(light upbeat music) >> Hey, everyone. Welcome back to theCUBE's day long coverage of Women in Data Science 2023. Live from Stanford University, I'm Lisa Martin. We've had some amazing conversations today with my wonderful co-host, as you've seen. Tracy Zhang joins me next for a very interesting and inspiring conversation. I know we've been bringing them to you, we're bringing you another one here. Dr. Irene Dankwa-Mullan joins us, the Chief Medical Officer at Marti Health, and a speaker at WIDS. Welcome, Irene, it's great to have you. >> Thank you. I'm delighted to be here. Thank you so much for this opportunity. >> So you have an MD and a Master of Public Health. Covid must have been an interesting time for you, with an MPH? >> Very much so. >> Yeah, talk a little bit about you, your background, and Marti Health? This is interesting. This is a brand new startup. This is a digital health equity startup. >> Yes, yes. So, I'll start with my story a little bit about myself. So I was actually born in Ghana. I finished high school there and came here for college. What would I say? After I finished my undergraduate, I went to medical school at Dartmouth and I always knew I wanted to go into public health as well as medicine. So my medical education was actually five years. I did the MPH and my medical degree, at the same time, I got my MPH from Yale School of Public Health. And after I finished, I trained in internal medicine, Johns Hopkins, and after that I went into public health. I am currently living in Maryland, so I'm in Bethesda, Maryland, and that's where I've been. And really enjoyed public health, community health, combining that aspect of sort of prevention and wellness and also working in making sure that we have community health clinics and safety net clinics. So a great experience there. I also had the privilege, after eight years in public health, I went to the National Institute of Health. >> Oh, wow. >> Where I basically worked in clinical research, basically on minority health and health disparities. So, I was in various leadership roles and helped to advance the science of health equity, working in collaboration with a lot of scientists and researchers at the NIH, really to advance the science. >> Where did your interest in health equity come from? Was there a defining moment when you were younger and you thought "There's a lot of inequities here, we have to do something about this." Where did that interest start? >> That's a great question. I think this influence was basically maybe from my upbringing as well as my family and also what I saw around me in Ghana, a lot of preventable diseases. I always say that my grandfather on my father's side was a great influence, inspired me and influenced my career because he was the only sibling, really, that went to school. And as a result, he was able to earn enough money and built, you know, a hospital. >> Oh wow. >> In their hometown. >> Oh my gosh! >> It started as a 20 bed hospital and now it's a 350 bed hospital. >> Oh, wow, that's amazing! >> In our hometown. And he knew that education was important and vital as well for wellbeing. And so he really inspired, you know, his work inspired me. And I remember in residency I went with a group of residents to this hospital in Ghana just to help over a summer break. So during a summer where we went and helped take care of the sick patients and actually learned, right? What it is like to care for so many patients and- >> Yeah. >> It was really a humbling experience. But that really inspired me. I think also being in this country. And when I came to the U.S. and really saw firsthand how patients are treated differently, based on their background or socioeconomic status. I did see firsthand, you know, that kind of unconscious bias. And, you know, drew me to the field of health disparities research and wanted to learn more and do more and contribute. >> Yeah. >> Yeah. So, I was curious. Just when did the data science aspect tap in? Like when did you decide that, okay, data science is going to be a problem solving tool to like all the problems you just said? >> Yeah, that's a good question. So while I was at the NIH, I spent eight years there, and precision medicine was launched at that time and there was a lot of heightened interest in big data and how big data could help really revolutionize medicine and healthcare. And I got the opportunity to go, you know, there was an opportunity where they were looking for physicians or deputy chief health officer at IBM. And so I went to IBM, Watson Health was being formed as a new business unit, and I was one of the first deputy chief health officers really to lead the data and the science evidence. And that's where I realized, you know, we could really, you know, the technology in healthcare, there's been a lot of data that I think we are not really using or optimizing to make sure that we're taking care of our patients. >> Yeah. >> And so that's how I got into data science and making sure that we are building technologies using the right data to advance health equity. >> Right, so talk a little bit about health equity? We mentioned you're with Marti Health. You've been there for a short time, but Marti Health is also quite new, just a few months old. Digital health equity, talk about what Marti's vision is, what its mission is to really help start dialing down a lot of the disparities that you talked about that you see every day? >> Yeah, so, I've been so privileged. I recently joined Marti Health as their Chief Medical Officer, Chief Health Officer. It's a startup that is actually trying to promote a value-based care, also promote patient-centered care for patients that are experiencing a social disadvantage as a result of their race, ethnicity. And were starting to look at and focused on patients that have sickle cell disease. >> Okay. >> Because we realize that that's a population, you know, we know sickle cell disease is a genetic disorder. It impacts a lot of patients that are from areas that are endemic malaria. >> Yeah. >> Yeah. >> And most of our patients here are African American, and when, you know, they suffer so much stigma and discrimination in the healthcare system and complications from their sickle cell disease. And so what we want to do that we feel like sickle cell is a litmus test for disparities. And we want to make sure that they get in patient-centered care. We want to make sure that we are leveraging data and the research that we've done in sickle cell disease, especially on the continent of Africa. >> Okay. >> And provide, promote better quality care for the patients. >> That's so inspiring. You know, we've heard so many great stories today. Were you able to watch the keynote this morning? >> Yes. >> I loved how it always inspires me. This conference is always, we were talking about this all day, how you walk in the Arrillaga Alumni Center here where this event is held every year, the vibe is powerful, it's positive, it's encouraging. >> Inspiring, yeah. >> Absolutely. >> Inspiring. >> Yeah, yeah. >> It's a movement, WIDS is a movement. They've created this community where you feel, I don't know, kind of superhuman. "Why can't I do this? Why not me?" We heard some great stories this morning about data science in terms of applications. You have a great application in terms of health equity. We heard about it in police violence. >> Yes. >> Which is an epidemic in this country for sure, as we know. This happens too often. How can we use data and data science as a facilitator of learning more about that, so that that can stop? I think that's so important for more people to understand all of the broad applications of data science, whether it's police violence or climate change or drug discovery or health inequities. >> Irene: Yeah. >> The potential, I think we're scratching the surface. But the potential is massive. >> Tracy: It is. >> And this is an event that really helps women and underrepresented minorities think, "Why not me? Why can't I get involved in that?" >> Yeah, and I always say we use data to make an make a lot of decisions. And especially in healthcare, we want to be careful about how we are using data because this is impacting the health and outcomes of our patients. And so science evidence is really critical, you know? We want to make sure that data is inclusive and we have quality data. >> Yes. >> And it's transparent. Our clinical trials, I always say are not always diverse and inclusive. And if that's going to form the evidence base or data points then we're doing more harm than good for our patients. And so data science, it's huge. I mean, we need a robust, responsible, trustworthy data science agenda. >> "Trust" you just brought up "trust." >> Yeah. >> I did. >> When we talk about data, we can't not talk about security and privacy and ethics but trust is table stakes. We have to be able to evaluate the data and trust in it. >> Exactly. >> And what it says and the story that can be told from it. So that trust factor is, I think, foundational to data science. >> We all see what happened with Covid, right? I mean, when the pandemic came out- >> Absolutely. >> Everyone wanted information. We wanted data, we wanted data we could trust. There was a lot of hesitancy even with the vaccine. >> Yeah. >> Right? And so public health, I mean, like you said, we had to do a lot of work making sure that the right information from the right data was being translated or conveyed to the communities. And so you are totally right. I mean, data and good information, relevant data is always key. >> Well- >> Is there any- Oh, sorry. >> Go ahead. >> Is there anything Marti Health is doing in like ensuring that you guys get the right data that you can put trust in it? >> Yes, absolutely. And so this is where we are, you know, part of it would be getting data, real world evidence data for patients who are being seen in the healthcare system with sickle cell disease, so that we can personalize the data to those patients and provide them with the right treatment, the right intervention that they need. And so part of it would be doing predictive modeling on some of the data, risk, stratifying risk, who in the sickle cell patient population is at risk of progressing. Or getting, you know, they all often get crisis, vaso-occlusive crisis because the cells, you know, the blood cell sickles and you want to avoid those chest crisis. And so part of what we'll be doing is, you know, using predictive modeling to target those at risk of the disease progressing, so that we can put in preventive measures. It's all about prevention. It's all about making sure that they're not being, you know, going to the hospital or the emergency room where sometimes they end up, you know, in pain and wanting pain medicine. And so. >> Do you see AI as being a critical piece in the transformation of healthcare, especially where inequities are concerned? >> Absolutely, and and when you say AI, I think it's responsible AI. >> Yes. >> And making sure that it's- >> Tracy: That's such a good point. >> Yeah. >> Very. >> With the right data, with relevant data, it's definitely key. I think there is so much data points that healthcare has, you know, in the healthcare space there's fiscal data, biological data, there's environmental data and we are not using it to the full capacity and full potential. >> Tracy: Yeah. >> And I think AI can do that if we do it carefully, and like I said, responsibly. >> That's a key word. You talked about trust, responsibility. Where data science, AI is concerned- >> Yeah. >> It has to be not an afterthought, it has to be intentional. >> Tracy: Exactly. >> And there needs to be a lot of education around it. Most people think, "Oh, AI is just for the technology," you know? >> Yeah, right. >> Goop. >> Yes. >> But I think we're all part, I mean everyone needs to make sure that we are collecting the right amount of data. I mean, I think we all play a part, right? >> We do. >> We do. >> In making sure that we have responsible AI, we have, you know, good data, quality data. And the data sciences is a multi-disciplinary field, I think. >> It is, which is one of the things that's exciting about it is it is multi-disciplinary. >> Tracy: Exactly. >> And so many of the people that we've talked to in data science have these very non-linear paths to get there, and so I think they bring such diversity of thought and backgrounds and experiences and thoughts and voices. That helps train the AI models with data that's more inclusive. >> Irene: Yes. >> Dropping down the volume on the bias that we know is there. To be successful, it has to. >> Definitely, I totally agree. >> What are some of the things, as we wrap up here, that you're looking forward to accomplishing as part of Marti Health? Like, maybe what's on the roadmap that you can share with us for Marti as it approaches the the second half of its first year? >> Yes, it's all about promoting health equity. It's all about, I mean, there's so much, well, I would start with, you know, part of the healthcare transformation is making sure that we are promoting care that's based on value and not volume, care that's based on good health outcomes, quality health outcomes, and not just on, you know, the quantity. And so Marti Health is trying to promote that value-based care. We are envisioning a world in which everyone can live their full life potential. Have the best health outcomes, and provide that patient-centered precision care. >> And we all want that. We all want that. We expect that precision and that personalized experience in our consumer lives, why not in healthcare? Well, thank you, Irene, for joining us on the program today. >> Thank you. >> Talking about what you're doing to really help drive the volume up on health equity, and raise awareness for the fact that there's a lot of inequities in there we have to fix. We have a long way to go. >> We have, yes. >> Lisa: But people like you are making an impact and we appreciate you joining theCUBE today and sharing what you're doing, thank you. >> Thank you. >> Thank you- >> Thank you for having me here. >> Oh, our pleasure. For our guest and Tracy Zhang, this is Lisa Martin from WIDS 2023, the eighth Annual Women in Data Science Conference brought to you by theCUBE. Stick around, our show wrap will be in just a minute. Thanks for watching. (light upbeat music)

(upbeat music) >> Hello everyone, welcome to the special CUBE presentation of the AWS Partner Showcase season one, episode two. I'm John Furrier, your host of theCUBE. We've got two great guest here. Douglas Ko, Director of product marketing at Cohesity and Sabina Joseph General Manager of AWS, Amazon Web Services. Welcome to the show. >> Thank you for having us. >> Great to see you Sabina and Douglas. Great to see you, congratulations at Cohesity. Loved the shirt, got the colors wearing there on Cohesity, Always good I can't miss your booth at the shows, can't wait to get back in person, but thanks for coming in remotely. I got to say it's super excited to chat with you, appreciate it. >> Yeah, pleasure to be here. >> What are the trends you're seeing in the market when it comes to ransomware threats right now. You guys are in the middle of it right now more than ever. I was hearing more and more about security, cloud scale, cloud refactoring. You guys are in the middle of it. What's the latest trends in ransomware? >> Yeah, I have to say John, it's a pleasure to be here but on the other hand, when you asked me about ransomware, right? The data and the statistics are pretty sobering right now. If we look at what just happened in 2020 to 2021, we saw a tenfold increase in a ransomware attacks. We also saw the prediction of a ransomware attack happening every 11 seconds meaning by the time I finished this sentence there's going to be another company falling victim to ransomware. And it's also expected by 2031 that the global impact of ransomware across businesses will be over $260 billion, right? So, that's huge. And even at Cohesisity, right, what we saw, we did our own survey, and this one actually directly to end users and consumers. And what we found was over 70% of them would reconsider doing business with a company that paid a ransom. So all these things are pretty alarming and pretty big problems that we face today in our industry. >> Yeah, there's so many dimensions to it. I mean, you guys at Cohesity have been doing a while. It's being baked in from day one, security in the cloud and backup recovery, all that is kind of all in one thing now. So to protect against ransomware and other threats is huge Sabina, I got to ask you Amazon's view of ransomware is serious. You guys take it very seriously. What's the posture and specifically, what is AWS doing to protect customers from this threat? >> Yeah, so as Doug mentioned, right, there's no industry that's immune to ransomware attacks. And just as so we all level set, right? What it means is somebody taking control over and locking your data as an individual or as a company, and then demanding a ransom for it, right? According to the NIST, the National Institute of Standards and Technology cybersecurity framework, there are basically five main functions which are needed in order to plan and manage these kind of cybersecurity ransomware attacks. They go across identifying what do you need to protect, actually implementing the things that you need in order to protect yourself, detecting things if there is an attack that's going on, then also responding, how do you get out of this attack? And then bringing things, recovery, right? Bringing things back to where they were before the attack. As we all know, AWS takes security very seriously. We want to make sure that our customer's data is always protected. We have a number of native security solutions, but we are also looking to see how we can work with partners. And this is in fact when in the fall of 2019, the Cohesity CEO, Mohit Aron, myself and a couple of us, we met and we brainstorm, what could we do something that is differentiated in the market? When we built this data management as a service native solution on top of AWS, it's a first of a kind solution, John. It doesn't exist anywhere else in the market, even to even today. And we really focused on using the well architected review, the five pillars of security, reliability, operational excellence, performance, and cost optimization. And we built this differentiated solution together, and it was launched in April, 2020. And then of course from a customer viewpoint, they should use a comprehensive set of solutions. And going back to that security, that cyber security framework that I mentioned, the Cohesity data management as a service solution really falls into that recovery, that last area that I mentioned and solution actually provides, granular management of data, protection of data. Customers can spin up things very quickly and really scale their solution across the globe. And ensure that there is compliance, no matter how many times we do data changes, ads and so on across the world. >> Yeah, Sabina, that's a great point about that because a lot of the ransomware actually got bad actors, but also customers can misconfigure things. They don't follow the best practice. So having that native solutions are super important. So that's a great call out. Douglas, I got to go back to you because you're on the Cohesity side and a the partner of AWS. They have all these best practices that for the good actors, got to pay attention to the best practices and the bad actors also trying to get in creates a two, challenge an opportunity. So how do organizations protect their data against these attacks? And also how do they maintain their best practices? Because that's half the battle too, is the best practices to make sure you're following the guidelines on AWS side, as well as protecting the attacks. What's your thoughts? >> Yeah, absolutely. First and foremost, right? As an organization, you need to understand how ransomware operates and how it's evolved over the years. And when you first look at it, Sabina already mentioned it, they started with consumers, small businesses, attacking their data, right? And some of these, consumers or businesses didn't have any backup. So the first step is just to make sure your data is backed up, but then the criminals kind of went up market, right? They understood that big organizations had big pocket and purses. So they went after them and the larger organizations do have backup and recovery solutions in place. So the criminals knew that they had to go deeper, right? And what they did was they went after the backup systems themselves and went to attack, delete, tamper with those backup systems and make it difficult or impossible to recover. And that really highlighted some solutions is out there that had some vulnerabilities with their data immutability and capabilities around WORM. And those are areas we suggest customers look at, that have immutability and WORM. And more recently again, given the way attacks have happened now is really to add another layer of defense and protection. And that includes, traditionally what we used to call, the 3-2-1 rule. And that basically means, three copies of data on two different sets of media with one piece of that data offsite, right? And in today's world and the cloud, right? That's a great opportunity to kind of modernize your environment. I wish that was all that ransomware guys we're doing right now and the criminals were doing, but unfortunately that's not the case. And what we've seen is over the past two years specifically, we've seen a huge increase in what you would call data theft or data exfiltration. And that essentially is them taking that data, a specific sense of the data and they're threatening to expose it to the dark web or selling it to the highest bidder. So in this situation it's honestly very difficult to manage. And the biggest thing you could do is obviously harden your security systems, but also you need a good understanding about your data, right? Where all that sensitive information is, who has access to it and what are the potential risks of that data being exposed. So that takes another step in terms of leveraging a bunch of technologies to help with that problem set. >> What can businesses do from an architectural standpoint and platform standpoint that you guys see there's key guiding principles around how their mindset should be? What's the examples of other approaches- >> Yeah. >> Approach here? >> No, I think they are both us at Cohesity and I'll speak for Sabina, AWS, we believe in a platform approach. And the reason for that is this a very complicated problem and the more tools and more things you have in there, you add risk of complexity, even potential new attack surfaces that the criminals can go after. So we believe the architecture approach should kind of have some key elements. One is around data resiliency, right? And that again comes from things like data encryption, your own data is encrypted by your own keys, that the data is immutable and has that, right, want to read many or WORM capabilities, so the bad guys can't temper with your data, right? That's just step one. Step two is really understanding and having the right access controls within your environment, right? And that means having multi factor authentication, quorum, meaning having two keys for the closet before you can actually have access to it. But it's got to go beyond there as well too. We got to leverage some newer technologies like AI and machine learning. And that can help you with detection and analysis of both where all your sensitive information is, right? As well as understanding potential anomalies that could signify attack or threat in progress. So, those are all key elements. And the last one of course is I think it takes a village, right? To fight the ransomware war. So we know we can't do it alone so, that's why we partner with people like AWS. That's why we also partner with other people in the security space to ensure you really have a full ecosystem support to manage all those things around that framework. >> That's awesome. Before I get to Sabina, I want to get into the relationship real quick, but I want to come back and highlight what you said about the data management as a service. This is a joint collaboration. This is some of the innovation that Cohesity and AWS are bringing to the market to combat ransomware. Can you elaborate more on that piece 'cause this is important. It's a collaboration that we're going to gather. So it's a partner and you guys were going to take us through what that means for the customer and to you guys. I mean, that's a compelling offering. >> So when we start to work with partners, right? we want to make sure that we are solving a customer problem. That's the whole working backwards from a customer. We are adding something more that the customer could not do. That's why when either my team or me, we start to either work on a new partnership or a new solution, it's always focused on, okay, is this solution enabling our customer to do something that they couldn't do before? And this approach has really helped us, John, in enabling majority of the fortune 500 companies and 90% of the fortune 100 companies use partner solutions successfully. But it's not just focused on innovation and technology, it's also focused on the business side. How are we helping partners grow their business? And we've been scaling our field teams, our AWS sales teams globally. But what we realized is through partner feedback, in fact, that we were not doing a great job in helping our partners close those opportunities and also bring net new opportunities. So in our field, we actually introduced a new role called the ISV Success Manager, ISMs that are embedded in our field to help partners either close existing opportunities, but also bring net new opportunities to them. And then at re:Invent 2020, we also launched the ISB accelerate program, which enables our field teams, the AWS field teams to get incentive to work with our partners. Cohesity, of course, participates in all of these programs and has access to all of these resources. And they've done a great job in leveraging and bringing our field teams together, which has resulted in hundreds of wins for this data management as a service solution that was launched. >> So you're bringing customers to Cohesity. >> Absolutely. >> Okay, I got to get the side. So they're helping you, how's this relationship going? Could you talk about the relationship on the customer side? How's that going? Douglas, what's your take on that? >> Yeah, absolutely. I mean, it's going great. That's why we chose to partner with AWS and to be quite honest, as Sabina mentioned, we really only launched data management and service back in 2020, late 2020. And at that time we launched with just one service then, right, when we first launched with backup as a service. Now about 15 months later, right? We're on the brink of launching four services that are running on AWS cloud. So, without the level of support, both from a go to market standpoint that Sabina mentioned as well as the engineering and the available technology services that are on the AWS Cloud, right? There's no way we would've been able to spin up new services in such a short period of time. >> Is that Fort Knox and Data Govern, those are the services you're talking about Or is that- >> Yeah, so let me walk you through it. Yeah, so we have Cohesity DataProtect, which is our backup as a service solution. And that helps customers back their data to the cloud, on-prem, SaaS, cloud data like AWS, all in a single service and allows you to recover from ransomware, right? But a couple months ago we also announced a couple new services that you're alluding to John. And that is around Fort Knox and DataGovern. And basically Fort Knox, it is basically our SaaS solution for data isolation to a vaulted copy in the AWS cloud. And the goal of that is to really make it very simple for customers, not only to provide data immutability, but also that extra layer of protection by moving that data offsite and keeping it secure and vaulted away from cyber criminals and ransomware. And what we're doing is simplifying the whole process that normally is manual, right? You either do it manually with tapes or you'll manually replicate data to another data center or even to the cloud, but we're providing it as a service model, basically providing a modern 3-2-1 approach, right? For the cloud era. So, that's what's cool about Fort Knox, DataGovern, right? That's also a new service that we announced a few months ago and that really provides data governance and user behavior analytics services that leverages a lot that AI machine learning that everybody's so excited about. But really the application of that is to automate the discovery of sensitive data. So that could be your credit card numbers, healthcare records, a personal information of customers. So understanding where all that data is, is very important because that's the data that the criminals are going to go after and hold you host. So that's kind of step one. And then step two is again, leveraging machine learning, actually looking at how users are accessing and managing that data is also super important because that's going to help you identify potential anomalies, such as people sharing that data externally, which could be a threat. It could be in improper vault permissions, or other suspicious behaviors that could potentially signify data exfiltration or ransomware attack in progress. >> That's some great innovation. You got the data resiliency, of course, the control mechanism, but the AI piece machine learning is awesome. So congratulations on that innovation. Sabina, I'm listening to conversation and hear you talk. And it reminds me of our chat at re:Invent. And the whole theme of the conference was about the innovation and rapid innovations and how companies are refactoring with the cloud and this NextGen kind of journey. This is a fundamental pillar of AWS's rapid innovation concept with your partners. And I won't say it's new, but it's highly accelerated. How are you guys helping partners be with this rapid innovation, 'cause you're seeing benefits can come faster now, Agile is here. What are some of the programs that you're doing? How are you helping customers take advantage of the rapid innovation with the secret sauce of AWS? >> Yeah, so we have a number of leadership principles, John, and one of them, of course, is customer obsession. We are very focused on making sure we are developing things that our customers need. And we look for these very same qualities when we work with partners such as Cohesity. We want to make sure that it's a win-win approach for both sides because that's what will make the partnership durable over time. And this John, our leadership team at AWS, right from our CEO down believes that partners are critical to our success and as partners lean in, we lean in further. And that's why we signed the strategic collaboration agreement with Cohesity in April, 2020, where data management as a service solution was launch as part of that agreement. And for us, we've launched this solution now and as Doug said, what are the next things we could be doing, right? And just to go back a little bit when Cohesity was developing this solution with us, they used a number of our programs. Especially on the technical side, they used our SaaS factory program, which really helped them build this differentiated solution, especially focused around security compliance and cost optimizing the solution. Now that we've launched this solution, just like Doug mentioned, we are now focused on leveraging other services like security, AIML, and also our analytic services. And the reason for that is Cohesity, as we all know, protects, manages this data for the customer, but we want to make sure that the customer is extracting value from this data. That is why we continue to look, what can we do to continue to differentiate this solution in this market. >> That's awesome. You guys did a great job. I got to say, as it gets more scale, there's more needs for this rapid, I won't say prototyping, but rapid innovation and the Cohesity side does was you guys have been always on point on the back and recovery and now with security and the new modern application development, you guys are in the front row seats of all the action. So, I'll give you the final worry what's going on at Cohesity, give an update on what you guys are doing. What's it like over there these days? How's life give a quick plug for Cohesity. >> Yeah, Cohesity is doing great, right? We're always adding folks to the team, on our team, we have a few open racks open both on the marketing side, as well as the technology advocacy side. And of course, some of our other departments too, and engineering and sales and also our partner teams as well, working with AWS partners such as that. So, in our mind, the data delusion and growth is not going to slow down, right? So in this case, I think all tides raises all the boats here and we're glad to be innovative leader in this space and really looking to be really, the new wave of NextGen data management providers out there that leverages things like AI that leverages cybersecurity at the core and has an ecosystem of partners that we're working with, like AWS, that we're building out to help customers better manage their data. >> It's all great. Data is in the mid center of the value proposition. Sabina, great to see you again, thanks for sharing. And Douglas, great to see you too. Thanks for sharing this experience here in theCUBE. >> Thanks, John. >> Okay, this is theCUBE's AWS Partner Showcase special presentation, speeding innovation with AWS. I'm John Furrier your host of theCUBE. Thanks for watching. (upbeat music)

>>From around the globe. It's the cube with digital coverage of AWS reinvent 2020 sponsored by Intel, AWS and our community partners. >>Hi everyone. Welcome back to the cubes. Live coverage cube live program for re:Invent 2020. This is our Q virtual. We're not in person like we normally are. Today is the AWS public sector. Worldwide celebration day. A lot of content coming from Teresa Carlson and her team and highlighting everything. Of course, the cube channel on the re:Invent events site. Well, the content we streaming there, if you go to the description, you can click on the link and check out all the on-demand interviews. We've done hundreds of videos live before the event pre recorded as well as here live today for public sector day, I'm showing Lisa Martin co-hosts of the cube. Who's been involved in a lot of those interviews. Uh, Lisa, great to see you before we good to see you. Thanks for coming on. >>Likewise. Good to see you too, John. Glad that you're staying safe. >>Well, a lot of good action. And before we get started, I do want to put a plug out for, um, some Salesforce, big party virtual event. Uh, Salesforce is having a big party at re:Invent 2020 a virtual house party with chance the rapper performing an exclusive set with surprise celebrities and DJ in residence December 10th that's tomorrow at 5:00 PM Pacific, go to salesforce.com/big party to check out chance the rapper. Uh, I'm a big fan. Of course my kids are more fans than, uh, check out the sales report. Okay. Back to cube virtual Lisa. Great to see you. >>Likewise John. So public sector day, a lot of transformation mean re:Invent being reinvented, being virtual 500,000 registered. And so, so much has changed, but a lot also that Teresa Carlson spoke about in her keynote and this morning about the transformation across the public sector, that's really been driven by necessity with COVID. It was really impressive to hear and see all of the good things that AWS is facilitating across healthcare, government, education, state, and local. You name it. >>Yeah. The thing I love about Theresa is she's always been ever since I've known her now she's been on the cube every year, since 2013, since we've been covering re:Invent, she's always had a big, bold vision, and she's always kind of stayed on that track. And this year that was really clear out of the box on her, her leadership session. You got to think big and you got to look at the value of the data. That was the key message from her, her and her group public sector, by the way, has been highly active with the COVID pandemic. A lot of public services have been leveraging Amazon cloud to serve, uh, their, their, their people, whether it's getting them the checks for entitlements or getting them, you know, pharmacy drugs and whatnot, and helping them with the pandemic. But clearly Amazon has stepped up and helped education with, with, uh, remotes. So Theresa's team has been pretty busy. So I think that they had more time to prepare for the virtual keynote. I should've gotten chock full of more announcements. >>Yeah. And also some great examples. As you mentioned, we heard from UK biobank, some of the interviews also that have already happened on the kid that you've done showed some amazing work that AWS has helped to facilitate for school districts in Los Angeles, for example, the government of Rhode Island. And those are some of the great things cabbage, what they were able to enable Kevin's to do, to deliver small business loans of so quickly. A lot of that, I thought, I wish we're hearing more about how technology is facilitating so much. Goodness, in COVID on the news. Of course, we're hearing a lot of the challenges with online learning, but there's a lot of amazing things that AWS has been able to facilitate incredibly quickly. >>You know, one of the concerns I have with Theresa and her team years and years ago was this idea of national parks, right? You know, we have spaces where we can go visit and why isn't there a cyber version of that. And so you S you saw that progression and she'd been doing a lot of deals where they're using the cloud and donating their technology for the betterment of society. And one of the things that was, um, news today was an advancement of their open data registry, which has been kind of this open commons of, you know, health data and whatnot. And now they have all the sequencing data that's searchable, readable, uh, from the national Institute of health for DNA sequencing. So this is going to be, again, more commons, like approach is starting to see that I think this is going to be a real big trend lease. >>I think you're going to start to see the big companies have to really contribute to society in a way that we've never seen before, because they have the large scale. You can donate large compute to say research projects. So you starting to see, uh, from Teresa's team, the bubbling up of these new shared experiences around technology for the betterment of society. I think that sequencing was one, the renewable energy project. Another one, again, they're investing in women owned businesses and underrepresented minorities, and at small, medium size businesses to fund them, we saw a guy launching stuff in space that can create, you know, synthetic satellites. So you can look through clouds. This is new. I mean, this is interesting. >>It is interesting. And it actually, to your point is impactful at every level across the globe, going from when they talked about we farm creating this network of small scale of farmers, connectivity was their biggest problem. And now there's over a million. I'm sure that number it's probably even bigger. I've connected farmers due to AWS. You talked about also it's the cord 19 search, which is the expansion of their open research dataset. COVID open research data set that is only possible because of cloud computing and AWS hundreds of thousands of assets in there. Um, 200 plus open data sets for genomic research. She talked about how that's been at the of some of the things that we've seen go on so quickly with operation work speed, uh, with respect to the vaccine. So a lot of acceleration when we know public sector kind of traditionally not necessarily fast movers, but of course, as we've all said, a number of times recently necessity is the mother of invention and the speed element and the connectivity element were things that really spoke loudly to me with what Teresa said today, about the importance of extracting value from data. >>You know, when I talked to Andy Jassy and he talked about this in his keynote, the digital transformation is on full display. And the necessity being the mother of invention is a great phrase, the system and sticking because you can't hide. I mean, you have to deliver these services in the public sector, or, you know, people's lives are going to be impacted in certainly this there's death involved, right? So you have that and then you've got education. I mean, people want to see that changed quicker. There's always been conscious, Oh, education has got to be re-imagined well, guess what? There's no school open. So we got to re-imagine it now. So you get a lot of pressure, unprecedented demand. She said, Theresa said, three's a crosswind actually set onstage for education change. Um, so that's huge. Right? And then the other thing that she mentioned, I think that's going to be a big focus. >>It's not as, um, you know, headline news oriented is this whole jobs training piece. Um, that's a huge deal because the, the tsunami that hits so fast on this digital transformation, because the COVID, we're going to have a post COVID era of rapid acceleration of new skills. So people gotta get trained. So this ain't going to be the boring training programs, the guy who get kind of get better. So I think you're going to see some innovation Lisa, around how people think about delivering and constructing training programs to be much more real world thinking outside the box, you're going to start to see new things. Otherwise it's just going to be too slowly, the training right now. It's just, you know, sign up for the courseware and get a certification. Yeah, you got to do those things, but how can you get sort of cases done faster? How do you get people with the skills in their hands and virtual hands, if you will, to stand up more cloud, more AI, the pressure's there. So we can, that's going to be a huge thing to watch. >>Okay. The pressure is there. You're right. And a need is there. She talked about a lot of the demand that their customers are driving for some of the services and the education services as well that they're offering. But I'd like to point about upskilling focusing on the people, not just the people, but also the diversity inclusion. And we all know how impactful thought diversity is. So their, their dedication, their in their focus there, and also her recommendation to be bold. And I think in the education, respect was really critical. There is no time like now to move digital transformation. If education systems aren't there, then you know, it's a huge challenge and it impacts every person, every element of every family. So what they're able to do there, by focusing on the people and enabling folks to get trained faster, more resources online can only be a good, you know, Theresa >>Has always, um, has her own flare to style to her. She's incredible business woman and have such respect for her. She's been so successful. Um, but she always sends her presentations with the, kind of the, the kind of her to dues. Um, and you kind of pointed that out. So just review them with you. And I want to get your reaction. Number one, she said, you got to re-imagine and enable a digital, a digitally enabled business. Number two, identify data has an realized value and then increase your diversity. And she pointed to avis.training. Um, and that's kind of her kind of get out there and do those things so digitally enabled business, get that unrealized day to get it into work and increase your diversity. And then she had had a big party every year just said, instead of a party go out and do a random act of kindness act. So, yeah, typical, three's a flare, you know, she kind of ended it with a random act of kindness, but, but her bold vision, those are practical, uh, mandates. What's your reaction to, to that? >>I bold vision. I absolutely 100% I think right now is the time that no business can afford to be hiding under the covers. We have to be, they have to be very thoughtful and very prescriptive, but be bold. There's so much opportunity right now. We're seeing a ton of invention and innovation, John, that we've seen over the last nine months. There's a lot of COVID catalysts that we've been talking about on the cube that are really fantastic. So I think that recommendation to set a bold vision is absolutely imperative, not easy to achieve, but I think right now more than ever, it could really be what sets apart, the winners and losers of tomorrow. >>Yeah. I love it. I just say that on this final note, um, cloud and AI is really in play cloud-scale machine learning, which essentially feeds AI is all about data compute going down to the chip level, AI and software and data is critical for cloud. So really awesome keynote again, leadership session by Teresa Carlson, and there's a whole site of content available. Checkout the cube page, click down on the main page. You'll see that description. You'll see a link to the re:Invent page and check on public sector. A lot of great content. Lisa final question for us to kind of close out this keynote leadership session analysis here on all sector day. I want to get your take on, um, the interviews you've done with the Amazon folks and partners and customers. What are the themes that have been boiling out of those? What have you have been hearing? What's your take and observation of the common pattern? >>You know, given the fact that we haven't all been able to be together at my last cube event in person was reinvent 2019. And we're so used to having, you know, three, four days of wall-to-wall coverage, two sides, being able to have those close personal conversations with our guests this year really did a phenomenal job of recreating that same experience, digitally there's tremendous amount of innovation happening. I think that was the one thing that really jumped out at me, the speed with which it's happening, how so many different types businesses have pivoted, not once, but again and again, and again, as times are changing and how even I yesterday I interviewed Boone, supersonic CEO, some of the things that they're facilitating to get commercial supersonic flight back that fully cloud and AI machine learning can do that. There was no stoppage of innovation this year. In fact, that actually got faster. And I think that was a resounding theme and a lot of positivity from the guests. >>You know, the cue, his business was to go to events and extract the signal from the noise. Guess what? There's no physical events. We have the cube virtual. We have pivoted. We are now in our eighth, ninth month of cube virtual. It's been a new model. We've gotten more interviews, more people can just click into the cube virtual. We have more virtual sets, the Cuban virtualized Lisa. Although I miss them in real life as a whole new ballgame for us, >>It is a whole new ball game. And it also provides a lot of opportunities for businesses to get their messaging out and connect and engage with their audience, which is important. >>Well, I miss real life. I miss everybody out there. I wish we could be there in person. Uh, the world will stay hybrid. I think with virtual, I think this has been a great format. There's been some great benefits, but we want to be in person. I want you on the desk with us. So, and all the folks out there I wish we could see. And then we'll see you next year. Thanks everyone for watching the key. This is our keynote analysis and leadership analysis of the worldwide public sector. Teresa Carlson, Kenya. I'm John from Lisa Martin. Thanks for watching.

>> Narrator: From around the globe, it's theCube. With digital coverage of AWS re:Invent 2020. Special coverage sponsored by AWS worldwide public sector. >> Hello and welcome to theCube virtual, and our coverage of AWS re:Invent 2020 with special coverage of public sector. We are theCube virtual and I'm your host, Justin Warren, and today I'm joined by two people. We have Jim Richberg the CISO for Public Sector from Fortinet who comes to us from Washington DC. Jim, welcome. >> Thank you. Thank you, Justin. >> And we also have Kenny Holmes. Who's the head of worldwide Public Sector Go-to-market from Fortinet as well. And he comes to us from Chicago in Illinois. Kenny, thanks. >> Yes, thank you. Thank you, Justin. >> Gentlemen, welcome to theCube. Now this year has been pretty dramatic and for a lot of us as I'm sure you're very well aware and it's been a bit of an accelerator for people's interest in public cloud in particular for the public sector. So what have you seen, Kenny? Sorry, Jim, we'll start with you around the federal government's interest in cloud. What have you noticed in their adoption of public cloud and AWS in this year? >> So, we used to joke in the federal government in my 34 years, they'll never let a good crisis go to waste. That you can make an upside out of any situation. And as you noted, Justin this has been a dramatic accelerator to federal government's adoption of cloud. Three quarters of the agencies were already moving in the direction of the cloud and planning to spend roughly $8 billion on it this year. And that was pre COVID. And the pace certainly picked up. We had the guidance that came out of DHS, the interim guidance that facilitated abilities to let these now as of mid-March remote teleworkers connect directly to the cloud without having to connect back through their agency infrastructure. So they issued very quick guidance to say, look you got to get the job done. You got to get it done in the cloud. So they did that as a way to accelerate it in the short term. And then they put out the guidance later this year for a trusted internet connection access which had a use case that was built around again facilitating the ability to say you can connect directly to the cloud with security in that direct line stack. You no longer have to haul your data back to the enterprise edge, to the data center on-premise to then go straight out to the cloud. So the federal government said we will give you the ability to move in the direction of cloud and the agencies have been using this at scale. And that's why roughly half of the federal workforce is now working from home. And many of them are using cloud-based applications and services. So the dramatic impact on the federal government. >> Yeah, we've seen it here in Nate in my home of Australia. The federal government is very keen on that but there's other levels of government as I'm sure we're all aware. Particularly as state and even local governments. So Kenny, maybe you could give us a bit of a flavor for how does local and that more regional government have they been doing it basically the same as federal government or is there something unique to the way that they've had to adapt? >> Well, state and local governments are certainly facing the really the perfect storm of the rising demand and declining resources. The pandemic has certainly driven, a lower tax base and lower revenues. And as a result of that, we've seen adjustments in budgets, et cetera but we're also in a position uniquely where it's also driving digital innovation at the same time. So we're seeing the two of those and they don't necessarily have kind of diabolically opposed if you think about it. So, the two of those are coming together but so they're doing more with less and they're using digital transformation to get there where in the commercial world a lot of folks who've been doing digital transformation for a long time. Now, government is being more forced into doing it. And they're really embracing that from our perspective. So we've seen traditionally security be at the top of their demands from a CIO perspective and their most important initiatives. The now we're seeing digital transformation and more specifically we're seeing cloud, right be a key part of that. So, they've done things initially, obviously moving email and some of those things but today we're seeing an increasing amount of workloads that we're seeing them, move from maybe a previous provider, over to AWS et cetera. So, those are some of the things that we're seeing from our state and local perspective >> To build on Kenny's point. I think the key differentiator Justin, between the federal and the state and local experience has been the resources, the federal government with COVID. The federal government runs a deficit. We've seen the deficit balloon, federal spending is up 17 to 20%, not what it's passed out of the stimulus money but simply what government is spending at the federal level. So we are using cloud at the federal level to do more as Kenny noted, state governments and local governments because they're funded exclusively by taxes they can't run a deficit. They have had to say we need to spend smarter because we can't spend more. We can't even spend as much and oh my goodness we have to deliver more digital services at the same time. So for them it has been a matter of having to eke greater efficiencies out of every dollar which has pointed them in the direction of AWS and the cloud in a different sense. And the federal government that said there's greater efficiencies because we need our remote telework people to get the job done, state government, it's the perfect storm. And if they don't do this they're literally going to have to curtail vital services. >> Yeah and as we've seen the security challenge pretty much is the same everywhere. I mean, there's some variations in exactly one sort of threat you might have as a federal government compared to local but broadly speaking, the malware and ransomware and things of that nature is pretty much just a miasma that we have to wade through. So what does, Fortinet helping with these customers, particularly as they move to as you mentioned, they're moving a lot of things into AWS. So what is Fortinet's role there in helping customers make better use of public cloud? >> So I think one of the things that Fortinet really has brought to this equation is they really are a very broad based cybersecurity provider. The biggest problem that organizations typically have, of course, you know in the cloud, it's misconfiguration by the customer. It's not AWS that's making the mistake 99% plus of the time it's misconfiguration by the customer. So having the ability to say if you know how to do your security in an on-premise environment, and you've got controls, capabilities and settings that you're comfortable with you can migrate those intact if they work for you into your cloud environment. So the fact that we are soup to nuts, that we have things at the edge and offer that same suite of capabilities in AWS allows us to be able to tell, help the users if they've configured it right, not have to go back and start from scratch and say, well, now that I'm in AWS I need to reconfigure other than as you have to do it because it's a different platform, but if you've got the policies in place that are managing security managing risk well for your enterprise carry them forward to a different environment. >> I think Kenny is that a particular opportunity there for local government? As you mentioned that restrained resources means that it's much more difficult for them to correctly configure their environments but also to make this level of change, they have a lot of other responsibilities it's difficult to become cybersecurity experts. Is that where you see Fortinet helping a great deal in more local government. >> Yes it is one of the key areas. The best way you can think of it is the ability to do what Jim was saying in a single pane of glass. And the fact that we can do that. That's something you don't hear a lot about anymore, but Fortinet actually is one of the largest security providers in the world. Has it single pane of glass across, being able to manage your on-prem infrastructure being able to manage whether if someone's migrating away from another cloud over to AWS and being able to look at these holistically it's just a fantastic way for them to be efficient as well as around training and certifications and helping our customers to be able to take advantage of the products without additional costs or other things that I've been throwing down the gauntlet for other providers to say, hey, security shouldn't be something else that they have to invest. They're going to invest in your technology. You should provide them with the training, provide them with security awareness, sobriety with certifications around your product that should be table stakes. >> And we do see a lot of that structure of how to do this and provide that training tends to be the same regardless of where you are. Is that something that we see say to getting defined at federal government level with some of the standards and then that then sort of trickles down into more local government. Kenny, is that something that you see happening at all? Or are we seeing things defined at local government that are actually going back the other way? >> Yeah, well, compliance runs across both. I mean, there's probably more compliance on the federal side that Jim could speak to but there's certainly compliance is always a major factor. And it can't be that just we need to do one-off solutions for a particular compliance issue. It needs to be holistic as we're talking about it. If I have to pick solutions based on what and where they're protecting. And now I have to think about the compliance for those as well. That's yet another thing to think about, I don't see our customers thinking that way. They don't have the skillsets to continue to evolve that way. That's an expanded, use of what they're doing and they just don't have those resources. So they have to be able to do more with less we've talking about, and to be able to take a platform like the fabric that Fortinet it offers it really offers that to them. >> At the federal level I'm not even sure that I would characterize it as compliance and regulatory things that state local government have to do, but the National Institute of Standards and Technology NIST tends to promulgate what are considered best practices. Then your cybersecurity framework has basically been adopted globally modified by certain places. And I did too in different ways, but when NIST comes up with something like zero trust architecture, new standards are understood, the 800 Series. I'm surprised people in local government where we'll talk about 800-53 or 800-207, just like we fed geeks too. So it's really setting best practices and standards that are different from compliance but to build on Kenny's point about resources where I think Kenny has flown the other way from local government up has been in the direction of saying state and local government had been the Canary in the coal mine on saying, you have to migrate to the cloud as a way of doing more with less. So the federal government has been turning the printing press, turning the crank faster and faster that will change, and this is one where can say you're spending smarter by moving in the direction of AWS and in accelerating that growth into the cloud, because my prediction as a former intelligence analyst is probably this time next year, a lot of federal agencies will be having the discussion about how to live in a much tightened budgetary environment because we went through something called sequestration 10 years ago that made for very tight zero sum budgeting. That's going to be a coming attraction and that's going to push federal government even more, so with the saying, I got to get the data off of Graham. I've got to continue to telework, Hey, and look we can follow the best practices of state and local government in this case. >> Well, it certainly sounds like we'll be able to learn from each other and adapt it. It's not going away. We're certainly going to have cybersecurity issues for the foreseeable future, but it sounds like there's a lot of work happening and there is room for happiness about how things are generally going. So, gentlemen, thank you so much for joining us here and please thank you to my guest Jim Richberg and Kenny Holmes from Fortinet. You've been watching theCube virtual and our coverage of AWS re:Invent 2020 with special coverage of the public sector. Make sure you check out all the rest of our coverage on your desktop laptop or phone wherever you might be. I've been your host, Justin Warren. I look forward to seeing you again soon. (soft upbeat music)

>> Narrator: From around the globe it's theCUBE with digital coverage of DockerCon Live 2020. Brought to you by Docker and its ecosystem partners. >> Hi, I'm Stu Miniman and welcome to theCUBE's coverage of DockerCon Live 2020. Really excited to be part of this online event. We've been involved with DockerCon for a long time, of course one of my favorite things is always to be able to talk to the practitioners. Of course we remember for years, Docker exploded onto the marketplace, millions of people downloaded it, using it. So joining me is Hui Xue, who is a Principal Deputy Director of Medical Signal Processing at the National Heart, Lung, and Blood Institute, which is part of the National Institute of Health. Hui, thank you so much for joining us. >> Thank you for inviting me. >> So let's start. Of course, the name of your institute, very specific. I think anyone in the United States knows the NIH. Tell us a little bit about your role there and kind of the scope of what your team covers. >> So I'm basically a researcher and developer of the medical imaging technology. We are the heart, lung and the blood, so we work and focus on imaging the heart. So what we exactly do is to develop the new and novel imaging technology and deploy them to the front of our clinical library, which Docker played an essential role in the process. So, yeah, that's what we do at NHLBI. >> Okay, excellent. So research, you know, of course in the medical field with the global pandemic gets a lot of attention. So you keyed it up there. Let's understand, where does containerization and Docker specifically play into the work that your team is doing? >> So, maybe I'd like to give an example which will suffice. So for example, we're working on the magnetic resonance imaging, MRI. Many of us may may already have been scanned. So we're using MRI to image the heart. What Docker plays, is Docker allow us to deploy our imaging technology to the clinical hospital. So we have a global deployment around 40 hospitals, a bit more, around the world. If we are for example develop a new AI-based image analysis for the heart image, what we do with Docker is we can put our model and software into the Docker so that our collaboration sites, they will pull the software that contains the latest technology, then use them for the patients, of course under the research agreement at NIH. Because Docker is so efficient, available globally, we can actually implement a continuous integration and testing, update the framework based on Docker. Then our collaborators would have the latest technology instead of, you know, in the traditional medical imaging in general, the iteration of technology is pretty slow. But with all this latest technology, and such like container Docker come into the field. It's actually relatively new. In the past two to three years, all these paradigm is, it's changing, certainly very exciting to us. It give us the flexibility we never had before to reach our customers, to reach other people in the world to help them. They also help us so that's a very good experience to have. >> Yeah that's pretty powerful what you're talking about there rather than you know, we install some equipment, who knows how often things get updated, how do you make sure to synchronize between different locations. Obviously the medical field highly regulated and being a government agency, talk a little bit about how you make sure you have the right version control, security is in place, how do all of those things sort out? >> Yes, that's an essential question. So firstly I want to clarify one thing. So it's not NIH who endorse Docker, it's us as researchers. We practiced Docker too and we trust its performance. This container technology is efficient, it's globally available and it's very secure. So all the communication between the container and the imaging equipment is encrypted. We also have all the paperwork it saved to set up to allow us to provide technology to our clinician. When they post the latest software, every version they put up into the Docker went through an automated integration test system. So every time they make a change, the newer version of software runs through a rigorous test, something like 200 gigabytes of data runs through and checked everything is still working. So the basic principle is we don't allow any version of the software to be delivered to customer without testing Docker. Let's say this container technology in general actually is 100% automating all this process, which actually give us a lot of freedom so we have a rather very small team here at NIH. Many people are actually very impressed by how many customer we support within this so small team. So the key reason is because we have a strongly utilized container technology, so its automation is unparalleled, certainly much better than anything I had before using this container technology. So that's actually the key to maintain the quality and the continuous service to our customers. >> Yeah, absolutely. Automation is something we've been talking about in the industry for a long time but if we implement it properly it can have a huge impact. Can you bring us inside a little bit, you know, what tools are you doing? How is that automation set up and managed? And how that fits into the Docker environment. >> So I kind of describe to be more specific. So we are using a continuous testing framework. There are several apps to be using a specific one to build on, which is an open source Python tool, rather small actually. What it can do is, this tool will set up at the service, then this service will watch for example our GitHub repo. Whenever I make a change or someone in the team makes a change for example, fix a bug, add a new feature, or maybe update a new AI model, we push the edge of the GitHub then there's a continuous building system that will notice, it will trigger the integration test run all inside Docker environment. So this is the key. What container technology offers is that we can have 100% reproducible runtime environment for our customers as the software provider, because in our particular use case we don't set up customer with the uniform hardware so they bought their own server around the world, so everyone may have slightly different hardware. We don't want that to get into our software experience. So Docker actually offers us the 100% control of the runtime environment which is very essential if we want to deliver a consistent medical imaging experience because most applications actually it's rather computational intensive, so they don't want something to run for like one minute in one site and maybe three minutes at another site. So what Docker place is that Docker will run all the integration tests. If everything pass then they pack the Docker image then send to the Docker Hub. Then all our collaborators around the world have new image then they will coordinate with them so they will find a proper time to update then they have the newer technology in time. So that's why Docker is such a useful tool for us. >> Yeah, absolutely. Okay, containerization in Docker really transformed the way a lot of those computational solutions happen. I'm wondering if you can explain a little bit more the stack that you're using if people that might not have looked at solutions for a couple of years think oh it's containers, it's dateless architectures, I'm not sure how it fits into my other network environment. Can you tell us what are you doing for the storage in the network? >> So we actually have a rather vertical integration in this medical imaging application, so we build our own service as the software, its backbone is C++ for the higher computational efficiency. There's lots of Python because these days AI model essential. What Docker provides, as I mentioned, uniform always this runtime environment so we have a fixed GCC version then if we want to go into that detail. Specific version of numerical library, certain versions of Python, will be using PyTorch a lot. So that's our AI backbone. Another way of using Docker is actually we deploy the same container into the Microsoft Azure cloud. That's another ability I found out about Docker, so we never need to change anything in our software development process, but the same container I give you must work everywhere on the cloud, on site, for our customers. This actually reduces the development cost, also improve our efficiency a lot. Another important aspect is this actually will improve customers', how do they say it, customer acceptance a lot because they go to one customer, tell them the software you are running is actually running on 30 other sites exactly the same up to the let's say heights there, so it's bit by bit consistent. This actually help us convince many people. Every time when I describe this process I think most people accept the idea. They actually appreciate the way how we deliver software to them because we always can falling back. So yes, here is another aspect. So we have many Docker images that's in the Docker Hub, so if one deployment fails, they can easily falling back. That's actually very important for medical imaging applications that fail because hospitals need to maintain their continuous level of service. So even we want to avoid this completely but yes occasionally, very occasionally, there will be some function not working or some new test case never covered before, then we give them an magnet then, falling back, that's actually also our policy and offered by the container technology. >> Yeah, absolutely. You brought up, many have said that the container is that atomic unit of building block and that portability around any platform environment. What about container orchestration? How are you managing these environments you talked about in the public cloud or in different environments? What are you doing for container orchestration? >> Actually our set-up might be the simplest case. So we basically have a private Docker repo which we paid, actually the Institute has paid. We have something like 50 or 100 private repos, then for every repo we have one specific Docker setup with different software versions of different, for example some image is for PyTorch another for TensorFlow depending on our application. Maybe some customer has the requirement to have rather small Docker image size then they have some trimmed down version of image. In this process, because it's still in a small number like 20, 30 active repo, we are actually managing it semi-automatically so we have the service running to push and pull, and loading back images but we actually configured this process here at the Institute whenever we feel we have something new to offer to the customer. Regarding managing this Docker image, it's actually another aspect for the medical image. So at the customer side, we had a lot of discussion with them for whether we want to set up a continuous automated app, but in the end they decided, they said they'd better have customers involved. Better have some people. So we were finally stopped there by, we noticed customer, there are something new to update then they will decide when to update, how to test. So this is another aspect. Even we have a very high level of confirmation using the container technology, we found it's not 100%. In some site, it's still better have human supervision to help because if the goal is to maintain 100% continuous service then in the end they need some experts on the field to test and verify. So that's how they are in the current stage of deployment of this Docker image. We found it's rather light-weight so even with a few people at NIH in our team, they can manage a rather large network globally, so it's really exciting for us. >> Excellent. Great. I guess final question, give us a little bit of a road map as to, you've already talked about leveraging AI in there, the various pieces, what are you looking for from Docker in the ecosystem, and your solution for the rest of the year? >> I would say the future definitely is on the cloud. One major direction we are trying to push is to go the clinical hospital, linking and use the cloud in building as a routine. So in current status, some of sites, hospital may be very conservative, they are afraid of the security, the connection, all kinds of issues related to cloud. But this scenario is changing rapidly, especially container technology contributes a lot on the cloud. So it makes the whole thing so easy, so reliable. So our next push is to move in lots of the application into the cloud only. So the model will be, for example, we have new AI applications. It may be only available on the cloud. If some customer is waiting to use them they will have to be willing to connect to the cloud and maybe sending data there and receive, for example, the AI apps from our running Docker image in the cloud, but what we need to do is to make the Docker building even more efficiency. Make the computation 100% stable so we can utilize the huge computational power in the cloud. Also the price, so the key here is the price. So if we have one setup in the cloud, a data center for example, we currently maintain two data centers one across Europe, another is in United States. So if we have one data center and 50 hospitals using it every day, then we need the numbers. The average price for one patient comes to a few dollars per patient. So if we consider this medical health care system the costs, the ideal costs of using cloud computing can be truly trivial, but what we can offer to patients and doctor has never happened. The computation you can bring to us is something they never saw before and they never experienced. So I believe that's the future, it's not, the old model is everyone has his own computational server, then maintaining that, it costs a lot of work. Even doctor make the software aspects much easier, but the hardware, someone still need to set-up them. But using cloud will change all of. So I think the next future is definitely to wholly utilize the cloud with the container technology. >> Excellent. Well, we thank you so much. I know everyone appreciates the work your team's doing and absolutely if things can be done to allow scalability and lower cost per patient that would be a huge benefit. Thank you so much for joining us. >> Thank you. >> All right, stay tuned for lots more coverage from theCUBE at DockerCon Live 2020. I'm Stu Miniman and thank you for watching theCUBE. (gentle music)

(water running) (upbeat music) (electric buzzing) >> Fuel up! (upbeat music) (audience clapping) (upbeat music) >> Announcer: From around the globe. It's the queue with digital coverage of DockerCon live 2020, brought to you by Docker and its ecosystem partners. >> Hello everyone, welcome to DockerCon 2020. I'm John Furrier with theCUBE I'm in our Palo Alto studios with our quarantine crew. We have a great lineup here for DockerCon 2020. Virtual event, normally it was in person face to face. I'll be with you throughout the day from an amazing lineup of content, over 50 different sessions, cube tracks, keynotes, and we've got two great co-hosts here with Docker, Jenny Burcio and Bret Fisher. We'll be with you all day today, taking you through the program, helping you navigate the sessions. I'm so excited. Jenny, this is a virtual event. We talk about this. Can you believe it? Maybe the internet gods be with us today and hope everyone's having-- >> Yes. >> Easy time getting in. Jenny, Bret, thank you for-- >> Hello. >> Being here. >> Hey. >> Hi everyone, so great to see everyone chatting and telling us where they're from. Welcome to the Docker community. We have a great day planned for you. >> Guys great job getting this all together. I know how hard it is. These virtual events are hard to pull off. I'm blown away by the community at Docker. The amount of sessions that are coming in the sponsor support has been amazing. Just the overall excitement around the brand and the opportunities given this tough times where we're in. It's super exciting again, made the internet gods be with us throughout the day, but there's plenty of content. Bret's got an amazing all day marathon group of people coming in and chatting. Jenny, this has been an amazing journey and it's a great opportunity. Tell us about the virtual event. Why DockerCon virtual. Obviously everyone's canceling their events, but this is special to you guys. Talk about DockerCon virtual this year. >> The Docker community shows up at DockerCon every year, and even though we didn't have the opportunity to do an in person event this year, we didn't want to lose the time that we all come together at DockerCon. The conversations, the amazing content and learning opportunities. So we decided back in December to make DockerCon a virtual event. And of course when we did that, there was no quarantine we didn't expect, you know, I certainly didn't expect to be delivering it from my living room, but we were just, I mean we were completely blown away. There's nearly 70,000 people across the globe that have registered for DockerCon today. And when you look at DockerCon of past right live events, really and we're learning are just the tip of the iceberg and so thrilled to be able to deliver a more inclusive global event today. And we have so much planned I think. Bret, you want to tell us some of the things that you have planned? >> Well, I'm sure I'm going to forget something 'cause there's a lot going on. But, we've obviously got interviews all day today on this channel with John and the crew. Jenny has put together an amazing set of all these speakers, and then you have the captain's on deck, which is essentially the YouTube live hangout where we just basically talk shop. It's all engineers, all day long. Captains and special guests. And we're going to be in chat talking to you about answering your questions. Maybe we'll dig into some stuff based on the problems you're having or the questions you have. Maybe there'll be some random demos, but it's basically not scripted, it's an all day long unscripted event. So I'm sure it's going to be a lot of fun hanging out in there. >> Well guys, I want to just say it's been amazing how you structured this so everyone has a chance to ask questions, whether it's informal laid back in the captain's channel or in the sessions, where the speakers will be there with their presentations. But Jenny, I want to get your thoughts because we have a site out there that's structured a certain way for the folks watching. If you're on your desktop, there's a main stage hero. There's then tracks and Bret's running the captain's tracks. You can click on that link and jump into his session all day long. He's got an amazing set of line of sleet, leaning back, having a good time. And then each of the tracks, you can jump into those sessions. It's on a clock, it'll be available on demand. All that content is available if you're on your desktop. If you're on your mobile, it's the same thing. Look at the calendar, find the session that you want. If you're interested in it, you could watch it live and chat with the participants in real time or watch it on demand. So there's plenty of content to navigate through. We do have it on a clock and we'll be streaming sessions as they happen. So you're in the moment and that's a great time to chat in real time. But there's more, Jenny, getting more out of this event. You guys try to bring together the stimulation of community. How does the participants get more out of the the event besides just consuming some of the content all day today? >> Yes, so first set up your profile, put your picture next to your chat handle and then chat. John said we have various setups today to help you get the most out of your experience are breakout sessions. The content is prerecorded, so you get quality content and the speakers and chat so you can ask questions the whole time. If you're looking for the hallway track, then definitely check out the captain's on deck channel. And then we have some great interviews all day on the queue. So set up your profile, join the conversation and be kind, right? This is a community event. Code of conduct is linked on every page at the top, and just have a great day. >> And Bret, you guys have an amazing lineup on the captain, so you have a great YouTube channel that you have your stream on. So the folks who were familiar with that can get that either on YouTube or on the site. The chat is integrated in, So you're set up, what do you got going on? Give us the highlights. What are you excited about throughout your day? Take us through your program on the captains. That's going to be probably pretty dynamic in the chat too. >> Yeah, so I'm sure we're going to have lots of, stuff going on in chat. So no cLancaerns there about, having crickets in the chat. But we're going to be basically starting the day with two of my good Docker captain friends, (murmurs) and Laura Taco. And we're going to basically start you out and at the end of this keynote, at the end of this hour and we're going to get you going and then you can maybe jump out and go to take some sessions. Maybe there's some stuff you want to check out and other sessions that you want to chat and talk with the instructors, the speakers there, and then you're going to come back to us, right? Or go over, check out the interviews. So the idea is you're hopping back and forth and throughout the day we're basically changing out every hour. We're not just changing out the guests basically, but we're also changing out the topics that we can cover because different guests will have different expertise. We're going to have some special guests in from Microsoft, talk about some of the cool stuff going on there, and basically it's captains all day long. And if you've been on my YouTube live show you've watched that, you've seen a lot of the guests we have on there. I'm lucky to just hang out with all these really awesome people around the world, so it's going to be fun. >> Awesome and the content again has been preserved. You guys had a great session on call for paper sessions. Jenny, this is good stuff. What other things can people do to make it interesting? Obviously we're looking for suggestions. Feel free to chirp on Twitter about ideas that can be new. But you guys got some surprises. There's some selfies, what else? What's going on? Any secret, surprises throughout the day. >> There are secret surprises throughout the day. You'll need to pay attention to the keynotes. Bret will have giveaways. I know our wonderful sponsors have giveaways planned as well in their sessions. Hopefully right you feel conflicted about what you're going to attend. So do know that everything is recorded and will be available on demand afterwards so you can catch anything that you miss. Most of them will be available right after they stream the initial time. >> All right, great stuff, so they've got the Docker selfie. So the Docker selfies, the hashtag is just DockerCon hashtag DockerCon. If you feel like you want to add some of the hashtag no problem, check out the sessions. You can pop in and out of the captains is kind of the cool kids are going to be hanging out with Bret and then all they'll knowledge and learning. Don't miss the keynote, the keynote should be solid. We've got chain Governor from red monk delivering a keynote. I'll be interviewing him live after his keynote. So stay with us. And again, check out the interactive calendar. All you got to do is look at the calendar and click on the session you want. You'll jump right in. Hop around, give us feedback. We're doing our best. Bret, any final thoughts on what you want to share to the community around, what you got going on the virtual event, just random thoughts? >> Yeah, so sorry we can't all be together in the same physical place. But the coolest thing about as business online, is that we actually get to involve everyone, so as long as you have a computer and internet, you can actually attend DockerCon if you've never been to one before. So we're trying to recreate that experience online. Like Jenny said, the code of conduct is important. So, we're all in this together with the chat, so try to be nice in there. These are all real humans that, have feelings just like me. So let's try to keep it cool. And, over in the Catherine's channel we'll be taking your questions and maybe playing some music, playing some games, giving away some free stuff, while you're, in between sessions learning, oh yeah. >> And I got to say props to your rig. You've got an amazing setup there, Bret. I love what your show, you do. It's really bad ass and kick ass. So great stuff. Jenny sponsors ecosystem response to this event has been phenomenal. The attendance 67,000. We're seeing a surge of people hitting the site now. So if you're not getting in, just, Wade's going, we're going to crank through the queue, but the sponsors on the ecosystem really delivered on the content side and also the sport. You want to share a few shout outs on the sponsors who really kind of helped make this happen. >> Yeah, so definitely make sure you check out the sponsor pages and you go, each page is the actual content that they will be delivering. So they are delivering great content to you. So you can learn and a huge thank you to our platinum and gold authors. >> Awesome, well I got to say, I'm super impressed. I'm looking forward to the Microsoft Amazon sessions, which are going to be good. And there's a couple of great customer sessions there. I tweeted this out last night and let them get you guys' reaction to this because there's been a lot of talk around the COVID crisis that we're in, but there's also a positive upshot to this is Cambridge and explosion of developers that are going to be building new apps. And I said, you know, apps aren't going to just change the world, they're going to save the world. So a lot of the theme here is the impact that developers are having right now in the current situation. If we get the goodness of compose and all the things going on in Docker and the relationships, this real impact happening with the developer community. And it's pretty evident in the program and some of the talks and some of the examples. how containers and microservices are certainly changing the world and helping save the world, your thoughts. >> Like you said, a number of sessions and interviews in the program today that really dive into that. And even particularly around COVID, Clement Beyondo is sharing his company's experience, from being able to continue operations in Italy when they were completely shut down beginning of March. We have also in theCUBE channel several interviews about from the national Institute of health and precision cancer medicine at the end of the day. And you just can really see how containerization and developers are moving in industry and really humanity forward because of what they're able to build and create, with advances in technology. >> Yeah and the first responders and these days is developers. Bret compose is getting a lot of traction on Twitter. I can see some buzz already building up. There's huge traction with compose, just the ease of use and almost a call for arms for integrating into all the system language libraries, I mean, what's going on with compose? I mean, what's the captain say about this? I mean, it seems to be really tracking in terms of demand and interest. >> I think we're over 700,000 composed files on GitHub. So it's definitely beyond just the standard Docker run commands. It's definitely the next tool that people use to run containers. Just by having that we just buy, and that's not even counting. I mean that's just counting the files that are named Docker compose YAML. So I'm sure a lot of you out there have created a YAML file to manage your local containers or even on a server with Docker compose. And the nice thing is is Docker is doubling down on that. So we've gotten some news recently, from them about what they want to do with opening the spec up, getting more companies involved because compose is already gathered so much interest from the community. You know, AWS has importers, there's Kubernetes importers for it. So there's more stuff coming and we might just see something here in a few minutes. >> All right, well let's get into the keynote guys, jump into the keynote. If you missing anything, come back to the stream, check out the sessions, check out the calendar. Let's go, let's have a great time. Have some fun, thanks and enjoy the rest of the day we'll see you soon. (upbeat music) (upbeat music) >> Okay, what is the name of that Whale? >> Molly. >> And what is the name of this Whale? >> Mobby. >> That's right, dad's got to go, thanks bud. >> Bye. >> Bye. Hi, I'm Scott Johnson, CEO of Docker and welcome to DockerCon 2020. This year DockerCon is an all virtual event with more than 60,000 members of the Docker Community joining from around the world. And with the global shelter in place policies, we're excited to offer a unifying, inclusive virtual community event in which anyone and everyone can participate from their home. As a company, Docker has been through a lot of changes since our last DockerCon last year. The most important starting last November, is our refocusing 100% on developers and development teams. As part of that refocusing, one of the big challenges we've been working on, is how to help development teams quickly and efficiently get their app from code to cloud And wouldn't it be cool, if developers could quickly deploy to the cloud right from their local environment with the commands and workflow they already know. We're excited to give you a sneak preview of what we've been working on. And rather than slides, we thought we jumped right into the product. And joining me demonstrate some of these cool new features, is enclave your DACA. One of our engineers here at Docker working on Docker compose. Hello Lanca. >> Hello. >> We're going to show how an application development team collaborates using Docker desktop and Docker hub. And then deploys the app directly from the Docker command line to the clouds in just two commands. A development team would use this to quickly share functional changes of their app with the product management team, with beta testers or other development teams. Let's go ahead and take a look at our app. Now, this is a web app, that randomly pulls words from the database, and assembles them into sentences. You can see it's a pretty typical three tier application with each tier implemented in its own container. We have a front end web service, a middle tier, which implements the logic to randomly pull the words from the database and assemble them and a backend database. And here you can see the database uses the Postgres official image from Docker hub. Now let's first run the app locally using Docker command line and the Docker engine in Docker desktop. We'll do a Doc compose up and you can see that it's pulling the containers from our Docker organization account. Wordsmith, inc. Now that it's up. Let's go ahead and look at local host and we'll confirm that the application is functioning as desired. So there's one sentence, let's pull and now you and you can indeed see that we are pulling random words and assembling into sentences. Now you can also see though that the look and feel is a bit dated. And so Lanca is going to show us how easy it is to make changes and share them with the rest of the team. Lanca, over to you. >> Thank you, so I have, the source code of our application on my machine and I have updated it with the latest team from DockerCon 2020. So before committing the code, I'm going to build the application locally and run it, to verify that indeed the changes are good. So I'm going to build with Docker compose the image for the web service. Now that the image has been built, I'm going to deploy it locally. Wait to compose up. We can now check the dashboard in a Docker desktop that indeed our containers are up and running, and we can access, we can open in the web browser, the end point for the web service. So as we can see, we have the latest changes in for our application. So as you can see, the application has been updated successfully. So now, I'm going to push the image that I have just built to my organization's shared repository on Docker hub. So I can do this with Docker compose push web. Now that the image has been updated in the Docker hub repository, or my teammates can access it and check the changes. >> Excellent, well, thank you Lanca. Now of course, in these times, video conferencing is the new normal, and as great as it is, video conferencing does not allow users to actually test the application. And so, to allow us to have our app be accessible by others outside organizations such as beta testers or others, let's go ahead and deploy to the cloud. >> Sure we, can do this by employing a context. A Docker context, is a mechanism that we can use to target different platforms for deploying containers. The context we hold, information as the endpoint for the platform, and also how to authenticate to it. So I'm going to list the context that I have set locally. As you can see, I'm currently using the default context that is pointing to my local Docker engine. So all the commands that I have issued so far, we're targeting my local engine. Now, in order to deploy the application on a cloud. I have an account in the Azure Cloud, where I have no resource running currently, and I have created for this account, dedicated context that will hold the information on how to connect it to it. So now all I need to do, is to switch to this context, with Docker context use, and the name of my cloud context. So all the commands that I'm going to run, from now on, are going to target the cloud platform. So we can also check very, more simpler, in a simpler way we can check the running containers with Docker PS. So as we see no container is running in my cloud account. Now to deploy the application, all I need to do is to run a Docker compose up. And this will trigger the deployment of my application. >> Thanks Lanca. Now notice that Lanca did not have to move the composed file from Docker desktop to Azure. Notice you have to make any changes to the Docker compose file, and nor did she change any of the containers that she and I were using locally in our local environments. So the same composed file, same images, run locally and upon Azure without changes. While the app is deploying to Azure, let's highlight some of the features in Docker hub that helps teams with remote first collaboration. So first, here's our team's account where it (murmurs) and you can see the updated container sentences web that Lanca just pushed a couple of minutes ago. As far as collaboration, we can add members using their Docker ID or their email, and then we can organize them into different teams depending on their role in the application development process. So and then Lancae they're organized into different teams, we can assign them permissions, so that teams can work in parallel without stepping on each other's changes accidentally. For example, we'll give the engineering team full read, write access, whereas the product management team will go ahead and just give read only access. So this role based access controls, is just one of the many features in Docker hub that allows teams to collaboratively and quickly develop applications. Okay Lanca, how's our app doing? >> Our app has been successfully deployed to the cloud. So, we can easily check either the Azure portal to verify the containers running for it or simpler we can run a Docker PS again to get the list with the containers that have been deployed for it. In the output from the Docker PS, we can see an end point that we can use to access our application in the web browser. So we can see the application running in clouds. It's really up to date and now we can take this particular endpoint and share it within our organization such that anybody can have a look at it. >> That's cool Onka. We showed how we can deploy an app to the cloud in minutes and just two commands, and using commands that Docker users already know, thanks so much. In that sneak preview, you saw a team developing an app collaboratively, with a tool chain that includes Docker desktop and Docker hub. And simply by switching Docker context from their local environment to the cloud, deploy that app to the cloud, to Azure without leaving the command line using Docker commands they already know. And in doing so, really simplifying for development team, getting their app from code to cloud. And just as important, what you did not see, was a lot of complexity. You did not see cloud specific interfaces, user management or security. You did not see us having to provision and configure compute networking and storage resources in the cloud. And you did not see infrastructure specific application changes to either the composed file or the Docker images. And by simplifying a way that complexity, these new features help application DevOps teams, quickly iterate and get their ideas, their apps from code to cloud, and helping development teams, build share and run great applications, is what Docker is all about. A Docker is able to simplify for development teams getting their app from code to cloud quickly as a result of standards, products and ecosystem partners. It starts with open standards for applications and application artifacts, and active open source communities around those standards to ensure portability and choice. Then as you saw in the demo, the Docker experience delivered by Docker desktop and Docker hub, simplifies a team's collaborative development of applications, and together with ecosystem partners provides every stage of an application development tool chain. For example, deploying applications to the cloud in two commands. What you saw on the demo, well that's an extension of our strategic partnership with Microsoft, which we announced yesterday. And you can learn more about our partnership from Amanda Silver from Microsoft later today, right here at DockerCon. Another tool chain stage, the capability to scan applications for security and vulnerabilities, as a result of our partnership with Sneak, which we announced last week. You can learn more about that partnership from Peter McKay, CEO Sneak, again later today, right here at DockerCon. A third example, development team can automate the build of container images upon a simple get push, as a result of Docker hub integrations with GitHub and Alaska and Bitbucket. As a final example of Docker and the ecosystem helping teams quickly build applications, together with our ISV partners. We offer in Docker hub over 500 official and verified publisher images of ready to run Dockerized application components such as databases, load balancers, programming languages, and much more. Of course, none of this happens without people. And I would like to take a moment to thank four groups of people in particular. First, the Docker team, past and present. We've had a challenging 12 months including a restructuring and then a global pandemic, and yet their support for each other, and their passion for the product, this community and our customers has never been stronger. We think our community, Docker wouldn't be Docker without you, and whether you're one of the 50 Docker captains, they're almost 400 meetup organizers, the thousands of contributors and maintainers. Every day you show up, you give back, you teach new support. We thank our users, more than six and a half million developers who have built more than 7 million applications and are then sharing those applications through Docker hub at a rate of more than one and a half billion poles per week. Those apps are then run, are more than 44 million Docker engines. And finally, we thank our customers, the over 18,000 docker subscribers, both individual developers and development teams from startups to large organizations, 60% of which are outside the United States. And they spend every industry vertical, from media, to entertainment to manufacturing. healthcare and much more. Thank you. Now looking forward, given these unprecedented times, we would like to offer a challenge. While it would be easy to feel helpless and miss this global pandemic, the challenge is for us as individuals and as a community to instead see and grasp the tremendous opportunities before us to be forces for good. For starters, look no further than the pandemic itself, in the fight against this global disaster, applications and data are playing a critical role, and the Docker Community quickly recognize this and rose to the challenge. There are over 600 COVID-19 related publicly available projects on Docker hub today, from data processing to genome analytics to data visualization folding at home. The distributed computing project for simulating protein dynamics, is also available on Docker hub, and it uses spirit compute capacity to analyze COVID-19 proteins to aid in the design of new therapies. And right here at DockerCon, you can hear how Clemente Biondo and his company engineering in Gagne area Informatica are using Docker in the fight with COVID-19 in Italy every day. Now, in addition to fighting the pandemic directly, as a community, we also have an opportunity to bridge the disruption the pandemic is wreaking. It's impacting us at work and at home in every country around the world and every aspect of our lives. For example, many of you have a student at home, whose world is going to be very different when they returned to school. As employees, all of us have experienced the stresses from working from home as well as many of the benefits and in fact 75% of us say that going forward, we're going to continue to work from home at least occasionally. And of course one of the biggest disruptions has been job losses, over 35 million in the United States alone. And we know that's affected many of you. And yet your skills are in such demand and so important now more than ever. And that's why here at DockerCon, we want to try to do our part to help, and we're promoting this hashtag on Twitter, hashtag DockerCon jobs, where job seekers and those offering jobs can reach out to one another and connect. Now, pandemics disruption is accelerating the shift of more and more of our time, our priorities, our dollars from offline to online to hybrid, and even online only ways of living. We need to find new ways to collaborate, new approaches to engage customers, new modes for education and much more. And what is going to fill the needs created by this acceleration from offline, online? New applications. And it's this need, this demand for all these new applications that represents a great opportunity for the Docker community of developers. The world needs us, needs you developers now more than ever. So let's seize this moment. Let us in our teams, go build share and run great new applications. Thank you for joining today. And let's have a great DockerCon. >> Okay, welcome back to the DockerCon studio headquarters in your hosts, Jenny Burcio and myself John Furrier. u@farrier on Twitter. If you want to tweet me anything @DockerCon as well, share what you're thinking. Great keynote there from Scott CEO. Jenny, demo DockerCon jobs, some highlights there from Scott. Yeah, I love the intro. It's okay I'm about to do the keynote. The little green room comes on, makes it human. We're all trying to survive-- >> Let me answer the reality of what we are all doing with right now. I had to ask my kids to leave though or they would crash the whole stream but yes, we have a great community, a large community gather gathered here today, and we do want to take the opportunity for those that are looking for jobs, are hiring, to share with the hashtag DockerCon jobs. In addition, we want to support direct health care workers, and Bret Fisher and the captains will be running a all day charity stream on the captain's channel. Go there and you'll get the link to donate to directrelief.org which is a California based nonprofit, delivering and aid and supporting health care workers globally response to the COVID-19 crisis. >> Okay, if you jumping into the stream, I'm John Farrie with Jenny Webby, your hosts all day today throughout DockerCon. It's a packed house of great content. You have a main stream, theCUBE which is the mainstream that we'll be promoting a lot of cube interviews. But check out the 40 plus sessions underneath in the interactive calendar on dockercon.com site. Check it out, they're going to be live on a clock. So if you want to participate in real time in the chat, jump into your session on the track of your choice and participate with the folks in there chatting. If you miss it, it's going to go right on demand right after sort of all content will be immediately be available. So make sure you check it out. Docker selfie is a hashtag. Take a selfie, share it. Docker hashtag Docker jobs. If you're looking for a job or have openings, please share with the community and of course give us feedback on what you can do. We got James Governor, the keynote coming up next. He's with Red monk. Not afraid to share his opinion on open source on what companies should be doing, and also the evolution of this Cambrin explosion of apps that are going to be coming as we come out of this post pandemic world. A lot of people are thinking about this, the crisis and following through. So stay with us for more and more coverage. Jenny, favorite sessions on your mind for people to pay attention to that they should (murmurs)? >> I just want to address a few things that continue to come up in the chat sessions, especially breakout sessions after they play live and the speakers in chat with you, those go on demand, they are recorded, you will be able to access them. Also, if the screen is too small, there is the button to expand full screen, and different quality levels for the video that you can choose on your end. All the breakout sessions also have closed captioning, so please if you would like to read along, turn that on so you can, stay with the sessions. We have some great sessions, kicking off right at 10:00 a.m, getting started with Docker. We have a full track really in the how to enhance on that you should check out devs in action, hear what other people are doing and then of course our sponsors are delivering great content to you all day long. >> Tons of content. It's all available. They'll always be up always on at large scale. Thanks for watching. Now we got James Governor, the keynote. He's with Red Monk, the analyst firm and has been tracking open source for many generations. He's been doing amazing work. Watch his great keynote. I'm going to be interviewing him live right after. So stay with us and enjoy the rest of the day. We'll see you back shortly. (upbeat music) >> Hi, I'm James Governor, one of the co-founders of a company called RedMonk. We're an industry research firm focusing on developer led technology adoption. So that's I guess why Docker invited me to DockerCon 2020 to talk about some trends that we're seeing in the world of work and software development. So Monk Chips, that's who I am. I spent a lot of time on Twitter. It's a great research tool. It's a great way to find out what's going on with keep track of, as I say, there's people that we value so highly software developers, engineers and practitioners. So when I started talking to Docker about this event and it was pre Rhona, should we say, the idea of a crowd wasn't a scary thing, but today you see something like this, it makes you feel uncomfortable. This is not a place that I want to be. I'm pretty sure it's a place you don't want to be. And you know, to that end, I think it's interesting quote by Ellen Powell, she says, "Work from home is now just work" And we're going to see more and more of that. Organizations aren't feeling the same way they did about work before. Who all these people? Who is my cLancaern? So GitHub says has 50 million developers right on its network. Now, one of the things I think is most interesting, it's not that it has 50 million developers. Perhaps that's a proxy for number of developers worldwide. But quite frankly, a lot of those accounts, there's all kinds of people there. They're just Selena's. There are data engineers, there are data scientists, there are product managers, there were tech marketers. It's a big, big community and it goes way beyond just software developers itself. Frankly for me, I'd probably be saying there's more like 20 to 25 million developers worldwide, but GitHub knows a lot about the world of code. So what else do they know? One of the things they know is that world of code software and opensource, is becoming increasingly global. I get so excited about this stuff. The idea that there are these different software communities around the planet where we're seeing massive expansions in terms of things like open source. Great example is Nigeria. So Nigeria more than 200 million people, right? The energy there in terms of events, in terms of learning, in terms of teaching, in terms of the desire to code, the desire to launch businesses, desire to be part of a global software community is just so exciting. And you know, these, this sort of energy is not just in Nigeria, it's in other countries in Africa, it's happening in Egypt. It's happening around the world. This energy is something that's super interesting to me. We need to think about that. We've got global that we need to solve. And software is going to be a big part of that. At the moment, we can talk about other countries, but what about frankly the gender gap, the gender issue that, you know, from 1984 onwards, the number of women taking computer science degrees began to, not track but to create in comparison to what men were doing. The tech industry is way too male focused, there are men that are dominant, it's not welcoming, we haven't found ways to have those pathways and frankly to drive inclusion. And the women I know in tech, have to deal with the massively disproportionate amount of stress and things like online networks. But talking about online networks and talking about a better way of living, I was really excited by get up satellite recently, was a fantastic demo by Alison McMillan and she did a demo of a code spaces. So code spaces is Microsoft online ID, new platform that they've built. And online IDs, we're never quite sure, you know, plenty of people still out there just using the max. But, visual studio code has been a big success. And so this idea of moving to one online IDE, it's been around that for awhile. What they did was just make really tight integration. So you're in your GitHub repo and just be able to create a development environment with effectively one click, getting rid of all of the act shaving, making it super easy. And what I loved was it the demo, what Ali's like, yeah cause this is great. One of my kids are having a nap, I can just start (murmurs) and I don't have to sort out all the rest of it. And to me that was amazing. It was like productivity as inclusion. I'm here was a senior director at GitHub. They're doing this amazing work and then making this clear statement about being a parent. And I think that was fantastic. Because that's what, to me, importantly just working from home, which has been so challenging for so many of us, began to open up new possibilities, and frankly exciting possibilities. So Alley's also got a podcast parent-driven development, which I think is super important. Because this is about men and women rule in this together show parenting is a team sport, same as software development. And the idea that we should be thinking about, how to be more productive, is super important to me. So I want to talk a bit about developer culture and how it led to social media. Because you know, your social media, we're in this ad bomb stage now. It's TikTok, it's like exercise, people doing incredible back flips and stuff like that. Doing a bunch of dancing. We've had the world of sharing cat gifts, Facebook, we sort of see social media is I think a phenomenon in its own right. Whereas the me, I think it's interesting because it's its progenitors, where did it come from? So here's (murmurs) So 1971, one of the features in the emergency management information system, that he built, which it's topical, it was for medical tracking medical information as well, medical emergencies, included a bulletin board system. So that it could keep track of what people were doing on a team and make sure that they were collaborating effectively, boom! That was the start of something big, obviously. Another day I think is worth looking at 1983, Sorania Pullman, spanning tree protocol. So at DEC, they were very good at distributed systems. And the idea was that you can have a distributed system and so much of the internet working that we do today was based on radius work. And then it showed that basically, you could span out a huge network so that everyone could collaborate. That is incredibly exciting in terms of the trends, that I'm talking about. So then let's look at 1988, you've got IRC. IRC what developer has not used IRC, right. Well, I guess maybe some of the other ones might not have. But I don't know if we're post IRC yet, but (murmurs) at a finished university, really nailed it with IRC as a platform that people could communicate effectively with. And then we go into like 1991. So we've had IRC, we've had finished universities, doing a lot of really fantastic work about collaboration. And I don't think it was necessarily an accident that this is where the line is twofold, announced Linux. So Linux was a wonderfully packaged, idea in terms of we're going to take this Unix thing. And when I say package, what a package was the idea that we could collaborate on software. So, it may have just been the work of one person, but clearly what made it important, made it interesting, was finding a social networking pattern, for software development so that everybody could work on something at scale. That was really, I think, fundamental and foundational. Now I think it's important, We're going to talk about Linus, to talk about some things that are not good about software culture, not good about open source culture, not good about hacker culture. And that's where I'm going to talk about code of conduct. We have not been welcoming to new people. We got the acronyms, JFTI, We call people news, that's super unhelpful. We've got to find ways to be more welcoming and more self-sustaining in our communities, because otherwise communities will fail. And I'd like to thank everyone that has a code of conduct and has encouraged others to have codes of conduct. We need to have codes of conduct that are enforced to ensure that we have better diversity at our events. And that's what women, underrepresented minorities, all different kinds of people need to be well looked off to and be in safe and inclusive spaces. And that's the online events. But of course it's also for all of our activities offline. So Linus, as I say, I'm not the most charming of characters at all time, but he has done some amazing technology. So we got to like 2005 the creation of GIT. Not necessarily the distributed version control system that would win. But there was some interesting principles there, and they'd come out of the work that he had done in terms of trying to build and sustain the Linux code base. So it was very much based on experience. He had an itch that he needed to scratch and there was a community that was this building, this thing. So what was going to be the option, came up with Git foundational to another huge wave of social change, frankly get to logical awesome. April 20 April, 2008 GitHub, right? GiHub comes up, they've looked at Git, they've packaged it up, they found a way to make it consumable so the teams could use it and really begin to take advantage of the power of that distributed version control model. Now, ironically enough, of course they centralized the service in doing so. So we have a single point of failure on GitHub. But on the other hand, the notion of the poll request, the primitives that they established and made usable by people, that changed everything in terms of software development. I think another one that I'd really like to look at is Slack. So Slack is a huge success used by all different kinds of businesses. But it began specifically as a pivot from a company called Glitch. It was a game company and they still wanted, a tool internally that was better than IRC. So they built out something that later became Slack. So Slack 2014, is established as a company and basically it was this Slack fit software engineering. The focus on automation, the conversational aspects, the asynchronous aspects. It really pulled things together in a way that was interesting to software developers. And I think we've seen this pattern in the world, frankly, of the last few years. Software developers are influences. So Slack first used by the engineering teams, later used by everybody. And arguably you could say the same thing actually happened with Apple. Apple was mainstreamed by developers adopting that platform. Get to 2013, boom again, Solomon Hikes, Docker, right? So Docker was, I mean containers were not new, they were just super hard to use. People found it difficult technology, it was Easter Terek. It wasn't something that they could fully understand. Solomon did an incredible job of understanding how containers could fit into modern developer workflows. So if we think about immutable images, if we think about the ability to have everything required in the package where you are, it really tied into what people were trying to do with CICD, tied into microservices. And certainly the notion of sort of display usability Docker nailed that, and I guess from this conference, at least the rest is history. So I want to talk a little bit about, scratching the itch. And particularly what has become, I call it the developer authentic. So let's go into dark mode now. I've talked about developers laying out these foundations and frameworks that, the mainstream, frankly now my son, he's 14, he (murmurs) at me if I don't have dark mode on in an application. And it's this notion that developers, they have an aesthetic, it does get adopted I mean it's quite often jokey. One of the things we've seen in the really successful platforms like GitHub, Docker, NPM, let's look at GitHub. Let's look at over that Playfulness. I think was really interesting. And that changes the world of work, right? So we've got the world of work which can be buttoned up, which can be somewhat tight. I think both of those companies were really influential, in thinking that software development, which is a profession, it's also something that can and is fun. And I think about how can we make it more fun? How can we develop better applications together? Takes me to, if we think about Docker talking about build, share and run, for me the key word is share, because development has to be a team sport. It needs to be sharing. It needs to be kind and it needs to bring together people to do more effective work. Because that's what it's all about, doing effective work. If you think about zoom, it's a proxy for collaboration in terms of its value. So we've got all of these airlines and frankly, add up that their share that add up their total value. It's currently less than Zoom. So video conferencing has become so much of how we live now on a consumer basis. But certainly from a business to business perspective. I want to talk about how we live now. I want to think about like, what will come out all of this traumatic and it is incredibly traumatic time? I'd like to say I'm very privileged. I can work from home. So thank you to all the frontline workers that are out there that they're not in that position. But overall what I'm really thinking about, there's some things that will come out of this that will benefit us as a culture. Looking at cities like Paris, Milan, London, New York, putting a new cycling infrastructure, so that people can social distance and travel outside because they don't feel comfortable on public transport. I think sort of amazing widening pavements or we can't do that. All these cities have done it literally overnight. This sort of changes is exciting. And what does come off that like, oh there are some positive aspects of the current issues that we face. So I've got a conference or I've got a community that may and some of those, I've been working on. So Katie from HashiCorp and Carla from container solutions basically about, look, what will the world look like in developer relations? Can we have developer relations without the air miles? 'Cause developer advocates, they do too much travel ends up, you know, burning them out, develop relations. People don't like to say no. They may have bosses that say, you know, I was like, Oh that corporates went great. Now we're going to roll it out worldwide to 47 cities. That's stuff is terrible. It's terrible from a personal perspective, it's really terrible from an environmental perspective. We need to travel less. Virtual events are crushing it. Microsoft just at build, right? Normally that'd be just over 10,000 people, they had 245,000 plus registrations. 40,000 of them in the last day, right? Red Hat summit, 80,000 people, IBM think 90,000 people, GitHub Crushed it as well. Like this is a more inclusive way people can dip in. They can be from all around the world. I mentioned Nigeria and how fantastic it is. Very often Nigerian developers and advocates find it hard to get visas. Why should they be shut out of events? Events are going to start to become remote first because frankly, look at it, if you're turning in those kinds of numbers, and Microsoft was already doing great online events, but they absolutely nailed it. They're going to have to ask some serious questions about why everybody should get back on a plane again. So if you're going to do remote, you've got to be intentional about it. It's one thing I've learned some exciting about GitLab. GitLab's culture is amazing. Everything is documented, everything is public, everything is transparent. Think that really clear and if you look at their principles, everything, you can't have implicit collaboration models. Everything needs to be documented and explicit, so that anyone can work anywhere and they can still be part of the team. Remote first is where we're at now, Coinbase, Shopify, even Barkley says the not going to go back to having everybody in offices in the way they used to. This is a fundamental shift. And I think it's got significant implications for all industries, but definitely for software development. Here's the thing, the last 20 years were about distributed computing, microservices, the cloud, we've got pretty good at that. The next 20 years will be about distributed work. We can't have everybody living in San Francisco and London and Berlin. The talent is distributed, the talent is elsewhere. So how are we going to build tools? Who is going to scratch that itch to build tools to make them more effective? Who's building the next generation of apps, you are, thanks.

>>From the cube studios in Palo Alto in Boston. It's the cube covering the IBM thing brought to you by IBM. Everybody we're back. This is Dave Vellante the cube, and this is our wall-to-wall coverage, IBM's digital thing experienced for 2020. We're really excited to have Jerry Cuomo on. He's the, uh, vice president of blockchain technologies and an IBM fellow and longtime cube alum. Jerry, good to see you again. Thanks for coming on and wish we were face to face, but yeah, this'll do. Good to see you too. Yes, thanks for having me. So we've been talking a lot of and talking to, I've been running a CEO series a, of course, a lot of the interviews around, uh, IBM think are focused on, on COBIT 19. But I wonder if you could start off by just talking a little bit about, you know, blockchain, why blockchain, why now, especially in the context of this pandemic. >>David's, it's as if we've been working out in the gym, but not knowing why we needed to be fixed. And I know now why we need to be fit. You know, blockchain is coming just in time. Mmm. You know, with the trust factor and the preserving privacy factor. Okay. The way we move forward the world is now becoming more digital than ever people working from home. Um, the reliance and online services is, that's critical. our ability to work as a community accompanies companies. The shared data is critical. you know, blockchain brings a magical ingredient and that's the ingredient of trust, you know, in sharing data. Okay. When, if that data and the sources that are providing that data arc okay. From verified and trusted, we're more likely to use that data and you the, any friction that's caused for fear of trepidation that the data is going to be misused. >>Mmm. It goes start to go away. And when that happens, you speed up an exchange and we need speed. Time is of the essence. So blockchain brings a platform for trusted data exchange while preserving privacy. And that provides a foundation. I can do some amazing things in this time of crisis, right? Yeah. And it's, it's not only trust, it's also expediency and you know, cutting out a lot of the red tape. And I want to talk about some of the applications. You're heavily involved in that in the distributed ledger, a project, you know, one of the early leads on that. Um, talk about some of the ways in which you're flying that distributed a ledger. And let's go into some of the examples. So we're, we're really fortunate to be an early adopter blockchain and, and provider of blockchain technology and kind of the fruit of that. >>Um, as I said, it couldn't happen any sooner where we have, Mmm, I would say over a thousand, alright. Users using IBM blockchain, which is powered by the opensource Hyperledger fabric, I'd say over a hundred of those users, um, have reached a level of production networks. you know, it's been great to see some of the proprietors of those networks now repurpose the networks towards hastening the relief of, uh, and one, a couple of examples that stand out, Dave. Mmm. You've seen what's happening to our supply chain. And then I think we got some rebound happening as we speak, but companies all of a sudden woke up one morning and their supply chains were, I'm exhausted. So suppliers, we're out of key goods and the buyers needed very rapidly to expand. They're, the supplier is in their, in their supply chain. there are laws and regulations about what it takes to onboard a new supplier. >>You want to make sure you're not onboarding bad actors. So in IBM for example, we have over 20,000 suppliers to our business and it takes 30 to 40 days who, uh, validate and verify one of those suppliers. We don't have 30 to 45 days, you know, think about you're a healthcare company or a food company. So working with a partner called Jane yard, uh, co-created a network called trust yourself buyer. And we've been able to repurpose, trust your supplier now or companies that are looking, you know, around Kobe 19 to rapidly okay, expand, you know, their, their supply chain. So if you imagine that taking us 45 days or 40 days to onboard a new supplier, okay. Pick, pick a company in our supply chain, Lenovo, that supplier may very well want to go to Lenovo to and provide services to them. Well guess what, it's going to take 40 days, the onboard to Lenovo. >>But if they're part of the trust or supplier network and they've already onboarded to IBM, they're well on their way. You're being visible to all of these other buyers that are part of the IBM network, like Lenovo and many others. And instead of taking 40 days, maybe it only takes five days. All right. So radically, radically, you know, improving the time it takes them. You know, with companies like Ford making ventilators and masks, it will kind of be able to onboard Ford into, you know, health care, uh, companies. But you know, we want to be able to do it with speed. So trust your supplier is a great use of blockchain. Two, expand a buyer and suppliers. Mmm. Exposure. Mmm. And they expand their network to quickly onboard. And you know, with the trust that you get an exchanging data from blockchain with the Mmm provenance, that Hey, this company information was truly vetted by one of the trusted members of the network. >>There's no fee or trepidation that somehow these records were tampered with or, or misused. So that's one example they have of using blockchain. That's a huge, uh, example that you gave because you're right, there are thousands and thousands of companies that are pivoting to making, like you said, ventilators and masks and yeah, they're moving so fast and there's gotta be a trust involved. On the one hand, they're moving fast to try to save their businesses or you know, in the case of Ford, you help save the, the country or the world. On the other hand, you know, there's risks there. So that, that helps. I want to understand me. Pasa basically is, if I understand it, you can privately share, uh, information on folks that are asymptomatic but might be carriers of covert 19. Am I getting that right on? Okay. So me Pasa starts as a project, uh, from a company called has Sarah and their CEO Jonathan Levy. >>And among other things, Jonathan Levy is an amazing, uh, software developer and he's helped us and the community at large, bill, the Hyperledger fabric, uh, blockchain technology, that's part of IBM. Mmm. The power is IBM blockchain. So Jonathan, I have this idea because w what was happening is there were many, many data sources, you know, from the very popular and well known, uh, Johns Hopkins source. And we have information coming from the weather company. There are other governments, um, putting out data. Jonathan had this, this idea of a verified Mmm. Data hub, right? So how do we kind of bring that information together in a hub where a developer can now to get access to not just one feed, but many feeds knowing that both the data is an a normalized format. So that's easy to consume. And like if you're consuming 10 different data sources, you don't have to think about 10 different ways to interact it. >>No kind of normalizing it through a fewer, like maybe one, but also that we really authentically know that this is the world health organization. This is indeed John Hopkins. So we have that trust. So, okay. Yeah. With me, Pasa being I'm a data hub four, uh, information verified information related to the Kronos virus, really laying a foundation now for a new class of applications that can mash up information to create new insights, perhaps applying Mmm. Artificial intelligence machine learning to really look not just at any one of those, uh, data sources, but now look across data sources, um, and start to make some informed decisions. No, I have to say operate with the lights on, uh, and with certainty that the information is correct. So me Pasa is that foundation and we have a call for code happening that IBM is hosting for developers to come out and okay. Bring their best ideas forward and X for exposing me Pasa as a service to the, in this hackathon so that developers can bring some of their best ideas and kind of help those best ideas come alive with me. Me has a resource. >>That's great. So we've got two, we got the supply chain, we just need to share the Pasa. There's the other one then I think we can all relate to is the secure key authentication, >>which I love. >>Uh, maybe you can explain that and talk about the role that blockchain >>we're launching fits, right. So you know, there is people working from home and digital identity verification. It is key. You know, think about it. You're working remotely, you're using tools like zoom. Um, there's a huge spike in calls and online requests from tele-health or government benefits programs. Yeah. So this is all happening. Everything behind the scenes is, yeah. Around that is, is this user who they say they are, is this doctor who they say they are, et cetera. And there are scams and frauds out there. So working with speed, it means working with certainty. and with the verified me networks set out to do a couple of years ago and the beautiful part is, you know, it's ready to go now for this, for this particular usage it's been using. Mmm. Basically think about it as my identity is my identity and I get to lease out information too different institutions to use it for my benefit, not necessarily just for their benefit. >>So it's almost like digital rights management. Like if you put out a digital piece of art or music, you can control the rights. Who gets to use it? What's the terms and conditions, um, on, on your terms? So verified me, um, allows through a mobile app users to invite institutions who represent them, verify them. No. And so I'll allow my department of motor vehicle and my employer, Mmm. Two to verify me, right? Because I want to go back to work sooner. I want to make sure my work environment, um, I'm making this up. I want to make sure my work environment, the people have been tested and vaccinated, but I don't want to necessarily, you know, kind of abuse people's privacy. Right? So I'll opt in, I'll share that information. I'll get my, my doctor and my, uh, department of motor vehicle to say, yes, this is Gary. >>He's from this address. Yes, he has been vaccinated and now I can kind of onboard to services as much quicker whether that service is going through TSA. Do you get on an airplane badging back into my office or you know, signing on to a, you know, telemedicine, a service or government, a benefits program, et cetera. So verify me is using the self, uh, at the station through a mobile application to help speed up the process of knowing that that is truly you and you truly want this service. Uh, and you are also calling the shots as to that. What happens with your information that, you know, it's not spread all over the interweb it's under your control at all time. Right. So I think it's the best of all worlds. The national Institute for standards and technology looked at, verified me. They're like, Oh my gosh, this is like the perfect storm of goodness for identity. >>They actually appointed, yeah, it has a term, it's called triple blind data exchange. It sounds like a magical act. A triple blind data exchange means the requester. Mmm. Doesn't know who the provider is and less know the requester. Um, allows the provider to know, Mmm, the provider doesn't know who the requester requested, doesn't know who the prior provider is that is double-blind. And then the network provider doesn't know either. Right. But somehow across disformed and that's the magic of blockchain. I'm allowing that to happen and with that we can move forward knowing we're sharing information where it matters without the risk of it leaking out to places we don't want to do. So great application of secure key and verified me. Yeah, I love that. Then the whole concept of being able to control your own data. You hear so much today about, you know, testing and in contact tracing using mobile technology to do that. >>But big privacy concerns. I've always felt like, you know, blockchain for so many applications in healthcare or just being able to, as you say, control your own data. I want to better understand the technology behind this. When I think about blockchain, Mmm. I obviously you don't think about it. Cryptography, you've mentioned developers a number of times. There's software engineering. Yeah. Distributed ledger. Um, I mean there's, there's game theory in the, in the, in the cryptocurrency world, we're not talking about that, but there's the confluence of these technologies coming to them. What's the technology underneath these, these applications? Talking about it there, there is an open source, an organization called Hyperledger. It's part of the Linux foundation. They're the gold standard and open source, openly governed, Mmm. Technology you know, early on in 2018 yep. 18, 26. I mean, we got involved, started contributing code and developers. >>Two Hyperledger fabric, which is the industry's first permissioned blockchain technology. Permission meaning members are accountable. So the network versus Bitcoin where members are anonymous and to pass industry Reggie regulations, you can't be anonymous. You have to be accountable. Um, that's not to say that you can't, okay. Work privately, you know, so you're accountable. But transactions in the network, Mmm. Only gets shared with those that have a need, need to know. So that the foundation is Hyperledger fabric. And IBM has a commercial offering called the IBM blockchain platform that embodies that. That kind of is a commercial distribution of Hyperledger fabric plus a set of advanced tools to make it really easy to work with. The open source. All the networks that I talked about are operating their network across the worldwide IBM public cloud. And so cloud technology lays a really big part of blockchain because blockchains are networks. >>Mmm. You know, our technology, IBM blockchain platform runs really well in the IBM wow. But it also allows you to run anywhere, right? Or like to say where it matters most. So you may have companies, I'm running blockchain nodes in the IBM cloud. You may have others running it on their own premises behind their firewall. You might have others running an Amazon and Microsoft Azure. Right. So we use, um, you may have heard of red hat open shift, the container technology so that we can run Mmm. Parts of a blockchain network, I guess they said where they matter most and you get strengthened a blockchain network based on the diversity of the operators. Because if it was all operated by one operator, there would be a chance maybe that there can be some collusion happening. But now if you could run it know across different geographies across the IBM cloud. >>So almost three networks all run on use this technology or run on the IBM cloud. And Dave, one more thing. If you look at these applications, they're just modern application, you know, their mobile front ends, their web portals and all of that kind of, okay. Okay. The blockchain part of these applications, usually it's only 20% of the overall endeavor that companies are going through. The other 80% it's business as usual. I'm building a modern cloud application. So what we're doing in IBM with, but you know, red hat with OpenShift with our cloud packs, which brings various enterprise software across different disciplines, blends and domains like integration, application, data, security. All of those things come together to fill the other 80% the above and beyond blockchain. So these three companies, okay. You know, 99 plus others are building applications as modern cloud applications that leverage this blockchain technology. So you don't have to be a cryptographer or you know, a distributed database expert. It's all, it's all embodied in this code. Mmm. Available on the IBM cloud, 29 cents a CPU hour. It was approximately the price. So it's quite affordable. And you know, that's what we've delivered. >>Well, the thing about that, that last point about the cloud is it law, it allows organizations, enterprises to experiment very cheaply, uh, and so they can get, uh, an MVP out or a proof of concept out very quickly, very cheaply, and then iterate, uh, extremely quickly. That to me is the real benefit, the cloud era and the pricing model. >>I just mentioned, David, as I said it when I started, you know, it's like we were working out in a gym, but we weren't quite sure. We knew why we were, we were so keen on getting fit. And what I see now is this, you know, blossoming of users who are looking at, you know, a new agreement. We thought we understood digital transformation. Mmm. But there's a whole new nice to be digitized right now. You know, we're probably not going to be jumping on planes and trains, uh, working as, as, as more intimately as we were face to face. So the need for new digital applications that link people together. Uh, w we're seeing so many use cases from, um, trade finance to food safety, to proxy voting for stock, know all of these applications that we're kind of moving along at a normal speed. I've been hyper accelerated, uh, because of the crisis we're in. So blockchain no. Couldn't come any sooner. >>Yeah. You know, I want to ask you, as a technologist, uh, you know, I've learned over the years, there's a lot of ways to skin a cat. Um, could you do the types of things that you're talking about without blockchain? Um, I'm, I'm sure there are ways, but, but why is blockchain sort of the right path, >>Dave? Mmm. You can, you can certainly do things with databases. Mmm. But if you want the trust, it's as simple as this. A database traditionally has a single administrator that sets the rules up for when a transaction comes in. Mmm. What it takes to commit that transaction. And if the rules are met, the transactions committed, um, the database administrator has access who commands like delete and update. So at some level you can never be a hundred percent sure that that data was the data that was intended in there. With a blockchain, there's multiple administrators to the ledger. So the ledger is distributed and shared across multiple administrators. When a transaction is submitted, it is first proposed for those administrators, a process of consent happens. And then, and only then when the majority of the group agrees that it's a valid transaction, is it committed? And when it's committed, it's committed in a way that's cryptographically linked two other transactions in the ledger, I'm making it. >>Mmm tamper-proof right. Or very difficult to tamper with. And unlike databases, blockchains are append only so they don't have update and delete. Okay. All right. So if you really want that center of trusted data that is a tested, you know, that has checks and balances across different organizations, um, blockchain is the key to do it, you know? So could you do it in data with a database? Yes. But you have to trust that central organization. And for many applications, that's just fine. All right. But if we want to move quickly, we really want to share systems of record. Mmm. I hear you. Sharing a system of record, you have regulatory obligations, you can say, Oh, sorry, the record was wrong, but it was put in there by, by this other company. Well, they'll say, well, >>okay, >>nice for the other company, but sorry, you're the one in trouble. So with a blockchain, we have to bring assurances that we can't get into that kind of situation, right? So that shared Mmm. Distributed database that is kind of provides this tamper resistant audit log becomes the Colonel cross. And then with the privacy preservation that you get from encryption and privacy techniques, um, like we have like these things, both channels, um, you can transact, um Hm. And be accountable, but also, Mmm. Only share of transactions with those that have a need to know, right? So you get that level of privacy in there. And that combination of trust and privacy is the secret sauce that makes blockchain unique and quite timely for this. So yeah, check it out. I mean, on the IBM cloud, it's effortless. So to get up and running, you know, building a cloud native application with blockchain and you know, if you're used to doing things, um, on other clouds or back at the home base, we have the IBM blockchain software, which you can deploy. Yeah. Open shift anywhere. So we have what you need in a time of need. >>And as a technologist, again, you're being really, I think, honest and careful about the word tamper. You call it tamper resistant. And if I understand it right, that, I mean, obviously you can fish for somebody's credentials. Yeah. That's, you know, that's one thing. But if I understand that, that more than 50% of the peers in the community, it must agree to tamper in order for the system. You tampered with it. And, and that is the beauty of, of blockchain and the brilliance. Okay. >>Okay. Yeah. And, and, and for, um, performance reasons we've created optimizations. Like you can set a consensus policy up because maybe one transaction it's okay just to have a couple people agree and say, Oh, well, you know, out of the a hundred nodes, Mmm. Three agree, it's good enough. Okay. Other, other policies may be more stringent depending on the nature of the data and the transaction, right? So you can tone, you can kind of tune that in based on the class of transaction. And so it's kind of good and that's how we can get performance levels in the, you know, thousand plus. In fact, IBM and RBC, um, recently did, um, a series of performance analysis because RBC said, Hey, can I use this for some of my bank to bank exchanges and we need to support over a thousand transactions per second. They were able, in their use case, there's support over 3000. Transact for a second. Okay. Mmm. You know, that we were very encouraged by that. I'm glad you clarified that because, so essentially you're saying you can risk adjust the policies if you will. >>That's great to know. Mmm. I could go on forever on this topic. Well, we're unfortunately, Jerry, we're well over our time, but I want to thank you for coming back, planning this important topic. Thrilled. IBM has taken a leadership position here, and I think, you know, to your point, this pandemic is just going to, can accelerate a lot of things and blockchain is, but in my view anyway, one of them. Thank you, Dave. Oh, great questions and I really appreciate it. So everyone out there, um, stay safe. Stay healthy. All right. Thank you Jerry, and thank you for watching everybody. This is Dave Volante for the cube. Our coverage of the IBM think digital 2020 event. We'll be right back. Perfect. The short break.

(upbeat music) >> Announcer: It's theCUBE covering the virtual Vertica Big Data Conference 2020 brought to you by Vertica. >> Welcome back to the Vertica Virtual Big Data Conference, BDC 2020. You know, it was supposed to be a physical event in Boston at the Encore. Vertica pivoted to a digital event, and we're pleased that The Cube could participate because we've participated in every BDC since the inception. Rich Gaston this year is the global solutions architect for security risk and governance at Micro Focus. Rich, thanks for coming on, good to see you. >> Hey, thank you very much for having me. >> So you got a chewy title, man. You got a lot of stuff, a lot of hairy things in there. But maybe you can talk about your role as an architect in those spaces. >> Sure, absolutely. We handle a lot of different requests from the global 2000 type of organization that will try to move various business processes, various application systems, databases, into new realms. Whether they're looking at opening up new business opportunities, whether they're looking at sharing data with partners securely, they might be migrating it to cloud applications, and doing migration into a Hybrid IT architecture. So we will take those large organizations and their existing installed base of technical platforms and data, users, and try to chart a course to the future, using Micro Focus technologies, but also partnering with other third parties out there in the ecosystem. So we have large, solid relationships with the big cloud vendors, with also a lot of the big database spenders. Vertica's our in-house solution for big data and analytics, and we are one of the first integrated data security solutions with Vertica. We've had great success out in the customer base with Vertica as organizations have tried to add another layer of security around their data. So what we will try to emphasize is an enterprise wide data security approach, where you're taking a look at data as it flows throughout the enterprise from its inception, where it's created, where it's ingested, all the way through the utilization of that data. And then to the other uses where we might be doing shared analytics with third parties. How do we do that in a secure way that maintains regulatory compliance, and that also keeps our company safe against data breach. >> A lot has changed since the early days of big data, certainly since the inception of Vertica. You know, it used to be big data, everyone was rushing to figure it out. You had a lot of skunkworks going on, and it was just like, figure out data. And then as organizations began to figure it out, they realized, wow, who's governing this stuff? A lot of shadow IT was going on, and then the CIO was called to sort of reign that back in. As well, you know, with all kinds of whatever, fake news, the hacking of elections, and so forth, the sense of heightened security has gone up dramatically. So I wonder if you can talk about the changes that have occurred in the last several years, and how you guys are responding. >> You know, it's a great question, and it's been an amazing journey because I was walking down the street here in my hometown of San Francisco at Christmastime years ago and I got a call from my bank, and they said, we want to inform you your card has been breached by Target, a hack at Target Corporation and they got your card, and they also got your pin. And so you're going to need to get a new card, we're going to cancel this. Do you need some cash? I said, yeah, it's Christmastime so I need to do some shopping. And so they worked with me to make sure that I could get that cash, and then get the new card and the new pin. And being a professional in the inside of the industry, I really questioned, how did they get the pin? Tell me more about this. And they said, well, we don't know the details, but you know, I'm sure you'll find out. And in fact, we did find out a lot about that breach and what it did to Target. The impact that $250 million immediate impact, CIO gone, CEO gone. This was a big one in the industry, and it really woke a lot of people up to the different types of threats on the data that we're facing with our largest organizations. Not just financial data; medical data, personal data of all kinds. Flash forward to the Cambridge Analytica scandal that occurred where Facebook is handing off data, they're making a partnership agreement --think they can trust, and then that is misused. And who's going to end up paying the cost of that? Well, it's going to be Facebook at a tune of about five billion on that, plus some other finds that'll come along, and other costs that they're facing. So what we've seen over the course of the past several years has been an evolution from data breach making the headlines, and how do my customers come to us and say, help us neutralize the threat of this breach. Help us mitigate this risk, and manage this risk. What do we need to be doing, what are the best practices in the industry? Clearly what we're doing on the perimeter security, the application security and the platform security is not enough. We continue to have breaches, and we are the experts at that answer. The follow on fascinating piece has been the regulators jumping in now. First in Europe, but now we see California enacting a law just this year. They came into a place that is very stringent, and has a lot of deep protections that are really far-reaching around personal data of consumers. Look at jurisdictions like Australia, where fiduciary responsibility now goes to the Board of Directors. That's getting attention. For a regulated entity in Australia, if you're on the Board of Directors, you better have a plan for data security. And if there is a breach, you need to follow protocols, or you personally will be liable. And that is a sea change that we're seeing out in the industry. So we're getting a lot of attention on both, how do we neutralize the risk of breach, but also how can we use software tools to maintain and support our regulatory compliance efforts as we work with, say, the largest money center bank out of New York. I've watched their audit year after year, and it's gotten more and more stringent, more and more specific, tell me more about this aspect of data security, tell me more about encryption, tell me more about money management. The auditors are getting better. And we're supporting our customers in that journey to provide better security for the data, to provide a better operational environment for them to be able to roll new services out with confidence that they're not going to get breached. With that confidence, they're not going to have a regulatory compliance fine or a nightmare in the press. And these are the major drivers that help us with Vertica sell together into large organizations to say, let's add some defense in depth to your data. And that's really a key concept in the security field, this concept of defense in depth. We apply that to the data itself by changing the actual data element of Rich Gaston, I will change that name into Ciphertext, and that then yields a whole bunch of benefits throughout the organization as we deal with the lifecycle of that data. >> Okay, so a couple things I want to mention there. So first of all, totally board level topic, every board of directors should really have cyber and security as part of its agenda, and it does for the reasons that you mentioned. The other is, GDPR got it all started. I guess it was May 2018 that the penalties went into effect, and that just created a whole Domino effect. You mentioned California enacting its own laws, which, you know, in some cases are even more stringent. And you're seeing this all over the world. So I think one of the questions I have is, how do you approach all this variability? It seems to me, you can't just take a narrow approach. You have to have an end to end perspective on governance and risk and security, and the like. So are you able to do that? And if so, how so? >> Absolutely, I think one of the key areas in big data in particular, has been the concern that we have a schema, we have database tables, we have CALMS, and we have data, but we're not exactly sure what's in there. We have application developers that have been given sandbox space in our clusters, and what are they putting in there? So can we discover that data? We have those tools within Micro Focus to discover sensitive data within in your data stores, but we can also protect that data, and then we'll track it. And what we really find is that when you protect, let's say, five billion rows of a customer database, we can now know what is being done with that data on a very fine grain and granular basis, to say that this business process has a justified need to see the data in the clear, we're going to give them that authorization, they can decrypt the data. Secure data, my product, knows about that and tracks that, and can report on that and say at this date and time, Rich Gaston did the following thing to be able to pull data in the clear. And that could be then used to support the regulatory compliance responses and then audit to say, who really has access to this, and what really is that data? Then in GDPR, we're getting down into much more fine grained decisions around who can get access to the data, and who cannot. And organizations are scrambling. One of the funny conversations that I had a couple years ago as GDPR came into place was, it seemed a couple of customers were taking these sort of brute force approach of, we're going to move our analytics and all of our data to Europe, to European data centers because we believe that if we do this in the U.S., we're going to violate their law. But if we do it all in Europe, we'll be okay. And that simply was a short-term way of thinking about it. You really can't be moving your data around the globe to try to satisfy a particular jurisdiction. You have to apply the controls and the policies and put the software layers in place to make sure that anywhere that someone wants to get that data, that we have the ability to look at that transaction and say it is or is not authorized, and that we have a rock solid way of approaching that for audit and for compliance and risk management. And once you do that, then you really open up the organization to go back and use those tools the way they were meant to be used. We can use Vertica for AI, we can use Vertica for machine learning, and for all kinds of really cool use cases that are being done with IOT, with other kinds of cases that we're seeing that require data being managed at scale, but with security. And that's the challenge, I think, in the current era, is how do we do this in an elegant way? How do we do it in a way that's future proof when CCPA comes in? How can I lay this on as another layer of audit responsibility and control around my data so that I can satisfy those regulators as well as the folks over in Europe and Singapore and China and Turkey and Australia. It goes on and on. Each jurisdiction out there is now requiring audit. And like I mentioned, the audits are getting tougher. And if you read the news, the GDPR example I think is classic. They told us in 2016, it's coming. They told us in 2018, it's here. They're telling us in 2020, we're serious about this, and here's the finds, and you better be aware that we're coming to audit you. And when we audit you, we're going to be asking some tough questions. If you can't answer those in a timely manner, then you're going to be facing some serious consequences, and I think that's what's getting attention. >> Yeah, so the whole big data thing started with Hadoop, and Hadoop is open, it's distributed, and it just created a real governance challenge. I want to talk about your solutions in this space. Can you tell us more about Micro Focus voltage? I want to understand what it is, and then get into sort of how it works, and then I really want to understand how it's applied to Vertica. >> Yeah, absolutely, that's a great question. First of all, we were the originators of format preserving encryption, we developed some of the core basic research out of Stanford University that then became the company of Voltage; that build-a-brand name that we apply even though we're part of Micro Focus. So the lineage still goes back to Dr. Benet down at Stanford, one of my buddies there, and he's still at it doing amazing work in cryptography and keeping moving the industry forward, and the science forward of cryptography. It's a very deep science, and we all want to have it peer-reviewed, we all want to be attacked, we all want it to be proved secure, that we're not selling something to a major money center bank that is potentially risky because it's obscure and we're private. So we have an open standard. For six years, we worked with the Department of Commerce to get our standard approved by NIST; The National Institute of Science and Technology. They initially said, well, AES256 is going to be fine. And we said, well, it's fine for certain use cases, but for your database, you don't want to change your schema, you don't want to have this increase in storage costs. What we want is format preserving encryption. And what that does is turns my name, Rich, into a four-letter ciphertext. It can be reversed. The mathematics of that are fascinating, and really deep and amazing. But we really make that very simple for the end customer because we produce APIs. So these application programming interfaces can be accessed by applications in C or Java, C sharp, other languages. But they can also be accessed in Microservice Manor via rest and web service APIs. And that's the core of our technical platform. We have an appliance-based approach, so we take a secure data appliance, we'll put it on Prim, we'll make 50 of them if you're a big company like Verizon and you need to have these co-located around the globe, no problem; we can scale to the largest enterprise needs. But our typical customer will install several appliances and get going with a couple of environments like QA and Prod to be able to start getting encryption going inside their organization. Once the appliances are set up and installed, it takes just a couple of days of work for a typical technical staff to get done. Then you're up and running to be able to plug in the clients. Now what are the clients? Vertica's a huge one. Vertica's one of our most powerful client endpoints because you're able to now take that API, put it inside Vertica, it's all open on the internet. We can go and look at Vertica.com/secure data. You get all of our documentation on it. You understand how to use it very quickly. The APIs are super simple; they require three parameter inputs. It's a really basic approach to being able to protect and access data. And then it gets very deep from there because you have data like credit card numbers. Very different from a street address and we want to take a different approach to that. We have data like birthdate, and we want to be able to do analytics on dates. We have deep approaches on managing analytics on protected data like Date without having to put it in the clear. So we've maintained a lead in the industry in terms of being an innovator of the FF1 standard, what we call FF1 is format preserving encryption. We license that to others in the industry, per our NIST agreement. So we're the owner, we're the operator of it, and others use our technology. And we're the original founders of that, and so we continue to sort of lead the industry by adding additional capabilities on top of FF1 that really differentiate us from our competitors. Then you look at our API presence. We can definitely run as a dup, but we also run in open systems. We run on main frame, we run on mobile. So anywhere in the enterprise or one in the cloud, anywhere you want to be able to put secure data, and be able to access the protect data, we're going to be there and be able to support you there. >> Okay so, let's say I've talked to a lot of customers this week, and let's say I'm running in Eon mode. And I got some workload running in AWS, I've got some on Prim. I'm going to take an appliance or multiple appliances, I'm going to put it on Prim, but that will also secure my cloud workloads as part of a sort of shared responsibility model, for example? Or how does that work? >> No, that's absolutely correct. We're really flexible that we can run on Prim or in the cloud as far as our crypto engine, the key management is really hard stuff. Cryptography is really hard stuff, and we take care of all that, so we've all baked that in, and we can run that for you as a service either in the cloud or on Prim on your small Vms. So really the lightweight footprint for me running my infrastructure. When I look at the organization like you just described, it's a classic example of where we fit because we will be able to protect that data. Let's say you're ingesting it from a third party, or from an operational system, you have a website that collects customer data. Someone has now registered as a new customer, and they're going to do E-commerce with you. We'll take that data, and we'll protect it right at the point of capture. And we can now flow that through the organization and decrypt it at will on any platform that you have that you need us to be able to operate on. So let's say you wanted to pick that customer data from the operational transaction system, let's throw it into Eon, let's throw it into the cloud, let's do analytics there on that data, and we may need some decryption. We can place secure data wherever you want to be able to service that use case. In most cases, what you're doing is a simple, tiny little atomic efetch across a protected tunnel, your typical TLS pipe tunnel. And once that key is then cashed within our client, we maintain all that technology for you. You don't have to know about key management or dashing. We're good at that; that's our job. And then you'll be able to make those API calls to access or protect the data, and apply the authorization authentication controls that you need to be able to service your security requirements. So you might have third parties having access to your Vertica clusters. That is a special need, and we can have that ability to say employees can get X, and the third party can get Y, and that's a really interesting use case we're seeing for shared analytics in the internet now. >> Yeah for sure, so you can set the policy how we want. You know, I have to ask you, in a perfect world, I would encrypt everything. But part of the reason why people don't is because of performance concerns. Can you talk about, and you touched upon it I think recently with your sort of atomic access, but can you talk about, and I know it's Vertica, it's Ferrari, etc, but anything that slows it down, I'm going to be a concern. Are customers concerned about that? What are the performance implications of running encryption on Vertica? >> Great question there as well, and what we see is that we want to be able to apply scale where it's needed. And so if you look at ingest platforms that we find, Vertica is commonly connected up to something like Kafka. Maybe streamsets, maybe NiFi, there are a variety of different technologies that can route that data, pipe that data into Vertica at scale. Secured data is architected to go along with that architecture at the node or at the executor or at the lowest level operator level. And what I mean by that is that we don't have a bottleneck that everything has to go through one process or one box or one channel to be able to operate. We don't put an interceptor in between your data and coming and going. That's not our approach because those approaches are fragile and they're slow. So we typically want to focus on integrating our APIs natively within those pipeline processes that come into Vertica within the Vertica ingestion process itself, you can simply apply our protection when you do the copy command in Vertica. So really basic simple use case that everybody is typically familiar with in Vertica land; be able to copy the data and put it into Vertica, and you simply say protect as part of the data. So my first name is coming in as part of this ingestion. I'll simply put the protect keyword in the Syntax right in SQL; it's nothing other than just an extension SQL. Very very simple, the developer, easy to read, easy to write. And then you're going to provide the parameters that you need to say, oh the name is protected with this kind of a format. To differentiate it between a credit card number and an alphanumeric stream, for example. So once you do that, you then have the ability to decrypt. Now, on decrypt, let's look at a couple different use cases. First within Vertica, we might be doing select statements within Vertica, we might be doing all kinds of jobs within Vertica that just operate at the SQL layer. Again, just insert the word "access" into the Vertica select string and provide us with the data that you want to access, that's our word for decryption, that's our lingo. And we will then, at the Vertica level, harness the power of its CPU, its RAM, its horsepower at the node to be able to operate on that operator, the decryption request, if you will. So that gives us the speed and the ability to scale out. So if you start with two nodes of Vertica, we're going to operate at X number of hundreds of thousands of transactions a second, depending on what you're doing. Long strings are a little bit more intensive in terms of performance, but short strings like social security number are our sweet spot. So we operate very very high speed on that, and you won't notice the overhead with Vertica, perse, at the node level. When you scale Vertica up and you have 50 nodes, and you have large clusters of Vertica resources, then we scale with you. And we're not a bottleneck and at any particular point. Everybody's operating independently, but they're all copies of each other, all doing the same operation. Fetch a key, do the work, go to sleep. >> Yeah, you know, I think this is, a lot of the customers have said to us this week that one of the reasons why they like Vertica is it's very mature, it's been around, it's got a lot of functionality, and of course, you know, look, security, I understand is it's kind of table sticks, but it's also can be a differentiator. You know, big enterprises that you sell to, they're asking for security assessments, SOC 2 reports, penetration testing, and I think I'm hearing, with the partnership here, you're sort of passing those with flying colors. Are you able to make security a differentiator, or is it just sort of everybody's kind of got to have good security? What are your thoughts on that? >> Well, there's good security, and then there's great security. And what I found with one of my money center bank customers here in San Francisco was based here, was the concern around the insider access, when they had a large data store. And the concern that a DBA, a database administrator who has privilege to everything, could potentially exfil data out of the organization, and in one fell swoop, create havoc for them because of the amount of data that was present in that data store, and the sensitivity of that data in the data store. So when you put voltage encryption on top of Vertica, what you're doing now is that you're putting a layer in place that would prevent that kind of a breach. So you're looking at insider threats, you're looking at external threats, you're looking at also being able to pass your audit with flying colors. The audits are getting tougher. And when they say, tell me about your encryption, tell me about your authentication scheme, show me the access control list that says that this person can or cannot get access to something. They're asking tougher questions. That's where secure data can come in and give you that quick answer of it's encrypted at rest. It's encrypted and protected while it's in use, and we can show you exactly who's had access to that data because it's tracked via a different layer, a different appliance. And I would even draw the analogy, many of our customers use a device called a hardware security module, an HSM. Now, these are fairly expensive devices that are invented for military applications and adopted by banks. And now they're really spreading out, and people say, do I need an HSM? Well, with secure data, we certainly protect your crypto very very well. We have very very solid engineering. I'll stand on that any day of the week, but your auditor is going to want to ask a checkbox question. Do you have HSM? Yes or no. Because the auditor understands, it's another layer of protection. And it provides me another tamper evident layer of protection around your key management and your crypto. And we, as professionals in the industry, nod and say, that is worth it. That's an expensive option that you're going to add on, but your auditor's going to want it. If you're in financial services, you're dealing with PCI data, you're going to enjoy the checkbox that says, yes, I have HSMs and not get into some arcane conversation around, well no, but it's good enough. That's kind of the argument then conversation we get into when folks want to say, Vertica has great security, Vertica's fantastic on security. Why would I want secure data as well? It's another layer of protection, and it's defense in depth for you data. When you believe in that, when you take security really seriously, and you're really paranoid, like a person like myself, then you're going to invest in those kinds of solutions that get you best in-class results. >> So I'm hearing a data-centric approach to security. Security experts will tell you, you got to layer it. I often say, we live in a new world. The green used to just build a moat around the queen, but the queen, she's leaving her castle in this world of distributed data. Rich, incredibly knowlegable guest, and really appreciate you being on the front lines and sharing with us your knowledge about this important topic. So thanks for coming on theCUBE. >> Hey, thank you very much. >> You're welcome, and thanks for watching everybody. This is Dave Vellante for theCUBE, we're covering wall-to-wall coverage of the Virtual Vertica BDC, Big Data Conference. Remotely, digitally, thanks for watching. Keep it right there. We'll be right back right after this short break. (intense music)

>> Presenter: Live from San Francisco, celebrating 10 years of high tech coverage, it's the Cube. Covering vmworld 2019. Brought to you by vmware and its ecosystem partners. >> So good to have you here with us on the first day of three days of live coverage here in San Francisco as The Cube continues its 10th year of coverage at vmworld 2019. Along with John Troyer, I'm John Walls, glad to have you with us. We're joined now by Bina Hallman who is the vice president of storage at IBM. Bina good to have you with us with this afternoon. >> Thanks for having me. >> You bet. You know, your everyday assignment is keeping so many people up at night and that's how do we defend ourselves, cyber. How do we develop these resilient networks, resilient services. Let's take a step back for a second and try to paint the scope of the problem in terms of what you're seeing at IBM in terms of cyber intrusions, the nature of those attacks and the areas where those are happening. >> I'll tell you from a client industry perspective, right touch on that a little bit. But cyber resiliency, cyber security it's a huge topic. This is something that every business is thinking about, is talking about. It's not just a discussion in the different departments, it's at the C Suite level, the board level. Because if you think about it, cyber crimes as frequent as they are and as impactful as they are, they can really affect the overall company's revenue generation. The cost of recovering from them can be very expensive. >> We're talking about more than just breeches here. Every week we hear ransomware is very interesting, it's very prevalent, it's here. I honestly hear a lot of government small town governments, or state governments, municipal governments maybe because they have reporting requirements. I don't know what goes on underneath in the private sector, but does it seem like that is one things? >> That's right that's right. We hear it in the news a lot. We hear about ransomware quite a bit as data breeches, as other types of things. When you look at some of the analyst statistics and what they say about the frequency of these types of events, and the likelihood of a business getting affected, the likelihood of a business getting affected by a cyber event is 1 in 3. It used to be 1 in 4 a couple years ago, now 1 in 3 over the next two years. Ransomware itself is increasing frequency. I think it was like every 14 seconds there is a ransomware attack somewhere in the world. The cost of this is tremendous. It's in the trillions of dollars. Both from recovering from that attack, the loss in business and revenue generation and actually the impact to the company's reputation. Again, not just ransomware, it's happening in many industries. You talked about government, it's in manufacturing, it's in financial, it's in health, it's in transportation. When you step back and say, how is it so broad, when you think about every organization to some extent is going through some level of transformation. There's digital transformation. They're leveraging capabilities like hybrid multi cloud, having resources on prim, workloads on prim some services in the cloud. They've got team members that are using mobile devices. Some companies depending on their business might have IOT. So when you look at all of those entry points, these are new ways that the bad guys can get into an organization. That creates the scale and complexity, just gets very large. It used to be that you have a backup. The traditional way for business resiliency used to be you do a backup, you have the data on an external system, you restore it if something happened. And then there was the business continuity. You would have a secondary infrastructure that in the case of an accident or some kind of a natural disaster, which didn't happen very often, you would have somewhere, a secondary infrastructure. All of those were designed with the likelihood being very low of happening. Then the recovery times and the disruption to business was somewhat tolerable. These days, with all of the dynamics we're talking about, and the potential areas of entry you need more of an end to end solution. That's a cyber resiliency strategy that is really comprehensive and that's what a lot of the businesses are thinking about today. How do I make sure I have a complete solution and a strategy that allows me to survive through and come up very quickly after an attack happens. I think most people recognize that they're going to get impacted at some point. It's not if, but it's when and when it does how do I quickly recover. >> You said it with the statistic, that 1 in 3 every two years. So my math tells me in six years time, I'm going to get hit by that standard. But it tells me that it's not if, it is when. So in terms of the strategies that companies are adopting, what do you recommend? What do you suggest now? You paint a realistically grim picture that there's so many different avenues, different opportunities and it's hard to put your fingers in all those holes. >> There's a lot happening in this space and I think that, you know, there are different standards, a lot of regulations but one that has been accepted and being leveraged in the US is around a framework and some guidance the NIST organization, National Institute of Standards in Technology. It's a framework that they put in place, a guidance on how do you plan for, how do you detect and then recover from these types of situations. I'll talk about it a little bit, but it's a very good approach. It starts with an organization needs to start by identifying what are some of the critical business services that their business is dependent on. What are they, what are the systems, what are the workloads, what are the applications. They identify and then what's the tolerance level. How quickly do you need to come up. What's the RPO, RTF. Based on that, develop and prioritize a plan. That plan has to be holistic. It involves from the CIO to the CSA, security office to the operations to the business continuity, to the data owners, the line of business. And then in this environment, you've got partners, you've got services you're leveraging. All of that has to be encompassing for those key services that you identify and prioritize as a client that you need up and running. And up and running very quickly. One of the examples of a client, financial institution. They determined they had 300 services they needed up and running within 24 hours in case there was an attack or in case something happened to their data or their environment. That they defined as what their requirement was. Then you go about working with them to do a few things. You identify and then there are other phases around that I can talk about that as well. >> I was going to go over to IBM a little bit in that obviously, you're with IBM and we're talking about storage, people may not realize how integral storage is now in security, but IBM brings to the table a lot more than just storage. >> Absolutely. >> So can you talk a little bit about that portfolio and IBM's approach? >> Sure, so when I talk about the NIST framework and I talk about the identify stage, there's also things around protection, protecting the environment and those services and those systems. The infrastructure, we do a lot in that space. It's around detection. So now that you've got the protection, and protection might include things like having identity management, having access control, just making sure that the applications are at the latest code levels. Often times that's when the vulnerability comes in when you don't have those security patches installed. Data protection and when it comes to that segment, we've got a very rich portfolio of data protection capabilities with our Spectrum Protect offerings. From a protection perspective, going into an encryption, having capabilities where the infrastructure is designed to have multiple types. You can have physical separation, so you can have an air gap, things like tape are ideal for that because it's physically separated. Tiering to the cloud. You can have technologies like write once read many where they're immutable, you can't change those. You can read them but you can't change them. We've done a lot of work in innovation around what we call safeguarded copies. This is making snapshots, but those snapshots are not deletable, they're access controlled, they're read-only. That allows you to very quickly bring up an environment. >> I think people don't realize that, I see some patterns of, sometimes these things hide. They'll be in there and they will be innocuous so you can't just restore the last backup. >> That's right. >> They may try to rewrite the backup so you may have to go back and find a good one. >> Absolutely, and detection is very important. Detecting that as early as possible is the best way to reduce the cost of recovering from these kinds of events. But like you said, I think I want to say 160 days, your environment might be exposed for 160 days before you detect it. So having capabilities in a portfolio in our offerings, and we do a lot working with a research team our security team on things like our data protection where we have algorithms built in where we look for patterns and we look for anomalies. As soon as we see the patterns for malware, ransomware, we alert the operator so you don't allow it to be resident for that period of time. You quickly try to identify it. Another example is in our infrastructure management software. You can see your whole heterogeneous storage environment. You typically start out by base lining a normal environment, similar to the backup piece but then it looks for anomalies, and are there certain things happening in the network, the storage that warns the operator. >> I almost get the feeling that sometimes it's almost like termites. You don't realize you have a problem until it's too late because they haven't been visible. In a 160 day window, whatever it might be, you might be passed that but because whatever that attack was, it was malicious and as clandestine enough that you didn't find it and it does cause problems so as we're wrapping up here, what kind of confidence do you want to share with the end users with people to let them know that there are tools that they can deploy. That it's not all grim reaper. But it is difficult. >> It is difficult, it's very real. But it's absolutely something that every business can have under control, have a plan around. From an IBM perspective, we are number one leader in security, we're the leader in security. Our focus is not just at a software level, it's starting from the chips we design to the servers we deliver to the storage, the flash core modules, FIPS 140 compliance, the storage software, the data protection, the storage management software all the way through the stack. All the way through our cloud infrastructure. Having that comprehensive end to end security and we have those capabilities, we also have services. Our services and security organization work with clients to establish these, evaluate the environment, establish these strategies and interim plans. It's really about creating the plan, prioritizing it and implementing it, making sure the whole organization is aware and educated on it. >> You got to prepare no doubt about that. Thanks for the time Bina, we appreciate that. And it's not all doom and gloom but it is tough. Tough work and very necessary work. Back with more here on The Cube. You're watching our coverage from vmworld 2019, Here in San Francisco.

>> live from Boston, Massachusetts. It's the Cube covering A W s reinforce 2019. Brought to you by Amazon Web service is and its ecosystem partners. >> Well, welcome back. Everyone's Cube Live coverage here in Boston, Massachusetts, for AWS. Reinforce Amazon Web sources. First inaugural conference around security. It's not Osama. It's a branded event. Big time ecosystem developing. We have returning here. Cube Alumni Bill Jeff for VP of strategy and the partnerships that Iron Net Cyber Security Company. Welcome back. Thanks. General Keith Alexander, who was on a week and 1/2 ago. And it was public sector summit. Good to see you. Good >> to see you. Thanks for >> having my back, but I want to get into some of the Iran cyber communities. We had General Qi 1000. He was the original commander of the division. So important discussions that have around that. But don't get your take on the event. You guys, you're building a business. The minute cyber involved in public sector. This is commercial private partnership. Public relations coming together. Yeah. Your models are sharing so bringing public and private together important. >> Now that's exactly right. And it's really great to be here with eight of us were really close partner of AWS is we'll work with them our entire back in today. Runs on AWS really need opportunity. Get into the ecosystem, meet some of the folks that are working that we might work with my partner but to deliver a great product, right? And you're seeing a lot of people move to cloud, right? And so you know some of the big announcement that are happening here today. We're willing. We're looking to partner up with eight of us and be a first time provider for some key new Proactiv elves. AWS is launching in their own platform here today. So that's a really neat thing for us to be partnered up with this thing. Awesome organization. I'm doing some of >> the focus areas around reinforcing your party with Amazon shares for specifics. >> Yes. So I don't know whether they announced this capability where they're doing the announcement yesterday or today. So I forget which one so I'll leave that leave that leave that once pursued peace out. But the main thing is, they're announcing couple of new technology plays way our launch party with them on the civility place. So we're gonna be able to do what we were only wanted to do on Prem. We're gonna be able to do in the cloud with AWS in the cloud formation so that we'll deliver the same kind of guy that would deliver on prime customers inside their own cloud environments and their hybrid environment. So it's a it's a it's a sea change for us. The company, a sea change for a is delivering that new capability to their customers and really be able to defend a cloud network the way you would nonpregnant game changer >> described that value, if you would. >> Well, so you know, one of the key things about about a non pregnant where you could do you could look at all the flows coming past you. You look at all the data, look at in real time and develop behavior. Lana looks over. That's what we're doing our own prime customers today in the cloud with his world who looked a lox, right? And now, with the weight of your capability, we're gonna be able to integrate that and do a lot Maur the way we would in a in a in a normal sort of on Prem environment. So you really did love that. Really? Capability of scale >> Wagon is always killed. The predictive analytics, our visibility and what you could do. And too late. Exactly. Right. You guys solve that with this. What are some of the challenges that you see in cloud security that are different than on premise? Because that's the sea, So conversation we've been hearing. Sure, I know on premise. I didn't do it on premises for awhile. What's the difference between the challenge sets, the challenges and the opportunities they provide? >> Well, the opportunities air really neat, right? Because you've got that even they have a shared responsibility model, which is a little different than you officially have it. When it's on Prem, it's all yours essential. You own that responsibility and it is what it is in the cloud. Its share responsible to cloud provider the data holder. Right? But what's really cool about the cloud is you could deliver some really interesting Is that scale you do patch updates simultaneously, all your all your back end all your clients systems, even if depending how your provisioning cloud service is, you could deliver that update in real time. You have to worry about. I got to go to individual systems and update them, and some are updated. Summer passed. Some aren't right. Your servers are packed simultaneously. You take him down, you're bringing back up and they're ready to go, right? That's a really capability that for a sigh. So you're delivering this thing at scale. It's awesome now, So the challenge is right. It's a new environment so that you haven't dealt with before. A lot of times you feel the hybrid environment governed both an on Prem in sanitation and class sensation. Those have to talkto one another, right? And you might think about Well, how do I secure those those connections right now? And I think about spending money over here when I got all seduced to spend up here in the cloud. And that's gonna be a hard thing precisely to figure out, too. And so there are some challenges, but the great thing is, you got a whole ecosystem. Providers were one of them here in the AWS ecosystem. There are a lot here today, and you've got eight of us as a part of self who wants to make sure that they're super secure, but so are yours. Because if you have a problem in their cloud, that's a challenge. Them to market this other people. You talk about >> your story because your way interviews A couple weeks ago, you made a comment. I'm a recovering lawyer, kind of. You know, we all laughed, but you really start out in law, right? >> How did you end up here? Yeah, well, the truth is, I grew up sort of a technology or myself. My first computer is a trash 80 a trs 80 color computer. RadioShack four k of RAM on board, right. We only >> a true TRS 80. Only when I know what you're saying. That >> it was a beautiful system, right? Way stored with sword programs on cassette tapes. Right? And when we operated from four Keita 16 k way were the talk of the Rainbow Computer Club in Santa Monica, California Game changer. It was a game here for 16. Warning in with 60 give onboard. Ram. I mean, this is this is what you gonna do. And so you know, I went from that and I in >> trouble or something, you got to go to law school like you're right >> I mean, you know, look, I mean, you know it. So my dad, that was a chemist, right? So he loved computers, love science. But he also had an unrequited political boners body. He grew up in East Africa, Tanzania. It was always thought that he might be a minister in government. The Socialist came to power. They they had to leave you at the end of the day. And he came to the states and doing chemistry, which is course studies. But he still loved politics. So he raised at NPR. So when I went to college, I studied political science. But I paid my way through college doing computer support, life sciences department at the last moment. And I ran 10 based. He came on climate through ceilings and pulled network cable do punch down blocks, a little bit of fibrous placing. So, you know, I was still a murderer >> writing software in the scythe. >> One major, major air. And that was when when the web first came out and we had links. Don't you remember? That was a text based browser, right? And I remember looking to see him like this is terrible. Who would use http slash I'm going back to go for gophers. Awesome. Well, turns out I was totally wrong about Mosaic and Netscape. After that, it was It was it was all hands on >> deck. You got a great career. Been involved a lot in the confluence of policy politics and tech, which is actually perfect skill set for the challenge we're dealing. So I gotta ask you, what are some of the most important conversations that should be on the table right now? Because there's been a lot of conversations going on around from this technology. I has been around for many decades. This has been a policy problem. It's been a societal problem. But now this really focus on acute focus on a lot of key things. What are some of the most important things that you think should be on the table for techies? For policymakers, for business people, for lawmakers? >> One. I think we've got to figure out how to get really technology knowledge into the hands of policymakers. Right. You see, you watch the Facebook hearings on Capitol Hill. I mean, it was a joke. It was concerning right? I mean, anybody with a technology background to be concerned about what they saw there, and it's not the lawmakers fault. I mean, you know, we've got to empower them with that. And so we got to take technologist, threw it out, how to get them to talk policy and get them up on the hill and in the administration talking to folks, right? And one of the big outcomes, I think, has to come out of that conversation. What do we do about national level cybersecurity, Right, because we assume today that it's the rule. The private sector provides cyber security for their own companies, but in no other circumstance to expect that when it's a nation state attacker, wait. We don't expect Target or Wal Mart or any other company. J. P. Morgan have surface to air missiles on the roofs of their warehouses or their buildings to Vegas Russian bear bombers. Why, that's the job of the government. But when it comes to cyberspace, we expect Private Cummings defending us everything from a script kiddie in his basement to the criminal hacker in Eastern Europe to the nation state, whether Russia, China, Iran or North Korea and these nation states have virtually a limited resource. Your armies did >> sophisticated RND technology, and it's powerful exactly like a nuclear weaponry kind of impact for digital. >> Exactly. And how can we expect prices comes to defend themselves? It's not. It's not a fair fight. And so the government has to have some role. The questions? What role? How did that consist with our values, our principles, right? And how do we ensure that the Internet remains free and open, while still is sure that the president is not is not hampered in doing its job out there. And I love this top way talk about >> a lot, sometimes the future of warfare. Yeah, and that's really what we're talking about. You go back to Stuxnet, which opened Pandora's box 2016 election hack where you had, you know, the Russians trying to control the mean control, the narrative. As you pointed out, that that one video we did control the belief system you control population without firing a shot. 20 twenties gonna be really interesting. And now you see the U. S. Retaliate to Iran in cyberspace, right? Allegedly. And I was saying that we had a conversation with Robert Gates a couple years ago and I asked him. I said, Should we be Maur taking more of an offensive posture? And he said, Well, we have more to lose than the other guys Glasshouse problem? Yeah, What are your thoughts on? >> Look, certainly we rely intimately, inherently on the cyber infrastructure that that sort of is at the core of our economy at the core of the world economy. Increasingly, today, that being said, because it's so important to us all the more reason why we can't let attacks go Unresponded to write. And so if you're being attacked in cyberspace, you have to respond at some level because if you don't, you'll just keep getting punched. It's like the kid on the playground, right? If the bully keeps punching him and nobody does anything, not not the not the school administration, not the kid himself. Well, then the boy's gonna keep doing what he's doing. And so it's not surprising that were being tested by Iran by North Korea, by Russia by China, and they're getting more more aggressive because when we don't punch back, that's gonna happen. Now we don't have to punch back in cyberspace, right? A common sort of fetish about Cyrus is a >> response to the issue is gonna respond to the bully in this case, your eggs. Exactly. Playground Exactly. We'll talk about the Iran. >> So So if I If I if I can't Yeah, the response could be Hey, we could do this. Let them know you could Yes. And it's a your move >> ate well, And this is the key is that it's not just responding, right. So Bob Gates or told you we can't we talk about what we're doing. And even in the latest series of alleged responses to Iran, the reason we keep saying alleged is the U. S has not publicly acknowledged it, but the word has gotten out. Well, of course, it's not a particularly effective deterrence if you do something, but nobody knows you did it right. You gotta let it out that you did it. And frankly, you gotta own it and say, Hey, look, that guy punch me, I punch it back in the teeth. So you better not come after me, right? We don't do that in part because these cables grew up in the intelligence community at N S. A and the like, and we're very sensitive about that But the truth is, you have to know about your highest and capabilities. You could talk about your abilities. You could say, Here are my red lines. If you cross him, I'm gonna punch you back. If you do that, then by the way, you've gotta punch back. They'll let red lines be crossed and then not respond. And then you're gonna talk about some level of capabilities. It can't all be secret. Can't all be classified. Where >> are we in this debate? Me first. Well, you're referring to the Thursday online attack against the intelligence Iranian intelligence community for the tanker and the drone strike that they got together. Drone take down for an arm in our surveillance drones. >> But where are we >> in this debate of having this conversation where the government should protect and serve its people? And that's the role. Because if a army rolled in fiscal army dropped on the shores of Manhattan, I don't think Citibank would be sending their people out the fight. Right? Right. So, like, this is really happening. >> Where are we >> on this? Like, is it just sitting there on the >> table? What's happening? What's amazing about it? Hi. This was getting it going well, that that's a Q. What's been amazing? It's been happening since 2012 2011 right? We know about the Las Vegas Sands attack right by Iran. We know about North Korea's. We know about all these. They're going on here in the United States against private sector companies, not against the government. And there's largely been no response. Now we've seen Congress get more active. Congress just last year passed to pass legislation that gave Cyber command the authority on the president's surgery defenses orders to take action against Russia, Iran, North Korea and China. If certain cyber has happened, that's a good thing, right to give it. I'll be giving the clear authority right, and it appears the president willing to make some steps in that direction, So that's a positive step. Now, on the back end, though, you talk about what we do to harden ourselves, if that's gonna happen, right, and the government isn't ready today to defend the nation, even though the Constitution is about providing for the common defense, and we know that the part of defense for long. For a long time since Secretary Panetta has said that it is our mission to defend the nation, right? But we know they're not fully doing that. How do they empower private sector defense and one of keys That has got to be Look, if you're the intelligence community or the U. S. Government, you're Clinton. Tremendous sense of Dad about what you're seeing in foreign space about what the enemy is doing, what they're preparing for. You have got to share that in real time at machine speed with industry. And if you're not doing that and you're still count on industry to be the first line defense, well, then you're not empowered. That defense. And if you're on a pair of the defense, how do you spend them to defend themselves against the nation? State threats? That's a real cry. So >> much tighter public private relationship. >> Absolutely, absolutely. And it doesn't have to be the government stand in the front lines of the U. S. Internet is, though, is that you could even determine the boundaries of the U. S. Internet. Right? Nobody wants an essay or something out there doing that, but you do want is if you're gonna put the private sector in the in the line of first defense. We gotta empower that defense if you're not doing that than the government isn't doing its job. And so we gonna talk about this for a long time. I worked on that first piece of information sharing legislation with the House chairman, intelligence Chairman Mike Rogers and Dutch Ruppersberger from Maryland, right congressman from both sides of the aisle, working together to get a fresh your decision done that got done in 2015. But that's just a first step. The government's got to be willing to share classified information, scaled speed. We're still not seeing that. Yeah, How >> do people get involved? I mean, like, I'm not a political person. I'm a moderate in the middle. But >> how do I How do people get involved? How does the technology industry not not the >> policy budgets and the top that goes on the top tech companies, how to tech workers or people who love Tad and our patriots and or want freedom get involved? What's the best approach? >> Well, that's a great question. I think part of is learning how to talk policy. How do we get in front policymakers? Right. And we're I run. I run a think tank on the side at the National Institute at George Mason University's Anton Scalia Law School Way have a program funded by the Hewlett Foundation who were bringing in technologists about 25 of them. Actually. Our next our second event. This Siri's is gonna be in Chicago this weekend. We're trained these technologies, these air data scientists, engineers and, like talk Paul's right. These are people who said We want to be involved. We just don't know how to get involved And so we're training him up. That's a small program. There's a great program called Tech Congress, also funded by the U. A. Foundation that places technologists in policy positions in Congress. That's really cool. There's a lot of work going on, but those are small things, right. We need to do this, its scale. And so you know, what I would say is that their technology out there want to get involved, reach out to us, let us know well with our partners to help you get your information and dad about what's going on. Get your voice heard there. A lot of organizations to that wanna get technologies involved. That's another opportunity to get in. Get in the building is a >> story that we want to help tell on be involved in David. I feel passion about this. Is a date a problem? So there's some real tech goodness in there. Absolutely. People like to solve hard problems, right? I mean, we got a couple days of them. You've got a big heart problems. It's also for all the people out there who are Dev Ops Cloud people who like to work on solving heart problems. >> We got a lot >> of them. Let's do it. So what's going on? Iron? Give us the update Could plug for the company. Keith Alexander found a great guy great guests having on the Cube. That would give the quick thanks >> so much. So, you know, way have done two rounds of funding about 110,000,000. All in so excited. We have partners like Kleiner Perkins Forge point C five all supporting us. And now it's all about We just got a new co CEO in Bill Welshman. See Scaler and duo. So he grew Z scaler. $1,000,000,000 valuation he came in to do Oh, you know, they always had a great great exit. Also, we got him. We got Sean Foster in from from From Industry also. So Bill and Sean came together. We're now making this business move more rapidly. We're moving to the mid market. We're moving to a cloud platform or aggressively and so exciting times and iron it. We're coming toe big and small companies near you. We've got the capability. We're bringing advanced, persistent defense to bear on his heart problems that were threat analytics. I collected defence. That's the key to our operation. We're excited >> to doing it. I call N S A is a service, but that's not politically correct. But this is the Cube, so >> Well, look, if you're not, if you want to defensive scale, right, you want to do that. You know, ECE knows how to do that key down here at the forefront of that when he was in >> the government. Well, you guys are certainly on the cutting edge, riding that wave of common societal change technology impact for good, for defence, for just betterment, not make making a quick buck. Well, you know, look, it's a good business model by the way to be in that business. >> I mean, It's on our business cards. And John Xander means it. Our business. I'd say the Michigan T knows that he really means that, right? Rather private sector. We're looking to help companies to do the right thing and protect the nation, right? You know, I protect themselves >> better. Well, our missions to turn the lights on. Get those voices out there. Thanks for coming on. Sharing the lights. Keep covers here. Day one of two days of coverage. Eight of us reinforce here in Boston. Stay with us for more Day one after this short break.

(upbeat music) >> Live from San Francisco, it's theCUBE covering Google Cloud Next 2018, brought to you by Google Cloud, and it's Ecosystem Partners. >> Hello everyone, and welcome back theCUBE live coverage, here in San Francisco, the Moscone South. I'm John Furrier with the SiliconANGLE on theCube, with my cohost Dave Vellante, for next three days. Day one, wrap up of Google Next here. Google Cloud's premiere event. This is a different Google. It's a world changing event, in my opinion, of Google. Dave, I want to analyze day one as we put it in the books. Let's analyze and let's look at it, and critique and observe the moves that Google's making vis-à-vis the competition. And Diane Greene, who's on theCUBE earlier, great guest. Kind of in her comfort zone here on theCUBE because she talks, she's an engineer, she's super smart. She thinks free thoughts but she really has a good chessboard view of the landscape. My big walk away today is that she's got full command of what she wants to do, but she's in an uncomfortable position that I think she's not used to. And that is at VMworld, at VMware, she didn't have competition. First mover, changes the market. Certainly, winning at all fronts when VMware was starting. And they morphed over and then you know the history of Vmware: sold to EMC and then now the rest is history. But they really changed the category. They created a category. And were very successful in IT with virtual machines. She's got competition in Cloud. She's playing from behind. She's got the big guns. She's going to bring out the howitzers, you know? I mean she's got Spanner, BigQuery, all the Scale, Kubernetes. Which the internal name is Borg which has been running on the Google infrastructure. Provisioning services on all their applications with billions and billions of users. If she can translate that, that's key. So that's one observation. And the second one is that Google is taking a data centric view. Their competitive advantage is dealing with data. And if you look at everything that they're doing from TensorFlow for AI and all the themes here. They are positioning Google as with a place to bring your data. Okay, that is clear to me as a stake in the ground. With the large scale technical infrastructure they're going to roll out with SREs. Those two things to me are the front and center major power moves that they're making. The rest wrapping around it is Kubernetes, Istio, a service oriented architecture managing services not products and providing large scale value to their customers that don't want to be Google. They want to be like Google in the benefits of Scale, which comes in automation. And I think I head room for Google Cloud is IT operations. So that's kind of like my take. I think day one, the people we've had on from Google sharp as nails, no enterprise tech. Jennifer Lin, Deepti, Diane Greene. The list goes on and on. What's your take? >> Well so, first of all with what's goin' on here and Diane Greene, the game she's playing now. Completely different obviously than VMware. Where it was all about cutting costs. Vmware, when you think about it, sold for $635 million to EMC way back when. So, it was just a little scratch compared to what we're talkin' about now. She didn't have the resources. The IT business, you remember Nick Carr's famous piece on HBR 'Does IT Matter?' That was the sentiment back then. IT, waste of time, undifferentiated. Just cut costs. Cut, cut, cut. Perfect for Vmware. The game they're playing now is totally different. As you said they were late to the enterprise. Ironically, late to the "enterprise cloud" >> They got competition >> They got competition. Obviously the two big ones Microsoft and, of course, AWS. But so what might take away here is: the differentiation. So they're not panicking. They're obviously playing the open source card. Kubernetes, TensorFlow, etc. Giving back to the community. Data, they're definitely going to lead in AI and machine intelligence. No question about it. So they're going to play that card. The database, we had the folks from Cloud Spanner on today. Amazing technology. Where as you think about it, they're talkin' about a transaction-oriented database. We heard a customer today, talking about we replaced Oracle. Right? We got rid of Oracle, now-- >> When was the last time you heard that? Not many times. >> It's not often. No, and they're only $120 million company. But to her point was it's game changing for us. It's a 10-X value proposition. And we're getting the same quality that we're getting out of our Oracle databases. They're leading with apps on Google Cloud. Twitter is there. Spotify. They obviously have a lot of history. So that's part of it, part to focus. We on SiliconANGLE.com, there's a great article by Mark Albertson. He talked about the-- he compared the partner Ecosystem. Google's only about 13,000 partners. Amazon 100,000. Azure 70,000. So a long way to go there. Serverless, this is they're catching up on serverless. But they're still behind. Kind of still in Beta, right? &But serverless, John, I'd love your take on this. Can be as profound as virtualization was. Last to developer love. They've got juice with developers. And then the technology. Massive scale. We heard things about Spanner, the relational semantics. BigQuery, Kubernetes, TensorFlow. They have this automate or die culture. You talked about this in your article. That's a bottoms-up engineering culture. Much different than the traditional enterprise top-down "Go take that hill! "You're going to get shot at but take that hill by midnight" >> It's true. Well I mean, first of all, I think developers are in charge. I think one of the things that's happening is that it's clear is that every company, whether you're a start up or large enterprise, has to come to grips with if they're going to be a software company. And that's easy to say "Oh, that's easy. You just hire some software developers" No, it's not that easy. One, there's software developers coming out. But the way IT was built and the way people were buying IT, it's just not compatible with what software developers want to do. They want to work in a company that's actually building software. They don't want to be servicing infrastructure. So, saying that everyone's going to be a software company is one thing. That's true. And so that's the challenge. And I think Google has an opportunity. Just like Oedipus has been dominating with service-oriented approach managing services. By creating building blocks that create large Scale that allow people to write software easily. And I think that's the keyword. How do I make things common interface. You asked Diane Greene about common primitives. They're going to do the foundational work needed. It might be slower. But at a core primitive, they'll do that work. Because it'll make everything a faster. This is a different mind shift. So again, you also asked one of the guests, I forget who it was, IT moves at a very slow speeds. It's like a caravan-- >> You said glacial >> But yeah, well that used to be. But they have to move faster. So the challenge is: how do you blend the speed of technology, specifically on how modern software is being written, when you have Cloud Scale opportunities? Because this is not a cost cutting environment. People want to press the gas, not the brake. So you have a flywheel developing in technology, where if you are right on a business model observation, where you can create differentiation for a business, this is now the Cloud's customers. You know, you're a bank, you're a financial institution, you're manufacturing, you're a media company. If you can see an opportunity to create a competitive advantage, the Cloud is going to get you there really fast. So, I'm not too hung up on who has the better serverless. I look at it like a car. I want to drive the car. I always want to make sure the engine doesn't fall out or tires don't break. But so you got to look at it, this is a whole 'nother world. If you're not in the Cloud, you're basically on horse and buggy. So yeah, you're not going to have to buy hay. You don't have to deal with horses and clean up all the horse crap on the street. I mean all of that goes away. So IT, buying IT, is like horse and buggy. Cloud is like the sports car. And the question is 'Do I need air-conditioning?' 'Do I need power windows?' This is a whole new view. And people just want to get the job done. So this is about business. Future work. Making money. >> So-- >> And technology is going to facilitate that. So I think the Cloud game is going to get different very fast. >> Well I want to pick up on a couple things you said. Software, every company's becoming a software company. Take Andreessen, said 'Software is eating the world' If software's eating the world, data is eating software. So you've got to become a data company, as well as, a software company. And data has to be at the core of your business in order to compete. And data is not at the core of most company's businesses. So how do they close that gap? >> Yeah >> You've talked about the innovation sandwich. Cloud, data, and AI are sort of the cocktail that's going to drive innovation in the future. So if data is not at the core of your company, how are you going to close that AI gap? Well the way you're going to close is you're going to buy AI from companies like Google and Amazon and others. So that's one point. >> Yeah, and if you don't have an innovation sandwich, if you don't have the data, it's a wish sandwich. You wish you had some meat. >> You wish you had it right (Laughing) Wish I had some meat. You know the other thing is, you mentioned Diane Greene in her keynotes said "We provide consistency "with a common core set of primitives" And I asked her about that because it's really different than what Amazon does. So Amazon, if you think about Amazon data pipeline, and we know because were customers. We use DynamoDB, we use S3, we use all these different services in the data pipeline. Well, each of those has a different API. And you got to learn that world. What Google's doing, they're just simplifying that with a common set of primitives. Now, Diane mentioned, she said there's a trade off. It takes us longer to get to market if-- >> Yeah, but the problem is, here's the problem. Multicloud is a real dynamic. So even though they have a common set of primitives, if you go to Azure or AWS you still have different primitives over there. So the world of Multicloud isn't as simple as saying 'moving workloads' yet. So although you're startin' to see good signs within Google to say 'Oh, that's on prim, that's in the Cloud' 'Okay that's hybrid' within Google. The question is when I don't have to hire an IT staff to manage my deployments on Azure or my deployments on AWS. That's a whole different world. You still got to learn skill sets on those other-- >> That's true >> On other Clouds >> But as your pipeline, as your data pipeline grows and gets more and more complex, you've got to have skill sets that grow. And that's fine. But then it's really hard to predict where I should put data sometimes and what. Until you get the bill at the end of the month and you go "Oh I should've put that in S3 instead of Aurora" Or whatever it is. And so Google is trying to simplify that and solve that problem. Just a different philosophy. Stu Miniman asked Andy Jassy about this, and his answer on theCUBE was 'Look we want to have fine grain control over those primitives in case the market changes. We can make the change and it doesn't affect all the other APIs we have' So that was the trade off that they made. Number one. Number two is that we can get to market faster. And Diane admitted it slows us down but it simplifies things. Different philosophy. Which comes back to differentiation. If you're going to win in the enterprise you have to believe. I get the sense that these guys believe. >> Well and I think there's a belief but as an architectural decision, Amazon and Google are completely different animals. If you look at Amazon and you look at some of the decisions they make. Their client base is significantly larger. They've been in business longer. The sets of services they have dwarf Google. Google is like on the bar chart Andy Jassy puts up, it's like here, and then everyone else is down here, and Google's down here. >> Yeah and the customer references, I mean, it's just off the charts >> So Google is doing, they're picking their spots to compete in. But they're doing it in a very smart engineering way. They can bring out the big guns. And this is what I would do. I love this strategy. You got hardened large scale technology that's been used internally and you're not trying to peddle that to customers. You're tweaking it and making it consumable. Bigtable, BigQuery, Spanner. This is tech. Kubernetes. This is Google essentially being smart. Consuming the tech is not necessarily shoving it down someone's throat. Amazon, on the other hand, has more of a composability side. And some people will use some services on Amazon and not others. I wouldn't judge that right now. It's too early to tell. But these are philosophy decisions. We'll see how the bet pans out. That's a little bit longer term. >> I want to ask you about the Cisco deal. It seems like a match made in heaven. And I want to talk specifically about some of the enterprise guys, particularly Dell, Cisco, and HPE. So you got Dell, with VMware, in bed with Amazon in a big way. We were just down at DC last month, we heard all about that. And we're going to hear more about it this fall at re:Invent. Cisco today does a deal with Google. Perfect match, right? Cisco needs a cloud, Google needs an enterprise partner. Boom. Where's that leave HP? HP's got no cloud. All right, and are they trying to align? I guess Azure, right? >> Google's ascension-- >> Is that where they go? They fall to Azure? >> Well that's what habit is. That's the relationship. The Wintel. >> Right >> But back up with HP for a second. The ascension of Google Cloud into the upper echelon of players will hurt a few people. One of them's obviously Oracle, right? And they've mentioned Oracle and the Cloud Spanner thing. So I think Oracle will be flat-footed by, if Google Cloud continues the ascension. HPE has to rethink, and they kind of look bad on this, because they should be partnering with Google Cloud because they have no Cloud themselves. And the same with Dell. If I'm Dell and HP, I got to get out of the ITOps decimation that's coming. Because IT operations and the manageability piece is going to absolutely be decimated in the next five years. If you're in the ITOps business or IT management, ITOM, ITIL, it's going to get crushed. It's going to get absolutely decimated. It's going to get vaporized. The value is going to be shifted to another part of the stack. And if you're not looking at that if your HPE, you could essentially get flat-footed and get crushed. So HP's got to be thinking differently. But what Google and Amazon have, in my opinion, and you could even stretch and say Alibaba if you want a gateway to China, is that what the Wintel relationship of Windows and Intel back in the 80s and 90s that created massive innovations So I see a similar dynamic going on now, where the Cloud players, we call them Cloud native, Amazon and Google for instance, are creating that new dynamic. I didn't mention Microsoft because I don't consider them yet in the formal position to be truly enabling the kind of value that Google and Amazon will value because-- >> Really? Why not? >> Because of the tech. Well and I think Amazon is more, I mean Microsoft is more of a compatibility mode (Talking over each Other) I run Microsoft. I've got a single server. I've got Office. Azure's got good enough, I'm not really looking for 10-X improvement. So I think a lot of Microsoft's success is just holding the line. And the growth and the stock has been a function of the operating model of Cloud. And we'll see what they do at their show. But I think Microsoft has got to up their game a bit. Now they're not mailing it in. They're doing a good job. But I just think that Google and Amazon are stronger Cloud native players straight up on paper, right? And if you look up their capability. So the HPEs and the Ecosystems have to figure out who's the new partner that's going to make the market. And rising tide will float all boats. So to me, if I am at HP I'm thinking to myself "Okay, I got to manage services. "I better get out in front of the next wave "or I'm driftwood" >> Well Oracle is an interesting case too. You mentioned Oracle. And somebody said to me today 'Oracle they're really hurting' And I'm like most companies would love to be hurting that badly but-- >> Oracles not hurting >> Their strategy of same-same but it's the same Oracle stack brought into the Cloud. They're sending a message to the customers 'Look you don't have to go to another Cloud. 'We've got you covered. We're investing in R&D', which they do by the way. But it was really interesting to hear from the Cloud Spanner customer today that they got a 10-X value, 10-X reduction in costs, and a 10-X capability of scaling relative to Oracle that was powerful to hear that. >> There's no doubt in my mind. Oracle's not hurting. Oracle's got thousands and thousands of customers that do hundreds of millions of dollars in revenue. And categories that people would love to have. The question on Oracle is the price pressure is an innovator's dilemma because there's no doubt that Oracle could just snap a few fingers and replicate the kind of deliverables that people are offering. The question is can they get the premium that they're used to getting. One. Number two, if everyone's a software company, are they truly delivering the value that's expected. To be a software company, to be competitive, not to make the lights run-- >> To enable >> To enable competitive-- (Talking over each other) Competitive advantage at a level, that's to me, going to be the real test of how Cloud morphs. And I question that you got to be agile and have a real top line revenue numbers where using technology at a cost benefit ratio that drives value-- >> But with Oracle-- >> If Oracle can get there then that's what we'll see >> The reason why they'll continue to win is because they move at the speed of the CIO. The CIO, and they'll say all the right things: AI-infused, block chain, and machine learning, and all that stuff. And the CIOs will eat it up because it's a safe bet. >> Well, I want to get your thoughts because I talked about this a couple years ago. Last year we started harping on it. We got it more into theCUBE conversation around Cloud being horizontally scalable yet at the top of the stack you've got vertical differentiation. That's great for data. Diane Greene in her key notes said that the vertical focus with engineering resources tied to it it's a key part of their strategy. Highlighted healthcare was their first vertical. Talked about National Institute of Health deal-- >> Retail >> NGOs, financial service, manufacturing, transportation, gaming and media. You got Fortnight on there, a customer in both Clouds. Start ups and retail. >> Yeah he had the target cities >> Vertical strategy is kind of an old enterprise play book TABE. Is that a viable one? Because now with the kind of data, if you got the data sandwich, maybe specialism and verticals can Scale. Your thoughts? >> I'll tell you why it is. I'll tell you why it's viable. Because of digital. So for years, these vertical stacks have been hardened. And the expertise and the business process and the knowledge within that vertical industry, retail, transportation, financial services, etc., has been hardened. But with digital, you're seeing it all over the place. Amazon getting into content. Apple getting into content. Amazon getting into groceries. Google getting into healthcare. So digital allows you to not only disrupt horizontally at the technology layer, but also vertically within industries. I think it's a very powerful disruption agenda. >> Analytics seems to be the killer app. That's the theme here: data. Maybe take it to the next step. That's where the specialism is. That's where the value's created. Why not have vertical specialty? >> No and >> Makes a lot of sense >> And it's a different spin. It's not the traditional-- >> Stack >> Sort of hire a bunch of people with that knowledge in that stack. No, it's really innovate and change the game and change the business model. I love it. >> That was a great surprise to me. Dave, great kicking off day one here this morning. Ending day one here with this wrap up. We got three days of wall-to-wall coverage. Go to siliconANGLE.com. We've got a great Cloud special Rob Hof, veteran chief of the team. Mark Albertson, and the rest of the crew, put some great stories together. Go to theCUBE.net and check out the video coverage there. That's where we're going to be live. And of course WIKIBAN.com for the analyst coverage from Peter Burris and his team. Check that out. Of course theCUBE here. Day one. Thanks for watching. See you tomorrow

>> Announcer: Live from Chicago, Illinois, it's the Cube covering VeeamON 2018. Brought to you by Veeam. >> Welcome back to Chicago, everybody. This is the Cube, the leader in live tech coverage, and you're watching our exclusive coverage of VEEAMON 2018. #VeeamON. My name is Dave Vallante and I'm here with my cohost Stuart Miniman. Stu, great to be working with you again. >> Thanks Dave. Admiral, David G. Simpson is here. He's a former Chief Public Safety and homeland Security Bureau and CEO, currently, of Pelorus, a consultancy that helps organizations think through some of the risk factors that they face. David, welcome to the Cube. Thanks so much for taking time out. >> It's my pleasure to be here. >> So, as I was saying, we, we missed a big chunk of your keynote this morning cause we had to come back to the cube and do our open, but let's start with your background and kind of why you're here. >> Sure, well, I spent over three decades in the Navy where my responsibilities throughout included the resiliency of the ability to command and control forces in areas around the world not always so nice and often arduous and often at sea. So, that experience really has given me a very good appreciation, not only for how important economy of operations is, but how difficult it can be and how important the details are, so I am a natural fan of what FEMA's doing to make that easier for organizations. After DOD, I was recruited by the chairman of the FCC to lead the Public Safety Homeland Security Bureau for the Federal Communications Commission. And, in that position, I have responsibility for the nation's climate one system, emergency alerting, and the resiliency of over 30,000 telecommunication companies in the domestic market, so both experiences really have given me a very good insight into the need, the consequence of not getting it right, how to prepare to get it right, but also an ability to look at what's coming down the pike with the new telecommunications technologies that will really be game changers for functionality in the new internet of things environment. >> So, three decades of public service. First of all, thank you. >> Thank you. It's quite an accomplishment. And then, we had talked off camera that we, a couple of years ago, had Robert Gates on and we were gettin' detailed into how the experience that someone like you has had in the public sector translated to the private sector. It used to be there was just such a huge gap between, you know, what you did and what a, what a company had to, had to worry about. Do you see that gap closing? And, maybe, you could add some color to that. >> Sure, and in particular, in the cyber arena, you know, cyber, unlike the land, sea, and air domains, is a domain of Man's own making and the constraints around that domain are of our own choosing. And, we're not constrained by physics, we're constrained by the investment decisions we make and the contours of that expanding environment. But, the internet started out as a DOD research and development project, ARPA, so it has not been unusual for DOD to be out in front in some of the development aspects where counterintuitively we would, normally, see industry out in front. The same occurred I believe with cyber when our intelligence community over 10 years ago said, hey, this is a great thing, this internet thing. And, it's super that we're doing more and more communications, that we're talking with devices at the edge around the battle space, but it's vulnerable to attack and we need to organize, so that we are capable in the defense of that great cyber set of functionality that we've built. >> Could you expand? Just, so, you're doing some teaching in the cyber security world too. Maybe you could share a little bit what you're doing and what you see as kind of the state of this today >> Yeah, well, thank you for asking that about a year ago, the dean of the business school of Virginia Tech, asked me if I wouldn't consider building a cyber program for the business school. Tech has always had a strong engineering component to cyber security and it's led by a good friend of mine Dr. Charles Clancy with some superb research going on, but, increasingly, over two thirds of the work roles, in cyber security are not engineering. They really have much more to do with traditional business functions. Yet, most business leaders aren't well prepared to assess that risk environment, let alone appreciate it, and then, drive investments to address risk reduction. So, at Virginia Tech, we've built a series of four courses that in the MBA programs, the Masters of Accounting, the Masters of Business IT, we are now teaching prospective business leaders how to look at the risk environment and organize an investment structure using the NIST, or National Institute of the Standards of Technology, risk management framework, so that can be done in a repeatable way that communicates well with industry. And, companies like Veeam have an important role to play in that space because Veeam really translates much of the engineering complexities into business understandable conditions by which decisions about that data space can really be made. >> I want to share an observation that we had on the Cube last year, one of my favorite interviews was with a gentleman from ICIT, James Scott. He's a security expert, you may know him. And, we asked him what the biggest threat was to United States and his answer surprised me. I thought it was going to be, you know, cyber warfare or risks to critical infrastructure, he said the weaponization of social media was the number one threat, like wow. And, we had a really interesting discussion about that and, you know, I think of, you know, your background, loose lips sink ships, people on social give up there credentials, all of a sudden, you've got some outside bad actors controlling the narrative, controlling the meme and controlling the population without firing a shot. Wow, so what are your thoughts on social media and it's risk to our society and how to deal with it? >> Well, we're seeing in the last year, that he's very prescient, right, in that you can lockdown all the bits and the bytes and get the integrity, the confidentiality, and the availability of your data sets taken care of, but in a world where the public square, if you will, is now a virtual public square, if an adversary can change the perception of reality in that public square, or if they can cause our democracy to lose confidence in that public square, then an adversary can really achieve a kill, if you will, a desired effect in a way that is very negative for the country, so I don't see that though as being completely distinguished from cyber security. I see, in my mind, that we need to expand the universe, to protect the universe of cyber into that cognitive space. And, we need to understand, increasingly, the origin of comment in the social media arena. We need to understand therole algorithms have to play in amplifying a message and suppressing other messages. And, we need to, I think, have a greater accountability for businesses that are in that virtual public square line of business to help consumers and communities continue to have confidence in that public square and we're, we're challenged in that area. 'cause see Mark Zuckerberg's testimony, right >> Sure. >> Illuminated some big challenges there. >> Yeah, I mean, my heart went out to Zuckerberg, it was, I was like the poor guy, he's just trying to build out a social network and now he's getting, you know, attacked by politicians who are saying, wow you mean you use data for political gain, or you allowed somebody to do it. >> He was in a tough spot. >> And politicians themselves, I think, were a bit embarrassed in revealing their lack of tech savvy in a world where we should expect policy makers to be at least aware enough of the parameters around the virtual public square where they can help develop the right policy to ensure that this continues to be a net asset for the United States, for communities, and for consumers. >> Technology kind of got us into this problem, but, technology, in and of itself, is not going to get out of, get us out of this problem >> Right. >> It's others in the organization, the lines of business, the policies, the practices, some of the work that you do in your teachings, may be >> Yeah, absolutely and when I talk to aspiring business leaders, I communicate a couple of things to them. One, they need to get their heads out of being the decider as the CEO. Increasingly, they will be creating decision environments, right, where decision operations occur and are driven by algorithms, by machine learning, and AI, and so they've got to be thinking, about how do they create those environments to deliver the right kind of decision results that they're looking for. The second piece that I talk to them about, that's counterintuitive, is that they need to, as they bring in network functional virtualization and more and more software oriented things that used to be hardware, they've got to understand the risk exposure from that and bring in, they can, a way to address cyber risk as they introduce new functionality in the market. >> Well, it's interesting of an Admiral talking about network function virtualization, I'm very impressed. Admiral Simpson, thanks very much for coming on the Cube. >> Sure. >> Really a pleasure having you and best of luck in your work. >> Well, thank you and it's great to be here with the Veeam professionals that, I think, are really building a command and control layer of an enterprise of data space that will be very important for the future. >> Alright, okay, thanks for watching everybody. We will be right back, Stu Miniman and Dave Vallante from VeeamOn 2018, you're watching the Cube. >> Great thanks. (upbeat music)

>> Announcer: Live from Las Vegas, it's theCUBE. Covering AWS re:Invent 2017. Presented by AWS, Intel and our ecosystem of partners. >> Hey, welcome back everyone. We're live here in Las Vegas. It's theCUBE's exclusive coverage of AWS. Amazon Web Services re:Invent 2017. Amazon web Services annual conference, 45,000 people here. Five years in a row for theCUBE, and we're going to be continuing to cover years and decades after, it's on a tear. I'm John Furrier, my co-host Stu Miniman. Exciting science, one of the biggest themes here is AI, IoT, data, Deep Learning, DeepLens, all the stuff that's been really trending has been really popular at the show. And the person behind that Amazon is Swami. He's the Vice President of Machine Learning at AWS, among other things, Deep Learning and data. Welcome to theCUBE. >> Stu: Good to see you. >> Excited to be here. >> Thanks for coming on. You're the star of the show. Your team put out some great announcements, congratulations. We're seeing new obstruction layers of complexity going away. You guys have made it easy to do voice, Machine Learning, all those great stuff. >> Swami: Yeah. >> What are you most excited about, so many good things? Can you pick a child? I don't want to pick my favorite child among all my children. Our goal is to actually put Machine Learning capabilities in the hands of all developers and data scientists. That's why, I mean, we want to actually provide different kinds of capabilities right from like machine developers who want to build their own Machine Learning models. That's where SageMakers and n21 platform that lets people build, train and deploy these models in a one-click fashion. It supports all popular Deep Learning frameworks. It can be TensorFlow, MXNet or PyCharm. We also not only help train but automatically tune where we use Machine Learning for Machine Learning to build these things. It's very powerful. The other thing we're excited about is the API services that you talked about, the new obstruction layer where app developers who do not want to know anything about Machine Learning but they want to transcribe their audio to convert from speech to text, or translate it or understand the text, or analyze videos. The other thing coming from academia where I'm excited about is I want to teach developers and students Machine Learning in a fun fashion, where they should be excited about Machine Learning. It's such a transformative capability. That's why actually we built a device meant for Machine Learning in a hands-on fashion that's called DeepLens. We have developers right on re:Invent where from the time they take to un-box to actually build a computer with an application to build Hotdog or Not Hotdog, they can do it in less than 10 minutes. It's an amazing time to be a developer. >> John: Yeah. >> Stu: Oh my God, Swami. I've had so many friends that have sat through that session. First of all, the people that sit through it they get like a kit. >> Swami: That's awesome. >> Stu: They're super excited. Last year it was the Ecodot and everybody with new skills. This year, DeepLens definitely seems to be the one that all the geeks are playing with, really programing stuff. There's a bunch of other things here, but definitely some huge buzz and excitement. >> That's awesome, glad to hear. >> Talk about the culture at Amazon. Because I know in covering you guys for so many years and now being intimate with a lot of the developers in your teams. You guys just don't launch products, you actually listen to customers. You brought up Machine Learning for developers. What specifically jumped out at you from talking to customers around making it easier? It was too hard, was it, or it was confined to hardcore math driven data scientists? Was it just the thirst and desire for Machine Learning? Or you're just doing this for side benefits, it's like a philanthropy project? >> No, in Amazon we don't build technology because it's cool. We build technology because that's what our customers want. Like 90 to 95% of our roadmap is influenced by listening to customers. The other 5 to 10% is us reading between the lines. One of the things I actually ... When I started playing with Machine Learning, having built a bunch of database storage and analytics products. When I started getting into Deep Learning and various things I realized there's a transformative capability of these technologies. It was too hard for developers to use it on a day to day fashion, because these models are too hard to build and train. Our data now, the right level of obstruction. That's why we actually think of it as in a multi-layered strategy where we cater to export practitioners and data scientists. For them we have SageMaker. Then for app developers who do not want to know anything about Machine Learning they say, "I'll give you an audio file, transcribe it for me," or "I'll give you text, get me insights or translate it." For them we actually we actually provide simple to use API services, so that they can actually get going without having to know anything about what is TensorFlow or PyCharm. >> TensorFlow got a lot of attention, because that really engaged the developer community in the current Machine Learning, because we're like, "Oh wow, this is cool." >> Swami: Yeah. >> Then it got, I won't say hard to use, but it was high end. Are you guys responding to TensorFlow in particular or you're responding to other forces? What was the driver? >> In amazon we have been using Machine Learning for like 20 years. Since the year of like 1995 we have been leveraging Machine Learning for recommendation engine, fulfillment center where we use robots to pick packages and then Elixir of course and Amazon Go. One of the things we actually hear is while frameworks like TensorFlow or PyCharm, MXNet or PyCharm is cool. It is just too hard for developers to make use of it. We actually don't mind, our users use Cafe or TensorFlow. We want the, to be successful where they take from idea to product shell. And when we talk to developers, this process took anywhere from 6 to 18 months and it should not be this hard. We wanted to do what AWS did to IT industry for compute storage and databases. We want to do the same for Machine Learning by making it really easy to get started and consumer does in utility. That was our intel. >> Swami, I wonder if you can tell us. We've been talking for years about the flywheel of customers for Amazon. What are the economies of scale that you get for the data that you have there. I think of all the training of all the Machine Learning, the developers. How can you leverage the economies of scale that Amazon has in all those kind of environments? >> When you look at Machine Learning, Machine Learning tends to be mostly the icing on the cake. Even when we talk to the expert professors who are the top 10 scientists in the world, the data that goes into the Machine Learning is going to be the determining factor for how good it is in terms of how well you train it and so forth. This is where data scientists keep saying the breath of storage and database and analytics offerings that exist really matter for them to build highly accurate models. When you talk about not just the data, but actually the underlying database technology and storage technology really is important. S3 is the world's most powerful data leg that exists that is highly secure, reliable, scalable and cost effective. We really wanted to make sure customers like Glacier Cloud who store high resolution satellite imagery on S3 and glacier. We wanted them to leverage ML capabilities in a really easy one-click fashion. That's important. >> I got to ask you about the roadmap, because you say customers are having input on that. I would agree with you that that would be true, because you guys have a track record there. But I got to put the dots that I'm connecting in my mind right now forward by saying, you guys ... And telegraphing here certainly heard well, Furner say it and Andy, data is key and opening up that data and we're seeing New Relic here, Sumo Logic. They're sharing anonymous data from usage, workloads really instructive. Data is instructive for the marketplace, but you got to feed the models on the data. The question for you is you guys get so much data. It's really a systems management dream it's an application performance dream. You got more use case data. Are you going to open that up and what's the vision behind it? Because it seems like you could offer more and more services. >> Actually we already have. If you look at x-rays and service that we launched last year. That is one of the coolest capabilities, even I am a developer during the weekends when I cool out. Being able to dive into specific capabilities so one of the performance insights where is the borderline. It's so important that actually we are able to do things like x-raying into an application. We are just getting started. The Cloud transformed how we are building applications. Now with Machine Learning, what is going to happen is we can even do various things like ... Which is going to be the borderline on what kind of datasets. It's just going to be such an amazing time. >> You can literally reimagine applications that are once dominant with all the data you have, if you opened it up and then let me bring my data in. Then that will open up a bigger aperture of data. Wouldn't that make the Machine Learning and then AI more effective? >> Actually, you already can do similar things with Lex. Lex, think of it as it's an automatic speech recognition natural language understanding where we are pre-trained on our data. But then to customize it for your own chat bots or voice applications, you can actually add your own intents and several things and we customize it underlying Deep Learning model specific to your data. You're leveraging the amount of data that we have trained in addition to specifically tuning for yours. It's only going to get better and better, to your point. >> It's going to happen, it's already happening. >> It's already happening, yeah. >> Swami, great slate of announcements on the Machine Learning side. We're seeing the products get all updated. I'm wondering if you can talk to us a little bit about the human side of things. Because we've seen a lot of focus, right, it's not just these tools but it's the tools and the people putting those together. How does Amazon going to help the data scientists, help retrain, help them get ready to be able to leverage and work even better with all these tools? >> Machine Learning, we have seen some amazing usage of how developers are using Machine Learning. For example, Mariness Analytics is a non-profit organization that its goal is to fight human trafficking. They use recognition which is our image processing. They do actually identify persons of interest and victims so that they can notify law enforcement officer. Like Royal National Institute of Blind. They actually are using audio text to speech to generate audio books for visually impaired. I'm really excited about all the innovative applications that we can do to simply improve our everyday lives using Machine Learning, and it's such in early days. >> Swami, the innovation is endless in my mind. But I want to get two thoughts from you, one startup and one practitioner. Because we've heard here in theCUBE, people come here and saying, "I can do so much more now. "I've got my EMR, it's so awesome. "I can do this solving problem." Obviously making it easy to use is super cool, that's one. I want to get your thoughts on where that goes next. And two, startups. We're seeing a lot of startups retooling on Cloud economics. I call it post-2013 >> Swami: Yeah. >> They don't need a lot of money, they can hit critical mass. They can get market product, market fit earlier. They can get economic value quicker. So they're changing the dynamics. But the worry is, how do I leverage the benefit of Amazon? Because we know Amazon is going to grow and all Clouds grow and just for you guys. How do I play with Amazon? Where is the white space? How do I engage, do I just ...? Once I'm on the platform, how do I become the New Relic or slunk? How can I grow my marketplace and differentiate? Because Amazon might come out with something similar. How do I stay in that cadence of growth, even a startup? >> If you see in AWS we have tens of thousands of partners of course, right from ISV, SIs and whatnot. Software industry is an amazing industry where it's not like winner take all market. For example, in the document management space, even though we have S3 and WorkDocs, it doesn't mean Dropbox and Box are not successful either, and so forth. What we provide in AWS is the same infrastructure for any startup or for my team, even though I build probably many of the underlying infrastructure. Nowadays for my AI team, it's literally like a startup except I probably stay in an AWS building, but otherwise I don't get any internal APIs, it's the same API so easy to S3. >> John: It's a level playing field. >> It's a level playing field. >> By the way, everyone should know, he wrote DynamoDB. As an intern or was that ...? (Swami laughs) And then SQS, rockstar techy here, so it's great to have. You're what we call a tech athlete. Great to have you on. No white space, just go for it. >> Innovation is the key. The key thing, what we have seen amazing startups who have done exceptionally well is they intently listen to customers and innovate and really look for what it matters for their customers and go for it. >> The biggest buzz of the show from your group. What's your biggest buzz from the show here? DeepLens? >> DeepLens has been ... Our idea was to actually come up with a fun way to learn Machine Learning. Machine Learning, it used to be, even until recently actually as well as last week, it was actually an intimate thing for developers to learn while there is, it's all the buzz. It's not really straight forward for developers to use it. We thought, "Hey, what is a fun way for developers "to get engaged and build Machine Learning?" That's why we actually can see DeepLens so that you can actually build fun applications. I talked about Hotdog, Not Hotdog. I'm personally going to be building what I call as a Bear Cam. Because I live in the suburbs of Seattle where we actually have bears visiting our backyard digging our trash. I want to actually have DeepLens with a pre-train model that I'm going to train to detect bears. That it sends me a message through SQS and SNS so I get a text. >> Here's an idea we want to do, maybe your team can build it for us. CUBE Cam, we put the DeepLens here and then as anyone goes by, if they're a Twitter follower of theCUBE they can send me a message. (John and Swami laughing) Swami, great stuff. Deep Learning again, more goodness coming. >> Swami: That's awesome. >> What are you most excited about? >> In Amazon we have a phrase called, "It's Day One." Even though we are a 22-year-old company, I jokingly tell my team that, "It's day one for us, "except we just woke up and we haven't even "had a cup of coffee yet." We have just scratched the surface with Machine Learning, there is so much stuff to do. I'm super excited about this space. >> Your goals for this year is what? What's your goals? >> Our goals for this year was to put Machine Learning capabilities in the hands of all developers of all skill levels. I think we have done pretty well so far I think. >> Well, congratulations Swami here on theCUBE. Vice president of Machine Learning and a lot more, all those applications that were announced Wednesday along with the Deep Leaning and the AI and the DeepLens all part of his innovative team here at Amazon. Changing the game is theCUBE doing our part bringing data to you, video and more coverage. Go to Siliconangle.com for all the stories, Wikibon.com for research and of course theCUBE.net. I'm John Furrier and Stu Miniman. Thanks for watching, we'll be right back.