebook for our next events. >> Okay, great. Where do people go to listen to the podcasts? >> Innovationcalling.com >> All right. Well Syya, Erin, thanks for stopping by. Hopefully you have a good successful couple of days in Silicon Valley and safe travels home. >> Thank you. >> Thank you very much for having us, Jeff. Appreciate it. >> She's Erin, she's Syya, I'm Jeff. You're watching the Cube. We're at our Palo Alto studios for our Cube conversation. Thanks for watching. We'll catch ya next time. (upbeat music)