>>And welcome back to the cubes coverage of AWS summit public sector here live in Washington, DC, where we're actually having a physical event, but also broadcasting to a hybrid audience digitally. I'm John, your hosted, like you've got a great panel here. Martin Rieger's chief solutions, officer stack armor, the thin poli who's with Splunk group vice president of partner go to market Americas and public sector, and Troy Bertram, vice president sales, a telos. Good to see you guys. Thanks for coming on. It's great to be. So you guys stuck on them to have a great solution on AWS called faster. Okay. Which is nice name what's what's it all about? >>So faster is about getting cloud service providers to an authorization, to operate with the federal government, uh, basically as fast as possible. It is the collection of threat alert, which is a fed ramp designed solution and boundary solution. That includes all those key security stack components. Uh, primarily our partners over at Splunk and telos. Uh, those products are scripted, streamlined, and designed to get customers there as fast as possible in a compliant manner. >>I love the acronym fast tr faster on AWS. Uh, how did you guys come up with the threat alerts concept? What did, what's this all about? How did it all come together? >>Uh, threat alert was, was born out of one of our primary services, which is migration and, uh, for roughly about a five-year stretch migrating federal agency systems, um, to Amazon, both east, west and gov cloud, uh, we recognized quickly that there was a need to include a security stack of common components, such as vulnerability scanning, uh, security incident event monitoring, uh, as well as a number of other key components designed around the continuous monitoring aspect of it. And so we quickly realized that, you know, the packaging of this solution and putting together a dashboard that allows us to tie everything in, uh, deploy very, very quickly through infrastructure as a code, um, was a vehicle that could help, uh, our customers and CSPs as well as agencies get through the FedRAMP ATO process. Um, quickly >>Talk about the relationship with Splunk and telos. How's this all connecting with? Just what's your role? >>Yeah, so really with the support of NIST and the new Oscar standard, which I'm going to make sure I get the acronym right. Open securities controls, assessment language, or asked gal, um, with our release of Exacta and automation of the compliance standards working with, and the framework, we've been able to look at best of breed partners in the industry, and it is all around acceleration of how can we move faster to deliver the end customer, the controls they need and want in a secure compliant manner. Um, and as someone that served in the government, right, it's, it's passion for the mission. And that's really what brought the three companies together >>And my opinion, by the way, congratulations on Telus going public. You guys do a lot of great cyber work. Congratulations. Now that data is the heart of this. I mean, Splunk that's all you guys do is think about data. How do you guys connect into, into the product? >>Well, it's exactly that really providing that data platform, then they analytics capability to enable the subject matter experts to bring the data to life. Right. And that's what we, that's why these partnerships are so important to Splunk because, uh, they have the subject matter expertise and can really leverage the power of the data platform to provide services to customers. >>Yeah. One of the big trends that's kind of underreported, in my opinion, is that partnerships required to kind of get the cyber security equation, right? This is a huge trend. People are sharing, but also working together. How, how do you guys see that evolving? Because you know, there has to be an openness around the data. There has to be more open solutions. How do you guys see that evolving? Um, >>Well you kind of hit the hammer on the heads. Splunk is, is essentially the heart and soul of our auditing logging and continuous monitoring piece. Um, in terms of, of the relationships and how we all work together. We we've evolved now to a point where we are able to pre-stage customers well in advance. Um, and in working with our partners, uh, tell us on Splunk. By the time we get started with a customer, we, we reduced the amount of time this takes, uh, on average by 40%, um, and even faster with the exact piece because, uh, as, as Troy kind of mentioned, the OSC gal component, um, is the future of accreditation. And it's certainly not limited to fed ramp, but that machine language, that XML Yammel Jason code, we've got things to the point where not only are we deploying Splunk in a, in a scripted pre-configured manner to work with our technology, we're also doing the same thing with Exacta. >>So the controls are three documented for everything that we provide, which means we don't have to spend the time going through the process of saying, okay, tell me what you're doing. We already have that down. The other best of breed type components that were mentioned by Troy. Um, it's the same thing, right? So customers, when they show up, they have a security stack that's ready to go. They already have FIPs compliance for encryption. They already have hardening in place so that when, when they approach us, all they've really got to do is deploy their application and close a very small gap in documentation, which we do with Exacta and then auditors can come in, hit the, they can jump, get what they need out of Exacta. And eventually once everyone else catches up to OSC gal, we'll be connecting systems to other systems and just pushing the package, the days of PDFs. And those are almost gone >>As someone that went through, um, achieving an ATO, the paper process and the Excel spreadsheets. It's a nightmare. And you've got sales engineers, you've got solution architects that are spending their time, not focused on delivering mission outcomes or new products and services to our public sector customers, but on the process and the paperwork, >>Can you share order of magnitude the old way, time wasting versus this solution? What's, what's gained cause that's key. This needs a resources when people are >>Every CFO ad in ISV wants to do two things, right? They want to support the sales efforts to move into the federal or state environment, right? We're talking about fed ramp, but state ramp is upon us now. So they want two things. How do I do this at the lowest cost possible limit my resources that are really expensive on the engineering side and how do I shrink the amount of time? So 40% is a very conservative estimate. I believe that we can continue with implementations of Bosco and other ingestation points, especially across government. We can shrink that time, which reduces the cost immensely >>The time savings day. What about the stack? >>But if you want to put it in perspective, right? I've been doing this since the beginning in 2012, and I've stood up three different three pills. I've audited over 200 companies. I've been doing this a long time. And in the beginning it was an average of 12 months just to get someone ready, just to get ready. That didn't include the audit time. So we've evolved to a point now where on average, that's down to 12 weeks. And that was before the inclusion of the exact piece. We were able to shave off four more weeks with that, to the point where we're down to eight weeks and the government is pushing to try to get towards a 30 day ATO. And I think Oscar was the answer for that. And so to give you an idea of where we were to where we are now, we went from 12 months to 12 weeks. >>That's huge. So the data is the key in here. And then you got faster on AWS. Love the name wa how does that compare to other ATO solutions? How do you guys see that comparing a wonder place? >>I think in terms of the other solutions that are available out there, there, there's a couple key things that, that I think the rest of the market is trying to do to catch up. And one of those is the dashboard technology that we have in place integrates directly with Splunk and with Exacta, it pulls in from all the AWS sources that are available in terms of security and information and centralizes it in one spot. And so nobody else is doing that and we've been doing it for years. And this, this to me, OSS gal, and the addition of the exact component was the next evolution. >>Um, on the partnership side, how do you guys see it evolving? What's next >>More continuous monitoring, I think, right. It's not just about a FedRAMP authorization, but continuous monitoring in general for, for all of our public sector. >>That's day two operations continues ongoing AI operations. There's gotta be some machine learning in here somewhere. Is there? >>Yeah. I'll speak to the partnerships a little bit. And I think even back to AWS, right? Why we're here and it's great to be in person is it's around us working together as an industry and companies, right? The authority to operate on AWS, the ATO and AWS was started to bring like-minded companies together to help solve these problems. Yeah. >>I mean, it's a real benefit. It really shows that you can put a stack together, right. And then save time like that 12 months to 12 weeks. That's what cloud's about right now. Then the question is security. Think you should get that right. That is going to be an evolution. What's the vision of the product? >>Um, well, there's two things around that we, we, we talked about, yes, it's, it's planned prepare authorized, right? That is the current fed ramp mantra and post ATO. The continuous monitoring piece is really a core element. But in terms of the future three PAOs, the third-party assessment organizations that, that audit our customers, that, that we're all preparing together. Eventually they're systems, they're all developing audit systems around. And so where we're going is the auditor will connect to Exacta and they will simply over API or whatever calls they make. They will pull all of that audit information control information, which is only going to accelerate this even more. >>Yeah. I mean, the observability, the data, the automation all plays into more speed, more agility, faster, >>And, and meeting all of the standards, right? Whether it's smart Z or it's HIPAA state Ram home in Austin, Texas Tex ramp is, is a thing, right? How do we help each one of these customers with their own compliance or super smart, >>You know, the business model of reduce the steps it takes to do something, make it easier and faster is a good business model. Wow. >>It's not, it's becoming an ecosystem right. In the sense that, um, you know, Oscar has been under development for three years and, and, and stack armor, we've been supporting some components at NIST, but to the point where, uh, once we eliminate the, the traditional paper, you know, word doc XL PDF, um, and get to a point where everything is tied together. But one there's one important aspect to this is that it's all in boundary. So the authorization boundary is that invisible red line. We draw around everything in scope for an audit. And so that, by the way, is another critical component. The Splunk servers are in boundary. The exact servers are in boundary, which is a huge, huge element to this. >>Yeah. Good. Great. To see the spunk partnership, adding value here with telos, good, your cybersecurity expertise, pulling it all together. It's a great solution. >>It is, and great partners to work with, right? And I know that we will have additional solutions and product offerings in the future. >>Martin treadmill, Bethann. Thanks for coming on the queue. Appreciate it. Enjoy the rest of the show. As we wind down day two of cube live coverage in-person event, AWS public sector summit in Washington, DC. This is the cube. We right back after this short break,

>>Welcome back to the cubes coverage of AWS public sector summit live in Washington D. C. A face to face event were on the ground here is to keep coverage. I'm john Kerry, your hosts got two great guests. Both cuba alumni Shannon Kellogg VP of public policy for the Americas and john would ceo tell us congratulations on some announcement on stage and congressional john being a public company. Last time I saw you in person, you are private. Now your I. P. O. Congratulations >>totally virtually didn't meet one investor, lawyer, accountant or banker in person. It's all done over zoom. What's amazing. >>We'll go back to that and a great great to see you had great props here earlier. You guys got some good stuff going on in the policy side, a core max on stage talking about this Virginia deal. Give us the update. >>Yeah. Hey thanks john, it's great to be back. I always like to be on the cube. Uh, so we made an announcement today regarding our economic impact study, uh, for the commonwealth of Virginia. And this is around the amazon web services business and our presence in Virginia or a WS as we all, uh, call, uh, amazon web services. And um, basically the data that we released today shows over the last decade the magnitude of investment that we're making and I think reflects just the overall investments that are going into Virginia in the data center industry of which john and I have been very involved with over the years. But the numbers are quite um, uh, >>just clever. This is not part of the whole H. 20. H. Q. Or whatever they call HQ >>To HQ two. It's so Virginia Amazon is investing uh in Virginia as part of our HQ two initiative. And so Arlington Virginia will be the second headquarters in the U. S. In addition to that, AWS has been in Virginia for now many years, investing in both data center infrastructure and also other corporate facilities where we house AWS employees uh in other parts of Virginia, particularly out in what's known as the dullest technology corridor. But our data centers are actually spread throughout three counties in Fairfax County, Loudoun County in Prince William County. >>So this is the maxim now. So it wasn't anything any kind of course this is Virginia impact. What was, what did he what did he announce? What did he say? >>Yeah. So there were a few things that we highlighted in this economic impact study. One is that over the last decade, if you can believe it, we've invested $35 billion 2020 alone. The AWS investment in construction and these data centers. uh it was actually $1.3 billion 2020. And this has created over 13,500 jobs in the Commonwealth of Virginia. So it's a really great story of investment and job creation and many people don't know John in this Sort of came through in your question too about HQ two, But aws itself has over 8000 employees in Virginia today. Uh, and so we've had this very significant presence for a number of years now in Virginia over the last, you know, 15 years has become really the cloud capital of the country, if not the world. Uh, and you see all this data center infrastructure that's going in there, >>John What's your take on this? You've been very active in the county there. Um, you've been a legend in the area and tech, you've seen this many years, you've been doing so I think the longest running company doing cyber my 31st year, 31st year. So you've been on the ground. What does this all mean to you? >>Well, you know, it goes way back to, it was roughly 2005 when I served on the Economic Development Commission, Loudon County as the chairman. And at the time we were the fastest-growing county in America in Loudon County. But our residential real property taxes were going up stratospherically because when you look at it, every dollar real property tax that came into residential, we lose $2 because we had to fund schools and police and fire departments and so forth. And we realized for every dollar of commercial real property tax that came in, We made $97 in profit, but only 13% of the money that was coming into the county was coming in commercially. So a small group got together from within the county to try and figure out what were the assets that we had to offer to companies like Amazon and we realized we had a lot of land, we had water and then we had, you know this enormous amount of dark fiber, unused fibre optic. And so basically the county made it appealing to companies like amazon to come out to Loudon County and other places in northern Virginia and the rest is history. If you look today, we're Loudon County is Loudon County generates a couple $100 million surplus every year. It's real property taxes have come down in in real dollars and the percentage of revenue that comes from commercials like 33 34%. That's really largely driven by the data center ecosystem that my friend over here Shannon was talking. So >>the formula basically is look at the assets resources available that may align with the kind of commercial entities that good. How's their domicile there >>that could benefit. >>So what about power? Because the data centers need power, fiber fiber is great. The main, the main >>power you can build power but the main point is is water for cooling. So I think I think we had an abundance of water which allowed us to build power sources and allowed companies like amazon to build their own power sources. So I think it was really a sort of a uh uh better what do they say? Better lucky than good. So we had a bunch of assets come together that helps. Made us, made us pretty lucky as a, as a region. >>Thanks area too. >>It is nice and >>john, it's really interesting because the vision that john Wood and several of his colleagues had on that economic development board has truly come through and it was reaffirmed in the numbers that we released this week. Um, aws paid $220 million 2020 alone for our data centers in those three counties, including loud >>so amazon's contribution to >>The county. $220 million 2020 alone. And that actually makes up 20% of overall property tax revenues in these counties in 2020. So, you know, the vision that they had 15 years ago, 15, 16 years ago has really come true today. And that's just reaffirmed in these numbers. >>I mean, he's for the amazon. So I'll ask you the question. I mean, there's a lot of like for misinformation going around around corporate reputation. This is clearly an example of the corporation contributing to the, to the society. >>No, no doubt. And you think >>About it like that's some good numbers, 20 million, 30 >>$5 million dollar capital investment. You know, 10, it's, what is it? 8000 9000 >>Jobs. jobs, a W. S. jobs in the Commonwealth alone. >>And then you look at the economic impact on each of those counties financially. It really benefits everybody at the end of the day. >>It's good infrastructure across the board. How do you replicate that? Not everyone's an amazon though. So how do you take the formula? What's your take on best practice? How does this rollout? And that's the amazon will continue to grow, but that, you know, this one company, is there a lesson here for the rest of us? >>I think I think all the data center companies in the cloud companies out there see value in this region. That's why so much of the internet traffic comes through northern Virginia. I mean it's I've heard 70%, I've heard much higher than that too. So I think everybody realizes this is a strategic asset at a national level. But I think the main point to bring out is that every state across America should be thinking about investments from companies like amazon. There are, there are really significant benefits that helps the entire community. So it helps build schools, police departments, fire departments, etcetera, >>jobs opportunities. What's the what's the vision though? Beyond data center gets solar sustainability. >>We do. We have actually a number of renewable energy projects, which I want to talk about. But just one other quick on the data center industry. So I also serve on the data center coalition which is a national organization of data center and cloud providers. And we look at uh states all over this country were very active in multiple states and we work with governors and state governments as they put together different frameworks and policies to incent investment in their states and Virginia is doing it right. Virginia has historically been very forward looking, very forward thinking and how they're trying to attract these data center investments. They have the right uh tax incentives in place. Um and then you know, back to your point about renewable energy over the last several years, Virginia is also really made some statutory changes and other policy changes to drive forward renewable energy in Virginia. Six years ago this week, john I was in a coma at county in Virginia, which is the eastern shore. It's a very rural area where we helped build our first solar farm amazon solar farm in Virginia in 2015 is when we made this announcement with the governor six years ago this week, it was 88 megawatts, which basically at the time quadruple the virginias solar output in one project. So since that first project we at Amazon have gone from building that one facility, quadrupling at the time, the solar output in Virginia to now we're by the end of 2023 going to be 1430 MW of solar power in Virginia with 15 projects which is the equivalent of enough power to actually Enough electricity to power 225,000 households, which is the equivalent of Prince William county Virginia. So just to give you the scale of what we're doing here in Virginia on renewable energy. >>So to me, I mean this comes down to not to put my opinion out there because I never hold back on the cube. It's a posture, we >>count on that. It's a >>posture issue of how people approach business. I mean it's the two schools of thought on the extreme true business. The government pays for everything or business friendly. So this is called, this is a modern story about friendly business kind of collaborative posture. >>Yeah, it's putting money to very specific use which has a very specific return in this case. It's for everybody that lives in the northern Virginia region benefits everybody. >>And these policies have not just attracted companies like amazon and data center building builders and renewable energy investments. These policies are also leading to rapid growth in the cybersecurity industry in Virginia as well. You know john founded his company decades ago and you have all of these cybersecurity companies now located in Virginia. Many of them are partners like >>that. I know john and I both have contributed heavily to a lot of the systems in place in America here. So congratulations on that. But I got to ask you guys, well I got you for the last minute or two cybersecurity has become the big issue. I mean there's a lot of these policies all over the place. But cyber is super critical right now. I mean, where's the red line Shannon? Where's you know, things are happening? You guys bring security to the table, businesses are out there fending for themselves. There's no militia. Where's the, where's the, where's the support for the commercial businesses. People are nervous >>so you want to try it? >>Well, I'm happy to take the first shot because this is and then we'll leave john with the last word because he is the true cyber expert. But I had the privilege of hosting a panel this morning with the director of the cybersecurity and Infrastructure Security agency at the department, Homeland Security, Jenness easterly and the agency is relatively new and she laid out a number of initiatives that the DHS organization that she runs is working on with industry and so they're leaning in their partnering with industry and a number of areas including, you know, making sure that we have the right information sharing framework and tools in place, so the government and, and we in industry can act on information that we get in real time, making sure that we're investing for the future and the workforce development and cyber skills, but also as we enter national cybersecurity month, making sure that we're all doing our part in cyber security awareness and training, for example, one of the things that are amazon ceo Andy Jassy recently announced as he was participating in a White house summit, the president biden hosted in late august was that we were going to at amazon make a tool that we've developed for information and security awareness for our employees free, available to the public. And in addition to that we announced that we were going to provide free uh strong authentication tokens for AWS customers as part of that announcement going into national cybersecurity months. So what I like about what this administration is doing is they're reaching out there looking for ways to work with industry bringing us together in these summits but also looking for actionable things that we can do together to make a difference. >>So my, my perspective echoing on some of Shannon's points are really the following. Uh the key in general is automation and there are three components to automation that are important in today's environment. One is cyber hygiene and education is a piece of that. The second is around mis attribution meaning if the bad guy can't see you, you can't be hacked. And the third one is really more or less around what's called attribution, meaning I can figure out actually who the bad guy is and then report that bad guys actions to the appropriate law enforcement and military types and then they take it from there >>unless he's not attributed either. So >>well over the basic point is we can't as industry hat back, it's illegal, but what we can do is provide the tools and methods necessary to our government counterparts at that point about information sharing, where they can take the actions necessary and try and find those bad guys. >>I just feel like we're not moving fast enough. Businesses should be able to hack back. In my opinion. I'm a hawk on this one item. So like I believe that because if people dropped on our shores with troops, the government will protect us. >>So your your point is directly taken when cyber command was formed uh before that as airlines seeing space physical domains, each of those physical domains have about 100 and $50 billion they spend per year when cyber command was formed, it was spending less than Jpmorgan chase to defend the nation. So, you know, we do have a ways to go. I do agree with you that there needs to be more uh flexibility given the industry to help help with the fight. You know, in this case. Andy Jassy has offered a couple of tools which are, I think really good strong tokens training those >>are all really good. >>We've been working with amazon for a long time, you know, ever since, uh, really, ever since the CIA embrace the cloud, which was sort of the shot heard around the world for cloud computing. We do the security compliance automation for that air gap region for amazon as well as other aspects >>were all needs more. Tell us faster, keep cranking up that software because tell you right now people are getting hit >>and people are getting scared. You know, the colonial pipeline hack that affected everybody started going wait a minute, I can't get gas. >>But again in this area of the line and jenny easterly said this this morning here at the summit is that this truly has to be about industry working with government, making sure that we're working together, you know, government has a role, but so does the private sector and I've been working cyber issues for a long time to and you know, kind of seeing where we are this year in this recent cyber summit that the president held, I really see just a tremendous commitment coming from the private sector to be an effective partner in securing the nation this >>full circle to our original conversation around the Virginia data that you guys are looking at the Loudon County amazon contribution. The success former is really commercial public sector. I mean, the government has to recognize that technology is now lingua franca for all things everything society >>well. And one quick thing here that segues into the fact that Virginia is the cloud center of the nation. Um uh the president issued a cybersecurity executive order earlier this year that really emphasizes the migration of federal systems into cloud in the modernization that jOHN has worked on, johN had a group called the Alliance for Digital Innovation and they're very active in the I. T. Modernization world and we remember as well. Um but you know, the federal government is really emphasizing this, this migration to cloud and that was reiterated in that cybersecurity executive order >>from the, well we'll definitely get you guys back on the show, we're gonna say something. >>Just all I'd say about about the executive order is that I think one of the main reasons why the president thought was important is that the legacy systems that are out there are mainly written on kobol. There aren't a lot of kids graduating with degrees in COBOL. So COBOL was designed in 1955. I think so I think it's very imperative that we move has made these workloads as we can, >>they teach it anymore. >>They don't. So from a security point of view, the amount of threats and vulnerabilities are through the >>roof awesome. Well john I want to get you on the show our next cyber security event. You have you come into a fireside chat and unpack all the awesome stuff that you're doing. But also the challenges. Yes. And there are many, you have to keep up the good work on the policy. I still say we got to remove that red line and identified new rules of engagement relative to what's on our sovereign virtual land. So a whole nother Ballgame, thanks so much for coming. I appreciate it. Thank you appreciate it. Okay, cute coverage here at eight of public sector seven Washington john ferrier. Thanks for watching. Mhm. Mhm.

>> Live from Boston, Massachusetts, it's the Cube. Covering AWS re:Inforce 2019. Brought to you by Amazon Web services and its ecosystem partners. >> Okay, welcome back everyone. It's the Cube's live coverage in Boston, Massachusetts for Amazon Webster's AWS re:Inforce: their first inaugural conference around security, cloud security. I'm John Furrier with my host Dave Vellante. If you're talking about security, you can not talk about cybersecurity, how it impacts government, society and commercial. We've got two great guests here from Telos, leader in cyber out of D.C. AJ Turcot, business development, and Tom Ryder, VP of commercial sales at Telos. Great to see you guys. Welcome to the Cube. >> Thank you, John- (A.J. talks over) >> Thanks, John, great to be here. >> I've been intrigued by Telos over the years. One, great company you guys, so congratulations. John Wood is phenomenal CEO. He's been hanging around for a long, long time. He's seen many cyber waves in security. You guys have a lot of experience. Now, we're talking about modernization of government. A week and a half ago we were at AWS Public Sector Summit which is this show in DC with Theresa Carlson's team. That's all about modernizing government, public sector, procurement, modernization in technology cloud. Here, the security conference feels the same kind of vibe for security. Not so much modernization but kind of level up, get faster, get better, get stronger. You know, everything's great, now lets go do it. So, similar kind of experience. You guys are in the middle of both those worlds. >> Yes. >> What's your impression? Are these coming together? Are they two separate? What's your impression of the show? >> Uh. It's, security is job zero. People have been saying that for a long time. The rubber's meeting the road now. You can see, this is, this wouldn't have been this big years ago. So, we're happy to be here and be part of this. Our company has been focused on cybersecurity since the word 'go'. And we're definitely seeing you can't do modernization without baking security in. Everybody gets it. It's not a bow tie any more. Wouldn't you say? >> Absolutely and it goes from the software development of the life cycle all the way up the stack. Little anecdote, John has been around for a long time. He's actually in the, and he'll hate me for saying this, but he's the longest standing CEO of a company in Virginia right now at 25 years. (laughter) We've been around for a long time. We understand cyber security and we've seen it morph as the various platforms have evolved. But, definitely a great show. A lot of vendors: some new, some old. We meet some friends that were with one that are now with another. And asking them why they changed and they say, "Well, the old school and the new school, different methodologies, different ways to approach it." But the problem fundamentally stays the same. >> Everyone else uses the old guard, uses the term 'old guard, new guard.' That's Jazzy and Theresa's word. But it really is about the transformation of that all companies are becoming security companies. They say that about media. All companies are becoming media companies. You inherently have in this horizontal impact of security. It used to be that this firms does security. You hire them and they come in, they do the job. But now, to where you got to bake it in, you start to see the brands: Microsoft, all these brands that were once software companies in general purpose areas really getting deeper into security. And then companies themselves like Capital One, Liberty Mutual, they're building out. >> Right. >> And potentially now turning it from a cost center to a revenue center. So, the model's upside down right now in a good way. What's that doing to the industry? And do you believe that it's happening then too? What do you see happening? >> The challenge in front of us right now is security has to keep up the pace and the scale of the cloud and the modern world. I know that we've had to change our tunes in our product suite to be able to, you know, test and demonstrate compliance at pace and at scale. Otherwise, you're just slowing down development. I mean, the real beauty of the cloud is, uh, the speed at which you can fail, recover, get the feedback loop, move forward and security's now at that pace and I think you'll see around here the companies that are offering that, not just a new coat of paint on a traditional offering are going to excel in this space. >> Well, this is why I like what you guys do because you talk to practitioners. They say their number one challenge is how to keep up with that pace. I mean, you could talk to one person at Amazon and no one person knows all the services or they think 'Oh, Amazon doesn't have that or oh, yes they do have that." So, having a partner like you guys to help navigate that pace of change is critical. So, how have you made that, you know, a tailwind for you guys. And what are customers telling you that they need help with? >> Uh, what we, our end of it, the piece of the elephant we touch, >> Yeah. is, um, the customers are allowed to use the cloud. They're encouraged to use the cloud. They're going to school to get trained and certified. But you can't go at this pace unless you are authorized. Right? You need permission. Nobody's allowed to put in the plug without their permission. And that's where our end of it is. And we've had to really retool to go at this cloud pace. I've been at Telos for over nineteen years and it's exciting now. And when we had the opportunity to go into the commercial side of things, I really lept at that because we're now building, you know, as I said, tooling out to keep at this pace of 'how do I test? Don't be a detractor. Don't be a slower-downer.' and, you know, it's the way we got to be. >> Take a minute to explain your product offerings for the commercial sector. What are you guys offering? What's the value proposition? >> Sure, um, our product suite is called Exacta. It's a mature product in the fed space. It's been around for nineteen years. And it's in very wide use in the fed space to operationalize their assessment and authorization: the NIST risk management framework. We're now seeing NIST cybersecurity standards are getting a lot of traction in spaces outside the fed. If you're a software company like we see around here, you want to business in the fed, you got to get a fed ramp authorization. Exacta's tooled to do that now. We're seeing state and local government embracing NIST cybersecurity standards. The defense industrial base has NIST 800-171. It's built into the defense acquisition regulations. You need to corporately meet these security controls. So, you know, it's not just for an agency on its own anymore. Everyone's getting in the game. >> So those standards are moving to commercial? >> Yes. >> You guys were baked out, bulletproof hardened product you're bringing that into commercial? >> And I would say if you take spreadsheets off the table, Exacta is the number one NIST cybersecurity automation and management platform. >> Yes. >> Spreadsheets will always be number one. It's like- >> Spread sheets are dead sheets >> Other than the pie chart. (mumbling) >> Right, right. >> So, you know, it used to be, and I'm wondering if it still is, the public sector would look to the commercial for sort of best practice, they might be a little slower to adopt things, and there's certainly examples of that today. You see Theresa at public sector announces something that maybe Amazon announced a year ago and now it's available public sector. But the cloud feels a little bit different. You've had cloud first mandates, things like Jedi. Is that trend changing? You just sort of gave us an example where certification's bringing that up to commercial, Is there still a wide gap between commercial adoption and public sector adoption? >> Well, I think one thing that we see is a lot of commercial or government entities built data centers because they had to. Right? Now, you see entities that have, you know, big robust data center infrastructure, they like what they do in there but not necessarily keeping up that data center. So, they're looking, they're all going to the cloud in varying degrees of speed. But nobody wants to be in the data center business like they used to. >> Charles Phillips from Infor says, 'friends don't let friends build data centers." >> Data centers, right. (laughter) >> That's right. AJ, how about some customer use cases and examples where you guys are helping them? What's their challenge? Give us some real-world experiences. >> Sure, sure. So, one of the industries that's highly regulated is financial industry. And, you know, we talk about healthcare with HIPAA, and different regulations. But in financials, they're really hit from regulatory bodies throughout the country. And they can change from state to state and a lot of times it just piles on top. So, one of the main issues that these companies face is audit fatigue. Internal audit teams to make sure they're compliant, external audit requests that come in, and they're really looking for a way to reduce this audit fatigue. One of the ways of doing it is to operationalize as we do with out tool, the systems internally to make sure that you can be compliant and, I'll throw out a phrase here, we believe strongly that you apply good cybersecurity hygiene, a byproduct of that will be compliance. So if foundationally things are good and you're taken care of cybersecurity from the get go, you know, you might have to tweak a few things to demonstrate compliance but you will be able to comply to many different regulatory products. >> So being built in from the beginning. >> Being baked in, right. So, what this particular organization, they've been around for a hundred years, they're in the financial sector, they've got a lot of regulations and state to state, as I mentioned, are different, they were really looking, and they use all the tools, they've got them all. They have data centers. They have one of the largest networks outside of the defense in the country. So they're quite big. And they were really feeling this audit fatigue. Eight hundred auditors working day in and day out to get, to meet these requirements are thrown at them. We're able to help them take the process from months to weeks. So, just there, there's an economy of time as well. So, the resources can really go off and do what their mission is without having to, you know, daily deal with the grind of going through spreadsheets, for example. >> Yeah. >> And the different systems. >> Do you, do you discern any patterns in terms of can you get more specific on what they're doing with that freed up budget or the digital transformation. Are they developing apps? Are they retraining people? How, how are they dealing with that? >> Sure. In this particular case, a lot of training internally. And it's like moving a cruise ship, you know? >> Yeah. >> It doesn't turn on a dime so you have direction on the top. They take primary focus might change and they have study groups. Interesting about them is they don't make, they make group decisions. So, they do, they're very big on data analytics. They're all actuaries I guess and they're used to that. And they want to look at the value. And I think that's something that we see. That's a tendency we see throughout all the different industries we work with. The demonstration of value. So, it might be neat. It might be fun. It might be more secure, less secure. Do we accept the risk? What value does that bring to the organization? And what they've done through training, through trying to change the old guard, you know, it's also reorganizing their systems internally and how they do things. Not just tools. >> So you guys got to love the fact that Amazon decided to have a security focused show. I mean, every show Amazon does is security focused but dedicated. (mumbles) You were mentioning the other day that, you know, a lot of partners here, a lot of vendors, but actually it's very attendee heavy event. >> Yes. >> Yeah. >> This is now like a huge COMDEX show floor. A lot of practitioners, sec ops guys, >> Yes. >> You know, developers. What are your thoughts on why Amazon did this? And your reaction to this. >> Well, Amazon has, you know, like we said, security is job zero for everyone at Amazon. They put their money where their mouth is. This was not an experiment. This was an eventuality. And, you know, there's zero doubt they're going continue to do this year on, year round. It's going to get bigger. >> Houston next year. >> Houston. >> Kind of an interesting choice: Houston. >> Yeah. >> It's going to be hot in June. >> Stay in the air conditioning. (lauging) >> I wish they'd stay in Boston. >> Yeah. >> I like Boston. >> I like Boston, too. >> Better than Houston. >> Yes. >> But the show is to your point, some dev ops and sec ops. So, again, there's bus dev folks here. >> Yep. >> You got geeks here. Not a lot of CEOs of big companies because it's not a glam converse. There's no big fanfare announcements. The announcements are pretty meaty: VPC traffic mirroring huge announcement, security you have general ability, not a surprise, but just smaller announcements. >> A lot of CSOs obviously. >> A lot of CSOs. >> Yeah, I'd say CSO in that vertical down. >> Yeah. >> The CSO, this is CSOs cloud security show. A lot of things getting invested in. Seems to be heavy activity. >> So, going into this when it was announced, you know, AJ and I had our hands up right away saing, "Let's do this." And then we get here and we're like 'okay, is this going to be a direct hit for us?' and I wouldn't say that everyone we talk to's a direct hit, but everyone that comes by the booth has some understanding of what we do. And there's been no wasted time. We're having a lot of good conversations. >> They're right where you guys are. They know what you do, the value to them. >> Right. >> All right, so here's a question for you on the show, given that you guys have this perspective so many years at Telos and cyber, shipping a great product, now commercial's changing cloud scale, cloud security, what do you think the most important stories are that should be told? That the media should be telling? Or maybe they are telling and need to be amplified. Or isn't being told that should be told. What are the top stories coming out of this event and this industry right now that should be told? >> I think that the two trends I'm seeing is that, like we said before, um, building and maintaining data centers is not, it's not cool anymore. And you see the trends of all these entities getting out from under that and they might be making a big commitment to the cloud or phasing out their data centers over time, but that is happening. And I want to read more about it because that helps us, you know, target who's going to be most receptive to our message. And then the other thing, like we said before, the security at scale and at pace. I know we've had to retool for it. The other companies here that are built for that are going to succeed. >> Yeah. >> There's an appetite for that. >> AJ, anything to add on that? >> Good point. No, very good point. At scale and to be able to pivot quickly and someone mentioned before to be able to fail, retool, start again. >> Yep. >> But to have, it's really essential to have security baked in. That confidentiality, integrity, availability of data, you know, the basics. >> You guys have partnered well with Amazon in the public sector now you're in commercial. Not a lot has changed. Amazon is still Amazon. Question for you is what are you guys think about what the opportunity is to differentiate is? You guys have your solution: speed and scale. Totally agree? (agreement) Size, speed, scale. You guys take the benefits of that by partnering with Amazon. But as it gets bigger and bigger, you guys still have to differentiate help customers. >> Yeah. >> How, how, what is the formula for success? You don't just do things, do a relationship saying "we're done" now collect the business. They're moving so fast that if you don't iterate on top of it you die seems to be the playbook. What do you guys think the value for ecosystem partners, the formula to be successful, what does that, what does that formula for, with an eighth of this cloud scale? >> Well, you know, everyone would just love to hitch your partner wagon to a, you know, something that's rising and not do a lot of work. But, that's not the way we roll. I think we get in a great partnership with Amazon because we have a lot of similarities, especially the customer obsession. You know, we want the customer to be successful and we ride along on that train. That's how we're successful. >> Great. Well, guys, congratulations, great to see you here. >> Likewise. >> It'll be a good journey. Cube's kicking off their security coverage at this event. Obviously cloud security changing the game. >> Yep. >> And it's got to level up with dev ops, agility. You guys have been doing. Thanks for sharing your insights. Appreciate it. >> Thank you. Thanks for having us. >> It was terrific. >> Cube coverage continues here in Boston for AWS: reInforce. I'm John Furrier with Dave Vellante. Stay tuned for more coverage after this short break. (digital music)

>> Live from Bahrain, it's theCUBE. Covering AWS Summit, Bahrain. Brought to you by Amazon Web Services. >> Welcome back everyone, we're here live in Bahrain, for exclusive Amazon coverage. It's theCUBE's first time in the region, we're excited to be here as AWS Public Sector Summit and commercial opportunities are expanding Amazon has announced and will be up and running in 2019 with a new region here in Bahrain in the middle east. It will generate a lot of activity, we expect it to create a tsunami of innovation, data information is the new oil. We're here covering it, this is going to be the beginning of more coverage here in the area for theCUBE. And we're meeting new people, and then we've run into some luminaries, CUBE alumnus, and our next guest is a CUBE alumna, John Wood is the CEO of Telos, also been on theCUBE many times as you might know, is an expert in cybersecurity, just an overall knowledgeable and visionary entrepreneur, good to see you thanks for joining us today. >> Thanks John, I really appreciate it. >> So you're part of the entourage with Teresa and the team as she comes in a cross-pollinates Amazon Web Services public sector seven, what she's done in Washington DC and beyond, here in the region, it's going to be a new formula that Bahrain and the people here have recognized. Like we were in a meeting yesterday, where you weren't pounding the table, but you looked very clearly at the Chief Executive Officer who reports to the king and the crown prince and you said, you don't really know yet, what you got, and you're a visionary, so and we've talked about this and so I want to get it out here on camera, this is a big freaking deal. >> It is. >> Can you explain why, and what your vision is and what will happen with Amazon, 'cause you've been a partner of AWS with Telos, you've been very successful, you've seen the moving parts, you've seen the impact of innovation. >> Yup, absolutely. >> What's your thoughts? >> So you know, the shot heard around the world back at the end of 2013 John was when the Central Intelligence Agency made the decision that the cloud was just secure enough for them. And that kind of made everybody around the world stand up and notice. So yesterday, when we were talking with all of the various people around economic development in Bahrain, you know I said the shot heard around the Middle East is that Amazon is located here in Bahrain. I think just like what happened in America, it's going to have a massive impact from a socio-economic point of view here in the Middle East and specifically in Bahrain. >> What are some of the things that you might expect to see, that they got to be ready for here? >> Well first of all, one thing I'll say is a marked difference from America is that the government here and the business environment here all has agreed it's important to move to the cloud. That in and of itself is a big, big difference than America. In America it's been a lot more fragmented and it's taken more time. I think here, I think the government and the industry is seeing the value of the cloud globally, and they're going to be able to move that much faster than even we did in America. >> They built a Formula 1 race track in 14 months, they don't have a lot of the baggage that America has in terms of older systems. I mean, more tech baggage, or tech legacy, older systems, older databases, kind of a clean sheet of paper. >> They have a bit of a clean sheet of paper, but they also do have legacy John. What they've also done though, is they've given themselves a two year time frame to move everything to the cloud. Now that in and of itself, having a beginning, a middle, and an end, is a really good thing because the journey's going to be relatively rapid and I think the uptick economically as a result is going to be rapid as well. >> So one of the things that you were also involved in here with Teresa and the local Bahrain government and entrepreneurs is you were here with General Keith Alexander, who had to leave last night, we had hoped to have him on theCUBE, four star general, head of the NSA, he's seen his shares of data and scale, he had a unique perspective. What are some of the things that you and General Alexander were discussing with the government here? Can you share with appropriate, some of the things you were talking about? >> I think we can apply best practices here, just like we applied back in America. I think the fact that they've gone to a cloud first policy is a really good thing, the next step I think is to find a standard that you can actually look to from a security point of view, 'cause with that standard you can then have a common lexicon. And that common lexicon allows you to share data between and amongst each other that much more quickly. >> You know, one of the things I overheard you over here and I kind of observed this, and I'm just going to throw it out there because we think the same way with theCUBE is that when you have a cloud model, the benefit of the cloud is you can just actually spin up another instance or thing. It's horizontally scalable, generally speaking. So as you run your business Telos with Amazon in the US and other areas, this is a new opportunity for you. It's almost rinse and repeat, just kind of plug in. And cloud gives you that benefit, so this kind of opens up the conversation of opportunities that Amazon will pull with them to Bahrain and the region. Do you agree with that? How do you see this pull that Amazon might have? >> I think what Amazon can do more than really any other cloud organizations is because they've been at it for such a long time, so much longer than the other cloud providers, they can bring best practices to the table, they can bring best technologies to the table, they can bring best partnerships to the table, which allows people to actually know with confidence that if they move to the cloud it's going to work, and it's going to be more secure. >> The other thing I will also point out at the end of that is then that Andy Jassy and Teresa also bring expertise. They'll do work here on behalf of citizens. >> Well absolutely, you know when Amazon makes a commitment to build a region over a 10 year period it's anywhere between a two to three billion dollar financial commitment to the region, so that in and of itself drives economic value into the region. >> So I got to ask you the tough question, which is obviously the one that's the elephant in the room, is instability in the region, potentially, how does digital disruption impact, say Bahrain and Middle East, you got Horizon, you got crypto-currency we know that markets kind of frothy and somewhat unethical in some areas, that's a red flag, but wants to be legitimate, cybersecurity, a big thing. This is your wheelhouse, cybersecurity, these new emerging areas, you got A.I. booming, you got cloud booming, got the notion these emerging tech, cybersecurity's at the center of the action. What does that mean for Amazon? What does that mean for stability in the region? What's the impact? What's your view on cybersecurity, Middle East, Bahrain, Amazon, can you share, can you unpack that? >> So John, that's an incredibly broad question, so thank you. So from my point of view, I can't deal with the political situations, what we can deal with is what we can control. And we know we can help control the security automation orchestration, we know it works. We've seen the most security conscious organization in the world adopt the security. We and Amazon are the security for the agencies cloud and we know that works. As it relates to the political situation I think here the ruling party understands that's an issue and they're working on it, and I can just leave that to them. >> But you're independent of that, you allow the scale piece on Amazon. And what do you hope to do in the region? What are some of your goals as a commercial opportunity with Bahrain announcing this partnership at the highest levels, this community here, young people want to work here. >> So I see it as a huge work force opportunity for everybody, number one. Number two, I think we can find a way to make sure that everybody can feel confident that it's going to work, so they can feel confident they can move their workload to the cloud. People in Kuwait can feel confident, people in Saudi Arabia can feel confident, and again, that confidence builds stability. With stability, with economic stability, there becomes political stability. That's the other point I'll make, is that at the end of the day, if you have the benefit of having the financial stability it helps in a lot of different ways. >> So what's your advice to the folks, if I had the king sitting here and the crown prince, we had a round table, what are some of the things that you would advise them from your experience, kind of looking back on your career and what you've done now knowing that the regions got a cultural and more of a different economic dynamic, what's your advice to the crown prince, the king, and folks trying to figure this out? >> From a cybersecurity perspective, I would want to do something similar, maybe not the same, but something similar to what the United States government did. When the US government decided to adopt a cybersecurity policy, the so called Cybersecurity Executive Order, there were two parts to it John, the first was cloud first which has been done here, and the second was to adopt the NIST Framework, the NIST Framework gave the common lexicon for all the cybersecurity professionals to be able to push their workloads to the cloud and then guys like me, what we do is, we push automation into that framework, which basically means we get out of the way of the mission and we help make the mission happen much more quickly. >> What about training and support? What's your impression of the economic development board, some of the work they're doing? Obviously they have a transition we heard, maybe some of them in a work force not yet mature, but they got programs in place. How do you see that developing? How would you put them on the progress bar vis-a-vis their aspiration? >> I think in general some of the work force issues that they have here are very similar to the work force issues we have in America. You know, in America, often when kids graduate from college there's a gap between what they get in terms of a degree and what we need in terms of a skill set, that kind of happens everywhere. I think that simple programs like apprenticeships; which have been around for a long time, can be very, very effective in terms of narrowing that gap so that when the kids come out we can actually put them to work and they don't have to be re-trained in the work force. I think that's a big opportunity. I also think there's a big opportunity to bring some of the people here into America to teach best practices, and then bring them back, that they can bring those best practices into the environments here, so they can have that work themselves here. >> What's your take on the eco-system, obviously here we heard start-ups are very active but there's a glass ceiling if you will because cloud's not yet here in full throttle, capital markets mechanics have not yet formed, but there's funds of funds they're just putting this in place, your assessment of the entrepreneurial landscape here. >> I think it's a small, but growing landscape. I think a key point to making an entrepreneurial company successful, you know I started the company back in 1991, which is many, many, many, many moons ago, but anyway, what I can remember is I worked so hard, seven days a week, the joke was it was nine to five, 9 am to 5 am, you're not here on Saturday don't bother coming on Sunday. So fundamentally there's a thing you got to do, what is it Ben Franklin used to say? It's about 99% perspiration, 1% inspiration. So hard work does help a lot. Not to say that we don't have that culture here, but I think in general-- >> They were hard working here. >> Entrepreneurial is all about making sure you do the work. >> One of my observations, they're hard working here, so I think that's a good sign. >> Absolutely. >> So let's go back and talk about this, your experience, you mentioned 1991, my first start-up was 1997, and so we've seen a few cycles, and as cycles come and go this one seems to be a bigger cycle in the sense of a lot of combining forces going on; you've got cloud scale, the role of data and now A.I. to automate, and honestly traditional stuff is kind of being moved to a whole 'nother operating model. Given that you've seen so many cycles, what have you learned from those cycles that you could apply here if you were an entrepreneur here, you're now going to do some business hopefully here I think with Amazon. And for people in government trying to get out of the way or figure out policy, given your cycle experience, these guys are jumping into a wave that's coming. >> I definitely have a point of view on this. So for years, back in the United States, I would have one customer, I'd go to this customer, and I'd say, hey, this other customer over here, they've done it this way, and this customer would say, I want to do it a different way. And I'm like, well then everybody's going to be out of sync. Well recently the CIA decided to publish a case study that talked about moving to the cloud and why they moved to the cloud. And the reason they published this case study was for something called reciprocity. I think if more governments, if more industries can work together from a standpoint of reciprocity, then we're going to be able to more quickly ascertain the threat, discover what the vulnerability is, and mitigate it. >> What specifically the reciprocity should they be working on? Data transfer, information, what are some of the specifics? >> I think a specific will be the NIST Framework as an example. The NIST Framework is made up of 1100 different controls, which are lots, and lots of different subsets of other controls around the world, whether you're talking about ISO, Gramm-Leach-Bliley, HIPAA, whatever, they're all derivations of a framework which basically is a common lexicon. So for me that's something that is very specific when I think they should consider here. >> So one of the things I wanted to get your thoughts before we end here, is your observations, as you look around here, you're seeing a cultural shift, a woman's on the supreme court in Bahrain, we went to the women's breakfast that Teresa Carlson held yesterday, packed house, they had to kick us out of our table, us guys. >> They did, they did. >> They got to make room for the workshop, great fireside chat with Mary Camarata, head of Analysts and corporate communication for Andy and Teresa, fireside chat, then they had breakouts, we didn't get kicked out, but we were asked to give up the table for the women to do the workshop. This was a robust, packed house. >> Not just packed John, it was also just positive, optimistic, happy, they see a future, they see possibilities, there was a lot of give and take, I didn't see any of the stuff that you read about, and I tell ya, this is my first time in the Middle East, my first time to come to Bahrain, and I'm so happy I've come, I'm so sad it took me almost 55 years to make it happen. >> Yeah, I feel the same way. I feel like there's an opportunity bubbling that's going to be really big and legit, and I love the diversity here, it surprised me. My daughter, 21 years old, asked me, she said, dad can you, what's the women like over there? Because there's a perception around culture, around the role of women. Packed house yesterday for the Women in Tech Breakfast, inspirational speech by Teresa Carlson, great workshop here, you see women forcing function; cultural shift. >> Cultural shift, but also don't believe everything you read in the paper, right John? So we all know that you got to go sometimes to see what things are really like, and I'm really happy I came. It's a bubbling, growing, active, really active, really cool nightlife, really cool skyline very beautiful beaches, it's a great place. >> The ground truth always trumps fake news and innuendo. Of course theCUBE is bringing you all the action, we are here with entrepreneur, visionary, John Wood, CEO of Telos, a big strategic partner with Amazon, part of the cultural sea change with AWS, Amazon Web Services, announcing a region here in Bahrain, in the Middle East. I'm John Furrier your CUBE co-host, you can reach me on twitter @furrier, F-U-R-R-I-E-R, if you want to reach out and ping me on twitter any time. More coverage live here, in Bahrain, in the Middle East after this short break. (futuristic electronic music)

>> Live from Washington DC, it's theCUBE. Covering AWS Public Sector Summit 2018. Brought to you by Amazon Web Services and it's ecosystem partners. >> Hey, welcome back everyone. This is theCUBE's exclusive coverage live in Washington DC at Amazon Web Services AWS Public Sector Summit. I mean, it's so jam-packed you can't even move. This is like the re:Invent for Public Sector even though it's a summit for Amazon Web Services. I'm here with Dave Vellante, my co-host. Our next guest is John Wood, Chairman and CEO of Telos, and Rick Tracy, Chief Security Officer and the co-inventor of Xacta, it's hot technology. John, great to see you, welcome to theCUBE. >> Thanks guys. >> Thanks for having us. >> I love to get the brain trust here, John you're, like, probably one of the most experienced cyber security gurus in the DC area still standing. (laughing) As we said last time on theCUBE. >> Always, always. >> Okay. (laughing) And you've got some patents here, with some core technology, so first of all, I want to, before we get into some of the cool features of the products, talk about the dynamic of public sector, because Amazon has these summits, and they're kind of like a recycled re:Invent. Small scale, still packed. Talk about what Public Sector Summit is, because this is a completely different ballgame in this world. >> Sure, it's a perfect age for the cloud, and what this summit does, is it provides a great venue for people to come, learn about what works, get best practices, find use cases and just see what the ecosystem's all about in terms of how to make it work with the cloud. >> Rick, so what's your take? >> Well, if there's any doubt about it, what, is it double the size of last year? I think there were 7,000 people here last year and Teresa said today 14,500. So, yeah, I mean, it suits us perfectly because this is our sweet spot. >> So, Dave and I are always amazed by Amazon in general, the slew of announcements, Teresa Carlson picking the reins up where Andy Jassy does that Amazon re:Invent which is just tons of content, so many new announcements. What's your guys take on the hot news for you guys, because you guys are a major sponsor and you're in the ecosystem, you've been doing a lot of business with Amazon. >> Sure. >> What's going on in the business? What's happening with Telos? Why is it so booming right now for you guys? >> Well, I think people realize that there is a way to use automation where security can help drive cloud adoption. So, Rick and I co-authored an article back in 2011 that talked about why the cloud was more secure and it went over kind of like a lead ballon. And then back in 2014 the agency made the decision, the CIA made the decision, arguably the most security conscious organization in the world, to go to the cloud. And so that was a big, big, big, deal. But what we do is we help drive the security automation and orchestration stuff so you can reduce the time it takes to get what's called your authority to operate. And so I think that's a big deal now. The use of automation is being used to enhance the mission, so that the mission owners can get to their mission using the cloud, much more quickly. >> And we heard from the most powerful sentence in the keynote this morning was, "The cloud on it's weakest day is more secure than Client Service Solutions." This is a practitioner saying that, a leader of an agency saying that, not Amazon or not Telos. >> Absolutely. >> And it's because of that automation, right? I mean, that's really a key factor. >> It's because of the automation. It's also because the cloud providers are making sure that they lock down their physical infrastructure. Guards, gates, guns. All of the physical infrastructure and the virtual infrastructure, they do a really good job of that. If you think about it, the US government, unfortunately, 80% of their spend is around maintaining old systems. Well, the cloud providers are keeping modern. Those old systems have a lot of weaknesses from a standpoint of cyber security flaws. So, with a modern technology like the cloud, there's a lot more you can do around automation to lock down much more quickly. >> And the standardization that you get with a cloud makes it's easier as well, because there's not so many variations of things that you have to figure out how to protect. So, the standardized services that everything's built on really helps. >> Yeah, and people are adopting cloud in kind of different ways, which makes it harder, too. But you get the benefits of scale and speed, certainly. But I got to just pick up on some big news that's happened just last night and today. Microsoft Azure suffered an 11 hour downtime across Europe. 11 hours Azure's down, Microsoft Azure. This is a huge concern. Downtime, security, these are issues, I mean, this is just like, so, what's going on with this? >> Well, the truth of the matter is, if you think about where Amazon is today, Amazon is light years ahead of the rest of the cloud guys. The reason for that is they made the decision early on to take the risk around cloud. As a result of that, they have so many lessons learned that are beyond all of the other cloud providers, that that wouldn't happen to Amazon today, because they'll be able to back up, replication and duplication if they have, and their environments. >> How big do you think that lead is? You know, there's a lot of debate in the industry that other guys are catching up. The other side of the coin is, no, actually the flywheel effect is a lot like Secretariat in the stretch run of the Belmont, you were talking about racing before. What's your sense of that lead, even subjectively. >> I think it's between 5 and 10 years. There was a, it was crickets in this world, in the public sector world for cloud up until, literally, the agency decided to adopt. So the CIA made that decision, that was, sort of, the shot heard around the world as it relates to cloud adoption. Not just for public sector but for commercial as well, 'cause if you look at Amazon's ramp up, right after that decision was made, their ramp up has been amazing. >> That was a watershed event, for sure. >> It was, and it was very well documented, I mean, I read the judges ruling on that when IBM tried to stop them and the judge eviscerated IBM. And of course IBM had no cloud at the time, they had to go out and spend two billion dollars on software. John has lots of opinions on that, but okay, so that leaves-- >> I'm on the right side of history on that call. >> I think you are, it was a pretty good call. What about, what should be practitioners be thinking about? You talked about the standardization. Where should they be focused? Is it on response, is it on analytics, is it on training? What should it be? >> Well, from our perspective it is, a lot of the focus is on analytics, right? So, a lot of data that we've helped our customers collect over time for this ATO process that John previously mentioned, our goal with IO, Xacta IO, is to help organizations leverage that data to do more through analytics, so there's this dashboard with ad hoc reporting and analytic capability that's going to allow them to blend asset data with risk-to-threat data, with other sorts of data that they're collecting for ATO, specifically for the ATO process, that they can use now for more robust cyber risk management. So, for me, analytics is huge moving forward. >> And that's a prioritization tool so they can focus on the things that matter, or maybe double-click on that? >> It could be, it could be a prioritization tool, but it could also be a tool that you use to anticipate what might happen, right? So, some analytics will help you determine this asset is vulnerable for these variety of reasons, therefore it has to go to the top of the sack for remediation. But also, using that data over time might help you understand that this plus this plus this is an indication that this bad thing is going to happen. And so, analytics, I think, falls into both categories. Probably it's more the forecasting and predictive is something that's going to come later but as you unmask more data and understand how to apply rules to that data, it will naturally come. So, Rick and I have worked together for many, many years and, over a quarter of a century, so the way I would say it is like this. Xacta 360 helps you to accelerate your authority to operate, but that's a point in time. The holy grail for us as security practitioners is all around continuous monitoring of your underlying risk. So, the data analytics that he's talking about, is where we come about and looking at Xacta IO. So, Xacta IO helps fulfill that mission of continuous compliance, which means that the ATO is no longer just relevant at that moment in time because we can do continuous monitoring now at scale, in hybrid environments, in the cloud, on prem. 'Cause our clients are huge, so they're going to be a combination of environments that they're sitting in, and they need to understand their underlying risk posture. They need to have, they're going to have all kinds of scanners, so we don't really care, we can ingest any kind of scanner that you have with Exact IO. As a result of that, the security professional can spend their time on the analysis and not the pedestrian stuff that's just kind of wasting time, like documentation and all that stuff. >> Yeah, for us, data's a means to an end, right? It's either to get an ATO or to help you understand where you need to be focusing your resources to remediate issues. So, for us, leveraging the data that's produced by many companies that are at this show. Their data is a means to help us get our job done. >> Were you able to have, one follow up, if I may, were you able to have an impact, to me, even, again, subjectively, on that number, whatever that number is, that we get infiltrated, the customer gets infiltrated, it's 300 days before they even realize it. Are you seeing an impact on that as a result of analytics, or is it too early days? >> I would say it's still early. But it's reasonable to expect that there will be benefits in terms of faster detection. And maybe it's not even detection at some point, hopefully, it's anticipating so that you're not detecting something bad already happened, it's avoiding it before it happens. >> Yeah, and let me say it this way, too. You know, if you listen to John Edwards, the CIO from the CIA, he talks about how the reason he loves the cloud is because it used to take the agency about a year to provision a server, now it's a few minutes, right? Well that's great, but if you can't get your authority to operate, 'cause that can take another 18 months, you're not going to get the benefit of the cloud, right? So what we do, is we help accelerate how fast you can get to that ATO so that guys like the agency and anybody else that wants to use the cloud can use it much more quickly, right? >> Yeah, and the continuous integration and all that monitoring is great for security but I've got to ask you a question. Analytics are super important, we all know data analysis now is in the center of the value proposition across the board, horizontally. Not just data warehousing, analytics that are used as instrumentation and variables into critical things like security. So, with that being said, if you believe that, the question is, how does that shape the architecture, if I'm in an agency or I'm a customer, I want to build a cloud architecture that's going to scale and do all those things, be up, not go down, and have security. How does the architecture change with the cloud formula for the decision maker? Because right now they're like, "Oh, should I do multi-cloud, should I just Amazon" So, the data is a critical architectural decision point. How do you guys see that shaping, what's your advice to practitioners around designing the cloud architecture for data in mind. Just use Amazon? (laughs) >> Well, yes. (laughs) Just use Amazon. I mean, all the tools that you need exist here, right, and so-- >> If all the tools you need in the cloud exist here. >> Alright, so rephrase another way. >> But John, the issue is you're not going to have all your stuff in the cloud if you're the air force or if you're the army, because you have 75 years of data that you got to push in. So over the next 10 years there's going to be this "hybrid" environment where you'll have some stuff in the cloud, some stuff in a hybrid world, some stuff on prem, right? >> How I secured that, so that's a great point. So, data's everywhere, so that means you're going to need to collect it and then measure certain things. What's the best way to secure it and then is that where Xacta fits in? I'm trying to put that together if I'm going to design my architecture and then go to procurement, whether it's on premise or multi-cloud. >> Well, there are lots of security products that people use to secure, whether you're on prem or whether you're in the cloud and our platform leverages that information to determine whether things are secure enough. So there's a distinction between cyber risk management and actually securing a database, right? So, there's so many granular point products that exist for different points along the security chain, lifecycle chain, if you will, that our objective is to ingest as much of that information and purpose it in a way that allows someone to understand whether they're actually secure or not. And so it's understanding your security posture, transforming that security information to risk so that you can prioritize, as you were talking about before. >> You're taking a platform mentality as opposed to a point product. >> We're taking an enterprise view of risk. So, the enterprise is, remember, it's on prem, and hybrid and cloud. If all your stuff is in the cloud, Amazon has the answer for you. None of our customers are in that situation. If you're a start up, Amazon's the way to go, period. But all of our customers have legacy. As a result of that it's an enterprise view of risk. That's why companies like Telos partner so well with Amazon because they're all about being close to the customer, they're all about using automation. We are as well. >> Alright, talk about the news you guys have, Xacta IO, you're the co-inventor of it, Jack. Talk about this product. What's the keys, what does it do, where's it applied to, you mentioned a little bit of getting past the authority time point there. What's the product about? The product is about ingesting massive amounts of information to facilitate the ATO process, one, but managing cyber risk more generically because not everybody has an ATO requirement. So, you asked a few seconds ago about, so you're taking a platform approach. Yes, we're blending three separate products that we currently have, taking that functionality and putting it on a very, very, robust platform that can exist on prem, it can exist in the cloud. To enable organizations to manage their cyber risk and if they choose, or they have a requirement, to deal with things like FedRAMP and risk management framework and cyber security framework and iso certification and things of that nature. The point is, not everyone has an ATO requirement but everyone has a need to manage their risk posture. So we're using our ability to ingest lots and lots of data from lots and lots of different sources. We're organizing that data in ways that allow an organization to understand compliance and/or risk and/or security, and visualize all that through some dashboard with ad hoc reporting that let's them blend that data across each other to get better insights about risk posture. >> And to visualize it in a way that makes sense to the user. >> Yes, so, if you're the CEO, you're going to want to see it a certain way. If you're the IT manager, you're going to want to see it a certain way. If you're a risk assessor, you're going to want to see it a different way. So that's kind of what we're talking about. >> I got to ask you one question, I know we got to go, but, a hardcore security practitioner once said to me that hardcore security practitioners, like you guys, when they were kids they used to dream about saving the world. So, I want to know, who's your favorite superhero? >> Superman. >> Superman? >> Spiderman. >> Alright, awesome. (laughing) >> That was a basic question for you guys. >> Thank you very much >> Yeah, that's the hardest question, see they're fast, they know. Star Trek or Star Wars? (laughing) >> Depends on the generation. >> We won't go there. theCUBE have 15 more minutes today. Okay, final question, what's this going to do for your business now you have new, opened up new windows with the new product integration. How's that going to change Telos, what does it do for you guys from a capabilities standpoint? >> Well, the big thing I'd suggest your listeners and your watchers to consider is, there's a new case study that just came out, it's published jointly by the CIA, Amazon and Telos, talking about why working together is really, really, really groundbreaking in terms of this movement to the cloud. 'Cause your public sector listeners and viewers are going to want to know about that because this ATO thing is really a problem. So this addresses a massive issue inside of the public sector. >> And final question, while you're here, just to get your thoughts, obviously there's a big change of the guard, if you will, from old guard to new guard, that's an Amazon term Andy Jassy uses. Also, we all saw the DOD deal, JEDI's right there on the table, a lot of people jockeying, kind of old school policy, lobbying, sales is changing. How is the landscape, from a vendor-supplies to the agencies changed and/or changing with this notion of how things were done in the past and the new school? So, three points, legislatively there's top cover, they understand the need to modernize, which is great. The executive branch understands the need to modernize through the IT modernization act as well as the cyber security executive order. And then lastly, there are use cases now that can show the way forward. Here's the problem. The IT infrastructure out there, the IT guys out there that do business in the government, many of them are not paid to be efficient, they're paid cost plus, they're paid time and material, that's no way to modernize. So, fundamentally, I think our customers understand that and they're going to revolutionize the move forward. >> And the rules are changing big time. Sole source, multi-source, I mean, Amazon's on record, I've got Teresa on record saying, "Look, if we don't want a sole source requirement, let everyone bid fairly." Let's see who wins. Who can bring a secret cloud to the table? No one else has that. >> In terms of past performance and customer use cases they're pretty much in the head, for sure. >> Great, Amazon kicking butt here, Telos, congratulations for a great event, thanks for coming on. >> Thanks a lot guys. >> I appreciate it. >> Alright, CUBE coverage here in DC, this is theCUBE, I'm John Furrier with Dave Vellante. Stay with us, we have more great interviews stacked up all day and all day tomorrow. Actually you have half day tomorrow until two 'o clock Eastern. Stay with us for more, we'll be right back. (upbeat music)

(dramatic music) >> Narrator: Live from Washington D.C., it's cube conversations with John Furrier. >> Hello everyone, welcome to this special cube conversation, I'm John Furrier, the host of The Cube, co-founder of SiliconANGLE media Inc. We are here in the Washington D.C. Beltway area. We're actually at Amazon web services' public sector headquarters in Arlington, Virginia. My next guest is John Wood, he's the CEO and chairman of the board at Telos, a big provider of some of the big contracts, certainly with Amazon CIA, among others, welcome. >> Thank you very much. >> Thanks for joining me. >> I'm glad to be here. >> So, you guys have been pretty instrumental and we were talking to Teresa Carlson earlier, with an exclusive interview with her, and we talked about the shot heard around the Cloud. That was the CIA, Amazon win, four years ago. >> Yes. >> Kind of infiltrated the government area. It's almost a gestation period and now you got DOD action, a ton of other opportunities, but it really is an architectural mindset changeover from the old way. >> Yes You're involved in this, with Telos. What's your take, how are you guys involved, what's going on? >> Yeah, so it was groundbreaking, when the CIA made the determination that they were going to move to the Cloud, for sure. It kind of made everybody stand up and take notice, if the most security conscience organization in the world was considering it, why aren't I? And here we are, four years later, so where is the CIA now? Well now, the CIA is able to provision a server in a couple minutes, whereas the past, it used to take them almost a year. Now, with the use of automation tools like we have with Telos and the Xacta suite, the CIA is able to get their authority to operate in less than a week, when it used to take 18 months. So, I basically think what's happening is, the Cloud is providing an access point to IT modernization and the agency is showing that there is a blueprint that the rest of the government can also follow if they want to. >> One of the things we're involved in a lot of Blockchain covers, as well as kind of kicking the tires on Blockchain. You're in the middle of a Cloud gain with identity. Identity is the secret to having good scalable systems, because when you have good identity, good things happen. In Blockchain, some people say a theory about those. In IT, it's what identity you're going to use. How does the authority to operate challenge, you mentioned, become so important, because you're talking about massive amounts of time, I mean time savings. >> Wood: Yeah, so-- >> Just tease out the nuances of why it's so important to have that identity solution. >> So, in the past, there was no common language within which our cyber security professionals could engage with each other. Now, with the signing of the President's executive order on cyber security, the White House really is mandating the adoption if the NIST framework. What's relevant there is that on the one hand it provides you with a common language, but on the other hand, it's 11 hundred controls. So, as a result, automation is going to be key, to making sure that people can work with each other and making sure that, actually, the adoption actually takes off. >> They're safe, they know the trusted party. Is trust a big part of this and how does that--? >> I think what's happening, because the intelligence community has been working so closely together, and when I say the intelligence community, it's not just the traditional CIA, NSA, NRO, et cetera, it's also the military component of the intelligence community. So, you've got almost 38 assessors that are assessing C2S and SC2S. You know, the secret, if you will, Cloud, and the top secret Cloud, and those assessors all have been working in the same community under this framework and I think that has given them the confidence that the data is protected and as a result, they're heading much closer to reciprocity than ever before. >> There's been observations certainly on the Cube, we've said this many times with the past few years in tracking IT over the years, IT transformation, digital transformation, whatever you want to call it, buzz word. The reality is you had some progressives that would move faster and kick the tires, certainly financial services, in some areas you see that. Really, no problem. Then you had the folks who have just been consolidated down, didn't have a lot of budget and were lagging, waiting to adopt. Now there's no excuses, with cyber security, top of mind, with hacking, malware, ransomware, cyber warfare from nation states, sponsored states, an open source it's out of control. >> It is. >> So the security equations is forcing IT to move. The action has to be taken. What are you guys seeing in this area, because this is a big story and it's really putting a fire under everyone to move. >> And it's long over due. I co-wrote and article with our chief security officer in 2011, talking about why the Cloud was the way to go for federal, state, local, and education customers and at the end of the day, I think what's happening from a top cover perspective, the legislative community understands that. Obviously the Executive branch understands that, and now with editions like C2S the rest of the environment, the rest of the government can see what's possible. So, I believe the leadership within the government is ready for this change. They're seeing the benefit as it relates to C2S and SC2S and ultimately, the key is, the guys who run the contracts themselves, you got to make sure that those guys want that, to embrace that change too. >> Furrier: Yeah, so you have the-- >> And right now, 80, if you look across the government, 80% IT span is going back into maintenance. If you look at all my commercial customers, it's somewhere between 20 and 25%. What does that mean? It basically means that the government has a lot of legacy systems, which means that there's a lot of threats, and, which means there's a real cyber security problem. I believe fundamentally that by moving work loads to the Cloud, you'll be eliminating a lot of those cyber security problems. >> Yeah, it just means security is going to be the driver. The other thing I wanted to bring up, especially here in D.C., in public sector, is transparency. Now everyone can see everything. We're in a data-driven world, you can't hide either. The light is on, it's right there on the table. No more hiding. How has transparency been impacted in the procurement process, in the sales motions, the overall engagements with gov and public sector customers? >> I think, truth be told, there have been a lot of ideas that were sort of short-term and not really thoughtful, but the good news, as I said, is that the policy makers are really thinking and considering, trying to figure out how to make changes. Take for example, LPTA, low price technically acceptable. When I went to the congress and talked to both the House and the Senate side, and talked about how if I have one customer whose gotten hacked and the other customer has the same hack, but one happens to be a government customer and one's a commercial customer, the resources that we have are really trained, highly skilled, highly sought-after resources. Well, my commercial customers are willing to pay three to four hundred percent more than my government customers are. So when you have scarce resources, where are you going to apply them? You're going to apply them where the people are who are going to pay you. So my point to the Congress was simply to say, hey man, you get what you pay for. So ultimately, the good news is that, both on the House and the Senate side, that they elimanted LTPA, as it relates to cyber security, goods and services. So I believe, again, that there's a lot of, not just transparency happening, but there's a lot of people realizing that there are things that we can do. Procurement is kind of the last frontier for me. I have seen recently, I saw one of our government customers, where we were subcontracted, they went with something called an OTA, which stands for an other transaction agreement. Big problem in the government these days is everybody protest everything and there's really no downside to the protesting. With an OTA it's not protest-able. So I am seeing our government customers beginning to think about other means of actually doing things like procurement, and so that you can actually acquire. >> Are they going to have instant replay? (laughter) It sounds like the NFL, that call's not reversible. I mean, this is kind of, we're getting into all these rules and regulations where you've got protest, it seems that policy injection is not healthy at some level, because that point about what cost more on the commercial side, because of demand there, they understand the consequences and resource availability. To the government you just eliminated a policy that wasn't really helping. >> Right. >> So policy is a real consideration in here. >> I think so. Again though, it's a different environment than it was five or six years ago and I do think that there are some real positive things that are happening. I agree with you that there's a ground-swell of support behind the Cloud and certainly, players like us see the benefit associated with that shared security model. >> One of the things we've been observing and tracking on Sillaconangle and the Cube is this notion of public-private collaberation. Sharing data is a huge deal. Certainly, in Cyber people realize that data is valuable. Certainly, at Scale, you see patterns you might not see, customers on workloads, here and there, need to be identified. You're not sharing the data you don't know. So data sharing is a big deal, but also, collaborations between the private and public sector. Can you comment on what's going on there, because we're seeing some movement where, you're seeing some security agencies saying, "We'll share some stuff." >> Yeah. >> Furrier: You share some stuff with me, so you're seeing a little bit of the community developing heavily around data-sharing, what's you're take on that? >> So, I think we have a ways to go to make it work right, because if it was working right, you wouldn't see the very published, publicized hacks that have gone on. One of the things that the Congress can do is to provide incentives for the private sector to share more information, more quickly. When the Yahoo hacks occurred, it wasn't discovered until two or three years later. As a result, like I said, there's really no incentive and there's a perceived amount of liability. One of the things I'm asking some of our Congress people to consider is if you do share information, maybe, there's a limitation on liability and that provides, if you will, a mechanism and that provides an incentive for the private organization to work with the public organizations. >> So not to bury it, like Yahoo tried to bury that thing. >> Exactly. There's no sense in burying it. There should be no reason to bury. >> Okay, take a minute to talk about Telos, what you guys are doing, the chief executive. What's going on with the company, talk about the successes, where you guys are winning, your challenges and opportunities. >> Sure, we're in the business of, we do cyber security, we do identity and we do secure mobility. In the area of cyber security, I'm very proud about the fact that we're the database of record for intelligence community, many department of defense agencies use us, homeland security, a whole, department of safe-- There's a whole bunch of organizations that tend to work with us. I think that the issue for me has always been around investing in things that make our customers more efficient. So whether it's cyber security, it's one thing to provide the authority to operate, but I like to provide that authority to operate on a continuous basis. When we talk about identity, it's one thing to say that I am who I say I am, but it's another thing to let you know that I'm actually somebody that's trust worthy. So, we have a special relationship with the FBI that allows us to do real-time data look-ups on their people. We're the integrator of record for the common access card, the military ID card, we have been for a long time. From that, we built a business relationship with the TSA and now we have about 70 airports around America that use our service to do identity as a service for all their employees. >> Can you get me to cut the line at Pre? (laughter) >> You know, if you want to cut the line at TSA pre-- >> Quality of service opportunity and people will pay more for that. >> Absolutely. And plus, I think TSA pre-check wants to have a lot more people in that ecosystem too. No different than when the Easy Pass came into play years and years ago. I remember just zooming through the Easy Pass and wondering why people would want to stand in line, why would you, right? And then if you think about it, we're also involved with secure mobility, so we have a capability called Telos ghost that allows you to basically hide on a network. You're familiar with the notion of signal hopping? In World War two that's how we avoided detection by the enemy, so this is what we invented here with something around IP hopping. So as a result of that, whether you're a server-facing thing or a client-facing thing or a mobile device, you can't be seen on the network and if you can't be seen on the network, you can't be hacked. >> Well, that's awesome stuff. Your relationship with Amazon Web Services, talk about that, some of the things you're involved in. >> Yeah. >> The deals, the momentum. What's the relationship look like between you guys? >> So we have an enormous relationship with Amazon, most important part that we have, it started with the agency and I was in a meeting with Teresa Carlson, one of the senior people in the agency, and we wondered whether or not we could do for, we Telos, can do for the Cloud that which we've been doing for the enterprise for the better part of 15 to 17 years now, which is basically providing that authority to operate in an automated way. So we invested together and we were able to prove that we could absolutely do that. Now, what we're doing is we're basically copying and pasting that model to our customers across the government. >> And you guys put a stake in the ground, 2011. You were early. I mean 2008 was the beginning of the DevOps movement, you were in the heart of it in 2011. >> Wood: Yep. What's the biggest thing you've learned or observed or experienced over those years, since 2011? >> The biggest thing? >> Or just the most important. >> Wood: That is an enormous question. >> It could be the most important, the most relevant, most surprising-- >> Well the most important thing was I got married in 2012. (laughter) I have a four year old and two year old and a 14-year old, those are the most important. >> Was it really you who got married, was it your identity? >> Wood: It was really me and it was my identity. I will say, I think that the government is embracing efficiency. The government is embracing change. I think it started around 2014 or 15, and now it's really moving out. I think there's a lot of top cover, both from a policy side and an executive side and I'm seeing a lot of leadership from within the government itself of people who want to make the change happen. >> And there's also the competitive fairness question we're hearing, just here in town, yesterday, rumblings of one-source Cloud, multi-Cloud. Amazon is technically a one-source Cloud, but they've got an ecosystem. Should they have multi-Cloud in their requirements? All these things almost feel like that protest model is going on, like there's a little fud going everywhere from the other vendors. Do we expect to see more of that in your mind or less of it? (laughter) >> I think at the end of the day-- >> The chips are taken off the table. >> The people who don't want change are the ones, who are, if you will, very invested in the legacy. If those people are paid, time, material or cost blessed, they're not paid to be efficient. So there's going to be push back. On the other hand we've seen by the gigantic growth of the adoption of the Cloud and by the Cloud infrastructure and the Cloud ecosystem itself, there are enomorous opportunities for organizations out there. So I think people should embrace the change, I really do. I think, fundamentally, it's going to be a really big positive to this industry and into this region. >> I always say to Dave Vellante and my co-hosts, it's like no brainer, you look at the main frame, that was the generation when I was growing in the industry. I was the young gun, like main frame co-ball, who the hell wants that? Mini computer, eh, I want the client server. It's pretty obvious when you're in it. So I got to ask you with that in mind, Cloud is pretty obvious. Folks will understand DevOps and automation and those efficiences. You mentioned authority to operate as an example. Some of these numbers are pretty significant. So let's go down the problems that are important, what are the consequences, how do you quantify it, right? So the problem that people are trying to solve is how do I get resources, computing, software, whatever. Pretty important, because now you've got security, you've got all kinds of stuff. What are some of the consequences and you mentioned some benchmarks that you've quantified. You mentioned provisioning a server in a year. Is that really true? >> Wood: That's true! >> So give me some data on some of consequences, kind of the old way and new way. >> Well the old way if you're using the traditional procurement, it's like I said, one of the big issues is whether it was the culture or it's procurement roles or just the process to get an approval, it would take a year to get a server provisioned. Now, it's literally, you push a button and one to two minutes later you have a server, a new server. So you get ultimate scale, you get ultimate throughput, you pay as you go, you pay what you use. What's not to like? So that's all good. From the standpoint of security, because it's the NIST framework we can automate about 90% of that. That's 11 hundred controls, right? So we automate about 90% of those 11 hundred controls. Now, you get a whole bunch of auto inheritance, a whole bunch of things that can be automated are, and as a result, when NIST goes from one version of NIST to another version, all that happens automatically, and more importantly, as a cyber security professional, and I've only been at it since 1994. (laughter) I've been in it for relatively a long time as a CEO. As a cyber security professional, what I see is, as long as I can show a continuous monitoring of your current status, that's very relevant to the operational security professional. That's really good. So for us, we know that our customers are going to be a combination of Cloud, hybrid, and on-prem. These large organizations are going to take years and years and years to move to the Cloud, but they got to start, because now is the time. >> So automation and having that nice stack where it automatically updates and auto-provisioning, auto scaling, but the operational provisioning piece is really where the rubber meets the road, right? Is that what you're getting at? >> Well it's that. It's also you're consolidating your data centers. You don't need lots of them anymore. You can just focus on one, that's another big area. Another big area is, you can lift and shift your legacy IT infrastructure into the Cloud and then put the big investment into the new application as it's siting in there in the Cloud. >> Awesome, John, thanks for joining us here in the cube conversation. Here at Amazon Web Services Headquarters, breaking down the trends in GovCloud public sector as Cloud computing really levels the playing field, opens up new doors, new solutions, faster time to operate, in vi of other things, here in Washington, D.C., in Arlington, Virginia, I'm John Furrier. Thanks for watching. (dramatic music)

>>Hey everyone. Lisa Martin of the cube here, HPE and AMD better together with Shi is the name of our segment. And I'm here with four guests. Please. Welcome Charlie Mulrooney global presales engineering manager at Athi John saws also of Shi joins this global pre-sales technical consultant. And back with me are Terry Richardson, north American channel chief and Dr. John Fry, chief technologist, sustainable transformation at HPE. Welcome gang. Great to have you all here. >>Thank you, Lisa. Thanks. You good to be here? >>All right, Charlie, let's go ahead and start with you. Keeping the earth sustainable and minimizing carbon emissions. Greenhouse gases is a huge priority for businesses, right? Everywhere. Globally. Can you talk Charlie about what Shi is seeing in the marketplace with respect to sustainable? It? >>Sure. So starting about a year and a half, two years ago, we really noticed that our customers certainly our largest enterprise customers were putting into their annual reports, their chairman's letters, their sec filings that they had sustainability initiatives ranging from achieving carbon neutral or carbon zero goals starting with 2050 dates. And then since then we've seen 20, 40, and 2030 targets to achieve net neutrality and RFPs, RFIs that we're fielding. Certainly all now contain elements of that. So this is certainly top of mind for our largest customers, our fortune two 50 and fortune 500 customers. For sure. We're, we're seeing an onslaught of requests for this. We get into many conversations with the folks that are leading these efforts to understand, you know, here's what we have today. What can we do better? What can we do different to help make an impact on those goals? >>So making an impact top of mind, pretty much for everyone, as you mentioned, John SAS, let's bring you into the conversation. Now, when you're in customer conversations, what are some of the things that you talk about with respect tohis approach to sustainability, sustainable it, are you seeing more folks that are implementing things tactically versus strategically what's going on in the customer space? >>Well, so Charlie touched on something really important that, you know, the, the wake up moment for us was receiving, you know, proposal requests or customer meeting requests that were around sustainability. And it was really around two years ago, I suppose, for the first time. And those requests started coming from European based companies, cuz they had a bit of a head start over the us based global companies even. And what we found was that sustainability was already well down the road and that they were doing very interesting things to use renewable energy for data centers utilize the, they were already considering sustainability for new technologies as a high priority versus just performance cost and other factors that you typically have at the top. So as we started working with them, I guess at beginning it was more tactical cuz we really had to find a way to respond. >>We were starting to be asked about our own efforts and in regards to sustainability, we have our headquarters in Somerset and our second headquarters in Austin, Texas, those are lead gold certified. We've been installing solar panels, reducing waste across the company, recycling efforts and so forth charging stations for electric vehicles, all that sort of thing to make our company more sustainable in, in, in our offices and in our headquarters. But it's a lot more than that. And what we found was that we wanted to look to our vast number of, of customers and partners. We have over 30,000 partners that would work with globally and tens of thousands of customers. And we wanted to find best practices and technologies and services that we could talk about with these customers and apply and help integrate together as a, as a really large global reseller and integrator. We can have a play there and bring these things together from multiple partners that we work with to help solve customer problems. And so over time it's become more strategic and we've been as a company building the, the, the, the, the forward efforts through organizing a true formal sustainability team and growing that, and then also reporting for CDP Ecova and so forth. And it's really that all has been coming about in the last couple of years. And we take it very seriously. >>It sounds like, and it also sounds like from the customer's perspective, they're shifting from that tactical, maybe early initial approach to being more strategic, to really enabling sustainable it across their organization. And I imagine from a business driver's perspective, John saws and Charlie, are you hearing customers? You talked about it being part of RFPs, but also where are customers in terms of, we need to have a sustainable it strategy so that we can attract and retain the right investors we can attract and retain customers. Charlie, John, what are your thoughts on that? >>Yeah, that's top of mind with, with all the folks that we're talking to, I would say there's probably a three way tie for the importance of attracting and retaining investors. As you said, plus customers, customers are shopping, their customers are shopping for who has aligned their ESG priorities and sustainable priorities with their own and who is gonna help them with their own reporting of, you know, scope two and ultimately scope three reporting from greenhouse gas emissions and then the attracting and retaining talent. It's another element now of when you're bringing on new talent to your organization, they have a choice and they're thinking with their decision to accept a role or not within your organization of what your strategies are and do they align. So we're seeing those almost interchangeable in terms of priorities with, with the customers we're talking to. And it was a little surprising, cuz it, we thought initially this is really focused on investors attracting the investors, but it really has become quite a bit more than that. And it's been actually very interesting to see the development of that prioritization >>More comprehensive across the organization. Let's bring Dr. John Fry into the conversation and Terry your next. So stay tuned. Dr. Fry, can you talk about HPE and S H I partnering together? What are some of the key aspects of the relationship that help one another support and enable each other's aggressive goals where sustainability is concerned? >>Yeah, it's a great question. And one of the things about the sustainability domain in solving these climate challenges that we all have is we've got to come together and partner to solve them. No one company's going to solve them by themselves and for our collective customers the same way. From an HPE perspective, we bring the expertise on our products. We bring in sustainable it point of view, where we've written many white papers on the topic and even workbooks that help companies implement a sustainable it program. But our direct sales forces can't reach all of our customers. And in many cases we don't have the local knowledge that our business partners like Shi bring to the table. So they extend the reach, they bring their own expertise. Their portfolio that they offer to the customer is wider than just enterprise products. So by working together, we can do a better job of helping the customer meet their own needs, give them the right technology solutions and enhance that customer experience because they get more value from us collectively. >>It really is better together, which is in a very appropriate name for our segment here. Terry, let's bring you into the conversation. Talk to us about AMD. How is it helping customers to create that sustainable it strategy? And what are some of the differentiators that what AMD is doing that, that are able to be delivered through partners like Shi? >>Well, Lisa, you used the word enabling just a short while ago. And fundamentally AMD enables HPE and partners like Shi to bring differentiated solutions to customers. So in the data center space, we began our journey in 2017 with some fundamental design elements for our processor technology that were really keenly focused on improving performance, but also efficiency. So now the, the most common measure that we see for the types of customers that Charlie and John were talking about is really that measure of performance per wat. And you'll continue to see AMD enabled customers to, to try to find ways to, to do more in a sustainable way within the constraints that they may be facing, whether it's availability of power data center space, or just needing to meet overall sustainability goals. So we have skills and expertise and tools that we make available to HPE and two Shi to help them have even stronger differentiated conversations with customers. >>Sounds like to me, Terry, that it's, that AMD can be even more of an more than an enabler, but really an accelerator of what customers are able to do from a strategic perspective on sustainability. >>You you're right about that. And, and we actually have tools, greenhouse gas, TCO tools that can be leveraged to really quantify the impact of some of the, the new technology decisions that customers are making to allow them to achieve their goals. So we're really proud of the work that we're doing in partnership with companies like HPE and Shi >>Better together. As we said at the beginning in just a minute ago, Charlie, let's bring you back in, talk to us a little bit about what Shi is doing to leverage sustainable it and enable your customers to meet their sustainability goals and their initiatives. >>So for quite a while, we've had some offerings to help customers, especially in the end user compute side. A lot of customers were interested in, I've got assets for, you know, let's say a large sales force that had been carrying tablets or laptops and, you know, those need to be refreshed. What do I do with those? How do I responsibly retire or recycle those? And we've been offering solutions for that for quite some time. It's within the last year or two, when we started offering for them guarantees and assurances assurances of how they can, if that equipment is reusable by somebody else, how can we issue them? You know, credits for carbon credits for reuse of that equipment somewhere else. So it's not necessarily going to be e-waste, it's something that can be recycled and reused. We have other programs with helping extend the life of, of some systems where they look at well, I have a awful lot of data on these machines where historically they might want to just retire those because the, the, the sensitivity of the data needed to be handled very specifically. We can help them properly remove the sensitive data and still allow reuse of that equipment. So we've been able to come up with some creative solutions specifically around end user compute in the past, but we are looking to new ways now to really help extend that into data center infrastructure and beyond to really help with what are the needs, what are the, the best ways to help our customers handle the things that are challenging them. >>That's a great point that you bring up. Charlie and security kind of popped into my head here, John Saul's question for you when you're in customer conversations and you're talking about, or maybe they're talking about help us with waste reduction with recycling, where are you having those customer conversations? Cause I know sustainability is a board level, it's a C level discussion, but where are you having those conversations within the customer organization? >>Well, so it's a, it's a combination of organizations within the customer. These are these global organizations. Typically when we're talking about asset life cycle management, asset recovery, how do you do that in a sustainable green way and securely the customers we're dealing with? I mean, security is top sustainability is right up there too. O obviously, but Charlie touched on a lot of those things and these are global rollouts, tens of thousands of employees typically to, to have mobile devices, laptops, and phones, and so forth. And they often are looking for a true managed service around the world that takes into consideration things like the most efficient way to ship products to, to the employees. And how do you do that in a sustainably? You need to think about that. Does it all go to a central location or to each individual's home during the pandemic that made a lot of sense to do it that way? >>And I think the reason I wanted to touch on those things is that, well for, for example, one European pharmaceutical that states in their reports that they're already in scope one in scope two they're fully net zero at this point. And, and they say, but that only solves 3% of our overall sustainability goals. 97% is scope three, it's travel, it's shipping. It's, it's, it's all the, the, all these things that are out of their direct control a lot of times, but they're coming to us now as a, as a supplier and as, and, and we're filling out, you know, forms and RFPs and so forth to show that we can be a sustainable supplier in their supply chain because that's their next big goal >>Sustain sustainable supply chain. Absolutely. Yes. Dr. John Fry and Terry, I want to kind of get your perspectives. Charlie talked about from a customer requirements perspective, customers coming through RFP saying, Hey, we've gotta work with vendors who have clear sustainability initiatives that are well underway, HPE and AMD hearing the same thing Dr. Fry will start with you. And then Terry >>Sure, absolutely. We receive about 2,500 customer questionnaires just on sustainability every year. And that's come up from a few hundred. So yeah, absolutely accelerating. Then the conversations turn deeper. Can you help us quantify our carbon emissions and power consumption? Then the conversation has recently gone even further to when can HPE offer net zero or carbon neutral technology solutions to the customer so that they don't have to account for those solutions in their own carbon footprint. So the questions are getting more sophisticated, the need for the data and the accuracy of the data is climbing. And as we see potential regulatory disclosure requirements around carbon emissions, I think this trend is just gonna continue up. >>Yeah. And we see the same thing. We get asked more and more from our customers and partners around our own corporate sustainability goals. But the surveying that survey work that we've done with customers has led us to, you know, understand that, you know, approximately 75% of customers are gonna make sustainability goals, a key component of their RFIs in 2023, which is right around the corner. And, and, you know, 60% of those same customers really expect to have business level KPIs in the new year that are really related to sustainability. So this is not just a, a kind of a buzzword topic. This is, this is kind of business imperatives that, you know, the company, the companies like HPE and AMD and the partners like I, that really stand behind it and really are proactive in getting out in front of customers to help are really gonna be ahead of the game. >>That's a great point that you make Terry there that this isn't, we're not talking about a buzzword here. We're talking about a business imperative for businesses of probably all sizes across all industries and Dr. Far, you mentioned regulations. And something that we just noticed is that the S E C recently said, it's proposing some rules where companies must disclose greenhouse gas emissions. If they were, if that were to, to come into play, I'm gonna pun back to Charlie and John saws. How would Shi and, and frankly at HPE and AMD be able to help companies comply if that type of regulation were to be implemented. Charlie. >>Yeah. So we are in the process right now of building out a service to help customers specifically with that, with the reporting, we know reporting is a challenge. The scope two reporting is a challenge and scope three that I guess people thought was gonna be a ways out now, all of a sudden, Hey, if you have made a public statement that you're going to make an impact on your scope three targets, then you have to report on them. So that, that has become really important very quickly as word about this requirement is rumbling around there's concern. So we are actually working right now on something it's a little too early to fully disclose, but stay tuned, cuz we have something coming. That's interesting. >>Definitely PED my, my ears are, are, are perk here. Charlie, we'll stay tuned for that. Dr. Fry. Terry, can you talk about together with Shi HPE and AMD enabling customers to manage access to the da data obviously, which is critical and it's doing nothing but growing and proliferating key folks need access to it. We talked a little bit about security, but how are from a better together perspective, Dr. Fry will start with you, how are you really helping organizations on that sustainability journey to ensure that data can be accessible to those who need it when they need it? And at these days what it's real time requirements. >>Yeah. It's, it's an increasing challenge. In fact, we have changed the H HP story the way we talk about H HP's value proposition to talk about data first modernization. So how often do you collect data? Where do you store it? How do you avoid moving it? How do you make sure if you're going to collect data, you get insights from that data that change your business or add business value. And then how long do you retain that data afterward and all of that factors into sustainable it, because when I talk to technology executives, what they tell me again, and again, is there's this presumption within their user community, that storage is free. And so when, when they have needs for collecting data, for example, if, if once an hour would do okay, but the system would collect it once a minute, the default, the user asks for of course, once a minute. And then are you getting insights from that data? Or are we moving it that becomes more important when you're moving data back and forth between the public cloud or the edge, because there is quite a network penalty for moving that equipment across your network. There's huge power and carbon implications of doing that. So it's really making a better decision about what do we collect, why do we collect it, what we're gonna do with it when we collect and how we store it. >>And, and for years, customers have really talked about, you know, modernization and the need to modernize their data center. You know, I, I fundamentally believe that sustainability is really that catalyst to really drive true modernization. And as they think forward, you know, when we work with, with HPE, you know, they offer a variety of purpose-built servers that can play a role in, you know, specific customer workloads from the largest, super computers down to kind of general purpose servers. And when we work with partners like Shi, not only can they deliver the full suite of offerings for on premise deployments, they're also very well positioned to leverage the public cloud infrastructure for those workloads that really belong there. And, and that certainly can help customers kind of achieve an end to end sustainability goal. >>That's a great point that, that it needs to be strategic, but it also needs to be an end to end goal. We're just about out of time, but I wanted to give John saws the last word here, take us out, John, what are some of the things Charlie kind of teased some of the things that are coming out that piqued my interest, but what are some of the things that you are excited about as HPE AMD and Shi really help customers achieve their sustainability initiatives? >>Sure. Couple comments here. So Charlie, yeah, you touched on some upcoming capabilities that Shi will have around the area of monitoring and management. See, this is difficult for all customers to be able to report in this formal way. This is a train coming at everybody very quickly and they're not ready. Most customers aren't ready. And if we can help as, as a reseller integrator assessments, to be able to understand what they're currently running compare to different scenarios of where they could go to in a future state, that seems valuable if we can help in that way. That's, those are things that we're looking into specifically, you know, greenhouse gas, emissions, relevant assessments, and, and, and within the comments of, of, of Terry and, and John around the, the power per wat and the vast portfolio of, of technologies that they, that they had to address various workloads is, is fantastic. >>We'd be able to help point to technologies like that and move customers in that direction. I think as a, as an integrator and a technical advisor to customers, I saw an article on BBC this morning that I, I, I think if, if we think about how we're working with our customers and we can help them maybe think differently about how they're using their technology to solve problems. The BBC article mentioned this was Ethereum, a cryptocurrency, and they have a big project called merge. And today was a go live date. And BBC us news outlets have been reporting on it. They basically changed the model from a model called power of work, which takes a, a lot of compute and graphic, GPU power and so forth around the world. And it's now called power of stake, which means that the people that validate that their actions in this environment are correct. >>They have to put up a stake of their own cryptocurrency. And if they're wrong, it's taken from them. This new model reduces the emissions of their environment by 99 plus percent. The June emissions from Ethereum were, it was 120 telos per, per year, a Terra terat hours per year. And they reduced it actually, that's the equivalent of what the net Netherlands needed for energy, so comparable to a medium sized country. So if you can think differently about how to solve problems, it may be on-prem, it may be GreenLake. It may be, it may be the public cloud in some cases or other, you know, interesting, innovative technologies that, that AMD HPE, other partners that we can bring in along, along with them as well, we can solve problems differently. There is a lot going on >>The opportunities that you all talked about to really make such a huge societal impact and impact to our planet are exciting. We thank you so much for talking together about how HPE AMD and SSHA are really working in partnership in synergy to help your customers across every organization, really become much more focused, much more collaborative about sustainable it. Guys. We so appreciate your time and thank you for your insights. >>Thank you, Lisa. Thank you. My >>Pleasure. Thank you, Lisa. You're watching the cube, the leader in high tech enterprise coverage.

>> Announcer: From theCUBE studios in Palo Alto in Boston, connecting with thought leaders all around the world, this is theCUBE conversation. >> Hi, everyone. Welcome to theCUBE Studios here in Palo Alto, California. I'm John Furrier, host of theCUBE. We're here for coverage of AWS Public Sector Summit. This is theCUBE Virtual with our quarantine crew going out and covering the latest posts of the Virtual Summit where our next guest is Matthew Cornelius, Executive Director for the Alliance for Digital Innovation. Matthew, thanks for joining me today for part of AWS virtual Public Sector Summit. >> That's great, thanks, John. Appreciate you having me. >> I know that John Wood and I have been talking about this organization and some of the ambition and the relevance of it. So I think it's a super important story. I want to get your thoughts on this in an unpack kind of the mission but for starters, tell us what is the Alliance for Digital Innovation? When were you formed? What's the mission? What do you do? >> Sure. Yeah, so ADI was formed about two years ago, to create a new advocacy group that could focus explicitly on getting cloud forward, commercial, highly innovative companies into the public sector. So the government technology space has traditionally been dominated by a lot of legacy vendors, folks that are very happy with vendor lock-in, folks that have an outdated business model that would not suffice in the commercial sector. So why does it have to be that way for government and ADI started with about eight members has since grown. We're approaching two dozen now. So we've had a lot of growth and I think a lot of the response that you've seen in the public sector, especially to the COVID crisis, and the response and relief efforts have made this organization and our mission more relevant now than ever. There's no way that you can go back to the previous way of doing business, so adopting all these commercials technologies, changing your business model, changing your operating model, and really use an emerging technology to deliver all these missions services is critical. >> You know, one of the things that I've been reporting on for many, many years is this idea of modernization. Certainly on the commercial side with cloud, it's been really important and Amazon has done extremely well, from a business standpoint. We all know that where that's going. The issue that's happening now is the modernization is kicking in. So the government has started to move down this track, we've seen the procurement start to get more modernized. Move from buying manuals to actually having the modern stuff and in comes COVID-19. You couldn't have accelerated, you couldn't have pulled the future forward fast enough to an already struggling federal government, in my opinion, and I've talked to many people in DC and the young crowd saying, "Hey, old government get modern", and then this comes. It's almost like throwing the rock on your back and you're sinking. This is a problem. What's your take on this? Because you're trying to solve a problem with modernizing, but now you got COVID-19 coming in, it compounds the complexity and the challenge. What's your chosen reaction to that? >> Yeah, so it there's a multifaceted response to this. So part of it is what I like to say is the government's done more in the past four months than it's done in the past 14 years when it comes to modernization and adopting commercial capabilities. I think with individual agencies, you've seen those those agencies, I will name a couple like the Small Business Administration, the General Services Administration, where I used to work, folks that were already heavily invested in cloud, heavily invested in modern digital tools and modern digital processes, they were able to weather this storm and to deal especially in SPS case, with a dramatic increase in their mission. I mean, running the paycheck Protection Program is something unlike an organization that size has ever seen. And from a technology standpoint, they have a lot of good stories that are worth telling and I think it's because they were so cloud forward. I think one of the other interesting points that as really come to light over the past four months is so many of the issues around modernization were cultural. Now, of course, there are some that are legal, there's acquisition, there's the way agencies are appropriated and financed and the way they can spend their money, but by and large, all of these agencies had to move to maximum telework, they had to get rid of all of these outdated on premise processes, these paper based processes that they had. And although surely there were some bumps in the road, and that was not easy, especially for these folks working around the clock to keep their agencies operational to make sure citizens are getting the services, they need, especially during this crisis, I think there's a lot of great success stories that you see there and because of this, no one even if they're allowed to go back into the office or when they're allowed to go back in the office, people are going to understand how much more productive they are, how much more technologically capable they are. And that's not just CIO officers that's people on programs in the front lines delivering services that mission response. We've really seen it powerful word over the last four months. >> You know, Matthew, I've been very vocal given that I'm kind of the old guy, get off my lawn kind of commentary. (Matthew laughs) I've seen that the waves and I remember coming in when I was in my late 20s and 30s old school enterprises, the commercial business wouldn't do business with startups, you had to be approved or you were in entrenched vendors supporting those things and then in comes the web, in comes the 90s, and then the web came there's more agile, you had startups that were more open and working with commercial vendors. It seems like we're seeing that movie play out in public sector where you have the entrenched incumbents, they got the town wired, who knows what's going on. It's been called the Beltway bandits for years and Tris and Curson and I talk about that all the time, but now the government can be agile, and startups need to be product to these new solutions, like whether it's video conferencing or virtual events, things like we do. New solutions are coming that need to come in, it's hard. Can you share how a company whether it's a startup or a new solution can come in and work with the government? Because the perception is, it's impossible. >> Yeah, and part of why ADI exist is to break that down. One to recruit more members to join us to really help drive commercial innovation in the government. And we have some very large companies like AWS and others that do an awful lot of work with the government. And we have a lot of smaller startups that are interested in dipping their toe in there. And so we try to help them demystify how it is that you go about working with the government. I think there have been again, some good success stories on this one. I think that there are lots of places like the Department of Defense, a lot of the folks in the intelligence community, some other agencies, they have authorities, they have partnership programs that make it easier for folks to adopt commercial innovation. They have unique authorities like other transaction authorities or commercial solutions offerings that really lowers the barrier for new technologies to be piloted and potentially scaled inside government. But that's not the case across lots of agencies, and that's why we advocate broadly for getting the acquisition process to move at the speed of technology. If there are good authorities that work in some agencies, let's get into everybody, let's have everybody try it because the people in the agencies, the acquisition professionals, the technical professionals, they have to be committed to working with industry, so the industry is committed to working with them. And as a former federal employee, myself, I worked at the Office of Management and Budget and the General Service Administration, I always was upset at the fact that the government is very good at speaking to industry, but not very good at working with industry and listening, and so we see a lot more of that now and I think part of that is a response to COVID, but it's also the recognition that you can't do things the way you used to do it, the traditional butts in seats contracting business model where everybody in between a federal employee and that outsourced service provider. You don't need all those people there, you can do it yourself and be just as effective and get all the real outcomes you're looking for with commercial innovation. >> It sounds like ADI your priorities is to make things go fast and be modernized. So I have to ask you, the question that's on my mind, probably on everyone's mind is, what are the key conversations or messages you provide to the agencies, heads or members of Congress to get them excited about this, to take action to support what you're doing? Because let's face it, most of these guys up on the Hill are girls now, most of them have a law backgrounds, they don't have a tech background. So that's a complaint that I've heard in the hallways in DC is, the guy making all the decisions doesn't know jack about tech. >> No, it's it's a great point. When we advocate up on the Hill there's a law that I don't think a lot of folks pay in awful lot of attention to. Everybody likes the nice new things that are coming from Capitol Hill but there's a great piece of legislation from 1994 for the Federal Acquisition Streamlining Act. We actually did some tremendous original research at ADI, about a year ago and released an interesting report that got a lot of uptick here. And most people don't even understand that the law requires you to do market research and see if there's a commercial product or service that meets your need before you go down building any sort of specific requirements or building out some sort of long procurement process. And so a lot of what we're doing is educating folks, not just on what the law says, but on why these can lead to better outcomes for agencies. I mean, I truly believe that most of the folks in government whether they're technical folks or not want to do the best thing, but if you're a company trying to do business with the government, you have to go through what is often a five or six or sometimes 10 person human supply chain. There's someone in government who wants your solution because it addresses a particular problem, and between them, and you the company, there's all sorts of additional bureaucratic overlays and folks that are not technical, that have other incentives and other priorities that don't always lead to the most optable procurement outcome. So there's an educational component, there's a cultural component. We need more champions inside government. We need not just better technology that's wanting to work with the government but we also need smarter, better people inside that understand the technology and can get to it the way they need to get to it so that they can deliver mission. >> As someone like me who's in the technology business, who loves entrepreneurship, loves business, loves the impact of technology, I'm not a public servant, and I'm not at that up to speed on all the government kind of inside baseball, so I kind of look at it a little bit differently. I've always been a big proponent of public private partnerships that's been kicked around in the past. It's kind of like digital transformation, kind of cliche, but there's been some pockets of success there, but look at the future. The role of influence and the commercial impact just China, for instance, just riffing the other day with someone around China doesn't actually go through government channels for how they deal with the United States. There's a little commercial, they have intellectual property issues going on, people saying they're stealing, they're investing in the United States. So there's a commercial influence. So as the government has to look at these commercial influences, they then have to modernize their workforce, their workloads, their applications, their workplaces. The work is not just workloads, it's workplace, workforce. So if you had your way, how would you like to see the landscape of the federal technology piece of this look like in five years? Because there's now new influence vectors coming in that are outside the channels of federal purview. >> No, it's a great question, and I appreciate you bringing up the other complexities around nation state actors in China and everything else. Obviously, supply chain security and being able to deal with legitimate security threat is critical when you're inside government. I mean, your first sort of purpose is to do no harm and to make sure that you're keeping citizen data, whether it's classified or unclassified secure. We think at ADI that there's a great balance to be heard there and part of that is if you're working with American companies, and you're adopting the best and most agile and most innovative commercial technology that America has to offer, that's going to make our industry more competitive and position it better in the commercial market and it's also going to make government agencies more effective. They're going to be able to meet their mission faster, they're going to be able to lower costs, they're going to be able to shift what are going to be tighter and tighter budgets over the next four or five or 10 years to other areas because they're not wasting so much money on these old systems and this old business processes, this old way of doing business. So you that is one of the balances that we have to take from an advocacy standpoint. We have to understand that supply chain security, cybersecurity are real issues, but security can also be an enabler to innovation and not an impediment and if a lot of the commercial capabilities that are coming out now and a lot of these companies like the ones ADI represents, want to do business with the government, and their commercial products can inherently be more secure than a lot of these old bespoke systems or old business practices. That's good for not just federal agencies, that's good for citizens and that's good for our national defense and our economy. >> You know, I look at our landscape and being an American born here, looking at other emerging countries, certainly China's one example of becoming very world digital native, even other areas where 5G and then telecom has made great internet access, you're seeing digital native countries, so as we modernize, and our lawmakers have more tech savvy and things become digital native, the commercial enabling piece is a huge thing, having that enabling technology, because it creates wealth and jobs and other things so you got three things, digital native country, enabling technologies to promote good and wealth and engine of economic value, and then societal impact. What's your take on those three kind of pillars? Because we're kind of as a country coming into this world order and look at the younger generation, they're all screaming for it, we're digital native, and all kinds of arbitrage there, fake news, misinformation, then you got enabling technology with the cloud, and then you get societal benefits, future of elections and everything else. So what's your thoughts? 'Cause it sounds like you're thinking about these things in your Digital Innovation Alliance. >> Yeah, absolutely. The one thing I will say and as someone that was a former federal employee, the one thing we need more of whether you're on the executive branch or in Congress, we need more people that like you said, are digital natives that understand technology that also want to be inside government either running programs or dealing with policy issues. We need as many good new ideas and folks with real, legitimate, necessary and current skills in there. Because if you don't understand the technology, you don't understand, like you said the societal impacts, you don't understand the business impacts of government decision making and the government can drive markets. I mean, especially in the middle of Coronavirus, we're spending trillions of dollars to keep folks afloat and we're using technology primarily as a way to make that happen. So the first thing I would say is, we need, we continue, need to continue, sorry, we need to continue to recruit and retain and train the best and the brightest to go into government service because it is a joy and a privilege to serve government and we've got to have better smarter technical people in there or we're going to keep getting these same outcomes, like you've mentioned over the past 30 plus years. >> I think we're in a JFK moment where John F. Kennedy said, "Ask not what your country can do for you, "what you can do for your country". Moment in the modern era and that was the 60s, that we saw the revolution of that happen there, we're kind of having a digital version of that now where it's an opportunity for people to get involved, younger generations and make change rather than arguing about it. So I feel fairly strongly about this so I think this is an opportunity. Your reaction to that? >> No, that's a fantastic point. I hadn't really thought about the JFK resemblance. From an industry standpoint, I think that is what is happening with these emerging technology companies and even some of the large companies. They understand that this is their way to contribute to the country whose R&D dollars and these public private partnerships helped a lot of these folks to grow and become the companies they are now. At least started them down that road. And so for us at the Alliance for Digital Innovation and the companies that are a part of us that is sort of purposeful to who we are. We do what we do and we want the government to build stronger relationships and to use this technology, because it does serve mission. I mean, we exclusively focus on the public sector. Focus of these companies and it's tremendously valuable when you see a federal agency who spent five or 10 years and hundreds of millions of dollars and still not solving a problem and then they can pick up the commercial off the shelf technology from a company that we represent, and can solve that problem for $5 million and do it in six months. I mean, that's truly rewarding and whether you're inside government or out, we should all celebrate that and we should find ways to make that the norm and not the exception. >> And take all that hate and violence and challenge it towards voting and getting involved. I'm a big proponent of that. Matthew, thank you so much for taking the time. I'll give you the last word. Take a minute to put a plug in for the Alliance for Digital Innovation. Who are the charter members, who's involved? I know John Wood from Telos is a charter member. Who's involved, how did it all start? >> Yeah. >> Give it taste of the culture and who's involved. >> Yeah, thanks, John. So, yeah, like you mentioned, we have tremendous members, AWS is obviously a great partner. We have a lot of big companies that are involved, Google Cloud, Salesforce, Palantir, Palo Alto Networks. We also have great midsize and small companies. You think of Telos, you think of SAP NS2 and Iron Net, you think of Saildrone. We've got companies that whose technology product and service offerings run the range for government needs. We all come together because we understand that the government can and should and must do better to buy and leverage commercial technology to meet mission outcomes. So that is what we focus on. And, frankly, we have seen tremendous growth since COVID started. I mean, we are 24 members now we were at 18, just four months ago, but I like to say that ADI is an organization whose mission is more important and more resonant now, not just in the technology, parts of government, but at the secretary level at the Chief Acquisition Officer level, in Congress. We are folks that are trying to paint the future, we're doing a positive vision for change for what government can and should be. And for all of those other technology companies that want to be a part of that, that understand that the government can do better, and that has ideas for making it work better and for getting commercial innovation into government faster, to solve mission outcomes and to increase that trust between citizens and government, we want you. So if folks are interested in joining you got people that are watching out there, you can go to alliance4digitalinnovation.org. We're always accepting interested applicants and we look forward to continuing this message, showing some real outcomes and helping the government for the next year, five years, 10 years, really mature and modernize faster and more effectively than it has before. >> Great mission, love what you're doing. I think the future democracy depends on these new models to be explored, candidly and out in the open, and it's a great mission, we support that. Thanks for taking the time, Matthew. Appreciate it. >> Thanks, John. Have a great Public Sector Summit. >> Okay, this is theCUBE coverage of AWS Public Sector Virtual Summit. I'm John Furrier here in theCUBE Virtual. Thanks for watching and stay tuned for more coverage. (gentle music)

>> Live from Bahrain, it's theCUBE. Covering AWS Summit Bahrain. Brought to you by Amazon Web Services. >> Hey, welcome back everyone, we're here live in Bahrain in the Middle East. This is theCUBE's exclusive coverage, here for the first time, covering Amazon Web Services, AWS' Public Sector, and the breaking news around their new region that they announced a while ago, going to be deployed here in the early 2019 time frame. An Amazon region really is the power source of digital. It has a track record of creating so much value and innovation. And I'm here with Teresa Carlson, who's the head-- she's the chief of public sectors, she's the head of Amazon Web Services' Public Sector globally, except for China but that's a different territory. Teresa Carlson, it's great to see you. >> It's so great to have you here with us, oh my goodness. >> So I got to say, you told me a few years ago we're going to really go international, we're doubling down outside North America, we're going to have regions, Andy Jassy, the CEO of AWS, said the same. This is the strategy of Amazon. But the Middle East was your baby. This was something that you did spend a lot of time on, and a lot of decisions. Everyone wants to know why Bahrain? Why did you choose this region? And what do you see happening? And how's it going? >> Well, you know, it's interesting because, well I have had a lot of people say why Bahrain as the first region that you've put in the Middle East? Because it doesn't seem like the first place somebody would choose. And the thing that kept coming back to me is Jeff has always said we're willing to be misunderstood for long periods of time. And I think this is probably one of those times where people just didn't quite understand why Bahrain. Well, here's why. I met the Crown Prince, we talked about digital innovation and the economy here and he immediately got that they needed to go through a digital transformation. They are not a country that has a lot of oil. They are a smaller country and they really are a working class country that is looking for how do they have sustainment? And they've done things in the past around financial services that really got them going. They would spear head things. And I think he saw the opportunity that this could help them jump-start the economy and they could kind of be a hub for innovation. So they created the right policies around Cloud First. They created the right telecommunications policy. They were one of the first to deregulate. They had good pricing for utilities. They were friendly toward businesses. And they had a culture that we felt could fit well with us, as well as our partner community. >> Couple of observations, being the first time here, so thank you for inviting us and allowing us to cover you here. One, they're a learning culture, they speak multiple languages, why not add programming to it, software? Two, they like to move fast. They just built a track in 14 months, they're not afraid to go faster. >> They go fast. >> That's Amazon. Amazon, you guys move at a speed of a whole 'nother cadence. And then, my observation again, compared to other areas as I look around is that the percentage of the population of Bahrainians is large, is a lot of people live here, that are native, and they're talented. >> Well, one of the things you said that I think is key is that they move fast, they're used to being frugal on how they do things and they're very scrappy. And that really fits with their culture because, again, they have to do things different than some of the other minimalist countries who are-- they're not quite as rich. But they have this culture of really moving fast and they took down blockers like crazy. I mean, as we came in and were making a decision on-- >> What were some of those blockers? Like, stumbling blocks, are they more hurdles? What were they? >> They were stumbling blocks but they were-- we had to really come in and talk about why telecommunications, policies and pricing had to change because in an old-school model of Telco, there's a lot of big charges. And when you have a digital economy coming in, if you think about, you have a few transactions for a lot of money in an old-school. In a new-school world, you have millions of transactions for a little bit, 'cause you've got to be able to transact a lot, and that's why your telecommunications industry's got to be set up as well as you want it deregulated. They'd already deregulated it so they worked with us to open it up, to set the policies, and now Batelco, who is one of our major telecommunications partners here, is doing manage services on AWS, they've gotten all kinds of people trained. And it's just an example of how they look at an opportunity and say we have got to innovate and make changes if we want to have a sustainment in the 21st century economy. >> And you guys are bringing a lot of goodness to the table, they're quick learners, they're smart, they've got their entrepreneurial vibe. They're not afraid to put some funds of funds together and get some professional investment going on. So that's going to level up the entrepreneurship base. The question is when will the region be ready? How's that going? It's under construction. We've been hearing it's been impacting and, frankly, bringing in to this country an agenda item of sustainability and sustainable energy. Well, why would they need sustainable energy if they've got oil? >> Well they-- (laughs) [John] - Why burn it if you can sell it? That's what the British Prime Minister-- >> Well they do and they've had a new find but I think they have to get to the new oil that they've found but they're not-- I think, what I understand, they're not banking on that, they're going to bank on a digital economy. So they know this is kind of a guaranteed way to really grow what they're doing and bringing out outside others. There's two big elements they're doing. One is they're creating policies for data that allows other countries to put their data here safely and with the right laws. That is game changing. So that's one big thing they're doing. The second thing is they have the spirit of teaching and training so they're getting other countries to come in and talk to them about what they're doing. And remember, John, they're already moving the government to the Cloud and they don't even have their Cloud here yet. So they've done all their homework and they're already moving more work loads into the Cloud that they don't feel need to be here. But they've looked at security design, compliance practices, and they're like, we're moving, we're not waiting. >> They're Cloud First. >> They're Cloud First. >> Okay, so when do you expect the construction to be ready? Ballpark, I know you can't probably give an exact date but when-- >> We expect it'll be ready by Q1 of 2019 and we're excited. It's going to be one of the most innovative regions. And by the way, I dunno if you saw, I had a big star on the map today in my presentation. We have literally, at AWS, had a big hole in the world with no region in the Middle East or Africa, and now we are going to have this region so it is exciting, and I know that the region itself is really anxious to get going. >> Well not only are you an amazing executive, I've seen you work, I've seen what you've done, checking the boxes, doing the hard work, getting down and dirty and doing hustling and scrapping, but you also made some good strategic bets. This one really is successful because I think, two things, you bring a region to the area for AWS but you guys are doing it in a way that's partnering with the government, you're actually-- as industry contributing. I think that's a case there that's going to probably be recognized down the road when people figure that out. But that's going to be a great one. But the cultural win, for you, is pretty amazing and I have to say, yesterday I went to the women breakfast that you hosted and I've never been at a women breakfast, and I've been to a lot of them because I like to be involved, where I got kicked out of a table because they need the space, so it was so crowded. Sorry guys, you're out, I got booted. I didn't leave the room, I had to just move, because they had workshops. Take a minute to explain the women breakfast you had because I think that was extraordinary and a proof point that the narrative of the region, women don't go to school, all this nonsense that's out there, take a minute to clarify this, this is a cultural shift. There might be some cultural things going on. >> Well, the women are here, #SmartIsBeautiful. They are amazing. And they are very educated and in fact, 53% of the government work force here are females at high level jobs too, they're not just low level. And I actually met with the King this week who told me that he was able-- he has the first Supreme Court Justice, that's a female, in the Middle East. And he said it was against culture but he did it because he said this woman was so amazing and she was so talented and she fit the role, she had the job description down. And he said it's gone great, so the women here are smart, they're talented, they're educated, and they actually get degrees in Computer Science. Here in Bahrain, 60% of the Computer Science students are females. Now, what is not happening, is their not always getting out and getting these jobs. And the second thing is, right now, we're still working with them to teach the right skills. A lot of skills are actually outdated tech skills and I know, John, you see this too, even in the US. You have universities that are still teaching the wrong skills for Cloud, so we are working with them at the university and the high school level that actually teach and certify on the right skills. But the women are talented, they're amazing. There are some cultural things that we're going to work together on but there's really no reason we can't have an amazing and talented workforce of women here in the Middle East. >> We had Mohammed on, who's the chief executive of the IGA, the Information e-Government Authority. He told me that any citizen can get a certification for free in this country. >> Yes! Oh my gosh, so I've never seen this. So our partner here, Tamkeen, who's like The Labour Fund, about a year and a half ago, agreed that any citizen that got a certification on AWS, it would be 100% paid for. And then we just announced today that they're actually also going to pay 100% of Bahraini companies that want to move to the Cloud. They're serious about this, they are serious. And they are being a role model and, again John, why are they doing it? They are doing it because they realize that they want to be a true digital economy and grow their businesses here and create new. They got to move faster because they're smaller. They've got to be scrappier, they got to move faster, they got to do things a little bit different. >> The other thing I want to point out, you can't really see it on the camera, but behind us you have, essentially, a mix of commercial and public sector. The show here is so, so crowded, couldn't get into the keynote speech, overflow of room was packed, this is attracting everyone from the Gulf region here. Not just public sector, but commercial businesses. This is not a one time thing, this is a-- the pent-up demand is here. What do you expect is going to happen when the region gets here built out? >> Well, if you look at all the partners around, I mean you have Trend Micro over here, and others, many of them have come because they're excited about us putting a region here. And Andy Jassy and I both have had many of our partners say when are you going to have a region in the Middle East? So we expect a lot more partners are going to come. Just like you they're going to see the value of being here. But, additionally, I don't know what we're going to do for our conference, our summit, because we've already out-grown this space and you're right, we have delegates here from Jordan, the UAE, Saudi Arabia, of course Bahrain, Kuwait, the US. So many different groups are being represented here and I think also South Africa, we have some folks from South Africa. >> Well theCUBE is here, we're making great observations and great commentary. I got to say that you're even attracting amazing talent from the US, besides theCUBE. General Keith Alexander was here. >> Yes he was. >> John Wood from Telos, and all these partners, all visionaries who see the opportunity. This is important, you're not being misunderstood by the people who know Amazon. >> No, I agree. And you made a point earlier that I think is important. Even though I'm kind of here for this conference, leading it, this is not a public sector conference, it's a AWS Summit. It has tons of commercial, tons of public sector. The thing that's a little bit different when you get to some of these countries is they are more government lead, so that is the reason it's important to have this relationship with government if you really want to, but you don't want to surprise them. And you want to work with them to help make sure that they and the country are successful. >> Well Teresa, it's been fun to observe and watch your successes continue to raise the bar here in your job. This is a whole 'nother level when you talk about really filling a hole, you see a hole, you fill it. >> Yep, find a whole, fill it (laughs). >> I heard someone say that once in a motivation speech. Oh, that was you, "You see a hole you fill it. "Oh, we got to hole in the Middle East, fill it!" You have a region here, you've got great success in Washington, DC, CIA, other governments. Congratulations, and thanks for all your support-- >> Thank you John for being here, thank you. >> Thank you, live coverage here. We are here in Bahrain in the Middle East of CUBE's first time. I'm John Furrier, your host here, covering the exclusive Amazon Web Services Summit, and covering the historic launch of the new region in the Middle East. This should change the game, this is going to be a digital hub. It's going to have impact to entrepreneurship, economics and society. We'll be covering it at theCUBE. Stay with us for more after this short break. (jubilant music)

>> Live from Washington D.C. It's theCUBE, covering the AWS Public Sector Summit 2018. Brought to you by Amazon Web Services, and its eco-system partners. (upbeat music) >> Welcome back to the nation's capitol. I'm Stu Miniman and you're watching theCUBE's coverage of AWS Public Sector Summit 2018. Joining me for the wrap-up of day one, John Furrier, Dave Vellante. So John, thanks for bringing us down. So you were here last year. We've interviewed Teresa Carlson a number of times at Reinvent, but we've got to start with you. Since you were here last year, watching this explode. I said, this reminds me of Reinvent three years ago, how big it is, 14,500 people, wow. >> Yeah, so you're right on. This is definitely a Reinvent kind of vibe, in a way to describe what happened with Amazon Reinvent, their annual conference which we were at the 2nd year, 2013, and have been every year. Reinvent got bigger every year, and just became more prominent, and the solutions scaled, the number of announcements, as we know Amazon today is packed, it's bigger than ever. The public sector market, which is defined as government, education, and global public sector countries like Bahrain and other countries, are really the target. They have unique requirements. So what's happening is that that market is being disrupted, and there's been similar moments in the public sector here in the United States, as well known. The fail of the website that Obama. You know, the health care sight was one. The government initiatives that have been going on. The government is not modern and people are frustrated. The IT workers are living in cages, they're strapped in. It's like, not good. The tooling's old, old client server, old vendors like Oracle and IBM and others that are trying to keep that business, and they're not modernizing. So, this modernization wave has hit the public sector across the board, and what's happening is they can actually build newer systems faster, and get lower cost, more efficiency, done faster. And this is disrupting not only their business model, but how they buy technology, the role of the supplier in that piece of the equation, and also just overall faster innovation. So, this is driving it. The shocker of all of it is the security conversation has been up leveled, meaning it's not a real issue. Certainly the security is a real issue, but in terms of a barrier that stops everything, that's not the case anymore. The CIA is really the most notable that came on and said the worst day in cloud security is better than anything we got working today. So that's a really interesting thing and the Department of Defense Jedi project is billions of dollars that would have gone to say, an Oracle, IBM, and all the incumbents, or, beltway bandits, as they've been called. Those days are over. So that to me is a really exciting thing for the country. But, Amazon is running the tables too. So again, this year, more of the same, bigger. Big agencies. Small partners and big, all riding the wave of growth. And, it's a new operating model, and again, we'll predict it here in theCUBE, as we always say, and then we'll be right again. This is going to be a special market for Amazon going forward. >> I think government market is definitely a microcosm of the overall marketplace as John said. It's very bureaucratic, they're slower to move, you got to regime change every four or eight years, so a lot of turnover. It's really hard to get. Okay, we're going to go with strategy, cause the strategy as they start stop, it's a near to mid term strategies are affected in the government. Obviously, there's a greater focus on security. Cloud addresses a lot of those. We certainly heard that from the CIA. I don't think you can talk about cloud and federal, without talking about that milestone CIA deal. That really was a watershed moment. It was a wake up call to the old guard. IBM, as you might recall, tried to fight the government, because the CIA awarded the contract to Amazon. IBM lost that case, they were eviscerated by the judge. It forced IBM to go out and pay two billion dollars for software. It was years later that Oracle really got in. So, Amazon, to an earlier guest's point, has a huge lead. The estimate was five to 10 years, I heard, over some of the legacy suppliers. Interesting, not sure exactly where Microsoft fits in there. Stu, I'd love to get your thoughts. The thing about cloud that we've, John, you talk about being right, for years, we've talked about the economics of cloud, the scale of cloud, the marginal economics, looking much more like software. That's clearly been to Amazon's advantage. And, they're mopping the floor with guys who can't keep pace. And so, that's played out in a big way, and this seems to be a winner take all market. Or, a few companies take all market. >> Yeah, the thing that I actually wanted to comment on that's really interesting to dig in here, is if you talk about application modernization. Yes, it is super challenging, and it's not happening overnight, but, have heard universities, non profits, they're moving. It's not just mobility, moving to the web, but talking about how they are decoupling and creating cloud native microservices environments. So, was talking to a large, government healthcare organization that was super excited to show me how he was going to take his really old application, and start pulling together services at a time. And, he's like, I've got 130 services. And here's how I'll stick a router in here and I'll start pulling them off to the cloud. Talked to a big university and said, how are they going from, my data center, which I'm out of power, I'm out of capacity. I'm going to use the VMWare thing, but over time, I'm moving to containers, I'm moving to serverless. That modernization, we know it's not moving all of it to the public cloud, but that migration is happening. It is challenging and as I've said many times in many of these Amazon shows, Dave and John, it's the companies that come here. They're the ones that are trying cool stuff. They're are able to play in some of these environments and they make progress. So, the thing that really excites me too, is when you hear government agencies that are doing innovative, cool things. It's like, how do I leverage my data and give back to the communities I serve. Help charities, help our communities, and do it in cost effective ways. >> Stu, I got to say, Dave, Theresa Carlson just came by theCUBE, we gave her a wave. She's the CEO of Public Sector, as I call her, she's the chief, she's in charge. Andy Jackson's the CEO of AWS, but again, public sector's almost its own little pocket of AWS. Her leadership, I think, is a real driving force of why it was successful so fast. Theresa Carleson is hard charging, she knows the government game. She's super nice, but she can fight. And she motivates her team. But she listens to the customers, and she takes advantage of that Amazon vibe, which is solve a problem, lower prices, make things go faster, that's the flywheel of the culture. And she brings it to a whole nother level. She's brought together a group of people that are succeeding with her. She leans on her partners, so partners are making money. She's bringing in cloud native kind of culture. I mean, CrowdStrike, you can't get any better than seeing guys like CrowdStrike raise 200 million dollars, Dave, today announced, worth over three billion dollars, because they built their system to work for cloud scale. CloudChecker, another company. Purpose built for the cloud and is extremely successful because they're not trying to retrofit an enterprise technology and make it cloudified. They actually built it for the cloud. This, to me, is a signal of what has to happen on successful deployments, from a customer standpoint. And I think that's what attracting the customers and they will change their operations 'cause the benefits are multifold and they're pretty big. Financially, operationally, culturally, it's disruptive. So I think that's a key point. >> Yeah, and I think again, this a microcosm of the larger AWS, which is a microcosm of the larger Amazon, but, some of the things we heard today, some of the benchmarks and milestones from Theresa on the keynote. 60 consultancies that she put up on the slide, 200 ISVs ans SAAS companies, 950 third-party software providers, this is all GovCloud. And then Aurora now in GovCloud, which is, you know, you see here, it lags. >> Database. >> Amazon and Specter, you've heard a lot about database. Amazon and Specter, which manages security configurations. We heard about the intent to go forward with the VMWare partnership, the VMWare cloud in GovCloud. So, a little bit behind where you see the Amazon web services in commercial. But, taking basically the same strategy as John said. The requirements are different. I also think, Stu and John, it's important to point out just the progress of AWS. We're talking about tracking to 22 billion dollars this year. They're growing still at 15 percent, that massive number. 26 percent operating income. Their operating income is growing at 54 percent a year. So, just to compare Amazon web services to other so called infrastructure providers, HPE's operating income is eight percent, IBM's is nine percent, VMWare, which is a software company, is at 19 percent, Amazon's at 26 percent. It's Cisco level of profitability. Only companies like Oracle and Microsoft are showing better operating income. This is that marginal economics, that we've talked about for years. And Amazon is crushing it, just in terms of the economic model. >> Yeah, and they bring in the public sector. Can you imagine that disruption for that incumbent mindset of these government kind of agencies that have been the frog in boiling water for so many years around IT. It's like Boom, what a wake up call. If you know IT, you know what it's like. Older tools, huge budget cycles, massive amounts of technology trends in terms of time to value. I mean, Stu, you've seen this buoy before. >> Yeah, absolutely, and it's interesting. Some of the things we heard is there's challenge in the government sometimes, moving from capex to opex. The way that government is used to buying is they buy out of the GSA catalog, they are making that move. We actually had on the federal CTO for Cohesity, came from the GSA, and he said we're making progress as an industry on this. Dave, you mentioned a whole lot of stats here. I mean, year after year, Q1 Amazon was up 49 percent revenue growth. So, you know, you always hear on the news, it's like, oh well, market share is shifting. Amazon is still growing at such a phenomenal pace, and in the GovCloud, one of the things I thought Kind of interesting that gets overlooked is the GovCloud is about five years, no it launched in August of 2011, so it's coming up on seven years. It's actually based out of the West Coast. They have GovCloud, US East is coming later this year. And we talked in the VMWare interview that we did today about why some of the lag and you need to go through the certification and you need to make sure there's extra security levels. Because, there's not only GovCloud, then they've got the secret region, the top secret region, so special things that we need to make sure that you're FedRAMP compliant and all these things. Amazon is hitting it hard, and definitely winning in this space. >> Yeah, and they have a competitive advantage, I mean, they're running the table, literally. Because no body else has secret cloud, right? So, Amazon, Google, others, they don't have what the spec requires on these big agencies, like the DOD. So, it's not a sole source deal. And we saw the press that President Trump had dinner with Safra Catz, the CEO of Oracle. And, that Amazon, that people are crying foul. Making a multicloud, multivendor kind of, be fair, you know fairness. Amazon's not asking for sole source, they're just saying we're responding to the bid. And, we're the only ones that actually can do it. You know, John Wood, the CEO of Telos, said it best on theCUBE today, Amazon is well down the road, five years advantage over any cloud, five years he said. >> There's no compression algorithm for experience, right? >> Right, right, but this is a real conundrum for the government buyers, the citizens, and the vendors. So, typically, let's face it, technology, IBM, HPE, Oracle, Dell, they can all pretty much do the same thing. Granted, they got software, Cisco, whatever. They got their different spaces, but head to head, they all pretty much can do what the RFP requires. But what you just pointed out John, is Amazon's the only one that can do a lot of this stuff, and so, when they say, okay let's make it fair, what they're really saying is, let's revert back to the mean. Is that the right thing for the citizens? That's the kind of question that's on the table now. As a citizen, do you want the government pushing the envelope... >> That's what he said from CrowdStrike, why go backwards? >> Right, right, but that's essentially what the old guard is saying. Come back to us, make it fair, is that unfair? >> You're too successful, let the competition catch up, so it can be fair. No, they've got to match up the value proposition. And that fundamentally is going to put the feet to fire of government and it's going to be a real critical tell sign on how much teeth to the mission that the government modernization plan is. If that mission to be modernizing government has teeth, they will stay in the course. Now, if they have the way to catch up, that's great. I can already hear it on Twitter, John, you don't really know what you're talking about. Microsoft's right there. Okay, you can say you're doing cloud, but as they teach you in business school, there's diseconomies of scale, to try to match a trajectory of an experienced cloud vendor. Stu, you just mentioned that, let's explore that. If I want to match Amazon's years of experience, I can say I'm up there with all these services, but you can't just match that overnight. There's diseconomies of scale, reverse proxies, technical debt, all kinds of stuff. So, Microsoft, although looking good on paper, is under serious pressure and those diseconomies of scales creates more risk. That more risk is more downtime. They just saw 11 hours of downtime on Microsoft Azure in Europe, 11 hours. That's massive, it's not like, oh, something just happened for a day. >> Here's the behind the scenes narrative that you hear from certain factions. Is, hey, we hire people, let's say I'm talkin' about Microsoft, we hire people out of Amazon too, we know where they're at. We think we've narrowed that lead down to six months. You and I have both heard that. When you talk to people on the other side of the table, it's like, no way, there's no way. We're movin' faster, in fact, our lead is extended. So, the proof is in the pudding. In the results that you see in the marketplace. >> Well, and just to build on that, the customers. Amazon has the customers, you talk to anybody that's in these agencies, you know, like any industry, they're all moving around. Not only the federal, but, I had a great interview with Nutanix this morning, he said this was the best collection of state and local government that I ever had. It's like I got to meet all my customers in person last year when they came here. So, the fed kind of sets the bar, and then state, local, education, they all learn there. So, as you said, John, Theresa and her team have really built a flywheel of customers, and those customers, they understand the product. They're going deeper on that. >> But look, Microsoft has success where it has a software state. Clearly there are a lot of Microsoft customers in the government, and they're going to do very well there. But it's really different. We're talkin' about the inventor, essentially, of infrastructure as a service in Public Cloud and Amazon with a clean sheet of paper. >> Microsoft, Google and the others, they have to catch up. So, really if you look at, let's compare and contrast. Amazon, first mover, they did the heavy lifting up front. They win the CIA deal three, four years ago. Now they're going to win the DOD deal and more. So, they've got the boiler plate, and they've got scale, economies of scale. Microsoft's got to catch up, so, they've got diseconomies of scale. Google is kind of backing out, we heard. Some Google employees revolting cause they don't want to work on these AI projects for drones or what not. But, Google's approach is not tryin' to match Amazon speed for speed, they're thing is they have leverage. Their Android, their security, the data. So, Google's staying much more pragmatic. And they're humble, they're saying, look, we're not tryin' to match Amazon. But we're going to have a badass cloud from a Google perspective. Microsoft hasn't yet said that, they just try to level up. I think if Microsoft takes that approach, they will do well. >> Well, you got to give Microsoft a lot of credit, obviously for the transformation that's occurred. Again it's still tied to the company's software estate, in my view anyway. >> All right Stu, what's your impression, what's your take? >> So, John, like every Amazon show I've been to, I'm impressed, it set a high bar. We go to a lot of shows and not only are there more people here, but the quality of people, the energy, the passion, the discussion of innovation and change, is just super impressive. >> You and I cover cloud data pretty deep. We go to all the shows, obviously the Lennox Foundation and Amazon Reinvent, and others. Does the Public Sector have that vibe in your opinion? What's your sense of it? >> Oh, yeah, no, I've already had a couple of conversations about Kubernetes and Lambda, you know, more serverless conversations at this show than almost any show I go to, other than probably KubeCon or the Serverless conf. So, no, advanced users, these are not the ones, a couple of years ago, oh I'm checking what this is. No, no, no, they're in, they're deep, they're using. >> Yeah, I notice also, near the press room, they had the certification stickers, now levels of certifications. So, they're just movin' the ball down the field at Amazon. Dave, I want to go to you and ask you what your impression is. Obviously, you know, we've done shows like HPE Reinvent, which we didn't do this year. That's goin' down its own path. We've got other shows. >> HPE Discover you mean. >> What did I say? >> You said Reinvent. >> Okay, every year they break. >> There's two ends of the spectrum. >> You know, there's is going to try to transform. What's your take of this show, Public Sector? What's your view? >> Well, first of all, it's packed. And, the ecosystem here is really robust. I mean, you see the consultancies, you see every technology vendor, I mean, it's quite amazing. They got to figure out the logistics, right? I've never seen a line so long. The line to get into registration was longer than Disney lines this morning. I mean, really, it was amazing. >> It's a Disneyland for Public Sector. >> It really is, and people are excited here. I think you were touching upon it before. They've sort of been hit with this bureaucratic, you know, cemented infrastructure. And now, it's like they're takin' the gloves off and they're really excited. >> Stu and Dave, I really got to say, I'm not a big federal person, over the years in my career but my general impression over the past couple years, diggin' in here, is that most of the people in the agency want to do a good job. I saw that last year, it's like, these are real innovators. And finally they can break away, right, and do some real, good. Not do shadow IT, do it legit with a cloud. So, good stuff. Guys, thanks for commentating, Stu? >> Yeah, so let me bring it on home. I just want to say, this goes up in a podcast, if you go to your favorite podcast player and look for theCUBE Insights, you'll find this as well as the key analysis from our team from all of the shows. Of course, as always, go to theCube dot net to get all the research. If you want the exclusive, more detail on Theresa Carlson, just search John Ferrier in Forbes and you'll find that article. This is the end of Day One of two days live coverage from AWS Public Sector. Of course, theCUBE dot net, come find us, we've got stickers if you're at the show. For Dave Vellante, John Furrier, I'm Stu Miniman. And as always, thanks so much for watching theCUBE. (techno music)