>>Hey everyone, welcome to this cube conversation. I'm your host Lisa Martin, and I have the pleasure of welcoming back our most prolific guest on the cube in its history, the CMO of Fin Ad, Eric Herzog. Eric, it's great to see you. Welcome back, >>Lisa. It's great to be here. Love being on the cube. I think this might be number 55 or 56. Been doing 'em a long time with the Cube. You guys are great. >>You, you have, and we always recognize you lately with the Hawaiian shirts. It's your brand that's, that's the Eric Hizo brand. We love it. But I like the pin, the infin nut pin on brand. Thank you. >>Yeah. Oh, gotta be on brand. >>Exactly. So talk about the current IT landscape. So much change we've seen in the last couple of years. Specifically, what are some of the big challenges that you are talking with enterprise customers and cloud service providers? About what, what are some of those major things on their minds? >>So there's a couple things. First of all is obviously with the Rocky economy and even before covid, just for storage in particular, CIOs hate storage. I've been doing this now since 1986. I have never, ever, ever met a CIO at any company I've bid with. And I've been with four of the biggest storage companies on this planet. Never met a cio. Used to be a storage guy. So they know they need it, but boy, they really don't like it. So the storage admins have to manage more and more storage. Exabytes, exabytes, it just ballooning for what a storage admin has to do. Then you then have the covid and is it recession? No. Is it a growth? And then clearly what's happened in the last year with what's going on in Europe and the, is it a recession, the inflation. So they're always looking to, how do we cut money on storage yet still get what we need for our applications, workloads, and use cases. So that's definitely the biggest, the first topic. >>So never met a CIO that was a storage admin or as a fan, but as you point out, they need it. And we've seen needs changing in customer landscapes, especially as the threat landscape has changed so dramatically the last couple of years. Ransomware, you've said it before, I say it too. It's no longer if it's when it's how often. It's the frequency. We've gotta be able to recover. Backups are being targeted. Talk to me about some of, in that landscape, some of the evolutions of customer challenges and maybe those CIOs going, We've gotta make sure that our, our storage data is protected. >>So it's starting to change. However, historically with the cio and then when they started hiring CISOs or security directors, whatever they had, depending on the company size, it was very much about protecting the edge. Okay, if you will, the moat and the wall of the castle. Then it was the network in between. So keep the streets inside the castle clean. Then it was tracking down the bad guy. So if they did get over, the issue is, if I remember correctly, the sheriff of Nottingham never really caught Robinhood. So the problem is the dwell time where the ransomware malware's hidden on storage could be as much as 200 days. So I think they're starting to realize at the security level now, forget, forget the guys on the storage side, the security guys, the cso, the CIO, are starting to realize that if you're gonna have a comprehensive cybersecurity strategy, must include storage. And that is new >>That, well, that's promising then. That's new. I mean obviously promising given the, the challenges and the circumstances. So then from a storage perspective, customers that are in this multi-cloud hybrid cloud environment, you talked about the the edge cloud on-prem. What are some of the key things from a storage perspective that customers have to achieve these days to be secure as data volumes continue to grow and spread? >>So what we've done is implement on both primary storage and secondary storage and technology called infin safe. So Infin Safe has the four legs of the storage cyber security stool. So first of all is creating an air gap. In this case, a logical air gap can be local or remote. We create an immutable snapshot, which means it can't be changed, it can't be altered, so you can't change it. We have a fenced forensic environment to check out the storage because you don't wanna recover. Again, malware and rans square can is hidden. So you could be making amenable snapshots of actually malware, ransomware, and never know you're doing it right. So you have to check it out. Then you need to do a rapid recovery. The most important thing if you have an attack is how fast can you be up and going with recovery? So we have actually instituted now a number of cyber storage security guarantees. >>We will guarantee the SLAs on a, the snapshot is absolutely immutable. So they know that what they're getting is what they were supposed to be getting. And then also we are guaranteeing recovery times on primary storage. We're guaranteeing recovery of under one minute. We'll make the snapshot available under one minute and on secondary storage under 20 minutes. So those are things you gotta look for from a security perspective. And then the other thing you gotta practice, in my world, ransomware, malware, cyber tech is basically a disaster. So yes, you got the hurricane, yes, you got the flood, yes, you got the earthquake. Yes, you got the fire in the building. Yes you got whatever it may be. But if you don't practice malware, ransomware, recoveries and protection, then it might as well be a hurricane or earthquake. It will take your data, >>It will take your data on the numbers of customers that pay ransom is pretty high, isn't it? And and not necessarily able to recover their data. So it's a huge risk. >>So if you think about it, the government documented that last year, roughly $6 trillion was spent either protecting against ransomware and malware or paying ransomware attacks. And there's been several famous ones. There was one in Korea, 72 million ransom. It was one of the Korea's largest companies. So, and those are only the ones that make the news. Most of 'em don't make the news. Right. >>So talk to me then, speaking and making the news. Nobody wants to do that. We, we know every industry is vulnerable to this. Some of the ones that might be more vulnerable, healthcare, government, public sector education. I think the Los Angeles Unified School district was just hit as well in September. They >>Were >>What, talk to me about how infin out is helping customers really dial down the risk when the threat actors are becoming more and more sophisticated? >>Well, there's a couple things. First of all, our infin safe software comes free on our main product. So we have a product called infin Guard for Secondary Storage and it comes for free on that. And then our primary storage product's called the Infin Box. It also comes for free. So they don't have to use it, but we embed it. And then we have reference architectures that we give them our ses, our solutions architects and our technical advisors all up to speed on why they should do it, how they should do it. We have a number of customers doing it. You know, we're heavily concentrated the global Fortune 2000, for example, we publicly announced that 26% of the Fortune 50 use our technology, even though we're a small company. So we go to extra lengths to a B, educated on our own front, our own teams, and then B, make sure they portray that to the end users and our channel partners. But the end users don't pay a dime for the software that does what I just described, it's free, it's included when you get you're Infin box or you're ingar, it's included at no charge. >>That's pretty differentiating from a competitive standpoint. I might, I would guess >>It is. And also the guarantee. So for example, on primary storage, okay, whether you'd put your Oracle or put your SAP or I Mongo or your sequel or your highly transactional workloads, right? Your business finance workload, all your business critical stuff. We are the first and only storage company that offers a primary guarantee on cyber storage resilience. And we offer two of them on primary storage. No other vendor offers a guarantee, which we do on primary storage. Whether you the first and right now as of here we are sitting in the middle of October. We are still the only vendor that offers anything on primary storage from a guaranteed SLA on primary storage for cyber storage resilience. >>Let's talk about those guarantees. Walk me through what you just announced. There's been a a very, a lot of productivity at Infin DAT in 2022. A lot of things that you've announced but on crack some of the things you're announcing. Sure. Talk to me specifically about those guarantees and what's in it for me as a customer. It sounds pretty obvious, but I'd love to hear it from you. >>Okay, so we've done really three different types of guarantees. The first one is we have a hundred percent availability guarantee on our primary storage. And we've actually had that for the last, since 2019. So it's a hundred percent availability. We're guaranteed no downtime, a hundred percent availability, which for our customer base being heavily concentrated, the global Fortune 2000 large government enterprises, big universities and even smaller companies, we do a lot of business with CSPs and MSPs. In fact, at the Flash Memory Summit are Infin Box ssa All Flash was named the best product for hyperscaler deployment. Hyperscaler basically means cloud servers provider. So they need a hundred percent availability. So we have a guarantee on that. Second guarantee we have is a performance guarantee. We'll do an analysis, we look at all their workloads and then we will guarantee in writing what the performance should be based on which, which of our products they want to buy are Infin Box or Infin Box ssa, which is all flash. >>Then we have the third one is all about cyber resilience. So we have two on our Infin box, our Infin box SSA for primary storage, which is a one the immutability of the snapshot and immediately means you can't erase the data. Right? Camp tamper with it. Second one is on the recovery time, which is under a minute. We just announced in the middle of October that we are doing a similar cyber storage resilience guarantee on our ARD secondary product, which is designed for backup recovery, et cetera. We will also offer the immutably snapshot guarantee and also one on the recoverability of that data in under 20 minutes. In fact, we just did a demo at our live launch earlier this week and we demoed 20 petabytes of Veeam backup data recovered in 12 minutes. 12 >>Minutes 2012. >>20 petabytes In >>12 bytes in 12 minutes. Yes. That's massive. That's massively differentiating. But that's essential for customers cuz you know, in terms of backups and protecting the data, it's all about recovery >>A and once they've had the attack, it's how fast you get back online, right? That that's what happens if they've, if they can't stop the attack, can't stop the threat and it happens. They need to get that back as fast as they can. So we have the speed of recovery on primary stores, the first in the industry and we have speed on the backup software and we'll do the same thing for a backup data set recovery as well. Talk >>To me about the, the what's in it for me, For the cloud service providers, they're obviously the ones that you work with are competing with the hyperscalers. How does the guarantees and the differentiators that Fin out is bringing to market? How do you help those cloud SPS dial up their competitiveness against the big cheeses? >>Well, what we do is we provide that underlying infrastructure. We, first of all, we only sell things that are petabyte in scale. That's like always sell. So for example, on our in fitter guard product, the raw capacity is over four petabytes. And the effective capacity, cuz you do data reduction is over 85 petabytes on our newest announced product, on our primary storage product, we now can do up to 17 petabytes of effective capacity in a single rack. So the value to the service rider is they can save on what slots? Power and floor. A greener data center. Yeah, right. Which by the way is not just about environmentals, but guess what? It also translate into operational expense. >>Exactly. CapEx office, >>With a lot of these very large systems that we offer, you can consolidate multiple products from our competitors. So for example, with one of the competitors, we had a deal that we did last quarter 18 competitive arrays into one of ours. So talk about saving, not just on all of the operational expense, including operational manpower, but actually dramatically on the CapEx. In fact, one of our Fortune 500 customers in the telco space over the last five years have told us on CapEx alone, we've saved them $104 million on CapEx by consolidating smaller technology into our larger systems. And one of the key things we do is everything is automated. So we call it autonomous automation use AI based technology. So once you install it, we've got several public references who said, I haven't touched this thing in three or four years. It automatically configures itself. It automatically adjusts to changes in performance and new apps. When I put in point a new app at it automatically. So in the old days the storage admin would optimize performance for a new application. We don't do that, we automatically do it and autonomously the admin doesn't even click a button. We just sense there's new applications and we automate ourselves and configure ourselves without the admin having to do anything. So that's about saving operational expense as well as operational manpower. >>Absolutely. I was, one of the things that was ringing in my ear was workforce productivity and obviously those storage admins being able to to focus on more strategic projects. Can't believe the CIOs aren't coming around yet. But you said there's, there's a change, there's a wave coming. But if we think about the the, the what's in it for me as a customer, the positive business outcomes that I'm hearing, lower tco, your greener it, which is key. So many customers that we talk to are so focused on sustainability and becoming greener, especially with an on-prem footprint, workforce productivity. Talk about some of the other key business outcomes that you're helping customers achieve and how it helps them to be more competitive. >>Sure. So we've got a, a couple different things. First of all, storage can't go down. When the storage goes down, everyone gets blamed. Mission. When an app goes down, no one really thinks about it. It's always the storage guy's fault. So you want to be a hundred percent available. And that's today's businesses, and I'd actually argue it's been this way for 20 years are 24 by seven by 365. So that's one thing that we deliver. Second thing is performance. So we have public references talk about their SAP workload that used to take two hours, now takes 20 minutes, okay? We have another customer that was doing SAP queries. They improved their performance three times, Not 3%, not 3%, three times. So 300% better performance just by using our storages. They didn't touch the sap, they didn't touch the servers. All they do is to put our storage in there. >>So performance relates basically to applications, workloads and use cases and productivity beyond it. So think the productivity of supply chain guys, logistics guys, the shipping guys, the finance guys, right? All these applications that run today's enterprises. So we can automate all that. And then clearly the cyber threat. Yeah, that is a huge issue. And every CIO is concerned about the cyber threat. And in fact, it was interesting, Fortune magazine did a survey of CEOs, and this was last May, the number one concern, 66% in that may survey was cyber security number one concern. So this is not just a CIO thing, this is a CEO thing and a board level >>Thing. I was gonna say it's at at the board level that the cyber security threats are so real, they're so common. No one wants to be the next headline, like the colonial pipeline, right? Or the school districts or whatnot. And everybody is at risk. So then what you're enabling with what you've just announced, the all the guarantees on the SLAs, the massively fast recovery times, which is critical in cyber recovery. Obviously resilience is is key there. Modern data protection it sounds like to me. How do you define that and and what are customers looking for with respect to modern cyber resilience versus data protection? >>Yeah, so we've got normal data protection because we work with all the backup vendors. Our in ARD is what's known as a purpose built backup appliance. So that allows you to back at a much faster rate. And we work all the big back backup vendors, IBM spectrum Protect, we work with veritas vem com vault, oracle arm, anybody who does backup. So that's more about the regular side, the traditional backup. But the other part of modern data protection is infusing that with the cyber resilience. Cuz cyber resilience is a new thing. Yes, from a storage guy perspective, it hasn't been around a long time. Many of our competitors have almost nothing. One or two of our competitors have a pretty robust, but they don't guarantee it the way we guarantee it. So they're pretty good at it. But the fact that we're willing to put our money where our mouth is, we think says we price stand above and then most of the other guys in the storage industry are just starting to get on the bandwagon of having cyber resilience. >>So that changes what you do from data protection, what would call modern data protection is a combination of traditional backup recovery, et cetera. Now with this influence and this infusion of cybersecurity cyber resilience into a storage environment. And then of course we've also happened to add it on primary storage as well. So whether it's primary storage or backup and archive storage, we make sure you have that right cyber resilience to make it, if you will, modern data protection and diff different from what it, you know, the old backup of your grandfather, father, son backup in tape or however you used to do it. We're well beyond that now we adding this cyber resilience aspect. Well, >>From a cyber resilience perspective, ransomware, malware, cyber attacks are, that's a disaster, right? But traditional disaster recovery tools aren't really built to be able to pull back that data as quickly as it sounds like in Trinidad is able to facilitate. >>Yeah. So one of the things we do is in our reference architectures and written documentation as well as when we do the training, we'd sell the customers you need to practice, if you practice when there's a fire, a flood, a hurricane, an earthquake or whatever is the natural disaster you're practicing that you need to practice malware and ran somewhere. And because our recovery is so rapid and the case of our ingar, our fenced environment to do the testing is actually embedded in it. Several of our competitors, if you want the fenced environment, you have to buy a second product with us. It's all embedded in the one item. So A, that makes it more effective from a CapEx and opex perspective, but it also makes it easier. So we recommend that they do the practice recoveries monthly. Now whether they do it or not separate issue, but at least that's what we're recommending and say, you should be doing this on a monthly basis just like you would practice a disaster, like a hurricane or fire or a flood or an earthquake. Need to be practicing. And I think people are starting to hear it, but they don't still think more about, you know, the flood. Yeah. Or about >>The H, the hurricane. >>Yeah. That's what they think about. They not yet thinking about cybersecurity as really a disaster model. And it is. >>Absolutely. It is. Is is the theme of cyber resilience, as you said, this is a new concept, A lot of folks are talking about it, applying it differently. Is that gonna help dial up those folks just really being much more prepared for that type of cyber disaster? >>Well, we've made it so it's automated. Once you set up the immutable snapshots, it just does its thing. You don't set it and forget it. We create the logical air back. Once you do it, same thing. Set it and forget it. The fence forensic environment, easy to deploy. You do have to just configure it once and then obviously the recovery is almost instantaneous. It's under a minute guaranteed on primary storage and under 20 minutes, like I told you when we did our launch this week, we did 20 petabytes of Veeam backup data in 12 minutes. So that's pretty incredible. That's a lot of data to have recovered in 12 minutes. So the more automated we make it, which is what our real forte is, is this autonomous automation and automating as much as possible and make it easy to configure when you do have to configure. That's what differentiates what we do from our perspective. But overall in the storage industry, it's the recognition finally by the CISOs and the CIOs that, wait a second, maybe storage might be an essential part of my corporate cybersecurity strategy. Yes. Which it has not been historically, >>But you're seeing that change. Yes. >>We're starting to see that change. >>Excellent. So talk to me a little bit before we wrap here about the go to market one. Can folks get their hands on the updates to in kindergar and Finn and Safe and Penta box? >>So all these are available right now. They're available now either through our teams or through our, our channel partners globally. We do about 80% of our business globally through the channel. So whether you talk to us or talk to our channel partners, we're there to help. And again, we put our money where your mouth is with those guarantees, make sure we stand behind our products. >>That's awesome. Eric, thank you so much for joining me on the program. Congratulations on the launch. The the year of productivity just continues for infinit out is basically what I'm hearing. But you're really going in the extra mile for customers to help them ensure that the inevitable cyber attacks, that they, that they're complete storage environment on prem will be protected and more importantly, recoverable Very quickly. We appreciate your insights and your input. >>Great. Absolutely love being on the cube. Thank you very much for having us. Of >>Course. It's great to have you back. We appreciate it. For Eric Herzog, I'm Lisa Martin. You're watching this cube conversation live from Palo Alto.

(upbeat music) >> Good evening, guys. Welcome back to Las Vegas, theCUBE is here live at AWS re:Invent 2021. I'm Lisa Martin. We have two live sets, two remote sets, over 100 guests on theCUBE talking with AWS, and its massive ecosystem of partners bringing you this hybrid tech event, probably the biggest of the year, and I'm pleased to welcome Stephen Kovac next, the Chief Compliance Officer at Zscaler. Stephen, how's it going? >> Well, it's going well, Lisa. Thank you for asking, enjoying Vegas, loving the conference, unbelievable. >> Isn't it great to be back in person? >> Oh, it's so great, I've seen people. >> Conversations you can't replicate on video conferencing, you just can't. >> Can't, and you see people you haven't seen in two years, and it's like all of a sudden you're best buddies again. It's just wonderful, it's so great to back. >> It is, and AWS in typical fashion has done a great job of getting everybody in here safely. I'm not at all surprised, that's what I expected, but it's been great. And I hope that this can demonstrate to other companies, you can do this safely. >> You can, I think so. I mean, there's a lot of effort going into this, but as usual AWS does it right. So, you expect that. >> They do. Talk to me about the Zscaler-AWS partnership. What's going on? >> Well, it's a great partnership. So AWS and Zscaler have been partners since the beginning of Zscaler. We are the largest security cloud in the world. We're born and bred in the cloud security company. So literally we wrote one application that does global security, everything from firewall to proxy, secure web gateway, to DLP, to all this in one piece of software. So, in the past where people would buy appliances for all these devices and put them in their own data center, we wrote a software that allows us to put that in the cloud, run it on the cloud globally around the world. And our partnership with AWS is, we originally built that on AWS, and today still AWS is our prime partner, especially in the zero trust side of our business. So, great relationship, long-term and great I think for both of us, it's been a very, very... >> Fruitful partnership, synergistic? >> Synergistic, love that, so yes. >> You mentioned zero trust, and we have seen such massive changes to the security and the threat landscape the last 20, 22 months. Talk to me about the recent executive order calling for zero trust, how does Zscaler's partnership with AWS help you enable organizations, fed, SLED, DoD, to be able to actually bring in and apply zero trust? >> Yeah, great question. Five years ago I was tasked to bring Zscaler into the government side of the business. So I was employee one to do that. It was a great honor to do it. And the first thing we did is we partnered with AWS because we needed to get FedRAMP compliant. We knew we were going to go into DoD. So we needed to go to the Impact Level five. And eventually we'll be able to go up level six with AWS. And so it was our partnership started there. And as you've seen in five years with all the change that's happened, that obviously the breaches like SolarWinds, and the people up here talking about them all week with you I'm sure. The executive order came down from the Biden Administration, who I completely salute for being just tremendous leaders in the cybersecurity space. And the executive order, one of the big pieces of the executive order was every agency must produce a plan for zero trust. So our cloud platform that is on AWS is a zero trust platform. It is the first and only zero trust platform to get authorized by the federal government at the FedRAMP level, and now the IL five level. So, together we are literally capturing and taking over the, being the leader in the zero trust space for the federal government. And I'm going to get a sip of water, so forgive me, I've been here all week talking to a lot of people, so forgive me for that. >> That's one thing that we don't have to deal with when we're on Zoom, right, is you don't really have the risk of losing your voice. >> Stephen: There you go. >> But in terms of the executive order, something that you mentioned, SolarWinds, Colonial Pipeline, we only hear about some of the big ones. The fact that ransomware happens one attack every 10, 11 seconds, it's a matter of when we get hit, not if. >> As you know, the story coming up from me, coming up on stage with you today, I just got myself breached just this morning, just individually. So yes, it's going to get all of us. And especially, I think when you look at zero trust and ransomware and how they worked out how zero trust can prevent it, you look at the SLED market, you know, state, local governments, they don't have the dollars to go spend like DHS does, or say, some of the DoD does. So, our partnership with AWS allows us to produce a product that is very cost-effective on a per user basis, consumption model, which is what AWS has been famous for since day one, right, the consumption model, use it when you need it, don't use it when you don't. We built our software the same way. So, at some point in a year, in a school year, we'll ramp up with some schools up to a hundred thousand users in the district, and over the summer we'll ramp down to a thousand, and we just bill them for that. So it's a beautiful relationship that we partner in not just the executive order, but being a partner in SLED, fed in the sense that matches making our business together, match the government's business. And that makes us a true leader and makes us a cost-effective solution. And if you think about it just for a moment, yesterday, I told you I was testifying in front of the Senate. And one of the questions I got asked was, oh, how many security updates do you guys see a year? I said, a year, well, we do over 200,000 a day. 200,000 security updates from potential hackers every single day. And we're doing that over 200 billion transactions a day run on AWS. So it's tremendous partnership, and to be able to work like that, and at that kind of volume, and be able to go up and down with the, and you got AWS able to scope up and down, and us to be able to ride that wave with them. It's been great. >> One of the things that we always talk about when we talk AWS is they're customer focused or customer obsession that, hey, we start backwards, we work backwards from the customer. Same thing, synergistic from a cultural perspective? >> Absolutely, I mean, one of the things I always love about AWS and I've been a customer of AWS for many years, even prior to my Zscaler days, I love the way they approach things, right? If they're not trying to go out and sell it, they're trying to meet with the customer and find out what the customer needs, and then build a solution. We're the same way. I always tell, you know, when you think of our solutions, Zscaler, I always tell my sales teams, I say it takes four sales calls for people to really understand what we do. And AWS, in the beginning of AWS, it was kind of the same thing. In the old days, you know, we all just built data centers and we had all these racks, and all this expense and mesh is what you did. It was unusual back in the day, 10 years ago, and I've been to every single re:Invent. I mean, the first one there was like, you're actually going to put all your stuff in this unknown cloud thing, and it will be available when you need it? So yes, you know, the way that they did it is the same way we do it together today. And we do it together today. We partner on many deals today where we're both, our teams are in there together, selling together, whether it's the DoD, federal agencies, SLED agencies, and commercial, you know, selling it hand-in-hand because it's that same philosophy is we're going to build what a customer needs. We're not going to tell the customer what they need. We're going to hear what they need, and that's the same relationship. So I'm going to get another sip real quick. >> Go for it. One of the things that has been a theme that we've heard the last couple of days is every company needs to be a data company or private sector, public sector, and if they're not, they're probably not going to be around much longer. How do you help customers get their handle around that? Because the security threats are only increasing. I mean, it's ransomware as a service. The fact that these criminals are getting much more brazen, you just had this happen to yourself, but enabling them to become data-driven organizations and use the data, extract the value from it securely, that's hard. >> It is, I mean, if you think back in the day, I mean, companies didn't have chief compliance officers that worked in the space that we do. Their chief compliance officer back in the day was the guy that was writing your HR issues and what OSHA issues, and of course, I still deal with some of that stuff, but my true job is really around the data, right? You know, how do we build our platforms, what decisions we make on our platforms, how we're going to certify them to support that, and I mean, chief data officers, chief security officers, I mean, you go into companies today, even car dealerships today. I mean, I'm picking one, you never thought of them having a security officer, but they do, they have to, they have to. And I mean, basic school districts, I mean, I don't about you, when I was a kid and went to school, they didn't have computers, but when my kid went to school, they did, but they didn't have a security officer. Now today, every single school district has security officers. I mean, I love how you said it, that data-driven, that data thought is there. It has to be, it's a real threat. And the sad thing is of these ransomware attacks, how many don't get reported. >> Oh, right, we're only hearing about a select few. >> The numbers are something like 88% don't get reported. It's that big. So that just tells you, we hear the big ones, right, Colonial Pipeline, things like that. We don't hear about West Texas or Middle Illinois school district that paid five grand because somebody had something on the school. That's how, as you said, this ransomware as a service security, we call it a security as a service, there's SaaS, which is software as a service, we're security software as a service, and AWS is the infrastructure as a service that we run on. And that's how it works well together. >> Do you guys go into accounts together from a go-to-market perspective? >> We, do, we can always do a better job. And my good friend here at AWS, who's probably listening, we can always do better. But yeah, so it is become something that, especially in the government space we do, in federal, DoD, because the certifications are really important, certifications are important everywhere, and we have many, we talked about all the certifications we have in federal, FedRAMP and IL five, and we have a plethora of those certifications in the commercial space. But they mean in a federal space, they're really the ticket. They call them the ENERGY STAR of approval, good housekeeping piece. So, you know, having that, teaming up with AWS who we partner together and because AWS has the same certs, we can sell at the same levels. And we do a really great job of co-selling in that space together. And I think when they look at us and they say, well, you're AWS, they've got their FedRAMP high, IL five, and you're Zscaler, you got your FedRAMP high, IL five. Yes, we can do business with these guys, and that's important. >> So you guys both open doors for each other. >> We do, we do in many cases, yeah. As a matter of fact, re:Invent five years ago, a buddy of mine here opened a big, big account for us, which is today our largest account in federal came from re:Invent, where came up to me and said, hey, my customer wants to, he's looking to do something, they're an agency that has global footprint, and they're like, we want to do something as a security as a service. They don't want to ship boxes all over the place. And we just met the customer for a coffee, and next thing you know, became our, still today, our probably largest customer in federal. >> Wow, well, this is the 10th re:Invent, you said you've been to all of them. >> Stephen: I have been to all of them. I can't lie, but I can't say I did all the virtual ones. I mean, I was logged in. (laughs) >> That's okay, we'll wink on that one. But, one of the things then, we've just got about a minute left here, is in new leadership, Andy Jassy being promoted to the CEO of Amazon, we've got Adam Selipsky, heard lot of announcements and news from Adam yesterday, but some of the things that we've been talking about on theCUBE is the first 15 years of innovation at AWS, that's going to accelerate. Do you see that also, like if you look forward to the next decade, do you see things moving much faster than they did the past decade? >> I don't think they can't. I mean, I shouldn't say they have to. And the change of the guard as you might call it here, is it's always good to have a change of the guard I think. You know, the question is when's Andy going to go to space? I mean, that's the next. (Lisa laughs) I think you have the guys who got AWS to the dance, and now the dance, who's going to become the belle of the ball. And this next generation of leadership coming in is fabulous. I think they've made great decisions, and I think they're going to do really well. And we're behind them, we support it. I got a chance to meet with most of them, love a chance to meet with Andy, I haven't met with him yet. So Andy, I'd love to meet you sometime soon. But I'm very impressed with what they've done. And yes, I think it's going to be, the last 10 years of growth is going to be a year next year. I think literally, you take 10 years be compressed to a year, and then next year it will be compressed to a day. So it's moving that fast. >> Yep, get your neck brace on, prepare for that whiplash. >> Yeah, right? That's what I said to Jeff when Jeff went to space, that's how fast we're about to travel, right? But it's really relative. >> It is, there is no limit. Well, Stephen, thank you for joining me, talking about Zscaler, AWS, what you guys are doing, how you're helping to revolutionize the public sector, fed, SLED, a lot of great stuff there. Security is an ever-evolving topic, and we appreciate all of your insights. >> Well, it was wonderful to be here. Great to see you again. And great to be back with all our friends at re:Invent. >> All of our friends, exactly. >> Stephen: Thank you so much for the time today. >> My pleasure. For Stephen Kovac, I'm Lisa Martin. You're watching theCUBE, the global leader in live tech coverage. (pleasant music)

>> Good day, everyone. Thank you for joining me. I'm Cindy Maike, joined by Rick Taylor of Cloudera. We're here to talk about predictive maintenance for the public sector and how to increase asset service reliability. On today's agenda, we'll talk specifically around how to optimize your equipment maintenance, how to reduce costs, asset failure with data and analytics. We'll go into a little more depth on what type of data, the analytical methods that we're typically seeing used, the associated- Brooke will go over a case study as well as a reference architecture. So by basic definition, predictive maintenance is about determining when an asset should be maintained and what specific maintenance activities need to be performed either based upon an assets actual condition or state. It's also about predicting and preventing failures and performing maintenance on your time on your schedule to avoid costly unplanned downtime. McKenzie has looked at analyzing predictive maintenance costs across multiple industries and has identified that there's the opportunity to reduce overall predictive maintenance costs by roughly 50% with different types of analytical methods. So let's look at those three types of models. First, we've got our traditional type of method for maintenance, and that's really about uncorrective maintenance, and that's when we're performing maintenance on an asset after the equipment fails. The challenges with that is we end up with unplanned downtime. We end up with disruptions in our schedules, as well as reduce quality around the performance of the asset. And then we started looking at preventive maintenance and preventative maintenance is really when we're performing maintenance on a set schedule. The challenges with that is we're typically doing it regardless of the actual condition of the asset, which has resulted in unnecessary downtime and expense. And specifically we're really now focused on condition-based maintenance, which is looking at leveraging predictive maintenance techniques based upon actual conditions and real time events and processes. Within that, we've seen organizations and again, source from McKenzie, have a 50% reduction in downtime, as well as overall 40% reduction in maintenance costs. Again, this is really looking at things across multiple industries, but let's look at it in the context of the public sector and based upon some activity by the department of energy several years ago, they really looked at what does predictive maintenance mean to the public sector? What is the benefit of looking at increasing return on investment of assets, reducing, you know, reduction in downtime as well as overall maintenance costs. So corrective or reactive based maintenance is really about performing once there's been a failure and then the movement towards preventative, which is based upon a set schedule. We're looking at predictive where we're monitoring real-time conditions. And most importantly is now actually leveraging IOT and data and analytics to further reduce those overall down times. And there's a research report by the department of energy that goes into more specifics on the opportunity within the public sector. So Rick, let's talk a little bit about what are some of the challenges regarding data, regarding predictive maintenance? >> Some of the challenges include having data silos, historically our government organizations and organizations in the commercial space as well, have multiple data silos. They've spun up over time. There are multiple business units and note, there's no single view of assets. And oftentimes there's redundant information stored in these silos of information. Couple that with huge increases in data volume, data growing exponentially, along with new types of data that we can ingest there's social media, there's semi and unstructured data sources and the real time data that we can now collect from the internet of things. And so the challenge is to collect all these assets together and begin to extract intelligence from them and additional insights and and that in turn, then fuels machine learning and what we call artificial intelligence, which enables predictive maintenance. Next slide. >> Cindy: So let's look specifically at, you know, the types of use cases and I'm going to- Rick and I are going to focus on those use cases, where do we see predictive maintenance coming in to the procurement facility, supply chain, operations and logistics? We've got various level of maturity. So, you know, we're talking about predictive maintenance. We're also talking about using information, whether it be on a connected asset or a vehicle doing monitoring to also leveraging predictive maintenance on how do we bring about looking at data from connected warehouses facilities and buildings? I'll bring an opportunity to both increase the quality and effectiveness of the missions within the agencies to also looking at looking at cost efficiency, as well as looking at risk and safety. And the types of data, you know, that Rick mentioned around, you know, the new types of information. Some of those data elements that we typically have seen is looking at failure history. So when has an asset or a machine or a component within a machine failed in the past? We've also looking at bringing together a maintenance history, looking at a specific machine. Are we getting error codes off of a machine or assets looking at when we've replaced certain components to looking at how are we actually leveraging the assets? What were the operating conditions? Pulling up data from a sensor on that asset? Also looking at the features of an asset, whether it's, you know, engine size it's make and model, where's the asset located? To also looking at who's operated the asset, you know, whether it be their certifications, what's their experience, how are they leveraging the assets? And then also bringing in together some of the pattern analysis that we've seen. So what are the operating limits? Are we getting service reliability? Are we getting a product recall information from the actual manufacturer? So Rick, I know the data landscape has really changed. Let's, let's go over looking at some of those components. >> Rick: Sure. So this slide depicts sort of the, some of the inputs that inform a predictive maintenance program. So we've talked a little bit about the silos of information, the ERP system of record, perhaps the spares and the service history. So we want, what we want to do is combine that information with sensor data, whether it's a facility and equipment sensors, or temperature and humidity, for example. All this stuff is then combined together and then used to develop machine learning models that better inform predictive maintenance, because we do need to take into account the environmental factors that may cause additional wear and tear on the asset that we're monitoring. So here are some examples of private sector maintenance use cases that also have broad applicability across the government. For example, one of the busiest airports in Europe is running Cloudera on Azure to capture secure and correlate sensor data collected from equipment within the airport. The people moving equipment more specifically, the escalators, the elevators, and the baggage carousels. The objective here is to prevent breakdowns and improve airport efficiency and passenger safety. Another example is a container shipping port. In this case, we use IOT data and machine learning to help customers recognize how their cargo handling equipment is performing in different weather conditions to understand how usage relates to failure rates and to detect anomalies in transport systems. These all improve port efficiency. Another example is Navistar. Navistar is a leading manufacturer of commercial trucks, buses, and military vehicles. Typically vehicle maintenance, as Cindy mentioned, is based on miles traveled or based on a schedule or a time since the last service. But these are only two of the thousands of data points that can signal the need for maintenance. And as it turns out, unscheduled maintenance and vehicle breakdowns account for a large share of the total cost for vehicle owners. So to help fleet owners move from a reactive approach to a more predictive model, Navistar built an IOT enabled remote diagnostics platform called On Command. The platform brings in over 70 sensor data feeds for more than 375,000 connected vehicles. These include engine performance, trucks speed, acceleration, coolant temperature and break ware. This data is then correlated with other Navistar and third-party data sources, including weather, geolocation, vehicle usage, traffic, warranty, and parts inventory information. So the platform then uses machine learning and advanced analytics to automatically detect problems early and predict maintenance requirements. So how does the fleet operator use this information? They can monitor truck health and performance from smartphones or tablets and prioritize needed repairs. Also, they can identify that the nearest service location that has the relevant parts, the train technicians and the available service space. So sort of wrapping up the benefits. Navistar's helped fleet owners reduce maintenance costs by more than 30%. This same platform has also used to help school buses run safely and on time. For example, one school district with 110 buses that travel over a million miles annually reduce the number of tows needed year over year, thanks to predictive insights, delivered by this platform. So I'd like to take a moment and walk through the data life cycle as depicted in this diagram. So data ingest from the edge may include feeds from the factory floor or things like connected vehicles, whether they're trucks, aircraft, heavy equipment, cargo vessels, et cetera. Next, the data lands on a secure and governed data platform where it is combined with data from existing systems of record to provide additional insights. And this platform supports multiple analytic functions working together on the same data while maintaining strict security, governance and control measures. Once processed the data is used to train machine learning models, which are then deployed into production, monitored and retrained as needed to maintain accuracy. The process data is also typically placed in a data warehouse and use to support business intelligence analytics and dashboards. And in fact, this data life cycle is representative of one of our government customers doing condition-based maintenance across a variety of aircraft. And the benefits they've discovered include; less unscheduled maintenance and a reduction in mean man hours to repair, increased maintenance efficiencies, improved aircraft availability, and the ability to avoid cascading component failures, which typically costs more in repair cost and downtime. Also, they're able to better forecast the requirements for replacement parts and consumables and last, and certainly very importantly, this leads to enhanced safety. This chart overlays the secure open source Cloudera platform used in support of the data life cycle we've been discussing. Cloudera data flow, provides the data ingest, data movement and real time streaming data query capabilities. So data flow gives us the capability to bring data in from the asset of interest, from the internet of things. While the data platform provides a secure governed data lake and visibility across the full machine learning life cycle eliminates silos and streamlines workflows across teams. The platform includes a integrated suite of secure analytic applications. And two that we're specifically calling out here are Cloudera machine learning, which supports the collaborative data science and machine learning environment, which facilitates machine learning and AI and the Cloudera data warehouse, which supports the analytics and business intelligence, including those dashboards for leadership Cindy, over to you. >> Cindy: Rick, Thank you. And I hope that Rick and I provided you some insights on how predictive maintenance condition-based maintenance is being used and can be used within your respective agency, bringing together data sources that maybe you're having challenges with today, bringing that more real-time information in from a streaming perspective, blending that industrial IOT, as well as historical information together to help actually optimize maintenance and produce costs within each of your agencies. To learn a little bit more about Cloudera and our, what we're doing from a predictive maintenance, please visit us at Cloudera.com/Solutions/PublicSector And we look forward to scheduling a meeting with you. And on that, we appreciate your time today and thank you very much.

>>Hi, this is Cindy Mikey, vice president of industry solutions at caldera. Joining me today is chef is Molly, our solution engineer for the public sector. Today. We're going to talk about speed to insight. Why using machine learning in the public sector, specifically around fraud, waste and abuse. So topic for today, we'll discuss machine learning, why the public sector uses it to target fraud, waste, and abuse, the challenges. How do we enhance your data and analytical approaches the data landscape analytical methods and shad we'll go over reference architecture and a case study. So by definition, fraud, waste and abuse per the government accountability office is fraud. Isn't an attempt to obtain something about value through unwelcome misrepresentation waste is about squandering money or resources and abuse is about behaving improperly or unreasonably to actually obtain something of value for your personal benefit. So as we look at fraud, um, and across all industries, it's a top of mind, um, area within the public sector. >>Um, the types of fraud that we see is specifically around cyber crime, uh, looking at accounting fraud, whether it be from an individual perspective to also, uh, within organizations, looking at financial statement fraud, to also looking at bribery and corruption, as we look at fraud, it really hits us from all angles, whether it be from external perpetrators or internal perpetrators, and specifically from the research by PWC, the key focus area is we also see over half of fraud is actually through some form of internal or external, uh, perpetrators again, key topics. So as we also look at a report recently by the association of certified fraud examiners, um, within the public sector, the us government, um, in 2017, it was identified roughly $148 billion was attributable to fraud, waste and abuse. Specifically about 57 billion was focused on reported monetary losses and another 91 billion on areas where that opportunity or the monetary basis had not yet been measured. >>As we look at breaking those areas down again, we look at several different topics from permit out payment perspective. So breaking it down within the health system, over $65 billion within social services, over $51 billion to procurement fraud to also, um, uh, fraud, waste and abuse that's happening in the grants and the loan process to payroll fraud, and then other aspects, again, quite a few different topical areas. So as we look at those areas, what are the areas that we see additional type of focus, there's a broad stroke areas. What are the actual use cases that our agencies are using the data landscape? What data, what analytical methods can we use to actually help curtail and prevent some of the, uh, the fraud waste and abuse. So, as we look at some of the analytical processes and analytical use crate, uh, use cases in the public sector, whether it's from, uh, you know, the taxation areas to looking at, you know, social services, uh, to public safety, to also the, um, our, um, uh, additional agency methods, we're gonna use focused specifically on some of the use cases around, um, you know, fraud within the tax area. >>Uh, we'll briefly look at some of the aspects of, um, unemployment insurance fraud, uh, benefit fraud, as well as payment and integrity. So fraud has it it's, um, uh, underpinnings inquiry, like you different on government agencies and difficult, different analytical methods, and I usage of different data. So I think one of the key elements is, you know, you can look at your, your data landscape on specific data sources that you need, but it's really about bringing together different data sources across a different variety, a different velocity. So, uh, data has different dimensions. So we'll look at structured types of data of semi-structured data, behavioral data, as well as when we look at, um, you know, predictive models. We're typically looking at historical type information, but if we're actually trying to look at preventing fraud before it actually happens, or when a case may be in flight, which is specifically a use case that shad is going to talk about later is how do I look at more of that? >>Real-time that streaming information? How do I take advantage of data, whether it be, uh, you know, uh, financial transactions we're looking at, um, asset verification, we're looking at tax records, we're looking at corporate filings. Um, and we can also look at more, uh, advanced data sources where as we're looking at, um, investigation type information. So we're maybe going out and we're looking at, uh, deep learning type models around, uh, you know, semi or that, uh, behavioral, uh, that's unstructured data, whether it be camera analysis and so forth. So for quite a different variety of data and the, the breadth and the opportunity really comes about when you can integrate and look at data across all different data sources. So in a looking at a more extensive, uh, data landscape. So specifically I want to focus on some of the methods, some of the data sources and some of the analytical techniques that we're seeing, uh, being used, um, in the government agencies, as well as opportunities, uh, to look at new methods. >>So as we're looking at, you know, from a, um, an audit planning or looking at, uh, the opportunity for the likelihood of non-compliance, um, specifically we'll see data sources where we're maybe looking at a constituents profile, we might actually be investigating the forms that they've provided. We might be comparing that data, um, or leveraging internal data sources, possibly looking at net worth, comparing it against other financial data, and also comparison across other constituents groups. Some of the techniques that we use are some of the basic natural language processing, maybe we're going to do some text mining. We might be doing some probabilistic modeling, uh, where we're actually looking at, um, information within the agency to also comparing that against possibly tax forms. A lot of times it's information historically has been done on a batch perspective, both structured and semi-structured type information. And typically the data volumes can be low, but we're also seeing those data volumes on increase exponentially based upon the types of events that we're dealing with, the number of transactions. >>Um, so getting the throughput, um, and chef's going to specifically talk about that in a moment. The other aspect is, as we look at other areas of opportunity is when we're building upon, how do I actually do compliance? How do I actually look at conducting audits, uh, or potential fraud to also looking at areas of under-reported tax information? So there you might be pulling in some of our other types of data sources, whether it's being property records, it could be data that's being supplied by the actual constituents or by vendors to also pulling in social media information to geographical information, to leveraging photos on techniques that we're seeing used is possibly some sentiment analysis, link analysis. Um, how do we actually blend those data sources together from a natural language processing? But I think what's important here is also the method and the looking at the data velocity, whether it be batch, whether it be near real time, again, looking at all types of data, whether it's structured semi-structured or unstructured and the key and the value behind this is, um, how do we actually look at increasing the potential revenue or the, um, under reported revenue? >>Uh, how do we actually look at stopping fraudulent payments before they actually occur? Um, also looking at increasing the amount of, uh, the level of compliance, um, and also looking at the potential of prosecution of fraud cases. And additionally, other areas of opportunity could be looking at, um, economic planning. How do we actually perform some link analysis? How do we bring some more of those things that we saw in the data landscape on customer, or, you know, constituent interaction, bringing in social media, bringing in, uh, potentially police records, property records, um, other tax department, database information. Um, and then also looking at comparing one individual to other individuals, looking at people like a specific, like a constituent, are there areas where we're seeing, uh, >>Um, other >>Aspects of, of fraud potentially being occurring. Um, and also as we move forward, some of the more advanced techniques that we're seeing around deep learning is looking at computer vision, um, leveraging geospatial information, looking at social network entity analysis, uh, also looking at, uh, agent-based modeling techniques, where we're looking at simulation Monte Carlo type techniques that we typically see in the financial services industry, actually applying that to fraud, waste, and abuse within the, uh, the public sector. Um, and again, that really, uh, lends itself to a new opportunities. And on that, I'm going to turn it over to chef to talk about, uh, the reference architecture for, uh, doing these buckets. >>Thanks, Cindy. Um, so I'm gonna walk you through an example, reference architecture for fraud detection using, uh, Cloudera's underlying technology. Um, and you know, before I get into the technical details, uh, I want to talk about how this would be implemented at a much higher level. So with fraud detection, what we're trying to do is identify anomalies or novelists behavior within our datasets. Um, now in order to understand what aspects of our incoming data represents anomalous behavior, we first need to understand what normal behavior is. So in essence, once we understand normal behavior, anything that deviates from it can be thought of as an anomaly, right? So in order to understand what normal behavior is, we're going to need to be able to collect store and process a very large amount of historical data. And so incomes, clutters platform, and this reference architecture that needs to be for you. >>So, uh, let's start on the left-hand side of this reference architecture with the collect phase. So fraud detection will always begin with data collection. We need to collect large amounts of information from systems that could be in the cloud. It could be in the data center or even on edge devices, and this data needs to be collected so we can create our normal behavior profiles. And these normal behavioral profiles would then in turn, be used to create our predictive models for fraudulent activity. Now, uh, thinking, uh, to the data collection side, one of the main challenges that many organizations face, uh, in this phase, uh, involves using a single technology that can handle, uh, data that's coming in all different types of formats and protocols and standards with different velocities and velocities. Um, let me give you an example. Uh, we could be collecting data from a database that gets updated daily, uh, and maybe that data is being collected in Agra format. >>At the same time, we can be collecting data from an edge device that's streaming in every second, and that data may be coming in Jason or a binary format, right? So this is a data collection challenge that can be solved with cluttered data flow, which is a suite of technologies built on a patch NIFA in mini five, allowing us to ingest all of this data, do a drag and drop interface. So now we're collecting all of this data, that's required to map out normal behavior. The next thing that we need to do is enrich it, transform it and distribute it to, uh, you know, downstream systems for further process. Uh, so let's, let's walk through how that would work first. Let's taking Richmond for, uh, for enrichment, think of adding additional information to your incoming data, right? Let's take, uh, financial transactions, for example, uh, because Cindy mentioned it earlier, right? >>You can store known locations of an individual in an operational database, uh, with Cloudera that would be HBase. And as an individual makes a new transaction, their geolocation that's in that transaction data can be enriched with previously known locations of that very same individual. And all of that enriched data can be later used downstream for predictive analysis, predictable. So the data has been enrich. Uh, now it needs to be transformed. We want the data that's coming in, uh, you know, Avro and Jason and binary and whatever other format to be transformed into a single common format. So it can be used downstream for stream processing. Uh, again, this is going to be done through clutter and data flow, which is backed by NIFA, right? So the transformed semantic data is then going to be stricted to Kafka and coffin. It's going to serve as that central repository of syndicated services or a buffer zone, right? >>So coffee is going to pretty much provide you with, uh, extremely fast resilient and fault tolerance storage. And it's also gonna give you the consumer APIs that you need that are going to enable a wide variety of applications to leverage that enriched and transformed data within your buffer zone, uh, allowed that, you know, 17. So you can store that data in a distributed file system, give you that historical context that you're going to need later on for machine learning, right? So the next step in the architecture is to leverage a cluttered SQL stream builder, which enables us to write, uh, streaming SQL jobs on top of Apache Flink. So we can, uh, filter, analyze and, uh, understand the data that's in the Kafka buffer in real time. Uh I'll you know, I'll also add like, you know, if you have time series data, or if you need a lab type of cubing, you can leverage kudu, uh, while EDA or, you know, exploratory data analysis and visualization, uh, can all be enabled through clever visualization technology. >>All right, so we've filtered, we've analyzed and we've explored our incoming data. We can now proceed to train our machine learning models, uh, which will detect anomalous behavior in our historically collected data set, uh, to do this, we can use a combination of supervised unsupervised, uh, even deep learning techniques with neural networks. And these models can be tested on new incoming streaming data. And once we've gone ahead and obtain the accuracy of the performance, the scores that we want, we can then take these models and deploy them into production. And once the models are productionalized or operationalized, they can be leveraged within our streaming pipeline. So as new data is ingested in real-time knife, I can query these models to detect if the activity is anomalous or fraudulent. And if it is, they can alert downstream users and systems, right? So this in essence is how fraudulent activity detection works. >>Uh, and this entire pipeline is powered by clutters technology, right? And so, uh, the IRS is one of, uh, clutter's customers. That's leveraging our platform today and implementing, uh, a very similar architecture, uh, to detect fraud, waste, and abuse across a very large set of historical facts, data. Um, and one of the neat things with the IRS is that they've actually recently leveraged the partnership between Cloudera and Nvidia to accelerate their spark based analytics and their machine learning, uh, and the results have been nothing short of amazing, right? And in fact, we have a quote here from Joe and salty who's, uh, you know, the technical branch chief for the research analytics and statistics division group within the IRS with zero changes to our fraud detection workflow, we're able to obtain eight times to performance simply by adding GPS to our mainstream big data servers. This improvement translates to half the cost of ownership for the same workloads, right? So embedding GPU's into the reference architecture I covered earlier has enabled the IRS to improve their time to insights by as much as eight X while simultaneously reducing their underlying infrastructure costs by half, uh, Cindy back to you >>Chef. Thank you. Um, and I hope that you found, uh, some of the, the analysis, the information that Sheva and I have provided, um, to give you some insights on how cloud era is actually helping, uh, with the fraud waste and abuse challenges within the, uh, the public sector, um, specifically looking at any and all types of data, how the clutter platform is bringing together and analyzing information, whether it be you're structured you're semi-structured to unstructured data, both in a fast or in a real-time perspective, looking at anomalies, being able to do some of those on detection, uh, looking at neural network analysis, time series information. So next steps we'd love to have additional conversation with you. You can also find on some additional information around, I have caught areas working in the, the federal government by going to cloudera.com solutions slash public sector. And we welcome scheduling a meeting with you again, thank you for joining us Sheva and I today. We greatly appreciate your time and look forward to future progress. >>Good day, everyone. Thank you for joining me. I'm Sydney. Mike joined by Rick Taylor of Cloudera. Uh, we're here to talk about predictive maintenance for the public sector and how to increase assets, service, reliability on today's agenda. We'll talk specifically around how to optimize your equipment maintenance, how to reduce costs, asset failure with data and analytics. We'll go into a little more depth on, um, what type of data, the analytical methods that we're typically seeing used, um, the associated, uh, Brooke, we'll go over a case study as well as a reference architecture. So by basic definition, uh, predictive maintenance is about determining when an asset should be maintained and what specific maintenance activities need to be performed either based upon an assets of actual condition or state. It's also about predicting and preventing failures and performing maintenance on your time on your schedule to avoid costly unplanned downtime. >>McKinsey has looked at analyzing predictive maintenance costs across multiple industries and has identified that there's the opportunity to reduce overall predictive maintenance costs by roughly 50% with different types of analytical methods. So let's look at those three types of models. First, we've got our traditional type of method for maintenance, and that's really about our corrective maintenance, and that's when we're performing maintenance on an asset, um, after the equipment fails. But the challenges with that is we end up with unplanned. We end up with disruptions in our schedules, um, as well as reduced quality, um, around the performance of the asset. And then we started looking at preventive maintenance and preventative maintenance is really when we're performing maintenance on a set schedule. Um, the challenges with that is we're typically doing it regardless of the actual condition of the asset, um, which has resulted in unnecessary downtime and expense. Um, and specifically we're really now focused on pre uh, condition-based maintenance, which is looking at leveraging predictive maintenance techniques based upon actual conditions and real time events and processes. Um, within that we've seen organizations, um, and again, source from McKenzie have a 50% reduction in downtime, as well as an overall 40% reduction in maintenance costs. Again, this is really looking at things across multiple industries, but let's look at it in the context of the public sector and based upon some activity by the department of energy, um, several years ago, >>Um, they've really >>Looked at what does predictive maintenance mean to the public sector? What is the benefit, uh, looking at increasing return on investment of assets, reducing, uh, you know, reduction in downtime, um, as well as overall maintenance costs. So corrective or reactive based maintenance is really about performing once there's been a failure. Um, and then the movement towards, uh, preventative, which is based upon a set schedule or looking at predictive where we're monitoring real-time conditions. Um, and most importantly is now actually leveraging IOT and data and analytics to further reduce those overall downtimes. And there's a research report by the, uh, department of energy that goes into more specifics, um, on the opportunity within the public sector. So, Rick, let's talk a little bit about what are some of the challenges, uh, regarding data, uh, regarding predictive maintenance. >>Some of the challenges include having data silos, historically our government organizations and organizations in the commercial space as well, have multiple data silos. They've spun up over time. There are multiple business units and note, there's no single view of assets. And oftentimes there's redundant information stored in, in these silos of information. Uh, couple that with huge increases in data volume data growing exponentially, along with new types of data that we can ingest there's social media, there's semi and unstructured data sources and the real time data that we can now collect from the internet of things. And so the challenge is to collect all these assets together and begin to extract intelligence from them and insights and, and that in turn then fuels, uh, machine learning and, um, and, and what we call artificial intelligence, which enables predictive maintenance. Next slide. So >>Let's look specifically at, you know, the, the types of use cases and I'm going to Rick and I are going to focus on those use cases, where do we see predictive maintenance coming into the procurement facility, supply chain, operations and logistics. Um, we've got various level of maturity. So, you know, we're talking about predictive maintenance. We're also talking about, uh, using, uh, information, whether it be on a, um, a connected asset or a vehicle doing monitoring, uh, to also leveraging predictive maintenance on how do we bring about, uh, looking at data from connected warehouses facilities and buildings all bring on an opportunity to both increase the quality and effectiveness of the missions within the agencies to also looking at re uh, looking at cost efficiency, as well as looking at risk and safety and the types of data, um, you know, that Rick mentioned around, you know, the new types of information, some of those data elements that we typically have seen is looking at failure history. >>So when has that an asset or a machine or a component within a machine failed in the past? Uh, we've also looking at bringing together a maintenance history, looking at a specific machine. Are we getting error codes off of a machine or assets, uh, looking at when we've replaced certain components to looking at, um, how are we actually leveraging the assets? What were the operating conditions, uh, um, pulling off data from a sensor on that asset? Um, also looking at the, um, the features of an asset, whether it's, you know, engine size it's make and model, um, where's the asset located on to also looking at who's operated the asset, uh, you know, whether it be their certifications, what's their experience, um, how are they leveraging the assets and then also bringing in together, um, some of the, the pattern analysis that we've seen. So what are the operating limits? Um, are we getting service reliability? Are we getting a product recall information from the actual manufacturer? So, Rick, I know the data landscape has really changed. Let's, let's go over looking at some of those components. Sure. >>So this slide depicts sort of the, some of the inputs that inform a predictive maintenance program. So, as we've talked a little bit about the silos of information, the ERP system of record, perhaps the spares and the service history. So we want, what we want to do is combine that information with sensor data, whether it's a facility and equipment sensors, um, uh, or temperature and humidity, for example, all this stuff is then combined together, uh, and then use to develop machine learning models that better inform, uh, predictive maintenance, because we'll do need to keep, uh, to take into account the environmental factors that may cause additional wear and tear on the asset that we're monitoring. So here's some examples of private sector, uh, maintenance use cases that also have broad applicability across the government. For example, one of the busiest airports in Europe is running cloud era on Azure to capture secure and correlate sensor data collected from equipment within the airport, the people moving equipment more specifically, the escalators, the elevators, and the baggage carousels. >>The objective here is to prevent breakdowns and improve airport efficiency and passenger safety. Another example is a container shipping port. In this case, we use IOT data and machine learning, help customers recognize how their cargo handling equipment is performing in different weather conditions to understand how usage relates to failure rates and to detect anomalies and transport systems. These all improve for another example is Navistar Navistar, leading manufacturer of commercial trucks, buses, and military vehicles. Typically vehicle maintenance, as Cindy mentioned, is based on miles traveled or based on a schedule or a time since the last service. But these are only two of the thousands of data points that can signal the need for maintenance. And as it turns out, unscheduled maintenance and vehicle breakdowns account for a large share of the total cost for vehicle owner. So to help fleet owners move from a reactive approach to a more predictive model, Navistar built an IOT enabled remote diagnostics platform called on command. >>The platform brings in over 70 sensor data feeds for more than 375,000 connected vehicles. These include engine performance, trucks, speed, acceleration, cooling temperature, and break where this data is then correlated with other Navistar and third-party data sources, including weather geo location, vehicle usage, traffic warranty, and parts inventory information. So the platform then uses machine learning and advanced analytics to automatically detect problems early and predict maintenance requirements. So how does the fleet operator use this information? They can monitor truck health and performance from smartphones or tablets and prioritize needed repairs. Also, they can identify that the nearest service location that has the relevant parts, the train technicians and the available service space. So sort of wrapping up the, the benefits Navistar's helped fleet owners reduce maintenance by more than 30%. The same platform is also used to help school buses run safely. And on time, for example, one school district with 110 buses that travel over a million miles annually reduce the number of PTOs needed year over year, thanks to predictive insights delivered by this platform. >>So I'd like to take a moment and walk through the data. Life cycle is depicted in this diagram. So data ingest from the edge may include feeds from the factory floor or things like connected vehicles, whether they're trucks, aircraft, heavy equipment, cargo vessels, et cetera. Next, the data lands on a secure and governed data platform. Whereas combined with data from existing systems of record to provide additional insights, and this platform supports multiple analytic functions working together on the same data while maintaining strict security governance and control measures once processed the data is used to train machine learning models, which are then deployed into production, monitored, and retrained as needed to maintain accuracy. The process data is also typically placed in a data warehouse and use to support business intelligence, analytics, and dashboards. And in fact, this data lifecycle is representative of one of our government customers doing condition-based maintenance across a variety of aircraft. >>And the benefits they've discovered include less unscheduled maintenance and a reduction in mean man hours to repair increased maintenance efficiencies, improved aircraft availability, and the ability to avoid cascading component failures, which typically cost more in repair cost and downtime. Also, they're able to better forecast the requirements for replacement parts and consumables and last, and certainly very importantly, this leads to enhanced safety. This chart overlays the secure open source Cloudera platform used in support of the data life cycle. We've been discussing Cloudera data flow, the data ingest data movement and real time streaming data query capabilities. So data flow gives us the capability to bring data in from the asset of interest from the internet of things. While the data platform provides a secure governed data lake and visibility across the full machine learning life cycle eliminates silos and streamlines workflows across teams. The platform includes an integrated suite of secure analytic applications. And two that we're specifically calling out here are Cloudera machine learning, which supports the collaborative data science and machine learning environment, which facilitates machine learning and AI and the cloud era data warehouse, which supports the analytics and business intelligence, including those dashboards for leadership Cindy, over to you, Rick, >>Thank you. And I hope that, uh, Rick and I provided you some insights on how predictive maintenance condition-based maintenance is being used and can be used within your respective agency, bringing together, um, data sources that maybe you're having challenges with today. Uh, bringing that, uh, more real-time information in from a streaming perspective, blending that industrial IOT, as well as historical information together to help actually, uh, optimize maintenance and reduce costs within the, uh, each of your agencies, uh, to learn a little bit more about Cloudera, um, and our, what we're doing from a predictive maintenance please, uh, business@cloudera.com solutions slash public sector. And we look forward to scheduling a meeting with you, and on that, we appreciate your time today and thank you very much.

(upbeat music) >> Hey, welcome to this Cube conversation with NetScout. I'm Lisa Martin. Excited to talk to you. Richard Hummel, the manager of threat research for Arbor Networks, the security division of NetScout. Richard, welcome to theCube. >> Thanks for having me, Lisa, it's a pleasure to be here. >> We're going to unpack the sixth NetScout Threat Intelligence Report, which is going to be very interesting. But something I wanted to start with is we know that and yes, you're going to tell us, COVID and the pandemic has had a massive impact on DDoS attacks, ransomware. But before we dig into the report, I'd like to just kind of get some stories from you as we saw last year about this time rapid pivot to work from home, rapid pivot to distance learning. Talk to us about some of the attacks that you saw in particular that literally hit close to home. >> Sure and there's one really good prime example that comes to mind because it impacted a lot of people. There was a lot of media sensation around this but if you go and look, just Google it, Miami Dade County and DDoS, you'll see the first articles that pop up is the entire district school network going down because the students did not want to go to school and launched a DDoS attack. There was something upwards of 190,000 individuals that could no longer connect to the school's platform, whether that's a teacher, a student or parents. And so it had a very significant impact. And when you think about this in terms of the digital world, that impacted very severely, a large number of people and you can't really translate that to what would happen in a physical environment because it just doesn't compute. There's two totally different scenarios to talk about here. >> Amazing that a child can decide, "I don't want to go to school today." And as a result of a pandemic take that out for nearly 200,000 folks. So let's dig into, I said this is the sixth NetScout Threat Intelligence Report. One of the global trends and themes that is seen as evidence in what happened last year is up and to the right. Oftentimes when we're talking about technology, you know, with analyst reports up and to the right is a good thing. Not so in this case. We saw huge increases in threat vectors, more vectors weaponized per attack sophistication, expansion of threats and IOT devices. Walk us through the overall key findings from 2020 that this report discovered. >> Absolutely. And if yo glance at your screen there you'll see the key findings here where we talk about record breaking numbers. And just in 2020, we saw over 10 million attacks, which, I mean, this is a 20% increase over 2019. And what's significant about that number is COVID had a huge impact. In fact, if we go all the way back to the beginning, right around mid March, that's when the pandemic was announced, attacks skyrocketed and they didn't stop. They just kept going up and to the right. And that is true through 2021. So far in the first quarter, typically January, February is the down month that we observe in DDoS attacks. Whether this is, you know, kids going back to school from Christmas break, you have their Christmas routines and e-commerce is slowing down. January, February is typically a slow month. That was not true in 2021. In fact, we hit record numbers on a month by month in both January and February. And so not only do we see 2.9 million attacks in the first quarter of 2021, which, I mean, let's do the math here, right? We've got four quarters, you know, we're on track to hit 12 million attacks potentially, if not more. And then you have this normal where we said 800,000 approximately month over month since the pandemic started, we started 2021 at 950,000 plus. That's up and to the right and it's not slowing down. >> It's not slowing down. It's a trend that it shows, you know, significant impact across every industry. And we're going to talk about that but what are some of the new threat vectors that you saw weaponized in the last year? I mean, you talked about the example of the Miami-Dade school district but what were some of those new vectors that were really weaponized and used to help this up and to the right trend? >> So there's four in particular that we were tracking in 2020 and these nets aren't necessarily new vectors. Typically what happens when an adversary starts using this is there's a proof of concept code out there. In fact, a good example of this would be the RDP over UDP. So, I mean, we're all remotely connected, right? We're doing this over a Zoom call. If I want to connect to my organization I'm going to use some sort of remote capability whether that's a VPN or tunneling in, whatever it might be, right? And so remote desktop is something that everybody's using. And we saw actors start to kind of play around with this in mid 2020. And in right around September, November timeframe we saw a sudden spike. And typically when we see spikes in this kind of activity it's because adversaries are taking proof of concept code, that maybe has been around for a period of time, and they're incorporating those into DDoS for hire services. And so any person that wants to launch a DDoS attack can go into underground forums in marketplaces and they can purchase, maybe it's $10 in Bitcoin, and they can purchase an attack. That leverage is a bunch of different DDoS vectors. And so adversaries have no reason to remove a vector as new ones get discovered. They only have the motivation to add more, right? Because somebody comes into their platform and says, "I want to launch an attack that's going to take out my opponent." It's probably going to look a lot better if there's a lot of attack options in there where I can just go through and start clicking buttons left and right. And so all of a sudden now I've got this complex multi-vector attack that I don't have to pay anything extra for. Adversary already did all the work for me and now I can launch an attack. And so we saw four different vectors that were weaponized in 2020. One of those are notably the Jenkins that you see listed on the screen in the key findings. That one isn't necessarily a DDoS vector. It started out as one, it does amplify, but what happens is Jenkins servers are very vulnerable and when you actually initiate this attack, it tips over the Jenkins server. So it kind of operates as like a DoS event versus DDoS but it still has the same effect of availability, it takes a server offline. And then now just in the first part of 2021 we're tracking multiple other vectors that are starting to be weaponized. And when we see this, we go from a few, you know, incidents or alerts to thousands month over month. And so we're seeing even more vectors added and that's only going to continue to go up into the right. You know that theme that we talked about at the beginning here. >> As more vectors get added, and what did you see last year in terms of industries that may have been more vulnerable? As we talked about the work from home, everyone was dependent, really here we are on Zoom, dependent on Zoom, dependent on Netflix. Streaming media was kind of a lifeline for a lot of us but it also was healthcare and education. Did you see any verticals in particular that really started to see an increase in the exploitation and in the risk? >> Yeah, so let's start, let's separate this into two parts. The last part of the key findings that we had was talking about a group we, or a campaign we call Lazarus Borough Model. So this is a global DDoS extortion campaign. We're going to cover that a little bit more when we talk about kind of extorted events and how that operates but these guys, they started where the money is. And so when they first started targeting industries and this kind of coincides with COVID, so it started several months after the pandemic was announced, they started targeting a financial organizations, commercial banking. They went after stock exchange. Many of you would hear about the New Zealand Stock Exchange that went offline. That's this LBA campaign and these guys taking it off. So they started where the money is. They moved to a financial agation targeting insurance companies. They targeted currency exchange places. And then slowly from there, they started to expand. And in so much as our Arbor Cloud folks actually saw them targeting organizations that are part of vaccine development. And so these guys, they don't care who they hurt. They don't care who they're going after. They're going out there for a payday. And so that's one aspect of the industry targeting that we've seen. The other aspect is you'll see, on the next slide here, we actually saw a bunch of different verticals that we really haven't seen in the top 10 before. In fact, if you actually look at this you'll see the number one, two and three are pretty common for us. We almost always are going to see these kinds of telecommunications, wireless, satellite, broadband, these are always going to be in the top. And the reason for that is because gamers and DDoS attacks associated with gaming is kind of the predominant thing that we see in this landscape. And let's face it, gamers are on broadband operating systems. If you're in Asian communities, often they'll use mobile hotspots. So now you start to have wireless come in there. And so that makes sense seeing them. But what doesn't make sense is this internet publishing and broadcasting and you might say, "Well, what is that?" Well, that's things like Zoom and WebEx and Netflix and these other streaming services. And so we're seeing adversaries going after that because those have become critical to people's way of life. Their entertainment, what they're using to communicate for work and school. So they realized if we can go after this it's going to disrupt something and hopefully we can get some recognition. Maybe we can show this as a demonstration to get more customers on our platform or maybe we can get a payday. In a lot of the DDoS attacks that we see, in fact most of them, are all monetary focused. And so they're looking for a payday. They're going to go after something that's going to likely, you know, send out that payment. And then just walk down the line. You can see COVID through this whole thing. Electronic shopping is number five, right? Everybody turned to e-commerce because we're not going to in-person stores anymore. Electronic computer manufacturing, how many more people have to get computers at home now because they're no longer in a corporate environment? And so you can see how the pandemic has really influenced this industry target. >> Significant influencer and I also wonder too, you know, Zoom became a household name for every generation. You know, we're talking to five generations and maybe the generations that aren't as familiar with computer technology might be even more exploitable because it's easy to click on a phishing email when they don't understand how to look for the link. Let's now unpack the different types of DDoS attacks and what is on the rise. You talked about in the report the triple threat and we often think of that in entertainment. That's a good thing, but again, not here. Explain that triple threat. >> Yeah, so what we're seeing here is we have adversaries out there that are looking to take advantage of every possible angle to be able to get that payment. And everybody knows ransomware is a household name at this point, right? And so ransomware and DDoS have a lot in common because they both attack the availability of network resources, where computers or devices or whatever they might be. And so there's a lot of parallels to draw between the two of these. Now ransomware is a denial of service event, right? You're not going to have tens of thousands of computers hitting a single computer to take it down. You're going to have one exploitation of events. Somebody clicked on a link, there was a brute force attempt that managed to compromise a little boxes, credentials, whatever it might be, ransomware gets put on a system, it encrypts all your files. Well, all of a sudden, you've got this ransom note that says "If you want your files decrypted you're going to send us this amount of human Bitcoin." Well, what adversaries are doing now is they're capitalizing on the access that they already gained. So they already have access to the computer. Well, why not steal all the data first then let's encrypt whatever's there. And so now I can ask for a ransom payment to decrypt the files and I can ask for an extortion to prevent me from posting your data publicly. Maybe there's sensitive corporate information there. Maybe you're a local school system and you have all of your students' data on there. You're a hospital that has sensitive PI on it, whatever it might be, right? So now they're going to extort you to prevent them from posting that publicly. Well, why not add DDoS to this entire picture? Now you're already encrypted, we've already got your files, and I'm going to DDoS your system so you can't even access them if you wanted to. And I'm going to tell you, you have to pay me in order to stop this DDoS attack. And so this is that triple threat and we're seeing multiple different ransomware families. In fact, if you look at one of the slides here, you'll see that there's SunCrypt, there's Ragnar Cryptor, and then Maze did this initially back in September and then more recently, even the DarkSide stuff. I mean, who hasn't heard about DarkSide now with the Colonial Pipeline event, right? So they came out and said, "Hey we didn't intend for this collateral damage but it happened." Well, April 24th, they actually started offering DDoS as part of their tool kits. And so you can see how this has evolved over time. And adversaries are learning from each other and are incorporating this kind of methodology. And here we have triple extortion event. >> It almost seems like triple extortion event as a service with the opportunities, the number of vectors there. And you're right, everyone has heard of the Colonial Pipeline and that's where things like ransomware become a household term, just as much as Zoom and video conferencing and streaming media. Let's talk now about the effects that the threat report saw and uncovered region by region. Were there any regions in particular that were, that really stood out as most impacted? >> So not particularly. So one of the phenomena that we actually saw in the threat report, which, you know, we probably could have talked about it before now but it makes sense to talk about it regionally because we didn't see any one particular region, one particular vertical, a specific organization, specific country, none was more heavily targeted than another. In fact what we saw is organizations that we've never seen targeted before. We've seen industries that have never been targeted before all of a sudden are now getting DDoS attacks because we went from a local on-prem, I don't need to be connected to the internet, I don't need to have my employees remote access. And now all of a sudden you're dependent on the internet which is really, let's face it, that's critical infrastructure these days. And so now you have all of these additional people with a footprint connected to the internet then adversary can figure out and they can poke at it. And so what we saw here is just overall, all industries, all regions saw these upticks. The exception would be in China. We actually, in the Asia Pacific region specifically, but predominantly in China. But that often has to do with visibility rather than a decrease in attacks because they have their own kind of infrastructure in China. Brazil's the same way. They have their own kind of ecosystems. And so often you don't see what happens a lot outside the borders. And so from our perspective, we might see a decrease in attacks but, for all we know, they actually saw an increase in the attacks that is internal to their country against their country. And so across the board, just increases everywhere you look. >> Wow. So let's talk about what organizations can do in light of this. As we are here, we are still doing this program by video conferencing and things are opening up a little bit more, at least in the states anyway, and we're talking about more businesses going back to some degree but there's going to still be some mix, some hybrid of working from home and maybe even distance learning. So what can enterprises do to prepare for this when it happens? Because it sounds to me like with the sophistication, the up and to the right, it's not, if we get attacked, it's when. >> It's when, exactly. And that's just it. I mean, it's no longer something that you can put off. You can't just assume that I've never been DDoS attacked, I'm never going to be DDoS attacked anymore. You really need to consider this as part of your core security platform. I like to talk about defense in depth or a layer defense approach where you want to have a layered approach. So, you know, maybe they target your first layer and they don't get through. Or they do get through and now your second layer has to stop it. Well, if you have no layers or if you have one layer, it's not that hard for an adversary to figure out a way around that. And so preparation is key. Making sure that you have something in place and I'm going to give you an operational example here. One of the things we saw with the LBA campaigns is they actually started doing network of conasense for their targets. And what they would do is they would take the IP addresses belonging to your organization. They would look up the domains associated with that and they would figure out like, "Hey, this is bpn.organization.com or VPN two." And all of a sudden they've found your VPN concentrator and so that's where they're going to focus their attack. So something as simple as changing the way that you name your VPN concentrators might be sufficient to prevent them from hitting that weak link or right sizing the DDoS protection services for your company. Did you need something as big as like OnPrem Solutions? We need hardware. Do you instead want to do a managed service? Or do you want to go and talk to a cloud provider because there's right solutions and right sizes for all types of organizations. And the key here is preparation. In fact, all of the customers that we've worked with for the LBA extortion campaigns, if they were properly prepared they experienced almost no downtime or impact to their business. It's the people like the New Zealand Stock Exchange or their service provider that wasn't prepared to handle the attacks that were sent out them that were crippled. And so preparation is key. The other part is awareness. And that's part of what we do with this threat report because we want to make sure you're aware what adversaries are doing, when new attack vectors are coming out, how they're leveraging these, what industries they're targeting because that's really going to help you to figure out what your posture is, what your risk acceptance is for your organization. And in fact, there's a couple of resources that that we have here on the next slide. And you can go to both both of these. One of them is the threat report. You can view all of the details. And we only scratched the surface here in this Cube interview. So definitely recommend going there but the other one is called Horizon And netscout.com/horizon is a free resource you can register but you can actually see near real-time attacks based on industry and based on region. So if your organization out there and you're figuring, "Well I'm never attacked." Well go look up your industry. Go look up the country where you belong and see is there actually attacks against us? And I think you'll be quite surprised that there's quite a few attacks against you. And so definitely recommend checking these out >> Great resources netscout.com/horizon, netscout.com/threatreport. I do want to ask you one final question. That's in terms of timing. We saw the massive acceleration in digital transformation last year. We've already talked about this a number of times on this program. The dependence that businesses and consumers, like globally in every industry, in every country, have on streaming on communications right now. In terms of timing, though, for an organization to go from being aware to understanding what adversaries are doing, to being prepared, how quickly can an organization get up to speed and help themselves start reducing their risks? >> So I think that with DDoS, as opposed to things like ransomware, the ramp up time for that is much, much faster. There is a finite period of time with DDoS attacks that is actually going to impact you. And so maybe you're a smaller organization and you get DDoS attacked. There's a, probably a pretty high chance that that DDoS attack isn't going to last for multiple days. So maybe it's like an hour, maybe it's two hours, and then you recover. Your network resources are available again. That's not the same for something like ransomware. You get hit with ransomware, unless you pay or you have backups, you have to do the rigorous process of getting all your stuff back online. DDoS is more about as soon as the attack stops, the saturation goes away and you can start to get back online again. So it might not be as like immediate critical that you have to have something but there's also solutions, like a cloud solution, where it's as simple as signing up for the service and having your traffic redirected to their scrubbing center, their detection center. And then you may not have to do anything on-prem yourself, right? It's a matter of going out to an organization, finding a good contract, and then signing up, signing on the dotted line. And so I think that the ramp up time for mitigation services and DDoS protection can be a lot faster than many other security platforms and solutions. >> That's good to know cause with the up and to the right trend that you already said, the first quarter is usually slow. It's obviously not that way as what you've seen in 2021. And we can only expect what way, when we talk to you next year, that the up and to the right trend may continue. So hopefully organizations take advantage of these resources, Richard, that you talked about to be prepared to mediate and protect their you know, their customers, their employees, et cetera. Richard, we thank you for stopping by theCube. Talking to us about the sixth NetScout Threat Intelligence Report. Really interesting information. >> Absolutely; definitely a pleasure to have me here. Lisa, anytime you guys want to do it again, you know where I live? >> Yes. It's one of my favorite topics that you got and I got to point out the last thing, your Guardians of the Galaxy background, one of my favorite movies and it should be noted that on the NetScout website they are considered the Guardians of the Connected World. I just thought that connection was, as Richard told me before we went live, not planned, but I thought that was a great coincidence. Again, Richard, it's been a pleasure talking to you. Thank you for your time. >> Thank you so much. >> Richard Hummel, I'm Lisa Martin. You're watching this Cube conversation. (relaxing music)

(upbeat music) >> Hey, welcome to this Cube conversation with NetScout. I'm Lisa Martin. Excited to talk to you. Richard Hummel, the manager of threat research for Arbor Networks, the security division of NetScout. Richard, welcome to theCube. >> Thanks for having me, Lisa, it's a pleasure to be here. >> We're going to unpack the sixth NetScout Threat Intelligence Report, which is going to be very interesting. But something I wanted to start with is we know that and yes, you're going to tell us, COVID and the pandemic has had a massive impact on DDoS attacks, ransomware. But before we dig into the report, I'd like to just kind of get some stories from you as we saw last year about this time rapid pivot to work from home, rapid pivot to distance learning. Talk to us about some of the attacks that you saw in particular that literally hit close to home. >> Sure and there's one really good prime example that comes to mind because it impacted a lot of people. There was a lot of media sensation around this but if you go and look, just Google it, Miami Dade County and DDoS, you'll see the first articles that pop up is the entire district school network going down because the students did not want to go to school and launched a DDoS attack. There was something upwards of 190,000 individuals that could no longer connect to the school's platform, whether that's a teacher, a student or parents. And so it had a very significant impact. And when you think about this in terms of the digital world, that impacted very severely, a large number of people and you can't really translate that to what would happen in a physical environment because it just doesn't compute. There's two totally different scenarios to talk about here. >> Amazing that a child can decide, "I don't want to go to school today." And as a result of a pandemic take that out for nearly 200,000 folks. So let's dig into, I said this is the sixth NetScout Threat Intelligence Report. One of the global trends and themes that is seen as evidence in what happened last year is up and to the right. Oftentimes when we're talking about technology, you know, with analyst reports up and to the right is a good thing. Not so in this case. We saw huge increases in threat vectors, more vectors weaponized per attack sophistication, expansion of threats and IOT devices. Walk us through the overall key findings from 2020 that this report discovered. >> Absolutely. And if yo glance at your screen there you'll see the key findings here where we talk about record breaking numbers. And just in 2020, we saw over 10 million attacks, which, I mean, this is a 20% increase over 2019. And what's significant about that number is COVID had a huge impact. In fact, if we go all the way back to the beginning, right around mid March, that's when the pandemic was announced, attacks skyrocketed and they didn't stop. They just kept going up and to the right. And that is true through 2021. So far in the first quarter, typically January, February is the down month that we observe in DDoS attacks. Whether this is, you know, kids going back to school from Christmas break, you have their Christmas routines and e-commerce is slowing down. January, February is typically a slow month. That was not true in 2021. In fact, we hit record numbers on a month by month in both January and February. And so not only do we see 2.9 million attacks in the first quarter of 2021, which, I mean, let's do the math here, right? We've got four quarters, you know, we're on track to hit 12 million attacks potentially, if not more. And then you have this normal where we said 800,000 approximately month over month since the pandemic started, we started 2021 at 950,000 plus. That's up and to the right and it's not slowing down. >> It's not slowing down. It's a trend that it shows, you know, significant impact across every industry. And we're going to talk about that but what are some of the new threat vectors that you saw weaponized in the last year? I mean, you talked about the example of the Miami-Dade school district but what were some of those new vectors that were really weaponized and used to help this up and to the right trend? >> So there's four in particular that we were tracking in 2020 and these nets aren't necessarily new vectors. Typically what happens when an adversary starts using this is there's a proof of concept code out there. In fact, a good example of this would be the RDP over UDP. So, I mean, we're all remotely connected, right? We're doing this over a Zoom call. If I want to connect to my organization I'm going to use some sort of remote capability whether that's a VPN or tunneling in, whatever it might be, right? And so remote desktop is something that everybody's using. And we saw actors start to kind of play around with this in mid 2020. And in right around September, November timeframe we saw a sudden spike. And typically when we see spikes in this kind of activity it's because adversaries are taking proof of concept code, that maybe has been around for a period of time, and they're incorporating those into DDoS for hire services. And so any person that wants to launch a DDoS attack can go into underground forums in marketplaces and they can purchase, maybe it's $10 in Bitcoin, and they can purchase an attack. That leverage is a bunch of different DDoS vectors. And so adversaries have no reason to remove a vector as new ones get discovered. They only have the motivation to add more, right? Because somebody comes into their platform and says, "I want to launch an attack that's going to take out my opponent." It's probably going to look a lot better if there's a lot of attack options in there where I can just go through and start clicking buttons left and right. And so all of a sudden now I've got this complex multi-vector attack that I don't have to pay anything extra for. Adversary already did all the work for me and now I can launch an attack. And so we saw four different vectors that were weaponized in 2020. One of those are notably the Jenkins that you see listed on the screen in the key findings. That one isn't necessarily a DDoS vector. It started out as one, it does amplify, but what happens is Jenkins servers are very vulnerable and when you actually initiate this attack, it tips over the Jenkins server. So it kind of operates as like a DoS event versus DDoS but it still has the same effect of availability, it takes a server offline. And then now just in the first part of 2021 we're tracking multiple other vectors that are starting to be weaponized. And when we see this, we go from a few, you know, incidents or alerts to thousands month over month. And so we're seeing even more vectors added and that's only going to continue to go up into the right. You know that theme that we talked about at the beginning here. >> As more vectors get added, and what did you see last year in terms of industries that may have been more vulnerable? As we talked about the work from home, everyone was dependent, really here we are on Zoom, dependent on Zoom, dependent on Netflix. Streaming media was kind of a lifeline for a lot of us but it also was healthcare and education. Did you see any verticals in particular that really started to see an increase in the exploitation and in the risk? >> Yeah, so let's start, let's separate this into two parts. The last part of the key findings that we had was talking about a group we, or a campaign we call Lazarus Borough Model. So this is a global DDoS extortion campaign. We're going to cover that a little bit more when we talk about kind of extorted events and how that operates but these guys, they started where the money is. And so when they first started targeting industries and this kind of coincides with COVID, so it started several months after the pandemic was announced, they started targeting a financial organizations, commercial banking. They went after stock exchange. Many of you would hear about the New Zealand Stock Exchange that went offline. That's this LBA campaign and these guys taking it off. So they started where the money is. They moved to a financial agation targeting insurance companies. They targeted currency exchange places. And then slowly from there, they started to expand. And in so much as our Arbor Cloud folks actually saw them targeting organizations that are part of vaccine development. And so these guys, they don't care who they hurt. They don't care who they're going after. They're going out there for a payday. And so that's one aspect of the industry targeting that we've seen. The other aspect is you'll see, on the next slide here, we actually saw a bunch of different verticals that we really haven't seen in the top 10 before. In fact, if you actually look at this you'll see the number one, two and three are pretty common for us. We almost always are going to see these kinds of telecommunications, wireless, satellite, broadband, these are always going to be in the top. And the reason for that is because gamers and DDoS attacks associated with gaming is kind of the predominant thing that we see in this landscape. And let's face it, gamers are on broadband operating systems. If you're in Asian communities, often they'll use mobile hotspots. So now you start to have wireless come in there. And so that makes sense seeing them. But what doesn't make sense is this internet publishing and broadcasting and you might say, "Well, what is that?" Well, that's things like Zoom and WebEx and Netflix and these other streaming services. And so we're seeing adversaries going after that because those have become critical to people's way of life. Their entertainment, what they're using to communicate for work and school. So they realized if we can go after this it's going to disrupt something and hopefully we can get some recognition. Maybe we can show this as a demonstration to get more customers on our platform or maybe we can get a payday. In a lot of the DDoS attacks that we see, in fact most of them, are all monetary focused. And so they're looking for a payday. They're going to go after something that's going to likely, you know, send out that payment. And then just walk down the line. You can see COVID through this whole thing. Electronic shopping is number five, right? Everybody turned to e-commerce because we're not going to in-person stores anymore. Electronic computer manufacturing, how many more people have to get computers at home now because they're no longer in a corporate environment? And so you can see how the pandemic has really influenced this industry target. >> Significant influencer and I also wonder too, you know, Zoom became a household name for every generation. You know, we're talking to five generations and maybe the generations that aren't as familiar with computer technology might be even more exploitable because it's easy to click on a phishing email when they don't understand how to look for the link. Let's now unpack the different types of DDoS attacks and what is on the rise. You talked about in the report the triple threat and we often think of that in entertainment. That's a good thing, but again, not here. Explain that triple threat. >> Yeah, so what we're seeing here is we have adversaries out there that are looking to take advantage of every possible angle to be able to get that payment. And everybody knows ransomware is a household name at this point, right? And so ransomware and DDoS have a lot in common because they both attack the availability of network resources, where computers or devices or whatever they might be. And so there's a lot of parallels to draw between the two of these. Now ransomware is a denial of service event, right? You're not going to have tens of thousands of computers hitting a single computer to take it down. You're going to have one exploitation of events. Somebody clicked on a link, there was a brute force attempt that managed to compromise a little boxes, credentials, whatever it might be, ransomware gets put on a system, it encrypts all your files. Well, all of a sudden, you've got this ransom note that says "If you want your files decrypted you're going to send us this amount of human Bitcoin." Well, what adversaries are doing now is they're capitalizing on the access that they already gained. So they already have access to the computer. Well, why not steal all the data first then let's encrypt whatever's there. And so now I can ask for a ransom payment to decrypt the files and I can ask for an extortion to prevent me from posting your data publicly. Maybe there's sensitive corporate information there. Maybe you're a local school system and you have all of your students' data on there. You're a hospital that has sensitive PI on it, whatever it might be, right? So now they're going to extort you to prevent them from posting that publicly. Well, why not add DDoS to this entire picture? Now you're already encrypted, we've already got your files, and I'm going to DDoS your system so you can't even access them if you wanted to. And I'm going to tell you, you have to pay me in order to stop this DDoS attack. And so this is that triple threat and we're seeing multiple different ransomware families. In fact, if you look at one of the slides here, you'll see that there's SunCrypt, there's Ragnar Cryptor, and then Maze did this initially back in September and then more recently, even the DarkSide stuff. I mean, who hasn't heard about DarkSide now with the Colonial Pipeline event, right? So they came out and said, "Hey we didn't intend for this collateral damage but it happened." Well, April 24th, they actually started offering DDoS as part of their tool kits. And so you can see how this has evolved over time. And adversaries are learning from each other and are incorporating this kind of methodology. And here we have triple extortion event. >> It almost seems like triple extortion event as a service with the opportunities, the number of vectors there. And you're right, everyone has heard of the Colonial Pipeline and that's where things like ransomware become a household term, just as much as Zoom and video conferencing and streaming media. Let's talk now about the effects that the threat report saw and uncovered region by region. Were there any regions in particular that were, that really stood out as most impacted? >> So not particularly. So one of the phenomenon that we actually saw in the threat report, which, you know, we probably could have talked about it before now but it makes sense to talk about it regionally because we didn't see any one particular region, one particular vertical, a specific organization, specific country, none was more heavily targeted than another. In fact what we saw is organizations that we've never seen targeted before. We've seen industries that have never been targeted before all of a sudden are now getting DDoS attacks because we went from a local on-prem, I don't need to be connected to the internet, I don't need to have my employees remote access. And now all of a sudden you're dependent on the internet which is really, let's face it, that's critical infrastructure these days. And so now you have all of these additional people with a footprint connected to the internet then adversary can figure out and they can poke it. And so what we saw here is just overall, all industries, all regions saw these upticks. The exception would be in China. We actually, in the Asia Pacific region specifically, but predominantly in China. But that often has to do with visibility rather than a decrease in attacks because they have their own kind of infrastructure in China. Brazil's the same way. They have their own kind of ecosystems. And so often you don't see what happens a lot outside the borders. And so from our perspective, we might see a decrease in attacks but, for all we know, they actually saw an increase in the attacks that is internal to their country against their country. And so across the board, just increases everywhere you look. >> Wow. So let's talk about what organizations can do in light of this. As we are here, we are still doing this program by video conferencing and things are opening up a little bit more, at least in the states anyway, and we're talking about more businesses going back to some degree but there's going to still be some mix, some hybrid of working from home and maybe even distance learning. So what can enterprises do to prepare for this when it happens? Because it sounds to me like with the sophistication, the up and to the right, it's not, if we get attacked, it's when. >> It's when, exactly. And that's just it. I mean, it's no longer something that you can put off. You can't just assume that I've never been DDoS attacked, I'm never going to be DDoS attacked anymore. You really need to consider this as part of your core security platform. I like to talk about defense in depth or a layer defense approach where you want to have a layered approach. So, you know, maybe they target your first layer and they don't get through. Or they do get through and now your second layer has to stop it. Well, if you have no layers or if you have one layer, it's not that hard for an adversary to figure out a way around that. And so preparation is key. Making sure that you have something in place and I'm going to give you an operational example here. One of the things we saw with the LBA campaigns is they actually started doing network of conasense for their targets. And what they would do is they would take the IP addresses belonging to your organization. They would look up the domains associated with that and they would figure out like, "Hey, this is bpn.organization.com or VPN two." And all of a sudden they've found your VPN concentrator and so that's where they're going to focus their attack. So something as simple as changing the way that you name your VPN concentrators might be sufficient to prevent them from hitting that weak link or right sizing the DDoS protection services for your company. Did you need something as big as like OnPrem Solutions? We need hardware. Do you instead want to do a managed service? Or do you want to go and talk to a cloud provider because there's right solutions and right sizes for all types of organizations. And the key here is preparation. In fact, all of the customers that we've worked with for the LBA extortion campaigns, if they were properly prepared they experienced almost no downtime or impact to their business. It's the people like the New Zealand Stock Exchange or their service provider that wasn't prepared to handle the attacks that were sent out them that were crippled. And so preparation is key. The other part is awareness. And that's part of what we do with this threat report because we want to make sure you're aware what adversaries are doing, when new attack vectors are coming out, how they're leveraging these, what industries they're targeting because that's really going to help you to figure out what your posture is, what your risk acceptance is for your organization. And in fact, there's a couple of resources that that we have here on the next slide. And you can go to both both of these. One of them is the threat report. You can view all of the details. And we only scratched the surface here in this Cube interview. So definitely recommend going there but the other one is called Horizon And netscout.com/horizon is a free resource you can register but you can actually see near real-time attacks based on industry and based on region. So if your organization out there and you're figuring, "Well I'm never attacked." Well go look up your industry. Go look up the country where you belong and see is there actually attacks against us? And I think you'll be quite surprised that there's quite a few attacks against you. And so definitely recommend checking these out >> Great resources netscout.com/horizon, netscout.com/threatreport. I do want to ask you one final question. That's in terms of timing. We saw the massive acceleration in digital transformation last year. We've already talked about this a number of times on this program. The dependence that businesses and consumers, like globally in every industry, in every country, have on streaming on communications right now. In terms of timing, though, for an organization to go from being aware to understanding what adversaries are doing, to being prepared, how quickly can an organization get up to speed and help themselves start reducing their risks? >> So I think that with DDoS, as opposed to things like ransomware, the ramp up time for that is much, much faster. There is a finite period of time with DDoS attacks that is actually going to impact you. And so maybe you're a smaller organization and you get DDoS attacked. There's a, probably a pretty high chance that that DDoS attack isn't going to last for multiple days. So maybe it's like an hour, maybe it's two hours, and then you recover. Your network resources are available again. That's not the same for something like ransomware. You get hit with ransomware, unless you pay or you have backups, you have to do the rigorous process of getting all your stuff back online. DDoS is more about as soon as the attack stops, the saturation goes away and you can start to get back online again. So it might not be as like immediate critical that you have to have something but there's also solutions, like a cloud solution, where it's as simple as signing up for the service and having your traffic redirected to their scrubbing center, their detection center. And then you may not have to do anything on-prem yourself, right? It's a matter of going out to an organization, finding a good contract, and then signing up, signing on the dotted line. And so I think that the ramp up time for mitigation services and DDoS protection can be a lot faster than many other security platforms and solutions. >> That's good to know cause with the up and to the right trend that you already said, the first quarter is usually slow. It's obviously not that way as what you've seen in 2021. And we can only expect what way, when we talk to you next year, that the up and to the right trend may continue. So hopefully organizations take advantage of these resources, Richard, that you talked about to be prepared to mediate and protect their you know, their customers, their employees, et cetera. Richard, we thank you for stopping by theCube. Talking to us about the sixth NetScout Threat Intelligence Report. Really interesting information. >> Absolutely; definitely a pleasure to have me here. Lisa, anytime you guys want to do it again, you know where I live? >> Yes. It's one of my favorite topics that you got and I got to point out the last thing, your Guardians of the Galaxy background, one of my favorite movies and it should be noted that on the NetScout website they are considered the Guardians of the Connected World. I just thought that connection was, as Richard told me before we went live, not planned, but I thought that was a great coincidence. Again, Richard, it's been a pleasure talking to you. Thank you for your time. >> Thank you so much. >> Richard Hummel, I'm Lisa Martin. You're watching this Cube conversation. (relaxing music)

(upbeat music) >> Narrator: From around the globe, it's theCUBE with digital coverage of AWS Public Sector Online brought to you by Amazon Web Services. >> Welcome back to theCUBE's coverage of AWS Public Sector Summit Online. I'm John Furrier, your host of theCUBE. I wish we could be there in person, but we're doing remote because of the COVID and the pandemic. We've got a great guest, Paul Grist. Worldwide Public Sector, Head of Education International for AWS. Paul, thank you for coming on remotely. >> Great to be here, John. >> There's a lot of disruption in the education space this year with universities and schools still uncertain about what the future will look like. What are some of the biggest trends you're seeing? >> John, what we've seen is the rapid adoption of technology and the growth of flexible online learning, learning that can take place anytime, anywhere. What we've seen is universities, national education systems, and schools rapidly migrating systems and content to the cloud, spinning up new applications. And we've seen companies that provide technology and content and platforms, the ed techs and publishers of the world, increasing their capacity, increasing their capability to deliver new applications to education. >> What is some of this research that you're finding out there? >> Yeah. You know, a time of much change and things happening very, very fast. We responded fast to the changes, John. Got a load of customer conversations together, looking at speeches by educationalists who were responding to the changes at some of the online events that spun up very quickly at places like the University of Buckingham, ASU, JSV, Inside Higher Education, places like Blackboard World. And really just talked to those leaders about their responses to the change, what kinds of things they were doing, and brought that together into the research. It's underpinned by some in-depth research and insights from education reports and articles too. >> Thanks Paul, really appreciate it. Having that research is critical. I know you guys do a lot of work on that. I know you got some news, take a quick plug for the new research that's coming out. You guys just put out today, just take a minute to quickly explain what it's about and how to find it. >> We're publishing today some new research that shows the seven key emerging trends in this new world of education. Check it out on the AWS website. Two key trends, flexible learning and the new world of employability. >> So you guys got a lot of data. It's great with Amazon, got a lot of customers. Good to see you guys getting that research. The question I have for you Paul is, what amount of the research shows really the COVID situation? Because there's before COVID, there's kind of during, and then there's going to be a post-COVID mode. Was that prior research in place with COVID or after COVID? Can you share kind of the update on the relevance of your research? >> Yeah, I think the sector has changed. The sector has gone through the fastest change it's ever gone through. And undoubtedly most of the issues, most of the challenges and opportunities in the sector, predate the pandemic. But what we've seen is COVID accelerate many of the challenges and the opportunities, but also bring new opportunities. >> Yeah, one of the things we've seen with education is the disruption, and the forcing function with COVID. There's a problem, we all know what it is. It's important, there's consequences for those. And you can quantify the disruption with real business value and certainly student impact. There's been downsides with remote education. More teacher-parent involvement and students having to deal with isolation, less social interaction. How do you guys see that? Or what is Amazon doing to solve these problems? Can you talk about that? >> Yeah. I think you know, education is very much a people business. And what we've been trying to do is partner with organizations to ensure that the people are kept at the center of the business. So working with organizations such as LS, sorry, Los Angeles United School District in the US to spin up a call center to allow students to contact their tutors. And parents to interact with tutors, to get questions answered. >> So one of the challenges these academic institutions are facing is speed, it's pace of change. What's going on with competition? How are they competing? How are universities and colleges staying relevant? Obviously there's a financial crisis involved. There's also the actual delivery aspect of it. More and more mergers. You're starting to see ecosystem changes. Can you talk about what's going on in the educational ecosystem? >> Yeah I mean, educational institutions are being forced to rethink their business models. It's an international marketplace in higher education. It's been a growing marketplace for many, many years. That suddenly stopped overnight, so every university has had to rethink about where their revenues are coming from, where the students are coming from. There's been some surprises too. I mean in the UK, actually international enrollments are up post-COVID because one of the strange side effects of COVID is without being able to travel, there's actually a cost saving for students. And so we've seen universities in the UK benefit from students who want to study, perhaps travel and the cost of study was too high previously. Now being able to study remotely. It's an unexpected and unintended consequence. But it kind of shows how there are opportunities for all organizations during this time. >> Many countries had to cancel exams altogether this year, which has been a big, huge problem. I mean people are outraged and people want to learn. It's been, you know, the silver lining in all this is that you have the internet (laughs). You have the cloud. I want to get your thoughts. How are universities and schools dealing with this challenge? Because you have a multi-sided marketplace. You've got the institutions, you've got the students, you got the educators, they all have to be successful. How are universities dealing with this challenge? >> Yeah I think, you know, teaching and learning has been online for 20, 30 years. And I think a lot of organizations have adopted online teaching and learning. But I think assessment is the one big area of education that remains to be made available at scale at low cost. So most assessment is still a pen-and-paper-based. There's big trust and identity issues. And what we're seeing through this COVID change is organizations really getting to grip with both of those issues. So, having the confidence to put assessment online, to make it available at scale, and then also having the confidence to tackle trust and identity questions. So who is taking the exam, where are they sitting? Can we be sure that it's actually that person taking that exam? So you know, the rise of things like proctoring technologies giving organizations the opportunity to assess remotely. >> How has this crisis affected research at academic institutions? Because certainly we know that if you need a lab or something, certainly we're seeing students need to be physically in person. But with remote and all those changes going on with the scale and the pace of change, how has research at academic institutions been impacted? >> Yeah I mean, research has always been a really collaborative activity, but we've seen that collaboration increase. It's had to increase. Researchers have had to go remote. Many of them work in labs. They haven't been able to do that. They've needed to spin up applications and new technologies in the cloud to continue working. But what we're seeing is governments taking an increased interest in the research being applicable, making sure that it leads to innovation which is meaningful. Getting much more involved and insisting that the research is made available now. And of course there's no place that that's clearer than in health research and trying to find a cure for COVID. And then secondly, we're seeing that research is becoming much more collaborative not just across institutions but also countries. So one of the great projects we're involved in at the moment is with the University of Adelaide who are collaborating with researchers from the Breeding and Acclimatization Institute in Poland on a project to study the increase in crop yield of wheat. >> One of the things that's coming out of this, whether it's research or students is open online courses, virtual capabilities. But a concept called stackable learning. Can you explain what that is? >> Yeah. We're in a global marketplace in education and there's increased competition between universities and education providers to make new types of certificates and online badges available. We know that employers are looking for ever more agile methods of scaling and upskilling. And stackable learning is a concept that's been around for a couple of decades now, where learning is broken down into smaller chunks, put together in a more personalized way from a number of different providers. Spun up very, very quickly to respond to need and then delivered to students. We're seeing some of the big providers like edX and Coursera who, again have been around for over a decade become really prominent in the provision of some of these stackable credentials. Their systems run on the cloud. They're easy to access, in many, many cases they're free. We're seeing an increasing number of employers and education institutions adopt and embed these types of delivery systems into their curriculum. >> Totally a fan of stackable learning, it's called the Lego model, whatever I call it. But also online brings the nonlinear progressions. The role of data is super important. So I'm very bullish on education being disrupted by cloud providers and new apps. So you know, I wanted to call that out because I think it's super important. Let me get to a really important piece that it has to be addressed, and I want to get your thoughts on. Cyber security. Okay, cyber attacks and privacy of students are two areas that are super important for institutions to address. What's your reaction to that? >> Yeah, I mean the use of more technology becomes, you know again, a target for cyber attack and unfortunately it's an increasing phenomenon. Simply put, every organization needs to put security first. Needs to operate as a security-first organization. They need to adopt technologies, people and processes that can protect their investments. And work with data management vendors, cloud vendors who've got the compliances and the common privacy and security frameworks such as GDPR in place to make sure that they provide secure services. AWS's security offerings include auditing, login and identity management, data encryption capabilities that offer more transparency and control, to allow institutions protect student data. >> Super important, thanks for sharing. Finally, what's the steps institutions can take to close the digital divide because now some people are taking gap years. Research is changing. People might not even have PCs or internet connections. There's still, this exposes the haves and have nots. What steps can institutions take to do their part? >> Yeah, digital learning is here to stay, John. We've learned that many learners do not have access to technology necessary for online learning. Whether those are devices or a reliable internet connection. But again, you know governments, states, educational authorities have all turned their attention to these issues over the last few months. And we're seeing organizations partner with technology providers that can provide internet connections. Partners in AWS, such as Kajeet who've installed hotspot devices on buses to deploy in areas with no connectivity. You know whether that's a place like Denver, Colorado or whether it's a place, you know, in Nigeria in Africa, remote connection remains a problem everywhere. And we're seeing everybody addressing that issue now. >> Paul, great to have you on theCUBE and sharing your insights on what's going on in international education. Final question for you. In your own words, why is this year at the AWS Public Sector Summit Online important? What's the most important story that people should walk away in this educational industry? >> The most important story, John, is it's a time of incredible change but also incredible opportunity. And we're seeing organizations who have wanted to change, who've wanted to deliver more to their students, who want to deliver a greater experience, who want to access more students and have much greater reach. Now with the appetite to do that. re:Invent is a great opportunity to work with AWS, to understand what's going on with our partners, with our customers. And look at some of the common solutions for the challenges that they're looking to solve. >> Paul Grist, thank you for coming on theCUBE. Really appreciate it. Worldwide Head of Education for International AWS. Thank you for sharing. >> Thanks John, great to be here. >> Okay, this is theCUBE's coverage of AWS Public Sector Online Summit. Remote, virtual, this is theCUBE virtual. I'm John Furrier, your host. Thanks for watching. (upbeat music)

>>from around the globe. It's the Cube with digital coverage of next level network experience event brought to >>you by info blocks. Okay, welcome back, everyone. This is the Cube's coverage of the next level networking experience. Virtual event within four blocks. I'm John Furrow, your host of the Cube. We're here in our Palo Alto, Calif. Studios as part of our remote access during Covic, getting the interviews and the stories and sharing that with you. We got a great guest here, then savages the network operations manager at Morgan School District in Utah. A customer of info blocks to share a story. Then thanks for coming on. >>Thanks for having >>me. First of all, the Red Sox had a plus interview. I would say right now is gonna go great. Go Sox. Which baseball was in season. Great to have you on. Um, >>we'll get there. We'll >>get there. Um, my Yankee fans say when I say that. But anyway, Miss baseball, um, you know. But that brings up covert 19 baseball season sports. Life has been impacted. Your district. Like many school districts around the world, we're told to shut down, send workers home. That meant sending kids home, too. So we got the educators, get the administration, and you've got the kids all going home. >>Yeah. >>What did you do to keep things going? Because then stop. They had to do the remote learning and new things were emerging. New patterns, new traffic, new kinds of experiences. What did you learn? What's going on? >>Well, first we tried to lock the doors and pretend we weren't there, but they found us. Um, really? I mean, real quickly in our school district, we're not a 1 to 1 operation, so the, uh that caused a big change for us. Um, we had to quickly adapt. And we chose to use chromebooks because that's what we have for the students to use in their classes. So getting that, uh, squared away and send out into the family's was was a big challenge. But then on top of that being the school district, we then had to decide. Okay, how do we protect and filter provide the filtering that the students are gonna need even though they're at home? So there's some relative safety there when they're online and and accessing your email and things like that. So those were. Our two are probably our two. Biggest hurdles was, you know, ramping up the devices and then and then providing, making sure, you know, the network access from a filtering and consistency standpoint was going to work. >>You know, I got to ask you because I see this kind of disruption you don't You don't read about this in the i t. Manual around disaster recovery and, you know, disruption to operations. But essentially, the whole thing changes, but you still got to connect to the network, DNS. You gotta get the access to the content. You got content, you get systems. You got security all to be managed while in flight of dealing with connection points that remote. So you've got the disruption and the craziness of that, and then you've got this big I o t experiment basically edge of the network, you know, in all over the place. You know, on one hand, you kind of geek out and say, Wow, this is really kind of a challenge is an opportunity to solve the problem at the same time, you know, What do you do? So take us through that because that's a is a challenge of locking down the security in a borderless environment. People are everywhere. The students business has to get done. You got to resolve to. The resource is >>so thankfully, we had migrated If it blocks several years ago. Um and just this last, I would say in October, I finally got us on. Ah, cloud the blocks. One threat defense Cloud portion of it too. So from a security standpoint, we already had a really good, um foundation in place from both the DNs aspect and the DNS security aspect. Um so that was to be honest, most users. It was seamless transition. In many regards, both users didn't even realize they were being, You know, pushed through the info blocks is cloud DNs server, you know, which was providing security and filtering. So that was a big plus for us because it it was less man hours. We had to spend troubleshooting people's DNS resolutions. Why sites Wouldn't you know? Maybe they weren't being filtered correctly. All that was was to be honest, perfect. Where other platforms we had previously were just a nightmare to manage, >>like, for example, of the old way versus the new way here and marital, is it? What files configuration will take us through? What? You >>know, it was like a separate. It was a separate product content filter that works in conjunction with the firewall. Um, and I'm not going to name the company's name. I don't want, you know, even though many company but it seemed with that product we were spending, on average about 3 to 4 hours a day fixing false positives just from a filtering aspect because it would interfere with the DNS. And it does. It didn't really do it. I mean, how it filters is not based on DNS. Totally right. So by migrating temple blocks are DNS and the filtering the security is all handling at the DNs level. And it was just much more, um, to be I mean, frankly, honestly, is much more invisible to the end user. So >>more efficient. You decouple filtering from DNs resolution. Got it. All right, this is the big topic. I've been talking with info blocks people on this program in this event is on how this new d d I layer DNs d XP and I p address management kind of altogether super important. It's critical infrastructure Yeah. No spoilers, Enterprise. You're borderless institution. Same thing you go to school as a customer. How does the d I lay out this foundational security play for delivering this next level experience? What's your take on that? >>Well, for our like, for a school platform, we we use it in a number of ways. Besides, I mean, the filtering is huge, but just for the ability, like, for example, one of the components is is response policy zones or DNS firewalls what they call it, and that allows you one to manage, um, traditional, like DNS names, right? P addresses you can. You can manage those by creating essentially a zone that is like a white list of blacklist rewrite. So you've got a lot of control, and again it's filtering at the DNs level, so it's looking based on DNS responses inquiry. The other aspect of that is, is the feeds that you receive from info blocks. So by subscribing to those, we, um we have access to a lot of information that info Blocks and their partners have created identifying, you know, bad actors, malware attack vectors based on again DNs, uh, traffic, if you will, and so that takes a load office. Not having to worry. I'm trying to do all that on our own. I mean, we've seen a lot of attacks minimized because of the feeds themselves. So that again frees us up. We're a very small school district. In some regards, there's a I am the only network person in the district, and there's like, a total of four of us that manage, you know, kind of the support aspect. And so, being able to not have to spend time researching or tracking down, you know, breaches and attacks as much because of the DNS. Security frees me up to do other things, you know, like in the more standard networking realm, from a design and implementation. >>Great. Thanks for sharing that. I want to ask about security as a very competitive space security here and everyone promising it different things at different security things. You know, by I gotta ask you, why did you guys decide to use info blocks and what's the reason behind it? >>Well, to be frankly honest, I'm actually in info blocks trainer and I've been training for 15 years, so I kind of had an agenda when I first took this job to help out the school district. In my experience, I've been doing working in networking for over 20 years. And in my experience, I ever boxes one of the most easy and in best managed DNS solutions that I've come across. So, um, you know, I might be a little biased, but I'm okay with that. And so I I pushed us to be honest, to get there and then from the security aspect has all that has evolved. It just makes to me it makes sense. Why not wrap the more things you can maybe wrapped together. And so you know, when you're talking about attacks, over 90% of attacks use DNS. So if I have a solution that is already providing my DNS and then wraps the security into it, it just makes the most sense for me. >>Yeah. I mean, go back. The info box is DNA. You got cricket. Liu Stuart Bailey, the founder, was this is zero. This didn't just wake up one day and decided to start up these air practitioners early days of the Internet. They know DNS cold and DNS is we've been evolved. I mean, and when it needs that when you get into the DNS. Hacks and then you realize Okay, let's build an abstraction layer. You've seen Internet navigation discovery, all the stuff that's been proven. It is a critical infrastructure. >>Well, and to be honest, it's It's one of those services that you can't can't filter the firewall right. You have to have it. You have to. It's that foundation layer. And so it makes sense that Attackers air leveraging it because the fire will has to let it through in and out. And so it's a natural, almost a natural path for them to break in. So having something that speaks native DNS as part of your security platform makes more sense because it it can understand and see those attacks, the more sophisticated they become as well. >>So I gotta ask you, since you're very familiar info blocks and you're actually deploying its great solution. But I got this new DD I Layer, which is an abstraction, is always a great evolution. Take away complexity and more functionality. Cloud certainly cloud natives everywhere. That's but if it's for what is the update, if if I'm watching this month, you know I've been running DNS and I know it's out there. It's been running everything. And I got a update, my foundation of my business. I got to make my DNS rock solid. What's the new update? What's info blocks doing now? I know they got DNS chops seeing that on it. What's new about info blocks? What do you say? >>Well, it's, you know, they have a couple things that they've been trying to modify over the last several years. In my opinion, making more DNS like a you know, like software as a service, you know, service on demand, type of approach. That's a yes. So you have the cloud components to where you can take a lot of the heavy lifting, maybe off of your network team's shoulders. Because it is, it is. Um, I think people will be surprised how many customers out there. I have, ah, teams that are managing the DNS and even the D HCP aspect that that's not really what their experiences and then they don't They don't have, ah, true, maybe background Indians, and so having something that can help make that easier. It's almost, you know, hey, maybe used this term it almost sounds like it's too simple, but it's almost like a plug and play approached for some. For some environments, you know you're able to pop that in, and a lot of probably the problems they've been dealing with and not realizing what the root cause was will be fixed. So that's always a huge component with with info blocks. But their security is really what's come about in the last several years, Um, and and back as a school district, you know, our besides securing traffic, which every customer has to do, um, we have our you know, we're We have a lot of laws and regulations around filtering with with students and teachers. So anyone that's using a campus own device And so for us this I don't think people realized that the maturity that the filtering aspect of the blocks one defence now it's it's really evolved over the last couple of years. It's become a really, really good product and, like I said earlier, just work seamlessly with the data security. So it is going to be using >>an SD Wan unpacked everything. You go regular root level DNs is it? So I gotta ask you. How is the info blocks helping you keep network services running in system secure? >>Well, I think I think we're more on just the DNs d It does R d eight DNS and DCP. So from that standpoint, you know, in the five years almost we've been running that aspect. We have had very little if if maybe one or two incidents of problems with, you know from a DNS TCP so so are our users are able to connect, you know, when they turn on their computer To them, the Internet's up. You know, there's no there's no bumps in the road stopping them from from being able to connect. So that's a huge thing. You know, you don't have to deal with those Those constant issues again is a small team that just takes time away from the big projects. You're trying to, um, and then to the being able to now combine things. Security filtering solution. Uh, that alone has probably saved us. Oh, we'll probably you know, upwards of 500 man hours in the last eight months. So where normally we would be spending those hours again, troubleshooting issues that false positives, things like that. And there's a small team that just sucks the life out of you when you have to. You always spend time on that. >>I mean, you always chasing your tails. Almost. You want to be productive. Automation plays >>a >>key role in that, >>right? Yeah. >>So I got to ask you, you know, just a general question. I'm curious. You know, one of the things I see is sprawling of devices. WiFi was a great example that put an access point up a rogue access point, you know, as you get more connections. De HCP was amazing about this is awesome. But also, you had also de HCP problem. You got the the key Management is not just around slinging more d HDP around. So you got the trend? Is more connections on the eyepiece? Not how does info blocks make that easier? Because for people who may not know, the DNS ends announcing TCP and IP address management. They're all kind of tied together. Right? So this >>is the >>magic of DD I in my head. I want to get your thoughts on how you see that. Evolving. >>Yeah, I think that's another kind of back twice. It's kind of almost like a plug and play for a lot of customer environments. They're getting, you know, you're getting the DSP, DNs and eye Pam all wrapped in once you have this product that speaks, well, those languages, if you will and that And, um along with some of the reporting services and things of that nature. Um, when I look for, like, a Mac address in my influx database, I'm not just going to get ah, Mac address and what the i p addresses. I'm not just going to get the DNs like the host name. Maybe you know, the beauty and fully qualified domain name. Either I have the ability to bring in all this information that one. The client is communicating with the DCP DNS server on top of things like metadata that you can configure in the database to help really color in the picture of your network. So when you're looking at what device is using this I p when we talk about rogue devices or things like that, uh, I can get so much more information out of info blocks that almost almost to the point where you're almost being able to nail down the location of where the devices that even if it's a wireless client because it works in conjunction with some of our wireless appointments, too. So within, you know, a matter of minutes we have almost all the information we would need to take whatever action is appropriate for something like that, that getting used to take us hours and hours to troubleshoot. >>Appreciate a lot of the other interviews I've done with the info blocks, folks. One of the things that came out of them is the trailing. You can see the trail they're getting. They got to get in somewhere. DNS is the footprints of there you got? That's the traffic, and that's been helping on a potential attacks in D DOS is, for example, no one knows what that is, but DNS is what he said. A lot of the surface areas, DNS. With the hackers are makes it easier to find things. >>Well, you know, by integrating with the cloud I've I've got, you know, that the cloud based with the blocks one, it added a advanced DNS security, which helps protect skins Adidas as well as any cast to help provide more availability because I'm pushing on my DNs traffic through those cloud servers. It's like I've I'm almost equivalent of a very large organization that would normally spend millions of millions of dollars trying to do this on their own. So I'm getting the benefits and kind of the equivalent from that cloud hybrid approach that normally we would never have have. The resource is, >>Well, then I really appreciate you taking the time out of your busy day to remote into the Cube studios. Talk about next level networking experience, so I want to just ask you, just put your experience hat on. You've been You've seen some waves. You've seen the technology evolve when you hear next level networking and when you hear next level networking experience almost two separate meetings. But next level networking means next level. Next level networking experience means is some experience behind it. One of those two phrases mean to you next level networking and next level networking experience. >>Well, to me, I always look at it as the evolution of being able to have a user experience that's consistent no matter where you're located, with your home in your office and special with in today's environment. We have to be able to provide that consistent experience. But what I think what a lot of people may not think about or my overlook if you're just, you know, more of an end user is along with that experience, it has to be a consistent excess security approach. So if I'm an end user, um, I should be able to have the access the, um and the security, which, you know, you know, filtering all that fun stuff to not just allow me the connectivity, but to bring me, you know, that to keep the secure wherever I met. And ah, um, I think schools, you know, obviously with code and in the one the one that everyone was forced to do. But I think businesses And generally I think that's, you know, years ago, Cisco when I worked with Cisco, we talked about, you know, the remote user of the mobile user and how Cisco is kind of leading, uh, the way on that. And I think, you know, with the nature of things like this pandemic, I think being able to have your your users again have that consistent experience, no matter where they're at is going to be key. And so that's how I see when I think of the network evolution, I think that's how it it has to go. >>Well, we appreciate your your time sharing your insights Has a lot of a lot of people are learning that you've got to pour the concrete to build the building. DNS becoming kind of critical infrastructure. But final question for you. I got you here, you know? How you doing? Actually, schools looks like they're gonna have some either fully virtual for the next semester or some sort of time or set schedule. There's all kinds of different approaches. This is the end of the day. It's still is this big i o t experiment from a traffic standpoint. So new expectations create new solutions. What do you see on the horizon? What challenges do you see as you ride this way? Because you've got a hold down the fort, their school district for 3000 students. And you got the administration and the faculty. So you know What are you expecting? And what do you hope to see Evolve Or what do you want to stay away from? What's your opinion? >>I think? I think my my biggest concern is, you know, making sure our like, our students and staff don't, uh, you know, run into trouble on by say that more from, you know, you know, by being, you know, being exposed to attacks, you know, their data with Delta becomes, you know, comes back to our data as a district. But, you know, the student data, I think I think, you know, with anything kids are very vulnerable. Ah, very role, vulnerable targets for many reasons. You know, they're quick to use technology that quick to use, like social media, things like that. But they're they're probably the first ones to do security Does not, you know, across their mind. So I think my big my big concern is as we're moving this, you know, hybrid, hybrid approach where kids can be in school where they're going to be at home. Maybe they'll change from the days of the week. It'll fluctuate, uh, keeping them secure, you know, protecting them from themselves. Maybe in a way, if I have to be the guy is kind of the grumpy old dad it looked at. I'm okay with wearing that hat. I think that's my biggest. Our concern is providing that type of, uh, stability and security. So parents at the end of that could be, you know, I have more peace of mind that their kids you know, our online even more. It's great >>that you can bring that experience because, you know, new new environments, like whether it zooming or using, try and get the different software tools that are out there that were built for on premise premises. You have now potentially a click here. Click there. They could be a target. So, you know, being safe and getting the job done to make sure they have up time. So the remote access it again. If you've got a new edge now, right? So the edge of the network is the home. Exactly. Yeah. Your service area just got bigger. >>Yeah. Yeah, we're in. You know, I'm everybody's guest, whether they like it or not. >>I appreciate that. Appreciate your time and good luck. And let's stay in touch. Thanks for your time. >>Hey, thanks for having me. You guys have a good rest of your weekend? Day two. State State. >>Thank you very much. It's the Cube's coverage with info blocks for a special next level networking experience. Pop up event. I'm John for the Cube. Your host. Thanks for watching. Yeah, yeah, yeah.

>>from around the globe. It's the queue with digital coverage of AWS Public sector online brought to you by Amazon Web services. >>Everyone welcome back to the Cube's coverage of AWS Public sector summit. Virtual, of course, is the Cube virtual. We're here sheltered in place in our quarantine studio. I'm John Furrier, host of the Cube. Got a great guest here? Cube Alumni. Can Eisner, Who's the director of worldwide education programs for AWS Amazon Web services? Ken, great to see you. Thanks for coming on. This could be a great segment. Looking forward to chatting. >>Thanks so much, John. Great to talk to you again. >>You know, I'll say, Cube Virtual public sector summit Virtual. We've been virtualized as a society. I'll see the pandemic and all the things that is going on around has been pretty crazy. And one of the things that's most notable is the impact on Education. New York Times This morning and many published reports around the impact College education. Not only economics on the campus aside, the state of the people in the society and Covert 19 is pushed schooling online for the foreseeable future. What's your reaction is you're in charge you've done a lot of work on the foundational level to get Amazon educational programs out there. Take a minute to explain how how this has impacted you guys and your ability to bring that educational stuff to the to the foreseeable future. >>Yeah, the first thing I'd say is this This truly is an absolutely unprecedented time There. Move from virtual instruction. Excuse me from in person classroom instruction into the virtual world at such amazing scale, rapidity is something that educational institutions weren't ready for that couldn't be ready for at this time. We had to enter it with amazing lump levels of empathy for what was going on on the ground in K 12 schools and higher ed schools with our educational technology and publisher providers. So I think the first thing was we had or for the speed at which it happened, we did have to step back and look at what was going on. There are some changes that are happening in the immediacy, and there are some things that Corbett, 19 is has sped educational institutions around the world to look at. An AWS is working with those K 12 providers, higher educational providers teachers and so on on that switch, whether it's providing infrastructure that move into online learning, helping teachers as they prepare for this sort of new normal you some of examples of what has happen. We've been working with the University of Arizona. Help them stand up contact centers with the onset of of cove it and students and teachers. It's being pushed into their home environment or into virtual environments to give instruction to receive instruction. There have been a lot of calls that happen in virtual environments to staff to help them support this. And so we stood up with the University of Arizona and Amazon Amazon Connect help staff provide mobile solutions through the cell phone or computer for for students. >>I want to get your thoughts. Absolutely. I talked to Andy Jassy about this as well as well about agility. This is the Amazon wheelhouse, and you guys have gone into the I T world now developers. You went cloud native, you in that market. He won the enterprise I t market. But the reason why is that you took an old school outdated, antiquated system of I t and made it agile. That seems enough This is the country with Teresa and Andy about education in public sector. The modernization is happening, but there's also the triage and you guys have to do now in terms of getting people online. So what specifically are you doing to help education customers continue their instruction online? Because they still got to execute. They still need to provide this discussion around the fall window Coming up. You got to have the foundational things. I know you've done that, but it is hard. So what's the downstream triage when you come out of this mode of Okay, here you go. And how do you get people set up and then how they transform and re invent? >>Yeah, at this time, the disaster recovery from how do you get in that phase one with this immediate move was so prominent. And we're trying to work through that phase one and sort into sort of phase two delivery of education, which is you're moving with scale moving with agility into this world, speed and agility are really going to be the new normal for education. There were some advances that just weren't happening quick enough. Students should always have access to 24 7 learning, um, and access into that mobile arena. And they weren't having that several things that we did was we looked at our infrastructure were some of those key infrastructure elements that helped with both learning and work remotely. There were things such as Amazon, your work Doc's, which enables thieves virtual our workspaces, which enable virtual desktop environments, and appstream, which enables it APs to be streamed through virtual arena onto your removal or your desktop. Yeah, Amazon connect as I. As I mentioned before, there were services that were vital in helping speed into the cloud that was quick burst into the cloud. And so we enabled some of those services to have special promotional free rates or a given time period, and we have actually now extended that offer a into the fall into September 30th. So first we have to help people really quickly with educators. So I run this program AWS Educate, which is Amazon's global program. To provide students and educators around the world with resource is needed, help them get into cloud learning. But what we saw was that teachers around the world we're not prepared for this massive shift what we did to help that preparedness is we looked at our educators. We found that we did a survey over the weekend and found that 68% of them had significant experience or enough experience in teaching distance or online virtual education, too. Potentially leverage that for other educators around the world. So we and the other thing is teachers are really eager to help other teachers in this move, especially as they saw and they empathize with With her was the panic. Our confusion are best practices and moving into that online arena. So we saw both that they had that experience in a mass willingness to help other people, and we immediately spun up a Siri's of educator and educator help tools, whether it was a Morris Valadez are No a gift, and Doug Berman providing webinars and office hours for other educators around the world. We also did a separate tech talks offering for students. So there were there was the helping scale, whether it's getting blackboard as they ramped up to over 50 x of their normal load in 24 hours to help them deliver on that scale, whether it waas the Egyptian ministry that was trying to had to understand. How could they help students access the information that they need it in speed? And they worked with thinkI, which is a net educational technology provider, to provide access to 22 million students who needed to get access online or whether it was the educator mobilization initiative that we ran. Threat US of AWS Educate Helps Teachers have the resource is that they need it with the speed that they needed to get online. This is we are working. We're learning from our customers. As this happens, this is a moving target. But when I move from this immediacy of pushing people into the virtual space into what's gonna happen this summer, as students need toe recapture, learning that they might have lost in the spring are depending where you are worldwide. There's getting to your point all K 12 higher ed and educational technology providers into the position where they can act with that agility and speed. And it's also helping those educators as they go through this. We're learning from our customers every day. >>Yeah, I want to get into those some of those lessons, but one of things that will say, You know, I'm really bullish about what you do. Getting cloud education, I think, is going to change the literacy and also job opportunities out there. I'm a huge believer that public sector is the next growth wave, just like I t was. And it's almost the same movie, right? You have inadequate systems. It's all outdated. You need these workloads, need to run and then run effectively, which you guys have done. But the interesting thing with Cove it is it essentially exposes the scabs and the uh out there because, you know, online has been an augmentation to the physical space. So when you pull that back, people like me go, wait a minute. I have kids. I'm trying to understand their learning impact. Everyone sees it now. It's almost like it's exposed. Whether it's under provisioned VP ends or black boys networking and everyone's pointing their fingers. It's your fault and its the end. So you brought this up. There's now stakeholders whose jobs depend upon something that's now primary that wasn't primary before. Whether it's the presenter, the content presented the teacher certainly high availability. I t. Um >>all these things >>are just under huge pressure. So I gotta ask you, what are the key lessons and learnings that you have seen over the past few months that you could share because people are shell shocked and they're trying to move faster? >>Yeah. So first of all is speed and agility and education are the new normal. They should have been here for a while. They need to be here now when you've got a 30 year textbook, your ruling over education when students need to get the skills of tomorrow. Today we need to be adapting quickly in order to give those students the skills to give educational institution those opportunities. Every institution needs to be enable virtual education. Every institution needs to have disaster recovery solutions and they weren't in place. These solutions need to be comprehensive. Students need access to devices. Teachers need access to professional development. We need contact centers. We worked with Los Angeles Unified School District not just to stand up a contact center, which we did with yeah, Amazon connect. But we also connected their high school seniors too, with headphones. I think we provide 132,000 students with headphones. We are helping to source with through our Amazon business relationship devices for everybody. Every student needs access in their home. Every student needs access to great learning and they needed on demand. Teachers need that readiness. I think the other thing that's happening is the whole world is again speeding through changes that probably should have happened to the system already that virtual learning is vital. Another thing that's vital is lifelong learning. We're finding that and we probably should have already seen. This is everybody needs to be a student throughout their entire life, and they need to be streaming in and out of education. The only way that this could be properly done is through virtual environments through the cloud and through an access to on demand learning. We believe that this that the work that's being done I was actually talking to some people in Australia the other day and they're saying, You know, the government is moving away from degree centrist city and moving into a more modular stackable education. We've been building AWS educate to stack to the job to stack to careers, and that type of move into education, I think, is also being spent So were you were seeing the that move Apple absolutely accelerate. We're also seeing the need to accelerate the speed to research. Obviously with what's going on going on with Kobe 19 there is a need for tools to connect our researchers two cures to diagnostic, um, opportunities. We worked with the University of British Columbia, Vancouver General Hospital and the Vancouver I Get this thing, the Vancouver Coastal Health Research UNE Institute to develop to use Amazon sage maker to speed ai diagnostic tool so that pushed towards research is absolutely vital as well. We just announced a $20 million investment in helping you speak that that research to market so education needs to operate at scale education needs to operate at speed, and education needs to deliver to a changing customer. And we've got to be partners on that journey. >>And I think I would just add reinvent a word. You guys name your conference after every year. This is a re invention opportunity. Clearly, um, and you know, I was talking to some other parents is like, I'm not going to send my kids to school online learning for zoom interview, zoom, zoom, zoom classes. I'm like, Hey, you know, get a cloud data engineering degree from Amazon educate because they'll have a job like that. Once you put on linked in the job skills are out there. The jobs are needed. Skills aren't so. I got to ask you, you know, with this whole re Skilling, whether it's a Gap year student in between semesters, while this takes care of our up Skilling people on the job, this is huge world economic form said by 2020 half of the employees will need to be re skilled up skilled. This is a huge impact and even more focus with covert 19. >>That's absolutely correct. Yeah, I think one thing that's happening is we're cloud computing has been the number one Lincoln skill for the past four or five years. The the skill. Whether it's software development in the cloud cloud architecture, your data world, our cyber security and other operational rules, those are going to be in the most demand. Those are the skills that are growing. We need to be able prepare people for rules in technology. The lifelong worker, the re skill up skill opportunities, absolutely vital Gap year is going to be available for some students. But we also got a look at you know how the this that how covert 19 can accelerate gaps between students. Every student needs access to high quality education. Every teacher needs to be equipped with the latest professional development. We've got focused like a laser, not just on. The people could afford a gap. Here are the people who who are going to be some schools who actually had solutions that could immediately push there kids into their their youth, their students in college or even employees. You need those re skills. We're all home. But it also needs to extend into the middle of the middle of Los Angeles and and you're into low income students. And in Egypt, I was really excited. We we've been working with Northern Virginia community colleges as I think you know, they were one of the lead institutions. On launching an associate degree in the cloud, they took their courses and offer what they call a jump year to 70,000 high school senior. Our high school students in Northern Virginia in the northern Virginia area, including enabling some of our cloud computing horses, are the work courses that we worked on with them to the students. So yeah, those new partnerships, that extension of college into high school and college into re skill up skills, absolutely vital. But institutions need to be able to move fast with the tools that the cloud provides you into those arena. >>Well, you know, I think you've got a really hard job to do there. It's foundational in love, what you're doing and you know me. I've been harping people who watch the Cube know that I'm always chirping and talking about how the learning is non linear. It's horizontally scalable. There's different application. You can have an application for education. It's a Siri's of different things. The workload of learning is completely different. I think to me what you guys are doing right now setting that basics foundation infrastructure. It's like the E. C two s three model. Then you got more on top of it platform, and I think ultimately the creativity is going to come from the marketplace. Whoever can build those workloads in a very agile, scalable way to meet the needs, because, let's face it, it can't be boring. Education is gonna be robust, resilient and got to deliver the payload and that's gonna be customized applications that have yet to be invented. Reinvented >>absolutely. Hopefully were jump starting that next wave of innovation spreading the opportunities Teoh all students. Hopefully we are really looking at those endemic issues and education and following leaders like University of Arizona. What the Ministry of Education, um in in Egypt has done and Northern Virginia community. Hopefully we are really taking this the opportunity of this disaster to invent on behalf of our students. Bring in you forward to the 21st century as opposed to yeah, just looking at this naval gazing way we do wrong and the past. This is an exciting opportunity, albeit a obviously scary one is we're all dealing with this with this and >>there's no doubt once we've retrenching and get some solid ground postcode 19. It's a reinvention and a reimagine growth market opportunity because you got changing technology, changing economics and changing expectations and experiences that are needed. These are three major things going down right now. >>Absolutely, absolutely. And to your point, the retraining of workers, the up skill that the great thing is that governments realize this imperative as do educational institutions and obviously yet students. This is, and we seem like what educators can do when they want to help. Yeah, other educators, this is This is an opportunity in our society to really look at every everybody is a constant learner were a constant learning from our customers. But everybody, there is no end to education. It cannot be terminal. And this is an opportunity to really provide the students learners with skills that they need in an on demand fashion at all times and re think re innovate, reinvent the way we look at education in general. >>Well, a man, Jeff Bezos says Day one. It's a new day, one, right? So you know that there is going to reinvent Ken. You doing great work. Director of worldwide education programs Ken Eisner with Amazon Web services, Certifications and degrees and cloud computing will be the norm. It's gonna happen again. If you're a cloud data engineer. Data says you're going to get a job. I mean, no doubt about it. So thanks so much for sharing your insights. Really appreciate it. Thank you, >>John. Thank you very much for your time. I appreciate it. >>Can guys They're here Inside the Cube. Virtual coverage of AWS Public sector Online Summit. We've been virtualized. I'm John Furrier, your host. Thanks for watching. Yeah, >>Yeah, yeah, yeah.

(upbeat Techno music) >> Live from Las Vegas, it's theCUBE, covering VMworld 2018. Brought to you by VMware and it's ecosystem partners. >> Welcome back to theCUBE, we are live day two of VMworld in Las Vegas, Mandalay Bay. It's apparently very hot outside but we're in here getting all the exciting scoop. I'm Lisa Martin with my esteemed co-host John Furrier. Hey, John. >> Great to see you, welcome back to the set. >> Thank you so much. John and I are pleased to be joined by a Fortinet customer, Ken Busby, Keith Busby, excuse me, the executive director of information technology and security at the school district of Philadelphia. Keith, welcome to theCUBE. >> Thank you, thanks for having me. >> So, the school district of Philadelphia, eight largest public school district in the United States. You've got over 134,000 students. >> Yes. >> Over 18,000 staff. If only your IT budget was enormous, right? >> Yes. (laughing) >> So you guys, something also interesting, this morning Malala Yousafzai was speaking with Sanjay Poonen. Very intriguing, on the whole spirit of education, let's talk about that. You guys gave Chromebooks to over maybe half the students, about 50, 60 thousand? >> Well it's not one to one, so they're shared resources, they have carts throughout the school. We have between 50 or 60 thousand Chromebooks on our network right now. >> So I imagine great for the students and the education, the firewall security maybe a bit challenged? >> As we started transitioning to the Chromebooks, it overwhelmed our legacy internet firewalls so we had to go out and do proof of concepts and test multiple vendors. >> Talk about the security, we had Pat Gelsinger sit in theCUBE, I think four years ago, Dave Vellante, co-host, asked him, "Is security a do over?" And he's like, "Yes, it's a do over, "we need to do a do over." I said mulligan, used all kinds of terms, resetting. How have you guys set up your security architecture because I've heard stories of fishing attacks just to get the bandwidth to do Bitcoin mining, to crazy things on the security front. How are you guys laying out your network security? >> Honestly, it changes on a day to day basis, right? Because as new vulnerabilities come out, you always have to adjust your posture. Over the last year and a half we redesigned to wear we're not, we were routing through web proxies, we're required to do web filtering for the students by the CIPA, Children's Internet Protection Act. When we replaced our legacy firewalls, we were able to transition everything over to that and just use the Fortinet firewall to do web filtering, intrusion prevention, anti-virus and traditional firewalling. >> How virtualized are you guys? >> Pretty much completely virtual. We still have a few legacy physical servers but pretty much all. >> One of the things that came up in keynote, today was Sanjay Poonen but yesterday Pat Gelsinger, referred it to, was the bridging of the ways, connecting computers together but he mentioned BYOD, bring your own device as one of the ways and that was really the iPhone kind of generation. Obviously kids got Instagrams and they're on all kind of devices these days, how is that impacting your IT? Is it up and running, is it solid? What are some of the details? >> We don't have a traditional BYOD policy. It's more teachers get devices and they bring them in and we just have to find ways to support it so it stretches us, we're a small staff so we can't always help the end user with their devices so if they bring their own device, we have issues, they're trying to use applications that we can't support for whatever reason so it's an issue. >> Obviously all the devices that come in to the school in addition to the 60,000 Chromebooks, needing to rethink your security architecture, what were some of the technical requirements that you were looking for that made Fortinet the obvious choice? >> Performance and cost, right? As we spoke about, we have budget constraints. They have an extremely high performing firewall at a reasonable price. After we did proof of concept with five different vendors, and theirs just out performed them all. >> How about automation? A big talk in cloud is automation. How are you guys handling automation? Are you micro segmenting? >> We're transitioning to the NSX and Fortinet VMX for our server firewall. That's going to allow us, since we're short staff, if our server team stands up a new server my policies automatically take effect, just through the use of their security tags. >> That's the Fortigate product, right? The VMX? >> Yes. >> How is that working for you guys? >> We just did the proof of concept, we haven't transitioned our live systems over to it. But so far all our tests have shown that it does what we expect it to do. >> What's it like working in such a huge school district? I mean it's basically like, it's probably like a case study in campus wide networking. (laughing) >> We look at it as we're an ISP, right? Every school comes through us. We always say that we're protecting the internet from our students. We have smart kids and they-- >> They're digitally native. >> Yeah. They find ways to do things and then next thing you know I'm getting a report by a website saying, "Hey, we got students coming and throwing attacks at us." >> I was talking to a guy in higher ed about the bandwidth, they have huge bandwidth so obviously people game, including gaming centers, have all kinds of IP management issues. Fortnite's pretty hot, I'm sure how many people are playing Fortnite on your-- >> Luckily we don't allow that, right? (laughing) >> But this is what kids want to do. They're like born hackers. >> It is. >> They're curious. >> Yes. >> And it's good thing but you also want to basically make sure they're safe. >> Yes, that's pretty much what my job is. I want them to learn but at the same time, don't use it for malicious purposes. >> Yeah, its' true. One of the things I liked about public sector is cloud really makes things more efficient. >> It does. >> What are some of the things that you've seen with virtualization and with cloud kind of on the horizon, how has tech helped you guys be efficient and be lean and mean, kind of the 10X IT kind of guy thing? >> Like you said, lean and mean, right? We have a very small staff. The school district's budget is 3.2 billion dollars and IT's operating budget is 20.8 million dollars so as you can see, we really have to be cost effective and that's where virtualization comes into play. >> What's some cool tech that you like on the horizon? We hear a lot about SDWAN, sure that might be something that's cool for you guys? >> I like the VPCs, right? AWS, virtual private clouds, where you can set up your own network out there in Amazon's world, attach it to your vSphere so you can have on premise virtualization and out in the cloud, I think that. >> One of things that Pat Gelsinger talked about yesterday we hear this a lot John, is tech for good. I liked how he described it as it's essentially neutral, it's up to us, VMware, everybody else, to shape it for good. I imagine that's challenging? We talked about the Fortnite explosion, which I have only heard of but you've got so many devices, I imagine there's some amount of security gaps that are probably acceptable. In terms of reducing the maliciousness of some of the things that happen in there, tell us about some of the things that you're achieving there, leveraging such things as the automation, how is that helping you guys to enable the Chromebooks and the BYOD for good? >> Well the automation frees up our time so that we can focus on the policies, the education, the different procedures for the district. This way we're not spending time hitting the keyboard, trying to review our traffic logs. >> You had a session yesterday which you were talking, a breakout session, and you were saying that there were some folks that were so interested in what you we had to say, you had limited time in your session. Give a little bit of an idea of some of the feedback or maybe even people that might be in your similar situation that want to learn from, hey, how did you guys tackle this huge problem? >> They were from a school district in Nebraska and they wanted to see how we were handling and they just became a Fortinet customer and they wanted to see what trials and tribulations we had implementing their equipment, any lessons learned and kind of, we just had a conversation about where we see our programs going. It was nice. >> What about compliance? One of the things that's come up is managing the laws of the land. >> Luckily, I don't have much compliance, right? So we're not PCI, CIPA's pretty much, and FERPA but the only reports that we really have to provide are for CIPA, we'll have to prove that we're doing web filtering. That's where the Fortinet analyzer comes into play. I'm able to just schedule the reports through there. Shows that I'm blocking based on categorization, and we're good. >> What's the biggest thing you've learned over the past couple years in tech and IT to be effective and to do your job, what's the learnings? (laughing) >> It's going to sound weird coming from a security guy but I think it's important to take the risk, right? Accept the risk. Most organizations won't try a piece of equipment live, right? I was the exact opposite, I put every firewall that we were going to try live and pushed our entire network through it. I mean, if it breaks some things, we figured it out but I think that's the only way to get a true test of whether or not it's going to fit your needs. >> One of the things that came up yesterday, I interviewed Andy Bechtolsheim, you know, legend, been called the Rembrandt of chips, Pat Gelsinger called him that down to Arista and other companies. He talked about how NSX has the security wrapped around the application, more around NSX, that's freed up his security teams from handling a lot of the network security which kind of like has been intertwined in the past. Are you seeing that same picture emerge? >> That's why I'm transitioning to that, to get out of the traditional IP base firewall rules. It's not really what it was designed for, it was more for a transport layer. So switching over to the NSX and the BMX, now we're basing it on the application, what it's purpose is. >> What's the impact to you guys? What's that mean for your operations and your benefits for staff, what's the impact? >> It frees us up. During the winter months when we're going to have a snow storm, our server team might have to deploy some more web servers to handle the traffic that's going to come in. Before they would have to reach out to my team, to get us to modify a policy because they have new device coming online, well now they just tag it as a web server and it's automatically in the roles. >> You know I love talking about this topic. I have four kids, two of them are still in high school, two are in college, so it's so funny how they all hacked their report cards because the sandbox was out there for testing the new curriculum so they all get it and they all share it and the school sends out a note, "Well, that's not actually officially updated yet." So the kids are smart, like you said, they're going to get what a sandbox is. They don't know why it's there, they know how to get to it, so you got student elections, all kinds of things that go on in the academic world that have been digitized that are vulnerable, you have to handle that. How do you stay on top, does Fortinet help you there? Or what's the main way to keep the secure access? >> I mean that's why we're going with the VMX, NSX, the micro segmentation, it really takes the effort off of us and allows the appliances to do what they're intended to do. >> That's awesome, well it's a great case study. Any advice for practitioners out there who are in your seat in their world who might be looking at, okay I got to reset, I got to start rethinking things, I got to do more with less, I got to be lean and mean? It's kind of command and control but you got to manage it, you got a lot going on, it's the battlefield of IT is changing. >> Yes. >> So what's your advice? >> Take the risk. (laughing) Try it out. I just recently hired another engineer and on his first day I pretty much told him, "Go ahead and break something, it's alright, "we'll figure it out, we'll fix it." He has his own little lab and I'm like, "Just go mess around and figure it out." >> Play, do some R and D. >> Yeah. >> Kick the tires, yeah, it's the best way to do it. Keith, thanks so much for coming on theCUBE, really appreciate it. It's theCUBE live here in Las Vegas, stick with us for more coverage after this short break. (upbeat techno music)

>> Live from Las Vegas it's theCUBE covering Fortinet Acclerate 18. Brought to you by Fortinet. (upbeat techno music) >> Welcome back to theCUBE's continuing coverage of Fortinet's Accelerate 2018. I'm Lisa Martin joined by my cohost, Peter Burris. And we're excited to be joined by a Fortinet customer, Troy Miller the Director of Technical Resources from Clark County School District. Troy welcome to theCUBE. >> Thank you. >> Lisa: So, you're local. You're in the Vegas area. Tell us a little bit about Clark County, I noticed some impressive numbers of size, and about your role. >> Clark County School District we service about 320,000 students a day, 41,000 employees. It's the entire county which, last I heard, was about the size of Rhode Island. So, basically, that's geographically large as well. My role in the district as Director of Technical Resources. We bring in 80 gigs of internet each day for all those people to consume. And we're responsible for the Edge security. So, we don't get down to the desktop yet but we just make sure they have a successful and reliable internet. >> So, 320,000 students and 41,000 employees. How many devices is that connecting to the network? Or do you have any idea? >> Even ones that were just district-owned might be closer to 420,000 probably, if you count all the labs. And then another everyone brings in their own one or two or three devices with them. Their phone, their iPad, their laptop. So, there's not an exact count but I'm guessing well over 450,000 probably. >> And you've been with Clark Country for awhile and you've been in education for awhile. Talk to us about the technology evolution that you've seen take place. The opportunities that that gives educators and students we well as the opportunities that it provides on the security side that you have to combat. >> Yeah, a long time ago, I've taught for four years from, I think it was '93 to '97, and I got into the department I'm in now. But back then it was one computer that a teacher didn't know how to use and rarely turned on to now they're using, whether it be smart boards, giving out iPads, Chromebooks, and so on. Every kid's connected and it's important. We're now a Google school district. So, Google Classroom using Google sites and so on. And so, it's important. And the evolution of that is just that when you have a reliable internet, and so Fortinet has definitely increased our stature in that. Day to day instruction can take place, not interrupt them. Cause if they lose their internet for two minutes we've deprived these students for all kinds of education. It's important and now everything is reliant upon it. Even our student management system, our ERP. All that stuff is now, some hosted internationally some hosted externally. So, security is a very important part of that. >> And when you think about the role that you play, you have a specific role within the school district. How does the ability to use a Fortinet-like product inside your role impact your ability to collaborate and coordinate with others in the school district to make sure that everything is running seamlessly? >> Yeah, that's important is that for us using the Fortinets that we have, it was important to be able to get better insight. I'm excited about the stuff in the conference this year to really improve upon that. But to be able to properly secure those say VPN connections going out to outside services or to better serve the students in the schools or other business transactions that take place. So, it's important on that. And then we can see if something's starting to break down somewhat where to go. And again, our district's pretty separated. It's siloed a bit. And so, it's important we know which department to go to if we're seeing issues with certain things. >> Now, local government's are notoriously difficult to work with for some technology vendors. How has it been for Clark County working with members of the Fortinet ecosystem. Because security is obviously an increasingly important feature of, well, virtually everything, but including local municipalities. >> Right. And Fortinet's been awesome. We worked with them through our managed service proprietor, Mosaic451. So, when we moved towards Fortinet just a year and a half ago, that made it a very seamless move because they had the expertise that we didn't at the time. We were brand new to the Fortinet platform. They brought in people from all over to help out with that to either install it, to set up the policies and so on. So, yeah, working with municipalities is difficult. Working for one's even more difficult. But Fortinet has made that very easy. >> What was the catalyst for bringing on Fortinet in terms of some of the challenges that you guys have with your firewalls? Was their any sort of one event or type of events that really catalyzed, hey, we're got to transform here? >> Yeah, there was a series of events actually. About a year and a half ago, we were undergoing about daily one hour, two hour DDoS attacks, fragmented UDP attacks. And our previous firewall vendors they couldn't, one they couldn't diagnose it. And two even once they did, it couldn't handle it. We were basically firewalling our firewall with our EdgeRouter. And so, that was when I said something has got to change. And that's when I contacted Mosaic451 and said, I need help. I can't be doing this every day cause the staff, obviously, were upset. And so was I. And so, Fortinet actually back then, our first involvement with Fortinet, they sent out two chassis and said, "Here. Try them out. See if this will stop the attack. We think it will." And we got them going within a few days and sure enough, it did. And so that told me I needed to make a move. It took, obviously, some budget trapeze acts to get that done. But within six months we were then on Fortinet. And again, once we got the equipment back everyone was able to help out and get us set up. We're unique in what we had and moving our policies and so on. So, they've been integral in that. >> So, impact perspective. It sounds like you went from these daily DDoS attacks to zero? >> Troy: Yeah. >> In how short of a time period? >> They stopped on their own beginning of January of that year. But we haven't had one at all since then. Or we've had small ones but the Fortinets handled them without a problem. They barely bumped them, you know. >> So, pretty big impact there that you've been able to make? >> Yeah, we went from-- >> Lisa: Pretty quickly. >> Yeah, yeah it was six months before we finally made the Fortinet decision. And we were fortunate we didn't have to go through an RFP process on that. Because that would have taken forever, and I didn't want to do that. And so, I already said we did our RFP. This one doesn't work. We know this other one doesn't work. So, guess what's left? So, that's the way we ended up with Fortinet. And I said we're very happy with them so far. >> In terms of some of the announcements that they have made today, around utilizing AI technology. They've also talked about their Fabric-Ready Partner Program. You've talked about a partner there. What are some of the things that excite you about what you've heard from them today? Does that give you reassurance that not only did we make the right decision but this is something that's going to help us as we evolve and as security threats naturally evolve and grow as well that you feel like you have a good foundation on the security side. >> Yeah, precisely. I'm very excited from what I saw. And you know, there's things, education, especially in this state, is extremely underfunded. So, I'd love to go out and just say, "Oh, I'd like to buy this. I'd like to buy that." We're up and running with the security fabric. And I'm excited about it. But what I'm really excited is the opportunity to grow. We can really assume some progress with that. And so, while I can't take full advantage of it or even go to the FortiOS 6 probably anytime soon. But we will be able to start laying the groundwork, and I can plan out to start filling off those check boxes in that security fabric, and start providing a better more secure internet for what I'm responsible for, what I can consume. >> So, education like everything else is changing. What are the set of options that become more available to you to Clark County School District as a consequence of bringing in a new security fabric that's capable of accommodating a little more complexity, a little bit more automation? >> Well, yes, a little bit of all that. For us, what I'm excited about with the Fortinet is that one, we've got something robust that's going to last us for five to seven years. Those will last even beyond our 80 gigs we're using now if we need to go beyond that before I retire. But the exciting part of that is, like I said, by adding in those different security fabric pieces I think we'll be able to improve bit by bit. And I know while they're going to improve them even more by the time we finally get there. So, that's exciting. >> You talked about ... I'd like you to elaborate a little bit more on your organization. It sounds, I don't want to say fragmented, but there's different centers. How has, I should say, what you guys have been able to achieve by bringing Fortinet in in terms of we talked about this dramatic reduction or elimination of DDoS. Are you able to leverage that as sort of a best practice within the school district. Do you see opportunities that this Fortinet partnership can have for you in that respect? >> It gives us some validity. It shows that it did make a difference. We didn't just spend some money on it no reason. Yeah, because of its being siloed, what the Fortinets will give us now is we can know exactly which department to send certain tickets to. What we see whether it's to be malware or something pinging out that shouldn't. We can better address where it's coming from and what to do with it. And again, Mosaic is our sock. So, working with them, working with Fortinet we've been able to improve our response to minor incidents as they happen. >> Are there other natural issues that the County of Las Vegas deals with that makes Fortinet especially relevant? I mean, obviously, great distances. But you know, you've got large mountains surrounding here. It's a very dry environment. Are you finding that there's just things about the location that makes Fortinet that much better choice? >> I don't really think environmental ... Pretty much what makes this the best choice is not really where we are but just what we do. Like I said, the internet comes to us, and then we kind of spray it out from there. And so, that availability and reliability is what's important. Sort of where we are doesn't quite matter. But it is the ability to be able to service the customers. >> So, we kind of look at the security transformation that you're on. You've talked to us about some of the achievements that you've made so far in the first year. What are some of things throughout the rest of 2018 that your looking forward to enabling your environment with your Fortinet partnership? >> Some of the things I'm excited about there is, like you had mentioned before the AI part of that. That I'm really excited to hopefully implement. That just takes some ... I can use the eyes I have. I only have four security people basically for that organization. Two of them from Mosaic, two of my own people. And so, if I can have those people addressing bigger concerns than malware or stuff like that. And VAI can better handle that, so instead of digging through logs, we can just, there it is, block it or it's already blocked. That would save us. And I could use that talent for more serious items. We already completed our Edge redesign the networks. Now, we're not redundant on that. We're working on our internal network. So, if we can spend more time making those things more robust to then take advantage of the security fabric as we're able to take advantage of it then that's all the better. >> In most enterprises, there's a partnership that has to be established between security architecture, security operations, the business, and especially the employees. Employees have to take an active roll to successfully do security. Kids and schools are not necessarily well known for having consistent behaviors. How has that affected your environment? And what can enterprises learn as they think about having to serve increasingly unruly customers in their markets? >> Yeah, that's one of the things I'm just starting to dip my toe in to plan for next year is more of an education for it but then holding them accountable for that education. Yeah, I don't know which is worse, the teachers or the students. (Peter laughs) I'm guessing the teachers. (Lisa laughs) They'll click on anything they see. So, it's important to educate them first before I start rolling out some efficient testing on them and so on. But we have to start doing that because otherwise it doesn't matter if something comes in or they get it off their tablet. Now, they've infected the internal and it didn't even get to us, right? And so, it's important that education is important. We're going to start trying to hold them accountable for it. But that's a huge challenge where I'm at. That's like climbing Everest there. >> So, is Fortinet going to help? I think it will. Fortinet's going to be able to help for us to be able to have that insight on what's still working, what's not. We're still seeing these things. >> And also recognizing patterns and seeing what people tend to do wrong will probably help you pinpoint what you need to, that partnership. What the user needs to take more responsibility for. >> Right and that's the thing. It better identifies those issues. You see where they've improved or what still needs to be worked on. >> Peter: Great. >> Well, congratulation on what you've achieved so far. >> Oh, thank you. >> And thank you so much for sharing your success story with us. You're on a journey, and we wish you continuing success with that. >> Thank you. >> For my cohost, Peter Burris, I'm Lisa Martin. You've been watching theCUBE's coverage of Fortinet Accelerate 2018. We'll be right back after a short break. (upbeat techno music)

>> Announcer: Live from Las Vegas, it's theCUBE, covering Fortinet Accelerate 18, brought to you by Fortinet. (upbeat techno music) >> Welcome to Fortinet 20... Welcome to Fortinet Accelerate 2018. I haven't had enough caffeine today. I'm Lisa Martin. I'm joined by my co-host, Peter Burris. Peter, it's theCUBE's second time here at Fortinet Accelerate. We were here last year. Great to be back with you. Some exciting stuff we have heard in the keynote this morning. Cyber security is one of those topics that I find so interesting, 'cause it's so transformative. It permeates every industry, everybody, and we heard some interesting things about what Fortinet is doing to continue their leadership in next generation security. Some of the themes that popped up really speak to the theme of this year's event, which is Strength in Numbers. Ken Xie, their CEO, shared some great, very strong numbers for them. 2017, they reached 1.8 billion in billing, which is a huge growth over the previous year. They acquired nearly 18,000 new customers in 2017, and another thing that I thought was very intriguing was that they protect 90% of the global S&P 100. They have over 330,000 customers, and they share great logos: Apple, Oracle, Coca Cola, et cetera. So, great trajectory that they're on. From a security perspective, digital transformation, security transformation, they have to play hand in hand. What are some of the things that you are seeing and that you're looking forward to hearing on today's show? >> Well, I always liked this show. This is the second year, as you said, that we've done this. One of the reasons I like it is because security is very complex, very hard, highly specialized, and Fortinet does a pretty darn good job of bringing it down to Earth and simplifying it so that people could actually imagine themselves becoming more secure, as a consequence of taking actions along the lines of what Fortinet's doing. So, there's clearly a strong relationship between the notion of digital business and the notion of digital security. The way we describe the difference between a business and digital business is that a digital business uses its data assets differently, and in many respects, it is through security concepts and constructs that you go about privatizing, or making unique, your data, so that it doesn't leave your network when you don't want it to, so it can't be subject to ransomware, so that it isn't compromised in some way by a bad actor. So there's a very, very strong relationship between how we think about digital assets and how we think about security, and what Fortinet's overall approach is is to say, "Look, let's not focus just on the device. "Let's look at the entire infrastructure "and what needs to happen to collect data, "to collect information, across the whole thing," what we call a broad approach as opposed to a deep approach. A broad approach to looking at the problem, with partnerships and working with customers in a differentiated way, so that we can help our clients very quickly recognize, attend, and make problems go away. >> One of the things, too, that is interesting is, you know, we hear so much talk at many other shows about digital transformation, DX, everyone's doing it. They're on some journey. There's now such amorphous environments with Multi-Cloud, IoT, opens the-- It spreads the attack surface. I thought they did a great job this morning of really articulating that very well. I'd love to hear your perspective, and we have some of their customers that are going to be talking to us today, but what is the mix of security transformation as a facilitator or an enabler of true digital business transformation? How do companies do that when, as we were talking earlier, companies, and even Ken said, Ken Xie, the CEO, that lot of companies have 20 to 30 different disparate security products in place that are pointed at different things that aren't integrated. How does a company kind of reconcile security transformation to-- as an enabler of digital business transformation? >> Yeah, and I think that's going to be one of the major themes we hear today, is the process that customers are, in 2018, going to have to accelerate. Does that ring a bell? (laughs) Accelerate... >> Lisa: That's genius. Somebody should use that. >> This journey (laughs)... Accelerate this journey... >> Yeah. >> To employing security and security-related technologies and services, much more effectively within their business. There's so many ways of answering that question, Lisa, but one of the-- Let's start with a simple one. That, increasingly, a company is providing its value proposition to its customer bases, whether they're small, residential, whether they're a consumer, or whether they're other businesses, through a digital mechanism, and that could be e-commerce, as pedestrian as e-commerce, or perhaps recommendation engines, or it could be increasingly digital services that are providing, effectively, a digital twin in the home, and, so, your security, your ability to provide those services and those capabilities that consumers want, if those fundamental, or those services are fundamentally insecure, then your brand, no matter how good the service is, your brand's going to take a hit. So, when you think about what Google's trying to do with Nest, if you think about, you know, in the home, a lot of the things that are going into the home, Amazon Alexa, there is an enormous amount of attention being paid to, is our platform, is our fabric a source of differentiation-- security fabric a source of differentiation in our business? Are we going to be able to look a consumer in the eye, or a B2B company in the eye, and say, "You'll be able to do things with us "that you can't do with others, "because of our security profile." And, increasingly, that's got to be the way that boards of directors and CEOs, and IT professionals need to think, "What can we do differently and better "than our competitors because of our security profile "and the security assets that we've invested in?" That's not the way a lot of people are thinking today. >> Why do you think that is? Because, I think you're spot on with providing security capabilities as a differentiator. There's a lot of competition, especially in the detection phase. Ken Xie talked about that this morning, and there's a lot of of coopetition that needs to happen to help companies with myriad disparate products, but why do you think that is that this security capability as a differentiator hasn't yet, kind of, boiled up to the surface? >> I think it's a number of reasons. Some good, some, obviously, not so good, but the main one is, is that, historically, when a CFO or anybody looked at the assets, they looked at tangible assets of the company, and data was, kind of, yeah, was out there, and it was, yeah, secure that data, but we were still more worried about securing the devices, because the devices were hard assets. We were worried about securing the server, securing the routers, securing, you know, whatever else, the repeaters, whatever else is in your organization, or securing your perimeters. Well, now, as data moves, because of mobile, and Ken told us, that 90% of the traffic now inside of a typical enterprise is through mobile, or through wireless types of mechanisms as opposed to wired, well, it means, ultimately, that the first step that every business has to take is to recognize data as an asset, and understanding what what we're really trying to secure is the role the data's playing in the business. How we're using it to engage customers, how we're using it to engage other businesses, how employees are using it, and very importantly, whether the security products themselves are sharing data in a way that makes all that better, and in a secure way, themselves, because the last thing you want is a vulnerability inside your security platform. >> Yes. >> So, the main reason is is that the industry, in most businesses, they talk a great game about digital business, but they haven't gotten down to that fundamental. It's about your data, and how you treat data as an asset, and how you institutionalize work around that data asset, and how you invest to improve the value, accrete value to that data asset over an extended period of time. >> Something that I'm interested in understanding, and we've got Phil Quade, their CSO, on, later today. >> Peter: Smart guy. >> How the role of the CSO has had to evolve, and I'd love to hear... And you asked a little bit about this earlier, the Fortinet on the Fortinet story. What are you doing, internally, to secure and provide security that all elements of your business need? Because I imagine a customer would want to understand, "Well, tell us how you're doing it. "If you're the leader in this, "in providing the products and the technologies, "are you doing this internally?" >> Well, I think, look, I think going back to what I was just talking about, and we had a great... We had a great conversation with Ken Xie that's going to show up in the broadcast today, it is... I think every technology executive increasingly needs to look at their potential customers, their peers, and their customers, and say, "Here's what I can do, as a consequence of using my stuff, "that you can't do, because you're not using my stuff." And Phil, Phil Quade, needs to look at other CSOs and say, "Here's what I can do "as a CSO, because I use Fortinet, "that you cannot do as a CSO, because you don't." Now, the role of the CSO is changing pretty dramatically, and there's a lot of reasons for that, but if we think about the number of individuals that, again, we go back to this notion of data as an asset and how we organize our work around that data. We're hearing about how the CIO's role is changing and how the chief digital officer's changing, or the chief data officer or the CSO. We've got a lot of folks that are kind of circling each other about what really and truly is the fundamental thing that we're trying to generate a return on. >> Lisa: Right. >> When I think about the job of a chief, the job of a chief is to take capital from the board, capital from the ownership, and create net new value, and whether it's a CIO doing that, or anybody. And, so, what Phil's job, or what the CSO's job is is to also find ways to show how investments in the business's security is going to create a differentiating advantage over time. Working with the chief digital officer, the chief data officers and others, but there's a lot of complexity in who does what, but at the end of the day, the CSO's job is to make sure that the data and access to the data is secure, and that the data and the ability to share the data supports the business. >> You mentioned the word "complexity" in the context of the CSO and some of the senior roles, where data is concerned. One of the things I'm interested to hear from some of our guests today, those at Fortinet, and we've got the CSO on we mentioned, and we've also got John Madison, their Senior Vice President of Products and Solutions. We've got their global strategist on security, Derek Manky, but we also have some customers. One from Tri-City, and another from Clark County School District, which is here in Vegas, and I'm curious to understand how they're dealing with complexity in their infrastructure. You know, we talked so much about, and they... have already started today, about Cloud, IoT, multi-cloud, mobile, as you talked about. As the infrastructure complexity increases, how does that change the role of the C-Suite to facilitate the right changes and the right evolution to manage that complexity in a secure way. So I'm very interested to hear how that internal complexity on the infrastructure side is being dealt with by the guys and the gals at the top who need to ensure that, to your point, their data and information assets are protected. We've got some great examples, I think, we're going to hear today, in three verticals in particular: education, healthcare, and financial services. And education really intrigued me because it's been a long time since I've been in college, but there's this massive evolution of smart classrooms, it's BYOD, right? And, there's so many vulnerabilities that are being brought into a school district, so I'd love to understand how do you protect data in that sense when you have so many devices that are connecting to an environment that just drives up complexity, and maybe opens... Perforates their perimeter even more. >> Well, I mean, you know, one of the... We're as a nation, we are living through a recent experience of some of the new tensions that a lot of the school districts are facing, and it could very well be, that voice or facial recognition or other types of things become more important, so I, look. Large or small, well-funded, not well-funded, young or old, consumer or business, all companies are going to have to understand and envision what their digital footprint's going to look like. And as they envision what that digital footprint, companies or institutions, as they envision what that digital footprint's going to look like and what they want to achieve with that digital footprint, they're going to have to make commensurate investments in security, because security used to be, as Ken said when he talked about the three stages, security used to be about perimeter. So, it was analogous to your building. You're either in your building or you're not in your building. You're in your network, or you're not in your network. But, today, your value proposition is how do you move data to somebody else? Today, your security profile is who is inside your building right now? Are they doing things that are good or bad? It's not a "I know everybody, I know where they are, "and I know what they're doing." We are entering into the world where digital business allows us to envision or to execute a multitude of more complex behaviors, and the security platform has to correspondingly evolve and adjust, and that is a hard problem. So, listening to how different classes of companies and different classes of institutions are dealing with this given different industries, different budgets, different levels of expertise, is one of the most important things happening in the technology industry right now. >> Yeah, it's that, how do you get balance between enabling what the business needs to be profitable and grow and compete, and managing the risk? >> And, how... and what is a proper level of investment? Do I have too many vendors, do I have not enough vendors? All those... all of those issues, it's increasing, we have to get-- We have to make our security capacity, our security capabilities, dramatically more productive. And that is going to be one of the major gates on how fast all of these technologies evolve. Can we introduce new AI? Can we introduce faster hardware? Can we introduce new ways of engaging? Can we bring biology and kind of that bio-to-silicon interface and start building things around that? Well, there's a lot of things that we can do, but if we can't secure it, we probably shouldn't do it. >> Lisa: Absolutely. >> So, a security profile is going to be one of the very natural and necessary, reasonable gates on how fast the industry evolves over the next 20-30 years. And that's going to have an enormous bearing and impact on how well we can solve some of the complex problems that we face. >> Well, I'm excited to co-host today with you, Peter. I think we're going to have some great, very informative conversations from some of Fortinet's leaders, to their customers, to their channel partners, and really get a great sense of the things that they're seeing in the field and how that's going to be applied internally to really have security be that enabler of true business transformation. >> Peter: Excellent. >> Alright. Well, stick around. I'm Lisa Martin. Let's hope I don't screw up the outro. Hosting with Peter all day. We're excited that you're joining us live from Fortinet Accelerate 2018. Stick around. We'll be right back. (upbeat techno music)

>> Hi, I'm Lisa Martin on the ground with The Cube at Google Headquarters for the sixth annual CloudNOW Top Women and Cloud Awards event. Very excited to be joined by one of the award winners tonight, Alice Steinglass the President of Code.org. Congrats on the award and welcome to The Cube >> Thank you. >> It's great to have you here but first of all tell us about Code.Org. It's a pretty big organization and so what's it all about? >> Yeah, so our goal is that every student should have the opportunity to learn Computer Science. And we're focused on equity and diversity. I was surprised to learn that most schools today don't teach Computer Science. And it's not that most kids don't take Computer Science, it's that even if they wanted to most K12 schools today, the kid can't even take a Computer Science class if they want to. And this unfairly affects students of color, students in poor schools, they even have less of that opportunity today. And so our goal is that every school should offer Computer Science and every child should have the opportunity to take it. >> That's outstanding. How long have you been involved in Code.org and what inspires you to donate so much of your time to this organization? >> Yeah, so I joined about a little bit over two years ago. I'd been working in the tech industry for about 15 years, so I'd seen first hand what the lack of opportunity looks like and I was volunteering in my free time, helping out in schools and I just really wanted to make that my full-time job. I also think as a woman in Computer Science I remember walking into my first Computer Science class and it's a lecture hall with 500 people and you just feel like you're sort of in the wrong place. And it can be intimidating and I think especially when you don't know all the words or all the buzz words, you can feel like, I don't know what that word means, I don't know what BBS is right? So therefore I don't belong in Computer Science and it turns out, you don't need to know what a BBS is to do Computer Science. It's basically Reddit and nobody needs to know Reddit to do Computer Science. >> But that's a really great point that there's a lot of intimidation from kids at young ages, "Do I belong here?" "I like it but..." Like you said, there are things like acronyms that can intimidate someone. But some of the stats I was reading that 25% of students in the US have an account but this isn't just in the United States, you guys are doing some great things globally to get kids involved. So tell us a little bit about the global expansion of Code.org. >> Yeah, so almost half of our students come from around the world. And I think that it's not just about America, it's about every student deserves this opportunity. It's actually cool, most of our translation work, almost all of it is done by volunteer translators and we have organizations around the world like, Programa Il futuro in Italy who has translated all of our content into Italian and is working with the Italian Government and making it part of the national curriculum in Italy. Working with partners in Mexico and all over the world, who are doing great work and right here at home. You don't have to go far away, we're partnered with the Oakland School District which is right here. And we're partnered with San Francisco and all sorts of schools right here in America don't have that opportunity and so that's what we're focused on fixing. Because I was talking about, it's challenging when you don't know it and giving the students an opportunity to learn that in High School gives them the confidence to go and do this if they want to in college. I was lucky, I had a high school Computer Science class and I had a teacher who believed in me. And it makes a huge difference. >> Absolutely. >> So we want to give all students that chance. >> That confidence that you mentioned really is key. If you can just help, you probably think one person, just feel a little bit better that if, "Hey I don't know what this acronym is, how many other people don't know?" and that can just really build upon that. Something that I think is really cool that I've just learned about is the Hour of Code. Tell us about that because this is the perfect week to be talking about it. >> Yeah, you are interviewing me during CS education week. And one way you can celebrate CS education week is the Hour of Code. The Hour of Code has become an international movement. We've had tens of millions of students participating all over the world. This week alone there are over a 100,000 different Hour of Code events that are organized. You can see a map of them all over the world. An Hour of Code is a way of letting a student try Computer Science because I can tell you till I'm blue in the face that it's fun, or that it's interesting or that you can do it. But we see a much bigger impact when students actually try it. Last year we had thousands of students, which we measured. Questions like, I like Computer Science or I want to study Computer Science before and after they tried an Hour of Code. And what we saw was that it really makes a huge difference to try it. But you know the group that it mattered the most to? High school girls. High school girls. >> Fantastic. >> Yeah. Because they had this impression that Computer Science wasn't for them. But then after trying it, they said, "Oh you know what? It's not about sitting around and coding the Fibonacci Series." You can do that with code but you can also make apps and you can design websites and you can create things that have this creativity aspect and they wanted to go on and take it. Most students who do the Hour of Code go beyond the Hour of Code. And our goal with the Hour of Code is not to do one hour of code. One hour of code is not Computer Science, you're not going to learn that much right? >> Right. Getting your toe wet maybe? >> Yeah, get your toe wet. But the real goal is to help teacher teach years of Computer Science. To go from that to saying, "I can teach Computer Science." It's about the students and helping them take it and it's about the teachers and helping them teach it. Most of what we do at Code.org is helping teachers who never learned Computer Science when they went to school, learn Computer Science and learn how to teach it to their students. Because our teachers, they didn't learn Computer Science right? >> Right. >> And so we're asking them to teach the subject which is critically important in the 21st century. But it's a challenge. >> It is. Do you have any favorite stories of maybe a student or a teacher or both that tried this and their eyes were opened, "Wow, this is way more than I thought it was." >> So, there's a local teacher near Seattle, his name is Juan and he also was not a Computer Scientist. He had never taken Computer Science, I think he was teaching Political Science. I'm not sure, but I think that's what he was teaching. And he came to our workshops and he said, "Hey, I can do this. I can teach Computer Science." And we have one week workshops over the summer to help the teachers learn how to teach it. And curriculum and professional development that we provide for schools at no cost to the school to help them get started teaching Computer Science. And he took that leap and he did it. And he said, he went into one of his classes and he's in a district that is mostly under represented minorities and he looked at his class, and his class was all male and there were not very many of the under represented minorities in his class and he said, "Well, I've got to fix this." So he went out and he went to the choir class and he found this woman, our Sally and he said to her, "Hey why are you not in Computer Science right now?" and she said, "Oh, I don't know. I don't even like to sing." >> Oh my gosh, wow. >> So he just marched her right up. He got the form, he switched her over to Computer Science. He got her friend Daisy, he got a whole bunch of women in his class. And they loved it. And our Sally took that class and she kept going and she took Python. >> Wow. >> And she's applying to colleges right now and she wants to be a Computer Science major. >> That's amazing. Recruiting from choir. >> Right. And her parents never went to college. One of them never went to high school. And for her this is an opportunity to be part of all the things that we see in Silicon Valley. And I want to see her do it. >> Great story. Last question, the CloudNOW, and this is the Sixth Annual Top Women in Cloud Award. Congratulations on winning and how did you hear about this and what does it mean to you? >> I think it's a great award. I really love that CloudNOW is doing work to encourage equity and to encourage women in the tech space. I think that has a lot of synergy with the work we're doing at Code.org. Trying to encourage women and young women to be able to have this opportunity and be able to take these courses. And you know, it's okay if they don't want to go into the tech space. Most of them won't but if they have the opportunity to see these courses I hope some of them will be inspired and that when they are inspired they'll have that background, so they can. And for the other ones who go into all sorts of different fields, whether it be design or education or medicine, or marketing or who knows? Knowing how Computer Science works, I think is a critical set of skills for all people everywhere in this day and age. >> I agree. It'll be a great part of their foundation. Well, speaking of inspiration, you've been quite inspirational. Again congratulations Alice on the award and thank you for stopping by the Cube. >> Thanks. >> You've been watching the Cube a lot and we're on ground at Google for the six annual CloudNOW, Top Women in Cloud Awards. I'm Lisa Martin, thanks for joining. We'll be right back.

>> Announcer: Live from Orlando, Florida, it's theCUBE. Covering Grace Hopper Celebration of Women in Computing. Brought to you by Silicon Angle Media. >> Welcome back to theCUBE's coverage of the Grace Hopper Celebration in Orlando, Florida. I'm your host, Rebecca Knight along with my co-host, Jeff Frick. We are here with Brenda Darden Wilkerson. She is the new president and CEO of the Anita Borg institute. Thank you so much for joining us. >> I'm so excited to be here. >> This is a new position for you. >> Absolutely. >> But you've obviously been involved with the Anita Borg Institute for your career. At least been aware of it. So tell us a little bit about what this appointment means to you. >> Oh, it's so exciting. It's like coming full circle back to a tech career that I started. Back to understanding the needs of women having been there. Gone through the various stages of my career and then going into education. Helping encourage women into a career in tech. And now being able to advocate for them to be able to contribute at whatever stage they're in. Whether they are just entering or whether they're one of the women who have been in tech for a long time and are getting promoted into C-suite. Or whether or not they went through traditional education pathway to get in or if they learned on their own. So it's very exciting. >> And it cannot be as hard as the challenge that you just accomplished. I'm so impressed. Getting computer science as a requirement in the Chicago School District. >> Yes, yes. >> I mean that must've been quite a battle. I can only imagine. >> It was. It was, but you know when you want something, and you believe in it, it is amazing how you find other people who believe like you do. And you form a collaborative partnership that's really about caring about people. >> Jeff: Right. >> Many of us had been in tech and we had had the challenges and myself, personally, I came about computer science accidentally. I went to college thinking I was going to go into medicine. So I was pre-med. So I only learned about computer science accidentally. And of course obviously it changed my trajectory. It's been my career path and I was fine with that. Until years later when we were working on making computer science core, I was doing some lobbying on Capital Hill on a panel with a bunch of people. One happened to be a 19 year old girl who had a story similar to mine. And I thought how could this still be happening? >> Jeff: Right, right. >> How can people not have this choice and have this exposure early in life so that they know how to choose to contribute to the thing that's changing the way we live every single day. >> So do you see it changing? I mean we talked about this so many times on theCUBE. You know, that the core curriculum is the core curriculum. It's been there forever. >> Yes, yes, yes. >> And then the funny joke, right? Go back 100 years, nothing looks familiar except if you go to the school. I mean they're still reading the same Mark Twain book, right? >> Brenda: Right, right. >> Do you see it changing 'cause computing is such a big part of everyday life now. And it should be core everywhere. I mean the fact that you got that through, do you see it changing in a broader perspective from, kind of, your point of view? >> I do, I do. Education changes slowly, unfortunately. But actually when you look at, we launched computer science for all in 2013. And now it is an initiative that is national. The Obama White House embraced it and we were so proud. And it made the knowledge of going after computer science as something that all educators should really be thinking about as early as kindergarten for our students. It is making a difference in the lives of women. I've seen girls who many times would have been talked out of getting into a technical field by high school. For the few that could trickle in and get into those one or two classes that used to be available. I'm seeing girls learn that they could be innovators as early as five, six, or seven years old. Okay, so I'm just waiting to see the world that they're going to create for us when all of them. Because now, in Chicago, they're required to have computer science to graduate. So that's everyone so that's the key. It's computer science for all. And it is making a change. Not just for the kids, but the educators. I'm seeing women educators go, I could do this? I could get in and teach computer science? I could create something? That's exciting. >> So the Anita Borg Institute does so much good work around these issues. From getting computers into the hands of kindergartners to helping women on the verge of C-suite jobs in some of the biggest tech companies in the world. Where do you want to focus? As the new president, what are some of your special pet projects that you want to look at in the upcoming years? >> So I really want to think about how we dig into intersectionality. I want to first and foremost make vivid for more women of different backgrounds, who may have traditionally been left out of the equation, that there is an opportunity here for you if you want it. Okay, so that's about listening to them. That's about building additional alliances. That's about figuring out how to partner with organizations that we're all going in the same direction, right? So that more people that bring their unique lenses and experiences can help us create solutions, products, services that serve better just because they're there. So that's the first and most important thing. But then of course to, in order to do that, we have to figure out how to accelerate the work that anitab.org does in helping companies to figure out how to solve any problems that they may be having about diversifying their work force. So that's the other half of the equation. >> Do you see that the message is resonating? And this, I mean, you've been in the tech industry for, you're a veteran of the tech industry. Let's just say it, let's just put it at that. Let's just put it at that. But do you, I mean, just in terms of what we've been saying here too is that it's a lot of the same stuff. A lot of the same biases. And then there's things like to Google Manifesto which was this year, you know? And you just think, are we really still talking about this? I mean, where are you on the spectrum of completely discouraged to hopeful and inspired? >> Oh, I'm hopeful. I mean, look around you. (laughing) Look around you at all these women who are also hopeful. I am hopeful for them. We are hopeful together. And I think many times some of the remarks or things that happen out there are just an indication that maybe we're getting closer to moving that needle, you know? Sometimes that's when you hear from people is when changes are being made. So I'm not discouraged at all. I'm very excited to be on this team. It's a very powerful team. And to create the coalitions that our women are counting on us to do. >> It's pretty interesting with a lot of the negative stuff that happens in the news. And it actually has a really bright silver lining. And that it kind of coalesces people in ways that wouldn't necessarily happen. >> That's right, that's right. >> I thought your comment kind of about overt, or no, I guess the last guest. Overt, kind of, discrimination versus, kind of, less overt. It's harder to fight the less overt. So when somebody shines a big bright light on it, it actually, in a way, is a blessing because then it surfaces this thing. >> The stuff that's kind of, you know, it's lukewarm. It's easy for people to explain away. Even if it's really obvious to most people. But when it is as overt as it's been, it's out there now. It's like now we have something that we all have to deal with. It's not, you know, we can't be lukewarm and mealy mouth about it. Let's go to work and address this because it's so obvious. So in that way it's a silver lining. >> Jeff: Right, right. >> But the culture war that we're dealing with this. With what Melinda Gates was describing as the brogrammers. The hoodie guys, the sea of white dudes. >> Yes. >> Where we think all the great ideas are coming from. >> Brenda: Yeah. >> What is you feeling on how do we combat that? >> So, you know, here's an interesting perspective. I'm going to put a call on the entertainment industry. >> Rebecca: Okay. >> To put more images out there that are representative of what's really happening, right? So, you know, I have a sister that's a lawyer. And she's older than I am. And there was a time when you just didn't see very many images of women lawyers or women doctors. But if you watch television, you watch the movies, there are plenty of those now and the numbers. People can be what they can see. But if the images out there are all about the sea of white men. Then we will fight that struggle because people are impacted by what they see. >> Rebecca: The power of representation. >> The power, absolutely. And so I'm calling on people who have the power to change the images to do so. And to show the truth of what's really going on. >> Okay, so Hollywood, are you listening? (laughing) Do you have any final advice for the young women who are here. And maybe it's their first Grace Hopper Conference. >> Yeah, yeah. >> What do you think they should do to get the most out of their experience here in Orlando this week? >> Well, first of all, I'm so glad that you're here and I want you to be encouraged that there is a sisterhood. There is a community that cares about you that has seen some of the same things, some of the challenges. And maybe you don't even know about yet. But together, we can make a better world. We can be the change agents that we already are but on a such bigger scale. So, you know, go for it. Don't ever let fear stop you. And you will make a success out of whatever you're going after. >> Those are words to live by. >> Yeah, we need to get a bigger boat though. You got 18,000 people. >> I know. >> That's right. >> You can't get that on you IM placard. >> That's right, that's right. That's a new solution for tomorrow. (laughing) >> Great, well, Brenda, thanks so much. We're so excited for you and to be here at Grace Hopper again. >> Thank you so much. I appreciate being here. >> Great event, great event. >> Okay, thank you. >> I'm Rebecca Knight for Jeff Frick. We will have more from Grace Hopper in a little bit.