>>From Miami beach, Florida. It's the queue covering a chronics global cyber summit 2019 brought to you by Acronis. >>Okay, welcome back. Everyone's the cubes covers two days here in Miami beach. The Fontainebleau hotel for the Kronos has global cyber summit 2019. It's inaugural event around a new category emerging called cyber protection. Um, this isn't a wave that's going to be part of the modernization a week we've been calling cloud 2.0 or whatever you want to call it. A complete modernization of the it technology stack and development environment includes core data center to the edge and beyond. Our next guest is Dan havens, chief growth officer per Chronis. Dan, thanks for coming on. Appreciate it. And thank you for having me, Dan. So, uh, what does chief growth officer mean? You guys obviously are growing, so obviously we see some growth there. Yeah, numbers are there. What she, what she, we have a couple of divisions in the company where we see we can really accelerate the business. >>So we came in and we wanted to make some large investments here. One of those areas was sports. You're seeing race cars out here on the floor, you're seeing all kinds of baseball teams, soccer teams, and we're talking to everybody. We have 40 teams now that are using our technology for competitive advantage on the field. Uh, the other areas, OEM, so, uh, original equipment manufacturers, everybody from making a camera to a server somewhere, having a Cronus be embedded, that's a big angle for us and we just didn't have a lot of focus. So I came into to build those divisions. I've actually joined the CEO before in a prior life in his last company and did something similar for him on a similar, uh, back there and we had violent success. So yeah, it's been a lot of fun. I've been here a year and a half and we're killing it. >>We got triple digit growth in the sporting category and similar in the OEM. It's interesting, you know, I look at a lot of these growth companies and the kind of a formula. You see, you guys have a very efficient and strong product platform engineering group. A lot of developers, a lot of smart people in the company, and a strong customer facing for the lack of a better word, field. The group you're in, you're involved, this is not, and you got marketing supporting it in the middle. Yep. So nice, efficient organizational structure on a massive way. But cyber, because this isn't your grandfather's data projection, this is a platform. What's the pitch? So the key here for us is we have to always say, and, and it, it's, it's hard to simplify and we're easy. In fact, we're cost-effective. Sometimes I'll even say I'm cheap and I'm easy. >>And that does not go out of style for an enterprise, right? So our ability to take good old fashioned backup and these things that other people need and basically extend that across. Now I can have one window where I can control, keep 'em out. If somebody gets in or from the inside or a disaster happens. I from this one place can recover my data. I'm secure with my data. I have the ability to notarize my data. So this one, and by the way, key simple interface. Customers love simple. This one simple interface to be able to do that. Now it takes a lot of engineering that goes behind that. I have plenty of, I have fancy engineering degrees and all that, but I try forget that when I'm talking to a customer because at the end of the day it's gotta make sense. A mind that doesn't know, says no. >>And I think we do a pretty good job of simplifying the message, but as they get under the covers and they roll it out, they recognize that there's, you know, we, we, we have more engineers per employee capita than any company that would have 1600 employees. Simple, easy to use. It reduces the steps it takes to do something as a winning business model. You kind of come from that school you mentioned, you know, cheap and easy. That's what is key. Yeah. But we're in a world where complexity is increasing and costs are increasing. Yep. These are two dynamics that are facing every enterprise, cyber it everywhere. What's your story when you want to educate that person so they can get to that? Yes. I want to work with you guys. What's that? What's that getting to? Yes. Processed motion look like. So the beautiful part is is we sell software right now. >>Software can be purchased complex. You install it, you can figure, you do everything yourself. We also can sell that from a cloud standpoint. So now you consume it like a service. Just like you consume Netflix at home, right? I can now consume this protection as a service. You have bolts spectrums covered. Most enterprises are somewhere in the middle. We call that hybrid. So the idea here is that there's going to be components where this data's not leaving these four walls. It might be government agency, it might be some compliance factor, but the ability to be able to say yes anywhere on that spectrum, it makes it very easy for an executive to say, okay, but we have a very, as you leverage the cloud, the OnRamp for this can be as simple as turning on the surface and pointing it at a data source. I mean, you're a student of history, obviously even in this business for awhile, you've done been there longer than you'd think. >>Data protection was kind of like that. Afterthought, backup data recovery all based upon, yeah, we might have an outage or a flood or hurricane Sandy who knows what's going to happen. You know, some force majority out there might happen, but security is a constant disrupter of business continuity. The data's being hijacked and ransomware to malware attacks. This is a major disruption point of a world that was supposed to be a non disruptive operational value proposition. Yeah, so the world has changed. They went from a niche, well, we've got their architecture of throwing back up. You've got to think about it from day one at the beginning. This seems to be your, your story for the company. You think about security from the beginning with data protection. There's only one club in the bag, so to speak. Talk about that dynamic and how's that translating into your customer's storytelling customer engagements to show you, you used an interesting word at the beginning, disaster recovery years ago, I started my tech industry in 1992 right? >>Disaster recovery is when we're going to have a flood or a hurricane and the building's going to burn down. What we find is most of our customers, that's certainly happens, but that's not the driver. The driver now is somebody after my data because the world has changed. Not only has the amount of data we're collecting change, but the ability to illegally monetize somebody else's data has become reality and you have social media that is socializes if you get breached and so forth. So there's a number of drivers. Number one, I don't want to be turned out of business. Number two, I don't want to be ransom. Then number three, I certainly don't want to do the cover of the wall street journal tomorrow morning as a top executive who looked past data. We literally watch brands, I won't mention the brand now, but a very large fortune 1000 what's called out yesterday. >>We see it every few days and we watched the carnage of their brand get deluded because they weren't protected. So I think it's the perfect storm up. I've got a ton of data, so it's coming in from all directions. Secondly, I I'm concerned about, you know, my brand and been able to protect that data and then you know, what do I do? And the disaster in this case is not necessarily flood or fire. It's that somebody from the inside or outside got in the gym. Pretend that I'm a decision maker. I'm like, my head's exploding. I'm got all this carnage going on. I don't want to get fired yet. I know I'm exposed. Nothing's yet happened yet. Maybe I settled the ransomware thing, but I know I'm not in a good place. What's your story to any, what's your pitch to me? What's in it for me? Tell me. >>Tell me the posture and the, well, we're halfway home. If you say, I know I'm not in a good place, right? Cause oftentimes somebody has to get bit first or they have to see their neighbor get bit first and then they say, Hey come in. One of my first plays would be let's find out what place you really are. I can do that very quickly and an assessment, we can gather your systems, we can get a sense for our, where's your data? Where it's flowing from. What are you doing? What are you doing to protect it? We typically will come back and there's going to be spots where there's blind spots. Sometimes they're fully naked, right? But the good news is is now we know the problem, so let's not waste any time, but you can get onboard and baby steps or you know, we can bandaid it or we can really go into full surgery however you want to move forward. >>But the idea is recognizing this has to be addressed because it's a beast. Every single device that's out there on the floor, in any enterprise, any company is a way in and a POC are critical for your business model. You want to get them certainly candy taste, show the value quickly has a POC, gets structured unit assessment. You come in on a narrow entry nail something quick, get a win. What's the, what's the playbook? Love PLCs because we're so fast and easy meaning oftentimes you do PLCs cause you're complex software and you're trying to prove your point and so forth. I love to push a POC cause I can do it inside of days, but I get the customer to take the drive. It's just on the car lot. If I get you to drive it down the block, you're not bringing it back. You're bringing it home to the neighbors. >>Right. That is the case with our software and our hit rate is key. But again it's because it's straightforward and it's easy. So though most sales cycles don't push for pilot. I can't wait to get a pilot but we don't need 30 days to do it in a couple of days. They're going to recognize I can do this too. You have a good track record of POC. If I get, this is going to be the most conceding. You might have to edit this out. If I get an audience, I will win. That is the most conceited statement on the planet. And if I get the audience and they will look, and this is why we use the sports teams. Sports teams are the cool kids using this. And if I get an executive to say, what are you guys doing with the red Sox? If I could get him or her to look, it's game over. >>Hey being bad ass and having some swagger. It's actually a good thing if you got the goods to back it up. That's not fun. Piece here is that the product works well and it's not this massive mountain to hurdle. It is. We can get started today and take bites as we go, but you mentioned sports. Let's get into that talk track. As we have been covering sports data for now six years on the cube in San Francisco. We were briefly talking about it last night at the reception, but I think sports teams encapsulates probably the most acute use case of digital transformation because they have multiple theaters that are exploding. They got to run their business, they got a team to manage and they got fan experience and their consumers, so you've got consumerization of it. You got security of your customers either in a physical venue from a potential terrorist disaster could happen to just using analytics to competitive venture from the Moneyball model to whatever sports really encapsulates what I call the poster child of using digital into a business model that works. >>You've been successful with sports. We interviewed Brian shield yesterday. Yup. Red Sox, vice-president technology. He was very candid. He's like, look it, we use analytics. It helps us get a competitive, not going to tell you the secrets, but we have other issues that people not thinking about drone strikes while the games going on, potential terrorist attacks, gathering the people, you know, adding on East sports stadium to Fenway park. They have a digital business model integrating in real time with a very successful consumer product and business in sports. This has been a good market for you guys. What's been the secret to success? >> Explosive market? Couple things. First off, you summarized well, sports teams are looking for competitive advantage, so anything that can come in under that guys is gonna get some attention plus data, fan data, system data, ticket data. Um, in baseball, they're studying every single pitch of pictures ever thrown. >>They have video on everything. This is heavy lift data, right? So a place to put it saved money, a place to protect it, a pace to access it so that all of my Scouts that are out in the field with a mobile device have the ability to upload or evaluate a player while they're out still on them and on the field somewhere maybe in another country. And then add the added caveat in our sexiest piece. And that's artificial intelligence. You mentioned Moneyball, right? Uh, the, the entire concept of, of stat of statistics came out in the Moneyball concept and you know, we all saw the movie and we all read the book, but at the end of the day, this is the next step to that, which is not just written down statistics. Now we can analyze data with machine learning and we have very, we have unique baseball examples where there's absolutely no doubt they have the data. >>It's the ability to, how do I turn that to where I can be more competitive on our racing team. So we're actually working with teams improving, changing the car on the track during the race, using our software fact. We always look forward to opportunities where somebody says, Hey, come in and talk about that because it's incredibly sexy to see. Um, but sports are fun because first off they're the cool kids. Secondly, they're early adopters. If it's gonna give competitive advantage, uh, and third, they hit all the vectors. Tons of data have to protect it. >> It's our life in the business models digital too. So the digital transformation is in prime time. We cannot ignore the fact that people want wifi. They got Instagram, Facebook, all of these, they're all conscious of social media. There are all kinds of listening sports club, they have to be, they have to be hip, right? >>And being out front like that, think about the data they have come in at. And so not just to be smart on the field, they have to be smart with our customer. They're competing with that customer for four of their major sports or whatever. Major sports in the, in the, in the, in our case in this fashionable to be hip is cool for the product, but now you think about how they run their business. They've got suppliers, um, that have data and trusting suppliers with data's. There's a difficult protection formula. They've got national secure security issues. They have to protect, well they have to protect as a big part, but they have to protect, well first off these, these archives of data that are of 20 races ago or of this pitcher pitched three years ago and I have a thousand of his pitches and I'm looking for towels. >>That is, that's mission critical. But also, uh, to boot you have just business functions where I'm a, I'm a team and I have a huge telco sponsor and we are shifting back and forth and designing what their actual collateral is going to be in the stadium. They're actually using a Chronis to be able to do that up in the cloud where they can both collaborate on that. Not only doing it, but being able to protect it that way. It's, it's more efficient for them. It's interesting. I asked Brian shield this question, I asked her how does baseball flex and digital with the business model of digital with the success of the physical product or their actual product baseball. And he said an interesting thing. He's like the ROI models just get whacked out because what's the ROI of an investment in technology? It used to be total cost of ownership. >>The class that's right under the under the iceberg to sharpen whatever you use, you use that. We don't use that. We think about other consequences like a terrorist attack. That's right. So so the business model, ROI calculation shifting, do you have those kinds of conversations with some of these big teams and these sports teams? Because you know they win the world series, their brand franchise goes up if they win the national championship, but whatever their goal is has real franchise value. There's numbers on that. There's also the risk of say an attack or some sort of breach. >> Well, I won't mention the names, I won't mention the teams by name, but I have a half a dozen teams right now and two that are actually rolling out that are doing facial recognition just for security, a fan's entering their stadium. So they are taking the ownership of the safety of their fan to the level of doing visual or facial recognition coming into their stadium. >>Obviously the archive to measure against is important and we can archive that, but they're also using artificial intelligence for that. So you're absolutely right. They owe their fan a safe experience, not only a safe experience with good experience and so forth. And we love to be associated whenever we can with wins and losses. But to your point, how do you get, or how do you show a TCO on a disaster and nobody wants to, and by the way, we've seen enough of that to know it's looming. And there's also the supply chain too. I can buy a hotdog and a beer from Aramark, which is the red socks. They say supplier that's not owned by the red Sox. They have a relationship. But my data's in, I'm a consumer of the red Sox. I'm procuring a, you know, some food or service from a vendor. Yeah, yeah. My data's out there. >>So who protects that? Well, these are unique questions that come up all the time. Again, that's a business decision for the customer. The idea is with cloud collaboration, it's technically quite easy, but again, they have to decide where they're gonna commingle their data, how they're going to share. But the idea here is, again, back to the spectrum, fully cloud and accessible and locked down airtight government's scenario where we have a, you know, a lock bottom line is you get to pick where you want to be on there and there's going to be times where my example of talking to the, uh, the telco vendor, we're, we're actually going to share our data together and we're going to make us faster, make a quicker return and design this collateral for our stadium faster. Those are business decisions, but they're allowed because it, Coronas can be as hybrid as you need to be along the site. >>And again, that resonates with an executive. They never want to be wearing handcuffs and they don't want to pay overpay for stuff to not use our stuff. And if you decide to consume cloud, you, you just pay as you go. It's like your electricity bill. All right. So the red Sox are a customer of you guys. You have or they use your service. What other sports teams have you guys engaged with who you're talking to? Give a taste of some of the samples. So European, we have a couple of formula one teams. We have a racing point. We have the Williams team and formula E we have to cheetah the dragon team. We have a adventury, we also have Neo. So we have a good presence in the racing clubs. We have a ton of a world rally cars and, and, and motorcycle motorcross and so forth. >>Then you step over into European football. So we, we, we started in cars and recognize this is hot. So then we got our first, uh, European team, uh, and we had arsenal. As a matter of fact, we have one of the legends here signing with us today. And you know, I mean, they're rock stars, right? People follow them. Anyway, so we have arsenal and we did man city. Um, and we just landed, uh, Liverpool just did that this quarter, two weeks ago. I literally just, the ink is still drying. Um, and then you move into the United States, which I brought the, you know, I brought the circus to town on January one, 2019. First when was the Boston red Sox. We quickly followed that up. You'll see us on the home run fence at San Diego Padres. Volts bought for different reasons, but both very sexy reasons. So it's the reason. >>What were the main drivers? So in the case of the Boston red Sox, it was, it was a heavy lift on video. A lot of on the protection side. Um, the, uh, San Diego was file sync and share. So the example I was giving of, um, being able to share with your largest telco vendor or with your largest investors slash sponsor for your stadium, um, that was the driver. Now what's funny about both is as they get started, he's always expanding, right? So we have the baseball teams, we did land this quarter, the Dallas stars. So that's our first hockey club. I really want. And my goal is to try to get a couple in each of the main four categories and then some of the subs, um, just cause you get the cool kids, you get a tipping point. Everybody then wants to know what's going on. I have a hundred and play. >>And so we, we typically try to qualify regional where it makes sense. Um, uh, we're, you know, we're very close with a team here in the region. So, you know, they, in the feedback from, from the, from the successes you had implementations, why, what's uh, what's been the feedback from the customers. So here's the file in this. Sounds like I'm just tripping with sales guy and I apologize. Warning signs. Okay. If they use it, we're home free. So when you get Brian or any one of these guys that are using it, all I have to do is make sure that a new customer hears this person who has no reason to say anything else and just expose them to it. Because it's this unknown, scary thing that we're trying to protect against and being able to do that and have the freedom of how aggressive or you know, what metaphor am I going to cover that? >>And then also, uh, you know, the, obviously the economics work is you pay as you go. Um, it's, you know, it's a good story. Well, Dan, congratulations on the success. Um, great to see you guys really digging in and getting those PLCs and being successful. We watching your growth. Final question for you yes. Is all the data and the patterns that you see and all of customers. What's the number one reason why a Cronus is selected and why you women? I think that's an interesting question and I think that it's a couple of reasons. Number one, we work, we're easy. We have an enormous footprint. So there's a lot to reference from. Many people have already used us on the consumer side, so we're safe. So that's one reason I would also tell you however, that we have a great ecosystem because a Kronos is different than most software companies. >>Most software companies have a huge outside sales force that sells direct to customer a Chronis. Everybody here is a partner. We sell through a service provider to a channel member through a, through a, a, a, an ISV. Um, and then we have some direct enterprise. But the idea is there's a variety of solutions that can be baked on this foundation. And I think people like that variety. I, they, they like the, like the freedom of I'm not just trapped with this one thing. I can buy it and all options are available and I will tell you an it, nobody wants to be locked down. Everybody wants options, safety in numbers. They want their data protected with the whole cyber land lens. And they know everything's changing every six months. Something's different. And I don't want to be handcuffed in my desk. I want all options available. I think that's our best value from all right, Dan, thanks for coming on. Dan havens, chief growth officer, but Krohn is weird. The Chronis global cyber summit. I'm John Ford. Stay tuned for more cube coverage after this short break.

>>From Miami beach, Florida. It's the cube covering a Cronus global cyber summit 2019. Brought to you by Acronis. >>So Ron, welcome back to the keeps coverage of kronas cyber global cyber summit 2019. I'm John furrier here in Miami beach. Our next guest is Pat Hurley, vice president, general manager of the Americas in sales and customer relationships. Get Debbie Juan. Hey, thanks for having me. Welcome to Miami beach. Lovely place to have an event. So I hear ya. You got a lot of competition going on between the U S America's in the AMIA teens and it's very competitive group. >> The European team is very confident. I think we'll show them tomorrow what we're made of. We've been recruited very hard for some players that are Latin American. I think we'll show them a finger too. You've got a big soccer story there. We do. Yeah. We've, uh, we've got a few sports partnerships that we have across the globe. Uh, some of the first partnerships we had were actually within formula one. >>And we really try to correlate the story of the importance of, uh, data protection and cyber protection in the sporting industry because a lot of people don't think about the amount of data that's actually being generated in the space. A formula one car generates between, you know, two and three terabyte through three gigabytes of data on every lap, tons of telemetry devices that are kicked, collecting information from the car, from the road service, from the, the general environment. They're taking that data and then sending it back to the headquarter, analyzing it and making very small improvements to the car to make sure that they can qualify faster, run a faster lap, make the right type of angle into a turn, uh, which can really differentiate them from being, you know, first, second, third, 10th in a qualifying session. On the soccer side. We do have some partnerships with uh, arsenal, Manchester city, inter Milan, and we just signed a partnership as well with Liverpool. >>So we are very popping in that space here in the U S we have some other sports that we're big fans of. I'm personally a big Boston red Sox fan, being a Boston native and we do have a sports partnership with the red Sox, which has been an unbelievable partnership with them. And learning more about the use cases that they solve and using our technology has been really cool. >> You know, Patty, you bring up the sports thing and we were kidding before we on camera around the trading, you know how people do sports deals and they trade, you know, merchandise for consumer benefit or customer benefits. But really what is happening is sports teams encapsulate really the digital transformation in a nutshell because most sports franchises are, have been traditionally behind. But now with the consumerization of it and digital can go back to 2007 since the mobile phone. >>Really, I mean it's iPhone. Yeah. Since that time, sports and capsulates every aspect of it, consumer business fan experience. And it really has every, every, almost every element of what we see now as a global IOT problem opportunity. So it really encapsulates the use case of an integrated and and needed solution. Oh yeah, absolutely. I mean, if you think about the amount of data that's, that's out there today and the fast way that it's growing, you know, the explosion of, uh, of data in the, in the world today, sports have different unique challenges. So obviously they have large fan bases that need to be able to access the data and understand what's going on with their favorite sports teams. Um, for us it's really, you know, these technology partnerships that we have with these guys, it runs through all these different areas of, you know, in many cases we didn't really understand that they were using it for. >>So, you know, the red Sox for example, they've got Fenway park and iconic stadium, you know, the Mecca of baseball. If you haven't been there yet, I suggest all your viewers that they go and check it out, give me a call, we'll try and get you set up there. But, um, you know, the, the, the experience that the fans have there is all around their data experienced there. Right? And it's not just baseball games. It could be hockey games that Fenway park, it could be a concert that they're having. A phone buys a lot of different events. These stadiums are open year round and the ability to move, share access, protect the data in that stadium is really important to how they're functioning as an organization. We talked to their I-Team quite regularly about how they're using our solutions. They're talking about uh, different aspects of artificial intelligence, different ways they can use our products and machine learning. >>Obviously with the new solutions that we have in the market today around cybersecurity or helping them to address other challenges that they face. Um, as an organization, these are realtime challenges in their physical locations, national security issues, terrorist attacks could happen. There are venues, there are public gathering places too. Absolutely. We announced our partnership with them back in may and I was shocked to hear them on the main stage announcing that they had this great partnership with the Kronos was talking about their unique cyber security needs. They started talking about drone technology and I'm thinking, all right, a drone flies in the stadium. Maybe at breaks and it falls on a player and we're paying $20 million for one of these pitchers to be out there on the Hill or an interest, a fan or maybe they're collecting some video data to then share it out. >>And that's red Sox IP. No, they're talking about cybersecurity threats in the sense that a drone, a remotely controlled device could come in and lightened incendiary device in the, in the stadium and that to them as a real security server. And that's frontline for the it guys. That's what keeps them up at night. Yeah. And that's really an attack take time. Oh yeah, absolutely. What are the use cases that are coming out of some of your customers, cause you guys have a unique integrated solution with a platform as an end to end component too. You have a holistic view on data, which is interesting and unique. People are kind of figuring this out, but you guys are ahead of the game. What are some of the use cases that you've seen in the field with customers that highlight the benefits of taking a holistic view of the data? >>Yeah, absolutely. So we look at it as kind of backups dead, right? We have, we've combined the old world of backup and disaster recovery with the new world of cybersecurity and we combine that to a term we're calling cyber protection because it really requires an end to end solution and a lot of different things need to be working properly to prevent these attacks from happening. Uh, you need to be very proactive in how you're going about that. We address it with what we call 'em, the Kronos cyber platform. And what this is, is a unique, multi-tiered multi-tenant offering that's designed specifically for service providers. We have just under 6,000 servers, providers actively selling our cyber protection solutions today and they use this for are for a multiple different aspects. And usually the beachhead has something like backup. Every company needs backup. It's more of a commodity type solutions, a lot of different players in the game out there, but they take it a step further, use that same backup technology to then do disaster recovery. >>They can do files, they can share, they can do monitoring. We have notary solutions based on blockchain technologies. Now, this whole suite of cybersecurity solutions, all of this is with a single pane of glass, one platform that of a service provider can go in and work with their customers and make sure that their data is protected, make sure that their physical machines are virtual machines, they're PCs, their Macs are all protected, that data's protected, it's secure, but it's also accessible, which is an important part of you can take your data wrapping a nice bow buried a hundred feet underground, but then you can't use it, right? So you want to be able to make sure that you can actually, uh, leverage the technology there. Um, we've seen explosive growth, especially in, in my market. I think the numbers are pretty crazy. It's something like 90% of the market today in the U S has served in some capacity by a service provider. >>And this could be a small to medium size business that's served by local service fire to those really big guys that are out there. Let's on with how large your target audience, you mentioned search probably multiple times when you're out selling your target persona, your target audience, and you're trying to reach into, so we touch, everybody know, you equate it to kind of what we do with the red Sox, right? You walk into that city and the 38,000 people that, well, some of those people are just, you know, regular Joe's, right? They, they go to work every day. They have a computer at home, they have a mobile device. They probably have multiple mobile devices. We protect that for them. We call them a consumer. Slash. Prosumers. We work at a lot of very large retail organizations. If you walk into some of those shops today, you'll be able to see our software on a shelf there. >>You work with one of those tech squads where they're starting to attach services to it and you get more of a complete offering there. We then scale up a little bit further to some OEM providers. You work with companies like Honeywell and Emerson that are manufacturing devices that embed our software on there. They white label it and deliver it out. These are connected devices. You think about the, you know the, the explosion of IOT devices in the market today. We're protecting that stuff as well. We work with very large enterprises, so some of the, the major players that you see in the manufacturing space are standing up standardizing on Acronis process control process automation vendors are using our Chronis and we can deliver the solution because of the way it's so flexible in a very consumable way for them. Those enterprises can actually act as a service provider for their employees so we can actually take our technology, deploy the layer in their infrastructure where they have complete control. >>They might not want to be in an Uber cloud, they might not want to work with Chrome OS data center. They want to have and hold that data. They want to make sure it's on site. We enable that type of functionality and then the fastest growing area for us is what I hit on earlier within the service provider community. We're recruiting hundreds of service providers every quarter. We've got some great partners here. Give you an example of a service provider. You mentioned the red size, I'm assuming is that a vendor that might be working within that organization, but still it sounds like that's a supplier to the red Sox. How, how broad is that definition? It gives us many points. Yeah, it's a really good point. So we work with hosting providers. Look, can be regional hosting providers to multinational hosting providers. Some of the very big names that you've, you're probably familiar with. >>We work with, uh, we work with, uh, telco providers who work with ISV providers or sorry, ISP providers, um, kind of regional telco providers that provide a myriad of different services all the way down to your kind of local mom and pop type service providers where you've got a small business, maybe they've got 30 to 50 employees, they're servicing probably 200 to 300 customers and they want to provide a very secure, safe, easy to use complete solution to their customers. Uh, those could be focused on certain verticals so they could be focused on healthcare, financial services, construction, et cetera. Um, we have some that are very niche within like dental services or chiropractice offices, small regional doctor's offices. Uh, and the, the beauty of that, and I was getting the partners earlier, is we have partnerships with companies like ConnectWise where those are tools that service providers are using on a very daily basis. >>So essentially the platform gives you that range and that's the typical typical platform. So you have that broad horizontally scalable capability and the domain expertise either be what solution from you guys or can ISV or someone within your ecosystem is that they get that. Right? Absolutely. And that's what really differentiates us is our ability to integrate into that plat, into our platform, into their platform and make those connections. So you don't need to learn 12, 14, 15 different technologies. You've got a small suite of offerings in a single pane of glass, very easy to use, very intuitive. Um, the integrations that we have with these partners like ConnectWise, like Ingram micro, really differentiate us because what they do is they provide open API capabilities. They provide software development kits where these partners can go ahead and build it the way they want to sell it. >>You know, it's interesting when the cloud came out and as on premise has changed to a much more agile dev ops kind of mindset that forced it to think like a service provider. I think like an operating system, it's an operating environment basically. So that service provides an interesting angle and I want to get your thoughts on this because I think this is where you guys have such a unique opportunity to just integrate solution because you could get into anything and you got ISV to back that up. So I guess the question I would have is for that enterprise that's out there that's looking to refactor and replatform their entire operation, or it could be a large enterprise, it has a huge IOT opportunity or challenge or a service provider is looking at having a solution. What's the pitch that you would give me if I'm the one of those customers? >>Say, Hey Pat, what's the pitch? So you need a, you need a trusted provider that's been in the business for a number of years that understands the data protection and security markets that Kronos has that brand. We've been doing this for about 16 years. We were founded in Singapore, we're headquartered out of Switzerland and we've got a lot of really smart guys in the back room. Was building good technologies that our partners were able to use. Um, we look at it a lot of different ways. I mentioned our go to market across a lot of different verticals and a lot of different um, kind of routes for those. The way we deliver our solution. It provides the flexibility for an enterprise to a classic reseller to um, you know, a VAR or a service, right? It's delivering services. It can be delivered to those guys how they want to consume it. >>So as an example, we may work with a smaller service provider that doesn't have any colo capabilities. We provide data centers so they could have a very quick turnkey solution, allows them to get up and running with their business, selling backup within minutes to their customers. We can also work with very large enterprises where we can deliver the complete platform to them and then they have complete control over it. We sprinkle in some professional services to make sure that we're giving them the support that they need and then they're running the service for themselves. What we've really seen in terms of a trend is that a lot of these VARs, we have about 4,500 of them in North America and they're starting to look at their businesses differently. Say, I gotta adapt or die here. I gotta figure out what my next business model is. >>How am I going to be the next one that's in the news flash that says, Hey, they've been acquired, or Hey Thoma Bravo made a big investment in me. Right? They need to convert to this services business or Kronos enables that transformation to happen. I mean, I can see you guys really making money for channel partners because they want solutions. They want to touch the customer, they want to maybe add something they could bring into it or have high service gross profits around services. Absolutely. So, yeah, our solution is unique in the sense that allows partners to sell multiple offerings to, you're getting an additional layer of stickiness providing multiple solutions to a customer. You're using the same technology, so your it team is very familiar with what they're using on a daily basis. Um, you're reducing the amount of churn for your customers because you're selling so much additional there that they're really stuck with you. >>That's a good thing. Uh, and beyond that, your increasing ARPU, average revenue per user is a key metric that all of our partners are looking at. And these guys are owner operators, right? They're business owners. They're looking at the bottom line. I mean, it's interesting the operating leverage around the consistent platform just lowers, it gives them software economic model. They can get more profit over time as they make that investment look at at the end of the day, channel partners care about a couple things, money, profit and customer happiness. Absolutely. And it helps to have them want to have a lot of one offs and a lot of, you know, training, you know, anything complicated, anything confusing, anything that requires a lot of resources, they're not going to like a, it's also great to have events like this where you're able to, to press the flesh with these guys and, and being face to face and understand their real world challenges that they're dealing with on a daily basis. >>How has the sport's a solution set that you've been involved in? How has that changed the culture of Acronis? Is that, has that, has that changed as, you know, sports is fun. People love sports, they have real problems. It's a really great use case as well. How's that change the culture? It's been amazing. I, so one from a branding perspective, we are a lot more recognized, right? Um, the most important thing about these partnerships for us is that they're actually using the technology. So, you know, we've got the red Sox here with us today. We've got arsenal represented, we've got Williams, we've got Roush racing, we've got a NASCAR car back here. Um, they use our technology on a daily basis and for each one of them we solve different types of use cases. Whether it's sending them large amount of video data from an essence studio over to Fenway park, or if it's a scout out in the field that needs to send information back and their laptop crashes, how do they recover? >>A lot of these different use cases, you can call them right back to a small business owner. You don't have to be a multibillion dollar sports organization with the same challenge. Well, I'm smiling because we've been called the ESPN of tech to they bring our set. We do let the game day thing. We certainly could love to come join you in all these marquee events that you have. We'd love to have it. Yeah, so if you follow us on social, we're out there and that, that's a big part of it. You mentioned one of ours looking for what our partners looking for. They want a personal relationship too. A lot of that goes away with technology nowadays and being able to really generate that type of a, of a personal relationship. These partnerships enable that to happen and they're very anything, I don't know anything about cars. >>We started partnering with formula one. All of a sudden I know everything about 41 I go to these races. I tell everybody I don't know anything about cars and I ended up being the, the subject matter export for him over over the weekend. So we'd love to have you guys join us. We'd love all of our partners. They get more engaged in the sports aspect of it because for us, it really is something that, um, again, they're using us in real life scenarios. We're not paying to put a sticker on a car that's going 300 miles. It's not traveling as a real partnership. Exactly. Pat, congratulations on your success and good luck on people owning away the numbers. Congratulations. Thank you very much. Just the cube coverage here at the Chronis global cyber summit 2019 I'm John furry. More coverage after this short break.

>> Live from San Diego, California It's the queue covering Sisqo Live US 2019 Tio by Cisco and its ecosystem. Barker's >> Welcome Back to San Diego. Everybody watching the Cube, the leader in live tech coverage. This day. One of our coverage of Sisqo Live 2019 from San Diego. I'm Dave a lot with my co host to minimum. Lisa Martin is also here. Kip Compton is the senior vice president of Cisco's Cloud Platform and Solutions, and he's joined by Fabio Gori was the senior director of Cloud Solutions Marketing. Gentlemen, thanks so much for coming on the Cube. >> Thanks. Great to be here having us. >> You're very welcome, Fabio. So, Kip, Let's start with you. I want to start with a customer perspective. People are transforming. Cloud is part of that innovation cocktail, if you will. Absolutely. How would you summarize your customers? Cloud strategies? >> Well, I mean, in one word, I'd say Multi cloud, and it's what I've been saying for some time. Is Custer's air really expanding into the cloud and it really expanding into multiple clouds? And what's driving that is the need to take advantage of the innovation in the economics that are offered in the various clouds, and we sit like to say that they're expanding into the cloud because for the vast majority, their coast of our coasters, they have data centers. They're going to continue to have data centers. Nothing's going to keep running in those data centers now. What's happening is they thought it would be easy to start with everyone here. CEO Chuck likes to talk about, however, and thought they just moved to the cloud like moving to another neighborhood. Everything would be great. Well, when they're multiple clouds, you leaving some stuff on him. All of a sudden, what was supposed to be simple and easy becomes quite complex. >> Yeah, I've often said Well, multi club was kind of a symptom of multi vendor. But what you're saying is, essentially, it's it's becoming horses for courses, the workload matching the workload with the best cloud to solve that problem. >> I think it's a feature not above. I think it's here to stay. >> So how is that informing your strategy is Cisco? >> Well, you know, we're very customer responsive, and we see this problem and we look at how we can solve it and what customs have told us is that they want access to the different innovation in these different clouds and the different economic offers in each of these clouds. But they want to do it with less complexity, and they want to do it with less friction. And there's a bunch of areas where they're not looking for innovation. They don't need things work differently in networking. They want one way for networking to work across the multiple clouds and, frankly, to integrate with their own primus. Well. Likewise, for Security. A lot of Custer's air a little freaked out by the idea that there be different security regimes in every cloud that they use and maybe even different than what they already have on him. So they want that to be connected and to work management an application lifecycle. They're worried about that. They're like they don't want it to be different in every single cloud. A map Dynamics is a great example of an asset here. We got strong feedback for our customers that they needed to be able to measure the application performance in a common way across the environments. When imagine going to your CEO and talking about the performance of applications and having different metrics. 2,000,000,000 where it's hosted. It doesn't make any sense in terms of getting business insights. So I've dynamics is another example of something that Custer's one across all of that. So we really see Cisco's role is bringing all of those common capabilities and really reducing the complexity and friction of multi Cobb, enabling our customers to really take the most advantage possible. Multiple cloud. >> So Fabio kept talked about how moving to cloud is a little bit more complex than moving house from one neighborhood to the other. What are some of the key challenges that you guys are seeing? And how specifically is Cisco helping to ameliorate some of those challenges? >> Well, there are some challenges that are squarely in the camp where we can help. Others are related, and probably they're the toughest in clouds to fundamentally acquisition of talent. Right way can help with our custom off course with our partner ecosystem in this case, but a lot of that is really the culture of the company needs to change, right? We keep talking about develops way, keep talking about what does he mean operating this infrastructure in the cloud. It's a whole different ballgame, right? It's a continues integration, continues. Development is actually moving toe agile, kind of softer. The album models. And, you know, I very often do the analogy or what we've seen a few years ago in the data center space where we so actually, the end off the super specialization, like people on Lino in storage, all innit, working on ly computing. And then we saw the rise of people fundamentally expert in in the entire stack. We're seeing the same in the cloud with the rise of the Cloud Architect. These guys now are the ones they're behind building Cloud Centre of excellence. The issue. If you want guidance, where's the control remains into the other team's right. But this is very, very important. So it's overcoming, overcoming the talent gap and knowing how to deal with that on the bottom of that on the other side, so you get a free economy is technology challenges. For instance, embracing Q Burnett is becomes an embracing open source is a big, big challenge, right? You've gotta be able to master this kind of science if you want and trusting partners like, for instance, ourselves and others that will give you a curated versions of the softer image in life. Very often do customer meetings, and I ask how many how many tools to use in production for your Cuban Embassy plantation? And the answer ranges from 20 to 25. It's crazy, right? So imagine if 12 or three of these stools go away. What are you going to do? So you know, it's it's a whole different ball game really going to go into this kind of world. So Kip, we understand >> today, customers are multi cloud and future. It's going to be multi cloud. Think So. >> How do we make >> sure that multi cloud doesn't become least Domine, Denominator Cloud? Or, you know, you really say All I have is this combination of a bunch of pieces like the old multi vendor. How does multi cloud become more powerful than just the sum of its components? Is a good question, and we've really, I mean, way support a lot of different ways of accessing a cloud, Francisco, because we have such a broad Custer base and our goal is really to support our customers. However, they want to work. But we have made a bet in terms of avoiding the lowest common denominator on DH. Some people look ATT, accessing multiple clouds as sort of laying down one software platform and writing their software to one set of AP eyes that they didn't somehow implement in every cloud. And I think that does tend to get you to lowest common denominator because, you know, if you want to be on the Alexis Smart speaker, you have to be on the Lambda Service at a job. Yes, that's it. It doesn't exist anywhere else. And so if you're trying to create a common layer across so your clouds and that's your approach, you have to give up unique capabilities like that. And almost every consumer brand wants to be our needs to be on that election. Smart speaker. So we actually see it is more taking the functions that are not points of innovation, reducing the friction and leaving our customers with the time and energy to focus on taking advantage of their unique capabilities. And Fabio, you're partnering at Cisco with a number of their providers out there. Where are we with the maturity of all this? We were at the Cube con show and you know you're right. There's a lot of different tools. Simple is not what we're discussing, mostly out that show. So what do we solve today? And what kind of things does Cisco and its partners look to be solving kind of in the next 6 to 12 months? >> Partner? Partnering with this big players is absolutely a company priority for us, for Cisco, and one thing that's important is you, said multi vendor at the beginning. That was an interesting common, because if you think about it, multiple out is really business need, right? You want a hardness, innovation wherever it comes from. But then when you work with a specific provider in your reach, critical mass you want tohave integrations with this with this different providers, and that is the hybrid world. So hybrid is more of a technology need to streamline things like networking or security, or the way you storage because the poor things of this nature so that's three. Liza is a big need, and we'll continue, of course, adding more and more from the standpoint of partnerships every every one of the environments in our customers want to uses of interest for us, right to extend their policies to extend our reach. >> So just following up on that partnership, You guys air cloud agnostic, You don't own your own clouds, right? Not selling that. So you were at Google Cloud next to Europe on stage David Gettler, you've got a relationship with as your you got relationship with a W s. Obviously so talking about the importance of partnerships and specific strategy there in terms of your go to market, >> Well, you know, first, all the partnerships or critical I mean, it's you said we're not trying to move the workload Stark filed. And by the way, a lot of our customers has said that something that they value they see us is one of the biggest, most capable companies on the planet. That still is someone. I got sick and ableto work with them on. What's the right answer for their business? Not trying to move everything to one place and those partnerships a critical. So you're going to see us continue Teo building this partnerships. In fact, it's only day one here. I wouldn't be surprised if you saw some news this week on that. >> We were wondering if we're going to see somebody parachute in, that would be exciting. So why Cisco? Uh, ask each of you guys Maybe maybe, kid, you could You could give us the answer from your perspective and an Aussie. The same question. >> Well, from my perspective, it's based on what our customers tell us that again. You know, the things that were very good at things like networking and security are some of the biggest problems that our customs face in taking advantage of clouds and are some of things that they most want common across clouds. So we have a very natural role in this. I actually think back to the founding of Cisco, if you know the story. But it was Sandy Lerner and Limbo zakat Stanford. Their networks couldn't talk each other. You didn't remember back to the days like deck net and apple talk and all these things. It's hard to even recall because this new thing called peace pipe he obviously took over. That was the beginning of Sisko is building the multi protocol router that let those different islands talk each other. In many ways, Custer's see us doing sort of the same thing or want us to do the same thing in a multi cloud world. >> Well, just aside before I ask you, Fabian, a lot of people think that, you know, the microprocessor revolution killed many computers. IPads. Cisco kind of killed many computers to your point. But, Fabio, anything you would add to the sort of wisest >> guy would say, If you want my three seconds elevator peaches, we make multiple easier and more secure. Multiple this complex. So we definitely make it easier through our software. And we have three big buckets if you want there really compelling for for our customers, the 1st 1 is all of our software. Arsenal around weapon on his cloud center work looked a musician manager that helps last summer in building a unified application management kind of soft or sweet across home Prem and any of the public clouds that we've been talking about. The 2nd 1 is, as you said, we build on our DNA, which is, if you want and you heard Gettler today are multi domain kind of architecture, right, which is incredibly relevant in this case, you are not working in security. Fabric really is important there, and the thirties are ability because we don't compete with any other big players to partner with them and solve problems for our customers. So these three buckets are really, really important that deliver. Ah hi business value to >> our customers if I want to come back to something we're talking about is the Customs said the customers don't want a different security regime for each cloud, right? So it's complicated because, first of all, they're trying to struggle with their own security regime anyway, Right? Right? And that's transforming. What is the right right? Sorry security regime in this cloud here. How is it evolving? >> Well, me, What we're doing is we're bringing tools like Te Trae Shen, which now runs on prim and in the clouds. Things like stealth watch what's runs on permanent cloud and simply bringing them security frameworks that are very effective where I think a very capable of well known security vendor, but bringing them the capability to run the same capabilities in there on prem environments in their data centers as well as a multiple public clouds, and that just eliminates the scenes that hackers could maybe get into. It makes common policy possibles. They going to find policy around an application once and have it apply across Balto environments, which not only is easier for them but eliminates potential mistakes that they might make that might leave things open. Joe Hacker. So for us, it's that simple bringing very effective common frameworks for security across all these >> years. You certainly see the awareness of the security imperative moving beyond the SEC ops team. There's no question about that. It's now board level lines of business are worried about. For their digital transformation was data, but our organizations at the point where there operationalize ing security practices and the like, you know, to the extent that they should be >> well, I mean, I think when you say they should be, there's always room for improvement. Okay, but we're seeing just about all of our customers. I mean, as you said, securities is a sea level, if not a board level discussion and just about all of our customers. It's routinely top first or second concern on a survey when Custer's saw about what's concerning them with the clouds. And so we're seeing them really view, you know, security's foundational to what they're doing. >> I mean, it used to be. This sort of failure equals fire mentality. You somebody cracks through, you're fired. And so nobody talked about it. Now I think people realize, look, bad guys are going to get through. It's how you respond to them. Don't you think about how you using analytics, but yeah. So >> when we start just the >> way you were moving quickly >> towards, well, more or less quickly to a zero trust kind ofwork thie action assist you in this area every since the acquisition ofthe duo is performing exceptionally well. And if you want at the top of the security ecosystem in a multi polar world, you find identity because if you don't know who the user or the thing is, they're trying to use a certain application, you're in trouble because perimeter, all security off course is important. But you know that you're going to be penetrated, right? So it boils down to understanding who's doing what and re mediating a soon as possible. So it's a whole different paradigm >> of a security huge tail. When Francisco it's a business growing 21% a year, it's three more than three times the growth of the company. Overall, which is actually still pretty good. Five or 6%. So security rocketship? >> Yeah, Fabio, Just I noticed before we did the interview here that everybody is wearing the T shirts. The cloud takeover is happening here at the definite zone. So give those of us that you know aren't among the 28,000 you know here at the show. A little bit of what's happening from you're >> gonna do something unusual going, gonna turn that question to keep because he was actually on stage >> the second single. Why don't you just get that off? You know, I think it links back to it. Bobby. Always talking about what talent I mean, obviously the most important thing we bring our customers is the technology. We are a technology company, but so many of our customers were asking us to help them with this talent cap. And I think the growth of definite I mean, we're actually sitting here in the definite zone. It's got its own area Here. It's Sisk alive. It's gotten bigger every single year. Here it's just go live. The growth of definite is a sign of how important talent issue is as well as the new certifications that we announce we expanded our certification program to include software conjuncture with Dev. Net. So now people be able to get professional certifications Francisco not just on networking but on software capabilities and skills. And this is something both our partners, our customers have told us. They're really looking for now in terms of the takeover, it's something fun that the definite crew does. I think you're doing five of them during this week. I was really excited, Suzy. We asked us to be the first Eso es the opportunity. Kick it off. It does include beer. So that's one of the nice things. It includes T shirts, both things that I think are prevalent in the developer community. I'll say, Andi, just have an hour where the focus is on cloud technology. So we got everyone in cloud T shirts, a bunch of the experts for my product enduring teams on hand. We had some special presentations, were just many an hour focused on cloud >> Well, and I love that you're doing that definite zone. We've always been super impressed with this whole notion of infrastructures code. I think I've said many times of all the traditional enterprise cos you know computer companies, if you will hae t companies Cisco has done a better job of anybody than making its infrastructure programmable. We're talking about security before it's critical. If you're still tossing stuff over to the operations team, you're gonna be have exposures. Whereas you guys are in a position now and you talk talent, you're transitioning. You know the role of the C C I. A. And now is becoming essentially a developer of infrastructure is code, and it's a very powerful absolutely. I think we're >> helping our partners and our customers transform. Justus were transforming. I think it's kind of a symbiotic relationship that's super important to us. >> It's also important you think about the balancing act between agility, cost, called security or even data assurance. There. Tradeoffs involved the nobs. You have to turn, but you can. You can you achieve all three, you know, to optimize your business. >> Look, there may always be trade offs, but it's not sort of a zero sum game. All those we sing customers who've automated that through things like C I. D. Move Teo, you know, a different place in a much better place where They're not necessarily making trade offs on security to get better agility if they fully off if they fully automated their deployment chains. So they know that there are no mistakes there. They know that they have the ability to roll out fixes if they need to. They know that they're containers, for instance. They're being scanned from a security perspective, very every time they deploy them. They're actually able to build automated infrastructures that are more agile and more secure so that it's pretty exciting. >> So it involves the automated change management and date assurance talking about containers. That's interesting. Spinning up containers. You want to spend it down frequently. So the bad guys that makes it harder for them to get through. >> You talk about BM sprawling, right? Yeah, right. The Janus sprawling biggest issues out there. And by the way, you know, as you automate this infrastructure, rightly so you mention infrastructures code that you can do the other magic, which is introducing machine learning artificial intelligence. And today they get learn such Gupta gave school. Harold, thank you. Have a terrific demonstration off. You know, finding Rocco's analysis for very, very complex kind of problems that will take forever in the old fashion world. Now, all of a sudden you have the management system. In this case, the nation tells you actually where the problem is, and if you value there that you click a button and instantaneously you deploy, you know, new policies and configuration. That's a dream come true. Literally, you may say, probably we're the last ones to the party in terms of infrastructure players, the industry means. But we're getting there very quickly, and this is a whole new set of possibilities now, >> way talking the cube a lot, and I think it's really relevant for what I'm hearing about your strategies. This cloud is about bringing the cloud operating model to your data wherever your data lives. And that seems to be kind of underscore your your strategy. Absolutely. It's so edge cloud on Prem hybrid, you guys, Your strategy is really to enable customers to bring that operating model wherever they need to. Absolutely right >> that transparency is a big deal. I mean, application anywhere, eating. Did I anywhere? That's a world where we're going to >> guys thoughts. Final thoughts on Sisqo live this year. No, it's only day one gets a customer meetings tonight, but initial impression San Diego >> Well, it's It's a well, it's always great to be in San Diego on DH. It's a great facility, and we know our customers really enjoy San Diego is Well, I think we'll have a great customer appreciation event on Wednesday night. Um, but, you know, I was struck. Uh, you just have to the keynote. I mean, the world solutions was buzzing, and there seems to be is always a lot of energy. It's just go live. But somehow so far this season, maybe even a little bit more energy. I know we've got a number of announcements coming this week across a bunch different areas, including clouds. So we're excited for next few days. >> Well, you got the double whammy first half. We were in February when Barcelona guys don't waste any time. You come right back. And June, your final thoughts value. >> Oh, it's just so exciting to speak with customers and partners. Over here, you can touch their excitement. People love to come together and get old. The news, you know, in one place it's this tremendous amount of energy here. >> Keep copter Fabio Gori. Thanks so much for coming on The Cube. Appreciate it. Thank you for having your walkabout, keeper. Right, everybody. We'll be back with our next guest. David Out. A student of Aunt Lisa Martin. We're live from Cisco Live 2019 in San Diego, right back.

>> From our studios in the heart of Silicon Valley. HOLLOWAY ALTO, California It is a cube conversation. >> Welcome to the special. Keep conversation here in Palo Alto, California. I'm John for a co host of the Cube. Were Arsenal was a C I S O. C. So for Microsoft also corporate vice President, Chief information security. Thanks for joining me today. >> Thank you. >> Appreciate it. Thanks. So you have a really big job. You're a warrior in the industry, security is the hardest job on the planet. >> And hang in sight >> of every skirt. Officer is so hard. Tell us about the role of Microsoft. You have overlooked the entire thing. You report to the board, give us an overview of what >> happens. Yeah. I >> mean, it's you know, obviously we're pretty busy. Ah, in this world we have today with a lot of adversaries going on, an operational issues happening. And so I have responsibility. Accountability for obviously protecting Microsoft assets are customer assets. And then ah, And for me, with the trend also responsibility for business continuity Disaster recovery company >> on the sea. So job has been evolving. We're talking before the camera came on that it's coming to CEO CF roll years ago involved to a business leader. Where is the sea? So roll now in your industry is our is a formal title is it establishes their clear lines of reporting. How's it evolved? What's the current state of the market in terms of the sea? So it's roll? >> Yeah, the role is involved. A lot. Like you said, I think like the CIA or twenty years ago, you know, start from the back room of the front room and I think the, you know, one of things I look at in the role is it's really made it before things. There's technical architecture, there's business enablement. There's operational expert excellence. And then there's risk management and the older ah, what does find the right word? But the early see so model was really about the technical architecture. Today. It's really a blend of those four things. How do you enable your business to move forward? How do you take calculated risks or manage risks? And then how do you do it really effectively and efficiently, which is really a new suit and you look at them. You'LL see people evolving to those four functions. >> And who's your boss? Would you report to >> I report to a gentleman by the name of a curtain. Little Benny on DH. He is the chief digital officer, which would be a combination of Seo did officer and transformation as well as all of Microsoft corporate strategy >> and this broad board visibility, actually in security. >> Yeah, you >> guys, how is Microsoft evolved? You've been with the company for a long time >> in the >> old days ahead perimeters, and we talk about on the Cube all the time. When a criminalist environment. Now there's no perimeter. Yeah, the world's changed. How is Microsoft evolved? Its its view on security Has it evolved from central groups to decentralize? How is it how how was it managed? What's the what's the current state of the art for security organization? >> Well, I think that, you know, you raise a good point, though things have changed. And so in this idea, where there is this, you know, perimeter and you demanded everything through the network that was great. But in a client to cloak cloud world, we have today with mobile devices and proliferation or cloud services, and I ot the model just doesn't work anymore. So we sort of simplified it down into Well, we should go with this, you know, people calls your trust, I refer to It is just don't talk to strangers. But the idea being is this really so simplified, which is you've got to have a good identity, strong identity to participate. You have to have managed in healthy device to participate, to talk to, ah, Microsoft Asset. And then you have to have data in telemetry that surrounds that all the time. And so you basically have a trust, trust and then verify model between those three things. And that's really the fundamental. It's really that simple. >> David Lava as Pascal senior with twenty twelve when he was M. C before he was the C E O. V M. Where he said, You know his security do over and he was like, Yes, it's going to be a do over its opportunity. What's your thoughts on that perspective? Has there been a do over? Is it to do over our people looking at security and a whole new way? What's your thoughts? >> Yeah, I mean, I've been around security for a long time, and it's there's obviously changes in Massa nations that happened obviously, at Microsoft. At one point we had a security division. I was the CTO in that division, and we really thought the better way to do it was make security baked in all the products that we do. Everything has security baked in. And so we step back and really change the way we thought about it. To make it easier for developers for end users for admin, that is just a holistic part of the experience. So again, the technology really should disappear. If you really want to be affected, I think >> don't make it a happy thought. Make it baked in from Day one on new product development and new opportunity. >> Yeah, basically, shift the whole thing left. Put it right in from the beginning. And so then, therefore, it's a better experience for everyone using it. >> So one of things we've observed over the past ten years of doing the Cube when do first rolled up with scene, you know, big data role of date has been critical, and I think one of the things that's interesting is, as you get data into the system, you can use day that contextually and look at the contextual behavioral data. It's really is create some visibility into things you, Meyer may not have seen before. Your thoughts and reaction to the concept of leveraging data because you guys get a lot of data. How do you leverage the data? What's the view of data? New data will make things different. Different perspectives creates more visibility. Is that the right view? What's your thoughts on the role of Data World Data plays? >> Well, they're gonna say, You know, we had this idea. There's identity, there's device. And then there's the data telemetry. That platform becomes everything we do, what there's just security and are anomalous behavior like you were talking about. It is how do we improve the user experience all the way through? And so we use it to the service health indicator as well. I think the one thing we've learned, though, is I was building where the biggest data repositories your head for some time. Like we look at about a six point five trillion different security events a day in any given day, and so sort of. How do you filter through that? Manage? That's pretty amazing, says six point five trillion >> per day >> events per day as >> coming into Microsoft's >> that we run through the >> ecosystem your systems. Your computers? >> Yeah. About thirty five hundred people. Reason over that. So you can Certainly the math. You need us. Um, pretty good. Pretty good technology to make it work effectively for you and efficiently >> at RC A Heard a quote on the floor and on the q kind of echoing the same sentiment is you can't hire your way to success in this market is just not enough people qualified and jobs available to handle the volume and the velocity of the data coming in. Automation plays a critical role. Your reaction to that comment thoughts on? >> Well, I think I think the cure there, John, those when you talk about the volume of the data because there's what we used to call speeds and feeds, right? How big is it? And I used to get great network data so I can share a little because we've talked, like from the nineties or whatever period that were there. Like the network was everything, but it turns out much like a diverse workforce creates the best products. It turns out diverse data is more important than speeds and feeds. So, for example, authentication data map to, you know, email data map to end point data map. TEO SERVICE DATA Soon you're hosting, you know, the number of customers. We are like financial sector data vs Healthcare Data. And so it's the ability Teo actually do correlation across that diverse set of data that really differentiates it. So X is an example. We update one point two billion devices every single month. We do six hundred thirty billion authentications every single month. And so the ability to start correlating those things and movement give us a set of insights to protect people like we never had before. >> That's interesting telemetry you're getting in the marketplace. Plus, you have the systems to bring it in >> a pressure pressure coming just realized. And this all with this consent we don't do without consent, we would never do without consent. >> Of course, you guys have the terms of service. You guys do a good job on that, But I think the point that I'm seeing there is that you guys are Microsoft. Microsoft got a lot of access. Get a lot of stuff out there. How does an enterprise move to that divers model because they will have email, obviously. But they have devices. So you guys are kind of operating? I would say tear one of the level of that environment cause you're Microsoft. I'm sure the big scale players to that. I'm just an enterprising I'm a bank or I'm an insurance company or I'm in oil and gas, Whatever the vertical. Maybe. What do I do if I'm the sea? So they're So what does that mean, Diversity? How should they? >> Well, I think they have a diverse set of data as well. Also, if they participate, you know, even in our platform today, we you know, we have this thing called the security graph, which is an FBI people can tap into and tap into the same graph that I use and so they can use that same graph particular for them. They can use our security experts to help them with that if they don't have the all the resource and staff to go do that. So we provide both both models for that to happen, and I think that's why a unique perspective I should think should remind myself of which is we should have these three things. We have a really good security operations group we have. I think that makes us pretty unique that people can leverage. We build this stuff into the product, which I think is good. But then the partnership, the other partners who play in the graph, it's not just us. So there's lots of people who play on that as well. >> So like to ask you two lines of questions. Wanting on the internal complex is that organizations will have on the external complexity and realities of threats and coming in. How do they? How do you balance that out? What's your vision on that? Because, you know, actually, there's technology, his culture and people, you know in those gaps and capabilities on on all three. Yeah, internally just getting the culture right and then dealing with the external. How does a C so about his company's balance? Those realities? >> Well, I think you raised a really good point, which is how do you move the culture for? That's a big conversation We always have. And that was sort of, you know, it's interesting because the the one side we have thirty five hundred people who have security title in their job, But there's over one hundred thousand people who every day part of their job is doing security, making sure they'LL understand that and know that is a key part we should reinforce everyday on DSO. But I think balancing it is, is for me. It's actually simplifying just a set of priorities because there's no shortage of, you know, vendors who play in the space. There's no shortage of things you can read about. And so for us it was just simplifying it down and getting it. That simplifies simplified view of these are the three things we're going to go do we build onerous platform to prioritize relative to threat, and then and then we ensure we're building quality products. Those five things make it happen. >> I'd like to get your thoughts on common You have again Before I came on camera around how you guys view simplification terminal. You know, you guys have a lot of countries, the board level, and then also you made a common around trust of security and you an analogy around putting that drops in a bucket. So first talk about the simplification, how you guys simplifying it and why? Why is that important? >> You think we supply two things one was just supplying the message to people understood the identity of the device and making sure everything is emitting the right telemetry. The second part that was like for us but a Z to be illustrative security passwords like we started with this technology thing and we're going to do to FAA. We had cards and we had readers and oh, my God, we go talk to a user. We say we're going to put two FAA everywhere and you could just see recoil and please, >> no. And then >> just a simple change of being vision letters. And how about this? We're just going to get rid of passwords then People loved like they're super excited about it. And so, you know, we moved to this idea of, you know, we always said this know something, know something new, how something have something like a card And they said, What about just be something and be done with it? And so, you know, we built a lot of the capability natively into the product into windows, obviously, but I supported energies environment. So I you know, I support a lot of Mac clinics and IOS and Android as well So you've read it. Both models you could use by or you could use your device. >> That's that. That's that seems to be a trend. Actually, See that with phones as well as this. Who you are is the password and why is the support? Because Is it because of these abuses? Just easy to program? What's the thought process? >> I think there's two things that make it super helpful for us. One is when you do the biometric model. Well, first of all, to your point, the the user experience is so much better. Like we walk up to a device and it just comes on. So there's no typing this in No miss typing my password. And, you know, we talked earlier, and that was the most popular passwords in Seattle with Seahawks two thousand seventeen. You can guess why, but it would meet the complexity requirements. And so the idea is, just eliminate all that altogether. You walk up machine, recognize you, and you're often running s o. The user experience is great, but plus it's Actually the entropy is harder in the biometric, which makes it harder for people to break it, but also more importantly, it's bound locally to the device. You can't run it from somewhere else. And that's the big thing that I think people misunderstanding that scenario, which is you have to be local to that. To me, that's a >> great example of rethinking the security paradigm. Exactly. Let's talk about trust and security. You you have an opinion on this. I want to get your thoughts, the difference between trust and security so they go hand in hand at the same time. They could be confused. Your thoughts on this >> well being. You can have great trust. You can, so you can have great security. But you generally and you would hope that would equate like a direct correlation to trust. But it's not. You need to you build trust. I think our CEO said it best a long time ago. You put one bucket of water, one bucket. Sorry, one truffle water in the bucket every time. And that's how you build trust. Over time, my teenager will tell you that, and then you kick it over and you put it on the floor. So you have to. It's always this ratcheting up bar that builds trust. >> They doing great you got a bucket of water, you got a lot of trust, that one breach. It's over right, >> and you've got to go rebuild it and you've got to start all over again. And so key, obviously, is not to have that happen. But then, that's why we make sure you have operational rigor and >> great example that just totally is looking Facebook. Great. They have massive great security. What really went down this past week, but still the trust factor on just some of the other or societal questions? >> Yeah, >> and that something Do it. >> Security. Yeah, I think that's a large part of making sure you know you're being true. That's what I said before about, you know, we make sure we have consent. We're transparent about how we do the things we do, and that's probably the best ways to build trust. >> Okay, so you guys have been successful in Microsoft, just kind of tight the company for second to your role. It's pretty well documented that the stock prices at an all time high. So if Donatella Cube alumni, by the way, has been on the cue before he he took over and clear he didn't pivot. He just said we'd go in the cloud. And so the great moves, he don't eat a lot of great stuff. Open source from open compute to over the source. And this ship has turned and everything's going great. But that cheering the cloud has been great for the company. So I gotta ask you, as you guys move to the cloud, the impact to your businesses multi fold one products, ecosystem suppliers. All these things are changing. How has security role in the sea? So position been impact that what have you guys done? How does that impact security in general? Thoughts? >> Yeah, I think we obviously were like any other enterprise we had thousands of online are thousands of line of business applications, and we did a transformation, and we took a method logical approach with risk management. And we said, Okay, well, this thirty percent we should just get rid of and decommission these. We should, you know, optimize and just lifting shifting application. That cloud was okay, but it turns out there's massive benefit there, like for elasticity. Think of things that quarterly reporting or and you'll surveys or things like that where you could just dynamically grow and shrink your platform, which was awesome linear scale that we never had Cause those events I talk about would require re architectures. Separate function now becomes linear. And so I think there is a lot of things from a security perspective I could do in a much more efficient must wear a fish. In fact, they're then I had to have done it before, but also much more effective. I just have compute capability. Didn't have I have signal I didn't have. And so we had to wrap her head around that right and and figure out how to really leverage that. And to be honest, get the point. We're exploited because you were the MySpace. I have disaster and continent and business. This is processed stuff. And so, you know, everyone build dark fiber, big data centers, storage, active, active. And now when you use a platform is a service like on that kind of azure. You could just click a Bach and say, I want this thing to replicate. It also feeds your >> most diverse data and getting the data into the system that you throw a bunch of computer at that scale. So What diverse data? How does that impact the good guys and the bad guys? That doesn't tip the scales? Because if you have divers date and you have his ability, it's a race for who has the most data because more data diversity increases the aperture and our visibility into events. >> Yeah, I you >> know, I should be careful. I feel like I always This's a job. You always feel like you're treading water and trying to trying to stay ahead. But I think that, um, I think for the first time in my tenure do this. I feel there's an asymmetry that benefits. They're good guys in this case because of the fact that your ability to reason over large sets of data like that and is computed data intensive and it will be much harder for them like they could generally use encryption were effectively than some organization because the one the many relationship that happens in that scenario. But in the data center you can't. So at least for now, I feel like there's a tip This. The scales have tipped a bit for the >> guy that you're right on that one. I think it's good observation I think that industry inside look at the activity around, from new fund adventures to overall activity on the analytics side. Clearly, the data edge is going to be an advantage. I think that's a great point. Okay, that's how about the explosion of devices we're seeing now. An explosion of pipe enabled devices, Internet of things to the edge. Operational technologies are out there that in factory floors, everything being I P enables, kind of reminds me of the old days. Were Internet population you'd never uses on the Internet is growing, and >> that costs a lot >> of change in value, creation and opportunities devices. Air coming on both physical and software enabled at a massive rate is causing a lot of change in the industry. Certainly from a security posture standpoint, you have more surface area, but they're still in opportunity to either help on the do over, but also create value your thoughts on this exploding device a landscape, >> I think your Boston background. So Metcalfe's law was the value the net because the number of the nodes on the network squared right, and so it was a tense to still be true, and it continues to grow. I think there's a huge value and the device is there. I mean, if you look at the things we could do today, whether it's this watch or you know your smartphone or your smart home or whatever it is, it's just it's pretty unprecedented the capabilities and not just in those, but even in emerging markets where you see the things people are doing with, you know, with phones and Lauren phones that you just didn't have access to from information, you know, democratization of information and analysis. I think it's fantastic. I do think, though, on the devices there's a set of devices that don't have the same capabilities as some of the more markets, so they don't have encryption capability. They don't have some of those things. And, you know, one of Microsoft's responses to that was everything. Has an M see you in it, right? And so we, you know, without your spirit, we created our own emcee. That did give you the ability to update it, to secure, to run it and manage it. And I think that's one of the things we're doing to try to help, which is to start making these I, O. T or Smart devices, but at a very low cost point that still gives you the ability because the farm would not be healed Update, which we learn an O. T. Is that over time new techniques happen And you I can't update the system >> from That's getting down to the product level with security and also having the data great threats. So final final talk Tracking one today with you on this, your warrior in the industry, I said earlier. See, so is a hard job you're constantly dealing with compliance to, you know, current attacks, new vector, new strains of malware. And it's all over the map. You got it. You got got the inbound coming in and you got to deal with all that the blocking and tackling of the organization. >> What do you What do >> you finding as best practice? What's the what if some of the things on the cso's checklist that you're constantly worried about and or investing in what some of >> the yeah, >> the day to day take us through the day to day life >> of visited a lot? Yeah, it >> starts with not a Leslie. That's the first thing you have to get used to, but I think the you know again, like I said, there's risk Manager. Just prioritize your center. This is different for every company like for us. You know, hackers don't break and they just log in. And so identity still is one of the top things. People have to go work on him. You know, get rid of passwords is good for the user, but good for the system. We see a lot in supply chain going on right now. Obviously, you mentioned in the Cambridge Analytical Analytics where we had that issue. It's just down the supply chain. And when you look at not just third party but forthe party fifth party supply and just the time it takes to respond is longer. So that's something that we need to continue to work on. And then I think you know that those are some of the other big thing that was again about this. How do you become effective and efficient and how you managed that supply chain like, You know, I've been on a mission for three years to reduce my number of suppliers by about fifty percent, and there's still lots of work to do there, but it's just getting better leverage from the supplier I have, as well as taking on new capability or things that we maybe providing natively. But at the end of the day, if you have one system that could do what four systems going Teo going back to the war for talent, having people, no forces and versus one system, it's just way better for official use of talent. And and obviously, simplicity is the is the friend of security. Where is entropy is not, >> and also you mentioned quality data diversity it is you're into. But also there's also quality date of you have quality and diverse data. You could have a nice, nice mechanism to get machine learning going well, but that's kind of complex, because in the thie modes of security breaches, you got pre breached in breech post breach. All have different data characteristics all flowing together, so you can't just throw that answer across as a prism across the problem sets correct. This is super important, kind of fundamentally, >> yeah, but I think I >> would I would. The way I would characterize those is it's honestly, well, better lessons. I think I learned was living how to understand. Talk with CFO, and I really think we're just two things. There's technical debt that we're all working on. Everybody has. And then there's future proofing the company. And so we have a set of efforts that go onto like Red Team. Another actually think like bad people break them before they break you, you know, break it yourself and then go work on it. And so we're always balancing how much we're spending on the technical, that cleanup, you know, modernizing systems and things that are more capable. And then also the future proofing. If you're seeing things coming around the corner like cryptography and and other other element >> by chain blockchain, my supply chain is another good, great mechanism. So you constantly testing and R and D also practical mechanisms. >> And there in the red team's, which are the teams that attacking pen everything, which is again, break yourself first on this super super helpful for us >> well bred. You've seen a lot of ways of innovation have been involved in multiple ways computer industry client server all through the through the days, so feel. No, I feel good about this you know, because it reminds me and put me for broken the business together. But this is the interesting point I want to get to is there's a lot of younger Si SOS coming in, and a lot of young talent is being attractive. Security has kind of a game revived to it. You know, most people, my friends, at a security expert, they're all gamers. They love game, and now the thrill of it. It's exciting, but it's also challenging. Young people coming might not have experience. You have lessons you've learned. Share some thoughts over the years that scar either scar tissue or best practices share some advice. Some of the younger folks coming in breaking into the business of, you know, current situation. What you learned over the years it's Apple Apple. But now the industry. >> Yeah, sadly, I'd probably say it's no different than a lot of the general advice I would have in the space, which is there's you value experience. But it turns out I value enthusiasm and passion more here so you can teach about anybody whose passion enthusiastic and smart anything they want. So we get great data people and make them great security people, and we have people of a passion like you know, this person. It's his mission is to limit all passwords everywhere and like that passion. Take your passion and driver wherever you need to go do. And I >> think the nice >> thing about security is it is something that is technically complex. Human sociology complex, right? Like you said, changing culture. And it affects everything we do, whether it's enterprise, small, medium business, large international, it's actually a pretty It's a fasten, if you like hard problem. If you're a puzzle person, it's a great It's a great profession >> to me. I like how you said Puzzle. That's I think that's exactly it. They also bring up a good point. I want to get your thoughts on quickly. Is the talent gap is is really not about getting just computer science majors? It's bigger than that. In fact, I've heard many experts say, and you don't have to be a computer scientist. You could be a lot of cross disciplines. So is there a formula or industry or profession, a college degree? Or is it doesn't matter. It's just smart person >> again. It depends if your job's a hundred percent. Security is one thing, but like what we're trying to do is make not we don't have security for developers you want have developed to understand oppa security and what they build is an example on DSO. Same with administrators and other components. I do think again I would say the passion thing is a key piece for us, but But there's all aspects of the profession, like the risk managers air, you know, on the actuarial side. Then there's math people I had one of my favorite people was working on his phD and maladaptive behavior, and he was super valuable for helping us understand what actually makes things stick when you're trying to train their educate people. And what doesn't make that stick anthropologist or super helpful in this field like anthropologist, Really? Yeah, anthropologist are great in this field. So yeah, >> and sociology, too, you mentioned. That would think that's a big fact because you've got human aspect interests, human piece of it. You have society impact, so that's really not really one thing. It's really cross section, depending upon where you want to sit in the spectrum of opportunity, >> knowing it gives us a chance to really hire like we hire a big thing for us has been hard earlier in career and building time because it's just not all available. But then also you, well, you know, hire from military from law enforcement from people returning back. It's been actually, it's been a really fascinating thing from a management perspective that I didn't expect when I did. The role on has been fantastic. >> The mission. Personal question. Final question. What's getting you excited these days? I mean, honestly, you had a very challenging job and you have got attend all the big board meetings, but the risk management compliance. There's a lot of stuff going on, but it's a lot >> of >> technology fund in here to a lot of hard problems to solve. What's getting you excited? What what trends or things in the industry gets you excited? >> Well, I'm hopeful we're making progress on the bad guys, which I think is exciting. But honestly, this idea the you know, a long history of studying safety when I did this and I would love to see security become the air bags of the technology industry, right? It's just always there on new president. But you don't even know it's there until you need it. And I think that getting to that vision would be awesome. >> And then really kind of helping move the trust equation to a whole other level reputation. New data sets so data, bits of data business. >> It's total data business >> breath. Thanks for coming on the Q. Appreciate your insights, but also no see. So the chief information security officer at Microsoft, also corporate vice president here inside the Cuban Palo Alto. This is cute conversations. I'm John Career. Thanks for watching. >> Thank you.

live from Orlando Florida it's the cube coverage conf 18 got to you by spunk welcome back to Splunk kampf 18 hashtag Splunk conf 18 you watching the cube the leader in live tech coverage we go out to the events we extract the signal from the noise I'm Dave Volante with my co-host Stu many men we love to talk to the customers too we've had seven out of ten of our interviews today have been with the customers Tony Alessandra was here as the chief architect at the co-operators group limited insurance company up in Canada leader in that field Tony thanks so much for coming on the yeah it's great to be here thanks for having me so we were talking off-camera about some of the innovation that's going on in Toronto and want to get to that innovation is actually in your long title yeah there's the time but tell us about your role as chief architect and then some of the other areas that you touch yes certainly so my primary role at the co-operators group is to serve as chief architect for the group of companies and so it's a fancy term to mean that I influence how we invest in technology and process for our strategy and for our operational imperatives I also have responsibility for information security within our organization so I have a great team led by a C so at the co-operators group and essentially our role is to to protect the data of our clients right we have a million unique clients across Canada that entrust us with a lot of personal and confidential data we have thousands of financial advisers throughout the company and so we have retail outlets throughout the entire geography of Canada and essentially we collect a lot of data and and with respect to policies for commercial businesses for private clients for subscribers etc and I also manage an innovation portfolio for the organization and so it's actually I'll work with our business stakeholders within the organization to figure out how we could accelerate new businesses accelerate new capabilities with the use of technology who's excited that's a big big big role that you have if I want to send the the regime you have for security say the seaso reports to you yes sir and there's a set CIO there right there is yeah so I report to the to the executive vice president and CIO of the co-operators group of companies and and my responsibility within the organization is to report back to our CIO on all the responsibilities that I talked to you about okay so this the C so technically reports up through the CIO and C so reports up through me into the CIO yeah which is that's a whole other interesting discussion maybe if we have time we could talk about that absolutely um so a lot of data I mean we think about insurance company regulated you got your claim systems which are critical you have your agent systems which are also critical different types of data both data on customers but when you talk about the data that you guys collect where's it come from what are you trying to do with with that data yes so so you know I'll start I'll start with the motive right the problem that we're trying to solve and so I'll say first and foremost we're an insurance company we offer assurance and protection to our clients right and so in the process of offering assurance and protection to our clients you know they entrust us with massive amounts of data like you know as we as we mentioned before but we'll also need to set a good example because a lot of the assurance some of the assurance that we offer to our clients is also cyber protection we offer cyber insurance to our clients we need to set a good example we need to demonstrate resilience right Splunk is a primary tool in our Arsenal where we're showing our clients that we have good resilience to be able to detect and respond to security threats when they happen that's part of our mandate right so our responsibility with respect to using Splunk is to collect data from all of our major systems within our organization we use Blonk to monitor we use Blanc to detect and we also use Splunk to respond when something is going on what is this is really interesting you're being proactive about from your you know from an actuarial standpoint you rate your risk you're being very proactive when many if not most insurance companies would do is say ok what what's the history yeah and are there any high-profile breaches and yeah as opposed to what you're doing like sounds like you're really inspecting what the policies and the procedures and the technology of your clients is I think you hit on an important point right and so the important point is that you know the the the art of actuarial science is to rely on a lot of history in the past you know to predict the risks of the future but the reality is that model is falling apart very quickly because there is very little history for cyber threats and the other aspect of it is its inconsistent its evolving and it's changing on a regular basis right and so that's why you use platforms like Splunk use platforms like spunk to detect new threats and to end to in sort of to advance new correlations what should we be concerned about which threats are relevant to us which ones can we ignore and unless you have good platforms to do correlation unless you have good automation you're gonna need a large army of people to chase things that may not be relevant to either you or your clients so Tony your industry usually has quite a bit of M&A as to kind of fund the growth that's going on curious how does Splunk in your data strategy fit into M&A type a quiz yeah yeah and so I think that's one of the biggest potential uses of Splunk for us right and so the way that insurance is evolving right now is insurance companies are all trying to figure out how they get involved in the loss prevention game right in the past it's all been about assurance right it's all been about protection and so when you think about the Internet of Things is one of the biggest untapped opportunities for insurance companies it's all about data right so smart homes smart buildings cars outfitted with telematics so it's every history you wearing wearable devices so in terms of health and you know a health insurance and life insurance protection etc all of this data is meaningful to offer value to clients beyond what we've been able to do in the past one of the things we've looked at I know the industry is looking at is well how do you value that data is that something your company's gotten into yeah absolutely and so you know part of what we need to figure out is how to model that data to give the right level of engagement to the customer so to create that two-way engagement with the customer right how am i doing how am i driving is the weather a threat for me in in the in the foreseeable future in terms of things that I need to protect is there a hailstorm coming you know should I should I you know have alerts and and and you know provide you know ask clients to move some of their valuables indoors I mean all of these are things that will increase that engagement with our clients because face it with insurance your clients engage with you two times a year right two major time policy renewal and if they're unfortunate enough to have a claim right we need to have a but we need to have a better game much more proactive game with them so you're in other ways a risk consultant with your your clients right yeah so describe that so you client comes to you says they're interested or you go to them they're interested in in in in a security you know insurance where does it start do you ask them you have Splunk do you advise them as to what are you going to look at their policies and procedures well how does it work so so I think you know Splunk is one of those valuable assets that enables the capability right insurance you know the game is becoming all about data having massive amounts of data and being able to use that data to help assess the risks for a client properly right because without having good data everything is a great guest these days I mean with climate change with cyber risks evolving with customers preferences changing data is going to be the meaningful difference in terms of understanding what risks a client has what the probability is and how to write a meaningful policy for them where they're engaged and they understand it well enough as well understand it well enough to prevent some of their losses and that's really the issue that we're trying to figure out how do we help clients understand their risks and then prevent losses prevent or minimize losses for them and and what role does Splunk play in that you you know your your your client are you a an advisor or you encourage your customers to use belong counters at all so we're talking about our future roadmap right now and this is what we're trying to figure out what's blanc this is where we see the strategic opportunities with blah right and so when we look at the co-operators the way that co-operators has been using Splunk in the past is for their security sim we were one of the very first large companies in Canada to put our security sim on Splunk we were the very first large company in Canada to put our sim in Splunk clout right and so we we you know we're very proud with being able to work with Splunk for for charting that course right for setting the example our next course is how do we leverage a platform as powerful as Splunk now to give value to our customers we're protecting our customers data assets and now it's about returning valuable insights back to the customers in terms of loss prevention that's our forward-thinking approach in terms of how we stay ahead in terms of leveraging this as a unique asset as a unique capability so your leader you've got street cred you can now extend that to your client base I mean for an insurance company risk you know chaos is just cash as I like to say it's opportunity for you guys and to the extent that you can help clients mitigate that risk to win-win it's essentially for them the reduction in expected loss it can actually hate to say this but could actually pay for the insurance which is let's take attractive it's a massive win and I think you know the other part you know that people need to think differently about is the way that people consume insurance will change dramatically as well in the next tenure so and so where you think now that you know your typical home and auto insurance you will buy an annual policy well the reality is that Home Sharing car sharing ride-sharing insurance will change to what we call episodic oh right and so essentially you'll be consuming insurance for an activity right and the only way that you'll be able to sort of drive that activity in a meaningful way is to have a lot of data on that activity right where are you driving how did you drive you know what what are the risks associated to when you're driving in the geography that you're driving where are you renting out your home what are the rooms to which client and so understanding all of those elements give us the best opportunity at giving you just in time insurance for the right risks surance as a service I love it personalized for me I mean the model generally item as a consumer is broken it's very bespoke my insurance company doesn't know who I am it's just to check a bunch of boxes off and they sent me another form every year and advised some new things and I don't even know what half the time they are that's exactly right right then the and the only way you're able to personalize is to have all of that data on an individual on a company on an event right so we give you insurance for you based on your needs based on your risks Tony we know there's a lot of AI happening up in the Toronto area yeah maybe our audience might not know tell them a little bit about that and how you're thinking about AI and what interest you have and what's Blanc's talking about when they talk about AI yeah you're absolutely right I mean there's a loop there's a massive amount of artificial intelligence activity in the Toronto Kitchener corridor within southern Ontario I would say it's early days for insurance in terms of how we leverage AI I think you know some of the early wins for us have been what we refer to as chat BOTS or virtual assistants right helping clients so this is basically speed and convenience for clients right clients need to know something very quickly very predictive short-tailed answers we're there for customers who choose to do that where it's going next is helping clients assess risk and predict outcomes associated to risks right and so there's a lot of different use cases that we're working there partnerships with startups partnerships with mainstream organizations like Splunk is an important partner for us in this area and of course academic institutions that are investing right this is all part of it for the sales channel for the risk channel for claims processing so imagine being able to submit a claim on a mobile device gathering all that data being able to correlate that data to say we've seen this before right based on the correlation here's your damages we could processes as quickly here's the experts you need to go to here's the restoration facilities that you'll engage those are massive opportunities for client service and for an ability for an insurance company to settle things quickly right we're talking about weather before it's obviously a changing dynamic has a change variable and maybe it's it's model Abel I don't know but but clearly weather incidents are on the rise have caught companies and probably insurance companies you know a little bit off guard you know climate change etc the boiling seas this we've heard yeah what do you guys what's your position on that how do you accommodate that and pass it on to your customers and well I think this is what we're well known for right and so first of all we're not gonna be able to control the weather but what we'd be able to do is prevent it from getting worse right and so when you'll hear the leadership within our organization talk especially our CEO our CEO is very passionate about building resilient communities and that starts with making sure that we're building communities in the right spots not in flood plains not in areas of high risk of forest fires or or other things that you could you know potentially prevent you know within a certain geography and so that's first and foremost right and so we're a leader in this space in Canada how do you become a leader in this area you collect data understand the geography understand the trends associated to the understand the future risks associated to those geographies based on weather trends and then lobby governments builders entrepreneurs everybody land development consortiums to say we need to build communities in better places we need to build more resilient communities and then thereafter it's making sure that you're leveraging data to be able to predict and minimize losses for clients in those areas right and that's what you'll use weather data for right who do I need to alert we have threats on the way what can we prevent how do we minimize these losses for Canadians I think the big risk that we all need to understand if the weather continues to change at the same pace are our you know people will not be able to afford the risks right and so the insurance will rise exponentially and and you know will we we won't have a sustainable model for the future so it's clear for you guys it's really all about the data one of the challenges that a lot of companies in your industry have is the data it's about the data for them to insurance companies you could argue our you know IT companies in many respects they develop products that are put together by technologists but a lot of the data is in silos yeah as Splunk allowed you to break down those silos and and is that yet part while you're a leader well like I could talk about what's where Splunk has been able to to offer us that that that ability is with security right and so we have data we have information security log data associated to our systems and our application everywhere on Prem our partner sites in our agency offices on different endpoint devices in the cloud with our different service providers so what Splunk has been able to do is us to be able to aggregate that data consume that data build valid use cases and to correlate that and raise proper alerts right that's our main priority right now is to build resilience with information security that knowledge will take us to these other areas that we want to do in offering now the value back to our clients right embed that value into our product offerings is our next logical step awesome Tony thanks very much for coming on the cube really appreciate it you're welcome it's good to meet you in the pleasure have the leaves changed in Toronto its Toronto by the way stew no tea it's coming it's coming fast Dave a lot a force to Minutemen thanks for watching we'll be right back after this short break you're watching the cube from Splunk Kampf 18 [Music]

>> Announcer: Live from Las Vegas. It's theCUBE. Covering Fortinet Accelerate 18. Brought to you by Fortinet. (upbeat music) >> Welcome back to theCUBE. Our continuing coverage of Fortinet Accelerate 2018. We're excited to be here. I'm Lisa Martin with Peter Burris, and we're excited to talk to one of the Keynotes the big cheese from the main stage session this morning, John Maddison. >> I say, small cheese I would say. >> SVP of Products and Solutions at Fortinet. Welcome back to theCUBE. >> It's great to be here again. >> So two things I learned about you when you started off your Keynote. One you're a Man City Fan, Manchester City. >> Manchester City Blue. >> Okay. >> Through and through, for many years. >> Premier League all the way. And you have the best job at Fortinet. >> I do indeed. >> Wow. >> That is to announce the new products of course. >> So let's talk about that. So you talked about some exciting announcements today. Tell us about, start with a Security Fabric. What's new there, what's going on, what's exciting? >> Well the core of the Security Fabric is FortiOS 6.0, that's our network operating system. That's the core of he Fabric and when we do a big release like this, many different features, new functionalities. Also we have tighter integration now between all our products in the Fabric. Bus, as I said, new features as well. Things like SD-WAN has been improved, we now have probably estimate of breed SD-WAN security. The Fabric integration itself is going on. We built out some new connectors with cloud. Now we have connectors for all the public clouds. All the public clouds. We have a new CASB connector, acronym city, of course, as usual, CASB is cloud access security broker, API access the SaaS clouds. And so we've got that not only in it's standalone form but also very much integrated inside the Fabric. We've also introducing some new FortiGuard service as part of FortiOS 6.0, a new security rating which is based on a bunch of new practices or best practices that all our customers have said this is great best practices, can you put this together and apply these to our network overall. That's just skimming the surface as I say, I think I said there's 200 plus new services I could have stood up there for like six hours or whatever. But great new services are 6.0 big announcement for us. >> We just chatted with your America's Channel Chief Jon Bove, talk to us about. >> Who's an Arsenal fan by the way. >> What. >> And we beat him Sunday three nil in the Cup final. >> Excellent. >> Just to make sure you get this. >> I'm sure. >> Write that down. >> Jot that down. >> So what excitement are you hearing in, from your perspective, in the channel with respect to all of the new announcements that you made today? >> Great feedback, so this obviously is a big channel partner event here. You know what a lot of channel partners are saying is that I need to make sure I provide more of a solution to the customers. In the past, you know maybe they sell a point product, it's hard to kind of keep that relationship going with that customer. But if they sell a solution with one or two products that's part of that solution or managed and some services as part of that, it's much stickier for the partners and gives them a bit more of an architectural approach to their customers network. They really like the Fabric as I said. The Fabric doesn't have to be everything inside the Fabric, they can be components. It's what we've seen far from a Fabric components. Our partners really latched on to the network plus the advanced threat protection, plus the management or plus the access points. But they definitely prefer to sell a complete solution. It's hard for them to manage 40 different security vendors, the skill sets, the training and everything else. Now they're not saying there needs to be one security vendor, much as we would like it to be Fortinet, but they need to be reduced to maybe a set of 10 or 12 and really, our Fabric allows them to do that. >> That's a key differentiator. >> Absolutely key differentiator and as I said, you know it's very hard to build a Fabric. It's a mesh network, all these products talk to each other. You can only really do that if you build those products organically, step-by-step, alongside the network operating system. It's no good acquiring lots of bits and pieces and trying to bolt it together, it's not going to work. We spent a long time, 10 years, building out this Fabric organically to make sure it integrates but also putting the best of breed features and things like SD-WAN and CASB. >> What is the product? In this digital world what is a product? >> A security product? >> Any kind of product. As a guy who runs product management, what's a product, can we talk about what is a security product? >> I think in the past you know product management used to be very focused on I've got a box that comes out, or I've got a piece of software that comes out, these days it could be virtual machine or cloud, but it's doing a single instance, there's a single thing that it's doing inside, inside the network from a security perspective. What we believe in is that multifunction, now consolidation, multiple threat vectors I refer to this that like the digital attack surface. The digital transformation, security transformation. The biggest issue though, is that digital attack surface. That's just expanded enormously, it's very dynamic. Things are coming on on off the network was spinning up virtual machines and applications here and there. A point product these days just can't cope, can't cope. You need solutions against specific threat vectors that are applied in a dynamic way using the Fabric. >> But arguably it's even beyond solutions. You need to be able to demonstrate to the customer that there is an outcome that's consistent and that you will help achieve that outcome, You'll take some responsibility for it. In many respects, we move from a product to a solution, to an outcome orientation. Does that resonate with you and if so, how does that influence the way you think and the way that you're guiding Fortinet and partners? >> Yes, definitely. You know one of the first things they're very worried about is you know can they see that digital attack surface. It's very large now and it's moving around. Their outcome, first outcomes to say, do I know my risk on my attack surface? That's the very first out. Is it visible, can I see it, or can I protect it or can I apply the right threat protection against that. That outcome to them is they can see everything, protect everything, but as I said also, now they're moving into this more detection environment. Where you've got machine learning, artificial intelligence because you need to apply that. The bad guys these days are very smart in that they know they can morph things very quickly and provide you know targeted attacks, zero-day attacks, we probably haven't seen it before. I hate this analogy where we say somebody else got to get infected before everyone else gets protected. It shouldn't be that way. With, you know, with technologies like artificial intelligence, machine learning, we should be able to protect everybody from day one. >> Kind of pivoting on, you brought up the word outcome, and I want to go off that for a second. When you're talking with customers and you mentioned, I think, before we went live that you visited, talked to over 300 customers last year. Who is at the table, at a customer, in terms of determining the outcome we need to have? Are we talking about the CSO's team, what about folks in other organizations, operational technology departments. Who are you now seeing is in this conversation of determining this outcome. >> A new job role which I think been coming for a while, it's the security architect. Two years ago, I'll go into a room and there would be the networking team on one side of the table, this InfoSec team security side, on this side of the table, the CIO over here and the CSO over here and they be debating. I would be almost invisible in the room. They'll be debating what's going to happen because you know the CIO wants to build out more agile business applications, wants to move faster. The security team has got to answer to the Board these days, and they got to make sure everything's secure. What's their risk factor? And what I see is a new job function called the security architect, that kind of straddles a bit the networking team, understands what they're building out from an SDN, architecture, cloud perspective, but also understands the risks when you open up the network. The security architect provides more holistic, long-term architecture view for the customer, versus, I've got to fix this problem right now I've got a hold of a bucket, I've got to fix it, then we move on to the next. They're building a system on architecture long term. We have something called a Network Security Expert, it's our training education capability. We have an NSC eight, we have around 100 thousand people certified in the last two years on NSC between one and eight. And about 100 people on eight, because eight's a very high level architect level across all the security technologies. But we definitely see a lot of partners who want to get their people trained to NCE level eight because they would like to provide that security architect that's in the customer now, that advice on what should be that holistic security architecture. The big change to me is that the networking team and the security team have realized they can't just keep fixing things day to day, they need a more holistic long-term architecture. >> Let's talk about that holistic approach. At Wikibon we talk a lot about SiliconANGLE Wikibon, we talk a lot about how the difference between business and digital business is the role that data assets play in the digital business. I think it's a relatively interesting, powerful concept, but there's not a lot of expertise out there about thinking how is a data asset formed. I think security has a major role to play in defining how a data assets structured because security in many respects is the process of privatizing data so that it can be appropriated only as you want it to. What does the security architect do? Because I could take what you just said and say the security architect is in part responsible for defining and sustaining the data asset portfolio. >> Yes and you know, if you go back a few years, there's data leakage prevention was a big area, big marketplace, DLP is the best thing. Their biggest problem that they did was they couldn't tag the assets. They didn't know what assets were so then when it came to providing data protection they go well, what is it, I don't know where it's from, I don't know what it is. And so that a whole marketplace kind of just went away. We're still there a bit, but everyone's really struggling with it still. The 6.0 introduced something called tagging technology. It's inherent already inside routing systems and switching systems, SDN systems. The tagging technology allows you to look at data or devices or interfaces or firewalls from a higher level and say this is the business relationship between that device, that data and what my business objectives are. We talked about intent based network security and the ability long term is to say, hey, if I've got a user and I want to add that user to this network at security level six to that application, I say that, then it gets translated into bits and bytes and network comport and then gets translated end-to-end across the network. The tagging technology from my mind is the first step in a to be able to kind of tag interfaces and data and everything else. Once you've got that tagging done then you can apply policies as a much higher level which are data centric and business aware centric. >> I'm going to ask you a question related to that. Historically, networks in the IT world were device was the primary citizen right. Then when we went to the web the page became a primary citizen. Are we now talking about a world in which data becomes the primary citizen we're really talking about networks of data? >> I think to some extent. If you look at the users today, they have like maybe three or four devices. Because students, universities, there's something on with those lectures, they've got an iPad, their iPhone, three devices attaching there. I think the definition of one user and one device has gone away and it's multiple devices these days. And you know a lot of devices attaching that no one has any clue about. I don't think it's going to be completely data centric because I still think it's very very hard to tag and classify that data completely accurately as it's moving around. I think tends to be a part of it, I think devices going to be part of it, I think the network itself, the applications, are all going to be part of this visibility. In our 6.0 we provide this topology map where you can see devices users. You can see applications spin up, you can see the relationship between those things and the policies, the visibility is going to be extremely important going forward and then the tagging goes along with that and then you can apply the policy. >> With respect to visibility, I wanted to chat about that a little bit in the context of customers. One of the things that Ken talked about in his keynote was. >> Ken? >> Ken. >> Ken Xie. >> Yes. (laughing) >> Ken who? >> That guy? The guy that steals slides from you in keynotes. >> He did as usual. >> I know, I saw that. >> Tells me like two minutes before tells me John, I need that slide. (Peter laughing) >> That's why you have the best job. Everybody wants to copy you. In terms of what what the CEO said, that guy, that Fortinet protects 90% of the global S&P 100. There were logos of Apple, Coca-cola, Oracle, for example. In terms of visibility, as we look at either, a giant enterprise like that or maybe a smaller enterprise where they are, you mentioned this digital tax surface is expanding because they are enabling this digital business transformation, they've got cloud, multi-cloud, mobile, IoT, and they also have 20, north of 20, different security products in their environments. How did they get visibility across these disparate solutions that don't play together. How does Fortinet help them achieve that visibility, so they can continue to scale at the speed they need to? >> Well I think they use systems like SIM systems we have a Forti SIM as well where you can use standard base sys logs and SNMP to get information up there so they can see it that way. They're using orchestration systems to see parts of it, but I think long term, I think I speak to most customers they say, although there's specific, new vendors maybe for specific detection capabilities, they really want to reduce the number of vendors inside their network. You say 20, I sometimes I hear 30 and 40. It's a big investment for them. But they also realize they can't maintain it long term. Our recommendation to customers is to, if you've got some Fortinet footprint in there, look at what's the most obvious to build out from a Fortinet perspective. Sometimes we're in the data centers or sometimes we expand into the WAN and sometimes we expand into the cloud. Sometimes we'll add some advanced threat protection. We're not saying replace everything obviously with Fortinet, we're saying build what's most obvious to you and then make sure that you've got some vendors in that which are part of our Fabric alliance. We have 42 vendors now, security vendors, from end point to cloud to management that can connect in through those different APIs. And when we click them through those APIs they don't get you know the full Fabric functionality in terms of telemetry and visibility but they apply a specific functionality. A good example would be an endpoint vendor connecting through our sandbox not quite sure about files, entered our sandbox we'll give them a recommendation back. As soon as we know about that, all the Fabric knows about it instantly across the whole network because time is of the essence these days. When something gets hacked, it's inside a network. It's less than 60 seconds for something for the whole network. That's why segmentation, interim segmentation, is still a very important project for our customers to stop this lateral movement of infections once they get inside the network. >> But, very quickly, it does sound as though that notion of the security architect, this increasing complexity inside the network and I asked the question about whether data is going to be the primary decision, you get a very reasonable answer to that. But it sounds like increasingly, a security expert is going to have to ask the question how does this data integrate? How am I securing this data? And that, in many respects, becomes a central feature of how you think about security architecture and security interactions. >> Yeah but I think people used to build a network and bolt on security as an afterthought. I think what they're saying now is we need for the networking people and security people to work together to build a holistic security architecture totally integrated day one, not some afterthought that goes on there. That's why we know, we've been building the Fabric all these years to make sure it's a totally integrated Fabric end-to-end segmentation architecture where you can also then connect in different parts of the network. It has to be built day one that way. >> Last question, is sort of, I think we asked your CSO this, the balance between enabling a business to transform digitally at speed and scale. I think it was one of you this morning, that said that this is going to be the year of security transformation. Could've been that guy, that other guy, that you know, steals your slides. But how do how does a company when you're talking with customers, how do they get that balance, between we are on this digital transformation journey. We've got a ton of security products. How do they balance that? It's not chicken and egg to be able to continue transforming to grow profit, you know be profitable, with underpinning this digital business with a very secure infrastructure. >> As I said, I think most of them got that now. They kind of go, they've got this five-year plan versus a one-year plan or a six-month plan on the security side. It's integrated into the network architecture plan long term and that's the way they're building it out and that's the way they've got a plan to get, you know, you look at financial organizations who want to provide internet access or branch offices. They've got a plan to roll it out, that's safe going forward, or they want to add broadband access to their internet, like 5G or broadband interconnection, they've got a plan for it. I think people are much more aware now that when I build something out whether it be on the data side on the network side, it has to be secure from day one. It can't be something I'll do afterwards. I think that's the biggest change I've seen in my customer interactions is that they absolutely, essential is absolutely essential that they build out a secure network from day one, not an afterthought going forward. >> Well, we'll end it there, secure network from day one. John, thanks so much for stopping by theCUBE, congratulations on the announcements and we hope you have a great show. >> Great thanks. >> Thank you for watching, we are theCUBE, live from Fortinet Accelerate 2018. I'm Lisa Martin with my co-host Peter Burris. Stick around, we'll be right back.