>>Welcome to this cube conversation. I'm Lisa Martin. I'm joined by Derek manky next, the chief security insights and global threat alliances at 40 guard labs. Derek. Welcome back. >>Yeah, it's great to be here again. So then, uh, uh, a lot of stuff's happened since we last talked. >>One of the things that was really surprising from this year's global threat landscape report is a 10 more than 10 X increase in ransomware. What's going on? What have you guys seen? >>Yeah, so, uh, th th this is, is massive. We're talking about a thousand percent over a 10, a 10 X increase. This has been building police. So this, this has been building since, uh, December of 2020 up until then we saw relatively low, uh, high watermark with ransomware. Um, it had taken a hiatus really because cyber criminals were going after COVID-19 lawyers and doing some other things at the time, but we did see us a seven fold increase in December, 2020. That is absolutely continued. Uh, continued this year into a momentum up until today. It continues to build never subsided. Now it's built to this monster, you know, almost 11 times increase from, from what we saw back last December and what the, uh, the reason what's fueling. This is a new verticals that cyber criminals are targeting. We've seen the usual suspects like telecommunication government and, uh, position one and two, but new verticals that have risen up into this, uh, third and fourth position following our MSSP. And this is on the heels of the Casia attack. Of course, that happened in 2021, as well as operational technology. There's actually four segments, there's transportation, uh, automotive manufacturing, and then of course, energy and utility all subsequent to each other. So there's a huge focus now on, on OTA and MSSP for cybercriminals. >>One of the things that we saw last year, this time was that attackers had shifted their focus away from enterprise infrastructure devices, to home networks and consumer grade products. And now it looks like they're focusing on both. Are you seeing that? >>Yes, absolutely. I in two ways. So first of all, again, this is a kill chain that we talk about. They have to get a foothold into the infrastructure, and then they can load things like ransomware on there. They can little things like information Steelers as an example, the way they do that is through botnets. And, uh, what we reported in this, um, in the first half of 2021 is that Mariah, which is about a two to three-year old button that now is, is number one by far, it was the most prevalent bond that we've seen. Of course, the thing about Mariah is that it's an IOT based bot net. So it sits on devices, uh, sitting inside a consumer networks as an example, or home networks, right? And that, that can be a big problem. So that's the targets that cyber criminals are using. The other thing that we saw that was interesting was that one in four organizations detected malvertising. >>And so what that means at least, is that cyber criminals are shifting their tactics from going just from cloud-based or centralized email phishing campaigns to a web born threats, right? So they're infecting sites, waterhole attacks, where people would go to read their, their, their daily updates as an example of things that they do as part of their habits. Um, they're getting sent links to these sites that when they go to it, it's actually installing those botnets onto those systems. So they can get a foothold. We've also seen scare tactics, right? So they're doing new social engineering Lewis pretending to be human resource departments, uh, you know, uh, uh, it staff and personnel, as an example, with pop-ups through the web browser that looked like these people to fill out different forms and ultimately get infected on, on a home devices. >>Well, the home device we use is proliferate. It continues because we are still in this work from home work, from anywhere environment. Is that when you think a big factor in this increased from seven X to nearly 11 X, >>It is a factor. Absolutely. Yeah. Like I said, it's, it's also, it's a hybrid of sorts. So, so a lot of that activity is going to the MSSP, uh, angle, like I said, uh, to, to the OT. And so to those verticals, which by the way, are actually even larger than traditional targets in the past, like, uh, finance and banking is actually lower than that as an example. So yeah, we are seeing a shift to that. And like I said, that's, that's further, uh, backed up from what we're seeing on with the, the, the, the botnet activity specifically with Veronica too. Are >>You seeing anything in terms of the ferocity? We know that the volume is increasing. Are they becoming more ferocious? These attacks? >>Yeah. Yeah. There, there is. There's a lot of aggression out there, certainly from, from criminals. And I would say that the velocity is increasing, but the amount of, if you look at the cyber criminal ecosystem, the, the stakeholders, right. Um, that is increasing, it's not just one or two campaigns that we're seeing. Again, we're seeing, this has been a record cases here almost every week. We've seen one or two significant, you know, cyber security events that are happening. That is a dramatic shift compared to, to, to last year or even, you know, two years ago too. And this is because, um, because the cyber criminals are getting deeper pockets now, they're, they're becoming more well-funded and they have business partners, affiliates that they're hiring each one of those has their own methodology, and they're getting paid big. We're talking up to 70 to 80% commission, just if they actually successfully, you know, in fact, someone that pays for the ransom as an example. And so that's really, what's driving this too. It's, it's, it's a combination of this kind of perfect storm as we call it. Right. You have this growing attack surface and work from home, uh, environments, um, and footholds into those networks. But you have a whole bunch of other people now on the bad side that are orchestrating this and executing the attacks too. >>What can organizations do to start to slow down or limit the impacts of this growing ransomware as a service? >>Yeah, great question. Um, everybody has their role in this, I say, right? So, uh, if we look at, from a strategic point of view, we have to disrupt cyber crime. How do we do that? Um, it starts with the kill chain. It starts with trying to build resilient networks. So things like a ZTE and a zero trust network access, a SD LAN as an example, as an example for producting that land infrastructure on, because that's where the threats are floating to, right? That's how they get the initial footholds. So anything we can do on the, on the, you know, preventative, preventative side, making, uh, networks more resilient, um, also education and training is really key. Things like multi-factor authentication are all key to this because if you build that, uh, uh, preventatively and that's a relatively small investment upfront, Lisa compared to the collateral damage that can happen with these ransomware, it passes, the risk is very high. Um, that goes a long way. It also forces the attackers to it slows down their velocity. It forces them to go back to the drawing board and come up with a new strategy. So that is a very important piece, but there's also things that we're doing in the industry. There's some good news here too, uh, that we can talk about because there's, there's things that we can actually do. Um, apart from that to, to really fight cyber crime, to try to take the cyber criminal cell phone. >>All right. Hit me with the good news Derek. >>Yeah. So, so a couple of things, right. If we look at the bot net activity, there's a couple of interesting things in there. Yes, we are seeing Mariah rise to the top right now, but we've seen big problems of the past that have gone away or come back, not as prolific as before. So two specific examples, a motel that was one of the most prolific botnets that was out there for the past two to three years, there is a take-down that happened in January of this year. Uh, it's still on our radar, but immediately after that takedown, it literally dropped to half of the activity. It hadn't before. And it's been consistently staying at that low watermark now had that half percentage since, since that six months later. So that's very good news showing that the actual coordinated efforts that we're getting involved with law enforcement, with our partners and so forth to take down, these are actually hitting their supply chain where it hurts. >>Right. So that's good news part one trick. Bob was another example. This is also a notorious spot net take down attempt in Q4 of 2020. It went offline for about six months. Um, in our landscape report, we actually show that it came back online, uh, in about June this year. But again, it came down, it came back weaker and another form is not nearly as prolific as before. So we are hitting them where it hurts. That's, that's the really good news. And we're able to do that through new, um, what I call high resolution intelligence. >>Talk to me about that high resolution intelligence. What do you mean by that? >>Yeah, so this is cutting edge stuff really gets me excited and keeps, keeps me up at night in a good way. Uh, cause we're, we're looking at this under the microscope, right? It's not just talking about the why we know there's problems out there. We know there's, there's ransomware. We know there's the botnets, all these things, and that's good to know, and we have to know that, but we're able to actually zoom in on this now and look at it. So we, for the first time in the threat landscape report, we've published TTPs, the techniques, tactics procedures. So it's not just talking about the, what it's talking about, the how, how are they doing this? What's their preferred method of getting into systems? How are they trying to move from system to system and exactly how are they doing that? What's the technique. And so we've highlighted that it's using the MITRE attack framework TTP, but this is real-time data. >>And it's very interesting. So we're clearly seeing a very heavy focus from cyber criminals and attackers to get around security controls, to do defensive, Asian, to do privilege escalation on systems. So in other words, trying to be common administrator so they can take full control of the system. Uh, as an example, a lateral movement on there's still a preferred over 75%, 77, I believe percent of activity we observed from malware was still trying to move from system to system by infecting removable media like thumb drives. And so it's interesting, right? It's a brand new look on the, these a fresh look, but it's this high resolution is allowing us to get a clear image so that when we come to providing strategic guidance and solutions of defense, and also even working on these, take down that Fritz, it allows us to be much more effective. So >>One of the things that you said in the beginning was we talked about the increase in ransomware from last year to this year. You said, I don't think that we've hit that, that ceiling yet, but are we at an inflection points, the data showing that we're at an inflection point here with being able to get ahead of this? >>Yeah, I, I, I would like to believe so. Um, it, there is still a lot of work to be done. Unfortunately, if we look at, you know, there is a, a recent report put out by the department of justice in the S saying that, you know, the chance of, uh, criminal, uh, to be committing a crime, but to be caught in the U S is somewhere between 55 to 60%, the same chance for a cyber criminal lies less than 1% above 0.5%. And that's the bad news. The good news is we are making progress and sending messages back and seeing results. But I think there's a long road ahead. So, um, you know, there there's a lot of work to be done. We're heading in the right direction. But like I said, they say, it's not just about that. It's everyone has, has their role in this all the way down to organizations and end users. If they're doing their part and making their networks more resilient through this, through all the, you know, increasing their security stack and strategy, um, that is also really going to stop the, you know, really ultimately the profiteering, uh, that, that wave, you know, cause that continues to build too. So it's, it's a multi-stakeholder effort and I believe we are, we are getting there, but I continue to still, uh, you know, I continue to expect the ransomware wave to build. In the meantime, >>On the end user front, that's always one of the vectors that we talk about it's people, right? It's there's so there's so much sophistication in these attacks that even security folks and experts are nearly fooled by them. What are some of the things that you're saying that governments are taking action on some recent announcements from the white house, but other organizations like Interpol, the world, economic forum, cyber crime unit, what are some of the things that governments are doing that you're seeing that as really advantageous here for the good guys? >>Yeah, so absolutely. This is all about collaboration. Governments are really focused on public private sector collaboration. Um, so we've seen this across the board, uh, with 40 guard labs, we're on the forefront with this, and it's really exciting to see that it's great. Uh, there, there, there's always been a lot of will work together, but we're starting to see action now. Right. Um, Interpol is a great example. They recently this year held a high level forum on ransomware. I was actually spoken was part of that forum as well too. And the takeaways from that event were that we, this was a message to the world, that public private sector we need. They actually called ransomware a pandemic, which is what I've referred to it as before in itself as well too, because it is becoming that much of a problem and that we need to work together to be able to create action, action action against this measure, success become more strategic. >>The world economic forum, uh, were, were, uh, leading a project called the partnership against cyber crime threat map project. And this is to identify not just all this stuff we talked about in the threat landscape report, but also looking at, um, you know, things like how many different ransomware gangs are there out there. Uh, what are their money laundering networks look like? It's that side of the side of the supply chains of apple so that we can work together to actually take down those efforts. But it really is about this collaborative action that's happening and it's, um, innovation and there's R and D behind this as well. That's coming to the table to be able to make, you know, make it impactful. >>So it sounds to me like ransomware is no longer a for any organization in any, any industry you were talking about the expansion of verticals, it's no longer a, if this happens to us, but a matter of when and how do we actually prepare to remediate prevent any damage? Yeah, >>Absolutely. How do we prepare? The other thing is that there's a lot of, um, you know, with just the nature of, of, of cyber, there's a lot of, uh, connectivity. There's a lot of different, uh, it's not just always siloed attacks. Right? We saw that with colonial obviously this year where you have the talks on, on it that can affect consumers right now to consumers. Right. And so for that very reason, um, everybody's infected in this, uh, it, it truly is a pandemic, I believe on its own. Uh, but the good news is there's a lot of smart people, uh, on the good side and, you know, that's what gets me excited. Like I said, we're working with a lot of these initiatives and like I said, some of those examples I called up before, we're actually starting to see measurable progress against this as well. >>That's good. Well, never adult day, I'm sure. In your world, any thing that you think when we talk about this again, in a few more months of the second half of 2021, anything that, that you predict crystal ball wise that we're going to see? >>Yeah. I think that we're going to continue to see more of the, I mean, ransomware, absolutely. More of the targeted attacks. That's been a shift this year that we've seen. Right. So instead of just trying to infect everybody for ransom, but as an example of going after some of these new, um, you know, high profile targets, I think we're going to continue to see that happening from there. Add some more side on, on, and because of that, the average costs of these data breaches, I think they're going to continue to increase. Um, they had already did, uh, in, uh, 20, uh, 2021, as an example, if we look at the cost of the data breach report, it's gone up to about $5 million us on average, I think that's going to continue to increase as well too. And then the other thing too, is I think that we're going to start to see more, um, more, more action on the good side. Like we talked about, there was already a record amount of take downs that have happened five take downs that happened in January. Um, there were, uh, arrests made to these business partners that was also new. So I'm expecting to see a lot more of that coming out, uh, uh, towards the end of the year, too. >>So as the challenges persist, so do the good things that are coming out of this. They're working folks go to get this first half 2021 global threat landscape. What's the URL that they can go to. >>Yeah, you can check it all, all of our updates and blogs, including the threat landscape reports on blog about 40 nine.com under our threat research category. >>Excellent. I read that blog. It's fantastic. Derek, always a pleasure to talk to you. Thanks for breaking this down for us showing what's going on. Both the challenging things, as well as the good news. I look forward to our next conversation. >>Absolutely. It's great. Chatting with you again, Lisa. Thanks. >>Likewise for Derek manky. I'm Lisa Martin. You're watching this cube conversation.

>> Narrator: Live from the Wynn Hotel in Las Vegas, it's the CUBE, covering Magento Imagine 2018, brought to you by Magento. (upbeat music) >> Hey, welcome to the CUBE, we are live in Las Vegas at the Wynn for Magento Imagine 2018. I'm Lisa Martin with my co-host John Furrier, and John, we have a really exciting day planned, talking all things digital commerce innovation. What are you most excited about? >> Well Magento's one of those companies that people know about, but it's the rocket ship in eCommerce, mainly because they've cracked the code on a few things, Lisa, that I'm really impressed with. One is, they've modernized eCommerce. ECommerce has been around 25 plus years on the web, with internet, but you think of it like the old Amazon, eBay, database world, but now we're living in a cloud world, cloud native's big, and there's still money to be made in retail as everything goes online. The digital transformation is impacting retail more than ever, smart phones is over 10 years old, so the question I've always asked is, where's the modern stack? So these guys have cracked the code on that. Two, and they're powering a lot of impressive sites, and the growth is phenomenal, but they have an ecosystem partner network that you can see behind us, if you can look at the camera you'll see hundreds of partners. So I mean, eCommerce obviously isn't going away, look at the growth of digital, digital natives are coming online, people want to do things digitally, but also it's changing the offline consumer experience. So there's a gap, traditionally, between online, offline, that's coming together. This is only going to get more acute as cloud, mobile, decentralized, block chain, there's still eCommerce in our future, and it's just never going away, and these guys have a really interesting approach, so we're excited to find out more here on what they're doing, their success, and how eCommerce is going to evolve. To me, that's the number one story is, can people leverage turnkey, scalable digital technologies to do business? >> So Magento has built their reputation on helping retailers to target online shoppers. You talked about online and offline, but they're now moving into the B2B space. As consumers, we expect, Amazon set the bar obviously very high, we expect to be able to get whatever we want as consumers, we're channel agnostic, we don't care, we just want to be able to find whatever we want when we want it, have it shipped to us, have it shipped to the store, and that is spilling over into the B2B space. And Magento's data suggests that 93% of B2B buyers want to be able to buy online, which not only changes the sales model, it changes the marketing model as well. >> I mean, they're taking the charge, that's the slogan here, and the thing that's interesting is that it used to be nice little buckets, B2C, business to consumer, B2B, business to business, but really it's a consumer to consumer role, and one of the things that you see right now social media is consumers are directly involved in either the content development process, or the engagement process. And if you look at no further than the side effects of what we see with Facebook, the downside of this whole data conversation is that the users want to be in control, and they are in control. So you're seeing almost a blurring of the lines between B2B, B2B, and C2C, where people need to tailor the eCommerce experience and have the data insights, either realtime, and or intelligent wise to know that the consumer is participating offline, they're online, but also peer to peer. The consumer to consumer relationship is to me going to be the cutting edge forward innovation area that a lot of these companies are going to innovate on because a lot of referrals are going on organically now as it's not so much audience anymore, because the audience is online digitally, it's about the network connection. So as people have a network connection with their friends, and you're seeing Facebook proving this, and LinkedIn, and others, is that you're going to start to see that data be very important. So I see a future where eCommerce stacks have to support consumer to consumer in any context, business to business, B2C, business to consumer, consumer to consumer, this is the holy grail, and whoever can scale that, again at large scale, while creating a money making opportunity, value creation opportunity for ecosystems is the winning formula. >> One of the themes that popped up during the keynote this morning with a number of folks that were on stage, including their CEO, and the Pittsburgh Steelers, was personalization. That's something that we expect as consumers, and as well as business buyers, we want to be able to have something where we know they know us, but we don't want to be marketed to. So Magento has done an interesting job and we're going to have a number of guests on the show today talking about how they're enabling this more personalized customized, you mentioned the word tailored, experience as a consumer to be able to get what I want when I want it, but also, through a now omnichannel. We're going to hear a lot about omnichannel today and how that's enabling new revenue streams, reduction in attrition, they talked about one of their newest features, Magento did, with the instant purchase. We want to be able to click once, buy it, and have it, something that means something to us, be able to buy it again, and again, and again. >> I mean this is the challenge right, in eCommerce, is table stakes are some of these features like instant click buying, having the kind of personalization, but the real angle to me is bringing in the personalization so that the consumer's involved. So what you see with the Steelers for instance, they do realtime shooting of the game and incorporate the fan experience into the eCommerce experience really seamlessly and in realtime, and so what you have is a change of a methodology. And so, eCommerce used to be a very one directional monologue, you'd put content out there, people browse and consume. Now you have a realtime interactivity piece, which changes the content production perspective, and the Steelers pointed that out. In the tech world, we used to call this agile programming, when you write software development. So you start to see the concept of agile come into eCommerce where, whether it's an entrepreneur, Melissa, baking goods, or a business, they want to focus on the business at hand, not provisioning technology. So you've got to have a partner like a Magento or someone who can build all that tech turnkey so that people can focus on the business at hand and that's agile. So if they decide to incorporate something really fast, you can't have this waterfall process, and that's the problem with the content market, and that is a legacy baggage of eCommerce, where hey, we built it, we ship it, but we got to go back and decide what to change, and we got to push it through the code base. You're provisioning technology, that is an old way of doing things, that's not ideal for the modern era. You need to be very agile, very scrum like, to use that term, and content people need that to be successful because the difference between realtime and having that right experience is a matter of seconds and or context specifics. So agile content, can't be waterfall. >> Exactly, agile content that's data driven. You mentioned data earlier, we're going to actually be talking with Anita Andrews, who's going to be talking about what Magento can facilitate and deliver their users with respect to BI, the Steelers talked about that, they actually see when the Steelers aren't doing well, they see a reduction in merchandise, merch that's actually purchased on site. So they have the data to be able to make the decisions to deliver this personalized content in a way that they can see, how can we adjust our sales structure to be able to capitalize on revenue opportunities. >> I mean responding to data is really critical, so the Steelers example is great. When they lose, there's no sales, 'cause everyone's kind of bummed out. When they win, they sell everything out. So you know, in sports world, which is that big part of Magento's base, managing the assets of running the franchise, for instance, becomes a real big thing. Whether it's food, or apparel, or any kind of fan experience, they can adjust either dynamic pricing, these are the things that the content owners want. They want to be able to say, hey, we can understand sentiment from the data, and then adjust the marketing mix and content mix based on what's going on in realtime. That's a game changer, and if you can do that on a form factor for web, mobility, and future formats, whether it's cryptocurrency, that is going to be to me the tell sign of who's innovating. >> And speaking of innovation, this is the eighth event that Magento, the eighth Imagine event, our first time here, but you mentioned their partner ecosystem, there's 1150 solutions and technology partners you can see quite a few of them behind us here, a lot of people are needing this type of technology to be able to better merge the online and offline worlds, across consumers, across businesses. We have some great guests here who are going to talk to us about how they're doing that, enabling multi-retail, enabling multi-channel, and really enabling this true globalization of commerce to allow businesses to go, we actually have a guy from Coca Cola who's going to be on today, talking about the project that they are, where they're personalizing the Coke bottles, it's such an interesting topic of discussion because it's very personal and very relatable, and I think. >> Marketing's always, market to the persona of one, but now you have a brand relationship that's online and offline, and this is changing how companies are building their assets. So an offline retail outlet, whether it's a mall or a superstore, or whatever, that can be configured in a way that's complementary to the online, and then having the merging of the data, and then having that relationship with the consumer. To me, omnichannel is a huge retail challenge, it's super important, because at the end of the day, do you want to have that insight into the customer, but also have the great experience, that's key. >> Exactly, so we're going to be talking with the Accent Group, who's an award nominee for their awards here, and they're going to be talking about how they are merging multiple brands, hundreds of thousands of SKUs to be able to facilitate, and also give them the insight that retailers need on inventory, giving them fulfillment options, there's so much positive business outcomes that can be generated from this. We talked about reducing attrition, getting us faster check outs, we want to have something that's very simple, very seamless, and as you pointed out, really interesting to understand, what is the modern technology stack that can facilitate that? >> Yeah, great user experience, retail intelligence is something I think that's going to be something that's fascinating, and again, it's all about scale and the technology stack, and taking that complexity away from the customer, because at the end of the day, the digital storefront is what people are going to be interfacing with on a primary basis, that's also very complementary to the offline. So I'm super excited, I'm totally pumped to get into it. >> Me too, well looking forward to hosting with you all day John, and again, we are live in Las Vegas at the Wynn at Magento Imagine 2018. I'm Lisa Martin with John Furrier, we're going to be here all day, stick around. We're going to be right back with our next guest. (upbeat music)

>> Narrator: Live from Las Vegas, Nevada, it's The Cube, covering Accelerate 2017. Brought to you by Fortinet. Now, here's your host, Lisa Martin. >> Hi, welcome back to The Cube. We are Silicon Angle's flagship live streaming program, where we go out to the events and we extract the signal from the noise, and we bring it right to you. We are in beautiful Las Vegas with Fortinet. Today, or this week is their Accelerate 2017 event, and we've been excited to be chatting with a lot of their folks and technology partners. Today we are joined by two gentlemen from Fortinet. First, we have John Maddison. You are the Senior Vice President of Products and Solutions. >> Indeed. >> Lisa: Hey John. >> Hi. >> Lisa: Thanks for joining us. We've got Joe Sykora who is the Vice President of America's Channels. >> Thanks Lisa. >> So guys, a lot of exciting stuff going on today. I wanted to give the viewers here who haven't had a chance to meet you guys yet, what you're both doing. John, you have a veteran. You're a veteran of over 20 years experience at telecom >> At least. >> At least 20 in IT infrastructure, security industries, you've lived in Europe and Asia and the U.S. and worked in those. Joe, you oversee quite a big channel of over 7400 America's partners and the entire channel strategy. So you guys are kind of busy. >> A little bit. >> Joe, you're probably pretty proud of this. You were named, in 2015, by CRN as one of the 50 Most Influential Channel Chiefs. >> Yes I was. >> Did you get like a button or hat? >> No, I think it's a t-shirt. >> Oh, t-shirt. >> Absolutely. >> Outstanding, so speaking of t-shirts, I have no segue there, wanted to understand, we've been talking to a lot of your folks today, as I mentioned. We talked to your CEO who was talking about this third generation of security and kind of where we are today with that. And then we talked to Drew, the CFO, who was really talking about the criticalness of trusting data. With the announcement today, maybe John I'll throw this to you, the announcement today of the new products and technologies, how are they going to continue to facilitate or enable your customers, direct or indirect to be able to trust their data? >> Yeah, so we announced the fabric last year. Today, we announced our operating system Fi.6, which is extension of the fabric. We also announced something called intent-based network security, which is the next generation of network security that Ken Xie, our founder, talked about. And then we also announced, the third thing is our new security operations solution, which brings together several products for the infosec world. So I think all of these come together to make sure that we're continuing the effort to make sure our customers are safer, that they can integrate the fabric into their infrastructure and obviously, that's very important to their brand. >> That was going to be one of the things I was going to talk about is are you seeing that you're making a difference in the brand of a customer? We were talking, before we started today, and a lot of you are familiar with some of the the big breaches, I mean, breaches are a common, daily occurrence, but when when they start happening in brands it's the consumers know who aren't in technology becomes a suddenly, can I trust this particular brand where I normally go and buy household products. So it sounds like the announcements today are really next generation leading you guys to continue to be able to deliver, not just that comfort level that your customers need in terms of we can trust our data, but also helping them improve their brand so that their customers trust their brand. >> Exactly and so, you know, the fabric has expanded in that we've expanded it across multiple now attack vectors so what used to be really focused on the core network, we can now cover email, we can now cover the web, endpoint and also, you can see some of our partners around here, we've also expanded our fabric-ready so the fabric here has several APIs, multiple APIs that allow different partners to connect into it. And so, we haven't announced it totally yet but we've got six new partners, some big companies like Cisco and HBE, actually joining our fabric-ready program to be part of the fabric. So we can cover the entire infrastructure of any company. >> Fantastic, so speaking, we'll get to that in a minute but one of the topics that's also come out today, as we've seen the evolution of security from perimeter based security in the 90s to you know, web security, cloud security. Moving towards 2020 and the fact that it's 2017, a little scary, we're pretty close to that and we're seeing this explosion and proliferation of mobile devices, of IOT devices, lot of lack of security there. As we get to that point, one of the other themes that we're hearing a lot about here today is that there is a gap in terms of of resources. What is Fortinet doing to help bridge that gap, that your customers are facing? Where it comes to, specifically, network security programs? >> So one of the programs we launched again, a couple of years ago was the Network Security Expert program, NSE, in 2016, we had over 30,000 certificates issued on NSE. It's probably one of the largest security programs, 'cause one of the big issues for customers and our partners is just the skills gap, cybersecurity. We also, actually, use a lot of those materials and assets and give them to Universities who are starting to do their programs as well. That's really essential for our partners to be trained at the lowest level in terms of the basics, but also, we've had about 40 people take part in our Network Security Eight architecture program. You can see them, these are the pins, actually, we have, which are NSE one to seven, but the NSE eight are the red ones and there's about 40 now of what we call security solution architects, who can go into companies and look at their complete infrastructure and give them an update in terms of security. >> Excellent, so want to touch on the channel, for a moment. Ken talked about the security fabric architecture, you mentioned that it was launched last year. What has been the reaction of the channel? >> Oh, it's been absolutely great. It's about mid-year last year's when we announced that. Embraced by the channel, in fact, CRN named it the security product of the year, for 2016. >> Lisa: Oh, fantastic, congratulations. >> Very proud of that. And that's actually the feedback of the channel partners. It resonates. It's creating new opportunities for our partners. Combine that with the training that John just talked about, I mean, they're armed to really just go out there and help solve all those end user programs, problems. >> Thank you, and sorry for interrupting. What are some of the main pain points that you're hearing through the channel, that customers are experiencing as we start to see big attacks have become more and more prevalent, the Dyn attack recently, DdOS being common types of attacks. As more and more things, like critical infrastructures are becoming plugged into corporate networks, and more mobile and more IOT, what are some of the pain points that your customers are experiencing, and how are they, looking to resolve and mitigate some of the challenges that they have leveraging the security fabric architecture? >> Sure, well attacks are going to happen, right. We know they're going to happen. It's how fast can you react to those attacks. And the fabric actually enarms our partners to just have intelligence on what is actionable and what's not actionable. So we're tryin' to automate that. Some of the future stuff that we're going to be doing later in the year is going to even enable them more. But it's all about simplifying it for our partners to react to what needs to be reacted to. >> Are you seeing, from an industry perspective, we were talking with Derek Menke, excuse me, about healthcare really being at the top of the at risk from an industry perspective. But in the general session today, there was a CSO panel and there was Verizon was there, Levi's was there, as well as Lazard. We saw Telefonica throughout the event today, the Steelers. Are you seeing through the channel, and maybe this is a question for both of you, are you seeing particular industries at more risk coming to you through your customers' needs or is it fairly agnostic from a security perspective? >> Yeah, I think on the channel side, obviously, everyone's at risk, right. So I think it's the value of those of the incidences is really more highlighted. So when Derek talks about healthcare, for example, dealing with people's lives is important along with you health records. So that's much more valuable than say, at the Steelers, not being able to get on the guest wifi. So I think everyone's at risk. All of our channel partners have different verticals that they go after, and it's all the same, it really is. >> Yeah, I would say the risk is pretty broad across every vertical, I mean, yes healthcare, the healthcare records are extremely valuable, but also the financial industry. You've also got industrial controls systems, for example. You've also got retail and so, I think every vertical, every industry is taking security very, very seriously. And back to your previous question about how is the fabric helping partners, I think, previously, they had to kind of stitch together a lot of point solutions themselves. I think with the fabric, it gives them an architecture or a framework. It could be mostly Fortinet gear. It could be Fortinet plus some of their other partners. It helps them put that in place across the entire infrastructure. >> You bring up a good point, John, that that was brought up a number of times today and that is the role of the CSO now being, you know, kind of think, is that guy or girl at the lead of the digital army? But that person is inheriting, we were seeing a couple of different reports, North of 25 different security technology, really kind of a patchwork environment. In that kind of situation, where now security is a board level conversation, how is Fortinet direct, and through the channel, helping that CSO? Is that a key buyer for you that you're helping to figure out, I've got this patchwork here, how do I build it into a fabric or a fabric around it? >> What we've seen, what I've experienced in the last 10 plus years in security is, I'd often go into a room and there'll be the network security people on one side of the table, and the security people on the other side of the table with the CSO and the CIO and I think, that gradually over the last three years, I've seen more cooperation. So now, when we have briefings with customers and partners, you'll see both teams together. You'll see a new role inside customers called the Security Architect, that's looking holistically longer term over the security architecture. And one of our announcements today around the security operations center is to do, just do that, bring together the SOC and the infosec world, together with the network security world. We did a demo today on stage showing that bringing together our Forti SIM, our Forti analyzer with our fabric to bring those two worlds together, because as Joe says, you know, there's a report done by Verizon on the breach report that says, within 60 seconds, you can be compromised. You've got basically 60 seconds to stop that threat and so speed is very important. So giving our partners this ability to bring together a fabric, with Fortinet gear, with our partners' gear, that provides very fast protection is very important. >> Excellent, one of the things, too, that I found interesting today was learning about what FortiGuard Labs is doing. I read over the weekend what Derek Menke's team published, the 2017 predictions. Really quite frightening. And he was on the show earlier and saying, that they're already seeing a number of these things already in play. How much more intelligent malware is getting, and the pervasiveness of the threats there. How are some of the new technologies announced today, maybe enhancing or what FortiLabs is doing from a threat intelligence perspective, is that something that was part of? >> Yeah, that's a really important area. I think the vendor community needs to do better in sharing the threat intelligence. I think, today, it's in pockets, but I think long term, it's absolutely essential that threat intelligence get shared across the whole community because, with some of the new threats coming, the machine to machine threats, the scale and the speed's going to be even more. You saw the Dyn attack last year on Ddos. That's going to be small compared to some things coming up. So I think, longer term, the fabric across the infrastructure, and then the security vendors getting together and sharing that threat intelligence so you've got a bigger view of the attack surface is absolutely essential to stop the new type of threats. >> Exactly, and as that attack surface is growing by the day. So last question, before we wrap up here, give you guys both a chance to answer. At the beginning of your fiscal year, here we are in January, what are you most excited about for the channel in 2017, for example? >> Sure, opportunity, right. For our channel partners, we've got probably one of the strongest channel partners just the overall. We're aligning, realigning with our field teams, so just the resources that all of these partners have. I think the opportunity's great, the market's great, like you said, you open up anything now, and you see, okay, it's been infiltrated, it's been hacked. So I think we're all going to have a really good 2017. >> Fantastic, John, what about you? What are you most excited for? >> I was most excited about this interview, actually, that's what I was looking forward to. >> Wow, fantastic, we'll close there. (laughter). >> No, I think it's obviously, rolling out more of our technology, integrating more of our partners, training more of our partners and helping them with their customers. >> Fantastic, well the buzz and the momentum here and also, the passion for both yourselves and your roles and your peers and your colleagues is really palpable. So I want to thank you both for joining us on the Cube today. >> Thank you. >> And we wish you the best of luck at the rest of the event. >> Thanks Lisa. >> Alright, for John and Joe, I'm Lisa Martin. You've been watching the Cube, but stick around, we'll be right back.

welcome back to vmworld 2013 this is our special live coverage live in San Francisco California this is the cube so look at angles flagship program we go out for the advantix track the signal from the noise talk to the tech athletes talk to the entrepreneurs talk to the customers talk to the party stuff to the execs join my coach Dave vellante and we're here the very special guest Sanjay from the new GM of the end-user computing business unit at vmware welcome back to the queue your cube alumni from sa p of which we've done for four years as well it's our fourth year vmware great to see you on the cube nice to be back executive at vmware so what a year it's been the whole theme has changed in 10 years a 10 year anniversary of vmworld defy convention change and our past conversations you can handle that your have so much experience at s 8 p-9 convinced that's made a by convention and and it via more need some help at the end user computing here at strategic area so over to my data center hybrid cloud and use computing pat simplified it down to three areas you're heading up and use a computing strategic to say the least for vmware what's your take of what that is today where has it been and what motivated you to come to vmware from sa p which had great edge mobile mobile analytics everything's happening at sa be great mobility okay you know i think what got you I've always loved being here so so first off thank you guys for having me back i looked at the way in which end users have been using computing and as you know I've been in the business user space practically all my life analytics big data in the last 15 18 months in mobile so I saw this as a great opportunity for a company that was came to extend their brand from the data center to the desktop and whether desktop is going my views of the desktop obviously is not just the laptop for the future of these mobile devices so the desktop of today is clearly going to move into the cloud there's mobile and then there's machines your Tesla your thermostat your refrigerator these are all the ways in which we think about children and these are all going to be end-user computing devices as personal computers absolutely not there is more software today in your car and then there was in the first spacecraft 1970 I believe that or not so from our perspective and you think about the types of players and technology infrastructure players that are going to be strong I believe that needs to be three core disciplines to what that company you have in terms of technology now cover the other aspen tree one was management technology the other security and virtualization and quite frankly I felt the VMware had much better access than any of the other companies to make that happen for what end-user computing the other aspect of it was VMware's always been accompanied this value of innovation we look at the roots of this company it's an innovative product and go to market it's an innovation company I wanted to be close to an innovating team the culture is very much of innovation from product to go to market and then you know from a joking perspective thirdly my commute got 50 yards shorter I used to turn left now I turn right 50 yards shorter that was effective and the campus is nice at the end of this beautiful campus as well I was SI p but I got to ask you about the end-user computing cuz you know one of the things Dave and I were talking about earlier we love that stack that Joe Tucci Pat Gelsinger and Palmer's laid out in 2010 you know four years ago and it was some call it the software mainframe cloud computing and it was beautiful nice we all recognize dad bill in the stack but there was some misfires virtualization expanded he could flash date of fabric all kind of was happening software to find jumped in there and and changed a little bit didn't change the direction but the top of the stack it was some misfires and just didn't feel right was that a factor that come in with a clean sheet of paper was it a turnaround situation was it just ok reboot reset grow what was the the dynamics at the top of the stack that yeah I don't think first off you want to go I mean I felt this was a company that had a tremendous brand 500,000 customers you know 40 50 million but this is a company that's a brand this year so that's always a good place to start you're not creating a brand you're building on that brand that was very very important but as you looked at where the data center was going it's moving to the cloud and cloud computing and we have a clear strategy there to play in cloud computing that was very very important to me but in terms of where the end-user computing opportunity was I saw this as just being the first inning the VDI space virtual desktops it really is a two player market there and I think our competitor isn't innovating very much we have an opportunity to be the innovator and gain market share and overtake them to be number one I'm here to be the number one player in bi but mobile were just in the beginning of that inning if you would the first to second and it's a wide open market social computing we've got social constants a great product Tim Young's the CEO of that company he's the real deal and in social computing we think that those areas desktop mobile social and where they're going to go are at least the first three aspects of where a user computing has a lot a lot of opportunity just Sanjay we the first three shows we ever did we did emc world was the first one we ever did with the Cuban and right after that we did SI p sapphire and then vmworld was always interesting to contrast you know the sort of infrastructure shows the sapphire and we saw the transformation of SI p pretty substantially particularly after the sybase acquisition so you had you know serious management as top management thrust toward mobile and then you also the acquisition of sybase gave you some of the management technology the security and and maybe not the virtualization piece but you really began to change the discourse and you and the customers bought into it so that was I felt a catalyst this there's an outside observer is that true and then what's the catalyst here was it cleaning up sort of what I used to call the misfit toys creating the pivotal piece and getting more focused bringing in the new leader what is that that catalyst you know I think force I was very blessed to see a transformation of saap from systems of record to systems of engagement I was very involved as you know in the analytics to the data and the mobile business much of that catalyst is still valid systems of record the systems our engagement so a lot of what's happening the end user computing area is those systems of engagement that continues that's abroad but then as I looked at the IT trends or the Big Data of mobile of social of cloud there's at least three or four of those now that we have an opportunity to play here in a big way yes there was an opportunity to redefine things with almost a clean slate in many areas and a fantastic team both patent and joe tucci were involved in recruiting me here have a grand vision and a great vision of where this is going they're fantastic executives and then the rest of the executive team from called to jonathan to everybody else here world-class people that i felt i could just culturally fit in very well with and in this area you know as you know business users stuff and end-user computing has been my passion me so it's a very natural area for me too hopefully extend what I've done in the last 15 20 years into something like their help to melt this company and then from a revenue perspective if we can double the revenue this company with hopefully a good par they're coming from and use your computer this will continue to be a very very hopefully well market capitalized company and also you mentioned SI p about you know the cloud they've had some cloud issues we've seen some ships and some some things they ever the mobile they were kicking butt on we saw that right away and you're in that but I looking at your view on the competition because Damon are talking yesterday are the first day about Ballmer's resignation and just did a reorg announcement goodly intelligent edge of the network so the conversation was disruptor or sustainer you know who are you right i mean vmware technology driven company is not sustaining anything still disrupting microsoft obviously kind of sustaining the status quo so so the question is who's your competitors is it a Microsoft is it someone else who's in your rear-view mirror and who's who you looking to laugh on the field I mean clearly if you look at each of our businesses there are different ones but in the core data center stuff traditionally computer in Microsoft but we are far and ahead a market share leader you know in that at least seventy percent plus so that's a very strong position there in the way the cloud is going it's open mark it's a complete open opportunity I think you heard from Pat Gelsinger a message where we're going to embrace an appropriate places OpenStack so you're going to see this not be a combative but a place where it's it's collaborative in some places in the end user computing area we are in some areas number two behind Citrix but I view it as a huge opportunity we're bigger them and as a brand as a company and my ambition here is to play to be number one and in the areas of mobile there is no clear leader it's very much an open area especially relates to mobile management of mobile security in the enterprise mobile and the good news i think in the end user computing especially as you think about the new aspects of mobile there is no one device operating system in the laptop world you guys both have max but windows is still about eighty ninety percent market share their in the device operating world of mobile it's a heterogenous world already from the get-go iOS Android Windows Mobile and that actually creates much more of an opportunity for a Switzerland type of player to be a leader in management security and virtualization so much of those dynamics you know I think requires to being innovative but my gentle attitude on competitors is you don't obsess about it clearly you have to UM ambition to be number one and competition keeps you honest but I'm much more focused not on who's in the rearview mirror competitors I describe some of them in that league but a lot of where we believe we should be going you were talking a little bit before I caught the Internet of Things at the industrial internet and Cisco calls the internet of everything i love the cube because we get to do all these great events we were at the GE industrial internet launch and and I know pivotal so they're a big partner in a part of that right so I wanted to scrape because get to talk to all the smartest people like you and extract their their knowledge so I want to understand the roadmap for the customer so you take down the enterprise with what used to be known as a VDI is it a parallel path to the Internet of Things or the industrial Internet talk about that look I think you know first off you've got to think about where the desktop is today and where the desktop is going because that's the primary aspect of where people have traditionally been using their computing time has been on the desk top 10 for 20 years ago you probably did all your email on a desktop area today a significant part of that is on smartphones okay as little as possible so the world of the time spent between a desktop and a mobile device is changing we've seen it especially since iOS came out now the fact of the matter is that computing inside machines is not not a new concept it's been there for a while but the ability to manage them secure them potentially virtualized on is something that's very nation and one way I believe there'll be an opportunity so my view is that whether it's the desktop whether it's a mobile whether it's a machine the technologies are going to have some common substrate a fabric that are going to be common to all of them but there's going to need to be some miniaturization you can't apply potentially the exact same software you have in the data center to a tiny thermostat and not the beauty of it is we've got smart engineers we have understand the miniaturization aware this technology needs to apply and we're going to play this out i think the machine a machine Internet of Things opportunities well ahead of us we're in the beginning of that but the good opportunity there is it's 50 billion plus things tens of billions of devices and so and so forth the other thing that I think is important is that there are other technologies i mentioned management security virtualization there are other technologies that I think they're also going to play social computing what is the appropriate place for how people are going to collaborate in processes I don't think that's been that it's well understood in the consumer world because you see the facebooks in the LinkedIn but there is some mirror of that in the enterprise which i think is wide open any machine learning big data those kinds of trends will drive a lot of how you're going to collaborate not just between man to man man dies yeah right otherwise the Steelers opportunity that's the automation piece that keeps on coming back as the automation I got to answer since you brought up the thermostat thing and you're kind of riffing on that you've a lot of experience and certainly SI p in the verticals it's interesting mobile has different verticals they know how you talk to financial services government is that a constraint or an opportunity I think it's a great opportunity I think that any company that grows horizontal which is what we've done you know we're fight i'm in three the most baffling stat when Pat and Joe talked to me was that VMware's 500,000 customers that's huge but most of that growth has happened horizontally there's been no gradually an industry verticals ation one of the things we did very well at SAAP was industry verticals there's now SI p is a 40 year old company you'd expect that what we're going to start doing and end-user computing is starting to vertical eyes some of our aspects of how we sell for example in VDI we're finding a number of healthcare places where they want to equip physicians and clinicians with either laptops or devices now where you can get get to their clinical records medical records on a device that's completely locked down and virtualized so that you don't have to worry about that device or that laptop getting locks that's a real real opportunity for virtualization in healthcare the same and government we're seeing the same in many of the very very sophisticated branch and local type of remote you know office type of settings so increasingly we think both the desktop and mobile they're going to be vertical use cases and we'll start building out technology and both solutioning of them that allow them over I want your app sunk in the industry and I think some of them that are very relevant our health care banking federal and then you know several the other sectors where there's lots of employees very distributed and sense and also ones where you've got to ensure that the data doesn't leave their device laptop or mobile Sanjay ponen here inside the cube now with VMware GM at the end user computing group thanks for coming inside the cube I'll give you the final words I want to ask you I'll see your senior executive great leadership move for VMware you can come in with your running shoes on there's no no real delay there so I'm expecting to see some great stuff from you but what's your objective you're gonna get ingratiating from the new culture which is not going to be hard for you again left turn vs right turn your understand tech what's your going to be here your personal objectives over the next couple months as you get in and start to you know put together the plan I mean obviously metrics or clean the objects are clear SDDC hybrid cloud and use a computing Europe and fear piece what are you going to roll out and I think you all as you know in any software company your assets of your people so my first focus is to really understand the fabric of our team of people it's a it's a smaller team than s API to worry about 65,000 people here it's 15,000 but in my own team getting to understand how we can continue to retain and grow great talent we have a fantastic team not just if we remember also in my immediate team and we're going to continue to grow that team and in that I think you'll find great innovation secondly we're going to define goals that are revenue and market share related that a both short-term and long-term to be number one than the undisputed number one in every aspect of our market in some of our markets there are existing competitors being other ones we're completely creating new markets and third we're going to go and make customers enormously successful I think when you make customers successful with great innovation and great people you have a fantastic business right and I could envision you know over a multi-year period imagine that VMware's twice the size that we are today five billion dollar company if a significant part of that could come from end-user computing that's going to be a phantom great you know morale-boosting and better shut the streets down here in San Francisco like to do with oracle openworld right down 23,000 people estimated here everybody else is going right up straight up so vmworld you can a vision that fifty fifty billion dollar Tim you know 39 million billion market cap I mean you could I could see that within i double the revenue you guys do the estimators but double right along with it and then you gotta focus make we talked we talked to pat you got to figure out that your camp and then it yeah we can double the revenue triple mark it was all good problems and now we're dreaming a little bit but I think you guys ringing the future before you create an aftermarket most inspirational thing we could do is help our employees and our customers be in that future and that's what I'm excited to do sanjay pune we're here at vm will be document it's our fourth straight vmworld will be continuing document we're here in the cube thank you for coming on your check athlete looking forward to seeing you with your running shoes on and using computers needs a big lift they have the right guy for a job be right back with the cube with our next guest our friends at Andreessen Horowitz and a hot start up in the space in virtualization I'll be right back after this short break