>> Is and who we are today as as a country, as a universe. >> Narrator: Congratulations Reggie Jackson, (inspirational music) you are a CUBE alumni. (upbeat music) >> Announcer: Live from Las Vegas it's theCUBE covering Splunk.Conf19. Brought to you by Splunk. >> Okay, welcome back everyone it's theCUBE's live coverage here in Las Vegas for Splunk.Conf19. I am John Furrier host of theCUBE. It's the 10th Anniversary of Splunk's .Conf user conference. Our 7th year covering it. It's been quite a ride, what a wave. Splunk keeps getting stronger and better, adding more features, and has really become a powerhouse from a third party security standpoint. We got a C-SO in theCUBE on theCUBE today. Chief Information Security, John Frushour Deputy Chief (mumbles) New York-Presbyterian The Award Winner from the Data to Everywhere Award winner, welcome by theCube. >> Thank you, thank you. >> So first of all, what is the award that you won? I missed the keynotes, I was working on a story this morning. >> Frushour: Sure, sure. >> What's the award? >> Yeah, the Data Everything award is really celebrating using Splunk kind of outside its traditional use case, you know I'm a security professional. We use Splunk. We're a Splunk Enterprise Security customer. That's kind of our daily duty. That's our primary use case for Splunk, but you know, New York Presbyterian developed the system to track narcotic diversion. We call it our medication analytics platform and we're using Splunk to track opioid diversion, slash narcotic diversions, same term, across our enterprise. So, looking for improper prescription usage, over prescription, under prescription, prescribing for deceased patients, prescribing for patients that you've never seen before, superman problems like taking one pill out of the drawer every time for the last thirty times to build up a stash. You know, not resupplying a cabinet when you should have thirty pills and you only see fifteen. What happened there? Everything's data. It's data everything. And so we use this data to try to solve this problem. >> So that's (mumbles) that's great usage we'll find the drugs, I'm going to work hard for it. But that's just an insider threat kind of concept. >> Frushour: Absolutely. >> As a C-SO, you know, security's obviously paramount. What's changed the most? 'Cause look at, I mean, just looking at Splunk over the past seven years, log files, now you got cloud native tracing, all the KPI's, >> Frushour: Sure. >> You now have massive volumes of data coming in. You got core business operations with IOT things all instrumental. >> Sure, sure. >> As a security offer, that's a pretty big surface area. >> Yeah. >> How do you look at that? What's your philosophy on that? >> You know, a lot of what we do, and my boss, the C-SO (mumbles) we look at is endpoint protection and really driving down to that smaller element of what we complete and control. I mean, ten, fifteen years ago information security was all about perimeter control, so you've got firewalls, defense and depth models. I have a firewall, I have a proxy, I have an endpoint solution, I have an AV, I have some type of data redaction capability, data masking, data labeling capability, and I think we've seen.. I don't think security's changed. I hear a lot of people say, "Oh, well, information security's so much different nowadays." No, you know, I'm a military guy. I don't think anything's changed, I think the target changed. And I think the target moved from the perimeter to the endpoint. And so we're very focused on user behavior. We're very focused on endpoint agents and what people are doing on their individual machines that could cause a risk. We're entitling and providing privilege to end users today that twenty years ago we would've never granted. You know, there was a few people with the keys to the kingdom, and inside the castle keep. Nowadays everybody's got an admin account and everybody's got some level of privilege. And it's the endpoint, it's the individual that we're most focused on, making sure that they're safe and they can operate effectively in hospitals. >> Interviewer: What are some of the tactical things that have changed? Obviously, the endpoint obviously shifted, so some tactics have to change probably again. Operationally, you still got to solve the same problem: attacks, insider threats, etc. >> Frushour: Yeah. >> What are the tactics? What new tactics have emerged that are critical to you guys? >> Yeah, that's a tough question, I mean has really anything changed? Is the game really the game? Is the con really the same con? You look at, you know, titans of security and think about guys like Kevin Mitnick that pioneered, you know, social engineering and this sort of stuff, and really... It's really just convincing a human to do something that they shouldn't do, right? >> Interviewer: Yeah. >> I mean you can read all these books about phone freaking and going in and convincing the administrative assistant that you're just late for meeting and you need to get in through that special door to get in that special room, and bingo. Then you're in a Telco closet, and you know, you've got access. Nowadays, you don't have to walk into that same administrative assistant's desk and convince 'em that you're just late for the meeting. You can send a phishing email. So the tactics, I think, have changed to be more personal and more direct. The phishing emails, the spear phishing emails, I mean, we're a large healthcare institution. We get hit with those types of target attacks every day. They come via mobile device, They come via the phishing emails. Look at the Google Play store. Just, I think, in the last month has had two apps that have had some type of backdoor or malicious content in them that got through the app store and got onto people's phones. We had to pull that off people's phones, which wasn't pretty. >> Interviewer: Yeah. >> But I think it's the same game. It's the same kind to convince humans to do stuff that they're not supposed to do. But the delivery mechanism, the tactical delivery's changed. >> Interviewer: How is Splunk involved? Cause I've always been a big fan of Splunk. People who know me know that I've pretty much been a fan boy. The way they handle large amounts of data, log files, (mumbles) >> Frushour: Sure. >> and then expand out into other areas. People love to use Splunk to bring in their data, and to bring it into, I hate to use the word data leg but I mean, Just getting... >> Yeah >> the control of the data. How is data used now in your world? Because you got a lot of things going on. You got healthcare, IOT, people. >> Frushour: Sure, sure. >> I mean lives are on the line. >> Frushour: Lives are on the line, yeah. >> And there's things you got to be aware of and data's key. What is your approach? >> Well first I'm going to shamelessly plug a quote I heard from (mumbles) this week, who leads the security practice. She said that data is the oxygen of AI, and I just, I love that quote. I think that's just a fantastic line. Data's the oxygen of AI. I wish I'd come up with it myself, but now I owe her a royalty fee. I think you could probably extend that and say data is the lifeline of Splunk. So, if you think about a use case like our medication analytics platform, we're bringing in data sources from our time clock system, our multi-factor authentication system, our remote access desktop system. Logs from our electronic medical records system, Logs from the cabinets that hold the narcotics that every time you open the door, you know, a log then is created. So, we're bringing in kind of everything that you would need to see. Aside from doing something with actual video cameras and tracking people in some augmented reality matrix whatever, we've got all the data sources to really pin down all the data that we need to pin down, "Okay, Nurse Sally, you know, you opened that cabinet on that day on your shift after you authenticated and pulled out this much Oxy and distributed it to this patient." I mean, we have a full picture and chain of everything. >> Full supply chain of everything. >> We can see everything that happens and with every new data source that's out there, the beauty of Splunk is you just add it to Splunk. I mean, the Splunk handles structured and unstructured data. Splunk handles cis log fees and JSON fees, and there's, I mean there's just, it doesn't matter You can just add that stream to Splunk, enrich those events that were reported today. We have another solution which we call the privacy platform. Really built for our privacy team. And in that scenario, kind of the same data sets. We're looking at time cards, we're looking at authentication, we're looking at access and you visited this website via this proxy on this day, but the information from the EMR is very critical because we're watching for people that open patient records when they're not supposed to. We're the number five hospital in the country. We're the number one hospital in the state of New York. We have a large (mumbles) of very important people that are our patients and people want to see those records. And so the privacy platform is designed to get audit trails for looking at all that stuff and saying, "Hey, Nurse Sally, we just saw that you looked at patient Billy's record. That's not good. Let's investigate." We have about thirty use cases for privacy. >> Interviewer: So it's not in context of what she's doing, that's where the data come in? >> That's where the data come in, I mean, it's advanced. Nurse Sally opens up the EMR and looks at patient Billy's record, maybe patient Billy wasn't on the chart, or patient Billy is a VIP, or patient Billy is, for whatever reason, not supposed to be on that docket for that nurse, on that schedule for that nurse, we're going to get an alarm. The privacy team's going to go, "Oh, well, were they supposed to look at that record?" I'm just giving you, kind of, like two or three uses cases, but there's about thirty of them. >> Yeah, sure, I mean, celebrities whether it's Donald Trump who probably went there at some point. Everyone wants to get his taxes and records to just general patient care. >> Just general patient care. Yeah, exactly, and the privacy of our patients is paramount. I mean, especially in this digital age where, like we talked about earlier, everyone's going after making a human do something silly, right? We want to ensure that our humans, our nurses, our best in class patient care professionals are not doing something with your record that they're not supposed to. >> Interviewer: Well John, I want to hear your thoughts on this story I did a couple weeks ago called the Industrial IOT Apocalypse: Now or Later? And the provocative story was simply trying to raise awareness that malware and spear phishing is just tactics for that. Endpoint is critical, obviously. >> Sure. >> You pointed that out, everyone kind of knows that . >> Sure. >> But until someone dies, until there's a catastrophe where you can take over physical equipment, whether it's a self-driving bus, >> Frushour: Yeah. >> Or go into a hospital and not just do ransom ware, >> Frushour: Absolutely. >> Actually using industrial equipment to kill people. >> Sure. >> Interviewer: To cause a lot of harm. >> Right. >> This is an industrial, kind of the hacking kind of mindset. There's a lot of conversations going on, not enough mainstream conversations, but some of the top people are talking about this. This is kind of a concern. What's your view on this? Is it something that needs to be talked about more of? Is it just BS? Should it be... Is there any signal there that's worth talking about around protecting the physical things that are attached to them? >> Oh, absolutely, I mean this is a huge, huge area of interest for us. Medical device security at New York Presbyterian, we have anywhere from about eighty to ninety thousand endpoints across the enterprise. Every ICU room in our organization has about seven to ten connected devices in the ICU room. From infusion pumps to intubation machines to heart rate monitors and SPO2 monitors, all this stuff. >> Interviewer: All IP and connected. >> All connected, right. The policy or the medium in which they're connected changes. Some are ZP and Bluetooth and hard line and WiFi, and we've got all these different protocols that they use to connect. We buy biomedical devices at volume, right? And biomedical devices have a long path towards FDA certification, so a lot of the time they're designed years before they're fielded. And when they're fielded, they come out and the device manufacturer says, "Alright, we've got this new widget. It's going to, you know, save lives, it's a great widget. It uses this protocol called TLS 1.0." And as a security professional I'm sitting there going, "Really?" Like, I'm not buying that but that's kind of the only game, that's the only widget that I can buy because that's the only widget that does that particular function and, you know, it was made. So, this is a huge problem for us is endpoint device security, ensuring there's no vulnerabilities, ensuring we're not increasing our risk profile by adding these devices to our network and endangering our patients. So it's a huge area. >> And also compatible to what you guys are thinking. Like I could imagine, like, why would you want a multi-threaded processor on a light bulb? >> Frushour: Yeah. >> I mean, scope it down, turn it on, turn it off. >> Frushour: Scope it down for its intended purpose, yeah, I mean, FDA certification is all about if the device performs its intended function. But, so we've, you know, we really leaned forward, our CSO has really leaned forward with initiatives like the S bomb. He's working closely with the FDA to develop kind of a set of baseline standards. Ports and protocols, software and services. It uses these libraries, It talks to these servers in this country. And then we have this portfolio that a security professional would say, "Okay, I accept that risk. That's okay, I'll put that on my network moving on." But this is absolutely a huge area of concern for us, and as we get more connected we are very, very leaning forward on telehealth and delivering a great patient experience from a mobile device, a phone, a tablet. That type of delivery mechanism spawns all kinds of privacy concerns, and inter-operability concerns with protocol. >> What's protected. >> Exactly. >> That's good, I love to follow up with you on that. Something we can double down on. But while we're here this morning I want to get back to data. >> Frushour: Sure. >> Thank you, by the way, for sharing that insight. Something I think's really important, industrial IOT protection. Diverse data is really feeds a lot of great machine learning. You're only as good as your next blind spot, right? And when you're doing pattern recognition by using data. >> Frushour: Absolutely. >> So data is data, right? You know, telecraft, other data. Mixing data could actually be a good thing. >> Frushour: Sure, sure. >> Most professionals would agree to that. How do you look at diverse data? Because in healthcare there's two schools of thought. There's the old, HIPAA. "We don't share anything." That client privacy, you mentioned that, to full sharing to get the maximum out of the AI or machine learning. >> Sure. >> How are you guys looking at that data, diverse data, the sharing? Cause in security sharing's good too, right? >> Sure, sure, sure. >> What's your thoughts on sharing data? >> I mean sharing data across our institutions, which we have great relationships with, in New York is very fluid at New York Presbyterian. We're a large healthcare conglomerate with a lot of disparate hospitals that came as a result of partnership and acquisition. They don't all use the same electronic health record system. I think right now we have seven in play and we're converging down to one. But that's a lot of data sharing that we have to focus on between seven different HR's. A patient could move from one institution to the next for a specialty procedure, and you got to make sure that their data goes with them. >> Yeah. >> So I think we're pretty, we're pretty decent at sharing the data when it needs to be shared. It's the other part of your question about artificial intelligence, really I go back to like dedication analytics. A large part of the medication analytics platform that we designed does a lot of anomaly detections, anomaly detection on diversion. So if we see that, let's say you're, you know, a physician and you do knee surgeries. I'm just making this up. I am not a clinician, so we're going to hear a lot of stupidity here, but bare with me. So you do knee surgeries, and you do knee surgeries once a day, every day, Monday through Friday, right? And after that knee surgery, which you do every day in cyclical form, you prescribe two thousand milligrams of Vicodin. That's your standard. And doctors, you know, they're humans. Humans are built on patterns. That's your pattern. Two thousand milligrams. That's worked for you; that's what you prescribe. But all of the sudden on Saturday, a day that you've never done a knee surgery in your life for the last twenty years, you all of a sudden perform a very invasive knee surgery procedure that apparently had a lot of complications because the duration of the procedure was way outside the bounds of all the other procedures. And if you're kind of a math geek right now you're probably thinking, "I see where he's going with this." >> Interviewer: Yeah. >> Because you just become an anomaly. And then maybe you prescribe ten thousand milligrams of Vicodin on that day. A procedure outside of your schedule with a prescription history that we've never seen before, that's the beauty of funneling this data into Splunk's ML Toolkit. And then visualizing that. I love the 3D visualization, right? Because anybody can see like, "Okay, all this stuff, the school of phish here is safe, but these I've got to focus on." >> Interviewer: Yeah. >> Right? And so we put that into the ML Toolkit and then we can see, "Okay, Dr. X.." We have ten thousand, a little over ten thousand physicians across New York Presbyterian. Doctor X right over here, that does not look like a normal prescriptive scenario as the rest of their baseline. And we can tweak this and we can change precision and we can change accuracy. We can move all this stuff around and say, "Well, let's just look on medical record number, Let's just focus on procedure type, Let's focus on campus location. What did they prescribe from a different campus?" That's anomalous. So that is huge for us, using the ML Toolkit to look at those anomalies and then drive the privacy team, the risk teams, the pharmacy analytics teams to say, "Oh, I need to go investigate." >> So, that's a lot of heavy lifting for ya? Let you guys look at data that you need to look at. >> Absolutely. >> Give ya a (mumbles). Final question, Splunk, in general, you're happy with these guys? Obviously, they do a big part of your data. What should people know about Splunk 2019, this year? And are you happy with them? >> Oh, I mean Splunk has been a great partner to New York Presbyterian. We've done so much incredible development work with them, and really, what I like to talk about is Splunk for healthcare. You know, we've created, we saw some really important problems in our space, in this article. But, we're looking, we're leaning really far forward into things like risk based analysis, peri-op services. We've got a microbial stewardship program, that we're looking at developing into Splunk, so we can watch that. That's a huge, I wouldn't say as big of a crisis as the opioid epidemic, but an equally important crisis to medical professionals across this country. And, these are all solvable problems, this is just data. Right? These are just events that happen in different systems. If we can get that into Splunk, we can cease the archaic practice of looking at spreadsheets, and look up tables and people spending days to find one thing to investigate. Splunk's been a great partner to us. The tool it has been fantastic in helping us in our journey to provide best in-class patient care. >> Well, congratulations, John Frushour, Deputy Chief Information Security Officer, New York Presbyterian. Thanks for that insight. >> You're welcome. >> Great (mumbles) healthcare and your challenge and your opportunity. >> Congratulations for the award winner Data to Everything award winner, got to get that slogan. Get used to that, it's two everything. Getting things done, he's a doer. I'm John Furrier, here on theCube doing the Cube action all day for three days. We're on day two, we'll be back with more coverage, after this short break. (upbeat music)

>> Announcer: Live from Las Vegas, it's theCUBE. Covering Splunk.conf19, brought to you by Splunk. >> Okay, welcome back everyone. We are here inside for Splunk.conf, their 10th-year conference. We've been here seven years. I'm John Furrier, the host. Our next guest is Sherrie Caltagirone, founder and executive director of the Global Emancipation Network, a cutting-edge company and organization connecting different groups together to fight that battle combating human trafficking with the power of data analytics. We're in a digital world. Sherrie, thanks for coming in. >> Thank you so much for having me. >> So love your mission. This is really close to my heart in terms of what you're doing because with digital technologies, there's a unification theme here at Splunk, unifying data sets, you hear on the keynotes. You guys got a shout-out on the keynote, congratulations. >> Sherrie: We did, thank you. >> So unifying data can help fight cybersecurity, fight the bad guys, but also there's other areas where unification comes in. This is what you're doing. Take a minute to explain the Global Emancipation Network. >> Yeah, thank you. So what we do is we are a data analytics and intelligence nonprofit, dedicated to countering all forms of human trafficking, whether it's labor trafficking, sex trafficking, or any of the sub types, men, women, and children all over the world. So when you think about that, what that really means is that we interact with thousands of stakeholders across law enforcement, governments, nonprofits, academia, and then private sector as well. And all of those essentially act as data silos for human trafficking data. And when you think about that as trafficking as a data problem or you tackle it as a data problem, what that really means is that you have to have a technology and data-led solution in order to solve the problem. So that's really our mission here is to bring together all of those stakeholders, give them easy access to tools that can help improve their counter posture. >> And where are you guys based and how big is the organization? What's the status? Give a quick plug for where you guys are at and what the current focus is. >> Yeah, perfect, so I am based in San Luis Obispo, California. We have just started a brand new trafficking investigations hub out at Cal Poly there. They're a fantastic organization whose motto is learn by doing, and so we are taking the trafficking problem and the tangential other issues, so like we mentioned, cyber crime, wildlife trafficking, drugs trafficking, all of this sort of has a criminal convergence around it and applying technology, and particularly Splunk, to that. >> Yeah, and I just want to make a note 'cause I think it's important to mention. Cal Poly's doing some cutting-edge work. Alison Robinson, Bill Britton, who runs the program over there, they got a great organization. They're doing a lot of data-oriented from media analysis, data, big focus there. Cal Poly quite a big organization. >> They are, and they're doing some wonderful things. AWS just started an innovation hub called the DX Hub there that we are a part of, really trying to tackle these really meaty problems here that are very data-centric and technology-centric. And Cal Poly's the best place to do that. >> Great, let's get into some of the details. One of the things around the news, obviously seeing Mark Zuckerberg doing the tour, Capitol Hill, DC, Georgetown, free speech, data. Facebook has been kind of blamed for breaking democracy. At the same time, it's a platform. They don't consider themselves as an editorial outlet. My personal opinion, they are, but they hide behind that platform. So bad things have happened, good things can happen. So you're seeing technology kind of being pigeonholed as bad. Tech for bad, there's also a tech for good. Pat Gelsinger, the CEO of VMware, publicly said technology's neutral. We humans can shape it. So you guys are looking at it from shaping it for good. How are you doing it? What are some of the things that are going on technically from a business standpoint that is shaping and unifying the data? >> Yeah, I mean, it's absolutely certain that technology has facilitated human trafficking and other ills throughout the world. It's a way that people bring their product, in this case, sadly, human beings, to the market to reach buyers, right? And technology absolutely facilitates that. But, as you mentioned, we can use that against them. So actually here at Conf we are bringing together for a first time the partnership that we did with Splunk for Good, Accenture, and Global Emancipation Network to help automatically classify and score risky businesses, content, ads, and individuals there to help not only with mitigating risk and liability for the private sector, whether it's social media giants or if it's transportation, hospitality, you name it, but also help ease the burden of content moderators. And that's the other side of it. So when you live in this space day in and day out, you really exact a mental toll here. It's really damaging to the individual who sits and reads this material and views photos over and over again. So using technology is a way to automate some of those investigations, and the identification of that content could be helpful in a variety of ways. >> In a way, it's a whole other adversary formula to try to identify. One of the things that Splunk, as we've been here at Splunk Conference, they've been about data from day one. A lot of data and then grew from there, and they have this platform. It's a data problem, and so one of the things that we're seeing here is diverse data, getting at more data makes AI smarter, makes things smarter. But that's hard. Diverse data might be in different data sets or silos, different groups. Sharing data's important, so getting that diverse data, how difficult is it for you guys? Because the bad guys can hide. They're hiding in from Craigslist to social platforms. You name it, they're everywhere. How do you get the data? What's the cutting-edge ingestion? Where are the shadows? Where are the blind spots? How do you guys look at that? Because it's only getting bigger. >> Absolutely, so we do it through a variety of different ways. We absolutely see gathering and aggregating and machining data the most central thing to what we do at Global Emancipation Network. So we have a coalition, really, of organizations that we host their scrapers and crawlers on and we run it through our ingestion pipeline. And we are partnered with Microsoft and AWS to store that data, but everything goes through Splunk as well. So what is that data, really? It's data on the open web, it's on the deep web. We have partners as well who look at the dark web, too, so Recorded Future, who's here at Conf, DeepL as well. So there's lots of different things on that. Now, honestly, the data that's available on the internet is easy for us to get to. It's easy enough to create a scraper and crawler, to even create an authenticated scraper behind a paywall, right? The harder thing is those privately held data sets that are in all of those silos that are in a million different data formats with all kinds of different fields and whatnot. So that is where it's a little bit more of a manual lift. We're always looking at new technologies to machine PDFs and that sort of thing as well. >> One of the things that I love about this business we're on, the wave we're on, we're in a digital media business, is that we're in pursuit of the truth. Trust, truth is a big part of what we do. We talk to people, get the data. You guys are doing something really compelling. You're classifying evil. Okay, this is a topic of your talk track here. Classifying evil, combating human trafficking with the power of data analytics. This is actually super important. Could you share why, for people that aren't following inside the ropes of this problem, why is it such a big problem to classify evil? Why isn't it so easy to do? What's the big story? What should people know about this challenge? >> Yeah, well, human trafficking is actually the second-most profitable crime in the world. It's the fastest-growing crime. So our best estimates are that there's somewhere between 20 million and 45 million people currently enslaved around the world. That's a population the size of Spain. That's nothing that an individual, or even a small army of investigators can handle. And when you think about the content that each of those produce or the traffickers are producing in order to advertise the services of those, it's way beyond the ability of any one organization or even, like I said, an army of them, to manage. And so what we need to do then is to be able to find the signal in the noise here. And there is a lot of noise. Even if you're looking at sex trafficking, particularly, there's consensual sex work or there's other things that are a little bit more in that arena, but we want to find that that is actually engaging in human trafficking. The talk that you mentioned that we're doing is actually a fantastic use case. This is what we did with Splunk for Good and Accenture. We were actually looking at doing a deep dive into the illicit massage industry in the US, and there are likely over 10,000 illicit massage businesses in the US. And those businesses, massages and spas, that are actually just a front for being a brothel, essentially. And it generates $2 billion a year. We're talking about a major industry here, and in that is a very large component of human trafficking. There's a very clear pipeline between Korea, China, down to New York and then being placed there. So what we ended up needing to do then, and again, we were going across data silos here, looking at state-owned data, whether it was license applications, arrest filings, legal cases, that sort of thing, down into the textual advertisements, so doing NLP work with weighted lexicons and really assigning a risk score to individual massage businesses to massage therapist business owners and then, again, to that content. So looking, again, how can we create a classifier to identify evil? >> It's interesting, I think about when you're talking about this is a business. This is a business model, this business continuity. There's a supply chain. This is a bona fide, underground, or overt business process. >> Yeah, absolutely, and you're right on that too that it is actually overt because at this point, traffickers actually operate with impunity for the most part. So actually framing it that way, as a market economy, whether it's shadowy and a little bit more in the black market or completely out in the open, it really helps us frame our identification, how we can manage disruptions, who need to be the stakeholders at the table for us in order to have a wider impact rather than just whack-a-mole. >> I was just talking with Sonia, one of our producers, around inclusiveness and this is so obviously a human passion issue. Why don't we just solve it? I mean, why doesn't someone like the elite class or world organization, just Davos, and people just say they're staring at this problem. Why don't they just say, "Hey, this is evil. "Let's just get rid of it." What's the-- >> Well, we're working on it, John, but the good thing is, and you're absolutely right, that there are a number of organizations who are actually working on it. So not just us, there's some other amazing nonprofits. But the tech sector's actually starting to come to the table as well, whether it's Splunk, it's Microsoft, it's AWS, it's Intel, IBM, Accenture. People are really waking up to how damaging this actually is, the impact that it has on GDP, the way that we're particularly needing to protect vulnerable populations, LGBTQ youth, children in foster care, indigenous populations, refugees, conflict zones. So you're absolutely right. I think, given the right tools and technology, and the awareness that needs to happen on the global stage, we will be able to significantly shrink this problem. >> It's classic arbitrage. If I'm a bad guy, you take advantage of the systematic problems of what's in place, so the current situation. Sounds like siloed groups somewhat funded, not mega-funded. This group over here, disconnect between communications. So you guys are, from what I could tell, pulling everyone together to kind of create a control plane of data to share information to kind of get a more holistic view of everything. >> Yeah, that's exactly it. Trying to do it at scale, at that. So I mentioned that at first we were looking at the illicit massage sector. We're moving over to the social media to look again at the recruitment side and content. And the financial sector is really the common thread that runs through all of it. So being able to identify, taking it back to a general use case here from cyber security, just indicators as well, indicators of compromise, but in our case, these are just words and lexicons, dollar values, things like that, down to behavioral analytics and patterns of behavior, whether people are moving, operating as call centers, network-like behavior, things that are really indicative of trafficking. And making sure that all of those silos understand that, are sharing the data they can, that's not overly sensitive, and making sure that we work together. >> Sherrie, you mentioned AWS. Teresa Carlson, I know she's super passionate about this. She's a leader. Cal Poly, we mentioned that. Splunk, you mentioned, how is Splunk involved? Are they the core technology behind this? Are they powering the-- >> They are, yeah, Splunk was actually with us from day one. We sat at a meeting, actually, at Microsoft and we were really just white boarding. What does this look like? How can we bring Splunk to bear on this problem? And so Splunk for Good, we're part of their pledge, the $10 million pledge over 10 years, and it's been amazing. So after we ingest all of our data, no matter what the data source is, whatever it looks like, and we deal with the ugliest and most unstructured data ever, and Splunk is really the only tool that we looked at that was able to deal with that. So everything goes through Splunk. From there, we're doing a series of external API calls that can really help us enrich that data, add correlations, whether it's spatial data, network analysis, cryptocurrency analysis, public records look-ups, a variety of things. But Splunk is at the heart. >> So I got to ask you, honestly, as this new architecture comes into play for attacking this big problem that you guys are doing, as someone who's not involved in that area, I get wow, spooked out by that. I'm like, "Wow, this is really bad." How can people help? What can people do either in their daily lives, whether it's how they handle their data, observations, donations, involvement? How do people get involved? What do you guys see as some areas that could be collaborating with? What do you guys need? How do people get involved? >> Yeah, one that's big for me is I would love to be able to sit in an interview like this, or go about my daily life, and know that what I am wearing or the things that I'm interacting with, my phone, my computer, weren't built from the hands of slave labor. And at this point, I really can't. So one thing that everybody can do is demand of the people that they are purchasing from that they're doing so in a socially viable and responsible way. So looking at supply chain management as well, and auditing specifically for human trafficking. We have sort of the certified, fair-trade certified organic seals. We need something like that for human trafficking. And that's something that we, the people, can demand. >> I think you're on the right track with that. I see a big business model wave where consumer purchasing power can be shifted to people who make the investments in those areas. So I think it's a big opportunity. It's kind of a new e-commerce, data-driven, social-impact-oriented economy. >> Yep, and you can see more and more, investment firms are becoming more interested in making socially responsible investments. And we just heard Splunk announce their $100 million social innovation fund as well. And I'm sure that human trafficking is going to be part of that awareness. >> Well, I'll tell you one of the things that's inspirational to me personally is that you're starting to see power and money come into helping these causes. My friend, Scott Tierney, just started a venture capital firm called Valo Ventures in Palo Alto. And they're for-profit, social impact investors. So they see a business model shift where people are getting behind these new things. I think your work is awesome, thank you. >> Yeah, thank you so much, I appreciate it. >> Thanks for coming on. Congratulations on the shout-out on the keynote. Appreciate it. The Global Emancipation Network, check them out. They're in San Luis Obispo, California. Get involved. This is theCUBE with bringing you the signal from the noise here at .conf. I'm John Furrier, back with more after this short break. (upbeat music)