(bright upbeat music) >> Well, hello everybody. John Walls is here on "the CUBE". Great to have you with us as we continue our series here at the AWS Executive Summit sponsored by Accenture. And today we're talking about public service and not just a little slice of public service but probably the largest public sector offering in the UK and for with us or with us. Now to talk about that is Lianne Anderton, who is in with the Intelligent Automation Garage Delivery Lead at the UK Department of Work and Pension. Lianne, good to see you today. Thanks for joining us here on "the CUBE". >> Hi, thanks for having me. >> And also with this us is Amar Narayan, who is a Manager Director at Accenture the AWS Business Group for the Lead in Health and Public Sector, also UK and Ireland. And Amar, I think, you and Lianne, are in the same location, Newcastle, I believe in the UK, is that right? >> Yeah, absolutely. Yep, yeah, we're, here in the northeast of UK. >> Well, thank you for being with us. I appreciate the time. Lianne, let's talk about what you do, the Department of Work and Pension, the famous DWP in England. You have influence or certainly touchpoints with a huge amount of the British population. In what respects, what are you doing for the working class in England and what does technology have to do with all that? >> Sure, so for the Department for Work and Pensions I think the pensions bit is fairly self explanatory so anybody who is over state pension age within the UK. for the work part of that we also deal with people of working age. So, these are people who are either in employment and need additional help through various benefits we offer in the UK. Those people who are out of work. And we also deal with health related benefits as well. And we are currently serving over 20 million claimants every year at this moment in time. So, we're aware of a huge part of the UK government. >> All right, so say that number again. How many? >> 20 million claimants every year. >> Million with an M, right? >> Yeah. >> So, and that's individuals. And so how many transactions, if you will, how many do you think you process in a month? How, much traffic basically, are you seeing? >> An extraordinary amount? I'm not even, I don't think I even know that number. (Lianne laughing) >> Mind blowing, right? So, it's- >> A huge, huge amount. >> Mind blowing. >> Yeah, so, basically the we kind of keep the country going. So, you know, if the department for Work and Pensions kind of didn't exist anymore then actually it would cause an infinite number of problems in society. We, kind of help and support the people who need that. And, yeah, so we play a really vital role in kind of you know, social care and kind of public service. >> So, what was your journey to Accenture then? What, eventually led you to them? What problem were you having and how have you collaborated to solve that? >> So, in terms of how we work with Accenture. So, we had in around 2017 DWP was looking at a projected number of transactions growing by about 210 million which was, you know, an extraordinary amount. And, you know, I think as we've kind of covered everything that we do is on a massive scale. So, we as DWP as an organization we had absolutely no idea how we were going to be able to handle such a massive increase in the transactions. And actually, you know, after kind of various kind of paths and ideas of how we were going to do that, automation, was actually the answer. But the problem that we have with that is that we have, like many governments around the world, we have really older legacy systems. So, each of these benefits that we deal with are on legacy systems. So, whatever we were going to develop had to, you know, connect to all of these, it had to ingest and then process all of these pieces of data some of which, you know, given the fact that a lot of these systems have a lot of manual input you have data issues there that you have to solve and whatever we did, you know, as we've talked about in terms of volumes has to scale instantly as well. So, it has to be able to scale up and down to meet demand and, you know, and that down scaling is also equally as important. So yeah, you've got to be able to scale up to meet the volumes but also you've got to be able to downscale when when it's not needed. But we had nothing that was like that kind of helped us to meet that demand. So, we built our own automation platform, The Intelligent Automation Garage and we did that with Accenture. >> So Amar, I'd like you to chime in here then. So, you're looking at this client who has this massive footprint and obviously vital services, right? So, that's paramount that you have to keep that in mind and the legacy systems that Lianne was just talking about. So, now you're trying to get 'em in the next gen but also respecting that they have a serious investment already in a lot of technology. How do you approach that kind of problem solving, those dynamics and how in this case did you get them to automation as the solution? >> Sure, so I think I think one of the interesting things, yeah as Lianne has sort of described it, right? It's effectively like, you know the department has to have be running all of the time, right? They can't, you know, they can't effectively stop and then do a bunch of IT transformation, you know it's effectively like, you know, changing the wheels of a jumbo jet whilst it's taking off, right? And you've got to do all of that all in one go. But what I think we really, really liked about the situation that we were in and the client relationship we had was that we knew we had to it wasn't just a technology play, we couldn't just go, "All right, let's just put some new technology in." What we also needed to do was really sort of create a culture, an innovation culture, and go, "Well how do we think about the problems that we currently have and how do we think about solving them differently and in collaboration, right?" So, not just the, "Let's just outsource a bunch of technology for to, you know, to Accenture and build a bunch of stuff." So, we very carefully thought about, well actually, the unique situation that they're in the demands that the citizens have on the services that the department provide. And as Lianne mentioned, that technology didn't exist. So, we fundamentally looked at this in a different way. So, we worked really closely with the department. We said, Look, actually what we ultimately need is the equivalent of a virtual workforce. Something where if you already, you know all of a sudden had a hundred thousand pension claims that needed to be processed in a week that you could click your fingers and, you know in a physical world you'd have another building all of your kits, a whole bunch of trained staff that would be able to process that work. And if in the following week you didn't need that you no longer needed that building that stuff or the machinery. And we wanted to replicate that in the virtual world. So, we started designing a platform we utilized and focused on using AWS because it had the scalability. And we thought about, how were we going to connect something as new as AWS to all of these legacy systems. How are we going to make that work in the modern world? How are we going to integrate it? How we going to make sure it's secure? And frankly, we're really honest with the client we said, "Look, this hasn't been done before. Like, nowhere in Accenture has done it. No one's done it in the industry. We've got some smart people, I think we can do it." And, we've prototyped and we've built and we were able to prove that we can do that. And that in itself just created an environment of solving tricky problems and being innovative but most importantly not doing sort of proof of concepts that didn't go anywhere but building something that actually scaled. And I think that was really the real the start of what was has been the Garage. >> So, And Lianne, you mentioned this and you just referred to it Amar, about The Garage, right? The Intelligent Automation Garage. What exactly is it? I mean, we talked about it, what the needs are all this and that, but Lianne, I'll let you jump in first and Amar, certainly compliment her remarks, but what is the IAG, what's the... >> So, you know, I think exactly what kind of Amar, has said from a from a kind of a development point of view I think it started off, you know, really, really small. And the idea is that this is DWP, intelligent automation center of excellence. So, you know, it's aims are that, you know, it makes sure that it scopes out kind of the problems that DWP are are facing properly. So, we really understand what the crux of the problem is. In large organizations It's very easy, I think to think you understand what the problem is where actually, you know, it is really about kind of delving into what that is. And actually we have a dedicated design team that really kind of get under the bonnet of what these issues really are. It then kind of architects what the solutions need to look like using as Amar said, all the exciting new technology that we kind of have available to us. That kind of sensible solution as to what that should look like. We then build that sensible solution and we then, you know as part of that, we make sure that it scales to demand. So, something that might start out with, I dunno, you know a few hundred claimants or kind of cases going through it can quite often, you know, once that's that's been successful scale really, really quickly because as you know, we have 20 million claimants that come through us every year. So, these types of things can grow and expand but also a really key function of what we do is that we have a fully supported in-house service as well. So, all of those automations that we build are then maintained and you know, so any changes that kind of needed to be need to be made to them, we have all that and we have that control and we have our kind of arms wrapped around all of those. But also what that allows us to do is it allows us to be very kind of self-sufficient in making sure that we are as sufficient, sorry, as efficient as possible. And what I mean by that is looking at, you know as new technologies come around and they can allow us to do things more effectively. So, it allows us to kind of almost do that that kind of continuous improvement ourselves. So, that's a huge part of what we do as well. And you know, I think from a size point of view I said this started off really small as in the idea was this was a kind of center of excellence but actually as automation, I think as Amar alluded to is kind of really started to embed in DWP culture what we've started to kind of see is the a massive expansion in the types of of work that people want us to do and the volume of work that we are doing. So, I think we're currently running at around around a hundred people at the moment and I think, you know we started off with a scrum, a couple of scrum teams under Amar, so yeah, it's really grown. But you know, I think this is here to stay within DWP. >> Yeah, well when we talk about automation, you know virtual and robotics and all this I like to kind of keep the human element in mind here too. And Amar, maybe you can touch on that in certain terms of the human factors in this equation. 'Cause people think about, you know, robots it means different things to different people. In your mind, how does automation intersect with the human element here and in terms of the kinds of things Lianne wants to do down the road, you know, is a road for people basically? >> Oh yeah, absolutely. I think fundamentally what the department does is support people and therefore the solutions that we designed and built had to factor that in mind right? We were trying to best support and provide the best service we possibly can. And not only do we need to support the citizens that it supports. The department itself is a big organization, right? We're up to, we're talking between sort of 70 and 80,000 employees. So, how do we embed automation but also make the lives of the, of the DWP agents better as well? And that's what we thought about. So we said, "Well look, we think we can design solutions that do both." So, a lot of our automations go through a design process and we work closely with our operations team and we go, well actually, you know in processing and benefit, there are some aspects of that processing that benefit that are copy and paste, right? It doesn't require much thought around it, but it just requires capturing data and there's elements of that solution or that process that requires actual thought and understanding and really empathy around going, "Well how do I best support this citizen?" And what we tended to do is we took all of the things that were sort of laborious and took a lot of time and would slow down the overall process and we automated those and then we really focused on making sure that the elements that required the human, the human input was made as user friendly and centric as we possibly could. So, if there's a really complex case that needs to be processed, we were able to present the information in a really digestible and understandable way for the agents so that they could make a informed and sensible decision based around a citizen. And what that enabled us to do is essentially meet the demands of the volumes and the peaks that came in but also maintain the quality and if not improve, you know the accuracy of the claims processing that we had. >> So, how do you know, and maybe Lianne, you can address this. How do you know that it's successful on both sides of that equation? And, 'cause Amar raised a very good point. You have 70 to 80,000 employees that you're trying to make their work life much more efficient, much simpler and hopefully make them better at their jobs at the end of the day. But you're also taking care of 20 million clients on the, your side too. So, how do you, what's your measurement for success and what kind of like raw feedback do you get that says, "Okay, this has worked for both of our client bases, both our citizens and our employees?" >> Yeah, so we can look at this both from a a quantitative and a qualitative point of view as well. So, I think from a let take the kind figures first. So we are really hot on making sure that whatever automations we put in place we are there to measure how that automation is working what it's kind of doing and the impact that it's having from an operational point of view. So I think, you know, I think the proof of the fact that the Intelligent Automation Garage is working is that, you know, in the, in its lifetime, we've processed over 20 million items and cases so far. We have 65 scaled and transitioned automations and we've saved over 2 million operational hours. I was going to say that again that's 2 million operational hours. And what that allows us to do as an organization those 2 million hours have allowed us to rather than people as Amar, said, cutting and pasting and doing work that that is essentially very time consuming and repetitive. That 2 million hours we've been able to use on actual decision making. So, the stuff that you need as sentient human being to make judgment calls on and you know and kind of make those decisions that's what it's allowed us as an organization to do. And then I think from a quality point of view I think the feedback that we have from our operational teams is, you know is equally as as great. So, we have that kind of feedback from, you know all the way up from to the director level about, you know how it's kind of like I said that freeing up that time but actually making the operational, you know they don't have an easy job and it's making that an awful lot easier on a day to day basis. It has a real day to day impact. But also, you know, there are other things that kind of the knock on effects in terms of accuracy. So for example, robot will do is exactly as it's told it doesn't make any mistakes, it doesn't have sick days, you know, it does what it says on the tin and actually that kind of impact. So, it's not necessarily, you know, counting your numbers it's the fact that then doesn't generate a call from a customer that kind of says, "Well you, I think you've got this wrong." So, it's all that kind of, these kind of ripple effects that go out. I think is how we measure the fact that A, the garage is working and b, it's delivering the value that we needed to deliver. >> Robots, probably ask better questions too so yeah... (Lianne laughing) So, real quick, just real quick before you head out. So, the big challenge next, eureka, this works, right? Amar, you put together this fantastic system it's in great practice at the DWP, now what do we do? So, it's just in 30 seconds, Amar, maybe if you can look at, be the headlights down the road here for DWP and say, "This is where I think we can jump to next." >> Yeah, so I think, what we've been able to prove as I say is that is scaled innovation and having the return and the value that it creates is here to stay, right? So, I think the next things for us are a continuous expand the stuff that we're doing. Keeping hold of that culture, right? That culture of constantly solving difficult problems and being able to innovate and scale them. So, we are now doing a lot more automations across the department, you know, across different benefits across the digital agenda. I think we're also now becoming almost a bit of the fabric of enabling some of the digital transformation that big organizations look at, right? So moving to a world where you can have a venture driven architectures and being able to sort of scale that. I also think the natural sort of expansion of the team and the type of work that we're going to do is probably also going to expand into sort of the analytics side of it and understanding and seeing how we can take the data from the cases that we're processing to overall have a smoother journey across for our citizens. But it's looking, you know, the future's looking bright. I think we've got a number of different backlogs of items to work on. >> Well, you've got a great story to tell and thank you for sharing it with us here on "the CUBE", talking about DWP, the Department of Work and Pensions in the UK and the great work that Accenture's doing to make 20 million lives plus, a lot simpler for our friends in England. You've been watching ""the CUBE"" the AWS Executive Summit sponsored by Accenture. (bright upbeat music)

(bright upbeat music) >> Well, hello everybody. John Walls is here on "the CUBE". Great to have you with us as we continue our series here at the AWS Executive Summit sponsored by Accenture. And today we're talking about public service and not just a little slice of public service but probably the largest public sector offering in the UK and for with us or with us. Now to talk about that is Lianne Anderton, who is in with the Intelligent Automation Garage Delivery Lead at the UK Department of Work and Pension. Lianne, good to see you today. Thanks for joining us here on "the CUBE". >> Hi, thanks for having me. >> And also with this us is Amar Narayan, who is a Manager Director at Accenture the AWS Business Group for the Lead in Health and Public Sector, also UK and Ireland. And Amar, I think, you and Lianne, are in the same location, Newcastle, I believe in the UK, is that right? >> Yeah, absolutely. Yep, yeah, we're, here in the northeast of UK. >> Well, thank you for being with us. I appreciate the time. Lianne, let's talk about what you do, the Department of Work and Pension, the famous DWP in England. You have influence or certainly touchpoints with a huge amount of the British population. In what respects, what are you doing for the working class in England and what does technology have to do with all that? >> Sure, so for the Department for Work and Pensions I think the pensions bit is fairly self explanatory so anybody who is over state pension age within the UK. for the work part of that we also deal with people of working age. So, these are people who are either in employment and need additional help through various benefits we offer in the UK. Those people who are out of work. And we also deal with health related benefits as well. And we are currently serving over 20 million claimants every year at this moment in time. So, we're aware of a huge part of the UK government. >> All right, so say that number again. How many? >> 20 million claimants every year. >> Million with an M, right? >> Yeah. >> So, and that's individuals. And so how many transactions, if you will, how many do you think you process in a month? How, much traffic basically, are you seeing? >> An extraordinary amount? I'm not even, I don't think I even know that number. (Lianne laughing) >> Mind blowing, right? So, it's- >> A huge, huge amount. >> Mind blowing. >> Yeah, so, basically the we kind of keep the country going. So, you know, if the department for Work and Pensions kind of didn't exist anymore then actually it would cause an infinite number of problems in society. We, kind of help and support the people who need that. And, yeah, so we play a really vital role in kind of you know, social care and kind of public service. >> So, what was your journey to Accenture then? What, eventually led you to them? What problem were you having and how have you collaborated to solve that? >> So, in terms of how we work with Accenture. So, we had in around 2017 DWP was looking at a projected number of transactions growing by about 210 million which was, you know, an extraordinary amount. And, you know, I think as we've kind of covered everything that we do is on a massive scale. So, we as DWP as an organization we had absolutely no idea how we were going to be able to handle such a massive increase in the transactions. And actually, you know, after kind of various kind of paths and ideas of how we were going to do that, automation, was actually the answer. But the problem that we have with that is that we have, like many governments around the world, we have really older legacy systems. So, each of these benefits that we deal with are on legacy systems. So, whatever we were going to develop had to, you know, connect to all of these, it had to ingest and then process all of these pieces of data some of which, you know, given the fact that a lot of these systems have a lot of manual input you have data issues there that you have to solve and whatever we did, you know, as we've talked about in terms of volumes has to scale instantly as well. So, it has to be able to scale up and down to meet demand and, you know, and that down scaling is also equally as important. So yeah, you've got to be able to scale up to meet the volumes but also you've got to be able to downscale when when it's not needed. But we had nothing that was like that kind of helped us to meet that demand. So, we built our own automation platform, The Intelligent Automation Garage and we did that with Accenture. >> So Amar, I'd like you to chime in here then. So, you're looking at this client who has this massive footprint and obviously vital services, right? So, that's paramount that you have to keep that in mind and the legacy systems that Lianne was just talking about. So, now you're trying to get 'em in the next gen but also respecting that they have a serious investment already in a lot of technology. How do you approach that kind of problem solving, those dynamics and how in this case did you get them to automation as the solution? >> Sure, so I think I think one of the interesting things, yeah as Lianne has sort of described it, right? It's effectively like, you know the department has to have be running all of the time, right? They can't, you know, they can't effectively stop and then do a bunch of IT transformation, you know it's effectively like, you know, changing the wheels of a jumbo jet whilst it's taking off, right? And you've got to do all of that all in one go. But what I think we really, really liked about the situation that we were in and the client relationship we had was that we knew we had to it wasn't just a technology play, we couldn't just go, "All right, let's just put some new technology in." What we also needed to do was really sort of create a culture, an innovation culture, and go, "Well how do we think about the problems that we currently have and how do we think about solving them differently and in collaboration, right?" So, not just the, "Let's just outsource a bunch of technology for to, you know, to Accenture and build a bunch of stuff." So, we very carefully thought about, well actually, the unique situation that they're in the demands that the citizens have on the services that the department provide. And as Lianne mentioned, that technology didn't exist. So, we fundamentally looked at this in a different way. So, we worked really closely with the department. We said, Look, actually what we ultimately need is the equivalent of a virtual workforce. Something where if you already, you know all of a sudden had a hundred thousand pension claims that needed to be processed in a week that you could click your fingers and, you know in a physical world you'd have another building all of your kits, a whole bunch of trained staff that would be able to process that work. And if in the following week you didn't need that you no longer needed that building that stuff or the machinery. And we wanted to replicate that in the virtual world. So, we started designing a platform we utilized and focused on using AWS because it had the scalability. And we thought about, how were we going to connect something as new as AWS to all of these legacy systems. How are we going to make that work in the modern world? How are we going to integrate it? How we going to make sure it's secure? And frankly, we're really honest with the client we said, "Look, this hasn't been done before. Like, nowhere in Accenture has done it. No one's done it in the industry. We've got some smart people, I think we can do it." And, we've prototyped and we've built and we were able to prove that we can do that. And that in itself just created an environment of solving tricky problems and being innovative but most importantly not doing sort of proof of concepts that didn't go anywhere but building something that actually scaled. And I think that was really the real the start of what was has been the Garage. >> So, And Lianne, you mentioned this and you just referred to it Amar, about The Garage, right? The Intelligent Automation Garage. What exactly is it? I mean, we talked about it, what the needs are all this and that, but Lianne, I'll let you jump in first and Amar, certainly compliment her remarks, but what is the IAG, what's the... >> So, you know, I think exactly what kind of Amar, has said from a from a kind of a development point of view I think it started off, you know, really, really small. And the idea is that this is DWP, intelligent automation center of excellence. So, you know, it's aims are that, you know, it makes sure that it scopes out kind of the problems that DWP are are facing properly. So, we really understand what the crux of the problem is. In large organizations It's very easy, I think to think you understand what the problem is where actually, you know, it is really about kind of delving into what that is. And actually we have a dedicated design team that really kind of get under the bonnet of what these issues really are. It then kind of architects what the solutions need to look like using as Amar said, all the exciting new technology that we kind of have available to us. That kind of sensible solution as to what that should look like. We then build that sensible solution and we then, you know as part of that, we make sure that it scales to demand. So, something that might start out with, I dunno, you know a few hundred claimants or kind of cases going through it can quite often, you know, once that's that's been successful scale really, really quickly because as you know, we have 20 million claimants that come through us every year. So, these types of things can grow and expand but also a really key function of what we do is that we have a fully supported in-house service as well. So, all of those automations that we build are then maintained and you know, so any changes that kind of needed to be need to be made to them, we have all that and we have that control and we have our kind of arms wrapped around all of those. But also what that allows us to do is it allows us to be very kind of self-sufficient in making sure that we are as sufficient, sorry, as efficient as possible. And what I mean by that is looking at, you know as new technologies come around and they can allow us to do things more effectively. So, it allows us to kind of almost do that that kind of continuous improvement ourselves. So, that's a huge part of what we do as well. And you know, I think from a size point of view I said this started off really small as in the idea was this was a kind of center of excellence but actually as automation, I think as Amar alluded to is kind of really started to embed in DWP culture what we've started to kind of see is the a massive expansion in the types of of work that people want us to do and the volume of work that we are doing. So, I think we're currently running at around around a hundred people at the moment and I think, you know we started off with a scrum, a couple of scrum teams under Amar, so yeah, it's really grown. But you know, I think this is here to stay within DWP. >> Yeah, well when we talk about automation, you know virtual and robotics and all this I like to kind of keep the human element in mind here too. And Amar, maybe you can touch on that in certain terms of the human factors in this equation. 'Cause people think about, you know, robots it means different things to different people. In your mind, how does automation intersect with the human element here and in terms of the kinds of things Lianne wants to do down the road, you know, is a road for people basically? >> Oh yeah, absolutely. I think fundamentally what the department does is support people and therefore the solutions that we designed and built had to factor that in mind right? We were trying to best support and provide the best service we possibly can. And not only do we need to support the citizens that it supports. The department itself is a big organization, right? We're up to, we're talking between sort of 70 and 80,000 employees. So, how do we embed automation but also make the lives of the, of the DWP agents better as well? And that's what we thought about. So we said, "Well look, we think we can design solutions that do both." So, a lot of our automations go through a design process and we work closely with our operations team and we go, well actually, you know in processing and benefit, there are some aspects of that processing that benefit that are copy and paste, right? It doesn't require much thought around it, but it just requires capturing data and there's elements of that solution or that process that requires actual thought and understanding and really empathy around going, "Well how do I best support this citizen?" And what we tended to do is we took all of the things that were sort of laborious and took a lot of time and would slow down the overall process and we automated those and then we really focused on making sure that the elements that required the human, the human input was made as user friendly and centric as we possibly could. So, if there's a really complex case that needs to be processed, we were able to present the information in a really digestible and understandable way for the agents so that they could make a informed and sensible decision based around a citizen. And what that enabled us to do is essentially meet the demands of the volumes and the peaks that came in but also maintain the quality and if not improve, you know the accuracy of the claims processing that we had. >> So, how do you know, and maybe Lianne, you can address this. How do you know that it's successful on both sides of that equation? And, 'cause Amar raised a very good point. You have 70 to 80,000 employees that you're trying to make their work life much more efficient, much simpler and hopefully make them better at their jobs at the end of the day. But you're also taking care of 20 million clients on the, your side too. So, how do you, what's your measurement for success and what kind of like raw feedback do you get that says, "Okay, this has worked for both of our client bases, both our citizens and our employees?" >> Yeah, so we can look at this both from a a quantitative and a qualitative point of view as well. So, I think from a let take the kind figures first. So we are really hot on making sure that whatever automations we put in place we are there to measure how that automation is working what it's kind of doing and the impact that it's having from an operational point of view. So I think, you know, I think the proof of the fact that the Intelligent Automation Garage is working is that, you know, in the, in its lifetime, we've processed over 20 million items and cases so far. We have 65 scaled and transitioned automations and we've saved over 2 million operational hours. I was going to say that again that's 2 million operational hours. And what that allows us to do as an organization those 2 million hours have allowed us to rather than people as Amar, said, cutting and pasting and doing work that that is essentially very time consuming and repetitive. That 2 million hours we've been able to use on actual decision making. So, the stuff that you need as sentient human being to make judgment calls on and you know and kind of make those decisions that's what it's allowed us as an organization to do. And then I think from a quality point of view I think the feedback that we have from our operational teams is, you know is equally as as great. So, we have that kind of feedback from, you know all the way up from to the director level about, you know how it's kind of like I said that freeing up that time but actually making the operational, you know they don't have an easy job and it's making that an awful lot easier on a day to day basis. It has a real day to day impact. But also, you know, there are other things that kind of the knock on effects in terms of accuracy. So for example, robot will do is exactly as it's told it doesn't make any mistakes, it doesn't have sick days, you know, it does what it says on the tin and actually that kind of impact. So, it's not necessarily, you know, counting your numbers it's the fact that then doesn't generate a call from a customer that kind of says, "Well you, I think you've got this wrong." So, it's all that kind of, these kind of ripple effects that go out. I think is how we measure the fact that A, the garage is working and b, it's delivering the value that we needed to deliver. >> Robots, probably ask better questions too so yeah... (Lianne laughing) So, real quick, just real quick before you head out. So, the big challenge next, eureka, this works, right? Amar, you put together this fantastic system it's in great practice at the DWP, now what do we do? So, it's just in 30 seconds, Amar, maybe if you can look at, be the headlights down the road here for DWP and say, "This is where I think we can jump to next." >> Yeah, so I think, what we've been able to prove as I say is that is scaled innovation and having the return and the value that it creates is here to stay, right? So, I think the next things for us are a continuous expand the stuff that we're doing. Keeping hold of that culture, right? That culture of constantly solving difficult problems and being able to innovate and scale them. So, we are now doing a lot more automations across the department, you know, across different benefits across the digital agenda. I think we're also now becoming almost a bit of the fabric of enabling some of the digital transformation that big organizations look at, right? So moving to a world where you can have a venture driven architectures and being able to sort of scale that. I also think the natural sort of expansion of the team and the type of work that we're going to do is probably also going to expand into sort of the analytics side of it and understanding and seeing how we can take the data from the cases that we're processing to overall have a smoother journey across for our citizens. But it's looking, you know, the future's looking bright. I think we've got a number of different backlogs of items to work on. >> Well, you've got a great story to tell and thank you for sharing it with us here on "the CUBE", talking about DWP, the Department of Work and Pensions in the UK and the great work that Accenture's doing to make 20 million lives plus, a lot simpler for our friends in England. You've been watching ""the CUBE"" the AWS Executive Summit sponsored by Accenture. (bright upbeat music)

hello I'm John Furrier with thecube and welcome to this special presentation of the cube and Horizon 3.ai they're announcing a global partner first approach expanding their successful pen testing product Net Zero you're going to hear from leading experts in their staff their CEO positioning themselves for a successful Channel distribution expansion internationally in Europe Middle East Africa and Asia Pacific in this Cube special presentation you'll hear about the expansion the expanse partner program giving Partners a unique opportunity to offer Net Zero to their customers Innovation and Pen testing is going International with Horizon 3.ai enjoy the program [Music] welcome back everyone to the cube and Horizon 3.ai special presentation I'm John Furrier host of thecube we're here with Jennifer Lee head of Channel sales at Horizon 3.ai Jennifer welcome to the cube thanks for coming on great well thank you for having me so big news around Horizon 3.aa driving Channel first commitment you guys are expanding the channel partner program to include all kinds of new rewards incentives training programs help educate you know Partners really drive more recurring Revenue certainly cloud and Cloud scale has done that you got a great product that fits into that kind of Channel model great Services you can wrap around it good stuff so let's get into it what are you guys doing what are what are you guys doing with this news why is this so important yeah for sure so um yeah we like you said we recently expanded our Channel partner program um the driving force behind it was really just um to align our like you said our Channel first commitment um and creating awareness around the importance of our partner ecosystems um so that's it's really how we go to market is is through the channel and a great International Focus I've talked with the CEO so you know about the solution and he broke down all the action on why it's important on the product side but why now on the go to market change what's the what's the why behind this big this news on the channel yeah for sure so um we are doing this now really to align our business strategy which is built on the concept of enabling our partners to create a high value high margin business on top of our platform and so um we offer a solution called node zero it provides autonomous pen testing as a service and it allows organizations to continuously verify their security posture um so we our company vision we have this tagline that states that our pen testing enables organizations to see themselves Through The Eyes of an attacker and um we use the like the attacker's perspective to identify exploitable weaknesses and vulnerabilities so we created this partner program from a perspective of the partner so the partner's perspective and we've built It Through The Eyes of our partner right so we're prioritizing really what the partner is looking for and uh will ensure like Mutual success for us yeah the partners always want to get in front of the customers and bring new stuff to them pen tests have traditionally been really expensive uh and so bringing it down in one to a service level that's one affordable and has flexibility to it allows a lot of capability so I imagine people getting excited by it so I have to ask you about the program What specifically are you guys doing can you share any details around what it means for the partners what they get what's in it for them can you just break down some of the mechanics and mechanisms or or details yeah yep um you know we're really looking to create business alignment um and like I said establish Mutual success with our partners so we've got two um two key elements that we were really focused on um that we bring to the partners so the opportunity the profit margin expansion is one of them and um a way for our partners to really differentiate themselves and stay relevant in the market so um we've restructured our discount model really um you know highlighting profitability and maximizing profitability and uh this includes our deal registration we've we've created deal registration program we've increased discount for partners who take part in our partner certification uh trainings and we've we have some other partner incentives uh that we we've created that that's going to help out there we've we put this all so we've recently Gone live with our partner portal um it's a Consolidated experience for our partners where they can access our our sales tools and we really view our partners as an extension of our sales and Technical teams and so we've extended all of our our training material that we use internally we've made it available to our partners through our partner portal um we've um I'm trying I'm thinking now back what else is in that partner portal here we've got our partner certification information so all the content that's delivered during that training can be found in the portal we've got deal registration uh um co-branded marketing materials pipeline management and so um this this portal gives our partners a One-Stop place to to go to find all that information um and then just really quickly on the second part of that that I mentioned is our technology really is um really disruptive to the market so you know like you said autonomous pen testing it's um it's still it's well it's still still relatively new topic uh for security practitioners and um it's proven to be really disruptive so um that on top of um just well recently we found an article that um that mentioned by markets and markets that reports that the global pen testing markets really expanding and so it's expected to grow to like 2.7 billion um by 2027. so the Market's there right the Market's expanding it's growing and so for our partners it's just really allows them to grow their revenue um across their customer base expand their customer base and offering this High profit margin while you know getting in early to Market on this just disruptive technology big Market a lot of opportunities to make some money people love to put more margin on on those deals especially when you can bring a great solution that everyone knows is hard to do so I think that's going to provide a lot of value is there is there a type of partner that you guys see emerging or you aligning with you mentioned the alignment with the partners I can see how that the training and the incentives are all there sounds like it's all going well is there a type of partner that's resonating the most or is there categories of partners that can take advantage of this yeah absolutely so we work with all different kinds of Partners we work with our traditional resale Partners um we've worked we're working with systems integrators we have a really strong MSP mssp program um we've got Consulting partners and the Consulting Partners especially with the ones that offer pen test services so we they use us as a as we act as a force multiplier just really offering them profit margin expansion um opportunity there we've got some technology partner partners that we really work with for co-cell opportunities and then we've got our Cloud Partners um you'd mentioned that earlier and so we are in AWS Marketplace so our ccpo partners we're part of the ISP accelerate program um so we we're doing a lot there with our Cloud partners and um of course we uh we go to market with uh distribution Partners as well gotta love the opportunity for more margin expansion every kind of partner wants to put more gross profit on their deals is there a certification involved I have to ask is there like do you get do people get certified or is it just you get trained is it self-paced training is it in person how are you guys doing the whole training certification thing because is that is that a requirement yeah absolutely so we do offer a certification program and um it's been very popular this includes a a seller's portion and an operator portion and and so um this is at no cost to our partners and um we operate both virtually it's it's law it's virtually but live it's not self-paced and we also have in person um you know sessions as well and we also can customize these to any partners that have a large group of people and we can just we can do one in person or virtual just specifically for that partner well any kind of incentive opportunities and marketing opportunities everyone loves to get the uh get the deals just kind of rolling in leads from what we can see if our early reporting this looks like a hot product price wise service level wise what incentive do you guys thinking about and and Joint marketing you mentioned co-sell earlier in pipeline so I was kind of kind of honing in on that piece sure and yes and then to follow along with our partner certification program we do incentivize our partners there if they have a certain number certified their discount increases so that's part of it we have our deal registration program that increases discount as well um and then we do have some um some partner incentives that are wrapped around meeting setting and um moving moving opportunities along to uh proof of value gotta love the education driving value I have to ask you so you've been around the industry you've seen the channel relationships out there you're seeing companies old school new school you know uh Horizon 3.ai is kind of like that new school very cloud specific a lot of Leverage with we mentioned AWS and all the clouds um why is the company so hot right now why did you join them and what's why are people attracted to this company what's the what's the attraction what's the vibe what do you what do you see and what what do you use what did you see in in this company well this is just you know like I said it's very disruptive um it's really in high demand right now and um and and just because because it's new to Market and uh a newer technology so we are we can collaborate with a manual pen tester um we can you know we can allow our customers to run their pen test um with with no specialty teams and um and and then so we and like you know like I said we can allow our partners can actually build businesses profitable businesses so we can they can use our product to increase their services revenue and um and build their business model you know around around our services what's interesting about the pen test thing is that it's very expensive and time consuming the people who do them are very talented people that could be working on really bigger things in the in absolutely customers so bringing this into the channel allows them if you look at the price Delta between a pen test and then what you guys are offering I mean that's a huge margin Gap between street price of say today's pen test and what you guys offer when you show people that they follow do they say too good to be true I mean what are some of the things that people say when you kind of show them that are they like scratch their head like come on what's the what's the catch here right so the cost savings is a huge is huge for us um and then also you know like I said working as a force multiplier with a pen testing company that offers the services and so they can they can do their their annual manual pen tests that may be required around compliance regulations and then we can we can act as the continuous verification of their security um um you know that that they can run um weekly and so it's just um you know it's just an addition to to what they're offering already and an expansion so Jennifer thanks for coming on thecube really appreciate you uh coming on sharing the insights on the channel uh what's next what can we expect from the channel group what are you thinking what's going on right so we're really looking to expand our our Channel um footprint and um very strategically uh we've got um we've got some big plans um for for Horizon 3.ai awesome well thanks for coming on really appreciate it you're watching thecube the leader in high tech Enterprise coverage [Music] [Music] hello and welcome to the Cube's special presentation with Horizon 3.ai with Raina Richter vice president of emea Europe Middle East and Africa and Asia Pacific APAC for Horizon 3 today welcome to this special Cube presentation thanks for joining us thank you for the invitation so Horizon 3 a guy driving Global expansion big international news with a partner first approach you guys are expanding internationally let's get into it you guys are driving this new expanse partner program to new heights tell us about it what are you seeing in the momentum why the expansion what's all the news about well I would say uh yeah in in international we have I would say a similar similar situation like in the US um there is a global shortage of well-educated penetration testers on the one hand side on the other side um we have a raising demand of uh network and infrastructure security and with our approach of an uh autonomous penetration testing I I believe we are totally on top of the game um especially as we have also now uh starting with an international instance that means for example if a customer in Europe is using uh our service node zero he will be connected to a node zero instance which is located inside the European Union and therefore he has doesn't have to worry about the conflict between the European the gdpr regulations versus the US Cloud act and I would say there we have a total good package for our partners that they can provide differentiators to their customers you know we've had great conversations here on thecube with the CEO and the founder of the company around the leverage of the cloud and how successful that's been for the company and honestly I can just Connect the Dots here but I'd like you to weigh in more on how that translates into the go to market here because you got great Cloud scale with with the security product you guys are having success with great leverage there I've seen a lot of success there what's the momentum on the channel partner program internationally why is it so important to you is it just the regional segmentation is it the economics why the momentum well there are it's there are multiple issues first of all there is a raising demand in penetration testing um and don't forget that uh in international we have a much higher level in number a number or percentage in SMB and mid-market customers so these customers typically most of them even didn't have a pen test done once a year so for them pen testing was just too expensive now with our offering together with our partners we can provide different uh ways how customers could get an autonomous pen testing done more than once a year with even lower costs than they had with with a traditional manual paint test so and that is because we have our uh Consulting plus package which is for typically pain testers they can go out and can do a much faster much quicker and their pain test at many customers once in after each other so they can do more pain tests on a lower more attractive price on the other side there are others what even the same ones who are providing um node zero as an mssp service so they can go after s p customers saying okay well you only have a couple of hundred uh IP addresses no worries we have the perfect package for you and then you have let's say the mid Market let's say the thousands and more employees then they might even have an annual subscription very traditional but for all of them it's all the same the customer or the service provider doesn't need a piece of Hardware they only need to install a small piece of a Docker container and that's it and that makes it so so smooth to go in and say okay Mr customer we just put in this this virtual attacker into your network and that's it and and all the rest is done and within within three clicks they are they can act like a pen tester with 20 years of experience and that's going to be very Channel friendly and partner friendly I can almost imagine so I have to ask you and thank you for calling the break calling out that breakdown and and segmentation that was good that was very helpful for me to understand but I want to follow up if you don't mind um what type of partners are you seeing the most traction with and why well I would say at the beginning typically you have the the innovators the early adapters typically Boutique size of Partners they start because they they are always looking for Innovation and those are the ones you they start in the beginning so we have a wide range of Partners having mostly even um managed by the owner of the company so uh they immediately understand okay there is the value and they can change their offering they're changing their offering in terms of penetration testing because they can do more pen tests and they can then add other ones or we have those ones who offer 10 tests services but they did not have their own pen testers so they had to go out on the open market and Source paint testing experts um to get the pen test at a particular customer done and now with node zero they're totally independent they can't go out and say okay Mr customer here's the here's the service that's it we turn it on and within an hour you're up and running totally yeah and those pen tests are usually expensive and hard to do now it's right in line with the sales delivery pretty interesting for a partner absolutely but on the other hand side we are not killing the pain testers business we do something we're providing with no tiers I would call something like the foundation work the foundational work of having an an ongoing penetration testing of the infrastructure the operating system and the pen testers by themselves they can concentrate in the future on things like application pen testing for example so those Services which we we're not touching so we're not killing the paint tester Market we're just taking away the ongoing um let's say foundation work call it that way yeah yeah that was one of my questions I was going to ask is there's a lot of interest in this autonomous pen testing one because it's expensive to do because those skills are required are in need and they're expensive so you kind of cover the entry level and the blockers that are in there I've seen people say to me this pen test becomes a blocker for getting things done so there's been a lot of interest in the autonomous pen testing and for organizations to have that posture and it's an overseas issue too because now you have that that ongoing thing so can you explain that particular benefit for an organization to have that continuously verifying an organization's posture yep certainly so I would say um typically you are you you have to do your patches you have to bring in new versions of operating systems of different Services of uh um operating systems of some components and and they are always bringing new vulnerabilities the difference here is that with node zero we are telling the customer or the partner package we're telling them which are the executable vulnerabilities because previously they might have had um a vulnerability scanner so this vulnerability scanner brought up hundreds or even thousands of cves but didn't say anything about which of them are vulnerable really executable and then you need an expert digging in one cve after the other finding out is it is it really executable yes or no and that is where you need highly paid experts which we have a shortage so with notes here now we can say okay we tell you exactly which ones are the ones you should work on because those are the ones which are executable we rank them accordingly to the risk level how easily they can be used and by a sudden and then the good thing is convert it or indifference to the traditional penetration test they don't have to wait for a year for the next pain test to find out if the fixing was effective they weren't just the next scan and say Yes closed vulnerability is gone the time is really valuable and if you're doing any devops Cloud native you're always pushing new things so pen test ongoing pen testing is actually a benefit just in general as a kind of hygiene so really really interesting solution really bring that global scale is going to be a new new coverage area for us for sure I have to ask you if you don't mind answering what particular region are you focused on or plan to Target for this next phase of growth well at this moment we are concentrating on the countries inside the European Union Plus the United Kingdom um but we are and they are of course logically I'm based into Frankfurt area that means we cover more or less the countries just around so it's like the total dark region Germany Switzerland Austria plus the Netherlands but we also already have Partners in the nordics like in Finland or in Sweden um so it's it's it it's rapidly we have Partners already in the UK and it's rapidly growing so I'm for example we are now starting with some activities in Singapore um um and also in the in the Middle East area um very important we uh depending on let's say the the way how to do business currently we try to concentrate on those countries where we can have um let's say um at least English as an accepted business language great is there any particular region you're having the most success with right now is it sounds like European Union's um kind of first wave what's them yes that's the first definitely that's the first wave and now we're also getting the uh the European instance up and running it's clearly our commitment also to the market saying okay we know there are certain dedicated uh requirements and we take care of this and and we're just launching it we're building up this one uh the instance um in the AWS uh service center here in Frankfurt also with some dedicated Hardware internet in a data center in Frankfurt where we have with the date six by the way uh the highest internet interconnection bandwidth on the planet so we have very short latency to wherever you are on on the globe that's a great that's a great call outfit benefit too I was going to ask that what are some of the benefits your partners are seeing in emea and Asia Pacific well I would say um the the benefits is for them it's clearly they can they can uh talk with customers and can offer customers penetration testing which they before and even didn't think about because it penetrates penetration testing in a traditional way was simply too expensive for them too complex the preparation time was too long um they didn't have even have the capacity uh to um to support a pain an external pain tester now with this service you can go in and say even if they Mr customer we can do a test with you in a couple of minutes within we have installed the docker container within 10 minutes we have the pen test started that's it and then we just wait and and I would say that is we'll we are we are seeing so many aha moments then now because on the partner side when they see node zero the first time working it's like this wow that is great and then they work out to customers and and show it to their typically at the beginning mostly the friendly customers like wow that's great I need that and and I would say um the feedback from the partners is that is a service where I do not have to evangelize the customer everybody understands penetration testing I don't have to say describe what it is they understand the customer understanding immediately yes penetration testing good about that I know I should do it but uh too complex too expensive now with the name is for example as an mssp service provided from one of our partners but it's getting easy yeah it's great and it's great great benefit there I mean I gotta say I'm a huge fan of what you guys are doing I like this continuous automation that's a major benefit to anyone doing devops or any kind of modern application development this is just a godsend for them this is really good and like you said the pen testers that are doing it they were kind of coming down from their expertise to kind of do things that should have been automated they get to focus on the bigger ticket items that's a really big point so we free them we free the pain testers for the higher level elements of the penetration testing segment and that is typically the application testing which is currently far away from being automated yeah and that's where the most critical workloads are and I think this is the nice balance congratulations on the international expansion of the program and thanks for coming on this special presentation really I really appreciate it thank you you're welcome okay this is thecube special presentation you know check out pen test automation International expansion Horizon 3 dot AI uh really Innovative solution in our next segment Chris Hill sector head for strategic accounts will discuss the power of Horizon 3.ai and Splunk in action you're watching the cube the leader in high tech Enterprise coverage foreign [Music] [Music] welcome back everyone to the cube and Horizon 3.ai special presentation I'm John Furrier host of thecube we're with Chris Hill sector head for strategic accounts and federal at Horizon 3.ai a great Innovative company Chris great to see you thanks for coming on thecube yeah like I said uh you know great to meet you John long time listener first time caller so excited to be here with you guys yeah we were talking before camera you had Splunk back in 2013 and I think 2012 was our first splunk.com and boy man you know talk about being in the right place at the right time now we're at another inflection point and Splunk continues to be relevant um and continuing to have that data driving Security in that interplay and your CEO former CTO of his plug as well at Horizon who's been on before really Innovative product you guys have but you know yeah don't wait for a breach to find out if you're logging the right data this is the topic of this thread Splunk is very much part of this new international expansion announcement uh with you guys tell us what are some of the challenges that you see where this is relevant for the Splunk and Horizon AI as you guys expand uh node zero out internationally yeah well so across so you know my role uh within Splunk it was uh working with our most strategic accounts and so I looked back to 2013 and I think about the sales process like working with with our small customers you know it was um it was still very siled back then like I was selling to an I.T team that was either using this for it operations um we generally would always even say yeah although we do security we weren't really designed for it we're a log management tool and we I'm sure you remember back then John we were like sort of stepping into the security space and and the public sector domain that I was in you know security was 70 of what we did when I look back to sort of uh the transformation that I was witnessing in that digital transformation um you know when I look at like 2019 to today you look at how uh the IT team and the security teams are being have been forced to break down those barriers that they used to sort of be silent away would not commute communicate one you know the security guys would be like oh this is my box I.T you're not allowed in today you can't get away with that and I think that the value that we bring to you know and of course Splunk has been a huge leader in that space and continues to do Innovation across the board but I think what we've we're seeing in the space and I was talking with Patrick Coughlin the SVP of uh security markets about this is that you know what we've been able to do with Splunk is build a purpose-built solution that allows Splunk to eat more data so Splunk itself is ulk know it's an ingest engine right the great reason people bought it was you could build these really fast dashboards and grab intelligence out of it but without data it doesn't do anything right so how do you drive and how do you bring more data in and most importantly from a customer perspective how do you bring the right data in and so if you think about what node zero and what we're doing in a horizon 3 is that sure we do pen testing but because we're an autonomous pen testing tool we do it continuously so this whole thought I'd be like oh crud like my customers oh yeah we got a pen test coming up it's gonna be six weeks the week oh yeah you know and everyone's gonna sit on their hands call me back in two months Chris we'll talk to you then right not not a real efficient way to test your environment and shoot we saw that with Uber this week right um you know and that's a case where we could have helped oh just right we could explain the Uber thing because it was a contractor just give a quick highlight of what happened so you can connect the doctor yeah no problem so um it was uh I got I think it was yeah one of those uh you know games where they would try and test an environment um and with the uh pen tester did was he kept on calling them MFA guys being like I need to reset my password we need to set my right password and eventually the um the customer service guy said okay I'm resetting it once he had reset and bypassed the multi-factor authentication he then was able to get in and get access to the building area that he was in or I think not the domain but he was able to gain access to a partial part of that Network he then paralleled over to what I would assume is like a VA VMware or some virtual machine that had notes that had all of the credentials for logging into various domains and So within minutes they had access and that's the sort of stuff that we do you know a lot of these tools like um you know you think about the cacophony of tools that are out there in a GTA architect architecture right I'm gonna get like a z-scale or I'm going to have uh octum and I have a Splunk I've been into the solar system I mean I don't mean to name names we have crowdstriker or Sentinel one in there it's just it's a cacophony of things that don't work together they weren't designed work together and so we have seen so many times in our business through our customer support and just working with customers when we do their pen tests that there will be 5 000 servers out there three are misconfigured those three misconfigurations will create the open door because remember the hacker only needs to be right once the defender needs to be right all the time and that's the challenge and so that's what I'm really passionate about what we're doing uh here at Horizon three I see this my digital transformation migration and security going on which uh we're at the tip of the spear it's why I joined sey Hall coming on this journey uh and just super excited about where the path's going and super excited about the relationship with Splunk I get into more details on some of the specifics of that but um you know well you're nailing I mean we've been doing a lot of things on super cloud and this next gen environment we're calling it next gen you're really seeing devops obviously devsecops has already won the it role has moved to the developer shift left is an indicator of that it's one of the many examples higher velocity code software supply chain you hear these things that means that it is now in the developer hands it is replaced by the new Ops data Ops teams and security where there's a lot of horizontal thinking to your point about access there's no more perimeter huge 100 right is really right on things one time you know to get in there once you're in then you can hang out move around move laterally big problem okay so we get that now the challenges for these teams as they are transitioning organizationally how do they figure out what to do okay this is the next step they already have Splunk so now they're kind of in transition while protecting for a hundred percent ratio of success so how would you look at that and describe the challenge is what do they do what is it what are the teams facing with their data and what's next what are they what are they what action do they take so let's use some vernacular that folks will know so if I think about devsecops right we both know what that means that I'm going to build security into the app it normally talks about sec devops right how am I building security around the perimeter of what's going inside my ecosystem and what are they doing and so if you think about what we're able to do with somebody like Splunk is we can pen test the entire environment from Soup To Nuts right so I'm going to test the end points through to its I'm going to look for misconfigurations I'm going to I'm going to look for um uh credential exposed credentials you know I'm going to look for anything I can in the environment again I'm going to do it at light speed and and what what we're doing for that SEC devops space is to you know did you detect that we were in your environment so did we alert Splunk or the Sim that there's someone in the environment laterally moving around did they more importantly did they log us into their environment and when do they detect that log to trigger that log did they alert on us and then finally most importantly for every CSO out there is going to be did they stop us and so that's how we we do this and I think you when speaking with um stay Hall before you know we've come up with this um boils but we call it fine fix verifying so what we do is we go in is we act as the attacker right we act in a production environment so we're not going to be we're a passive attacker but we will go in on credentialed on agents but we have to assume to have an assumed breach model which means we're going to put a Docker container in your environment and then we're going to fingerprint the environment so we're going to go out and do an asset survey now that's something that's not something that Splunk does super well you know so can Splunk see all the assets do the same assets marry up we're going to log all that data and think and then put load that into this long Sim or the smoke logging tools just to have it in Enterprise right that's an immediate future ad that they've got um and then we've got the fix so once we've completed our pen test um we are then going to generate a report and we can talk about these in a little bit later but the reports will show an executive summary the assets that we found which would be your asset Discovery aspect of that a fix report and the fixed report I think is probably the most important one it will go down and identify what we did how we did it and then how to fix that and then from that the pen tester or the organization should fix those then they go back and run another test and then they validate like a change detection environment to see hey did those fixes taste play take place and you know snehaw when he was the CTO of jsoc he shared with me a number of times about it's like man there would be 15 more items on next week's punch sheet that we didn't know about and it's and it has to do with how we you know how they were uh prioritizing the cves and whatnot because they would take all CBDs it was critical or non-critical and it's like we are able to create context in that environment that feeds better information into Splunk and whatnot that brings that brings up the efficiency for Splunk specifically the teams out there by the way the burnout thing is real I mean this whole I just finished my list and I got 15 more or whatever the list just can keeps growing how did node zero specifically help Splunk teams be more efficient like that's the question I want to get at because this seems like a very scale way for Splunk customers and teams service teams to be more so the question is how does node zero help make Splunk specifically their service teams be more efficient so so today in our early interactions we're building customers we've seen are five things um and I'll start with sort of identifying the blind spots right so kind of what I just talked about with you did we detect did we log did we alert did they stop node zero right and so I would I put that you know a more Layman's third grade term and if I was going to beat a fifth grader at this game would be we can be the sparring partner for a Splunk Enterprise customer a Splunk Essentials customer someone using Splunk soar or even just an Enterprise Splunk customer that may be a small shop with three people and just wants to know where am I exposed so by creating and generating these reports and then having um the API that actually generates the dashboard they can take all of these events that we've logged and log them in and then where that then comes in is number two is how do we prioritize those logs right so how do we create visibility to logs that that um are have critical impacts and again as I mentioned earlier not all cves are high impact regard and also not all or low right so if you daisy chain a bunch of low cves together boom I've got a mission critical AP uh CPE that needs to be fixed now such as a credential moving to an NT box that's got a text file with a bunch of passwords on it that would be very bad um and then third would be uh verifying that you have all of the hosts so one of the things that splunk's not particularly great at and they'll literate themselves they don't do asset Discovery so dude what assets do we see and what are they logging from that um and then for from um for every event that they are able to identify one of the cool things that we can do is actually create this low code no code environment so they could let you know Splunk customers can use Splunk sword to actually triage events and prioritize that event so where they're being routed within it to optimize the Sox team time to Market or time to triage any given event obviously reducing MTR and then finally I think one of the neatest things that we'll be seeing us develop is um our ability to build glass cables so behind me you'll see one of our triage events and how we build uh a Lockheed Martin kill chain on that with a glass table which is very familiar to the community we're going to have the ability and not too distant future to allow people to search observe on those iocs and if people aren't familiar with it ioc it's an instant of a compromise so that's a vector that we want to drill into and of course who's better at Drilling in the data and smoke yeah this is a critter this is an awesome Synergy there I mean I can see a Splunk customer going man this just gives me so much more capability action actionability and also real understanding and I think this is what I want to dig into if you don't mind understanding that critical impact okay is kind of where I see this coming got the data data ingest now data's data but the question is what not to log you know where are things misconfigured these are critical questions so can you talk about what it means to understand critical impact yeah so I think you know going back to the things that I just spoke about a lot of those cves where you'll see um uh low low low and then you daisy chain together and they're suddenly like oh this is high now but then your other impact of like if you're if you're a Splunk customer you know and I had it I had several of them I had one customer that you know terabytes of McAfee data being brought in and it was like all right there's a lot of other data that you probably also want to bring but they could only afford wanted to do certain data sets because that's and they didn't know how to prioritize or filter those data sets and so we provide that opportunity to say hey these are the critical ones to bring in but there's also the ones that you don't necessarily need to bring in because low cve in this case really does mean low cve like an ILO server would be one that um that's the print server uh where the uh your admin credentials are on on like a printer and so there will be credentials on that that's something that a hacker might go in to look at so although the cve on it is low is if you daisy chain with somebody that's able to get into that you might say Ah that's high and we would then potentially rank it giving our AI logic to say that's a moderate so put it on the scale and we prioritize those versus uh of all of these scanners just going to give you a bunch of CDs and good luck and translating that if I if I can and tell me if I'm wrong that kind of speaks to that whole lateral movement that's it challenge right print serve a great example looks stupid low end who's going to want to deal with the print server oh but it's connected into a critical system there's a path is that kind of what you're getting at yeah I use Daisy Chain I think that's from the community they came from uh but it's just a lateral movement it's exactly what they're doing in those low level low critical lateral movements is where the hackers are getting in right so that's the beauty thing about the uh the Uber example is that who would have thought you know I've got my monthly Factor authentication going in a human made a mistake we can't we can't not expect humans to make mistakes we're fallible right the reality is is once they were in the environment they could have protected themselves by running enough pen tests to know that they had certain uh exposed credentials that would have stopped the breach and they did not had not done that in their environment and I'm not poking yeah but it's an interesting Trend though I mean it's obvious if sometimes those low end items are also not protected well so it's easy to get at from a hacker standpoint but also the people in charge of them can be fished easily or spearfished because they're not paying attention because they don't have to no one ever told them hey be careful yeah for the community that I came from John that's exactly how they they would uh meet you at a uh an International Event um introduce themselves as a graduate student these are National actor States uh would you mind reviewing my thesis on such and such and I was at Adobe at the time that I was working on this instead of having to get the PDF they opened the PDF and whoever that customer was launches and I don't know if you remember back in like 2008 time frame there was a lot of issues around IP being by a nation state being stolen from the United States and that's exactly how they did it and John that's or LinkedIn hey I want to get a joke we want to hire you double the salary oh I'm gonna click on that for sure you know yeah right exactly yeah the one thing I would say to you is like uh when we look at like sort of you know because I think we did 10 000 pen tests last year is it's probably over that now you know we have these sort of top 10 ways that we think and find people coming into the environment the funniest thing is that only one of them is a cve related vulnerability like uh you know you guys know what they are right so it's it but it's it's like two percent of the attacks are occurring through the cves but yeah there's all that attention spent to that and very little attention spent to this pen testing side which is sort of this continuous threat you know monitoring space and and this vulnerability space where I think we play a such an important role and I'm so excited to be a part of the tip of the spear on this one yeah I'm old enough to know the movie sneakers which I loved as a you know watching that movie you know professional hackers are testing testing always testing the environment I love this I got to ask you as we kind of wrap up here Chris if you don't mind the the benefits to Professional Services from this Alliance big news Splunk and you guys work well together we see that clearly what are what other benefits do Professional Services teams see from the Splunk and Horizon 3.ai Alliance so if you're I think for from our our from both of our uh Partners uh as we bring these guys together and many of them already are the same partner right uh is that uh first off the licensing model is probably one of the key areas that we really excel at so if you're an end user you can buy uh for the Enterprise by the number of IP addresses you're using um but uh if you're a partner working with this there's solution ways that you can go in and we'll license as to msps and what that business model on msps looks like but the unique thing that we do here is this C plus license and so the Consulting plus license allows like a uh somebody a small to mid-sized to some very large uh you know Fortune 100 uh consulting firms use this uh by buying into a license called um Consulting plus where they can have unlimited uh access to as many IPS as they want but you can only run one test at a time and as you can imagine when we're going and hacking passwords and um checking hashes and decrypting hashes that can take a while so but for the right customer it's it's a perfect tool and so I I'm so excited about our ability to go to market with uh our partners so that we understand ourselves understand how not to just sell to or not tell just to sell through but we know how to sell with them as a good vendor partner I think that that's one thing that we've done a really good job building bring it into the market yeah I think also the Splunk has had great success how they've enabled uh partners and Professional Services absolutely you know the services that layer on top of Splunk are multi-fold tons of great benefits so you guys Vector right into that ride that way with friction and and the cool thing is that in you know in one of our reports which could be totally customized uh with someone else's logo we're going to generate you know so I I used to work in another organization it wasn't Splunk but we we did uh you know pen testing as for for customers and my pen testers would come on site they'd do the engagement and they would leave and then another release someone would be oh shoot we got another sector that was breached and they'd call you back you know four weeks later and so by August our entire pen testings teams would be sold out and it would be like well even in March maybe and they're like no no I gotta breach now and and and then when they do go in they go through do the pen test and they hand over a PDF and they pack on the back and say there's where your problems are you need to fix it and the reality is that what we're going to generate completely autonomously with no human interaction is we're going to go and find all the permutations of anything we found and the fix for those permutations and then once you've fixed everything you just go back and run another pen test it's you know for what people pay for one pen test they can have a tool that does that every every Pat patch on Tuesday and that's on Wednesday you know triage throughout the week green yellow red I wanted to see the colors show me green green is good right not red and one CIO doesn't want who doesn't want that dashboard right it's it's exactly it and we can help bring I think that you know I'm really excited about helping drive this with the Splunk team because they get that they understand that it's the green yellow red dashboard and and how do we help them find more green uh so that the other guys are in red yeah and get in the data and do the right thing and be efficient with how you use the data know what to look at so many things to pay attention to you know the combination of both and then go to market strategy real brilliant congratulations Chris thanks for coming on and sharing um this news with the detail around the Splunk in action around the alliance thanks for sharing John my pleasure thanks look forward to seeing you soon all right great we'll follow up and do another segment on devops and I.T and security teams as the new new Ops but and super cloud a bunch of other stuff so thanks for coming on and our next segment the CEO of horizon 3.aa will break down all the new news for us here on thecube you're watching thecube the leader in high tech Enterprise coverage [Music] yeah the partner program for us has been fantastic you know I think prior to that you know as most organizations most uh uh most Farmers most mssps might not necessarily have a a bench at all for penetration testing uh maybe they subcontract this work out or maybe they do it themselves but trying to staff that kind of position can be incredibly difficult for us this was a differentiator a a new a new partner a new partnership that allowed us to uh not only perform services for our customers but be able to provide a product by which that they can do it themselves so we work with our customers in a variety of ways some of them want more routine testing and perform this themselves but we're also a certified service provider of horizon 3 being able to perform uh penetration tests uh help review the the data provide color provide analysis for our customers in a broader sense right not necessarily the the black and white elements of you know what was uh what's critical what's high what's medium what's low what you need to fix but are there systemic issues this has allowed us to onboard new customers this has allowed us to migrate some penetration testing services to us from from competitors in the marketplace But ultimately this is occurring because the the product and the outcome are special they're unique and they're effective our customers like what they're seeing they like the routineness of it many of them you know again like doing this themselves you know being able to kind of pen test themselves parts of their networks um and the the new use cases right I'm a large organization I have eight to ten Acquisitions per year wouldn't it be great to have a tool to be able to perform a penetration test both internal and external of that acquisition before we integrate the two companies and maybe bringing on some risk it's a very effective partnership uh one that really is uh kind of taken our our Engineers our account Executives by storm um you know this this is a a partnership that's been very valuable to us [Music] a key part of the value and business model at Horizon 3 is enabling Partners to leverage node zero to make more revenue for themselves our goal is that for sixty percent of our Revenue this year will be originated by partners and that 95 of our Revenue next year will be originated by partners and so a key to that strategy is making us an integral part of your business models as a partner a key quote from one of our partners is that we enable every one of their business units to generate Revenue so let's talk about that in a little bit more detail first is that if you have a pen test Consulting business take Deloitte as an example what was six weeks of human labor at Deloitte per pen test has been cut down to four days of Labor using node zero to conduct reconnaissance find all the juicy interesting areas of the of the Enterprise that are exploitable and being able to go assess the entire organization and then all of those details get served up to the human to be able to look at understand and determine where to probe deeper so what you see in that pen test Consulting business is that node zero becomes a force multiplier where those Consulting teams were able to cover way more accounts and way more IPS within those accounts with the same or fewer consultants and so that directly leads to profit margin expansion for the Penn testing business itself because node 0 is a force multiplier the second business model here is if you're an mssp as an mssp you're already making money providing defensive cyber security operations for a large volume of customers and so what they do is they'll license node zero and use us as an upsell to their mssb business to start to deliver either continuous red teaming continuous verification or purple teaming as a service and so in that particular business model they've got an additional line of Revenue where they can increase the spend of their existing customers by bolting on node 0 as a purple team as a service offering the third business model or customer type is if you're an I.T services provider so as an I.T services provider you make money installing and configuring security products like Splunk or crowdstrike or hemio you also make money reselling those products and you also make money generating follow-on services to continue to harden your customer environments and so for them what what those it service providers will do is use us to verify that they've installed Splunk correctly improved to their customer that Splunk was installed correctly or crowdstrike was installed correctly using our results and then use our results to drive follow-on services and revenue and then finally we've got the value-added reseller which is just a straight up reseller because of how fast our sales Cycles are these vars are able to typically go from cold email to deal close in six to eight weeks at Horizon 3 at least a single sales engineer is able to run 30 to 50 pocs concurrently because our pocs are very lightweight and don't require any on-prem customization or heavy pre-sales post sales activity so as a result we're able to have a few amount of sellers driving a lot of Revenue and volume for us well the same thing applies to bars there isn't a lot of effort to sell the product or prove its value so vars are able to sell a lot more Horizon 3 node zero product without having to build up a huge specialist sales organization so what I'm going to do is talk through uh scenario three here as an I.T service provider and just how powerful node zero can be in driving additional Revenue so in here think of for every one dollar of node zero license purchased by the IT service provider to do their business it'll generate ten dollars of additional revenue for that partner so in this example kidney group uses node 0 to verify that they have installed and deployed Splunk correctly so Kitty group is a Splunk partner they they sell it services to install configure deploy and maintain Splunk and as they deploy Splunk they're going to use node 0 to attack the environment and make sure that the right logs and alerts and monitoring are being handled within the Splunk deployment so it's a way of doing QA or verifying that Splunk has been configured correctly and that's going to be internally used by kidney group to prove the quality of their services that they've just delivered then what they're going to do is they're going to show and leave behind that node zero Report with their client and that creates a resell opportunity for for kidney group to resell node 0 to their client because their client is seeing the reports and the results and saying wow this is pretty amazing and those reports can be co-branded where it's a pen testing report branded with kidney group but it says powered by Horizon three under it from there kidney group is able to take the fixed actions report that's automatically generated with every pen test through node zero and they're able to use that as the starting point for a statement of work to sell follow-on services to fix all of the problems that node zero identified fixing l11r misconfigurations fixing or patching VMware or updating credentials policies and so on so what happens is node 0 has found a bunch of problems the client often lacks the capacity to fix and so kidney group can use that lack of capacity by the client as a follow-on sales opportunity for follow-on services and finally based on the findings from node zero kidney group can look at that report and say to the customer you know customer if you bought crowdstrike you'd be able to uh prevent node Zero from attacking and succeeding in the way that it did for if you bought humano or if you bought Palo Alto networks or if you bought uh some privileged access management solution because of what node 0 was able to do with credential harvesting and attacks and so as a result kidney group is able to resell other security products within their portfolio crowdstrike Falcon humano Polito networks demisto Phantom and so on based on the gaps that were identified by node zero and that pen test and what that creates is another feedback loop where kidney group will then go use node 0 to verify that crowdstrike product has actually been installed and configured correctly and then this becomes the cycle of using node 0 to verify a deployment using that verification to drive a bunch of follow-on services and resell opportunities which then further drives more usage of the product now the way that we licensed is that it's a usage-based license licensing model so that the partner will grow their node zero Consulting plus license as they grow their business so for example if you're a kidney group then week one you've got you're going to use node zero to verify your Splunk install in week two if you have a pen testing business you're going to go off and use node zero to be a force multiplier for your pen testing uh client opportunity and then if you have an mssp business then in week three you're going to use node zero to go execute a purple team mssp offering for your clients so not necessarily a kidney group but if you're a Deloitte or ATT these larger companies and you've got multiple lines of business if you're Optive for instance you all you have to do is buy one Consulting plus license and you're going to be able to run as many pen tests as you want sequentially so now you can buy a single license and use that one license to meet your week one client commitments and then meet your week two and then meet your week three and as you grow your business you start to run multiple pen tests concurrently so in week one you've got to do a Splunk verify uh verify Splunk install and you've got to run a pen test and you've got to do a purple team opportunity you just simply expand the number of Consulting plus licenses from one license to three licenses and so now as you systematically grow your business you're able to grow your node zero capacity with you giving you predictable cogs predictable margins and once again 10x additional Revenue opportunity for that investment in the node zero Consulting plus license my name is Saint I'm the co-founder and CEO here at Horizon 3. I'm going to talk to you today about why it's important to look at your Enterprise Through The Eyes of an attacker the challenge I had when I was a CIO in banking the CTO at Splunk and serving within the Department of Defense is that I had no idea I was Secure until the bad guys had showed up am I logging the right data am I fixing the right vulnerabilities are my security tools that I've paid millions of dollars for actually working together to defend me and the answer is I don't know does my team actually know how to respond to a breach in the middle of an incident I don't know I've got to wait for the bad guys to show up and so the challenge I had was how do we proactively verify our security posture I tried a variety of techniques the first was the use of vulnerability scanners and the challenge with vulnerability scanners is being vulnerable doesn't mean you're exploitable I might have a hundred thousand findings from my scanner of which maybe five or ten can actually be exploited in my environment the other big problem with scanners is that they can't chain weaknesses together from machine to machine so if you've got a thousand machines in your environment or more what a vulnerability scanner will do is tell you you have a problem on machine one and separately a problem on machine two but what they can tell you is that an attacker could use a load from machine one plus a low from machine two to equal to critical in your environment and what attackers do in their tactics is they chain together misconfigurations dangerous product defaults harvested credentials and exploitable vulnerabilities into attack paths across different machines so to address the attack pads across different machines I tried layering in consulting-based pen testing and the issue is when you've got thousands of hosts or hundreds of thousands of hosts in your environment human-based pen testing simply doesn't scale to test an infrastructure of that size moreover when they actually do execute a pen test and you get the report oftentimes you lack the expertise within your team to quickly retest to verify that you've actually fixed the problem and so what happens is you end up with these pen test reports that are incomplete snapshots and quickly going stale and then to mitigate that problem I tried using breach and attack simulation tools and the struggle with these tools is one I had to install credentialed agents everywhere two I had to write my own custom attack scripts that I didn't have much talent for but also I had to maintain as my environment changed and then three these types of tools were not safe to run against production systems which was the the majority of my attack surface so that's why we went off to start Horizon 3. so Tony and I met when we were in Special Operations together and the challenge we wanted to solve was how do we do infrastructure security testing at scale by giving the the power of a 20-year pen testing veteran into the hands of an I.T admin a network engineer in just three clicks and the whole idea is we enable these fixers The Blue Team to be able to run node Zero Hour pen testing product to quickly find problems in their environment that blue team will then then go off and fix the issues that were found and then they can quickly rerun the attack to verify that they fixed the problem and the whole idea is delivering this without requiring custom scripts be developed without requiring credential agents be installed and without requiring the use of external third-party consulting services or Professional Services self-service pen testing to quickly Drive find fix verify there are three primary use cases that our customers use us for the first is the sock manager that uses us to verify that their security tools are actually effective to verify that they're logging the right data in Splunk or in their Sim to verify that their managed security services provider is able to quickly detect and respond to an attack and hold them accountable for their slas or that the sock understands how to quickly detect and respond and measuring and verifying that or that the variety of tools that you have in your stack most organizations have 130 plus cyber security tools none of which are designed to work together are actually working together the second primary use case is proactively hardening and verifying your systems this is when the I that it admin that network engineer they're able to run self-service pen tests to verify that their Cisco environment is installed in hardened and configured correctly or that their credential policies are set up right or that their vcenter or web sphere or kubernetes environments are actually designed to be secure and what this allows the it admins and network Engineers to do is shift from running one or two pen tests a year to 30 40 or more pen tests a month and you can actually wire those pen tests into your devops process or into your detection engineering and the change management processes to automatically trigger pen tests every time there's a change in your environment the third primary use case is for those organizations lucky enough to have their own internal red team they'll use node zero to do reconnaissance and exploitation at scale and then use the output as a starting point for the humans to step in and focus on the really hard juicy stuff that gets them on stage at Defcon and so these are the three primary use cases and what we'll do is zoom into the find fix verify Loop because what I've found in my experience is find fix verify is the future operating model for cyber security organizations and what I mean here is in the find using continuous pen testing what you want to enable is on-demand self-service pen tests you want those pen tests to find attack pads at scale spanning your on-prem infrastructure your Cloud infrastructure and your perimeter because attackers don't only state in one place they will find ways to chain together a perimeter breach a credential from your on-prem to gain access to your cloud or some other permutation and then the third part in continuous pen testing is attackers don't focus on critical vulnerabilities anymore they know we've built vulnerability Management Programs to reduce those vulnerabilities so attackers have adapted and what they do is chain together misconfigurations in your infrastructure and software and applications with dangerous product defaults with exploitable vulnerabilities and through the collection of credentials through a mix of techniques at scale once you've found those problems the next question is what do you do about it well you want to be able to prioritize fixing problems that are actually exploitable in your environment that truly matter meaning they're going to lead to domain compromise or domain user compromise or access your sensitive data the second thing you want to fix is making sure you understand what risk your crown jewels data is exposed to where is your crown jewels data is in the cloud is it on-prem has it been copied to a share drive that you weren't aware of if a domain user was compromised could they access that crown jewels data you want to be able to use the attacker's perspective to secure the critical data you have in your infrastructure and then finally as you fix these problems you want to quickly remediate and retest that you've actually fixed the issue and this fine fix verify cycle becomes that accelerator that drives purple team culture the third part here is verify and what you want to be able to do in the verify step is verify that your security tools and processes in people can effectively detect and respond to a breach you want to be able to integrate that into your detection engineering processes so that you know you're catching the right security rules or that you've deployed the right configurations you also want to make sure that your environment is adhering to the best practices around systems hardening in cyber resilience and finally you want to be able to prove your security posture over a time to your board to your leadership into your regulators so what I'll do now is zoom into each of these three steps so when we zoom in to find here's the first example using node 0 and autonomous pen testing and what an attacker will do is find a way to break through the perimeter in this example it's very easy to misconfigure kubernetes to allow an attacker to gain remote code execution into your on-prem kubernetes environment and break through the perimeter and from there what the attacker is going to do is conduct Network reconnaissance and then find ways to gain code execution on other machines in the environment and as they get code execution they start to dump credentials collect a bunch of ntlm hashes crack those hashes using open source and dark web available data as part of those attacks and then reuse those credentials to log in and laterally maneuver throughout the environment and then as they loudly maneuver they can reuse those credentials and use credential spraying techniques and so on to compromise your business email to log in as admin into your cloud and this is a very common attack and rarely is a CV actually needed to execute this attack often it's just a misconfiguration in kubernetes with a bad credential policy or password policy combined with bad practices of credential reuse across the organization here's another example of an internal pen test and this is from an actual customer they had 5 000 hosts within their environment they had EDR and uba tools installed and they initiated in an internal pen test on a single machine from that single initial access point node zero enumerated the network conducted reconnaissance and found five thousand hosts were accessible what node 0 will do under the covers is organize all of that reconnaissance data into a knowledge graph that we call the Cyber terrain map and that cyber Terrain map becomes the key data structure that we use to efficiently maneuver and attack and compromise your environment so what node zero will do is they'll try to find ways to get code execution reuse credentials and so on in this customer example they had Fortinet installed as their EDR but node 0 was still able to get code execution on a Windows machine from there it was able to successfully dump credentials including sensitive credentials from the lsas process on the Windows box and then reuse those credentials to log in as domain admin in the network and once an attacker becomes domain admin they have the keys to the kingdom they can do anything they want so what happened here well it turns out Fortinet was misconfigured on three out of 5000 machines bad automation the customer had no idea this had happened they would have had to wait for an attacker to show up to realize that it was misconfigured the second thing is well why didn't Fortinet stop the credential pivot in the lateral movement and it turned out the customer didn't buy the right modules or turn on the right services within that particular product and we see this not only with Ford in it but we see this with Trend Micro and all the other defensive tools where it's very easy to miss a checkbox in the configuration that will do things like prevent credential dumping the next story I'll tell you is attackers don't have to hack in they log in so another infrastructure pen test a typical technique attackers will take is man in the middle uh attacks that will collect hashes so in this case what an attacker will do is leverage a tool or technique called responder to collect ntlm hashes that are being passed around the network and there's a variety of reasons why these hashes are passed around and it's a pretty common misconfiguration but as an attacker collects those hashes then they start to apply techniques to crack those hashes so they'll pass the hash and from there they will use open source intelligence common password structures and patterns and other types of techniques to try to crack those hashes into clear text passwords so here node 0 automatically collected hashes it automatically passed the hashes to crack those credentials and then from there it starts to take the domain user user ID passwords that it's collected and tries to access different services and systems in your Enterprise in this case node 0 is able to successfully gain access to the Office 365 email environment because three employees didn't have MFA configured so now what happens is node 0 has a placement and access in the business email system which sets up the conditions for fraud lateral phishing and other techniques but what's especially insightful here is that 80 of the hashes that were collected in this pen test were cracked in 15 minutes or less 80 percent 26 of the user accounts had a password that followed a pretty obvious pattern first initial last initial and four random digits the other thing that was interesting is 10 percent of service accounts had their user ID the same as their password so VMware admin VMware admin web sphere admin web Square admin so on and so forth and so attackers don't have to hack in they just log in with credentials that they've collected the next story here is becoming WS AWS admin so in this example once again internal pen test node zero gets initial access it discovers 2 000 hosts are network reachable from that environment if fingerprints and organizes all of that data into a cyber Terrain map from there it it fingerprints that hpilo the integrated lights out service was running on a subset of hosts hpilo is a service that is often not instrumented or observed by security teams nor is it easy to patch as a result attackers know this and immediately go after those types of services so in this case that ILO service was exploitable and were able to get code execution on it ILO stores all the user IDs and passwords in clear text in a particular set of processes so once we gain code execution we were able to dump all of the credentials and then from there laterally maneuver to log in to the windows box next door as admin and then on that admin box we're able to gain access to the share drives and we found a credentials file saved on a share Drive from there it turned out that credentials file was the AWS admin credentials file giving us full admin authority to their AWS accounts not a single security alert was triggered in this attack because the customer wasn't observing the ILO service and every step thereafter was a valid login in the environment and so what do you do step one patch the server step two delete the credentials file from the share drive and then step three is get better instrumentation on privileged access users and login the final story I'll tell is a typical pattern that we see across the board with that combines the various techniques I've described together where an attacker is going to go off and use open source intelligence to find all of the employees that work at your company from there they're going to look up those employees on dark web breach databases and other forms of information and then use that as a starting point to password spray to compromise a domain user all it takes is one employee to reuse a breached password for their Corporate email or all it takes is a single employee to have a weak password that's easily guessable all it takes is one and once the attacker is able to gain domain user access in most shops domain user is also the local admin on their laptop and once your local admin you can dump Sam and get local admin until M hashes you can use that to reuse credentials again local admin on neighboring machines and attackers will start to rinse and repeat then eventually they're able to get to a point where they can dump lsas or by unhooking the anti-virus defeating the EDR or finding a misconfigured EDR as we've talked about earlier to compromise the domain and what's consistent is that the fundamentals are broken at these shops they have poor password policies they don't have least access privilege implemented active directory groups are too permissive where domain admin or domain user is also the local admin uh AV or EDR Solutions are misconfigured or easily unhooked and so on and what we found in 10 000 pen tests is that user Behavior analytics tools never caught us in that lateral movement in part because those tools require pristine logging data in order to work and also it becomes very difficult to find that Baseline of normal usage versus abnormal usage of credential login another interesting Insight is there were several Marquee brand name mssps that were defending our customers environment and for them it took seven hours to detect and respond to the pen test seven hours the pen test was over in less than two hours and so what you had was an egregious violation of the service level agreements that that mssp had in place and the customer was able to use us to get service credit and drive accountability of their sock and of their provider the third interesting thing is in one case it took us seven minutes to become domain admin in a bank that bank had every Gucci security tool you could buy yet in 7 minutes and 19 seconds node zero started as an unauthenticated member of the network and was able to escalate privileges through chaining and misconfigurations in lateral movement and so on to become domain admin if it's seven minutes today we should assume it'll be less than a minute a year or two from now making it very difficult for humans to be able to detect and respond to that type of Blitzkrieg attack so that's in the find it's not just about finding problems though the bulk of the effort should be what to do about it the fix and the verify so as you find those problems back to kubernetes as an example we will show you the path here is the kill chain we took to compromise that environment we'll show you the impact here is the impact or here's the the proof of exploitation that we were able to use to be able to compromise it and there's the actual command that we executed so you could copy and paste that command and compromise that cubelet yourself if you want and then the impact is we got code execution and we'll actually show you here is the impact this is a critical here's why it enabled perimeter breach affected applications will tell you the specific IPS where you've got the problem how it maps to the miter attack framework and then we'll tell you exactly how to fix it we'll also show you what this problem enabled so you can accurately prioritize why this is important or why it's not important the next part is accurate prioritization the hardest part of my job as a CIO was deciding what not to fix so if you take SMB signing not required as an example by default that CVSs score is a one out of 10. but this misconfiguration is not a cve it's a misconfig enable an attacker to gain access to 19 credentials including one domain admin two local admins and access to a ton of data because of that context this is really a 10 out of 10. you better fix this as soon as possible however of the seven occurrences that we found it's only a critical in three out of the seven and these are the three specific machines and we'll tell you the exact way to fix it and you better fix these as soon as possible for these four machines over here these didn't allow us to do anything of consequence so that because the hardest part is deciding what not to fix you can justifiably choose not to fix these four issues right now and just add them to your backlog and surge your team to fix these three as quickly as possible and then once you fix these three you don't have to re-run the entire pen test you can select these three and then one click verify and run a very narrowly scoped pen test that is only testing this specific issue and what that creates is a much faster cycle of finding and fixing problems the other part of fixing is verifying that you don't have sensitive data at risk so once we become a domain user we're able to use those domain user credentials and try to gain access to databases file shares S3 buckets git repos and so on and help you understand what sensitive data you have at risk so in this example a green checkbox means we logged in as a valid domain user we're able to get read write access on the database this is how many records we could have accessed and we don't actually look at the values in the database but we'll show you the schema so you can quickly characterize that pii data was at risk here and we'll do that for your file shares and other sources of data so now you can accurately articulate the data you have at risk and prioritize cleaning that data up especially data that will lead to a fine or a big news issue so that's the find that's the fix now we're going to talk about the verify the key part in verify is embracing and integrating with detection engineering practices so when you think about your layers of security tools you've got lots of tools in place on average 130 tools at any given customer but these tools were not designed to work together so when you run a pen test what you want to do is say did you detect us did you log us did you alert on us did you stop us and from there what you want to see is okay what are the techniques that are commonly used to defeat an environment to actually compromise if you look at the top 10 techniques we use and there's far more than just these 10 but these are the most often executed nine out of ten have nothing to do with cves it has to do with misconfigurations dangerous product defaults bad credential policies and it's how we chain those together to become a domain admin or compromise a host so what what customers will do is every single attacker command we executed is provided to you as an attackivity log so you can actually see every single attacker command we ran the time stamp it was executed the hosts it executed on and how it Maps the minor attack tactics so our customers will have are these attacker logs on one screen and then they'll go look into Splunk or exabeam or Sentinel one or crowdstrike and say did you detect us did you log us did you alert on us or not and to make that even easier if you take this example hey Splunk what logs did you see at this time on the VMware host because that's when node 0 is able to dump credentials and that allows you to identify and fix your logging blind spots to make that easier we've got app integration so this is an actual Splunk app in the Splunk App Store and what you can come is inside the Splunk console itself you can fire up the Horizon 3 node 0 app all of the pen test results are here so that you can see all of the results in one place and you don't have to jump out of the tool and what you'll show you as I skip forward is hey there's a pen test here are the critical issues that we've identified for that weaker default issue here are the exact commands we executed and then we will automatically query into Splunk all all terms on between these times on that endpoint that relate to this attack so you can now quickly within the Splunk environment itself figure out that you're missing logs or that you're appropriately catching this issue and that becomes incredibly important in that detection engineering cycle that I mentioned earlier so how do our customers end up using us they shift from running one pen test a year to 30 40 pen tests a month oftentimes wiring us into their deployment automation to automatically run pen tests the other part that they'll do is as they run more pen tests they find more issues but eventually they hit this inflection point where they're able to rapidly clean up their environment and that inflection point is because the red and the blue teams start working together in a purple team culture and now they're working together to proactively harden their environment the other thing our customers will do is run us from different perspectives they'll first start running an RFC 1918 scope to see once the attacker gained initial access in a part of the network that had wide access what could they do and then from there they'll run us within a specific Network segment okay from within that segment could the attacker break out and gain access to another segment then they'll run us from their work from home environment could they Traverse the VPN and do something damaging and once they're in could they Traverse the VPN and get into my cloud then they'll break in from the outside all of these perspectives are available to you in Horizon 3 and node zero as a single SKU and you can run as many pen tests as you want if you run a phishing campaign and find that an intern in the finance department had the worst phishing behavior you can then inject their credentials and actually show the end-to-end story of how an attacker fished gained credentials of an intern and use that to gain access to sensitive financial data so what our customers end up doing is running multiple attacks from multiple perspectives and looking at those results over time I'll leave you two things one is what is the AI in Horizon 3 AI those knowledge graphs are the heart and soul of everything that we do and we use machine learning reinforcement techniques reinforcement learning techniques Markov decision models and so on to be able to efficiently maneuver and analyze the paths in those really large graphs we also use context-based scoring to prioritize weaknesses and we're also able to drive collective intelligence across all of the operations so the more pen tests we run the smarter we get and all of that is based on our knowledge graph analytics infrastructure that we have finally I'll leave you with this was my decision criteria when I was a buyer for my security testing strategy what I cared about was coverage I wanted to be able to assess my on-prem cloud perimeter and work from home and be safe to run in production I want to be able to do that as often as I wanted I want to be able to run pen tests in hours or days not weeks or months so I could accelerate that fine fix verify loop I wanted my it admins and network Engineers with limited offensive experience to be able to run a pen test in a few clicks through a self-service experience and not have to install agent and not have to write custom scripts and finally I didn't want to get nickeled and dimed on having to buy different types of attack modules or different types of attacks I wanted a single annual subscription that allowed me to run any type of attack as often as I wanted so I could look at my Trends in directions over time so I hope you found this talk valuable uh we're easy to find and I look forward to seeing seeing you use a product and letting our results do the talking when you look at uh you know kind of the way no our pen testing algorithms work is we dynamically select uh how to compromise an environment based on what we've discovered and the goal is to become a domain admin compromise a host compromise domain users find ways to encrypt data steal sensitive data and so on but when you look at the the top 10 techniques that we ended up uh using to compromise environments the first nine have nothing to do with cves and that's the reality cves are yes a vector but less than two percent of cves are actually used in a compromise oftentimes it's some sort of credential collection credential cracking uh credential pivoting and using that to become an admin and then uh compromising environments from that point on so I'll leave this up for you to kind of read through and you'll have the slides available for you but I found it very insightful that organizations and ourselves when I was a GE included invested heavily in just standard vulnerability Management Programs when I was at DOD that's all disa cared about asking us about was our our kind of our cve posture but the attackers have adapted to not rely on cves to get in because they know that organizations are actively looking at and patching those cves and instead they're chaining together credentials from one place with misconfigurations and dangerous product defaults in another to take over an environment a concrete example is by default vcenter backups are not encrypted and so as if an attacker finds vcenter what they'll do is find the backup location and there are specific V sender MTD files where the admin credentials are parsippled in the binaries so you can actually as an attacker find the right MTD file parse out the binary and now you've got the admin credentials for the vcenter environment and now start to log in as admin there's a bad habit by signal officers and Signal practitioners in the in the Army and elsewhere where the the VM notes section of a virtual image has the password for the VM well those VM notes are not stored encrypted and attackers know this and they're able to go off and find the VMS that are unencrypted find the note section and pull out the passwords for those images and then reuse those credentials across the board so I'll pause here and uh you know Patrick love you get some some commentary on on these techniques and other things that you've seen and what we'll do in the last say 10 to 15 minutes is uh is rolled through a little bit more on what do you do about it yeah yeah no I love it I think um I think this is pretty exhaustive what I like about what you've done here is uh you know we've seen we've seen double-digit increases in the number of organizations that are reporting actual breaches year over year for the last um for the last three years and it's often we kind of in the Zeitgeist we pegged that on ransomware which of course is like incredibly important and very top of mind um but what I like about what you have here is you know we're reminding the audience that the the attack surface area the vectors the matter um you know has to be more comprehensive than just thinking about ransomware scenarios yeah right on um so let's build on this when you think about your defense in depth you've got multiple security controls that you've purchased and integrated and you've got that redundancy if a control fails but the reality is that these security tools aren't designed to work together so when you run a pen test what you want to ask yourself is did you detect node zero did you log node zero did you alert on node zero and did you stop node zero and when you think about how to do that every single attacker command executed by node zero is available in an attacker log so you can now see you know at the bottom here vcenter um exploit at that time on that IP how it aligns to minor attack what you want to be able to do is go figure out did your security tools catch this or not and that becomes very important in using the attacker's perspective to improve your defensive security controls and so the way we've tried to make this easier back to like my my my the you know I bleed Green in many ways still from my smoke background is you want to be able to and what our customers do is hey we'll look at the attacker logs on one screen and they'll look at what did Splunk see or Miss in another screen and then they'll use that to figure out what their logging blind spots are and what that where that becomes really interesting is we've actually built out an integration into Splunk where there's a Splunk app you can download off of Splunk base and you'll get all of the pen test results right there in the Splunk console and from that Splunk console you're gonna be able to see these are all the pen tests that were run these are the issues that were found um so you can look at that particular pen test here are all of the weaknesses that were identified for that particular pen test and how they categorize out for each of those weaknesses you can click on any one of them that are critical in this case and then we'll tell you for that weakness and this is where where the the punch line comes in so I'll pause the video here for that weakness these are the commands that were executed on these endpoints at this time and then we'll actually query Splunk for that um for that IP address or containing that IP and these are the source types that surface any sort of activity so what we try to do is help you as quickly and efficiently as possible identify the logging blind spots in your Splunk environment based on the attacker's perspective so as this video kind of plays through you can see it Patrick I'd love to get your thoughts um just seeing so many Splunk deployments and the effectiveness of those deployments and and how this is going to help really Elevate the effectiveness of all of your Splunk customers yeah I'm super excited about this I mean I think this these kinds of purpose-built integration snail really move the needle for our customers I mean at the end of the day when I think about the power of Splunk I think about a product I was first introduced to 12 years ago that was an on-prem piece of software you know and at the time it sold on sort of Perpetual and term licenses but one made it special was that it could it could it could eat data at a speed that nothing else that I'd have ever seen you can ingest massively scalable amounts of data uh did cool things like schema on read which facilitated that there was this language called SPL that you could nerd out about uh and you went to a conference once a year and you talked about all the cool things you were splunking right but now as we think about the next phase of our growth um we live in a heterogeneous environment where our customers have so many different tools and data sources that are ever expanding and as you look at the as you look at the role of the ciso it's mind-blowing to me the amount of sources Services apps that are coming into the ciso span of let's just call it a span of influence in the last three years uh you know we're seeing things like infrastructure service level visibility application performance monitoring stuff that just never made sense for the security team to have visibility into you um at least not at the size and scale which we're demanding today um and and that's different and this isn't this is why it's so important that we have these joint purpose-built Integrations that um really provide more prescription to our customers about how do they walk on that Journey towards maturity what does zero to one look like what does one to two look like whereas you know 10 years ago customers were happy with platforms today they want integration they want Solutions and they want to drive outcomes and I think this is a great example of how together we are stepping to the evolving nature of the market and also the ever-evolving nature of the threat landscape and what I would say is the maturing needs of the customer in that environment yeah for sure I think especially if if we all anticipate budget pressure over the next 18 months due to the economy and elsewhere while the security budgets are not going to ever I don't think they're going to get cut they're not going to grow as fast and there's a lot more pressure on organizations to extract more value from their existing Investments as well as extracting more value and more impact from their existing teams and so security Effectiveness Fierce prioritization and automation I think become the three key themes of security uh over the next 18 months so I'll do very quickly is run through a few other use cases um every host that we identified in the pen test were able to score and say this host allowed us to do something significant therefore it's it's really critical you should be increasing your logging here hey these hosts down here we couldn't really do anything as an attacker so if you do have to make trade-offs you can make some trade-offs of your logging resolution at the lower end in order to increase logging resolution on the upper end so you've got that level of of um justification for where to increase or or adjust your logging resolution another example is every host we've discovered as an attacker we Expose and you can export and we want to make sure is every host we found as an attacker is being ingested from a Splunk standpoint a big issue I had as a CIO and user of Splunk and other tools is I had no idea if there were Rogue Raspberry Pi's on the network or if a new box was installed and whether Splunk was installed on it or not so now you can quickly start to correlate what hosts did we see and how does that reconcile with what you're logging from uh finally or second to last use case here on the Splunk integration side is for every single problem we've found we give multiple options for how to fix it this becomes a great way to prioritize what fixed actions to automate in your soar platform and what we want to get to eventually is being able to automatically trigger soar actions to fix well-known problems like automatically invalidating passwords for for poor poor passwords in our credentials amongst a whole bunch of other things we could go off and do and then finally if there is a well-known kill chain or attack path one of the things I really wish I could have done when I was a Splunk customer was take this type of kill chain that actually shows a path to domain admin that I'm sincerely worried about and use it as a glass table over which I could start to layer possible indicators of compromise and now you've got a great starting point for glass tables and iocs for actual kill chains that we know are exploitable in your environment and that becomes some super cool Integrations that we've got on the roadmap between us and the Splunk security side of the house so what I'll leave with actually Patrick before I do that you know um love to get your comments and then I'll I'll kind of leave with one last slide on this wartime security mindset uh pending you know assuming there's no other questions no I love it I mean I think this kind of um it's kind of glass table's approach to how do you how do you sort of visualize these workflows and then use things like sore and orchestration and automation to operationalize them is exactly where we see all of our customers going and getting away from I think an over engineered approach to soar with where it has to be super technical heavy with you know python programmers and getting more to this visual view of workflow creation um that really demystifies the power of Automation and also democratizes it so you don't have to have these programming languages in your resume in order to start really moving the needle on workflow creation policy enforcement and ultimately driving automation coverage across more and more of the workflows that your team is seeing yeah I think that between us being able to visualize the actual kill chain or attack path with you know think of a of uh the soar Market I think going towards this no code low code um you know configurable sore versus coded sore that's going to really be a game changer in improve or giving security teams a force multiplier so what I'll leave you with is this peacetime mindset of security no longer is sustainable we really have to get out of checking the box and then waiting for the bad guys to show up to verify that security tools are are working or not and the reason why we've got to really do that quickly is there are over a thousand companies that withdrew from the Russian economy over the past uh nine months due to the Ukrainian War there you should expect every one of them to be punished by the Russians for leaving and punished from a cyber standpoint and this is no longer about financial extortion that is ransomware this is about punishing and destroying companies and you can punish any one of these companies by going after them directly or by going after their suppliers and their Distributors so suddenly your attack surface is no more no longer just your own Enterprise it's how you bring your goods to Market and it's how you get your goods created because while I may not be able to disrupt your ability to harvest fruit if I can get those trucks stuck at the border I can increase spoilage and have the same effect and what we should expect to see is this idea of cyber-enabled economic Warfare where if we issue a sanction like Banning the Russians from traveling there is a cyber-enabled counter punch which is corrupt and destroy the American Airlines database that is below the threshold of War that's not going to trigger the 82nd Airborne to be mobilized but it's going to achieve the right effect ban the sale of luxury goods disrupt the supply chain and create shortages banned Russian oil and gas attack refineries to call a 10x spike in gas prices three days before the election this is the future and therefore I think what we have to do is shift towards a wartime mindset which is don't trust your security posture verify it see yourself Through The Eyes of the attacker build that incident response muscle memory and drive better collaboration between the red and the blue teams your suppliers and Distributors and your information uh sharing organization they have in place and what's really valuable for me as a Splunk customer was when a router crashes at that moment you don't know if it's due to an I.T Administration problem or an attacker and what you want to have are different people asking different questions of the same data and you want to have that integrated triage process of an I.T lens to that problem a security lens to that problem and then from there figuring out is is this an IT workflow to execute or a security incident to execute and you want to have all of that as an integrated team integrated process integrated technology stack and this is something that I very care I cared very deeply about as both a Splunk customer and a Splunk CTO that I see time and time again across the board so Patrick I'll leave you with the last word the final three minutes here and I don't see any open questions so please take us home oh man see how you think we spent hours and hours prepping for this together that that last uh uh 40 seconds of your talk track is probably one of the things I'm most passionate about in this industry right now uh and I think nist has done some really interesting work here around building cyber resilient organizations that have that has really I think helped help the industry see that um incidents can come from adverse conditions you know stress is uh uh performance taxations in the infrastructure service or app layer and they can come from malicious compromises uh Insider threats external threat actors and the more that we look at this from the perspective of of a broader cyber resilience Mission uh in a wartime mindset uh I I think we're going to be much better off and and will you talk about with operationally minded ice hacks information sharing intelligence sharing becomes so important in these wartime uh um situations and you know we know not all ice acts are created equal but we're also seeing a lot of um more ad hoc information sharing groups popping up so look I think I think you framed it really really well I love the concept of wartime mindset and um I I like the idea of applying a cyber resilience lens like if you have one more layer on top of that bottom right cake you know I think the it lens and the security lens they roll up to this concept of cyber resilience and I think this has done some great work there for us yeah you're you're spot on and that that is app and that's gonna I think be the the next um terrain that that uh that you're gonna see vendors try to get after but that I think Splunk is best position to win okay that's a wrap for this special Cube presentation you heard all about the global expansion of horizon 3.ai's partner program for their Partners have a unique opportunity to take advantage of their node zero product uh International go to Market expansion North America channel Partnerships and just overall relationships with companies like Splunk to make things more comprehensive in this disruptive cyber security world we live in and hope you enjoyed this program all the videos are available on thecube.net as well as check out Horizon 3 dot AI for their pen test Automation and ultimately their defense system that they use for testing always the environment that you're in great Innovative product and I hope you enjoyed the program again I'm John Furrier host of the cube thanks for watching

>>Mhm Yes. Hi lisa Martin here with the cube we are covering Dell technologies world, the digital event experience. I have two guests here with me today that are new to the program. So I would like to welcome David Lowe, the Director of product management for Dell Technologies. David. Welcome to the >>program. Hi, how are you >>doing well? And Catherine Ward is here as well, customer experience strategist at Dell Technologies Catherine, it's great to have you join us. Thanks. Happy to be here lisa. So we're talking about embracing as a service. That was a big announcement at Dell Technologies World as we were talking before we went live just a few months ago in the end of 2020 where the new Dell Technologies cloud console was announced. David start with our audience in terms of describing the apex council, what it is when it was launched and give us some color around that. >>Absolutely. Back in october we announced the Dell Technologies cloud console as part of unveiling the apex vision and this was really uh in response to what we heard from our customers about the need to be able to take advantage of cloud and as a service, operating models, being able to take advantage of our products and services around infrastructure in a way that really uh you know, met their needs in terms of the business results that they were trying to drive the kind of flexibility that they needed about how to get those offerings in place and be able to to run them having simplicity and how they managed those offers while also having just a greater degree of control, of course, that's afforded by having infrastructure running on premises versus uh in the public cloud. So with the apex console today, again, we're just listening to what customers say about being able to double down on that vision and provide even more functionality and capabilities on top of additional services that we're making available in the apex console today, >>Captain, let's get some point of view from the customers. David mentioned them a number of times. Obviously this is why you're doing this, but how does apex designed to help simplify operations? What are some of the things that you're hearing from the customer experience about it being able to simplify ops? >>Yeah, absolutely. So we've we've talked to many customers that's part of my team's job to ensure we're delivering a great experience. We've really heard >>that customers >>appreciate that they can now subscribe to services and and that the Dell offers. Um we've heard a lot from customers and sales folks that tells us that not every project they want to do is funded in a complex way. And so one of the great benefits of Dell clouds offers and the apex console is being able to get things in an op X way so they can pay on a subscription, uh sorry, so they can play on a subscription basis uh to meet, you know, their business needs is one major positive that we've been hearing from customers. >>One of the things that I read when apex launched a few months ago was this really as a way to demonstrate cloud as an operating model rather than a destination and lets you get both of your opinions on that and since launched what you thought, David, we'll start with you. >>Yeah, Well that's it's a great it's a great concept that customers really that really resonates with customers. So I mean, you know, cloud as an operating model has been something that many companies have moved towards over the last, you know, 10, 15 years, where there are fundamental characteristics of cloud that are defined as being on demand, being self service, providing easier access with elastic scale and then also just paying for what you use. And and and these are the things that customers really care about. And so as part of the apex vision and unveiling today in the in the apex console where offering services, for example, like apex storage services, where customers will have the ability to subscribe to that service on demand through the Apex Council in a self service way, they'll be able to take advantage of it in a way they pay for what they use because on top of a a committed storage capacity, it's an on demand usage model, uh and they have the ability to come in at any time and increase as their business demands what storage is available to them. So we really are capitalizing on those cloud characteristics that customers want to be able to take advantage of but doing so, you know, on top of uh, infrastructure products from Dell that customers have trusted for decades. >>Right. So one of the things that we've talked about so many times in the last year is the acceleration that we've seen in every industry with perspective digital transformation and seeing so many businesses in every industry pivot multiple times here. And that speed up, you know, like, you know, here we are using SAS applications to communicate and to reach customers. I'd love to know Katherine, what some of the things are that you've learned since the initial launch. Kind of given the interesting times that we're in, what are some of the things that you've learned from customer feedback that are going to be utilized to help uh, uh, kind of modify the product going forward? >>Yeah, absolutely. So one thing is customers echoing David, really value self serve. They want to be able to do things on their time when they want. And one of the great things that customers can do through the console is build solutions, choose services that best meet their needs, they don't have to involve sales, they obviously can if they want to, but they don't have to. And that is a big selling point key, you know, meets a key need of that. We've heard from customers, I'd say. The second thing that we've heard from folks is that they really like how we have set up our role based access >>and identity >>management capabilities. Uh and I'll give you an example, So there are company very large companies, let's say who may have one finance department and they are the only people who are empowered to sign off on orders, let's say. So maybe a more purchaser type role, you may have an entire separate set of folks who are more technical folks who understand how to configure an offer, how to put it all together and those, but those folks can't buy. Um And so we have built in some workflows um to help support those processes that we've heard from customers that they have, and by doing that they can ensure appropriate separation of duties according to their internal policies as well as help them get a handle on unexpected spend from I. T. Services. >>Catherine is really touching on an incredibly important point there that customers over the last 10 years as they've used cloud services from other providers. We know that the democratization of cloud, that said that anybody can come in off the street with a credit card and start using services. That's a great way for people to get up and running. But that also leads to the problem of shadow I. T. It also leads to uh you know, an unbounded expenses and and you know difficulty in managing costs and unpredictable expenditure. So we've seen over time how even other cloud providers have had to come back laser and based on customer feedback, start adding governance, start adding policies, start adding, you know budget management and spend controls, uh Start ensuring that the kind of workflow that Catherine mentioned is in place around uh you know, ordering And we decided to put that in just from day 1. So when customers come to the apex console, they're going to be coming in the context of a company or an organization where there will be users that have specific roles. And as Catherine mentioned, they'll have specific permissions that might align with their particular job function and there will be governance that an administrator can implement to ensure that only certain people can perform certain tasks, which, you know, we already know from customer feedback is incredibly important to give customers that kind of control that they might not get or that they might have been asking for from other cloud providers in order to ensure that this is truly like an enterprise grade level of servants. >>Yeah. And just to play off that David, you know, I've talked also while I also, I talked to customers a lot also make sure I interact quite a bit with our sales team so to get their views as well. And there's a university customer that we have who has this exact problem of shadow it. And they were, their goal was to unify and get all their main campuses on same system, following same policies, same procedures, same infrastructure. Um And one of the key challenges that they have is people, developers get excited, they want to build stuff and they will go to the public cloud, use a credit card for example and just get up and running. And now this company realizes that a those folks kind of going off and doing some of that on their own are actually spending more than their central it spends. So again I think it's a real world problem that we think we're we're well positioned to solve. >>Yeah, those guardrails seem really outstanding for customers to be able to get that. You both mentioned shadow I. T. And that's one of the things that we know so easy to spin up services. But yet you then disconnect I thi from different business units which is always a challenge for organizations. So having the governance and the role based access controls really provides your customers with more of a chance to, as you said I think a minute ago David consume and only pay for what they're consuming but also have that line of sight that visibility across who's using these services. What are we paying? Are we are we getting what we need and are we ensuring that we're getting more control over our environment? I can't even imagine how much more important that is these days with so many people still scattered and remote. >>Yeah and and and and and and it's it's just really part of the whole customer lifecycle as they work with our services. So after customer is able to subscribe to something like apex data storage services and after it has been deployed at their data center they'll be able to come in to the apex council, they'll be able to see information about that subscription and about the infrastructure that they're running including having health monitoring and alerts and be able to see the capacity usage of that service. Uh And with that telemetry and insight then be able to take action. Uh Perhaps as you say to you know either uh you know put in place additional controls within their teams on on spending or consumption or increase the available storage that they have to ensure that it meets uh their business needs. And and as we build out this end and life cycle within the apex console customers will see more and more features coming to help with you know tagging of expenditure for show back purpose is to simplify the way in which uh you know both I. T. Teams and financial uh personnel within a company are able to ensure that they're being responsible and and have that governance over over what's being consumed and spent. >>Yeah. Absolutely critical. Catherine talked to us about for existing Dell customers, how can they access the apex console? What's the what's the process there that you advise? >>Yeah. Great great question. So the good news is if you already have a Dell account, whether you're an existing premier customer or perhaps you visit us through Dell dot com your credentials will work. All you need to do is talk to your sales team, your sales representative and ask them to be enabled and the process typically goes that they will sales will help enable an administrator and from there the administrator at your company can start giving access and assigning those roles as as as you as you need. >>Just a little bit of a pivot on that. And what are we talking about in terms of time frame when we think of cloud services being able to spend them up knowing that there's still so much remote work going on. How quickly can Adele customer follow that process that you just mentioned and activate these services? >>Yeah, that's a great question. So our goal is to be able to, once, you know, we have your interest, we understand what you want to get you equipment and get you up and running within 14 days is our is our goal and our target. Um It's a lot depends on on what the customer needs and if they can get, you know, if they can accept delivery that quickly and all that. But but that is our that's our goal is get you up and running in 14 days. >>Excellent. That time to values David. Go ahead. >>Oh yeah, the the getting access to the council can be can be can be, you know, certainly a lot faster. But as Catherine said, you know, once you get into the console and you want to be able to consume the services, especially for those infrastructure services that are going to show up and be deployed at your data center. Uh You know, we we include features like integrated site survey that customers are going to see shortly when they're able to go through the subscription process and enter information about their physical data center. Maybe uh you know, physical access characteristics or power or networking configurations that they have So that our deployment services team knows what to expect when they show up. We can get everything wrapped and stacked and ready to go put it on the truck and have it uh you know, to the customer as quickly as possible as Catherine said, with the time to value promise of 14 days. >>Excellent. And that fast access last question David, before we wrap up, talk to us about what's next? This was only announced in the last 67 months so lots of Development and progress, lots of customer feedback helping to tune the services. What can customers expect you know going out the rest of 20 calendar year 2021 >>more. Just I mean you know we'll have access for more customers in more countries to be able to consume more services and more capabilities within the console to provide that richer and to end experience today we already have access Uh for the console within 17 countries around the world with customers from the US and. UK. and France and Germany already able to subscribe to certain services. We have access for apex data storage services and other countries uh Coming very soon. Uh So we'll be adding more countries or languages will be adding more services uh in the coming months. And as we alluded to earlier more capabilities to ensure that the end and experience that customers have crosses all of the different boundaries within their organizations and supports all of the different roles who need to be able to come in and do everything from discover services. Subscribe to them, provision, resources, uh manage, operate support and and and build solutions on on top of what they have. So it really is all about ensuring that it's a single consistent and to end life cycle within the apex console. >>Well, that word more was perfect when I said, what's coming next book? And folks expect more? It's like that. But wait, there's >>more. So I'm sure >>folks will will get a lot more information as the event unfolds in the weeks after David and Catherine. Thank you for joining me talking to me about all of the progress that's happened in such a short amount of time with apex concept. We look forward to seeing what's next. >>Thanks lisa. >>Thanks for having us. >>My pleasure for David Lo and Catherine Ward. I'm lisa martin. You're watching the cubes coverage of Dell technologies world, The virtual event experience. Yeah, yeah.

>>from around the globe. It's the Cube with digital coverage of AWS reinvent 2020 sponsored by Intel and AWS. Yeah, welcome to the Cubes Live coverage of AWS reinvent 2020. I'm Lisa Martin and I have a Cube alumni joining me Next. Aaron Kelly, the GM of product marketing at AWS Aaron. Welcome back to the program. >>Thanks, Lisa. It's great to be here. >>Likewise, even though we don't get to all be crammed into Las Vegas together, uh, excited to talk to you about Amazon Connect, talk to our audience about what that is. And then let's talk about it in terms of how it's been a big facilitator during this interesting year, that is 2020. >>Great, yes, for sure. So Amazon Connect is a cloud contact center where we're really looking to really reinvent how contact centers work by bringing it into the cloud. It's an Omni Channel, easy to use contact center that allows customers to spin up contact centers in minutes instead of months. Its very scalable so can scale to 10 tens of thousands of agents. But it also scaled down when you when it's not in use and because it's got a pay as you go business model. You only pay when you're engaging with collars or customers. You're not paying for high upfront per agent fees every month. So it's really been a great service during this pandemic, as there's been a lot of unpredictable spikes in demand, uh, that customers have had to deal with across many sectors, >>and we've been talking for months now about the acceleration that Corbett has delivered with respect to digital transformation. And, of course, as patients has been wearing fin globally. I think with everybody when we're calling a contact center, we want a resolution quickly. And of course, as we all know is we all in any industry are working from home. So are they. So I can imagine during this time that being able to have a cloud contact center has been transformative, I guess, to help some businesses keep the lights on. But now to really be successful moving forward, knowing that they can operate and scale up or down as things change. >>Yeah, that's exactly right. And so one of the key benefits of connect his ability to very quickly on board and get started, you know, we have some very interesting and examples like Morrisons, which is a retailer in the UK They wanted to create a new service as you highlighted, which was a door, you know, doorstep delivery service. And so they needed to spin up a quick new contact center in order to handle those orders. They were able to do it and move all their agents remotely in about a day and be able to immediately start to take those orders, which is really powerful, you know. Another interesting example is the Rhode Island Department of Labor and Training. Which part of their responsibility is to deliver unemployment benefits for their citizens? Obviously a huge surge of demand there they were able to build an entirely new context center in about nine days to support their citizens. They went from a knave ridge of about 74 call volume sort of capacity per minute to 1000 call on capacity per minute. And in the first day of standing up this new context center, they were able to serve 75,000 Rhode Island citizens with their unemployment benefits. So really ah, great example of having that cloud scalability that ability to bring agents remotely and then helping citizens in need during a very, very difficult time, >>right? So a lot of uses private sector, public sector. What are some of the new capabilities of Amazon connected? You're announcing at reinvent. >>Yeah, So we announced five big capabilities this during reinvent yesterday that really spanned the entire experience, and our goal is to make it better for agents so they're more efficient. That actually helps customers reduce their costs but also create a better collar experience so that C sat could go up in the collars, can get what they need quickly and then move on. And so the first capability is Amazon Connect Voice I D, which makes it easier to validate that the person calling is who in fact, they say they are so in this case, Lee. So let's say you're calling in. You can opt in tow, have a voice print made of you. The next time you call in, we're able to use machine learning to match that voiceprint to know. Yes, it is Lisa. I don't need to ask Lisa questions about her mother's maiden name and Social Security number. We can validate you quickly as an agent I'm confident it's you. So I'm less concerned about things like fraud, and we can move on. That's the first great new feature. The second is Amazon Connect customer profiles. So now, once you join the call rather than me is an agent having to click around a different systems and find out your order history, etcetera. I could get that all surface to me directly. So I have that context. I can create a more personalized experience and move faster through the call. The third one is called Wisdom. It's Amazon Connect wisdom, which now based on either what you're asking me or a search that I might make, I could get answers to your questions. Push to me using machine learning. So if you may be asking about a refund policy or the next time a new product may launch, I may not know rather than clicking around and sort of finding that in the different systems is pushed right to me. Um, now the Fourth Feet feature is really time capability of contact lens for Amazon connect, and what this does is while you were having our conversation, it measures the sentiment based on what you're saying or any keywords. So let's say you called it and said, I want a refund or I want to cancel That keyword will trigger a new alert to my supervisor who can see that this call may be going in the wrong direction. Let me go help Aaron with Lisa. Maybe there's a special offer I can provide or extra assistance so I can help turn that call around and create a great customer experience, which right now it feels like it's not going in that direction. And then the last one is, um, Amazon Connect tasks where about half of an agents time is spent on task other than the call follow up items. So you're looking for a refund or you want me Thio to ship you a new version of the product or something? Well, today I might write that on a sticky note or send myself a reminder and email. It's not very tracked very well. With Amazon Connect task, I can create that task for me as a supervisor. I could then X signed those tax and I can make sure that the follow up items air prioritized. And then when I look at my work. You is an agent. I can see both calls, my chats and my task, which allows me to be more efficient. That allows me to follow up faster with you. My customer, Andi. Overall, it's gonna help lower the cost and efficiency of the Contact Center. So we're really excited about all five of these features and how they improve the entire life cycle of a customer contact. >>And that could be table stakes for any business in terms of customer satisfaction. You talked about that, but I always say, You know, customer satisfaction is inextricably linked to employee satisfaction. They need. The agents need to be empowered with that information and really time, but also to be able to look at. I want them to know why I'm calling. They should already know what I have. We have that growing expectation right as a consumer. So the agent experience the customer experience. You've also really streamline. And I could just see this being something that is like I said, kind of table stakes for an organization to reduce churn, to be able to service more customers in a shorter amount of time and also employee satisfaction, right, >>right that's that. That's exactly right. Trader Grills, which is one of our, you know, beta customers using some of these capabilities. You know, they're saying 25% faster, handle times so shorter calls and a 10% increase in customer satisfaction because now it's personalized. When you call in, I know what grill you purchased. And so I have a sense based on the grill, you purchase just what your question might be or what you know, what special offers I might have available to me and that's all pushed to me is an agent, So I feel more empowered. I could give you better service. You have, you know, greater loyalty towards my brand, which is a win for everyone, >>absolutely that empowerment of the agent, that personalization for the customer. I think again we have that growing demanded expectation that you should know why I'm calling, and you should be able to solve my problem. If you can't, I'm gonna turn and find somebody else who can do that. That's a huge risk that businesses face. Let's talk about some of the trends that you're seeing that this has been a very interesting year to say the least, what are some of the trends in the context center space that you guys were seeing that you're working Thio to help facilitate? >>Yeah, absolutely. So I think one of the biggest trends that we're seeing is this move towards remote work. So as you can imagine, with the pandemic almost immediately, most customers needed to quickly move their agents to remote work scenario. And this is where Amazon Connect was a great benefit. For as I mentioned before, we saw about 5000 new contact centers created in March in April. Um, Atiya, very beginning of the pandemic. So that was a very, uh, that's a very big trend we're seeing. And now what we're seeing is customers were saying, Hey, when I have something like Amazon Connect that's in the cloud, it scales up. It provides me a great experience. I just need really a headset in a Internet connection from my agents. I'm not dealing with VPNs and, ah, lot of the complexity that comes with trying to move on on premises system remote. We're seeing a huge, you know, search of adoption and usage around that the ability to very quickly create a new context center around specific scenarios are use cases has been really, really powerful. So, uh, those are the big trends moving to remote remote work and a trend towards, um, spinning of new context that is quickly and then spending them back down as that demand moves or or those those those situations move >>right. And as we're all experiencing, the one thing that is a given during this time is the uncertainty that remains Skilling up. Skilling down volume changes. But looking as if a lot of what's currently going on from home is going to stay for a while longer, I actually not think about it. I'm calling into whether it's, you know, cable service or whatnot. I think What about agent is actually on their couch at home like I am working? And so I think it's being able to facilitate that because is transformative, and I think I think I'll step out on limbs side, you know, very potentially impact the winners and the losers of tomorrow, making sure that the consumer experience is tailored. It's personalized to your point and that the agents are empowered in real time to facilitate a seamless and fast resolution of whatever the issue is. >>Well, and I think you hit on it earlier as well. Agents wanna be helpful. They wanna solve a customer problem. They wanna have that information at their fingertips. They wanna be on power to take action. Because at the end of their day, they want to feel like they helped people, right? And so being able to give them that information safe from wisdom or being able to see your entire customer profile, Right? Right. When you come on board or know that you are Lisa, um, and have the confidence that I'm talking to Lisa, I'm not. This is not some sort of, you know, fishing, exercise, exercise. These are all really important scenarios and features that empower the agent, lowers cost significantly for the customer and creates a much better customer experience for you. The collar? >>Absolutely. And we all know how important that is these days to get some sort of satisfying experience. Last question. Erin, talk to us about, you know, as we all look forward, Thio 2021. For many reasons. What can we expect with Amazon? Connect? >>Well, we're going to continue to listen to our customers and hear their feedback and what they need, which what we certainly anticipate is continued focus on that agent efficiency, giving agents mawr of the information they need to be successful and answer customers questions quickly, continuing to invest in machine learning as a way of doing that. So using ML to identify that you are who you say you are, finding that right information. Getting data that I can use is an agent Thio. Handle those tasks and then automate the things that you know I really shouldn't have to take steps is a human to go do so if we need to send you a follow up email when when your product ships or when your refund is issued. Let me just put that in the system once and have it happened when it executes. So that level of automation continuing to bring machine learning in to make the agent experience better and more efficient, which ultimate leads to lower costs and better see set. These are all the investments. You'll see a sui continue for it next year. >>Excellent stuff, Erin, thank you so much for joining me on the program today, ensuring what's next and the potential the impact that Amazon connect is making. >>Thanks, Lisa. It's great to be here >>for Aaron Kelly. I'm Lisa Martin. You're watching the cubes. Live coverage of AWS reinvent 2020.

from around the globe it's thecube covering space and cyber security symposium 2020 hosted by cal poly hello everyone welcome to the space and cyber security symposium 2020 hosted by cal poly where the intersection of space and security are coming together i'm john furrier your host with thecube here in california i want to welcome our featured guest lieutenant general john f thompson with the united states space force approach to cyber security that's the topic of this session and of course he's the commander of the space and missile system center in los angeles air force base also heading up space force general thank you for coming on really appreciate you kicking this off welcome to the symposium hey so uh thank you very much john for that very kind introduction also uh very much thank you to cal poly uh for this opportunity to speak to this audience today also a special shout out to one of the organizers uh dustin brun for all of his work uh helping uh get us uh to this point uh ladies and gentlemen as uh as uh john mentioned uh i'm jt thompson uh i lead the 6 000 men and women of the united states space forces space and missile system center which is headquartered here at los angeles air force base in el segundo if you're not quite sure where that's at it's about a mile and a half from lax this is our main operating location but we do have a number of other operating locations around the country with about 500 people at kirtland air force base in albuquerque new mexico uh and about another 500 people on the front range of the rockies uh between colorado springs and uh and denver plus a smattering of other much smaller operating locations nationwide uh we're responsible for uh acquiring developing and sustaining the united states space force's critical space assets that includes the satellites in the space layer and also on the ground layer our ground segments to operate those satellites and we also are in charge of procuring launch services for the u.s space force and a number of our critical mission partners across the uh department of defense and the intelligence community um just as a couple of examples of some of the things we do if you're unfamiliar with our work we developed and currently sustained the 31 satellite gps constellation that satellite constellation while originally intended to help with global navigation those gps signals have provided trillions of dollars in unanticipated value to the global economy uh over the past three decades i mean gps is everywhere i think everybody realizes that agriculture banking the stock market the airline industry uh separate and distinct navigation systems it's really pervasive across both the capabilities for our department of defense and capabilities for our economy and and individuals billions of individuals across our country and the planet some of the other work we do for instance in the communications sector uh secure communications satellites that we design and build that link america's sons and daughters serving in the military around the world and really enable real-time support and comms for our deployed forces and those of our allies we also acquire uh infrared missile warning satellites uh that monitor the planet for missile launches and provide advanced warning uh to the u.s homeland and to our allies uh in case some of those missile launches are uh nefarious um on a note that's probably a lot closer to home maybe a lot closer to home than many of us want to think about here in the state of california in 2018 smc jumped through a bunch of red tape and bureaucracy uh to partner with the u.s forest service during the two of the largest wildfires in the state's history the camp and woolsey fires in northern california as those fires spread out of control we created processes on the fly to share data from our missile warning satellites those are satellites that are systems that are purpose built to see heat sources from thousands of miles above the planet and we collaborated with the us forest service so that firefighters on the ground uh could track those fires more in real time and better forecast fires and where they were spreading thereby saving lives and and property by identifying hot spots and flare-ups for firefighters that data that we were able to working with our contractors pass to the u.s forest service and authorities here in california was passed in less than an hour as it was collected to get it into the hands of the emergency responders the first responders as quickly as possible and doing that in an hour greatly surpassed what was available from some of the other assets in the airborne and ground-based fire spotters it was really instrumental in fighting those fires and stopping their spread we've continued uh that involvement in recent years using multiple systems to support firefighters across the western u.s this fall as they battled numerous wildfires that unfortunately continue working together with the u.s forest service and with other partners uh we like to make uh we like to think that we made a difference here but there's still a lot more work to go and i think that we should always be asking ourselves uh what else can space data be used for and how can we more rapidly get that space data to uh stakeholders so that they can use it for for purposes of good if you will how else can we protect our nation how else can we protect our friends and allies um i think a major component of the of the discussion that we will have throughout this conference is that the space landscape has changed rapidly and continues to change rapidly um just over the past few years uh john and i were talking before we went live here and 80 nations now have uh space programs 80 nearly 80 space faring nations on the planet um if you just look at one mission area that uh the department of defense is interested in and that's small launch there are currently over a hundred different small launch companies uh within the u.s industrial base vying for commercial dod and civil uh payload capabilities uh mostly to low earth orbit it's it's just truly a remarkable time if you factor in those things like artificial intelligence and machine learning um where we're revolutionary revolutionizing really uh the ways that we generate process and use data i mean it's really remarkable in 2016 so if you think about this four years ago uh nasa estimated that there were 28 terabytes of information transiting their space network each day and that was four years ago um uh obviously we've got a lot of desire to work with a lot of the people in the audience of this congress or in this conference uh we need to work with big thinkers like many of you to answer questions on how best we apply data analytics to extract value and meaning from that data we need new generations of thinkers to help apply cutting edge edge theories of data mining cyber behaviorism and internet of things 2.0 it's just truly a remarkable time uh to be in the space business and the cyber aspects of the states of the space business are truly truly daunting and important to uh to all of us um integrating cyber security into our space systems both commercial and government is a mandate um it's no longer just a nice to have as the us space force and department of the air force leadership has said many times over the past couple of years space is becoming congested and contested and that contested aspect means that we've got to focus on cyber security uh in the same way that the banking industry and cyber commerce focus on uh cyber security day in and day out the value of the data and services provided is really directly tied to the integrity and availability of that data and services from the space layer from the ground control segments associated with it and this value is not just military it's also economic and it's not just american it's also a value for the entire world particularly particularly our allies as we all depend upon space and space systems your neighbors and friends here in california that are employed at the space and missile system center uh work with network defenders we work with our commercial contractors and our systems developers um our international allies and partners to try and build as secure and resilient systems as we can from the ground up that keep the global commons of space free and open for exploration and for commerce um as john and i were talking earlier before we came online there's an aspect of cyber security for space systems especially for some of our legacy systems that's more how do we bolt this on because we fielded those space systems a number of years ago and the the challenges of cyber security in the space domain have grown so we have a part that we have to worry about bolting it on but then we have to worry about building it in as we as we field new systems and build in a flexibility that that realizes that the cyber threat or the cyber security landscape will evolve over time it's not just going to be stagnant there will always be new vulnerabilities and new threat vectors that we always have to look at look uh as secretary barrett who is our secretary of the air force likes to say most americans use space before they have their first cup of coffee in the morning the american way of life really depends on space and as part of the united states space force we work with defense leaders our congress joint and international military teammates and industry to ensure american leadership in space i really thank you for this opportunity to address the audience today john and thanks so much to cal poly for letting me be one of the speakers at this event i really look forward to this for uh several months and so with that i look forward to your questions as we kind of move along here general thank you very much for the awesome uh introductory statement uh for the folks watching on the stream brigadier general carthan is going to be in the chat answering any questions feel free to chat away he's the vice commander of space and missile systems center he'll be available um a couple comments from your keynote before i get to my questions because it just jumped in my head you mentioned the benefits of say space but the fires in california we're living that here that's really real time that's a benefit you also mentioned the ability for more people launching payloads into space and i only imagine moore's law smaller faster cheaper applies to rockets too so i'm imagining you have the benefits of space and you have now more potential objects flying out sanctioned and maybe unsanctioned so you know is it going to be more rules around that i mean this is an interesting question because it's exciting space force but for all the good there is potentially bad out there yeah so i i john i think the uh i think the basics of your question is as space becomes more congested and contested is there a need for more international norms of how satellites fly in space what kind of basic features satellites have to perhaps deorbit themselves what kind of basic protections does do all satellites should all satellites be afforded as part of a peaceful global commons of space i think those are all fantastic questions and i know that u.s and many uh allied policy makers are looking very very hard at those kinds of questions in terms of what are the norms of behavior and how we uh you know how how we field and field is the military term but you know how we uh populate uh using civil or uh commercial terms uh that space layer at different altitudes uh low earth orbit mid mid-earth orbit geosynchronous earth orbit different kinds of orbits uh what the kind of mission areas we accomplish from space that's all things that need to be definitely taken into account as uh as the place gets a little bit not a little bit as the place gets increasingly more popular day in and day out well i'm super excited for space force i know that a new generation of young folks are really interested in it's an emerging changing great space the focus here at this conference is space and cyber security intersection i'd like to get your thoughts on the approach that space force is taking to cyber security and how it impacts our national goals here in the united states yeah yeah so that's a that's a great question john let me let me talk about in two uh two basic ways but number one is and and i know um some people in the audience this might make them a little bit uncomfortable but i have to talk about the threat right um and then relative to that threat i really have to talk about the importance of uh of cyber and specifically cyber security as it relates to that threat um the threats that we face um really represent a new era of warfare and that new era of warfare involves both space and cyber uh we've seen a lot of action in recent months uh from certain countries notably china and russia uh that have threatened what i referred to earlier as the peaceful global commons of space for example uh it through many unclassified sources and media sources everybody should understand that um uh the russians have been testing on orbit uh anti-satellite capabilities it's been very clear if you were following just the week before last the department of defense released its uh 2020 military and security developments involving the people's republic of china um uh and uh it was very clear that china is developing asats electronic jammers directed energy weapons and most relevant to today's discussion offensive cyber uh capabilities there are kinetic threats uh that are very very easy to see but a cyber attack against a critical uh command and control site or against a particular spacecraft could be just as devastating to the system and our war fighters in the case of gps and important to note that that gps system also impacts many civilians who are dependent upon those systems from a first response perspective and emergency services a cyber attack against a ground control site could cause operators to lose control of a spacecraft or an attacker could feed spoofed data to a system to mislead operators so that they send emergency services personnel to the to the wrong address right attacks on spacecraft on orbit whether directly via a network of intrusion or enabled through malware introduced during the systems production uh while we're building the satellite can [ __ ] or corrupt the data denial of service type attacks on our global networks obviously would disrupt our data flow and interfere with ongoing operations and satellite control i mean if gps went down i you know i hesitate to say it this way because we might elicit some screams from the audience but if gps went down a starbucks wouldn't be able to handle your mobile order uber drivers wouldn't be able to find you and domino's certainly certainly wouldn't be able to get there in 30 minutes or less right so with a little bit of tongue-in-cheek there from a military operations perspective it's dead serious um uh we have become accustomed in the commercial world to threats like lance ransomware and malware and those things have unfortunately become commonplace in commercial terrestrial networks and computer systems however what we're seeing is that our adversaries with the increased competition in space these same techniques are being retooled if you will to use against our national security space systems uh day in and day out um as i said during my opening remarks on the importance of cyber the value of these systems is directly tied to their integrity if commanders in the field uh firefighters in california or baristas in in starbucks can't trust the data they see they're receiving then that really harms their decision-making capabilities one of the big trends we've recently seen is the mood move towards proliferated leo uh uh constellations obviously uh spacex's uh starlink uh on the commercial side and on the military side the work that darpa and my organization smc are doing on blackjack and casino as well as some space transport layer constellation work that the space development agency is designing are all really really important types of mesh network systems that will revolutionize how we plan and field warfighting systems and commercial communications and internet providing systems but they're also heavily reliant on cyber security uh we've got to make sure that they are secured to avoid an accident or international damage uh loss of control of these constellations really could be catastrophic from both a mission perspective or from uh you know satellites tumbling out of low earth orbit perspective another trend is introductions in artificial intelligence and machine learning on board spacecraft or at the edge our satellites are really not so much hardware systems with a little software anymore in the commercial sector and in the defense sector they're basically flying boxes full of software right and we need to ensure the data that we're getting out of those flying boxes full of software are helping us base our decisions on accurate data and algorithms govern governing the right actions and that those uh that those systems are impervious to the extent possible uh to nefarious uh modifications so in summation a cyber security is vital element of everything in our national security space goals and i would argue for our national uh goals uh writ large including uh economic and information uh uh dimensions uh the space force leadership at all levels uh from uh some of the brand new second lieutenants that general raymond uh swore into the space force this morning uh ceremonially from the uh air force association's air space and cyberspace conference uh to the various highest levels general raymond uh general d t thompson myself and a number of other senior leaders in this enterprise we've got to make sure that we're all working together to keep cyber security at the forefront of our space systems because it they absolutely depend on it you know you mentioned uh hardware software threats opportunities challenges i want to ask you because you you got me thinking of the minute there around infrastructure i mean we've heard critical infrastructure you know grids here on on earth you're talking about critical infrastructure a redefinition of what critical infrastructure is an extension of what we have so i'd love to get your thoughts about space force's view of that critical infrastructure vis-a-vis the threat vectors because you know the term threat vectors has been kicked around in the cyber space oh yeah threat vectors they're always increasing the surface area well if the surface area is from space it's an unlimited surface area so you got different vectors so you got new critical infrastructure developing real time really fast and you got an expanded threat vector landscape putting that in perspective for the folks that aren't really inside the ropes on these critical issues how would you explain this and how would you talk about those two things well so i tell you um i just like um uh just like uh i'm sure people in the security side or the cyber security side of the business in the banking industry feel they feel like it's uh all possible threat vectors represent a dramatic and protect potentially existential threat to all of the dollars that they have in the banking system to the financial sector on the department of defense side we've got to have sort of the same mindset um that threat vector from to and through space against critical space systems ground segments the launch enterprise or transportation uh to orbit and the various different uh domains within uh within space itself like i mentioned before uh leo mio and geo-based satellites with different orbits all of the different mission areas that are accomplished from space that i mentioned earlier some that i didn't mention like weather tactical or wide band communications uh various new features of space control all of those are things that we have to worry about from a cyber security uh threat perspective and it's a it's a daunting challenge right now right yeah it's awesome and one of the things we've been following on the hardware side here in the on the ground is the supply chain we've seen you know malware being you know really put into really obscure hardware who manufactures it as being outsourced obviously government has restrictions but with the private sector uh you mentioned china and and the us kind of working together across these these peaceful areas but you got to look at the supply chain how does the supply chain the security aspect impact the mission of the u.s space force yeah yeah so so um how about another um just in terms of an example another kind of california-based historical example right um the very first u.s satellite uh explorer one was built by uh the jet propulsion uh laboratory folks uh not far from here in el segundo up in uh up in pasadena um that satellite when it was first built in the late 50s uh weighed a little bit over 30 pounds and i'm sure that each and every part was custom made and definitely made by u.s companies fast forward to today the global supply chain is so tightly coupled and frankly many industries are so specialized almost specialized regionally around the planet we focus every day to guarantee the integrity of every component that we put in our space systems is absolutely critical to the operations of those satellites and we're dependent upon them but it becomes more difficult and more difficult to understand the the heritage if you will of some of the parts that are used the thousands of parts that are used in some of our satellites that are literally school bus sized right the space industry especially uh national security space sector um uh is relatively small compared to other commercial industries and we're moving to towards using more and more parts uh from non-us companies uh cyber security and cyber awareness have to be baked in from the beginning if we're going to be using parts that maybe we don't necessarily um understand 100 percent like an explorer one uh the the lineage of that particular part the environmental difficulties in space are well known the radiation environment the temperature extremes the vacuum those require specialized component and the us military is not the only uh customer in that space in fact we're definitely not the dominant customer uh in space anymore all those factors require us along with our other government partners and many different commercial space organizations to keep a very close eye on our supply chains from a quality perspective a security perspective and availability um there's open source reporting on supply training intrusions from um many different breaches of commercial retailers to the infectious spread of uh you know compromised patches if you will and our adversaries are aware of these techniques as i mentioned earlier with other forms of attack considering our supply chains and development networks really becomes fair game for our adversaries so we have to uh take that threat seriously um between the government and industry sectors here in the u.s we're also working with our industry partners to enact stronger defenses and assess our own vulnerabilities last fall we completed an extensive review of all of our major contracts here at space and missile system center to determine the levels of cyber security requirements we've implemented across our portfolio and it sounds really kind of you know businessy geeky if you will you know hey we looked at our contracts to make sure that we had the right clauses in our contracts to address cyber security as dynamically as we possibly could and so we found ourselves having to add new language to our contracts to require system developers to implement some more advanced uh protective measures in this evolving cyber security environment so that data handling and supply chain perspective uh protections um from contract inception to launch and operations were taken into account uh cyber security really is a key performance parameter for us now it's as important as the the mission performance of the system it's as important as cost it's as important as schedule because if we deliver the perfect system on time and on cost uh it can perform that missile warning or that communications mis mission perfectly but it's not cyber secure if it doesn't have cyber protections built into it or the ability to implement mitigations against cyber uh threats then we've essentially fielded a shoe box in space that doesn't do the k the the war fighter or the nation uh any good um supply chain risk management is a is a major challenge for us uh we're doing a lot to coordinate with our industry partners uh we're all facing it head on uh to try and build secure and trusted components uh that keep our confidence as leaders firefighters and baristas uh as the case may be uh but it is a challenge and we're trying to rise to that challenge you know this so exciting this new area because it really touches everything you know talk about geeking out on on the tech the hardware the systems but also you put your kind of mba hat on you go what's the roi of the extra development and how you how things get built because the always the exciting thing for space geeks is like you're building cool stuff people love it's it's exciting but you still have to build and cyber security has proven that security has to be baked in from the beginning and be thought as a system architecture so you're still building things which means you've got to acquire things you got to acquire parts you got to acquire build software and and sustain it how is security impacting the acquisition and the sustainment of these systems for space yeah from initial development uh through planning for the acquisition design development fielding or production fielding and sustainment it impacts all aspects of of the life cycle john uh we simply especially from the concept of baking in cyber security uh we can't wait until something is built and then try and figure out how to make it cyber secure so we've moved way further uh towards working side by side with our system developers to strengthen cyber security from the very beginning of a system's development cyber security and the resilience associated with it really have to be treated as a key system attribute as i mentioned earlier equivalent with data rates or other metrics of performance we like to talk in uh in the space world about uh mission assurance and mission assurance has always you know sort of taken us as we as we technically geek out right mission assurance has always taken us to the will this system work in space right can it work in a vacuum can it work in you know as it as it uh you know transfers through uh the van allen radiation belt or through the the um the southern hemisphere's electromagnetic anomaly right will it work out in space and now from a resiliency perspective yeah it has to work in space it's got to be functional in space but it's also got to be resistant to these cyber security threats it's it's not just i think uh general dt thompson quoted this term it's not just widget assurance anymore it's mission assurance um uh how does that satellite uh operator that ground control segment operate while under attack so let me break your question a little bit uh just for purposes of discussion into into really two parts uh cyber uh for cyber security for systems that are new and cyber security uh for systems that are in sustainment or kind of old and legacy um obviously there's cyber vulnerabilities that threaten both and we really have to employ different strategies for for defense of of each one for new systems uh we're desperately trying to implement across the department of defense in particular in the space world a kind of a devsecops methodology and practice to delivering software faster and with greater security for our space systems here at smc we have a program called enterprise ground services which is a tool kit basically a collection of tools for common command and control of different satellite systems egs as we call it has an integrated suite for defensive cyber capabilities network operators can use these tools to gain unprecedented insight to data flows and to monitor space network traffic for anomalies or other potential indicators of of bad behavior malicious behavior if you will um uh it's rudimentary at this point but because we're using devsecops and that incremental development approach as we scale it it just becomes more and more capable you know every every product increment that we field here at uh at uh la air force base uh uh we have the united space space forces west coast software factory which we've dubbed kobayashi maru they're using those agile devops uh software development practices uh to deliver uh space awareness software uh to the combined space operations center uh affectionately called the csp that c-spock is just down the road uh from cal poly uh there in san luis obispo at vandenberg air force base they've securely linked the c-spock with other space operation centers around the planet our allies australia canada and the uk uh we're partnering with all of them to enable secure and enhanced combined space operations so lots of new stuff going on as we bake in new development uh capabilities for our our space systems but as i mentioned earlier we've got large constellations on satellite of satellites on orbit right now some of them are well in excess of a decade or more old on orbit and so the design aspects of those satellites are several decades old and so but we still have to worry about them because they're critical to our space capabilities um we've been working with an air force materiel command organization uh called crows which stands for the cyber resiliency office for uh weapon systems to assess all of those legacy platforms from a cyber security perspective and develop defensive strategies and potential hardware and software upgrades to those systems to better enable them to to live through this increasingly cyber security uh concerned era that we currently live in our industry partners have been critical to to both of those different avenues both new systems and legacy systems we're working closely with them to defend and upgrade uh national assets and develop the capabilities to do similar with uh with new national assets coming online the vulnerabilities of our space systems really kind of threaten the way we've done business in the past both militarily and in the case of gps economically the impacts of that cyber security risk are clear in our acquisition and sustainment processes but i've got to tell you it that as the threat vectors change as the vulnerabilities change we've got to be nimble enough agile enough to be able to bounce back and forth we can't just say uh many people in the audience are probably familiar with the rmf or the risk management framework approach to um to reviewing uh the cyber security of a system we can't have program managers and engineers just accomplish an rmf on a system and then hey high five we're all good uh it's a journey not a destination that's cyber security and it's a constant battle rhythm throughout a weapon systems life cycle not just a single event i want to get to this commercial business needs and your needs on the next question but before i go there you mentioned the agile and i see that clearly because when you have accelerated innovation cycles you've got to be faster and we saw this in the computer industry mainframes mini computers and then when you started getting beyond me when the internet hit and pcs came out you saw the big enterprises the banks and and government start to work with startups it used to be a joke in the entrepreneurial circles is that you know there's no way if you're a startup you're ever going to get a contract with a big business enterprise now that used to be for public sector and certainly uh for you guys so as you see startups out there and there's acquisition involved i'm sure would love to love to have a contract with space force there's an roi calculation where if it's in space and you have a sustainment view edit software you might have a new kind of business model that could be attractive to startups could you share your thoughts on the folks who want to be a supplier to you uh whether they're a startup or an existing business that wants to be agile but they might not be that big company we are john that's a fantastic question we are desperately trying to reach out to to those new space advocates to those startups to those um what we sometimes refer to within the department of defense those non-traditional uh defense contractors a couple of things just for uh thinking purposes on some of the things that we're trying to highlight um uh three years ago we created here at uh space and missile system center uh the space enterprise consortium uh to provide a platform uh a contractual vehicle really to enable us to rapidly prototype uh development of space systems and to collaborate uh between the u.s space force uh traditional defense contractors non-traditional vendors like startups and even some academic institutions uh spec as we call it space enterprise consortium uses a specialized contracting tool to get contracts uh awarded quickly many in the audience may be familiar with other transaction agreements and that's what spec is based on and so far in just three years spec has awarded 75 different uh prototyping contracts worth over 800 million dollars with a 36 reduction in time to award and because it's a consortium based competition for um for these kinds of prototyping efforts the barrier to entry for small and non-traditional for startups even for academic institutions to be able to compete for these kinds of prototypings is really lowered right um uh these types of partnerships uh that we've been working through on spec uh have really helped us work with smaller companies who might not have the background or expertise in dealing with the government or in working with cyber security uh for their systems both their developmental systems and the systems that they're designing and trying to build we want to provide ways for companies large and small to partner together and support um uh kind of mutually beneficial uh relationships between all um recently uh at the annual air force association uh conference that i mentioned earlier i moderated a panel with several space industry leaders uh all from big traditional defense contractors by the way and they all stressed the importance of building bridges and partnerships uh between major contractors in the defense industry and new entrants uh and that helps us capture the benefits of speed and agility that come with small companies and startups as well as the expertise and specialized skill sets of some of those uh larger contractors uh that we rely on day in and day out advanced cyber security protections and utilization of secure facilities are just a couple of things that i think we could be prioritizing more so in those collaborations as i mentioned earlier the spec has been very successful in awarding a number of different prototyping contracts and large dollar values and it's just going to get better right there's over 400 members of the space enterprise consortium 80 of them are non-traditional kinds of vendors and we just love working with them another thing that many people in the audience may be familiar with in terms of our outreach to innovators uh if you will and innovators that include uh cyber security experts is our space pitch day events right so we held our first event last november in san francisco uh where we awarded over a two-day period about 46 million dollars to 30 different companies um that had potentially game-changing ideas these were phase two small business innovative research efforts uh that we awarded with cash on the spot uh we're planning on holding our second space pitch day in the spring of 2021. uh we're planning on doing it right here in los angeles uh covent 19 environment permitting um and we think that these are you know fantastic uh uh venues for identifying and working with high-speed startups startups and small businesses who are interested in uh really truly partnering with the us air force it's a as i said before it's a really exciting time to be a part of this business uh and working with the innovation economy uh is something that the department of defense uh really needs to do in that um the innovation that we used to think was ours you know that 80 percent of the industrial-based innovation that came from the department of defense uh the the script has been flipped there and so now more than 70 percent uh particularly in space innovation uh comes from the commercial sector not from uh not from the defense business itself and so um that's a tsunami of uh investment and a tsunami of uh capability and i need to figure out how to get my surfboard out and ride it you know what i mean yeah i mean it's one of those things where the flip the script has been flipped but it's exciting because it's impacting everything are you talking about systems architecture you're talking about software you're talking about a business model you talk about devsecops from a technical perspective but now you have a business model innovation all the theaters of uh are exploding in innovation technical business personnel this brings up the workforce challenge you've got the cyber needs for the u.s space force there's probably a great roi model for new kinds of software development that could be priced into contracts that's a entrepreneurial innovation you got the the business model theater you've got the personnel how does the industry adopt and change you guys are clearly driving this how does the industry adjust to you yeah so um i think a great way to answer that question is to just talk about the kind of people that we're trying to prioritize in the u.s space force from a from an acquisition perspective and in this particular case from a from a cyber security perspective as i mentioned earlier it's the most exciting time to be in space programs uh really since the days of apollo um uh you know just to put it in terms that you know maybe have an impact with the audience uh from 1957 until today approximately 9 000 satellites uh have been launched from the various space faring countries around the planet uh less than two thousand of those nine thousand are still up on orbit and operational and yet in the new space regime um players like spacex have plans to launch you know 12 000 satellites for some of their constellations alone it really is a remarkable time in terms of innovation and fielding of space capabilities and all of those space capabilities whether they're commercial civil or defense are going to require appropriate cyber security uh protections it's just a really exciting time uh to be working in stuff like this and so uh folks like the folks in this audience who have a passion about space and a passion about cyber security are just the kind of people that we want to work with because we need to make sure our systems are are secure and resilient we need folks that have technical and computing expertise engineering skills to be able to design cybersecure systems that can detect and mitigate attacks uh but we also as you alluded to we need people that have that business and um you know business acumen human networking background so that we can launch the startups and work with the non-traditional businesses uh help to bring them on board help to secure both their data and our data and uh and and make sure our processes and systems are are free as much as possible from uh uh from attack um for preparation for for audience members who are young and maybe thinking about getting into this uh trade space um you gotta be smart on digital networking uh you gotta understand basic internet protocols concepts uh programming languages uh database design uh learn what you can from penetration or vulnerability testing and and uh risk assessment i will tell you this and i don't think he will i know he will not mind me telling you this but you've got to be a lifelong learner and so two years ago i'm at home one evening and i get a phone call on my cell phone and it's my boss the commander of air force space command uh general j raymond who is now currently the chief of space operations and he is on temporary duty flying overseas he lands where he's going and he first thing he does when he lands is he calls me and he goes jt um while i was traveling um i noticed that there were e-books available on the commercial airliner i was traveling on and there was an e-book on something called scrumming and agile devsecops and i read it have you read it um and i said no sir but if you tell me what the title of the book is i will read it and so i got to go to my staff meeting um you know the very next week the next time we had a staff meeting and tell everybody in the stab meeting hey if the four star and the three star can read the book about scrumming then i'm pretty sure all of you around this table and all our lieutenants and our captains our gs13s all of our government employees can get smart on uh the scrumming development process and interestingly as another side i had a telephone call with him last year during the holidays where he was trying to take some leave and i said sir what are you up to today are you are you you know making eggnog for the event tonight or whatever and the chief of space operations told me no i'm trying to teach myself python i'm at lesson two and it's not going so well but i'm i'm gonna figure this out and so that kind of thing if the chief of staff or the you know the the the chief of space operations can prioritize scrumming and python language and innovation in his daily schedule then we're definitely looking for other people who can do that and we'll just say lower levels of rank uh throughout our entire space force enterprise um look i i we don't need to need people that can code a satellite from scratch but we need to know we need to have people that have a basic grasp of the programming basics and cyber security requirements and that can turn those things into into meaningful actions obviously in the space domain things like basic physics and orbital mechanics are also important uh space is not an intuitive uh domain so under understanding how things survive uh on orbit is really critical to making the right design and operational decisions and you know i know there's probably a lot because of this conference i know there's a probably a whole lot of high-speed cyber security experts out in the audience and i need those people in the u.s space force the the country is counting on it but i wouldn't discount having people that are just cyber aware or cyber savvy right i have contracting officers and logisticians and program managers and they don't have to be high-end cyber security experts but they have to be aware enough about it to be able to implement cyber security protections um into our space system so the skill set is is really really broad um our adversaries are pouring billions of dollars into uh define designing uh and fielding offensive and destructive space cyber security weapons right they've repeatedly shown really a blatant disregard of safety and international norms for good behavior on orbit and the cyber security aspects of our space systems is really a key battleground going forward so that we can maintain that as i mentioned before peaceful uh global commons of space we really need all hands on deck if you're interested in helping in uniform if you're interested in helping uh not in uniform uh but as a government employee a commercial or civil employee to help us make cyber security more important uh or more cape more able to be developed for our space systems then we'd really love to uh to work with you or have you on the team to build that safe and secure future for our space systems lieutenant general john thompson great insight thank you for sharing all that awesome stories too and motivation for the young next generation the united states space force approach of cyber security really amazing talk thank you for your time final parting question is as you look out and you had your magic wand what's your view for the next few years in terms of things that we could accomplish it's a super exciting time what do you hope for so um um first of all john thanks to you and and thanks to cal poly uh for the invitation and and thanks to everybody for uh for their interest in cyber security especially as it relates to space systems that's here at the conference um uh there's a quote and i'll read it here uh from uh bernard schriever who was the uh the founder if you will uh a legend in uh dod space the founder of the western development division which was a predecessor organization to space and missile systems center general shrever i think captures the essence of what how we see the next couple of years the world has an ample supply of people who can always come up with a dozen good reasons why new ideas will not work and should not be tried but the people who produce progress are breed apart they have the imagination the courage and the persistence to find solutions and so i think if you're hoping that the next few years of space innovation and cyber security innovation are going to be a pony ride at the county fair then perhaps you should look for another line of work because i think the next few years in space and cyber security innovation are going to be more like a rodeo um and a very dynamic rodeo as it goes it is a an awesome privilege to be part of this ecosystem it's really an honor for me to um to be able to play some small role uh in the space ecosystem and trying to improve it uh while i'm trying to improve the chances of uh of the united states of america in a uh in a space war fighting uh uh environment um and so i thank all of you for uh participating today and for this little bit of time that you've allowed me to share with you thank you sir thank you for your leadership and thank you for the for the time for this awesome event space and cyber security symposium 2020 i'm john furrier on behalf of cal poly thanks for watching [Music]

>>Hello. I'm Professor Toru Suzuki Cherif cardiovascular medicine on associate dean of the College of Life Sciences at the University of Leicester in the United Kingdom, where I'm also director of the Lester Life Sciences accelerator. I'm also honorary consultant cardiologist within our university hospitals. It's part of the national health system NHS Trust. Today, I'd like to talk to you about our Lester Clinical Data Science Initiative. Now brief background on Lester. It's university in hospitals. Lester is in the center of England. The national health system is divided depending on the countries. The United Kingdom, which is comprised of, uh, England, Scotland to the north, whales to the west and Northern Ireland is another part in a different island. But national health system of England is what will be predominantly be discussed. Today has a history of about 70 years now, owing to the fact that we're basically in the center of England. Although this is only about one hour north of London, we have a catchment of about 100 miles, which takes us from the eastern coast of England, bordering with Birmingham to the west north just south of Liverpool, Manchester and just south to the tip of London. We have one of the busiest national health system trust in the United Kingdom, with a catchment about 100 miles and one million patients a year. Our main hospital, the General Hospital, which is actually called the Royal Infirmary, which can has an accident and emergency, which means Emergency Department is that has one of the busiest emergency departments in the nation. I work at Glen Field Hospital, which is one of the main cardiovascular hospitals of the United Kingdom and Europe. Academically, the Medical School of the University of Leicester is ranked 20th in the world on Lee, behind Cambridge, Oxford Imperial College and University College London. For the UK, this is very research. Waited, uh, ranking is Therefore we are very research focused universities as well for the cardiovascular research groups, with it mainly within Glenn Field Hospital, we are ranked as the 29th Independent research institution in the world which places us. A Suffield waited within our group. As you can see those their top ranked this is regardless of cardiology, include institutes like the Broad Institute and Whitehead Institute. Mitt Welcome Trust Sanger, Howard Hughes Medical Institute, Kemble, Cold Spring Harbor and as a hospital we rank within ah in this field in a relatively competitive manner as well. Therefore, we're very research focused. Hospital is well now to give you the unique selling points of Leicester. We're we're the largest and busiest national health system trust in the United Kingdom, but we also have a very large and stable as well as ethnically diverse population. The population ranges often into three generations, which allows us to do a lot of cohort based studies which allows us for the primary and secondary care cohorts, lot of which are well characterized and focused on genomics. In the past. We also have a biomedical research center focusing on chronic diseases, which is funded by the National Institutes of Health Research, which funds clinical research the hospitals of United Kingdom on we also have a very rich regional life science cluster, including med techs and small and medium sized enterprises. Now for this, the bottom line is that I am the director of the letter site left Sciences accelerator, >>which is tasked with industrial engagement in the local national sectors but not excluding the international sectors as well. Broadly, we have academics and clinicians with interest in health care, which includes science and engineering as well as non clinical researchers. And prior to the cove it outbreak, the government announced the £450 million investment into our university hospitals, which I hope will be going forward now to give you a brief background on where the scientific strategy the United Kingdom lies. Three industrial strategy was brought out a za part of the process which involved exiting the European Union, and part of that was the life science sector deal. And among this, as you will see, there were four grand challenges that were put in place a I and data economy, future of mobility, clean growth and aging society and as a medical research institute. A lot of the focus that we have been transitioning with within my group are projects are focused on using data and analytics using artificial intelligence, but also understanding how chronic diseases evolved as part of the aging society, and therefore we will be able to address these grand challenges for the country. Additionally, the national health system also has its long term plans, which we align to. One of those is digitally enabled care and that this hope you're going mainstream over the next 10 years. And to do this, what is envision will be The clinicians will be able to access and interact with patient records and care plants wherever they are with ready access to decision support and artificial intelligence, and that this will enable predictive techniques, which include linking with clinical genomic as well as other data supports, such as image ing a new medical breakthroughs. There has been what's called the Topol Review that discusses the future of health care in the United Kingdom and preparing the health care workforce for the delivery of the digital future, which clearly discusses in the end that we would be using automated image interpretation. Is using artificial intelligence predictive analytics using artificial intelligence as mentioned in the long term plans. That is part of that. We will also be engaging natural language processing speech recognition. I'm reading the genome amusing. Genomic announced this as well. We are in what is called the Midland's. As I mentioned previously, the Midland's comprised the East Midlands, where we are as Lester, other places such as Nottingham. We're here. The West Midland involves Birmingham, and here is ah collective. We are the Midlands. Here we comprise what is called the Midlands engine on the Midland's engine focuses on transport, accelerating innovation, trading with the world as well as the ultra connected region. And therefore our work will also involve connectivity moving forward. And it's part of that. It's part of our health care plans. We hope to also enable total digital connectivity moving forward and that will allow us to embrace digital data as well as collectivity. These three key words will ah Linkous our health care systems for the future. Now, to give you a vision for the future of medicine vision that there will be a very complex data set that we will need to work on, which will involve genomics Phanom ICS image ing which will called, uh oh mix analysis. But this is just meaning that is, uh complex data sets that we need to work on. This will integrate with our clinical data Platforms are bioinformatics, and we'll also get real time information of physiology through interfaces and wearables. Important for this is that we have computing, uh, processes that will now allow this kind of complex data analysis in real time using artificial intelligence and machine learning based applications to allow visualization Analytics, which could be out, put it through various user interfaces to the clinician and others. One of the characteristics of the United Kingdom is that the NHS is that we embrace data and captured data from when most citizens have been born from the cradle toe when they die to the grave. And it's important that we were able to link this data up to understand the journey of that patient. Over time. When they come to hospital, which is secondary care data, we will get disease data when they go to their primary care general practitioner, we will be able to get early check up data is Paula's follow monitoring monitoring, but also social care data. If this could be linked, allow us to understand how aging and deterioration as well as frailty, uh, encompasses thes patients. And to do this, we have many, many numerous data sets available, including clinical letters, blood tests, more advanced tests, which is genetics and imaging, which we can possibly, um, integrate into a patient journey which will allow us to understand the digital journey of that patient. I have called this the digital twin patient cohort to do a digital simulation of patient health journeys using data integration and analytics. This is a technique that has often been used in industrial manufacturing to understand the maintenance and service points for hardware and instruments. But we would be using this to stratify predict diseases. This'll would also be monitored and refined, using wearables and other types of complex data analysis to allow for, in the end, preemptive intervention to allow paradigm shifting. How we undertake medicine at this time, which is more reactive rather than proactive as infrastructure we are presently working on putting together what's it called the Data Safe haven or trusted research environment? One which with in the clinical environment, the university hospitals and curated and data manner, which allows us to enable data mining off the databases or, I should say, the trusted research environment within the clinical environment. Hopefully, we will then be able to anonymous that to allow ah used by academics and possibly also, uh, partnering industry to do further data mining and tool development, which we could then further field test again using our real world data base of patients that will be continually, uh, updating in our system. In the cardiovascular group, we have what's called the bricks cohort, which means biomedical research. Informatics Center for Cardiovascular Science, which was done, started long time even before I joined, uh, in 2010 which has today almost captured about 10,000 patients arm or who come through to Glenn Field Hospital for various treatments or and even those who have not on. We asked for their consent to their blood for genetics, but also for blood tests, uh, genomics testing, but also image ing as well as other consent. Hable medical information s so far there about 10,000 patients and we've been trying to extract and curate their data accordingly. Again, a za reminder of what the strengths of Leicester are. We have one of the largest and busiest trust with the very large, uh, patient cohort Ah, focused dr at the university, which allows for chronic diseases such as heart disease. I just mentioned our efforts on heart disease, uh which are about 10,000 patients ongoing right now. But we would wish thio include further chronic diseases such as diabetes, respiratory diseases, renal disease and further to understand the multi modality between these diseases so that we can understand how they >>interact as well. Finally, I like to talk about the lesser life science accelerator as well. This is a new project that was funded by >>the U started this January for three years. I'm the director for this and all the groups within the College of Life Sciences that are involved with healthcare but also clinical work are involved. And through this we hope to support innovative industrial partnerships and collaborations in the region, a swells nationally and further on into internationally as well. I realized that today is a talked to um, or business and commercial oriented audience. And we would welcome interest from your companies and partners to come to Leicester toe work with us on, uh, clinical health care data and to drive our agenda forward for this so that we can enable innovative research but also product development in partnership with you moving forward. Thank you for your time.

>> Narrator: From around the globe. It's theCUBE covering space in cybersecurity symposium 2020 hosted by Cal Poly. >> Hello, everyone. Welcome to the space and cybersecurity symposium, 2020 hosted by Cal Poly where the intersection of space and security are coming together. I'm John Furrier, your host with theCUBE here in California. I want to welcome our featured guest, Lieutenant General, John F. Thompson with the United States Space Force approach to cybersecurity. That's the topic of this session. And of course he's the commander of the space and missile system center in Los Angeles Air Force Base. Also heading up Space Force. General, thank you for coming on. I really appreciate to you kicking this off. Welcome to the symposium. >> Hey, so thank you very much, John, for that very kind introduction. Also very much thank you to Cal Poly for this opportunity to speak to this audience today. Also a special shout out to one of the organizers, Dustin Debrun, for all of his work, helping get us to this point. Ladies and gentlemen as a John mentioned, I'm JT Thompson. I lead the 6,000 men and women of the United States Space Force's Space and Missile System Center, which is headquartered here at Los Angeles Air Force Base and El Segundo. If you're not quite sure where that's at, it's about a mile and a half from LAX. This is our main operating location, but we do have a number of other operating locations around the country. We're about 500 people at Kirtland Air Force Base in Albuquerque, New Mexico, and an about another 500 people on the front range of the Rockies between Colorado Springs and Denver plus a smattering of other much smaller operating locations nationwide. We're responsible for acquiring, developing and sustaining the United States Space Force's, critical space assets. That includes the satellites in the space layer and also on the ground layer our ground segments to operate those satellites. And we also are in charge of procuring launch services for the US Space Force and a number of our critical mission partners across the Department of Defense and the intelligence community. Just as a couple of examples of some of the things we do, if you're unfamiliar with our work we developed and currently sustain the 31 satellite GPS constellation that satellite constellation, while originally intended to help with global navigation, those GPS signals have provided trillions of dollars in unanticipated value to the global economy over the past three decades. GPS is everywhere. I think everybody realizes that. Agriculture, banking, the stock market, the airline industry, separate and distinct navigation systems. It's really pervasive across both capabilities for our Department of Defense and capabilities for our economy and individuals, billions of individuals across our country and the planet. Some of the other work we do for instance, in the communications sector, secure communications satellites that we designed and build that link America's sons and daughters serving in the military around the world and really enable real time support and comms for our deployed forces. And those of our allies. We also acquire infrared missile warning satellites that monitor the planet for missile launches that provide advanced warning to the US Homeland and to our allies in case some of those missile launches are nefarious. On a note, that's probably a lot closer to home, maybe a lot closer to home than many of us want to think about here in the state of California. In 2018, SMC jumped through a bunch of red tape and bureaucracy to partner with the US Forest Service during two of the largest wildfires in the state's history, the Camp and Woolsey fires in Northern California. As those fires spread out of control, we created processes on the fly to share data from our missile warning satellites. Those are satellites that are systems that are purpose built to see heat sources from thousands of miles above the planet. And we collaborated with the US Forest Service so that firefighters on the ground could track those fires more in real time and better forecast fires and where they were spreading, thereby saving lives and property by identifying hotspots and flareups for firefighters. That data that we were able to working with our contractors pass to the US Forest Service and authorities here in California, was passed in less than an hour as it was collected to get it into the hands of the emergency responders, the first responders as quickly as possible and doing that in an hour greatly surpassed what was available from some of the other assets in the airborne and ground-based fire spotters. It was really instrumental in fighting those fires and stopping their spread. We've continued that involvement in recent years, using multiple systems to support firefighters across the Western US this fall, as they battled numerous wildfires that unfortunately continue. Working together with the US Forest Service and with other partners we'd like to think that we've made a difference here, but there's still a lot more work to go. And I think that we should always be asking ourselves what else can space data be used for and how can we more rapidly get that space data to stakeholders so that they can use it for purposes of good, if you will. How else can we protect our nation? How else can we protect our friends and allies? I think a major component of the discussion that we will have throughout this conference is that the space landscape has changed rapidly and continues to change rapidly. Just over the past few years, John and I were talking before we went live here and 80 nations now have space programs. Nearly 80 space faring nations on the planet. If you just look at one mission area that the Department of Defense is interested in, and that's small launch, there are currently over 100 different small launch companies within the US industrial base vying for commercial DoD and civil payload capabilities, mostly to lower earth orbit. It's truly a remarkable time. If you factor in those things like artificial intelligence and machine learning, where we're revolutionizing really, the ways that we generate process and use data. It's really remarkable. In 2016, so if you think about this four years ago, NASA estimated that there were 28 terabytes of information transiting their space network each day. And that was four years ago. Obviously we've got a lot of desire to work with a lot of the people in the audience in this conference, we need to work with big thinkers, like many of you to answer questions on how best we apply data analytics to extract value and meaning from that data. We need new generations of thinkers to help apply cutting edge theories of data mining, cyber behaviorism, and Internet of Things 2.0, it's just truly a remarkable time to be in the space business and the cyber aspects of the space business are truly, truly daunting and important to all of us. Integrating cyber security into our space systems, both commercial and government is a mandate. it's no longer just a nice to have as the US Space Force and Department of the Air Force leadership has said many times over the past couple of years, space is becoming congested and contested. And that contested aspect means that we've got to focus on cyber security in the same way that the banking industry and cyber commerce focus on cybersecurity day in and day out. The value of the data and services provided is really directly tied to the integrity and availability of that data and services from the space layer, from the ground control segments associated with it. And this value is not just military, it's also economic and it's not just American, it's also a value for the entire world, particularly our allies, as we all depend upon space and space systems. Your neighbors and friends here in California that are employed at the space and missile system center work with network defenders. We work with our commercial contractors and our systems developers, our international allies and partners to try and build as secure and resilient systems as we can from the ground up that keep the global comments of space free and open for exploration and for commerce as John and I were talking earlier, before we came online, there's an aspect of cybersecurity for space systems, especially for some of our legacy systems, that's more, how do we bolt this on? Cause we fielded those space systems a number of years ago, and the challenges of cybersecurity in the space domain have grown. So we have a part that we have to worry about, bolting it on, but then we have to worry about building it in as we field new systems and build in a flexibility that realizes that the cyber threat or the cybersecurity landscape will evolve over time. It's not just going to be stagnant. There will always be new vulnerabilities and new threat vectors that we all have to look at. Look, as Secretary Barrett, who is our secretary of the air force likes to say most Americans use space before they have their first cup of coffee in the morning. The American way of life really depends on space. And as part of the United States Space Force, we work with defense leaders, our Congress joint, and international military teammates and industry to ensure American leadership in space. I really thank you for this opportunity to address the audience today, John, and thanks so much to Cal Poly for letting me be one of the speakers at this event. I've really looked forward to this for several months. And so with that, I look forward to your questions as we kind of move along here. >> General, thank you very much for those awesome introductory statement. For the folks watching on the stream, Brigadier General Carthan's going to be in the chat, answering any questions, feel free to chat away. He's the vice commander of Space and Missile System Center, he'll be available. A couple of comments from your keynote before I get to my questions. Cause it just jumped into my head. You mentioned the benefits of say space with the fires in California. We're living that here. That's really realtime. That's a benefit. You also mentioned the ability for more people launching payloads into space. I'm only imagined Moore's law smaller, faster, cheaper applies to rockets too. So I'm imagining you have the benefits of space and you have now more potential objects flying out sanctioned and maybe unsanctioned. So is it going to be more rules around that? This is an interesting question cause it's exciting Space Force, but for all the good there is potentially bad out there. >> Yeah. So John, I think the basics of your question is as space becomes more congested and contested, is there a need for more international norms of how satellites fly in space? What kind of basic features satellites have to perhaps de orbit themselves? What kind of basic protections should all satellites be afforded as part of a peaceful global commons of space? I think those are all fantastic questions. And I know that US and many allied policy makers are looking very, very hard at those kinds of questions in terms of what are the norms of behavior and how we field, and field as the military term. But how we populate using civil or commercial terms that space layer at different altitudes, lower earth orbit, mid earth orbit, geosynchronous earth orbit, different kinds of orbits, what the kind of mission areas we accomplished from space. That's all things that need to be definitely taken into account as the place gets a little bit, not a little bit as the place gets increasingly more popular day in and day out. >> I'm super excited for Space Force. I know that a new generation of young folks are really interested in it's an emerging, changing great space. The focus here at this conference is space and cybersecurity, the intersection. I'd like to get your thoughts on the approach that a space force is taking to cybersecurity and how it impacts our national goals here in the United States. >> Yeah. So that's a great question John, let me talk about it in two basic ways. At number one is an and I know some people in the audience, this might make them a little bit uncomfortable, but I have to talk about the threat. And then relative to that threat, I really have to talk about the importance of cyber and specifically cyber security, as it relates to that threat. The threats that we face really represented a new era of warfare and that new era of warfare involves both space and cyber. We've seen a lot of action in recent months from certain countries, notably China and Russia that have threatened what I referred to earlier as the peaceful global commons of space. For example, it threw many unclassified sources and media sources. Everybody should understand that the Russians have been testing on orbit anti-satellite capabilities. It's been very clear if you were following just the week before last, the Department of Defense released its 2020 military and security developments involving the People's Republic of China. And it was very clear that China is developing ASATs, electronic jammers, directed energy weapons, and most relevant to today's discussion, offensive cyber capabilities. There are kinetic threats that are very, very easy to see, but a cyber attack against a critical command and control site or against a particular spacecraft could be just as devastating to the system and our war fighters in the case of GPS and important to note that that GPS system also impacts many civilians who are dependent on those systems from a first response perspective and emergency services, a cyber attack against a ground control site could cause operators to lose control of a spacecraft or an attacker could feed spoofed data to assist them to mislead operators so that they sent emergency services personnel to the wrong address. Attacks on spacecraft on orbit, whether directly via a network intrusion or enabled through malware introduced during the system's production while we're building the satellite can cripple or corrupt the data. Denial-of-service type attacks on our global networks obviously would disrupt our data flow and interfere with ongoing operations and satellite control. If GPS went down, I hesitate to say it this way, cause we might elicit some screams from the audience. But if GPS went down a Starbucks, wouldn't be able to handle your mobile order, Uber drivers wouldn't be able to find you. And Domino's certainly wouldn't be able to get there in 30 minutes or less. So with a little bit of tongue in cheek there from a military operations perspective, it's dead serious. We have become accustomed in the commercial world to threats like ransomware and malware. And those things have unfortunately become commonplace in commercial terrestrial networks and computer systems. However, what we're seeing is that our adversaries with the increased competition in space these same techniques are being retooled, if you will, to use against our national security space systems day in and day out. As I said, during my opening remarks on the importance of cyber, the value of these systems is directly tied to their integrity. If commanders in the field, firefighters in California or baristas in Starbucks, can't trust the data they're receiving, then that really harms their decision making capabilities. One of the big trends we've recently seen is the move towards proliferated LEO constellations, obviously Space X's Starlink on the commercial side and on the military side, the work that DARPA and my organization SMC are doing on Blackjack and Casino, as well as some space transport layer constellation work that the space development agency is designing are all really, really important types of mesh network systems that will revolutionaries how we plan and field war fighting systems and commercial communications and internet providing systems. But they're also heavily reliant on cybersecurity. We've got to make sure that they are secured to avoid an accident or international damage. Loss of control of these constellations really could be catastrophic from both a mission perspective or from a satellites tumbling out of low earth orbit perspective. Another trend is introductions in artificial intelligence and machine learning, onboard spacecraft are at the edge. Our satellites are really not so much hardware systems with a little software anymore in the commercial sector and in the defense sector, they're basically flying boxes full of software. And we need to ensure that data that we're getting out of those flying boxes full of software are helping us base our decisions on accurate data and algorithms, governing the right actions and that those systems are impervious to the extent possible to nefarious modifications. So in summation, cybersecurity is a vital element of everything in our national security space goals. And I would argue for our national goals, writ large, including economic and information dimensions, the Space Force leadership at all levels from some of the brand new second lieutenants that general Raymond swore in to the space force this morning, ceremonially from the air force associations, airspace and cyberspace conference to the various highest levels, General Raymond, General DT Thompson, myself, and a number of other senior leaders in this enterprise. We've got to make sure that we're all working together to keep cyber security at the forefront of our space systems cause they absolutely depend on it. >> You mentioned hardware, software threats, opportunities, challenges. I want to ask you because you got me thinking of the minute they're around infrastructure. We've heard critical infrastructure, grids here on earth. You're talking about critical infrastructure, a redefinition of what critical infrastructure is, an extension of what we have. So I'd love to get your thoughts about Space Force's view of that critical infrastructure vis-a-vis the threat vectors, because the term threat vectors has been kicked around in the cyberspace. Oh you have threat vectors. They're always increasing the surface area. If the surface area is from space, it's an unlimited service area. So you got different vectors. So you've got new critical infrastructure developing real time, really fast. And you got an expanded threat vector landscape. Putting that in perspective for the folks that aren't really inside the ropes on these critical issues. How would you explain this and how would you talk about those two things? >> So I tell you, just like, I'm sure people in the security side or the cybersecurity side of the business in the banking industry feel, they feel like it's all possible threat vectors represent a dramatic and protect potentially existential threat to all of the dollars that they have in the banking system, to the financial sector. On the Department of Defense side, we've got to have sort of the same mindset. That threat vector from, to, and through space against critical space systems, ground segments, the launch enterprise, or transportation to orbit and the various different domains within space itself. Like I mentioned before, LEO, MEO and GEO based satellites with different orbits, all of the different mission areas that are accomplished from space that I mentioned earlier, some that I did mention like a weather tactical or wide band communications, various new features of space control. All of those are things that we have to worry about from a cyber security threat perspective. And it's a daunting challenge right now. >> Yeah, that's awesome. And one of the things we've been falling on the hardware side on the ground is the supply chain. We've seen, malware being, really put in a really obscure hardware. Who manufactures it? Is it being outsourced? Obviously government has restrictions, but with the private sector, you mentioned China and the US kind of working together across these peaceful areas. But you got to look at the supply chain. How does the supply chain in the security aspect impact the mission of the US space Force? >> Yeah. Yeah. So how about another, just in terms of an example, another kind of California based historical example. The very first US Satellite, Explorer 1, was built by the jet propulsion laboratory folks, not far from here in El Segundo, up in Pasadena, that satellite, when it was first built in the late 50s weighing a little bit, over 30 pounds. And I'm sure that each and every part was custom made and definitely made by US companies. Fast forward to today. The global supply chain is so tightly coupled, and frankly many industries are so specialized, almost specialized regionally around the planet. We focus every day to guarantee the integrity of every component that we put in our space systems is absolutely critical to the operations of those satellites and we're dependent upon them, but it becomes more difficult and more difficult to understand the heritage, if you will, of some of the parts that are used, the thousands of parts that are used in some of our satellites that are literally school bus sized. The space industry, especially national security space sector is relatively small compared to other commercial industries. And we're moving towards using more and more parts from non US companies. Cybersecurity and cyber awareness have to be baked in from the beginning if we're going to be using parts that maybe we don't necessarily understand 100% like an Explorer one, the lineage of that particular part. The environmental difficulties in space are well known. The radiation environment, the temperature extremes, the vacuum, those require specialized component. And the US military is not the only customer in that space. In fact, we're definitely not the dominant customer in space anymore. All those factors require us along with our other government partners and many different commercial space organizations to keep a very close eye on our supply chains, from a quality perspective, a security perspective and availability. There's open source reporting on supply training intrusions from many different breaches of commercial retailers to the infectious spread of compromised patches, if you will. And our adversaries are aware of these techniques. As I mentioned earlier, with other forms of attack, considering our supply chains and development networks really becomes fair game for our adversaries. So we have to take that threat seriously. Between the government and industry sectors here in the US. We're also working with our industry partners to enact stronger defenses and assess our own vulnerabilities. Last fall, we completed an extensive review of all of our major contracts here at Space and Missile System Center to determine the levels of cyber security requirements we've implemented across our portfolio. And it sounds really kind of businessy geeky, if you will. Hey, we looked at our contracts to make sure that we had the right clauses in our contracts to address cybersecurity as dynamically as we possibly could. And so we found ourselves having to add new language to our contracts, to require system developers, to implement some more advanced protective measures in this evolving cyber security environment. So that data handling and supply chain protections from contract inception to launch and operations were taken into account. Cyber security really is a key performance parameter for us now. Performance of the system, It's as important as cost, it's as important as schedule, because if we deliver the perfect system on time and on cost, it can perform that missile warning or that communications mission perfectly, but it's not cyber secure. If it's doesn't have cyber protections built into it, or the ability to implement mitigations against cyber threats, then we've essentially fielded a shoe box in space that doesn't do the CA the war fighter or the nation any good. Supply chain risk management is a major challenge for us. We're doing a lot to coordinate with our industry partners. We're all facing it head on to try and build secure and trusted components that keep our confidence as leaders, firefighters, and baristas as the case may be. But it is a challenge. And we're trying to rise to that challenge. >> This is so exciting this new area, because it really touches everything. Talk about geeking out on the tech, the hardware, the systems but also you put your kind of MBA hat on you go, what's the ROI of extra development and how things get built. Because the always the exciting thing for space geeks is like, if you're building cool stuff, it's exciting, but you still have to build. And cybersecurity has proven that security has to be baked in from the beginning and be thought as a system architecture. So you're still building things, which means you got to acquire things, you got to acquire parts, you got acquire build software and sustain it. How is security impacting the acquisition and the sustainment of these systems for space? >> Yeah. From initial development, through planning for the acquisition, design, development, our production fielding and sustainment, it impacts all aspects of the life cycle, John. We simply, especially from the concept of baking in cybersecurity, we can't wait until something is built and then try and figure out how to make it cyber secure. So we've moved way further towards working side by side with our system developers to strengthen cybersecurity from the very beginning of a systems development, cyber security, and the resilience associated with it really have to be treated as a key system attribute. As I mentioned earlier, equivalent with data rates or other metrics of performance. We like to talk in the space world about mission assurance and mission assurance has always sort of taken us as we technically geek out. Mission assurance has always taken us to the will this system work in space. Can it work in a vacuum? Can it work in as it transfers through the Van Allen radiation belt or through the Southern hemisphere's electromagnetic anomaly? Will it work out in space? And now from a resiliency perspective, yeah, it has to work in space. It's got to be functional in space, but it's also got to be resistant to these cybersecurity threats. It's not just, I think a General D.T Thompson quoted this term. It's not just widget assurance anymore. It's mission assurance. How does that satellite operator that ground control segment operate while under attack? So let me break your question a little bit, just for purposes of discussion into really two parts, cybersecurity, for systems that are new and cybersecurity for systems that are in sustainment are kind of old and legacy. Obviously there's cyber vulnerabilities that threatened both, and we really have to employ different strategies for defensive of each one. For new systems. We're desperately trying to implement across the Department of Defense and particularly in the space world, a kind of a dev sec ops methodology and practice to delivering software faster and with greater security for our space systems. Here at SMC, we have a program called enterprise ground services, which is a toolkit, basically a collection of tools for common command and control of different satellite systems, EGS as we call it has an integrated suite for defensive cyber capabilities. Network operators can use these tools to gain unprecedented insight to data flows and to monitor space network traffic for anomalies or other potential indicators of a bad behavior, malicious behavior, if you will, it's rudimentary at this point, but because we're using DevSecOps and that incremental development approach, as we scale it, it just becomes more and more capable. Every product increment that we feel. Here at LA Air Force Base, we have the United Space Force's West Coast Software Factory, which we've dubbed the Kobayashi Maru. They're using those agile DevOps software development practices to deliver a space awareness software to the combined space operations center. Affectionately called the CSpock that CSpock is just on the road from Cal Poly there in San Luis Obispo at Vandenberg Air Force Base. They've so securely linked the sea Spock with other space operation centers around the planet, our allies, Australia, Canada, and the UK. We're partnering with all of them to enable secure and enhanced combined space operations. So lots of new stuff going on as we bake in new development capabilities for our space systems. But as I mentioned earlier, we've got large constellations of satellites on orbit right now. Some of them are well in excess of a decade or more or old on orbit. And so the design aspects of those satellites are several decades old. But we still have to worry about them cause they're critical to our space capabilities. We've been working with an air force material command organization called CROWS, which stands for the Cyber Resiliency Office for Weapon Systems to assess all of those legacy platforms from a cyber security perspective and develop defensive strategies and potential hardware and software upgrades to those systems to better enable them to live through this increasingly cybersecurity concerned era that we currently live in. Our industry partners have been critical to both of those different avenues. Both new systems and legacy systems. We're working closely with them to defend and upgrade national assets and develop the capabilities to do similar with new national assets coming online. The vulnerabilities of our space systems really kind of threatened the way we've done business in the past, both militarily and in the case of GPS economically. The impacts of that cybersecurity risk are clear in our acquisition and sustainment processes, but I've got to tell you, as the threat vectors change, as the vulnerabilities change, we've got to be nimble enough, agile enough, to be able to bounce back and forth. We can't just say, many people in the audience are probably familiar with the RMF or the Risk Management Framework approach to reviewing the cyber security of a system. We can't have program managers and engineers just accomplish an RMF on a system. And then, hey, high five, we're all good. It's a journey, not a destination, that's cybersecurity. And it's a constant battle rhythm through our weapon systems lifecycle, not just a single event. >> I want to get to this commercial business needs and your needs on the next question. But before I go there, you mentioned agile. And I see that clearly because when you have accelerated innovation cycles, you've got to be faster. And we saw this in the computer industry, mainframes, mini computers, and then we started getting beyond maybe when the internet hit and PCs came out, you saw the big enterprises, the banks and government start to work with startups. And it used to be a joke in the entrepreneurial circles is that, there's no way if you are a startup you're ever going to get a contract with a big business enterprise. Now that used to be for public sector and certainly for you guys. So as you see startups out there and there's acquisition involved, I'm sure would love to have a contract with Space Force. There's an ROI calculation where if it's in space and you have a sustainment view and it's software, you might have a new kind of business model that could be attractive to startups. Could you share your thoughts on the folks who want to be a supplier to you, whether they're a startup or an existing business that wants to be agile, but they might not be that big company. >> John, that's a fantastic question. We're desperately trying to reach out to those new space advocates, to those startups, to those what we sometimes refer to, within the Department of Defense, those non traditional defense contractors. A couple of things just for thinking purposes on some of the things that we're trying to highlight. Three years ago, we created here at Space and Missile System Center, the Space Enterprise Consortium to provide a platform, a contractual vehicle, really to enable us to rapidly prototype, development of space systems and to collaborate between the US Space Force, traditional defense contractors, non traditional vendors like startups, and even some academic institutions. SPEC, as we call it, Space Enterprise Consortium uses a specialized contracting tool to get contracts awarded quickly. Many in the audience may be familiar with other transaction agreements. And that's what SPEC is based on. And so far in just three years, SPEC has awarded 75 different prototyping contracts worth over $800 million with a 36% reduction in time to award. And because it's a consortium based competition for these kinds of prototyping efforts, the barrier to entry for small and nontraditional, for startups, even for academic institutions to be able to compete for these kinds of prototyping has really lowered. These types of partnerships that we've been working through on spec have really helped us work with smaller companies who might not have the background or expertise in dealing with the government or in working with cyber security for their systems, both our developmental systems and the systems that they're designing and trying to build. We want to provide ways for companies large and small to partner together in support kind of mutually beneficial relationships between all. Recently at the Annual Air Force Association conference that I mentioned earlier, I moderated a panel with several space industry leaders, all from big traditional defense contractors, by the way. And they all stressed the importance of building bridges and partnerships between major contractors in the defense industry and new entrance. And that helps us capture the benefits of speed and agility that come with small companies and startups, as well as the expertise and specialized skill sets of some of those larger contractors that we rely on day in and day out. Advanced cyber security protections and utilization of secure facilities are just a couple of things that I think we could be prioritizing more so in those collaborations. As I mentioned earlier, the SPEC has been very successful in awarding a number of different prototyping contracts and large dollar values. And it's just going to get better. There's over 400 members of the space enterprise consortium, 80% of them are non traditional kinds of vendors. And we just love working with them. Another thing that many people in the audience may be familiar with in terms of our outreach to innovators, if you will, and innovators that include cyber security experts is our space pitch day events. So we held our first event last November in San Francisco, where we awarded over a two day period about $46 million to 30 different companies that had potentially game changing ideas. These were phase two small business innovative research efforts that we awarded with cash on the spot. We're planning on holding our second space pitch day in the spring of 2021. We're planning on doing it right here in Los Angeles, COVID-19 environment permitting. And we think that these are fantastic venues for identifying and working with high-speed startups, and small businesses who are interested in really, truly partnering with the US Air Force. It's, as I said before, it's a really exciting time to be a part of this business. And working with the innovation economy is something that the Department of Defense really needs to do in that the innovation that we used to think was ours. That 80% of the industrial base innovation that came from the Department of Defense, the script has been flipped there. And so now more than 70%, particularly in space innovation comes from the commercial sector, not from the defense business itself. And so that's a tsunami of investment and a tsunami of a capability. And I need to figure out how to get my surfboard out and ride it, you know what I mean? >> Yeah, It's one of those things where the script has been flipped, but it's exciting because it's impacting everything. When you're talking about systems architecture? You're talking about software, you're talking about a business model. You're talking about dev sec opsx from a technical perspective, but now you have a business model innovation. All the theaters are exploding in innovation, technical, business, personnel. This brings up the workforce challenge. You've got the cyber needs for the US Space Force, It's probably great ROI model for new kinds of software development that could be priced into contracts. That's a entrepreneurial innovation, you've got the business model theater, you've got the personnel. How does the industry adopt and change? You guys are clearly driving this. How does the industry adjust to you? >> Yeah. So I think a great way to answer that question is to just talk about the kind of people that we're trying to prioritize in the US Space Force from an acquisition perspective, and in this particular case from a cybersecurity perspective. As I mentioned earlier, it's the most exciting time to be in space programs, really since the days of Apollo. Just to put it in terms that maybe have an impact with the audience. From 1957 until today, approximately 9,000 satellites have been launched from the various space varying countries around the planet. Less than 2000 of those 9,000 are still up on orbit and operational. And yet in the new space regime players like Space X have plans to launch, 12,000 satellites for some of their constellations alone. It really is a remarkable time in terms of innovation and fielding of space capabilities and all of those space capabilities, whether they're commercial, civil, or defense are going to require appropriate cybersecurity protections. It's just a really exciting time to be working in stuff like this. And so folks like the folks in this audience who have a passion about space and a passion about cybersecurity are just the kind of people that we want to work with. Cause we need to make sure our systems are secure and resilient. We need folks that have technical and computing expertise, engineering skills to be able to design cyber secure systems that can detect and mitigate attacks. But we also, as you alluded to, we need people that have that business and business acumen, human networking background, so that we can launch the startups and work with the non traditional businesses. Help to bring them on board help, to secure both their data and our data and make sure our processes and systems are free as much as possible from attack. For preparation, for audience members who are young and maybe thinking about getting into this trade space, you got to be smart on digital networking. You got to understand basic internet protocols, concepts, programming languages, database design. Learn what you can for penetration or vulnerability testing and a risk assessment. I will tell you this, and I don't think he will, I know he will not mind me telling you this, but you got to be a lifelong learner and so two years ago, I'm at home evening and I get a phone call on my cell phone and it's my boss, the commander of Air Force Space command, General, J. Raymond, who is now currently the Chief of Space Operations. And he is on temporary duty, flying overseas. He lands where he's going and first thing he does when he lands is he calls me and he goes JT, while I was traveling, I noticed that there were eBooks available on the commercial airliner I was traveling on and there was an ebook on something called scrumming and agile DevSecOps. And I read it, have you read it? And I said, no, sir. But if you tell me what the title of the book is, I will read it. And so I got to go to my staff meeting, the very next week, the next time we had a staff meeting and tell everybody in the staff meeting, hey, if the four star and the three star can read the book about scrumming, then I'm pretty sure all of you around this table and all our lieutenants and our captains our GS13s, All of our government employees can get smart on the scrumming development process. And interestingly as another side, I had a telephone call with him last year during the holidays, where he was trying to take some leave. And I said, sir, what are you up to today? Are you making eggnog for the event tonight or whatever. And the Chief of Space Operations told me no, I'm trying to teach myself Python. I'm at lesson two, and it's not going so well, but I'm going to figure this out. And so that kind of thing, if the chief of staff or the Chief of Space Operations can prioritize scrumming and Python language and innovation in his daily schedule, then we're definitely looking for other people who can do that. And we'll just say, lower levels of rank throughout our entire space force enterprise. Look, we don't need people that can code a satellite from scratch, but we need to know, we need to have people that have a basic grasp of the programming basics and cybersecurity requirements. And that can turn those things into meaningful actions, obviously in the space domain, things like basic physics and orbital mechanics are also important spaces, not an intuitive domain. So under understanding how things survive on orbit is really critical to making the right design and operational decisions. And I know there's probably a lot, because of this conference. I know there's probably a whole lot of high speed cybersecurity experts out in the audience. And I need those people in the US Space Force. The country is counting on it, but I wouldn't discount having people that are just cyber aware or cyber savvy. I have contracting officers and logisticians and program managers, and they don't have to be high end cybersecurity experts, but they have to be aware enough about it to be able to implement cyber security protections into our space systems. So the skill set is really, really broad. Our adversaries are pouring billions of dollars into designing and fielding offensive and destructive space, cybersecurity weapons. They repeatedly shown really a blatant disregard of safety and international norms for good behavior on orbit. And the cyber security aspects of our space systems is really a key battleground going forward so that we can maintain that. As I mentioned before, peaceful global comments of space, we really need all hands on deck. If you're interested in helping in uniform, if you're interested in helping, not in uniform, but as a government employee, a commercial or civil employee to help us make cyber security more important or more able to be developed for our space systems. And we'd really love to work with you or have you on the team to build that safe and secure future for our space systems. >> Lieutenant General John Thompson, great insight. Thank you for sharing all that awesome stories too, and motivation for the young next generation. The United States Space Force approach to cybersecurity. Really amazing talk, thank you for your time. Final parting question is, as you look out and you have your magic wand, what's your view for the next few years in terms of things that we could accomplish? It's a super exciting time. What do you hope for? >> So first of all, John, thanks to you and thanks to Cal Poly for the invitation and thanks to everybody for their interest in cybersecurity, especially as it relates to space systems, that's here at the conference. There's a quote, and I'll read it here from Bernard Schriever, who was the founder, if you will, a legend in a DoD space, the founder of the Western development division, which was a predecessor organization to Space and Missile System Center, General Schriever, I think captures the essence of how we see the next couple of years. "The world has an ample supply of people "who can always come up with a dozen good reasons "why new ideas will not work and should not be tried, "but the people who produce progress are breed apart. "They have the imagination, "the courage and the persistence to find solutions." And so I think if you're hoping that the next few years of space innovation and cybersecurity innovation are going to be upon a pony ride at the County fair, then perhaps you should look for another line of work, because I think the next few years in space and cybersecurity innovation are going to be more like a rodeo and a very dynamic rodeo as it goes. It is an awesome privilege to be part of this ecosystem. It's really an honor for me to be able to play some small role in the space ecosystem and trying to improve it while I'm trying to improve the chances of the United States of America in a space war fighting environment. And so I thank all of you for participating today and for this little bit of time that you've allowed me to share with you. Thank you. >> Sir, thank you for your leadership and thank you for the time for this awesome event, Space and Cyber Cybersecurity Symposium 2020, I'm John Furrier on behalf of Cal Poly, thanks for watching. (mellow music)

>> from Bahrain. It's the Q recovery AWS Public sector Bahrain brought to you by Amazon Web service is >> welcome to the cues conversation here. You're in Bahrain for Amazon Webster, is this summit our second summit? Um, here. Big news. Amazon Web services announced the availability of the region in the Middle East. I'm here with the chief of Public Sector Theresa Cross and vice President of Worldwide Public Sector. This is a huge milestone. This event one just in terms of the event. The interest across multiple countries in the region. Yes. And you have a new region with multiple availability zones? Yes, up and running. Congratulations. >> Hey, we launched the confetti today and yes, we're open for business and we do. It's a hyper scale region with three available the zones and lots of activity already here in the delays. But it really is a substantial kind of milestone because we started this sometime back in the Middle East, was one of the top regions around the world requested by our partners and customers. And now here we are. >> We've been talking with you for many, many years and I love interviewing you, but this one to me feels like it's not the weight off your shoulders. It's you're at the start line of another marathon. You've achieved so much with this because what's the first thing about Bart Rainey? We've reported on this on Select Angle and our other sites is that you get a lot of work here, is not just turning on a region. There's a lot of government commitment cloud first, full modernization, fintech banking systems, a full re platforming of a government and society and Amazons powering a lot of it and causing a lot of economic growth. So this is a big deal. >> It really is a big deal because, like you said, it really is about digital transformation here. And when I met the crown Prince in 2014 we had this conversation about really creating the economy here in a different way because Bob terrain itself, it's not oil rich country, but a smaller country with lots and lots of tourism. But in this region, while we haven't based here in Bahrain, this is truly a Middle East GCC region and but But part of that, the reason to start it here in my reign was that they really did take a lead in government transformation. As you heard them say, they're going all in shake Some on today talked about government is moving really fast, and they actually did the hard work to think about their telecommunications industry, their government regulations. They started with cloud first, and then they created all the write regulations to make this happen. So it is kind of phenomenal how quickly, in some ways, you know, feel slower than we'd like, But it's really moving quite fast. >> It's pretty fast. You should get a lot of kudos for that. I think you will. But I think to me what's interesting. The news here is that there is a balance between regulation and innovation going on, and regulation can be hampering innovation, some cases and not enough regulation. You have a Facebook situation or >> right so >> it's a balance. These guys have done it right. But to me, the tell sign is the fintech community, >> because that's where >> the money is. The central bank and then the ABC bank are all talking about a pea eye's all in with Amazon that's gonna create an ecosystem for innovation. Startups, et cetera. >> It totally isn't you heard Thean Vivid Jewel from ABC Bank today talk about their platform. What they're doing with clouds and the reason they chose a DBS was because we had this region of Bob Terrain, and they wanted to move quickly in. The regulations now have been updated in a way that actually allows them to do their banking applications in the lab. There's also a startup accelerator here, Fintech May, and they're doing a tenant work with new types of financial applications. So it's so exciting to see this kind of happening than the lace for I think a lot of people thought it would be much slower. We have a ways to go. It's still day one, for sure, but all the building blocks are getting there in the right place to really make this happen. >> You know, 80. Jessie's quoting the announcement you guys had just a couple weeks ago. Laura Angel And in July, the clouds of chance unlocked digital transmission. Middle East, says Andy chassis. Obviously unlocking is a key word because now you have customers from startups to large enterprises and ecosystem of a P M party. So the Ap N Group is here. Yes, So you have global I SUV's here and knew I s V's. You got the government and the education and to me, the news of the show. To me at least maybe it's not the big news, but is that you guys? They're offering a computer like a cloud computing degree. Yeah, for the first time about that news, >> you are right in terms of kind of every sector's picking at, but like in most places around the world, this is not unique. We need skills, and we've got to make sure that we're teaching the skills, working backwards from what the employer needs, like a TVs. So what? We've been here. We announced today we're launching our first cloud computing degree at the university of our terrain, and they're kind of thing. That's really unusual, John. They're going to do a phase one where they offer a cloud certification starting in early 2021 every program at the University of Bahrain, Whether you're in finance or banking, or business or health care or law, you can do this cloud computing certification, which gets you going and helps you understand how you last cloud in your business and then in the fall will be announcing the four year starting, the four year cloud computing degree, and that is in conjunction with our A DBS Educate program. And it will be all the right cloud skills that are needed to be successful. >> Talk about the demographics in this country because one of the things that's coming up is when I talk people in the doorways and it's a chance to talk to some local folks last night that that all in an Amazon, the theme is this. This younger generation yes, is here, and they have different expectations. They all want to work hard. They don't want to just sit back on their laurels and rest on their on their location. Here. They want to build companies they want to change. This is a key factor in the bottle rain modernization. Is that >> Yeah, generation well, all across the Middle East. The thing that's unique about the mill aces, the very young population you had millions of gamers across the Middle East as an example that comic con and Saudi like two years ago on that was one of the most popular things was fortnight. As soon as the region got at all the different gaming started taking place. But we want to create a culture of builders here, and the way you do that is what you said, John putting it into their hands, allowing these young people have the tools create a startup became entrepreneur, but they need to have access to these tools. And sometimes capital is often not that easy to get. So they want to make sure that the capital that they're given or that they have, whether it's bootstrap capital or venture capital, fending or whatever friends and family, they want to make sure that they can use that capital to the greatest advantage to build that company out. And I truly believe that this is gonna help them having an eight of us cloud region. I mean, you saw. Today we have 36 companies that launched their offering in the region on the day we actually announced so that they had specific offerings for the Middle East, which pretty exciting. I mean, that's a lot on day one. >> I mean, it's still day. One of you guys always say, but literally day one they were launching Yeah, I wanted to comment if you could just share some insights. I know, Um, your passion for, you know, entrepreneurship. You guys are also some skill development investing a lot of women in tech power panel this morning, there's major change going on. You guys were providing a lot of incentives, a lot of mentoring, this internships in conjunction with by rain. There's a lot of good things. Share some of the new things that you're working on, maybe deals you're talking about doing or >> way announced Thio kind of new things today. One is we have our we partake program, which I'm, of course, super passionate about. And that is about preventing tech learning and skills to women and underserved in representative communities. So we announced three other training programs here across the Middle East time. So those were put up today and you'll continue to see its role more and more of those out. And the other thing we did yesterday we announced a internship program with the minister of Youth here in Bahrain. That was shaped Nassir, who's a very famous He's that King san, and he's a very famous sportsmen. He does. He just won the Ironman Ironman and 2016. It was the world champion. He does endurance horse racing, so he's a He's a someone that the youth look at to here, and so he's doing all these programs. So we announced a partnership that were the first group doing the internship with this youth program, and so we're very excited. We're going to start that small and scale it, but we want to get these young people quickly and kind of get them excited. But here, what they focus on it is underrepresented communities. So it fits so nicely in with what we're doing with our attack. So you have both Oliver training our over 400 online courses that we offer with a dubious education academy. Now degree now our internship program and we protect. So, John, we're just getting going. I'm not saying that this is all will offer, but these are the things that were getting going with, and we need to make sure we also Taylor things like this Ministry of Youth program and sports at to the region in terms of water, their local needs, and we'll make sure that we're always looking >> at the entrance. Just just get him some great experience. Yes, so they can earn and feel good about themselves. This is kind of a key, exactly thing not just getting an internship, >> and it's, I think, locally it will be about teaching them to do that, disagree and commit really have that backbone to build that company and ask all those hard questions. So we're really going to try to indoctrinate them into the Amazon a TVs culture so we can help them be entrepreneurs like we are every day. >> And you got the data center, you got the city, the centers, you get the regions up and running, and architect, it perfectly suits up with people in it. Are you going to staff that with local talent, or is it gonna be Amazonian is coming in? What's the makeup of staff gonna be? What's the >> story? I mean, our goal is to hire as many local talent. We everywhere we go around the world. We want to get local talent because you can't yet if we did, First of all, we don't have enough people in our headquarters to bring folks in here, so we really have to train and educate. But locally, we have an office open here by rain. We haven't Office Open and Dubai and one down Saudi, and that is local talent. I mean, we are trying to use as much local talent and will continue to create that. And that's kind of the point. Jonas talking about the degree working backwards from what the employer needs. We want to give input because we think we also are getting good. Yeah, so we need to get the top. But we need those other individual employers that keep telling us we need more cloud skills to give that input. But, yeah, >> we're going to get a degree, migrate them into the job >> market, right quick like >> and educates. Been doing great. I learned a lot. This is a whole opportunity for people who want to make money, get a job. Amazon Web service is >> It's a place you could either work for us. Work for someone now, like even the government has a >> virus. Make a person tomorrow >> there. Yet >> we had one, >> but the point of being a builder, what we're seeing more and more John are these companies and government entities are building their talent internally. They're not outsourcing everything anymore, and the whole culture at being a builder, not just outsourcing all that. And that's what eight of us really helps all these entities. D'oh is moved quicker by having kind of some in house talent and not outsourcing everything to slow you down. That >> really thank ABC pointed that out beautifully in his point was, Hey, I'm gonna you know, I'm all in on AWS. We have domain expertise, We have data. That's our intellectual property. We're going to use that and be competitive and partner. And >> yes, and the new models it is. And that I p stays in house with that company or entity or government organization. It was so fun for me today to hear Shake some on from Maggie. A talk about the government is moving fast, and I think that's an example of a really are they figured out clown helps him just go a lot faster and save many security. >> I'm glad you brought that up. I know you got a short time here, but I want one last point in. We've been talking a lot about modernization of government, your success with C i a United States jet I contract still under consideration. All this going on you're experiencing by ranges and, um, unbelievable, fast moving government. They kind of get it. United States some places gets it. This is really about focusing in on the workloads. What have you learned? As you've been engaging these modernization efforts with governments summer slow, some of political ramifications behind. No one wants to lose. Old guard will hold onto the rails. We've seen that in the news, but this is coming fast. What are you learning? What do you >> take away its leadership? I mean, at the end of the day, all these things were driven by a very strong leaders. And even you can see everybody today on stage. It is leaders that make a decision that they wanted a faster and they want to modernize but have the capabilities. No matter if you're the U. S. Department of Defense. Ah, yes. Health and human resource is National Health Service in the UK or RG a hearing by rain, the government's or enterprises that we work with around the world. The key is leadership. And if there's that leader that is really strong and says we're moving, did you actually see organizations move a lot faster if you see people kind of waffle anger. I'm not sure, you know, that's when you can see the slowness. Wow, What I will tell you is from the early days of starting this business in 2010 the individuals that always move fastest for the mission owners because the mission owners of whatever the business West at a governmental level or enterprise, they said, we need to keep our mission going. So that's the reason they wanted to walk through this transformation. >> And now, I think, with developers coming in and started to see these employees for these companies saying, No, no, what's the reason why we can't go fast? That's right now a groundswell of pressure you see in both government, public sector and commercial. >> And you saw Mark Allen today on stage talking about security. It iss literally day. Zero thing for us, and the reason a lot of our customers are meeting faster now is because of security. Cloud is more secure in their meeting to the cloud for security because they feel like they could both optimize, move faster for workloads, and now they have security. Better, faster, cheaper security, bad design, >> Theresa always pleasure thinking coming. Spending time. Thank >> you for coming to Barbara Ryan. Thank you. So >> we're going global with you guys is seeing the global expansion 20 to 22nd region. 69 availabilities owns nine more coming. More regions. More easy. You guys doing great. Congratulations. >> Thank you. >> Secure. We are here in Bahrain. Form or coverage. Global coverage of the cube with Reese Carlson, vice president of worldwide public sector. She's running the show doing a great job. We're here more after the stroke break. Stay with us.

(upbeat music) >> Live, from Washington DC. It's theCUBE. Covering AWS Public Sector Summit. Brought to you by Amazon Web Services. >> Welcome back everyone to theCUBE's live coverage of the AWS Public Sector Summit here in Washington DC. I'm your host Rebecca Knight, co-hosting alongside of John Furrier. We are excited to welcome to the program, General Keith Alexander former NSA Director, the first Commander to lead the US Cyber Command, Four-star General with a 40 year career. Thank you so much for coming theCUBE, we are honored, we are honored to have you. >> It is an honor to be here. Thank you. >> So let's talk about cyber threats. Let's start there and have you just give us your observations, your thoughts on what are the most pressing cyber threats that keep you up at night? >> Well, so, when you think about threats, you think about Nation States, so you can go to Iran, Russia, China, North Korea. And then you think about criminal threats, well all the things like ransomware. Some of the Nation State actors are also criminals at night so they can use Nation State tools. And my concern about all the evolution of cyber-threats, is that the attacks are getting more destructive, the malware has more legs with worms and the impact on our commercial sector and our nation, increasingly bigger. So you have all those from cyber. And then I think the biggest impact to our country is the theft of intellectual property, right. That's our future. So you look out on this floor here, think about all the technical talent. Now imagine that every idea that we have, somebody else is stealing, making a product out of it, competing with us, and beating us. That's kind of what Huawei did, taking CISCO code to make Huawei, and now they're racing down that road. So we have a couple of big issues here to solve, protect our future, that intellectual property, stop the theft of money and other ideas, and protect our nation. So when you think about cyber, that's what I think about going to. Often times I'll talk about the Nation State threat. The most prevalent threats is this criminal threat and the most, I think, right now, important for us strategically is the theft of intellectual property. >> So why don't we just have a digital force to counter all this? Why doesn't, you know, we take the same approach we did when we, you know, we celebrated the 75th anniversary D-day, okay, World War II, okay, that was just recently in the news. That's a physical war, okay. We have a digital war happening whether you call it or not. I think it is, personally my opinion. I think it is. You're seeing the misinformation campaigns, financial institutions leaving England, like it's nobody's business. I mean it crippled the entire UK, that like a big hack. Who knows? But its happening digitally. Where's the forces? Is that Cyber Command? What do you do? >> So that's Cyber Command. You bring out an important issue. And protecting the nation, the reason we set up Cyber Command not just to get me promoted, but that was a good outcome. (laughing) But it was actually how do we defend the country? How do we defend ourselves in cyber? So you need a force to do it. So you're right, you need a force. That force is Cyber Command. There's an issue though. Cyber Command cannot see today, attacks on our country. So they're left to try to go after the offense, but all the offense has to do is hit over here. They're looking at these sets of targets. They don't see the attacks. So they wouldn't have seen the attack on Sony. They don't see these devastating attacks. They don't see the thefts. So the real solution to what you bring up is make it visible, make it so our nation can defend itself from cyber by seeing the attacks that are hitting us. That should help us protect companies in sectors and help us share that information. It has to be at speed. So we talk about sharing, but it's senseless for me to send you for air traffic control, a letter, that a plane is located overhead. You get it in the mail seven days later, you think, well-- >> Too late. >> That's too late. >> Or fighting blindfolded. >> That's right. >> I mean-- >> So you can't do either. And so what it gets you to, is we have to create the new norm for visibility in cyber space. This does a whole host of things and you were good to bring out, it's also fake news. It's also deception. It's all these other things that are going on. We have to make that visible. >> How do you do that, though? >> What do you do? I do that. (laughing) So the way you do it, I think, is start at the beginning. What's happening to the network? So, on building a defensible framework, you've got to be able to see the attacks. Not what you expect, but all the attacks. So that's anomaly detection. So that's one of the things we have to do. And then you have to share that at network speed. And then you have to have a machine-learning expert system AI to help you go at the speeds the attacker's going to go at. On fake-news, this is a big problem. >> Yeah. >> You know. This has, been throughout time. Somebody pointed out about, you know, George Washington, right, seven fake letters, written to say, "Oh no, I think the King's good." He never wrote that. And the reason that countries do it, like Russia, in the elections, is to change something to more beneficial for them. Or at least what they believe is more beneficial. It is interesting, MIT has done some studies, so I've heard, on this. And that people are 70% more like to re-Tweet, re-Tweet fake news than they are the facts. So. >> Because it's more sensational, because it's-- >> That's food. It's good for you, in a way. But it's tasty. >> Look at this. It's kind of something that you want to talk about. "Can you believe what these guys are doing? "That's outrageous, retweet." >> Not true. >> Not true. Oh, yeah, but it makes me mad just thinking about it. >> Right, right. >> And so, you get people going, and you think, You know, it's like going into a bar and you know, you go to him, "He thinks you're ugly." and you go to me, and you go, "He thinks you're ugly." (laughs) And so we get going and you started it and we didn't even talk. >> Right, right. >> And so that's what Russia does. >> At scale too. >> At scale. >> At the scale point. >> So part of the solution to that is understanding where information is coming from, being able to see the see the environment like you do the physical environment at speed. I think step one, if I were to pick out the logical sequence of what'll happen, we'll get to a defensible architecture over the next year or two. We're already starting to see that with other sectors, so I think we can get there. As soon as you do that, now you're into, how do I know that this news is real. It's kind of like a block-chain for facts. How do we now do that in this way. We've got to figure that out. >> We're doing our part there. But I want to get back to this topic of infrastructure, because digital, okay, there's roads, there's digital roads, there's packets moving round. You mentioned Huawei ripping off CISCO, which takes their R and D and puts it in their pockets. They have to get that. But we let fake news and other things, you've got payload, content or payload, and then you've got infrastructure distribution. Right, so, we're getting at here as that there are literally roads and bridges and digital construction apparatus, infrastructure, that needs to be understood, addressed, monitored, or reset, because you've had email that's been around for awhile. But these are new kinds of infrastructure, but the payload, malware, fake news, whatever it is. There's an interaction between payload and infrastructure. Your thoughts and reaction to that as a Commander, thinking about how to combat all this? >> I, my gut reaction, is that you're going to have to change, we will have to change, how we think about that. It's not any more roads and avenues in. It's all the environment. You know, it's like this whole thing. Now the whole world is opened up. It's like the Matrix. You open it up and there it is. It's everything. So what we have to do is think about is if it's everything, how do we now operate in a world where you have both truths and fiction? That's the harder problem. So that's where I say, if we solve the first problem, we're so far along in establishing perhaps the level so it raises us up to a level where we're now securing it, where we can begin to see now the ideas for the pedigree of information I think will come out. If you think about the amount of unique information created every year, there are digital videos that claim it's doubling every year or more. If that's true, that half of, 75% of it is fiction, we've got a big road to go. And you know there is a lot of fiction out there, so we've got to fix it. And the unfortunate part is both sides of that, both the fiction and the finding the fiction, has consequences because somebody says that "A wasn't true, "That person, you know, they're saying, he was a rapist, "he was a robber, he was a drugger," and then they find out it was all fake, but he still has that stigma. And then the person over here says, "See, they accused me of that. "They're out to get me in other areas. "They can exclaim what they want." >> But sometimes the person saying that is also a person who has a lot of power in our government, who is saying that it's fake news, when it's not fake news, or, you know what, I-- >> So that's part of the issue. >> It's a very different climate >> Some of it is fake. Some of it's not. And that's what makes it so difficult for the public. So you could say, "That piece was fake, "maybe not the other six." But the reality is, and I think this is where the media can really help. This is where you can help. How do we set up the facts? And I think that's the hardest part. >> It's the truth. >> Yeah, yeah. >> It's a data problem. And you know, we've talked about this off camera in the past. Data is critical for the systems to work. The visibility of the data. Having contextual data, the behavioral data. This gets a lot of the consequences. There's real consequences to this one. Theft, IP, freedom, lives. My son was video-gaming the other day and I could hear his friends all talking, "What's your ping start word? "What's your ping time? "I got lag, I'm dead." And this is a video game. Military, lagging, is not a game. People are losing their lives, potentially if they don't have the right tactical edge, access to technology. I know this is near and dear to your heart. I want to get your reaction. The Department of Defense is deploying strategies to make our military in the field, which represents 85% infantry, I believe, some statistic around that number, is relying on equipment. Technology can help, you know, that. Your thoughts on, the same direction. >> Going to the Cloud. Their effort to go to the Cloud is a great step forward, because it addresses just what you're saying. You know, everybody used to have their own data centers. But a data center has a fixed amount of computational capability. Once you reach it, you have to get another data center, or you just live with what you've got. In the Cloud if the problem's bigger, elasticity. Just add more corridors. And you can do things now that we could never do before. Perhaps even more importantly, you can make the Clouds global. And you can see around the world. Now you're talking about encrypted data. You're talking about ensuring that you have a level of encryption that you need, accesses and stuff. For mobile forces, that's the future. You don't carry a data center around with an infantry battalion. So you want that elasticity and you need the connectivity and you need the training to go with it. And the training gets you to what we were just talking about. When somebody serves up something wrong, and this happened to me in combat, in Desert Storm. We were launched on, everybody was getting ready to launch on something, and I said, "This doesn't sound right." And I told the Division Commander, "I don't agree. "I think this is crazy. "The Iraqis are not attacking us down this line. "I think it's old news. "I think somebody's taken an old report that we had "and re-read it and said oh my God, they're coming." And when we found out that was a JSTARS, remember how the JSTARS MTI thing would off of a wire, would look like a convoy. And that's what it was. So you have to have both. >> So you were on the cusp of an attack, deploying troops. >> That's right. >> On fake information, or misinformation, not accurate-- >> Old information. >> Old information. >> Old information. >> Old, fake, it's all not relevant. >> Well what happens is somebody interprets that to be true. So it gets back to you, how do you interpret the information? So there's training. It's a healthy dose of skepticism, you know. There are aliens in this room. Well, maybe not. (laughing) >> As far as we know. >> That's what everybody. >> But what a fascinating anecdote that you just told, about being in Desert Storm and having this report come and you saying, "Guys, this doesn't sound right." I mean, how often do you harken back to your experience in the military and when you were actually in combat, versus what you are doing today in terms of thinking about these threats? >> A lot. Because in the military, when you have troops in danger your first thought is how can I do more, how can I do better, what can I do to get them the intelligence they need? And you can innovate, and pressure is great innovator. (crunching sound) And it was amazing. And our Division Commander, General Griffith, was all into that. He said, "I trust you. "Do whatever you want." And we, it was amazing. So, I think that's a good thing. Note that when you go back and look at military campaigns, there's always this thing, the victor writes the history. (laughing) So you know, hopefully, the victor will write the truthful history. But that's not always the case. Sometimes history is re-written to be more like what they would like it to be. So, this fake news isn't new. This is something where I think journalists, historians, and others, can come together and say, "You know, that don't make sense. "Let's get the facts." >> But there's so much pressure on journalists today in this 24-hour news cycle, where you're not only expected to write the story, but you're expected to be Tweeting about it, or do a podcast about it later, to get that first draft of history right. >> So it may be part of that is as the reporter is saying it, step back and say, "Here's what we've been told." You know, we used to call those a certain type of sandwich, not a good-- (laughing) If memory serves it's a sandwich. One of these sandwiches. You're getting fed that, you're thinking, "You know, this doesn't make sense. "This time and day that this would occur." "So while we've heard this report. "It's sensational. "We need to go with the facts." And that's one of the areas that I think we really got to work. >> Journalism's changing too. I can tell you, from we've talked, data drives us. We've no advertising. Completely different model. In-depth interviews. The truth is out there. The key is how do you get the truth in context to real-time information for those right opportunities. Well, I want to get before we go, and thanks for coming on, and spending the time, General, I really appreciate it. Your company that you've formed, IronNet, okay, you're applying a lot of your discipline and knowledge in military cyber and cutting-edge tech. Tell us about your company. >> So one of the things that you, we brought up, and discussed here. When I had Cyber Command, one of the frustrations that I discussed with both Secretary Gates and Secretary Panetta, we can't see attacks on our country. And that's the commercial sector needs to help go fix that. The government can't fix that. So my thought was now that I'm in the commercial sector, I'll help fix the ability to see attacks on the commercial sector so we can share it with the government. What that entails is creating a behavioral analytic system that creates events, anomalies, an expert system with machine-learning and AI, that helps you understand what's going on and the ability to correlate and then give that to the government, so they can see that picture, so they have a chance of defending our country. So step one is doing that. Now, truth and lending, it's a lot harder than I thought it would be. (laughing) You know, I had this great saying, "Nothing is too hard "for those of us who don't have to do it." "How hard can this be?" Those were two of my favorite sayings. Now that I have to do it, I can say that it's hard, but it's doable. We can do this. And it's going to take some time. We are getting traction. The energy sector has been great to work with in this area. I think within a year, what we deploy with the companies, and what we push up to the Cloud and the ability to now start sharing that with government will change the way we think about cyber security. I think it's a disruptor. And we have to do that because that's the way they're going to attack us, with AI. We have to have a fast system to defend. >> I know you got to go, tight schedule here, but I want to get one quick question in. I know you're not a policy, you know, wonk, as they say, or expert. Well, you probably are an expert on policy, but if we can get a re-do on reshaping policy to enable these hard problems to be solved by entrepreneurs like yourself expertise that are coming into the space, quickly, with ideas to solve these big problems, whether it's fake news or understanding attacks. What do the policy makers need to do? Is it get out of the way? Do they rip up everything? Do they reshape it? What's your vision on this? What's your opinion? >> I think and I think the acting Secretary of Defense is taking this on and others. We've got to have a way of quickly going, this technology changes every two years or better. Our acquisition cycle is in many years. Continue to streamline the acquisition process. Break through that. Trust that the military and civilian leaders will do the right thing. Hold 'em accountable. You know, making the mistake, Amazon, Jeff Bezos, says a great thing, "Go quickly to failure so we can get "to success." And we in the military say, "If you fail, you're a dummy." No, no, try it. If it doesn't work, go on to success. So don't crush somebody because they failed, because they're going to succeed at some point. Try and try again. Persevere. The, so, I think a couple of things, ensure we fix the acquisition process. Streamline it. And allow Commanders and thought leaders the flexibility and agility to bring in the technology and ideas we need to make this a better military, a better intelligence community, and a better country. We can do this. >> All right. All right, I'm thinking Rosie the Riveter. We can do this. (laughing) >> We can do it. Just did it. >> General Alexander, thank you so much for coming on the show. >> Thank you. >> I'm Rebecca Knight for John Furrier. Stay tuned for more of theCUBE. (electronic music)

>> Announcer: Live from Washington D.C. It's theCUBE! Covering AWS Public Sector Summit. Brought to you by Amazon Web Services. >> Welcome back everyone to theCUBE's live coverage of AWS Public Sector here in beautiful Washington D.C. Springtime in D.C., there's no better time to be here. I'm your host, Rebecca Knight, co-hosting along with John Furrier, always so much fun to work with you. >> Great to see you. >> And this is a very exciting event for you in particular 'cause you've been doing a lot of great reporting around the modernization of IT in government. I'd love to have you just start riffing, John. What's on your mind right now coming into this show? What are some of the questions that're burning? >> I mean clearly the most important story that needs to be told and is being talked about here in D.C. in the tech world is, for this show specifically, is the JEDI contract, the Joint Enterprise Defense Initiative. It's a word that's not being kicked around at this show because-- >> Rebecca: Nothing to do with Star Wars. >> It's literally the elephant in the room because the contract's been waiting, Oracle's been dragging it on and Oracle's been part of apparently, my opinion from my reporting, is involved in some dirty under-handed tactics against Amazon. But it's being delayed because they're suing it. And Oracle's out. They have no chance of winning the deal, it's really Microsoft and Amazon are going to get a lion's share of the business. So you have, that's the biggest story in tech in D.C. in a long time, is the role of cloud computing is playing in reshaping how government, public sector operates. Combine that with the fact that a new generation of workers are coming in who have no dogma around IT technology, how it's bought or consumed and purchased, and the overcharging that's been going on for many many years, it's been called the Beltway Bandits for a reason because of the waste and sometimes corruption. So a new generation's upon us and Amazon is the leader in making the change happen. The deal they did with the CIA a few years ago really was the catalyst. And since then, public sector and the government has realized that there's advantages to cloud, not only for operating and serving society and its citizens but also competitiveness on a global scale. So a huge transformation, that's the story we're following. That's the story that we got into from the cloud side of the business here in D.C. and that is just raging and expanding and compounded by other factors like Facebook. Irresponsibility in how they managed the data there. Elections were tied in the balance. You're seeing Brexit in the UK. You're seeing counter-terrorism organizations using the dark web and other cyber security challenges at the United States. Literally digital war is happening so a lot of people, smart people, have recognized this and it's now for the first time coming out. >> Right, and I think the other thing that we're also starting to talk much more about is the regulation. I know that you're friendly with Kara Swisher and she bangs on about this all the time. But then she said in a column the other day the problem is is that they're now guns ablazing but do they really understand it? And also, is it too feeble, too little too late? >> I mean, Kara Swisher nailed her story in the New York Times and opinion piece. And I've had similar opinions. Look it. She's been around for a long time, I've been around for a long time. I remember when Bill Clinton was president, that's when the internet was upon us, the Department of Commerce did a good job with the domain name system, they shepherded the technology and they brought it out in a way that was responsible and let government and industry have a nice balancing act with each other and the government really didn't meddle too much. But there was responsibility back then and it wasn't moving as fast. So now you look at what's happening now, the government can't just not ignore the fact that YouTube is, in essence, its own state. And it's acting irresponsibly with how they're handling their situation. You got Facebook run by a 30-something-year-old, which essentially could be as large as a government. So there's no ethics, there's no thinking behind some of the consequences that they've become. So this begs the question, as a technology hock myself, I love tech, never seen tech I didn't like. I mean I love tech. But there's a point where you got to get in there and start shaping impact on ethics and society and we're seeing real examples of how this can wildfire out of control, how tech has just become uncontrollable in a way. >> Yes, no absolutely. And so who is going to be the one to do that? I know that on the show later you're going to be talking to Jay Carney who was obviously in the Obama administration, now here at AWS. It's a well-worn path from the public sector to technology. Susan Molinari, a couple of other, David Plouffe. That is the thing though, that these people really need to get it. Before they can lay down regulations and laws. >> Again, back to why we're here and stories we're trying to tell and uncover and extract is I think the big story that's emerging from this whole world is not just the impact of cloud, we talked about that, we're going to continue to cover that. It's the societal impact and this real there there, there's the intersection of public policy and technology and science where you don't have to be a programmer, you can be an architect of change and know how it works. Then being a coder and trying to codify a government or society. I think you're going to see a new kind of skillset emerge where there's some real critical thinking into how technology can be used for good. You're seeing the trends, Hackathon For Good here, you're seeing a lot of different events where you have inclusion and diversity, bringing more perspectives in. So you got the perfect storm right now for a sea change where it won't be led by the nerds, so to speak, but geeky digital generations will change it. I think that's going to be a big story. Not just workforce changeover but real disciplines around using machine-learning for ethics, societal impact. These are the storylines. I think this is going to be a big long 10-year, 20-year changeover. >> But what will it take though? For the best and the brightest of the nerds to want to go into public service rather than go work for the tech behemoths that are making these changes? I mean that's the thing, it's a war for talent and as we know and we've discussed a lot on theCUBE, there's a big skills gap. >> I think it's been talked about a lot on the web, the millennials want to work for a company that's mission-based. What more mission-based can you look for than so unto our public service right now? John F. Kennedy's famous line, "Ask not what your country can do for you, "what you can do for you country." That might have that appeal for the younger generation because we need it! So the evidence is there and you look at what's going on with our government. There's so many inefficiencies from healthcare to tax reform to policies. There's a huge opportunity to take that waste, and this is what cloud computing and AI and machine-learning can do, is create new capabilities and address those critical waste areas and again, healthcare is just one of many many many others in government where you can really reduce that slack with tech. So it's a great opportunity. >> And where would you say, and I know you've been reporting on this for a long time, where is the government in terms of all of this? I remember not very long ago when healthcare.gov was rolled out and it was revealed that many agencies were still using floppy disks. The government is, first of all is not this monolithic thing, it's many different agencies all with their own tech agendas and with their own processes and policies. So where do you place the government in terms of its modernization right now? >> On the elected officials side, it's weak. They're really not that smart when it comes to tech. Most of the people that are involved in the elected side of the Hill are either lawyers or some sort of major that's not technical. So you can see that with Sundar Pichai from Google and Mark Zuckerberg's testimony when the basic kind of questions they're asking, it's almost a joke. So I think one, the elected officials have to become more tech-savvy. You can't regulate and govern what you don't understand. I think that something that's pretty obvious to most digital natives. And then on the kind of working class, the Defense Department and these other agencies, there's real people in there that have a passion for change and I think there's change agents, Amazon's done really well there. I think that is a piece where you're going to see a movement, where you're going to see this digital native movement where people going to be like, "There's no excuse not to do this right." And I think there's new ways to do it, I think that's going to change. So that's that. On the business side, to how the government procures technology is literally like the '80s, it's like that movie "Hot Tub Time Machine" where you get thrown back. Everything is based on 1980s procurement, 1990s procurement. I mean, shipping manuals. So all these things have to change. How do you procure cloud? If you got to go through a six-month procurement process just to spit up some servers, that's not agility. So procurement's got to change. Competitiveness, what does that mean? This Oracle deal with JEDI highlights a lot of flaws in the government. Which is Oracle's using these rules around procurement to try to stall Amazon, it's kind of like a technicality but it's so irrelevant to the reality of the situation. So procurement has to change. >> Well one of the things you said about how there's a lot of pressure to get it right. And that is absolutely true because we are dealing with national security issues, people's lives, health, these really important topics. And yet the private sector doesn't always get it right the first time either. So how would you describe the government, the federal approach to how they start to implement these new technologies and experiment with other kinds of tools and techniques? >> Well I think there's obviously some agencies that have sensitive things. CIA's a poster child in my opinion of how to do it right. The JEDI, Department of Defense is emulating that and that's a good thing. The Department of Defense is also going multicloud as they put out in their statement. Amazon for the JEDI piece which is for troops in the field. I think that every agency's going to have its own workload and those workloads should decide which cloud to use based upon the architecture of the workload. 'Cause the data needs to be in the cloud, it needs to be real time. And to take the military example, you can't have lag in military, it's not a video game, it's real life, people die. Lag can literally kill people in the field. So technology can be a betterment there but technology to avoid fighting is another one. So you have all these things going on, I think the government's got to really design everything around the workload, their mission, their applications, rather than designing around here's your infrastructure, then decide. >> One of the things we talk about all the time, almost ad nauseam, on theCUBE is digital transformation. And so how do you think about those two, private sector versus public sector? What are the big differences in terms of these institutions on their own journeys of digital transformation? >> I think the government's slower. That's an easy one to talk about. I think there's a lot of moving parts involved, you mentioned some of the procurement things, so a lot of processes. It's the same kind of equation. People process technology, except the people that process is much more complicated on the public sector side than private sector, unless it's a big company. So imagine the biggest company in the private sector side, multiply that times a hundred, that's the government. So in each agency there's a lot of things going on there. But it's getting better. I think cloud has shown that you can actually do that, the people side of things going to be addressed by this new migration of new generation of people coming in saying, "I don't really care how you did it before, "this is how we're going to do it today." The processes are going to be optimized so there's some innovation around process improvement that's going to end on the wayside and the technology everyday is coming faster and faster. Recognition, facial recognition software. Look at that. AI. These are things that are just undeniable now, they have to be dealt with. What do you do to privacy? So again, back to process. So people process technology. >> AWS is a behemoth in cloud computing. What do you want to be hearing here at this conference? They're so far ahead of Google and Microsoft but we cannot count those two companies out, of course not. But what are you looking for for key messaging at this show? >> Well I'm looking forward to seeing Andy Jassy's Fireside Chat with Teresa Carlson tomorrow. I'm interested in some of the use cases coming out of Teresa Carlson's top customers in public sector, again it's global public sector so it's not just in North America here in the United States. I'm interested in also understanding what's real and what's not real around the fear, uncertainty and doubt that a lot of people have been putting on Amazon. Because I see Amazon posturing in a way that's saying go faster, make change and it's not so much that they want to monopolize the entire thing, they're just moving faster. And I think Andy Jassy yesterday saying that they welcome regulation is something that they're trying to push the regulators on. So I think they welcome change. So I want to understand if Amazon really wants to go faster or is there an agenda there. (laughs) What's going on? >> I know, methinks these tech titans are asking for a little too much regulation right now. I mean obviously Mark Zuckerberg has also said, "Please regulate us, I can't do this alone." And here we have Andy Jassy yesterday saying those same things. >> Andy Jassy said on stage yesterday with Kara Swisher, "We can't arrest people." So if their tech goes bad, they're only beholden to the consequences as a private entity. They're not the law so this is where again, back to top story here is that, what is the role of government? This change is here. It's not going away, it's only going to get faster. So the sooner the elected officials and all the agencies get out in front of the digital transformation, the sooner the better. Otherwise it's going to be a wrecking ball. >> Well I cannot wait to dig into more of this over the next two days with you, here at AWS Public Sector. >> All right. >> I'm Rebecca Knight for John Furrier, you are watching theCUBE. (upbeat music)

>> live from London, England. It's the queue covering a ws summat. London twenty nineteen Brought to you by Amazon Web services. >> Thiss really is huge, >> isn't it? David >> London is my co star today on the Cube. We're going to be extracting the signal from the noise and there is a lot of noise. Just trying to register. Here was an event in itself, and one guy in the queue with me earlier said, You know, this is like an army of young technologist backing one particular platform, and we've had the main keynote speeches already in the conference hall. There are breakout sessions going on as well as we speak. And in those keynote speeches, it really wants the focus again on Hey I and machine learning and a huge array of services that eight of us now provide. Because, of course, every tech company, every company is a tech company these days. Where do you work in transportation or defense or retail? Let's talk >> about Dave a little bit about a ws and the exponential growth that it's seen over the past two years because it just keeps on getting bigger and you could see testament really out there just so many people here. >> You know, Susannah, when a WS announced its first service in two thousand six, very quietly announced E C, too, which is a computer service. Nobody really paid much attention. But a devious has permanently changed the landscape of the of the technology business. And we're here in London twelve thousand people at a one day summit. I mean, that's his large as many or or larger than most U. S based three day conferences. >> And there are many thousands more watching the life streaming as well, >> right? And when you talk to the people here, they're a division. First of them has builders, and it was interesting to hear some of the key knows this morning talking about some of the innovations that occurred in the UK he obviously UK, very prideful country. The first lights in electric lights work the Savoy Theatre, the Colossus, you know, Code breaker and many, many others. Home computing originated in the UK It so a diverse are connecting that invention and that what they call reinvention. Eight of us talks about his differentiation. The number of regions that it has around the world believe they said twenty one regions, sixty for availability zones, which are little, many regions inside of the regions. In case there's a problem, you can fail over fourteen database services. You know what's happening is all the traditional tea, which is eighty percent of the market place, trying to sort of hang on to their legacy install basis. So they're trying to substantially mimic eight of us. The problem is, eight of us moves faster, has more services, and it's just growing at such a phenomenal rate. >> And it's really kind of bottom up. A CZ. Well, it's so got that head start. So it's learning from its current customers and those it's had in the past, really to find out what new services they want that has his wealth of data ofthe gods to build on it, doesn't it? So every it seems every month it's it's another step ahead. >> Well, the data is critical. Amazon. Is it a dogfight? I always say, for your data with Google and Microsoft and Oracle, they all want your data. Why? Because data is the most valuable resource today, right? People talk about data is the new oil. We think data is more valuable than oil. You could put oil in your car. You can put in your house, but you can't put it in. Both data is reusable in a way that we've never seen a natural resource before. So it's extremely powerful applying machine intelligence to data. So Amazon knows if it can get your data into the cloud and do so cost effectively and deliver services that make you happy and delight you that they have a perpetual business model that's really unbeatable. The company now is at a thirty billion dollars run rate, growing at a constant currency rate of forty two percent per year. No people will say, Well, well, Microsoft is going faster. Microsoft is growing at seventy two percent here, but it's a much, much smaller base we're talking about single digit, a few billion versus thirty billion. So Amazon each year is growing at a nine to ten billion dollars incremental rate. Even more importantly, the operating income is phenomenal. I mean, a WS is only twelve percent of Amazon's revenue, but it accounts for fifty percent of its operating income. Hey, Ws is operating income is is in the high twenties, twenty eight twenty nine percent higher than Cisco, higher than AMC when it when he had seen was a public company. And those air very profitable companies the only companies that are more profitable on a percentage basis that that Amazon a pure place, software companies like an oracle. So Amazon, who's an infrastructure company, is as profitable almost as a software company. It's astounding, >> really interesting to see some of the partners that were invited on. It's about the keynote speeches. For example, Saint spreads so real traditional retailer at a prompter state that they'd be in the business for one hundred fifty years and some would say in many ways a competitive toe. Amazon at marketplace because they sell a vast array of goods and services to the customers. But they talked about how they're using around eighty eight WS services. It's always like a kind of a pic, a mix sweet shop. Or, as you would say, a candy store isn't and I think that's that's some of the benefits that some customers view for A W. S. Some would say, actually, I would prefer all of my product be in one place or the car that access and services in one place. And so is this pick a mix idea that I think really is taking off, isn't it? >> I'm glad you brought up the state's very example because, essentially, in a way, they are in adjacent competitors Teo, eight, of us. And yet they've chosen to put their data. And there's in leverage Amazon services. It's like Netflix. Everybody uses Netflix as the example. I mean, they compete vigorously with with Amazon Prime Video, and yet they choose to run in the age of U. S code. Now this is one of the areas where you heard at the Google Cloud next show a lot of talk about retail companies, you know, considering using Google, because, of course, they're concerned about Amazon eating their lunch. And so it's a hard decision for retail companies to make. Sainsbury obviously has said OK, we can compete. We have a unique advantage with Amazon retail, you know, but it's something worth watching for sure, because, you know, Walmart obviously doesn't wantto run in the eight of us Cloud because it's it's fearful. Ah, at the same time, Amazon would tell you, Auntie Jessie offenses look. There's a brick wall between eight of us and the retail side. We don't share data, so it's just a matter of that. Trade off is the risk of running in a ws er and potentially running at a competitors sight worth the extra value that you get out of the services. And that's what the market has to decide, >> yet certainly does interesting as well. We had the Department of Justice on the UK Department of Justice because they're has beans real concerned about security, about putting all your eggs in one basket effectively put a your data into a club no operated by you. And it does, though seem is, though little by little, some of those security fears are being laid up. Play >> well, there was this. The seminal moment in a WS. His history was in two thousand thirteen, when it won the CIA CIA contract who was more security conscious than the CIA. And they beat Big Blue IBM for that contract way back in two thousand thirteen, and the analysis that came out of that because IBM contested that contract. What came out of that was information that suggested that eight of us said the far superior solution forced IBM to go spend two billion dollars on a company called Software to actually get into the public Cloud does. It couldn't really compete with its own sets of services, and since that, Amazon has only accelerated its lead. IBM, of course, has a public cloud, and it's competitive in its own right. But the point is that the CIA determined that security the cloud was better than it could do on Prem. Now you're seeing the big battle for the Jet I contract Joint Enterprise Defensive Initiative. It's the biggest story in DC Amazon is the front runner. It's down the Amazon and Microsoft. Not surprisingly, Oracle has contested that because the government uses these sources from multiple suppliers and there's contesting it, saying, Hey, that's not fair to use one cloud. When a vendor contests Abid, a lot of information comes out. The General Accountability Office and the D. O. D determined that a single cloud was more secure, more reliable, more cost effective and less complex to run. So this is big debate around multi cloud versus single cloud. And again, Amazon continues to lead in the marketplace and in many many instances, is winning >> on DH. There were a few comments made in certainly one of the key notes today, trying to kind of blow the competition out of the water again knows whether a few specific references, in fact, to Oracle and Microsoft >> were right. And so they called the database freedom they had hashtag database freedom again. As they say, Microsoft, IBM, Oracle, Amazon, they're in a fight for your data. That's why Oracle has launched fourteen database services. Now it's not trivial. So Sainsbury and the Ministry of Justice both talked about moving Oracle databases into the eight of us Cloud. It's not trivial. It's much easier for data warehouse and stateless applications for online transaction processing. Things like banking much, much more difficult to migrate into the clouds. So it's interesting. Sainsbury talked about racquets stands for a really application close. There's a very high end, complicated Oracle database that they migrated to Aurora. The Ministry of Justice talked about moving Oracle in tow. RGS, this is a battle I tweeted today earlier, Susana, you pick up the Wall Street Journal is a quarter page ad on the front page. Cut your Amazon bill in half now, of course, what? Oracle doesn't tell you is that they date to X the price when you're running on or on Amazon versus Oracle. So they're playing pricing games. Having said that organism very good database, the best database in the industry, the most reliable. So for mission critical applications, Oracle continues to be the leader. However, Oracle, strong arms people, they'LL, they'LL raise prices, they'LL get you in a headlock and do audits. And that's what Amazon was referring today about Microsoft and Oracle will do out. It's so they position. They tried a D position Oracle as an evil company. The Oracle, of course, so way add value. We have the best database, and they're trying to add value for the customers. Build their own cloud. So it's quite a battle that's going on, and you see the instance. Creation of that battle manifest itself in the general contract. >> Absolutely interesting is well, what we heard from really both states bruise on the Ministry of Justice, really talking about the end users and how they're so different. So for public sector organizations, this isn't about making more money making profit. It's about the experience for the user. But in fact, that came up from Sainsbury's as well, making sure that the right products are with the right part of the store. And that's how a I could help them do that and efficient, usable data they currently have. >> I think every enterprise really wants to have a consumer app like experience, and very few do. I mean, we all know used these enterprise APS from large, you know, brands, and they're often times not that great. So what, you're seeing a closing of the Gap? People see what's happening with Facebook and Instagram and Whatsapp and so forth and say we should be able to have apse that run that simply and so you're seeing that gap clothes. I don't see how you could do that without some kind of public cloud infrastructure because of the massive scale that's required. It's so companies like Saintsbury are moving in that direction. Mobile has been critical for the last decade, and so that's what the consumer wants. That's what the cloud can provide. >> Is that what every consumer wants? Because increasingly, we're hearing a lot more concerned about privacy, that people not wanting to give all of her data across to private companies and do you think this could be dist sticking point ready going forward and could actually hold back the growth all they ws and its competitors >> a great point because you have a problem. Wonder problems. You have this app creep. I can tell you have dozens and dozens and dozens of app on my phone. I don't know if I trust them with the data. So having said that, one way to simplify that is to eliminate the need to do heavy lifting and patching of your infrastructure. Let us take care of that and build value up the stack by focusing re shifting your resource is on on value added services. Could it be a problem? I think no question. When Snowden came out in the U. S. People in Europe for sure. As you know, we're concerned about putting their data in the cloud that seems to have attenuated. I don't hear much about that anymore, you know. But if the NSA can come in and demand access to my data, well, that could be problematic. That's why I ws is putting so much or one reason why they're putting so much emphasis on setting up regions. It not just eight of us, Amazon and Google and Microsoft as well for many reasons. Privacy. GPR compliance on of course, Leighton. See the laws of physics? >> Absolutely. Okay, Dave Melody, thank you very much for being with me here at the age of us. That summit here >> in London at the XL Center there is still so much going on here. Lots of breakout sessions, many more kind of individual keynotes taking place with the various different subsections. Although the A W s business and also its partners. So we will be keeping across all of those on the Cube. Thanks for watching.

>> Live from Washington DC, it's theCUBE. Covering AWS Public Sector Summit 2018. Brought to you by Amazon Web Services and its ecosystem partners. >> Hello everyone, welcome back. It's theCUBE's exclusive coverage. We're here in Washington, D.C. for live coverage of theCUBE here at Amazon Web Services, AWS Public Sector Summit. This is the re-invent for the global public sector. Technically they do a summit but it's really more of a very focused celebration and informational sessions with customers from Amazon Web Services, GovCloud, and also international, except China, different world. John Furrier, Dave Vellante here for our third year covering AWS Public Sector Summit and again our next guest is Max Peterson, the Vice President of International Sales Worldwide for public sector data, Max, good to see you, thanks for coming back. >> It's good to see you again, John, thank you. >> So, we saw you at dinner last night, great VIP Teresa Carlson dinner last night, it's a who's who in Washington, D.C., but also international global public sector. >> Absolutely. >> And so, I want to get your thoughts on this, because AWS is not just in D.C. for GovCloud, there's a global framework here. What's goin' on, what's your take on how this cloud is disrupting the digital nations, and obviously here at home in D.C.? >> Well, John, so first of all, I love your description of this as a celebration, because really that's one of the things that we do, is we celebrate customer success, and so when you look at AWS around the world, we've got customers that are delivering solutions for citizens, new solutions for healthcare, a great solution to education all around the world. In Europe, we serve all those customers from London, Ireland, Germany, Frankfurt, Paris, all open regions, and we're bringing two new regions that we've announced, in the Middle East, which is an exciting part of the Europe, Middle East, and Africa business, and then also up in the Nordics, with Sweden. >> Yeah, so I want to ask you about EMEA, Europe, Middle East and Africa, it's the acronym for essentially international. Huge growth, obviously Europe is a mature set of countries, and it has its own set of issues, but in the Middle East and outside of Europe there's a huge growing middle class of digital culture. >> Yes. >> You're seeing everything from cryptocurrency booming, blockchain, you're seeing kind of the financial industries changing, obviously mobile impact, you got a new revolution going on with digital. You guys have to kind of thread the needle on that. What are you guys doing to support those regions? Obviously, you got to invest, got GDP always in the headlines >> Right. >> Recently, that's Europe's issue, and globally, but you got Europe, and you got outside of Europe. Two different growth strategies, how is AWS investing, what are some of the things you guys are doing? >> Sure, let me try and get all of those questions >> (laughs) Just start them one at a time >> That was very good, yeah. So, let's do the invest and grow piece. Digital skills are critical, and that's one of the challenges with the overall digital transformation, and, by the way, that's not just EMEA, that's all around the world, right? Including the U.S., and so we're doing a lot of things to try to address the digital skills requirement, a program that we've got called AWS Educate just yesterday announced the Cloud Academy Course. So, career colleges, technical colleges will be able to teach a two-year course specifically on cloud, right? For traditional university education, we provide this thing called AWS Educate. We, in the UK, we started a program over 18 months ago called Restart, where we focus on military leavers, spouses, and disadvantaged youth through the prince's trust, and we're training a thousand people a year on AWS cloud computing and digital skills. Taking them, in this case, out of military, or from less advantaged backgrounds and bringin' 'em into tech. And then, finally in April of this year, at our Brussels public sector summit, a celebration of customers in EMEA, we announced that we're going to be training 100,000 people across Europe, Middle East and Africa, with a combination of all of these programs, so skills is absolutely top in terms of getting people on to the cloud, right, and having them be digitally savvy, but the other part that you talked about is really the generational and cultural changes. People expect service when they touch a button on the phone. And that's not how most governments work, it's not how a lot of educational institutions work, and so we're helping them. And so, literally now, across the region, we've got governments that are delivering online citizen services at the touch of a button. Big organizations, like the UK Home Office, like the Department for Wealth and Pensions, like the Ministry of Justice. And then, I think the other thing that you asked about was GDPR. >> Yeah. (laughs) >> Am I covering all the bases? >> You're doing good Max. >> You keep it rollin'. >> You're a clipping machine, here. >> So, GDPR might be thought of as a European phenomenon, but my personal opinion is that's going to set the direction for personal data privacy around the world, and we're seeing the implementation happen in Europe, but we're seeing also customers in the Middle East, in Asia, down in Latin America going, "Hey, that's a good example." And I think you'll see people adopt it, much like people have adopted the NIST definition of cloud computing. Why re-invent it? If there's something that's good, let's adopt it and go, and Amazon understood that that was coming, although some people act like it's a surprise. >> Yeah. >> Did your e-mail box get flooded with e-mail? >> Oh, Gosh. >> God, tons Well the day >> Day before. >> Yes! >> (laughs) >> Yes, day before! Acting like this was, like a surprise. It started two years before, so Amazon actually started our planning so that when the day arrived for it to be effective, AWS services were GDPR compliant so that customers could build GDPR compliant solutions on top of the cloud. >> So, I mean generally I know there's a lot of detail there, but what does that mean, GDPR compliant? 'Cause I like having my data in the cloud with GDPR, 'cause I can push a lot of the compliance onto my cloud provider, so what does that really mean, Max? >> Yeah, well fundamentally, GDPR gives people control of their information. An example is the right to be forgotten, right? Many companies, good companies were already doing that. This makes it a requirement across the entire EU, right? And so, what it means to be compliant is that companies, governments, people need to have a data architecture. They really have to understand where their data is, what information they're collecting, and they have to make the systems follow the rules for privacy protection. >> So how does AWS specifically help me as a customer? >> Right, so our customers around Europe, in fact, around the world build their solutions on top of Amazon. The Amazon services do things that are required by GDPR like encryption, alright? And so, you're supposed to encrypt and protect private data. In Amazon, all you do is click a button, and no matter where you store it, it's encrypted and protected. So a lot of organizations struggled to implement some of these basic protections. Amazon's done it forever, and under GDPR, we've organized those so that all of our services act the same. >> Max, this brings up security questions, 'cause, you know obviously we hear a lot of people use the cloud, as an example, for getting things stood up quickly, >> Yep. >> Whether it's an application in the past, and then say a data warehouse, you got redshifts, and kinesis, and at one point was the fastest growing service, as Andy Jassy said, now that's been replaced by a bunch of other stuff. You got SageMaker around the corner, >> SageMaker's awesome. >> So you got that ability, but also data is not just a data warehouse question. It's really a central value proposition, whether you're talking about in the cloud or IOT, so data becomes the center of the value proposition. How are you guys ensuring security? What are some of the conversations, because it certainly differs on a country by country basis. You got multiple regions developing, established and developing new ones for AWS. How do you look at that? How do you talk to customers and say, "Okay, here's our strategy, and here's what we're doing to secure your data, here's how you can go faster (laughs), keep innovating, because you know they don't want to go slower, because it's complicated. To do a GDPR overhaul, for some customers, is a huge task. How do you guys make it faster, while securing the data? >> Yeah, so first of all, your observation about data, having gravity, is absolutely true. What we've struggled with, with government customers, with healthcare and commercial enterprise, is people have their data locked up in little silos. So the first thing that people are doing on the cloud, is they're taking all that and putting it into a data warehouse, a data repository. Last night we heard from NASA, and from Blue Origin about the explosion in data, and in fact, what they said, and we believe, is that you're going to start bringing your compute to the data because the amount of information that you've got, when you've got billions of sensors, IOT, billions of these devices that are sending information or receiving information, you have to have a cloud strategy to store all that information. And then secondly, you have to have a cloud compute strategy to actually make use of that information. You can't download it anymore. If you're going to operate in real time, you've got to run that machine learning, right, in real time, against the data that's coming in, and then you've got to be able to provide the information back to an application or to people that makes use of it. So you just can't do it in-house anymore. >> You mentioned the talk last night as part of the Earth and Science Program, which you guys did, which by the way, I thought was fabulous. For the folks watching, they had a special inaugural event, before this event around earth and space, Blue Origin was there, Jet Propulsion Lab, much of the NASA guys, a lot of customers. But the interesting thing he said also, was is that they look at the data as a key part, and then he called himself a CTO, Chief Toy Officer. And he goes, "you got to play with the toys before they become too old," but that was a methodology that he was talking about how they get involved in using the tooling. Tooling becomes super important. You guys have a set of services, AWS, Amazon Web Services, which essentially are tools. >> Yeah. >> Collectively tools, you know global, you end up generalizing it, but this is important because now you can mix and match. Talk about how that's changed the customer mindset and how they roll out technology because they got to play, they got to experiment, as Andy Jassy would say, but also, also put the tools into production. How is it changing the face of your customer base? >> Sure, well, one of the things that customers love, is the selection of tools, but one of the most important things we actually do with customers, is help them to solve their problems. We have a professional service organization, we have what we call Envision Engineering, which is a specialized team that goes in and develops prototypes with customers, so that they understand how they can use these different tools to actually get their work done. One quick example: in the UK, the NHS had to implement a new program for people calling in to understand health benefits. And they could've done this in a very traditional fashion, it would've taken months and months to set up the call center and get everything rolling. Fortunately, they worked with one of our partners, and they understood that they could use new speech and language processing tools like Lex, and Amazon's in-the-cloud call center tools, like Connect. In two weeks, they were able to develop the application that handled 42% of the inbound call volume entirely automated, with speech and text processing, so that the other 52% could go to live operators where they had a more complex problem. That was prototyped in two weeks, it was implemented in three more weeks, a total of five weeks from concept to operation of a call center receiving thousands and thousands of inbound calls on the cloud. >> Max, can you paint a picture of the EMEA customer base, how it sort of compares to the US, the profile? I mean, obviously here, in the United States, you got a healthy mix of customers. You got startups, you're announcing enterprises, you got IOT use cases. I imagine a lot of diversity in EMEA, but how does it compare with the US, how would you describe it? Paint a picture for us. >> Yeah sure, candidly, we see the same exact patterns all around the world. Customers are in different stages of readiness, but across Europe, we have central governments that are bringing online, mission systems to the cloud. I mentioned Home Office, I mentioned DWP, I mentioned Her Majesty Revenue and Customs, HMRC. They're bringing real mission systems to the cloud now because they laid the right foundations, right? They've got a cloud native policy, and that's what directs government, that says stop building legacy systems and start building for the future by using the cloud. Educational institutions across the board are using AWS. Science and research, like the European Space Agency is using AWS, so we see, really, just the same pattern going on. Some areas of the world are newer to the cloud, so in the Middle East, we're seeing that sort of startup phase, where startup companies are gettin' onto the cloud. Some of 'em are very big. Careem is a billion dollar startup running on AWS, right. But we're helping startups just do the basics on the cloud. In Bahrain, which is a small country in the Middle East, they realized the transformative opportunity with cloud computing, and they decided to take the lead. They worked with AWS, they produced a national cloud policy, their CIO said we will move to the cloud, and that's key. Leadership is absolutely key. And then they put in place a framework, and they very systematically identified those applications that were ready, and they moved those first. Then they tackled the ones that weren't quite ready, and they moved those. They moved 450 applications in a matter of three months, to the cloud, but it was by having a focused program, top-level leadership, the right policy, and then we provided technical resources to help them do it. >> Max, I want to get one last question before the time comes up, but I want to put you on the spot here. >> Oh good. >> In the United States, Amazon Web Services public sector has really kind of changed the game. You saw the CIA deal that you guys did years ago, the Department of Defense is all in the news, obviously it's changing the ecosystem. How is that dynamic happening in Europe? You said the patterns are the same. Take a minute to just quickly describe, what's going on in the ecosystem? What's the partner profile look like? You've got a great partner ecosystem, and there are different partners. You mentioned Bahrain, Digital Nation, changing the game. You guys seem to attract kind of a new guard, a new kind of thinking, partners. What is the ecosystem partnerships look like for you guys, internationally, and is there the same dynamic going on that's happening in the US with the CIA, and DOD leaders around changing the narrative, changing the game, with technology? >> Sure, good questions. We wouldn't be able to deliver the solutions that we deliver to customers without our partner ecosystem. And sometimes, they're small, born in the cloud partners, the same sort of phenomenon that we have in the US. The example with the National Health Service was delivered by a expert consulting partner called Arcus Global, about a hundred person strong consulting organization that just knows cloud and makes it their business. And we see those throughout Europe, Middle East, and into Africa. We have our large global partners, Capgemini, Accenture, and then I think the other thing that's really important, is the regional partners. So what's happening is we're seeing those regional partners, partners like Everee, or Dee-Ecto, or SCC. We're seeing them now realize that their customers want to be agile, they want to be innovative, they want to be fast, and it doesn't hurt that they're going to save some money. And so we're seeing them change their business model, to adopt cloud computing, and that's the tipping point. When that middle, that trusted middle of partners, starts to adopt cloud and help the customers, that's when it really swings the other direction. >> It's great growth, and new growth brings new partners, new profiles, new brands, new names, and specialty is key. Max, thanks for coming on the CUBE. Really appreciate you taking the time. International, we're riding the wave of home sector with CUBE here in the US, soon we'll see you in some international summits. >> I'm looking forward, >> Alright. >> John, Dave, it was awesome to talk to you. >> Thanks Max. >> Alright, we are here live in Washington, D.C., for Amazon Web Services, AWS, Public Sector Summit 2018, we are in Washington, I'm John Furrier, Dave Vellante, and also Stu Miniman is here, the whole CUBE team is here, unpacking the phenomenon that is AWS, rocking the government and digital nations around the world. We're back with more, after this short break. (upbeat techno music)

>> Announcer: Live from Washington DC, it's CUBE Conversations with John Furrier. >> Well, welcome to a special CUBE conversation here at Amazon Web Services headquarters in public sector, in Washington DC, actually, in Arlington, Virginia. It's a CUBE coverage on the ground in Washington DC. Our next guest is Shannon Kellogg, who's the Director of AWS Public Policy in Americas, here, joining us. Thanks for spending the time with us. >> It's a pleasure to be here. >> So obviously, public policy is a big part of public sector, hence the success you guys have had. Amazon's had great success. I mean, you go back four years ago, the shock heard all around the cloud was the CIA deal. >> Shannon: Indeed. >> And since then, there's been this gestation period of innovation. You guys have been penetrating, doing a lot of hard work. I know how hard it is. And kind of knowing the DC culture, how hard was it, and hard is it for you guys now? Is it getting easier? I mean, policies, got a lot of education involved, a lot of moving parts. >> Yeah, well, I joined over five years ago. And when I joined, there was very little understanding that Amazon was even in the cloud computing business. And so we really had to start from scratch. And so it was just basic education and awareness work. And I wouldn't call that easy, but it certainly was in a different time where people were curious about Amazon, AWS, and cloud. What is cloud computing? The cloud computing directive of the Federal Government, Cloud First Policy, had just come out a year prior, and so there was a lot of curiosity. So people were willing to talk. People were curious, but they didn't really understand what cloud computing was. And again, they didn't even realize AWS was in that business. >> And back at that time, and I know you have a tech history over at EMC before and RSA. You know the tech game. You've seen many waves of >> Shannon: I have. >> innovation, and it's almost a time where you saw some interesting shadow IT developing. Shadow IT term referred to kind of a in-the-shadows experiment. You put your credit card down and get some Amazon, get some cloud, and test, kick the tires, if you will, kind of, without anyone seeing you, called shadow IT. That became a big part of the growth. How much shadow IT has been involved to kind of force Amazon to the table? Did that help? Was that a help-driver for you guys? Was it going on? >> Yeah. Well, it's interesting, because when you look back four or five years ago, there were a lot of first movers in departments and agencies, folks in little units that I had actually even never heard of in some of the big agencies, customers that I would speak to that were experimenting with AWS and commercial cloud. In those days, they were able to take out their credit card and experiment a little bit with it and discover what was possible. And we saw a lot of uptake in interest as a result of some of that experimentation. But really, things started to change in a big way when AWS won the contract to build the community cloud for the intelligence community. And following that win, and as that project was implemented, and in the six months to a year after that award, we saw a lot more interest by agencies to not just experiment, but to go bigger. >> I couldn't get Amazon to confirm. I've tried many times on the CUBE, Jassy and Teresa, to get them to confirm that that was certainly a shadow IT effort, that someone within the CIA came out of the woodwork and said, "Hold on IBM, we have an alternative." >> Yeah, well I can't-- >> (laughing) Conferment denied. I can't comment on that either, but I can tell you that it was a very open, competitive process that we won. And it was a very big deal for the community and a very big deal for us. And that's when we really started to see a number of other agencies and organizations, really, not just experiment with cloud, but how can we leverage this to get the same benefits that the intel community needs? >> And IBM didn't help either. They got cocky. They figured they're going to sue you guys and ended up amplifying it, where the judge actually said on the ruling, "Amazon is a better service." >> Shannon: Yeah. >> I mean, you couldn't get a better testimony. But let's talk about that move. >> There was a resounding public, or resounding legal opinion, and I would encourage your viewers who haven't read it to read it. >> It's well doc, but at SiliconANGLE. Search SiliconANGLE, AWS, IBM, CIA deal, you'll find it. But I think what's notable about that is it's kind of cocky, because the old way of doing things was schmooze, win the ivory tower, have that relationship, lean on that relationship. And the IT just, they were just like going through security at the airport, just whatever, right? >> Shannon: Right. They just checked the boxes. You got to win the C level. That now has changed, where not only at the buying and evaluation process bottoms up, there's a lot of consensus involved. There's now new stakeholders. >> You bet. >> Talk about that new dynamic, because this is a modern trend. It's not just send it to the department for a check box, it's truly agile. Talk about this new, modern procurement process that people are going through. >> You bet, and it's still evolving. But over the last few years, we've seen a lot of interest by federal organizations to shift from what is traditionally a capital expense model to an operational expense model. And you'll probably laugh at me that I actually even remember this. But in the 2015 budget, with the previous administration, President Obama's budget request in 2015, there was, actually, on page 41 of that budget, a line, or actually a paragraph, that talked about how the Federal Government would need to continue to move to commercial cloud services. And in the language, in the budget, it actually talked about the consumption model, the operational expense model versus the traditional capex model. >> Shannon, what is commercial cloud, because, I mean, again, back to the old days, kind of back in my days when I was growing with the industry, you had a federal division that managed all the government stuff, sometimes separate products, right, I mean, absolutely different, unique features >> Yeah, you bet. >> in the government. Now with the cloud, I'm I hearing that this is the same cloud that Amazon runs? Is it a different product. I know there's different private clouds. >> Certainly, our cloud >> But what is the commercial cloud? >> is one option. >> Explain what the commercial cloud is. >> Yeah, our cloud is one option in this area of commercial cloud services. And we think it's a great option. But if you look at the different types of solutions, NIST actually talked about this when they put out the definition on what cloud computing should be described as several years ago. I think the final definition came out in 2011. And at the time, they called public cloud, which we in federal agencies, now, really refer to as commercial cloud, as one of the deployment models. But it also is really emphasizing commercial solutions and commerciality, versus having an agency go out and try to build its own cloud, or to issue a special contract that is controlled by that agency, that does a traditional private-cloud type of build, like for example, California did with CalCloud several years ago. We're seeing more and more agencies move away from that model and into procuring-- >> Why is that? Why are they moving, costly? >> Well, because, yeah, it's-- >> Just like HP and everyone else backed out of the cloud, same reason? >> It's costly, and one thing, looking at CalCloud, and if you haven't sort of looked at what they did with their policy, in 2014 they issued a policy, California did, which basically created a preference for CalCloud. And by August of 2017, they moved away from that preference reversing the policy and then doing sort of a about-face and saying not only is there not a preference for CalCloud, this privately built cloud, anymore in California, but there's going to be a preference for commercial cloud services and leveraging commercial solutions and technologies. >> Is that, again, the same reasons why a lot of commercial vendors like HP, even VMware, and others who kind of backed out of the cloud. It's expensive, it's complicated, right? I mean, is that main driver, or is it of talent? I mean, why did CalCloud move from that to the (mumbles). >> Yeah, I mean, I obviously can't speak for what other >> Well generally speaking. >> companies have done, but I think, based on our observations at the federal level, at the state level, and even internationally, we're seeing more and more governments in their cloud policies focus on how to leverage commercial cloud services, versus build their own, or go out and spend a billion dollars in trying to build their own through a contractor or traditional contractor. >> I talked to Teresa Carlson. >> And by the way, just for the record, in California, it was IBM who actually ended up building CalCloud. >> Nice dig on IBM there, good one. >> So I just talked to Teresa Carlson, and she and I, we talked about the notion of commercializing ecosystem, to bring in tech in with government kind of the mash up or integration culturally among other things, technology. I had an interview with an executive of New Relic, one of Amazon's top customers. I think they were saying they were getting FedRAMP certified. But there's a variety of certifications that you guys offer, essentially, people in the ecosystem, non-governmental, but they can come in and provide solutions. Can you talk about that dynamic, because we're seeing that become a trend now, where folks in the Amazon, or in general tech ecosystems, that says, "Hey, you know what? "I can go in through Amazon and do some business "with the public sector." >> Sure. >> What do you guys offer? Is there a playbook? Is there a roadmap? Is there check boxes? What's the playbook? >> Well, first of all, if you don't, if your viewers don't know what FedRAMP is, it's a Federal Government security evaluation process for cloud computing providers and service providers who want to sell to the US Federal Government. And the framework itself was created on international security standards as well as existing, and evolving in some cases, NIST security standards. And so it's a common security framework that any company of any size can align to. And AWS, because we believe so strongly in security, and because we had a lot of first-mover customers in the Federal Government marketplace, we really invested in that process early. And as a result of that, we meet the FedRAMP requirements at the different security levels that exist. And we were one of the first providers to actually do that. And then partners started working with us and leveraging that. And not just-- >> So what does that mean to the partner? >> resellers or systems integrators. >> They piggyback on your certification, or they have to do some modifications? It's like the stamp of approval. You can't get into the party without it, right? >> Yeah, you have to have FedRAMP certification in order to provide certain types of services to the US government. A lot of agencies now require some type of FedRAMP certification to do business with them. It's very common now. >> Any other certifications that they need? >> Well, that's the most common one at the federal level. But there are some department-specific requirements too. So for example, when you look at the Defense Department, they've added additional requirements on top of FedRAMP. And providers like us have to go through those additional processes, and then again, if you're partnering with an AWS, and we've gone through that process, and we made the investments, and you have some software that's based on AWS, that's going to be favorable for you in order to sell to that market segment. >> Take a step back and zoom out, and talk about the big landscape in DC. Obviously, DC's the center of the action for policy and this, obviously, public sector all around the world, as well in the United States. What's the trend that you're seeing? I mean, obviously Amazon is kind of like its own black swan. If you think about it, lowering prices, increasing functionality on a daily basis is the business model of Amazon. They win on scale. Customers are happy with that, and government seems to be happy. Yet, the competitive landscape couldn't have been at an all-time high, certainly Oracle, IBM, Microsoft, the others are competing for the same dollars, potentially. So you have the old guard, as Andy Jassy would say, and you guys, self-described, new guard. What's the landscape look like? How are you guys competing? What observations can you share and the role of policy makers in the middle of it? Are they stuck between all this? >> Well, it's been quite a ride over the last seven or eight years. Again, going back to when the First Cloud Policy was issued by the Federal Government CIO at the time, Vivek Kundra. Very early days, they talked about each agency trying to move three applications to the cloud. And so we're in a much different time now. And there a lot of agencies who are going all in on cloud services. That's actually been really fast forward and emphasized even more over the last couple years, starting with the previous administration and the emphasis that they had. I talked about the 2015 budget, but we also saw a number of other policy initiatives in the previous administration during President Obama's eight years. And then you had the new administration come in and really emphasize this early too. And one of the cornerstone things that's happened by the new administration over the last year has been the development and then the release of the President's report on IT modernization. And they set up a new Office of American Innovation and a new tech council to advise on the development of that report. And they went out, the administration did, and got a lot of input from the industry. And then they came out with a final report of recommendations in December. And they're already moving to actually implement a number of those recommendations and pilot a number of recommendations in agencies. And they're really emphasizing shared services and commercial cloud services as a key part of that effort. And then in tandem with that, and this is probably going to shock you, but in tandem with that, Congress actually worked with the administration to also make a number of changes to law, including in December of 2017, a really important piece of legislation called, The Modernizing Government Technology Act. And that was added to the Defense Authorization Bill for 2018. You know in this town, that's often how legislation moves at the end of the year is through the Defense Authorization Bill. So that legislation was passed, and it really is focused on helping agencies in their IT modernization efforts move again from legacy IT systems to the cloud. And they're not doing that just because it lowers cost, and it's a good thing to do. They're actually doing that as part of a way to improve the Federal Government cyber security posture. And that's the last thing I'll talk about that's happened in the last year is I mentioned what the administration did about its IT Modernization Report. I mentioned also what Congress did with the Modernizing Government Technology Act. Well, there was also a new cyber security executive order that was issued during the year by the President that married those two things. And basically, it made very clear that there's very little possibility to actually improve the security of federal systems without moving forward with the IT modernization efforts and moving to cloud. >> And the cyber warfare we're living in it truly is a cyber war. This is not just hand-waving, IT modernization. It's beyond that, because it's critical infrastructure now being compromised. This is our security, right? It's the state of the security of our people. >> You bet, and quite frankly, we're seeing this trend internationally too. You see more and more governments making this link between IT modernization and improving the country's cyber security posture. We've seen that in the UK. We've seen that in Australia. >> It takes cyber war to fix IT. I mean, is that what we're coming to? Okay, final point is obviously IT modernization is key. I love that that's driving it. We need to go faster. Question for you, Cloud First, certainly a big, initial orientation from the government to go Cloud First. Question for you is do you see the expectations yet in the agencies and throughout public sector for cloud speed, meaning not only like speed in feeds, like moving to an agile outcome, faster delivery, under budget, on time, lower prices. Is that expectation now set, or is it still getting there? >> No, we believe it is being set. And if you look at developments over the last six months I mean, you now have the Department of Defense that has come out with changes to policy to move faster to the cloud. And if you look at the Secretary, I'm sorry, the Deputy Secretary of Defense's memorandum in September of last year, he talked a lot about leveraging cloud computing as part of a way to make improvements in the implementation of technology, such as artificial intelligence and machine learning. And in that memo they talked about that's a national security imperative to do that. And so they're seeing technology, not as the end result, but as a way to enable a lot of these developments and changes. And we've already seen many of those steps forward in the intelligence community. So it's very encouraging to us that we're also seeing now the Department of Defense move in this direction. >> So they're running towards the cloud. They're running towards AI. >> Shannon: They're trying to. >> They're going as fast as they can, because they need to. >> They're trying to. >> Final word on security. What do you hope to have happen in our government in America to really crack the code on cyber security and surveillance all these holes? Especially with IoT, their surface area couldn't be bigger. >> So before I answer that question, one thing I did want to say, because we were talking about the Department of Defense. And you had added a question in earlier about what some of the legacy proprietors may or may not be doing. Well, these two things are married. What we're seeing at the Department of Defense is that they really do want to move faster to the cloud. But you probably noticed in the press that there are many different legacy providers out there. And as our boss would say, Andy Jassy, a lot of the old-guard community, who want to try to slow that transition down. And so that is really something that's going on right now. There's a lot of effort out there to pursue the status quo, to continue to keep the lights on. And if you look at what amount of the federal budget that is being spent on keeping the lights on in IT, it's over 80% is what the number is commonly referred to. And so a lot of companies are making traditional companies, old-guard companies, as Andy Jassy would say, are making a lot of money following that same path. And you know what? The taxpayer can't afford that anymore. The mission owners can't afford that anymore. And so it's really time to move forward into the 21st century and leverage commercial cloud technology and some of these advanced capabilities, like artificial intelligence and machine learning. And then to answer your final question-- >> Hold on, on the DoD thing, because I did see that in the news. It's obviously clearly FUD, fear, uncertainty, and doubt, as they said, in the industry from the old guards to slow down the process. That's classic move, right? Hey, slow down. >> It is. >> We're going to lose this thing. If we don't put the brakes on-- >> It's a classic move that some companies have been practicing for a few decades. >> Decades, decades, we all know that, I mean, it's called Selling 101 when you want to secure the ivory tower. Okay, so papa, this is the tactic, and I want to get your opinion. This is a policy question. It's not in the best interest of the users, and the society, and the citizens to have a policy injection for political warfare on deal selling. So that's, essentially, what I see happening. >> Yeah, we agree. >> I want to get your comments on this, because it comes up to a very political topic, technically, multi-cloud. >> Shannon: Right. So the move is, whoa, you can't go to one cloud. We're putting all our eggs in one basket, so we have to spec it to be multi-cloud. That's the policy injection. What's the impact of that in your opinion? Does it matter? Does the government say, "Hey, we should do multi-cloud"? You actually want to have one cloud. That's what Andy Jassy >> Well, actually... >> wants, right? >> you know, that's not true. What I'll say, and take a step back here, is that what we want is what the customer wants. And a lot of companies are forgetting the customer in this debate about multi-cloud versus single cloud. >> So you're jump ball. Your philosophy is to say jump ball. >> We welcome open competition. >> So multi-cloud, >> We want to serve the customer. >> and single cloud. >> What happened with the intelligence community is they had an open competition for a single-cloud approach. One thing that's happening right now as part of this broader discussion is some of the old-guard companies are spreading a lot of misinformation about-- >> John: Like what? >> the different types of contracts, and so there's been a lot of misinformation about DoD trying to pursue a sole-source contract for this JEDI program that they're trying to do to implement cloud. And what DoD has said in the stories that I've read on the record is that they want to have an open competition. And whether or not they choose a single award, which is different than a sole source that's not competed, if they choose a single award that's competed like the intelligence community did, or they choose a multi-award, it's going to be their preference. And let me tell you something, the policy space, what we've heard consistently from members of Congress and other policy makers is they don't want to be in the business of telling the Department of Defense or any other federal agency, specifically, what they should do or shouldn't do in a technology procurement. What they want is an open competition. And I'll tell you on the record, we embrace an open competition, and that will serve the customers well. But don't tell the customer if you're an old-guard company what they should or shouldn't do. And don't ignore the customer. >> Well, I would, from just a personal standpoint, industry participant, I would say that that's going backwards. If you have the companies doing old-guard tactics injecting policy and FUD to slow a deal down just to save it, that's really bad, bad form. >> Yeah, it's- >> That's going backwards. >> It's bad policy, but it's also bad for the taxpayer, and it's bad for the mission owner. So let there be open competition. Let the customers, like DoD, make the decisions that they're going to make, which is going to be best for their mission. >> Well, Shannon, as Teresa, a basketball fan, would say, "Jump ball," make it fair. >> Let's do it. >> Let the chips fall where they may. >> Let's do it. >> All right. Open competition, that is Amazon's position here in DC. Policy, no problem, we can play that game, but it's all about the customers. Shannon, thanks for your insight and observations. >> You bet. >> Shannon Kellogg, who's in charge of policy at Americas for AWS. This is CUBE Conversations. I'm John Furrier, thanks for watching. (rhythmic electronic music)