>>Hey everyone, and welcome back to The Cube's live coverage of AWS Reinvented 2022 Live from the Venetian Expo in Las Vegas. We're happy to be back. This is first full day of coverage over here last night. We've got three full days of coverage in addition to last night, and there's about 50,000 people here. This event is ready, people are ready to be back, which is so exciting. Lisa Martin here with Paul Gill and Paul, it's great to be back in person. Great to be hosting with you >>And likewise with you, Lisa. I think the first time we hosted again, >>It is our first time exactly. >>And we come here to the biggest event that the cube ever does during the year. >>It's the Super Bowl of the >>Cube. It's it's elbow to elbow out there. It's, it's, it's full tackle football, totally on the, on the floor of reinvent. And very exciting. This, you know, I've been to a lot of conferences going back 40 years, long as I can remember. Been going to tech conferences. This one, the, the intensity, the excitement around this is really unusual. People are jazzed, they're excited to be here, and that's great to see, particularly coming back from two years of isolation. >>Absolutely. The energy is so palpable. Even yesterday, evening, afternoon when I was walking in, you just feel it with all the people here. You know, we talk to so many different companies on the Q Paul. Every company these days has to be a data company. The most important thing about data is making sure that it's backed up and it's protected, that it's secure, that it can be recovered if anything happens. So we're gonna be having a great conversation next about data resiliency with one of our alumni. >>And that would be Rick Scott, Rick, excuse me, Rick Scott, >>Rick Clark. Rick Clark, say Rick Scott, cloud sales Veritas. Rick, welcome back >>To the program. Thank you. Thank you so much. It's a pleasure being here, you know, thank you so much. You're definitely very excited to myself and 40,000 of my closest cousins and friends all in one place. Yep. Or I could possibly go wrong, right? So >>Yeah, absolutely nothing. So, Rick, so Veritas has made some exciting announcements. Talk to us about some of the new things that you've >>Unveiled. Yeah, we've been, we've been incredibly busy and, you know, the journey that we've been on, one of the big announcement that we made about three or four weeks ago is the introduction, really, of a brand new cloud native data management platform that we call Veritas Alta. And this is a journey that we've been on for the better part of seven years. We actually started it with our, our flex appliances. We continued, that was a containerization of our traditional net backup business in, into a highly secured appliance that was loved by our customers. And we continued that theme and that investment into what we call a scale out and scale up form factor appliance as well, what we called flex scale. And then we continued on that investment theme, basically spending over a billion dollars over that seven year journey in our cloud native. And we call that basically the Veritas altar platform with our cloud native platform. And I think if you really look at what that is, it truly is a data management platform. And I emphasize the term cloud native. And so our traditional technologies around data protection, obviously application resiliency and digital compliance or data compliance and governance. We are the only, the first and only company in the world to provide really a cloud optimized, cloud native platform, really, that addresses that. So it's been fun, it's been a fun journey. >>Talk a little bit about the customer experience. I see over 85% of the Fortune 100 trust Veritas with their data management. That's >>A big number. Yeah. Yeah. It's, it is incredible actually. And it really comes back to the Veritas older platform. We sort of built that with, with four tenants in mind, all driving back to this very similar to AWS's customer obsession. Everything we do each and every day of our waiting moments is a Veritas employee is really surrounds the customer. So it starts with the customer experience on how do they find us to, how do they procure our solutions through things like AWS marketplace and how do they deploy it? And the second thing is around really cost optimization, as we know, you know, to, to say that companies are going through a digital transformation and moving workloads to the cloud. I mean, I've got customers that literally were 20% in cloud a year ago and 80% a year later, we've never seen that kind of velocity. >>And so we've doubled down on this notion of cost optimization. You can only do that with these huge investments that I talked about. And so we're a very profitable company. We've been around, got a great heritage of over 30 years, and we've really taken those investments in r and d to provide that sort of cloud native technology to ultimately make it elastic. And so everything from will spin up and spin down services to optimize the cloud bill for our customers, but we'll also provide the greatest workload support. You know, obviously on-prem workloads are very different from cloud workloads and it's almost like turning the clock back 20 years to see all of those new systems. There's no standard API like s and MP on the network. And so we have to talk to every single PAs service, every single DB PAs, and we capture that information and protect it. So it's really has been a phenomenal journey. It's been great. >>You said this, that that al represents a shift from clouds from flex scale to cloud native. What is the difference there? >>The, the main difference really is we took, you know, obviously our traditional product that you've known for many media years, net backup. It's got, you know, tens of millions of lines of code in that. And we knew if we lifted and shifted it up into the cloud, into an I AEs infrastructure, it's just not, it obviously would perform extremely well, but it wasn't cost optimized for our customer. It was too expensive to to run. And so what we did is we rewrote with microservices and containerization, Kubernetes huge parts of that particular product to really optimize it for the cloud. And not only have we done it for that technology, what we now call alter data protection, but we've done it across our entire port portfolio. That was really the main change that we made as part of this particular transition. And >>What have you done to prepare customers for that shift? Is this gonna be a, a drop in simple upgrade for them? >>Absolutely. Yeah. In fact, one of the things that we introduced is we, we invest still very heavily with regards to our OnPrem solutions. We're certainly not abandoning, we're still innovating. There's a lot of data still OnPrem that needs to move to the cloud. And so we have a unique advantage of all of the different workload supports that we provide OnPrem. We continue that expansion into the cloud. So we, we create it as part of the Veritas AL Vision, a technology, we call it AL view. So it's a single painter glass across both OnPrem and cloud for our customers. And so now they can actually see all of their data protection, all our application availability, single collect, all through that single unified interface, which is really game changing in the industry for us. >>It's game changing for customers too, because customers have what generally six to seven different backup technologies in their environment that they're having to individually manage and provision. So the, the workforce productivity improvements I can imagine are, are huge with Veritas. >>Yeah. You you nailed it, right? You must have seen my script, but Absolutely. I mean, I look at the analogy of, you think about the airlines, what's one of the first things airlines do with efficiency? South Southwest Airlines was the best example, a standardized on the 7 37, right? And so all of their pilots, all of their mechanics, all know how to operate the 7 37. So we are doing the same thing with enterprise data protection. So whether you're OnPrem at the edge or in the cloud or even multi-cloud, we can provide that single painter glass. We've done it for our customers for 30 plus years. We'll continue to do it for another 30 something years. And so it's really the first time with Veritas altar that, that we're, we're coming out with something that we've invested for so long and put, put such a huge investment on that can create those changes and that compelling solution for our customers. So as you can see, we're pretty pumped and excited about it. >>Yes, I can >>Use the term data management to describe Alta, and I want to ask about that term because I hear it a lot these days. Data management used to be database, now data management is being applied to all kinds of different functions across the spectrum. How do you define data management in Veritas >>Perspective? Yeah, there's a, we, we see it as really three main pillars across the environment. So one is protection, and we'll talk a little bit about this notion of ransomware is probably the number one use case. So the ability to take the most complex and the biggest, most vast applications. SAP is an example with hundreds of different moving parts to it and being able to protect that. The second is application resiliency. If, if you look at the cloud, there's this notion of, of responsibility, shared responsibility in the cloud. You've heard it, right? Yep. Every single one of the cloud service providers, certainly AWS has up on their website, this is what we protect, here's the demarcation line, the line in the sand, and you, the customer are responsible for that other level. And so we've had a technology, you previously knew it as InfoScale, we now call it alter application resiliency. >>And it can provide availability zone to availability zone, real time replication, high availability of your mission critical applications, right? So not only do we do the traditional backups, but we can also provide application resiliency for mission critical. And then the third thing really from a data management standpoint is all around governance and compliance. You know, ac a lot of our customers need to keep data for five, 10 years or forever. They're audited. There's regulations and different geographies around the world. And, and those regulations require them to be able to really take control of their cloud, take control of their data. And so we have a whole portfolio of solutions under that data compliance, data government. So back to your, your question Paul, it's really the integration and the intersection of those three main pillars. We're not a one trick pony. We've been at this for a long time, and they're not just new products that we invented a couple of months ago and brought to market. They're tried and tested with eight 80,000 customers and the most complex early solutions on the planet that we've been supporting. >>I gotta ask you, you know, we talked about those three pillars and you talked about the shared responsibility model. And think of that where you mentioned aws, Salesforce, Microsoft 365, Google workspace, whatnot. Are you finding that most customers aren't aware of that and haven't been protecting those workloads and then come to you and saying, Hey guys, guess what, this is what this is what they're responsible for. The data is >>You Yeah, I, it's, it's our probably biggest challenge is, is one of awareness, you know, with the cloud, I mean, how many times have you spoken to someone? You just put it in the cloud. Your applications, like the cloud providers like aws, they'll protect everything. Nothing will ever go down. And it's kind like if you, unless your house was ever broken into, you're probably not gonna install that burglar alarm or that fire alarm, right? Hopefully that won't be an event that you guys have to suffer through. So yeah, it's definitely, it wasn't till the last year or so the cloud service providers really published jointly as to where is their responsibility, right? So a great example is an attack vector for a lot of corporations is their SAS applications. So, you know, whether it it's your traditional SA applications that is available that's available on the web to their customers as a sas. >>And so it's certainly available to the bad actors. They're gonna, where there's, there's gonna be a point they're gonna try to get in. And so no matter what your resiliency plan is, at the end of the day, you really need to protect it. And protection isn't just, for example, with M 365 having a snapshot or a recycle bin, that's just not good enough. And so we actually have some pretty compelling technology, what we call ALTA SAS protection, which covers the, pretty much the, the gamut of the major SAS technologies to protect those and make it available for our customers. So yeah, certainly it's a big part of it is awareness. Yeah. >>Well, I understand that the shared responsibility model, I, I realize there's a lot of confusion about that still, but in the SaaS world that's somewhat different. The responsibility of the SaaS provider for protecting data is somewhat different. How, how should, what should customers know about that? >>I think, you know, the, the related to that, if, if you look at OnPrem, you know, approximately 35 to 40% of OnPrem enterprise data is protected. It's kind of in a long traditional problem. Everyone's aware of it. You know, I remember going to a presentation from IBM 20 something years ago, and someone held their push hand up in the room about the dis drives and says, you need to back it up. And the IBM sales guy said, no, IBM dis drives never crash. Right? And so fast forward to here we are today, things have changed. So we're going through almost a similar sort of changes and culture in the cloud. 8% of the data in the cloud is protected today, 8%. That's incredible. Meaning >>That there is independent backup devoted >>To that data in some cases, not at all. And something many cases, the customer just assumes that it's in the cloud, therefore it's always available. I never have to worry about protecting it, right? And so that's a big problem that we're obviously trying to, trying to solve. And we do that all under the umbrella of ransomware. That's a huge theme, huge investment that, that Veritas does with regards to providing that resiliency for our >>Customers. Ransomware is scary. It is becoming so prolific. The bad actors have access to technologies. Obviously companies are fighting them, but now ransomware has evolved into, no longer are we gonna get hit, it's when, yeah, it's how often it's what's the damage going to be. So the ability to help customers recover from ransomware, that resiliency is table stakes for businesses in any industry these days. Does that, that one of the primary pain points that your customers are coming to you with? >>It's the number one pain point. Yeah, it's, it's incredible. I mean, there's not a single briefing that our teams are doing customer meetings where that term ransomware doesn't come up as, as their number one use case. Just to give you something, a couple of statistics. There's a ransomware attack attack that happens 11 times a second right around the globe. And this isn't just, you know, minor stuff, right? I've got friends that are, you know, executives of large company that have been hit that have that some, you know, multimillion dollar ransom attack. So our, our play on this is, when you think about it, is data protection is the last line of defense. Yes. And so if they break through, it's not a case, Lisa, as you mentioned, if it's a case of when Yeah. And so it's gonna happen. So one of the most important things is knowing how do you know you have a gold copy, a clean copy, and you can recover at speed in some cases. >>We're talking about tens of thousands of systems to do that at speed. That's in our dna. We've been doing it for many, many years. And we spoke through a lot of the cyber insurance companies on this particular topic as well. And what really came back from that is that they're actually now demanding things like immutable storage, malware detection, air gaping, right? Anomaly detection is sort of core technologies tick the box that they literally won't ensure you unless you have those core components. And so what we've done is we've doubled down on that investment. We use AI in ML technologies, particularly around the anomaly detection. One of the, the, the unique and ne differentiators that Verto provides is a ransomware resiliency scorecard. Imagine the ability to save uran a corporation. We can come in and run our analytics on your environment and kind of give you a grade, right? Wouldn't you prefer that than waiting for the event to take place to see where your vulnerability really is? And so these are some of the advantages that we can actually provide for our customers, really, really >>To help. Just a final quick question. There is a, a common perception, I believe that ransomware is an on premise problem. In fact, it is also a cloud problem. Is that not right? >>Oh, absolutely. I I think that probably the biggest attack vector is in the cloud. If it's, if it's OnPrem, you've certainly got a certain line of defense that's trying to break through. But, you know, you're in the open world there. Obviously with SAS applications in the cloud, it's not a case of if, but when, and it's, and it's gonna continue to get, you know, more and more prevalent within corporations. There's always gonna be those attack factors that they find the, the flash wounds that they can attack to break through. What we are concentrating on is that resiliency, that ability for customers to recover at speed. We've done that with our traditional appliances from our heritage OnPrem. We continue to do that with regard to resiliency at speed with our customers in the cloud, with partners like aws >>For sure. Almost done. Give me your 30 seconds on AWS and Veritas. >>We've had a partnership for the better part of 10 years. It's incredible when you think about aws, where they released the elastic compute back in 2006, right? We've been delivering data protection, a data management solutions for, for the better part of 30 years, right? So, so we're, we're Junos in our space. We're the leader in, in data protection and enterprise data protection. We were on-prem. We, we continue to be in the cloud as AWS was with the cloud service provided. So the synergies are incredible. About 80 to 85% of our, our joint customers are the same. We take core unique superpowers of aws, like AWS outposts and AWS Glacier Instant retrieval, for example, those core technologies and incorporate them into our products as we go to Mark. And so we released a core technology a few months ago, we call it ultra recovery vault. And it's an air gap, a mutable storage, worm storage, right Once, right? You can't change it even when the bad actors try to get in. They're independent from the customer's tenant and aws. So we manage it as a managed backup service for our customers. Got it. And so our customers are using that to really help them with their ransomware. So it's been a tremendous partnership with AWS >>Standing 10 years of accounting. Last question for you, Rick. You got a billboard on the 1 0 1 in Santa Clara, right? By the fancy Verto >>1 0 1? >>Yeah. Right. Well, there's no traffic. What does that billboard say? What's that bumper sticker about? Vertus, >>I think, I think the billboard would say, welcome to the new Veritas. This is not your grandfather's old mobile. We've done a phenomenal job in, in the last, particularly the last three or four years, to really reinvent ourselves in the cloud and the investments that we made are really paying off for our customers today. So I'm excited to be part of this journey and excited to talk to you guys today. >>Love it. Not your grandfather's Veritas. Rick, thank you so much for joining Paula, me on the forgot talking about what you guys are doing, how you're helping customers, really established that cyber of resiliency, which is absolutely critical these days. We appreciate your >>Time. My pleasure. Thank you so much. >>All right, for our guest and Paul Gilland, I'm Lisa Martin, you're watching the Queue, which as you know is the leader in live enterprise and emerging check coverage.

>> Announcer: Live, from Las Vegas, it's theCUBE, covering Fortinet Accelerate18. Brought to you buy Fortinet. (upbeat digital music) >> Welcome back to theCUBE's continuing coverage of Fortinet Accelerate 2018. I'm Lisa Martin, with my co-host Peter Burris, and we are now joined by the CISO of Ingram Micro Kevin Kealy. Welcome to theCUBE. >> Thank you both very much. It's nice to be here. >> I love your title, the Prince of Security Weirdness, your other title. >> Yeah, right. >> Tell us about where you got that and why you like it. >> I was at a customer engagement years ago, when I was working for AT&T, in of all places, Moline, Illinois, and I was working with a lady whose business card actually said Protocol Princess. And the customers, based on what we were actually there to do, the customer decided that if she was the Protocol Princess, then I had to be the Prince of Security Weirdness, because the problem ended up being a combination of something very odd that was happening with their security appliances plus the network itself. And so, of course she spread that when we got back to the office and it just kind of stuck from thereon. I kind of like it. If a company found something weird that was going on with security, they'd just go, "Send him, he'll sort it out." And I did. >> So you've seen probably a really interesting evolution of security. >> Kevin: Oh yeah. >> You've been the CISO for almost a couple years. >> Kevin: Yep, almost two years, yeah. Longest tenured one in a while, I think. >> And you have an interesting kind of strategic perspective. Tell us a little bit about that and what makes that unique. >> Sure, so from a CISO perspective it used to be the CISO was the C-E NO. You know, the place where business goes to die. My feeling is, if I'm not adding lift to the business, then I'm adding drag. And if you're adding drag then you're not being a responsible custodian of the company's money or it's direction. So my feeling is, and my strategic objective is, always partner with business to help them achieve what they need to achieve, but to do it safely and in a way that doesn't add risk to the company. So, I like to say you look through your lens at something, it looks ridiculous. Somebody's doing something truly stupid. But if you pivot your perspective and you look at what they're doing it for, they have a perfectly reasonable and rational expectation of their results and what they're trying to achieve. What you need to do is to adjust your thinking to understand what you currently don't understand in order to pivot them to get to a safe perspective, and therefore business. >> So one of the key differences between business and digital business, is the role that data plays. But we could also take a security perspective. Business was about securing and limiting access. Digital business is about sharing and making possible access. >> Kevin: Right. >> So is that kind of what you mean when you say that you're not the C-NO? You're not the C-YES necessarily, but you're really focused on how to appropriately share? >> Completely agree. My approach is always, let's consult with each other, tell me what you're trying to achieve and let's not look at what's caused me to be in your business today, let's look at what you're trying to achieve. What's your end goal? Right, now let's work together to achieve that in a way that adds limited... 'cuz you can't ever have a solution that exposes stuff without adding any risk,. But there's always an acceptable risk appetite that you have to maintain in order to do business, right? With risk comes opportunity and reward, right? So you can never eliminate all risk. So my approach is, understand what they're trying to do. Look at how much risk there is in any different way of doing it, and then choose the way that offers you the most risk reduction for the least capital expenditure and operational expenditure. And gets them to market the quickest. At that point now, I know I've done my responsible part of keeping risk under control. I maintain a risk register, tells me as a whole the company has accepted this much risk. If we do this extra thing, this might put you over what you, the board of directors and management have accepted before. Let's see what we can do to reign that back in here. I have a solution here that's nearly what you want, will that do? You know, another mantra I cite is, don't let perfect be the enemy of good enough. Too many of my peers in the CISO realm keep chasing perfection. You know they see NIST 800 as an achievable goal. They see, you know, total PCI compliance as an achievable goal. My feeling is, as soon as you get to the point where you are PCI compliant, and you still have things to do, then you need to start concentrating on other more risky things that are going on in your business. You can never achieve NIST 800 unless you have a government's funding. I don't know too many CISOs who have a government's funding, right? So my feeling is never let good enough fail to be good enough. Achieve good enough then go and solve other riskier things, and then come back, maybe in a year, couple of years, when it's time to refresh that solution, and see if now that's not good enough anymore. Maybe you need to do something different. But in all cases I'm partnering with business to make sure that whatever I'm doing is adding lift for them, not drag. >> So, Ingram Micro, we just had Eric Kohl on a little bit ago. So Ingram's been a partner with Fortinet for 10 years or so, but you, on your side and your CISO role, are a customer of Fortinet. >> Kevin: Absolutely. >> So in the last couple of years when you came on board, some of the things I'm hearing that you're talking about, sounds like potentially a cultural shift. Talk to us about maybe some of the weirdness that you found in from a security perspective, and how Fortinet is helping you guys on the Ingram, achieve security transformations so that you can evolve. >> Sure, so, Fortinet's been a great partner for me. They have a truly wonderful suite of products. I mean, everything from the edge protection for the dissolving perimeter, all the way out to small and SOHO type firewalls. And then we have wireless access points that are strong and well fortified with the ability to separate between multiple networks, all the way down to FortiDB, which I use to protect our databases. So we do our database monitoring for our critical databases. As a suite of things that I can manage with one console, it helps me minimize the number of operational staff and the operational training they have to do. And then, from my perspective as a customer, Fortinet's always there for me. I know that I can just call them, and within five minutes somebody's calling me back and we can get the right resources right on the phone. That kind of partnership, you can't put a price on that. You know, everybody's at some point in their lives, bought a product that's failed, and then you can't get any customer support on it, and eventually you have to toss it out. Fortinet's always there for me. They're always checking to make sure that we're doing the right thing. And to give you an example of how Fortinet is part of our company fabric, and I use the word in both it's terms, we chose Fortinet gear to protect our CEO's house. Alright? Our CEO, of course, has a lot of, you know, he's a high net worth individual. He has a lot of high value assets that he takes home to work from home. You know he's clearly a target. So for protecting his home and infrastructure there, we deployed Fortinet gear. >> That's a very interesting use case. >> Yeah, and all my staff, including myself, we have Fortinet gear at home as well. So this is the stuff we trust to protect ourselves, when we're in our most vulnerable environment. A lot of people don't think about that. You take these well secured devices and you take them outside the company perimeter. Now they're on their own. You know, if you can take them to a safe environment though, it makes them a lot safer. From an engagement perspective, as the buyer of things for a company like Ingram, one of the first partnerships I made when I first joined the company was with Eric. Because I want to make sure that I'm supporting our sales side as well. So if anybody comes to me and says, "Hey, I have the perfect solution for you." The very first question I ask them is, "Are you a re-seller with us?" And if the answer is no, it's like, call this guy. This Eric Kohl chap, he'll be able to have a very interesting conversation with you. So, Fortinet being such a long-term partner with Ingram, it's an easy purchasing decision for me. Number one on the technology side. Number on on the partner side. You know what that old story is, nobody got fired for buying IBM? At Ingram, nobody got fired for buying Fortinet gear. And it helps that it's the best on the books, for me anyway, for the stuff that I use it for. I'm very excited about the new Fabric. >> Tell us about that, from a visibility perspective internally, complexity, mitigation standpoint, TCO. How is that going to help you at Ingram? >> So, you said the word, visibility. One of the first things I did when I got to Ingram, was I realized I couldn't see all the way to the edges and to the bottom of my network. So I started to increase the visibility with a combination of the Fortinet product suite, I think I'll be able to get the edge-to-edge, top-to-bottom visibility. And I'm really excited about the web-based CASD solution. 'Cuz what I really don't want to do, and one of the talks this morning, the keynote was talking about it, is the vendor, just the vendor pile of different things that have to be managed. All the different people we have to get training from. All of the currency that you have to maintain. If I can manage it all through one console, And I only have to train my staff in one suite of products, that makes the overall work that they do that much simpler to execute. And I love the concept of being able to make those contextual rules. You know, if this device is in this class then don't let it go over to this data that's in this class. That's so simple to describe. And I love the fact that you can then orchestrate that deployment. So when as we go to a virtualized environment, and we roll into cloud and so on, being able to push a policy like that and being able to push that context is going to be so exciting for me. >> One of the challenges of integration is that you get dependencies. >> Yes. >> So as a CISO, and you start looking at a fabric, and as you said, it's a very rich fabric, it does a lot of work. How do you ensure that you don't find, 'cuz if there's a vulnerability inside the fabric, then the whole fabric gets affected. So what is that trade-off between integration and dependency for you? >> So, that's a great question. Back in 1998,'99, I was at AT&T during what was, it became known as the Great Frame Relay Outage, that AT&T had. Many people will remember that. >> Not to laugh at you. >> Do you remember it, though? >> I do remember it. >> Right? >> Kevin: And the cause of that was, the company was entirely CISCO on the back burner. I was one of the engineers that was there trying to fix it all. CISCO had a self-deploying patch protocol where you drop a patch onto a device and it would automatically push the patch to all its neighboring devices and so on. Well you dropped the patch on this device, it would push the patch towards its neighbors, then it would crash and reboot. But it had already had time to push the patch to all its neighbors. So one by one, every single router and switch in the entire network, received a patch and then crashed and rebooted. And that became a three-week problem known as The Great Frame Relay Outage of 1998. So at that point, our then CISO, Edward Amoroso, he decided that we wanted vendor diversity in our network. And at AT&T at the time, then, we went to CISCO on the edge, Juniper in the core. And the reason was, we wanted the network to be able to stay up and routing, even if we has a problem on the edge. And of course, automatic patch push protocol was disabled. (laughing) From my perspective, I think, there's a fine line to be managed here. Southwest Airlines has made a very concrete and a very risky, but certainly it's worked out for them right now, decision. All their aircraft are Boeing 737s. So they only have to train their maintenance staff to maintain one airplane. All their pilots can fly all their airplanes. >> Lisa: My brother's a pilot for them, yes. >> Right? >> Yeah. >> Kevin: All of them are 737s, but if the FAA grounds 737s, all of Southwest is out of business, for the duration of the flying ban, right? So Southwest has decided they don't need vendor diversity across their fleet. I know they bought Allegiant, and that's got a number of Boeing aircraft, however, from the perspective of their original business plan, all 737s because they now have a very, very well defined TCO. From my perspective I think, there's a line to be drawn here, but Fortinet has me covered. They have their APIs. They work with the other vendors. So if I have a SIM or a log manager or something like Splunk deployed, they already have that partnership in place. It means they can manage the data within the device as though it's my own data, as though it's within the Fortinet Fabric. And that then keeps me happy. Because I then get the benefits of the additional features perhaps that I would get from a Splunk rather than a Fortinet tool, but I also get the vendor diversity that's there. See Splunk for me is not just a security tool, it's a VI tool and there are many other groups that are leveraging the capabilities that it has. So for me, if I went to something like the Fortinet SIM, that would be a very selfish solution. It would be just a security thing. That's not really partnering with business. My investment in Splunk, I've got six other groups within the company leveraging it, and I just invited the seventh one in today. Now those people are all using Splunk for their own things. I'm footing the bill for them so they get all this VI for free. That's been a real big win for me, because I'm now known as the guy that's providing stuff that the company can actually use. That's a very powerful position to be in as the CISO because when I come asking for something that normally they would've said no to, all I have to do is remind them, "Hey, you know you're using my Splunk solution? "Well now, would you mind helping me out? "I need you to do this thing "with your laptops in your organization." And they're much more receptive because they know of me as a partner. >> So would you say, one of the things we were talking about a number of times today, Peter, with guests, is getting, how, does a CISO get this, well maybe it's enable the balance, at the speed at which a business needs to transform digitally to be profitable and grow and compete and manage that with risk? Where do you think that your are on getting that balance? Sounds like there's a lot of collaboration within what you've been able to achieve. >> So, there's a couple of rules that I go with. The first is I go meet the business leaders and introduce myself. And I say, I know you may have heard this before, but this time I mean it, I'm here to help. Tell me what your pain points are. How can I help you, right? And that's a very powerful question. I always try to end every meeting with "How can I help you?" Alright. If you end the meeting with that question, that last memory they have of you will be, you were offering to help last time I saw you. I'm willing to give you another audience. And then, it's by action. Like my Splunk investment. I invested in it, and now other people are using it. I'm showing by my actions that I'm actually not just all talk. And other people have noticed. They would come to one of my predecessors and say, "Hey, I want to do X." and they would be told straight out, "No." My answer is always, okay. How are you planning to do it? Something brought you here today. Let's talk about it. And then when they show me how they are planning to do it, it's like, you know what, I see opportunity here. You guys can do it in three fewer steps and at significantly less risk if you just let me help you in this area, and then we do it this way, and we use this tool that I've already bought and you don't have to pay for. Now all of a sudden they've got a yes. It's already through. It's through architecture review. They've got the solution in place, but I get the logs and I get to put my own encryption solution in or whatever else it is, and I get to absorb the risk for the company. And again, it's all by actions too. You know, if you make sure that you never say the word no. People say, "No, because." Try to change it to, "Yes, and." And by pivoting the conversation that way all of a sudden people aren't arguing with you. They're trying to sell you something. And when somebody's trying to sell you something and you're buying it now you've got the upper hand, right? So now I'm the buyer. Right, it's like, "Let's buy it, but let's do it like this." >> So I have another question for you. Something that's related to one of the conversations that we've had many times today. I'm going to paint a scenario for you. A CEO is sitting in front of a group of investors. And talking about strategic flexibility and the things that their assets allows her to do. My balance sheet will allow us to do this. My sales force will allow us to do this. When are we going to see the first CEO say, "My security, my digital security, "will allow us to do this, "things that our competitors can't do." >> That's an excellent question, I hope it's soon. I'd like to be right in the vanguard of that. Ingram Micro already uses us as an enabler. >> I'm sorry, what was that? >> Ingram Micro already uses me and my group as an enabler. This year we've been able to negotiate a reduction in our corporate insurance rates, for cyber risk, simply because I was able to show the value in what we've achieved over the last two years. And show how materially we've affected the company's risk envelope and our acceptance of risk. So by doing that, I've already added value to the bottom line because insurance costs money and it's a dead sunk cost, right? So I've already reduced the cost of that. So now all of a sudden I'm enabling the business. And I'm also meaning that we can actually uplift our coverage too, so now we're reducing risk even more. We can displace more risk to the outside of the business. This conversation with Eric, you know, I'm about to award an RFP. Before I award an RFP, I'll go and see Eric. Is there a strategic reason for me to award it to this vendor or this other vendor? Now of course we're negotiating on the sale side and the buy side together. That's a very powerful story. So certainly at Ingram, I think I'm already partnering with the business in such a way that we can make that a compelling message. In terms of the overall industry, I really hope that it'll be soon. I think the CISO and the CIO roles are merging together. I think as the CIO is rolling less hardware and is rolling more into virtual and policy and direction and technology choices, I think people are going to have to realize that security has to be built into that. Because if you try to bake it on later, or bolt it on, it's never as effective. It's always more expensive. You look at something like the Fortinet Fabric, you roll that as part of your orchestrated virtual environment, you've turned the whole attack chain on it's head, now. Now it's going to cost so much to try and compromise any part of that infrastructure, you're going to see it so quickly, you've turned it all around. Now it's way too expensive to try and attack companies with that kind of fabric. Now the boot is on the foot. Okay, so invent something I can't see. You know, we've got contextual threat intelligence here, that's able to spot patterns. We've got polyform on the outside here. Everything's working in concert, okay. >> So you're not worried about being put out of a job any time soon. >> I think sadly this job is around for a while. I used to joke that it was Bill Gates and his company that provided us with permanent job security. Now it's the cyber criminals. I tell you what though, today the simplest attacks are still the ones that work. It's phishing, phishing, phishing, phishing, phishing. People clicking on links. >> Human beings. >> Human beings are always easier to hack than computers. >> So you've given us, last question as we have a minute or so left, you've given us a great perspective of the impact that you've been able to make using Fortinet on the customer side. You talk to a lot of partners in Ingram's ecosystem. How do you impart your wisdom and your expertise on the partners from that enablement, such so that they can go and talk to customers and really share best practices from the CISO suite? >> So again, I partner with Eric's cybersecurity advisory committee, where he has a number of our key security partners who come along. And for two years running now, I've participated. I've spoken. I spent two days with those folks. I'll answer any question they have. I'll spend the evenings with them. We'll have a beer together. And I'll do a panel and I'll have discussions just like this with them. And share with them some of the things that I've done with the company that have worked, and some of the things that haven't worked out quite so well. No holds barred. I'm a big believer in herd immunity. You know, it's an old joke, you don't want to be the fastest antelope, but you sure as hell don't want to be the slowest one either. So from my perspective, the more of us that share that kind of intel, the easier things will be as we go forward. Because together as a herd we'll be more immune. So from my perspective, even if it's a competitor's CISO, I'll still sit down, have a coffee with them and chat with them. And it will be very much open kimono. Because I feel like we can never share enough of this intelligence with each other. We're not seeking to gain a competitive advantage individually. We're seeking to make the field and the companies, and if you like, the white hats, less vulnerable. And I think that's a compelling value message. >> I noticed your clothes. I guess you're an All Blacks fan? >> Well, you know, being South African I have to be a Springboks, but, uh, you know, it was such a sad day when Jonha Lumo died. That was such a sad day. I got to meet him once and he was a mountain of a man, but such a gentleman. Yep, that was good. But yes, rugby is definitely my sport, so thank you. >> Well, Kevin, thank you so much for stopping by theCUBE and sharing your insights, what you've been able to achieve on the consumer side, or consuming Fortinet's technology and what you're able to impart on your partners. We wish you great success in 2018 and look forward to having you back on the show. >> That sounds great, thank you very much. Thanks for having me, it's been a great pleasure, thanks. >> Excellent. And we want to thank you for watching theCUBE from Fortinet Accelerate 2018. I'm Lisa Martin with my cohost Peter Burris, after this short break we will be right back. (upbeat digital music)

(click) >> Hey, Lisa Martin on the ground with theCUBE at Google for the Sixth Annual CloudNOW Top Women in Cloud Awards Event, our second year covering this, very excited to be joined by tonight's emcee, Becky Wanta, the founder of RSW1C. Welcome to theCUBE. >> Thank you. >> It's great to have you here. So tell us a little bit about what you do and your background as a technology leader. >> So, I've been in technology for close to 40 years. I started out as a software. >> Sorry, I don't even, what? (laughing) >> Ha, ha, ha, it's a long time ago, yeah. So I started out as a developer back in the Department of Defense. So it wasn't rocket science in the early days when I began because it was back when computers took up whole rooms and I realized I had an affinity for that. So, I leveraged that, but then I got into, at that time, and I'm from northern California, if you remember right, the Department of Defense was drawing down. And so I decided I was going to leverage my experience in IT to get into either integrative financial services or healthcare, right. So I took over running all of tech for the Money Store at the time which you would have no idea who that is. And then that got acquired by Wells Fargo First Union, so I took over as their Global CTO for Wells Fargo. And what you'll see is, so let me just tell you about RSW1C because what it is is it's a technology consulting firm that's me. And the reason I have it is because tech changes so much that it's easy to stay current. And when I get brought into companies, and you'll look at me, so I've been the executive officer for tiny little companies like PepsiCo, Wells Fargo, Southwest Airlines. >> The small ones. >> Yeah, tiny, not really, MGM Resorts International, the largest worker's comp company in California, a company that, unborn midsize SMB in southern California that just wrapped up last year. And when I get brought into these companies, I get brought in to transform them. It's at a time in the maturation of these companies, these tiny little brands we've mentioned, where they're ready to jettison IT. So I take that very seriously because I know technology is that gateway to keep that competitive advantage. And the beauty is of that the companies I've mentioned, they're all number one in their markets. And when you're number one, there's only one direction to go, so they take that very seriously. >> How do you come in there and help an MGM Grand Resorts transform? >> So what happened in MGM's case and probably in the last five CIO positions that I've taken, they've met me as a consultant, again, from RSW1C. And then when I look into what needs to happen and I have the conversation, because everybody thinks they want to do digital transformation, and it's not an easy journey and if you don't have the executive sponsorship, don't even try it at home, right? And so, in MGM's case, they had been talking. MGM's the largest taxpayer in Nevada. People think about it as MGM Grand. It's 19 brands on The Strip. >> Is that right? >> It's Bellagio, MGM, so it's the largest taxpayer in Nevada. So it owns 44,860 rooms on The Strip. So if I just counted now, you have Circa Circa, Slots of Fun, Mirage, Bellagio, Monte Carlo, New York, New York, um, MGM Grand Las Vegas, MGM Grand Detroit. They're in the countries and so forth. So it's huge. And that includes Mandalay, ARIA, and all those, so it's huge, right? And so in MGM's case, they knew they wanted to do M life, so M life game changes their industry. And I put that in. This will be our nine year anniversary coming up on Valentine's Day. Thirty years they talked about it, and I put in with a great team And that was part of the transformation into a new way of running their business. >> Wow, we have a couple of minutes left. I'd love to get your perspective on being a female leader in tech. Who were your mentors back in the day? And who are your mentors now? >> So, I don't have any mentors. I never did. Because when I started in the industry, there wasn't a lot of women. And obviously, technology was fairly new which is why one of my passions is around helping the next generation be hugely successful. And one of the things that's important is in the space of tech, I like this mantra, this mantra that says, "How about brains "and beauty that gets you in the door? "How about having the confidence in yourself?" So I want to help a lot of the next generation be hugely successful. And that's what Jocelyn has built with CloudNow, her and Susan. And I'm a big proponent of this because I think it's a chance for us to give back and help the next generation of leaders in a non-traditional way be hugely successful in brands, in companies that are going to unleash their passion and show them how to do that. Because, the good news is that I'm a total bum, Lisa. I've never had a job. I love what I do, and I do it around the clock, so. >> Oh, if only more people could say that. That's so cool. But what we've seen with CloudNow, this is our second year covering it, I love talking to the winners and even the folks that are keynoting or helping to sponsor scholarships. There's so much opportunity. >> There really is. >> And it's so exciting when you can see someone whose life is changing as a result of finding a mentor or having enough conviction to say, "You know what? "I am interested in a STEM field. "I'm going to pursue that." >> Right. >> So, we thank you so much Becky for stopping by theCUBE. And your career is amazing. >> Thanks. >> And I'm sure you probably are mentors to countless, countless men and women out there. >> Absolutely. >> Well, thanks again for stopping by. >> Thank you, Lisa. >> Thank you for watching theCUBE. I'm Lisa Martin on the ground at Google with the CloudNow Sixth Annual Top Women in Cloud Awards Event. Stick around, we'll be right back.