(bright music) >> Hello everyone and welcome back to AWS re:Invent, here in wonderful Las Vegas, Nevada. We're theCUBE. I am Savannah Peterson. Joined with my co-host, Dave Vellante. Day four, you look great. Your voice has come back somehow. >> Yeah, a little bit. I don't know how. I took last night off. You guys, I know, were out partying all night, but - >> I don't know what you're talking about. (Dave laughing) >> Well, you were celebrating John's birthday. John Furrier's birthday today. >> Yes, happy birthday John! >> He's on his way to England. >> Yeah. >> To attend his nephew's wedding. Awesome family. And so good luck, John. I hope you feel better, he's got a little cold. >> I know, good luck to the newlyweds. I love this. I know we're both really excited for our next guest, so I'm going to bring out, Lena Smart from MongoDB. Thank you so much for being here. >> Thank you for having me. >> How's the show going for you? >> Good. It's been a long week. And I just, not much voice left, so. >> We'll be gentle on you. >> I'll give you what's left of it. >> All right, we'll take that. >> Okay. >> You had a fireside chat, at the show? >> Lena: I did. >> Can you tell us a little bit about that? >> So we were talking about the Rise, The developer is a platform. In this massive theater. I thought it would be like an intimate, you know, fireside chat. I keep believing them when they say to me come and do these talks, it'll be intimate. And you turn up and there's a stage and a theater and it's like, oh my god. But it was really interesting. It was well attended. Got some really good questions at the end as well. Lots of follow up, which was interesting. And it was really just about, you know, how we've brought together this developer platform that's got our integrated services. It's just what developers want, it gives them time to innovate and disrupt, rather than worry about the minutia of management. >> Savannah: Do the cool stuff. >> Exactly. >> Yeah, so you know Lena, it's funny that you're saying that oh wow, the lights came on and it was this big thing. When when we were at re:Inforced, Lena was on stage and it was so funny, Lena, you were self deprecating like making jokes about the audience. >> Savannah: (indistinct) >> It was hilarious. And so, but it was really endearing to the audience and so we were like - >> Lena: It was terrifying. >> You got huge props for that, I'll tell you. >> Absolutely terrifying. Because they told me I wouldn't see anyone. Because we did the rehearsal the day before, and they were like, it's just going to be like - >> Sometimes it just looks like blackness out there. >> Yeah, yeah. It wasn't, they lied. I could see eyeballs. It was terrifying. >> Would you rather know that going in though? Or is it better to be, is ignorance bliss in that moment? >> Ignorance is bliss. >> Yeah, yeah yeah. >> Good call Savannah, right? Yeah, just go. >> The older I get, the more I'm just, I'm on the ignorance is bliss train. I just, I don't need to know anything that's going to hurt my soul. >> Exactly. >> One of the things that you mentioned, and this has actually been a really frequent theme here on the show this week, is you said that this has been a transformative year for developers. >> Lena: Yeah. >> What did you mean by that? >> So I think developers are starting to come to the fore, if you like, the fore. And I'm not in any way being deprecating about developers 'cause I love them. >> Savannah: I think everyone here does. >> I was married to one, I live with one now. It's like, they follow me everywhere. They don't. But, I think they, this is my opinion obviously but I think that we're seeing more and more the value that developers bring to the table. They're not just code geeks anymore. They're not just code monkeys, you know, churning out lines and lines of code. Some of the most interesting discussions I've had this week have been with developers. And that's why I'm so pleased that our developer data platform is going to give these folks back time, so that they can go and innovate. And do super interesting things and do the next big thing. It was interesting, I was talking to Mary, our comms person earlier and she had said that Dave I guess, my boss, was on your show - >> Dave: Yeah, he was over here last night. >> Yeah. And he was saying that two thirds of the companies that had been mentioned so far, within the whole gamut of this conference use MongoDB. And so take that, extrapolate that, of all the developers >> Wow. >> who are there. I know, isn't that awesome? >> That's awesome. Congrats on that, that's like - >> Did I hear that right now? >> I know, I just had that moment. >> I know she just told me, I'm like, really? That's - >> That's so cool. >> 'Cause the first thing I thought of was then, oh my god, how many developers are we reaching then? 'Cause they're the ones. I mean, it's kind of interesting. So my job has kind of grown from, over the years, being the security geek in the back room that nobody talks to, to avoiding me in the lift, to I've got a seat at the table now. We meet with the board. And I think that I can see that that's where the developer mindset is moving towards. It's like, give us the right tools and we'll change your world. >> And let the human capital go back to doing the fun stuff and not just the maintenance stuff. >> And, but then you say that, you can't have everything automated. I get that automation is also the buzzword of the week. And I get that, trust me. Someone has to write the code to do the automation. >> Savannah: Right. >> So, so yeah, definitely give these people back time, so that they can work on ML, AI, choose your buzzword. You know, by giving people things like queriable encryption for example, you're going to free up a whole bunch of head space. They don't have to worry about their data being, you know harvested from memory or harvested while at rest or in motion. And it's like, okay, I don't have to worry about that now, let me go do something fun. >> How about the role of the developer as it relates to SecOps, right? They're being asked to do a lot. You and I talked about this at re:Inforce. You seem to have a pretty good handle on it. Like a lot of companies I think are struggling with it. I mean, the other thing you said said to me is you don't have a lack of talent at Mongo, right? 'Cause you're Mongo. But a lot of companies do. But a lot of the developers, you know we were just talking about this earlier with Capgemini, the developer metrics or the application development team's metrics might not be aligned with the CSO's metrics. How, what are you seeing there? What, how do you deal with it within Mongo? What do you advise your customers? >> So in terms of internal, I work very closely with our development group. So I work with Tara Hernandez, who's our new VP of developer productivity. And she and her team are very much interested in making developers more productive. That's her job. And so we get together because sometimes security can definitely be seen as a blocker. You know, funnily enough, I actually had a Slack that I had to respond to three seconds before I come on here. And it was like, help, we need some help getting this application through procurement, because blah, blah, blah. And it's weird the kind of change, the shift in mindset. Whereas before they might have gone to procurement or HR or someone to ask for this. Now they're coming to the CSO. 'Cause they know if I say yes, it'll go through. >> Talk about social engineering. >> Exactly. >> You were talking about - >> But turn it around though. If I say no, you know, I don't like to say no. I prefer to be the CSO that says yes, but. And so that's what we've done. We've definitely got that culture of ask, we'll tell you the risks, and then you can go away and be innovative and do what you need to do. And we basically do the same with our customers. Here's what you can do. Our application is secure out of the box. Here's how we can help you make it even more, you know, streamlined or bespoke to what you need. >> So mobile was a big inflection point, you know, I dunno, it seems like forever ago. >> 2007. >> 2007. Yeah, iPhone came out in 2007. >> You remember your first iPhone? >> Dave: Yeah. >> Yeah? Same. >> Yeah. It was pretty awesome, actually. >> Yeah, I do too. >> Yeah, I was on the train to Boston going up to see some friends at MIT on the consortium that I worked with. And I had, it was the wee one, 'member? But you thought it was massive. >> Oh, it felt - >> It felt big. And I remember I was sitting on the train to Boston it was like the Estella and there was these people, these two women sitting beside me. And they were all like glam, like you and unlike me. >> Dave: That's awesome. >> And they, you could see them like nudging each other. And I'm being like, I'm just sitting like this. >> You're chilling. >> Like please look at my phone, come on just look at it. Ask me about it. And eventually I'm like - >> You're baiting them. >> nonchalantly laid it on the table. And you know, I'm like, and they're like, is that an iPhone? And I'm like, yeah, you want to see it? >> I thought you'd never ask. >> I know. And I really played with it. And I showed them all the cool stuff, and they're like, oh we're going to buy iPhones. And so I should have probably worked for Apple, but I didn't. >> I was going to say, where was your referral kickback on that? Especially - >> It was a little like Tesla, right? When you first, we first saw Tesla, it was Ray Wong, you know, Ray? From Pasadena? >> It really was a moment and going from the Blackberry keyboard to that - >> He's like want to see my car? And I'm like oh yeah sure, what's the big deal? >> Yeah, then you see it and you're like, ooh. >> Yeah, that really was such a pivotal moment. >> Anyway, so we lost a track, 2007. >> Yeah, what were we talking about? 2007 mobile. >> Mobile. >> Key inflection point, is where you got us here. Thank you. >> I gotchu Dave, I gotchu. >> Bring us back here. My mind needs help right now. Day four. Okay, so - >> We're all getting here on day four, we're - >> I'm socially engineering you to end this, so I can go to bed and die quietly. That's what me and Mary are, we're counting down the minutes. >> Holy. >> That's so sick. >> You're breaking my heart right now. I love it. I'm with you, sis, I'm with you. >> So I dunno where I was, really where I was going with this, but, okay, there's - >> 2007. Three things happened. >> Another inflection point. Okay yeah, tell us what happened. But no, tell us that, but then - >> AWS, clones, 2006. >> Well 2006, 2007. Right, okay. >> 2007, the iPhone, the world blew up. So you've already got this platform ready to take all this data. >> Dave: Right. >> You've got this little slab of gorgeousness called the iPhone, ready to give you all that data. And then MongoDB pops up, it's like, woo-hoo. But what we could offer was, I mean back then was awesome, but it was, we knew that we would have to iterate and grow and grow and grow. So that was kind of the three things that came together in 2007. >> Yeah, and then Cloud came in big time, and now you've got this platform. So what's the next inflection point do you think? >> Oh... >> Good question, Dave. >> Don't even ask me that. >> I mean, is it Edge? Is it IOT? Is there another disruptor out there? >> I think it's going to be artificial intelligence. >> Dave: Is it AI? >> I mean I don't know enough about it to talk about it, to any level, so don't ask me any questions about it. >> This is like one of those ignorance is bliss moments. It feels right. >> Yeah. >> Well, does it scare you, from a security perspective? Or? >> Great question, Dave. >> Yeah, it scares me more from a humanity standpoint. Like - >> More than social scared you? 'Cause social was so benign when it started. >> Oh it was - >> You're like, oh - I remember, >> It was like a yearbook. I was on the Estella and we were - >> Shout out to Amtrak there. >> I was with, we were starting basically a wikibond, it was an open source. >> Yeah, yeah. >> Kind of, you know, technology community. And we saw these and we were like enamored of Facebook. And there were these two young kids on the train, and we were at 'em, we were picking the brain. Do you like Facebook? "I love Facebook." They're like "oh, Facebook's unbelievable." Now, kids today, "I hate Facebook," right? So, but social at the beginning it was kind of, like I say, benign and now everybody's like - >> Savannah: We didn't know what we were getting into. >> Right. >> I know. >> Exactly. >> Can you imagine if you could have seen into the future 20 years ago? Well first of all, we'd have all bought Facebook and Apple stock. >> Savannah: Right. >> And Tesla stock. But apart from, but yeah apart from that. >> Okay, so what about Quantum? Does that scare you at all? >> I think the only thing that scares me about Quantum is we have all this security in place today. And I'm not an expert in Quantum, but we have all this security in place that's securing what we have today. And my worry is, in 10 years, is it still going to be secure? 'Cause we're still going to be using that data in some way, shape, or form. And my question is to the quantum geniuses out there, what do we do in 10 years like to retrofit the stuff? >> Dave: Like a Y2K moment? >> Kind of. Although I think Y2K is coming in 2038, isn't it? When the Linux date flips. I'll be off the grid by then, I'll be living in Scotland. >> Somebody else's problem. >> Somebody else's problem. I'll be with the sheep in Glasgow, in Scotland. >> Y2K was a boondoggle for tech, right? >> What a farce. I mean, that whole - >> I worked in the power industry in Y2K. That was a nightmare. >> Dave: Oh I bet. >> Savannah: Oh my God. >> Yeah, 'cause we just assumed that the world was going to stop and there been no power, and we had nuclear power plants. And it's like holy moly. Yeah. >> More than moly. >> I was going to say, you did a good job holding that other word in. >> I think I was going to, in case my mom hears this. >> I grew up near Diablo Canyon in, in California. So you were, I mean we were legitimately worried that that exactly was going to happen. And what about the waste? And yeah it was chaos. We've covered a lot. >> Well, what does worry you? Like, it is culture? Is it - >> Why are you trying to freak her out? >> No, no, because it's a CSO, trying to get inside the CSO's head. >> You don't think I have enough to worry about? You want to keep piling on? >> Well if it's not Quantum, you know? Maybe it's spiders or like - >> Oh but I like spiders, well spiders are okay. I don't like bridges, that's my biggest fear. Bridges. >> Seriously? >> And I had to drive over the Tappan Zee bridge, which is one of the longest, for 17 years, every day, twice. The last time I drove over it, I was crying my heart out, and happy as anything. >> Stay out of Oakland. >> I've never driven over it since. Stay out of where? >> Stay out of Oakland. >> I'm staying out of anywhere that's got lots of water. 'Cause it'll have bridges. >> Savannah: Well it's good we're here in the desert. >> Exactly. So what scares me? Bridges, there you go. >> Yeah, right. What? >> Well wait a minute. So if I'm bridging technology, is that the scary stuff? >> Oh God, that was not - >> Was it really bad? >> It was really bad. >> Wow. Wow, the puns. >> There's a lot of seems in those bridges. >> It is lit on theCUBE A floor, we are all struggling. I'm curious because I've seen, your team is all over the place here on the show, of course. Your booth has been packed the whole time. >> Lena: Yes. >> The fingerprint. Talk to me about your shirt. >> So, this was designed by my team in house. It is the most wanted swag in the company, because only my security people wear it. So, we make it like, yeah, you could maybe have one, if this turns out well. >> I feel like we're on the right track. >> Dave: If it turns out well. >> Yeah, I just love it. It's so, it's just brilliant. I mean, it's the leaf, it's a fingerprint. It's just brilliant. >> That's why I wanted to call it out. You know, you see a lot of shirts, a lot of swag shirts. Some are really unfortunately sad, or not funny, >> They are. >> or they're just trying too hard. Now there's like, with this one, I thought oh I bet that's clever. >> Lena: It is very cool. Yes, I love it. >> I saw a good one yesterday. >> Yeah? >> We fix shit, 'member? >> Oh yeah, yeah. >> That was pretty good. >> I like when they're >> That's a pretty good one. >> just straightforward, like that, yeah yeah. >> But the only thing with this is when you're say in front of a green screen, you look as though you've got no tummy. >> A portal through your body. >> And so, when we did our first - >> That's a really good point, actually. >> Yeah, it's like the black hole to nothingless. And I'm like wow, that's my soul. >> I was just going to say, I don't want to see my soul like that. I don't want to know. >> But we had to do like, it was just when the pandemic first started, so we had to do our big presentation live announcement from home. And so they shipped us all this camera equipment for home and thank God my partner knows how that works, so he set it all up. And then he had me test with a green screen, and he's like, you have no tummy. I'm like, what the hell are you talking about? He's like, come and see. It's like this, I dunno what it was. So I had to actually go upstairs and felt tip with a magic marker and make it black. >> Wow. >> So that was why I did for two hours on a Friday, yeah. >> Couldn't think of another alternative, huh? >> Well no, 'cause I'm myopic when it comes to marketing and I knew I had to keep the tshirt on, and I just did that. >> Yeah. >> In hindsight, yes I could have worn an "I Fix Shit" tshirt, but I don't think my husband would've been very happy. I secure shit? >> There you go, yeah. >> There you go. >> Over to you, Savannah. >> I was going to say, I got acquainted, I don't know if I can say this, but I'm going to say it 'cause we're here right now. I got acquainted with theCUBE, wearing a shirt that said "Unfuck Kubernetes," 'cause it was a marketing campaign that I was running for one of my clients at Kim Con last year. >> That's so good. >> Yeah, so - >> Oh my God. I'll give you one of these if you get me one of those. >> I can, we can do a swapskee. We can absolutely. >> We need a few edits on this film, on the file. >> Lena: Okay, this is nothing - >> We're fallin' off the wheel. Okay, on that note, I'm going to bring us to our challenge that we discussed, before we got started on this really diverse discussion that we have had in the last 15 minutes. We've covered everything from felt tip markers to nuclear power plants. >> To the darkness of my soul. >> To the darkness of all of our souls. >> All of our souls, yes. >> Which is perhaps a little too accurate, especially at this stage in the conference. You've obviously seen a lot Lena, and you've been rockin' it, I know John was in your suite up here, at at at the Venetian. What's your 30 second hot take? Most important story, coming out of the show or for you all at Mongo this year? >> Genuinely, it was when I learned that two-thirds of the customers that had been mentioned, here, are MongoDB customers. And that just exploded in my head. 'Cause now I'm thinking of all the numbers and the metrics and how we can use that. And I just think it's amazing, so. >> Yeah, congratulations on that. That's awesome. >> Yeah, I thought it was amazing. >> And it makes sense actually, 'cause Mongo so easy to use. We were talking about Tengen. >> We knew you when, I feel that's our like, we - >> Yeah, but it's true. And so, Mongo was just really easy to use. And people are like, ah, it doesn't scale. It's like, turns out it actually does scale. >> Lena: Turns out, it scales pretty well. >> Well Lena, without question, this is my favorite conversation of the show so far. >> Thank you. >> Thank you so much for joining us. >> Thank you very much for having me. >> Dave: Great to see you. >> It's always a pleasure. >> Dave: Thanks Lena. >> Thank you. >> And thank you all, tuning in live, for tolerating wherever we take these conversations. >> Dave: Whatever that was. >> I bet you weren't ready for this one, folks. We're at AWS re:Invent in Las Vegas, Nevada. With Dave Vellante, I'm Savannah Peterson. You're washing theCUBE, the leader for high tech coverage.

from around the globe it's thecube covering space and cyber security symposium 2020 hosted by cal poly hello everyone welcome to the space and cyber security symposium 2020 hosted by cal poly where the intersection of space and security are coming together i'm john furrier your host with thecube here in california i want to welcome our featured guest lieutenant general john f thompson with the united states space force approach to cyber security that's the topic of this session and of course he's the commander of the space and missile system center in los angeles air force base also heading up space force general thank you for coming on really appreciate you kicking this off welcome to the symposium hey so uh thank you very much john for that very kind introduction also uh very much thank you to cal poly uh for this opportunity to speak to this audience today also a special shout out to one of the organizers uh dustin brun for all of his work uh helping uh get us uh to this point uh ladies and gentlemen as uh as uh john mentioned uh i'm jt thompson uh i lead the 6 000 men and women of the united states space forces space and missile system center which is headquartered here at los angeles air force base in el segundo if you're not quite sure where that's at it's about a mile and a half from lax this is our main operating location but we do have a number of other operating locations around the country with about 500 people at kirtland air force base in albuquerque new mexico uh and about another 500 people on the front range of the rockies uh between colorado springs and uh and denver plus a smattering of other much smaller operating locations nationwide uh we're responsible for uh acquiring developing and sustaining the united states space force's critical space assets that includes the satellites in the space layer and also on the ground layer our ground segments to operate those satellites and we also are in charge of procuring launch services for the u.s space force and a number of our critical mission partners across the uh department of defense and the intelligence community um just as a couple of examples of some of the things we do if you're unfamiliar with our work we developed and currently sustained the 31 satellite gps constellation that satellite constellation while originally intended to help with global navigation those gps signals have provided trillions of dollars in unanticipated value to the global economy uh over the past three decades i mean gps is everywhere i think everybody realizes that agriculture banking the stock market the airline industry uh separate and distinct navigation systems it's really pervasive across both the capabilities for our department of defense and capabilities for our economy and and individuals billions of individuals across our country and the planet some of the other work we do for instance in the communications sector uh secure communications satellites that we design and build that link america's sons and daughters serving in the military around the world and really enable real-time support and comms for our deployed forces and those of our allies we also acquire uh infrared missile warning satellites uh that monitor the planet for missile launches and provide advanced warning uh to the u.s homeland and to our allies uh in case some of those missile launches are uh nefarious um on a note that's probably a lot closer to home maybe a lot closer to home than many of us want to think about here in the state of california in 2018 smc jumped through a bunch of red tape and bureaucracy uh to partner with the u.s forest service during the two of the largest wildfires in the state's history the camp and woolsey fires in northern california as those fires spread out of control we created processes on the fly to share data from our missile warning satellites those are satellites that are systems that are purpose built to see heat sources from thousands of miles above the planet and we collaborated with the us forest service so that firefighters on the ground uh could track those fires more in real time and better forecast fires and where they were spreading thereby saving lives and and property by identifying hot spots and flare-ups for firefighters that data that we were able to working with our contractors pass to the u.s forest service and authorities here in california was passed in less than an hour as it was collected to get it into the hands of the emergency responders the first responders as quickly as possible and doing that in an hour greatly surpassed what was available from some of the other assets in the airborne and ground-based fire spotters it was really instrumental in fighting those fires and stopping their spread we've continued uh that involvement in recent years using multiple systems to support firefighters across the western u.s this fall as they battled numerous wildfires that unfortunately continue working together with the u.s forest service and with other partners uh we like to make uh we like to think that we made a difference here but there's still a lot more work to go and i think that we should always be asking ourselves uh what else can space data be used for and how can we more rapidly get that space data to uh stakeholders so that they can use it for for purposes of good if you will how else can we protect our nation how else can we protect our friends and allies um i think a major component of the of the discussion that we will have throughout this conference is that the space landscape has changed rapidly and continues to change rapidly um just over the past few years uh john and i were talking before we went live here and 80 nations now have uh space programs 80 nearly 80 space faring nations on the planet um if you just look at one mission area that uh the department of defense is interested in and that's small launch there are currently over a hundred different small launch companies uh within the u.s industrial base vying for commercial dod and civil uh payload capabilities uh mostly to low earth orbit it's it's just truly a remarkable time if you factor in those things like artificial intelligence and machine learning um where we're revolutionary revolutionizing really uh the ways that we generate process and use data i mean it's really remarkable in 2016 so if you think about this four years ago uh nasa estimated that there were 28 terabytes of information transiting their space network each day and that was four years ago um uh obviously we've got a lot of desire to work with a lot of the people in the audience of this congress or in this conference uh we need to work with big thinkers like many of you to answer questions on how best we apply data analytics to extract value and meaning from that data we need new generations of thinkers to help apply cutting edge edge theories of data mining cyber behaviorism and internet of things 2.0 it's just truly a remarkable time uh to be in the space business and the cyber aspects of the states of the space business are truly truly daunting and important to uh to all of us um integrating cyber security into our space systems both commercial and government is a mandate um it's no longer just a nice to have as the us space force and department of the air force leadership has said many times over the past couple of years space is becoming congested and contested and that contested aspect means that we've got to focus on cyber security uh in the same way that the banking industry and cyber commerce focus on uh cyber security day in and day out the value of the data and services provided is really directly tied to the integrity and availability of that data and services from the space layer from the ground control segments associated with it and this value is not just military it's also economic and it's not just american it's also a value for the entire world particularly particularly our allies as we all depend upon space and space systems your neighbors and friends here in california that are employed at the space and missile system center uh work with network defenders we work with our commercial contractors and our systems developers um our international allies and partners to try and build as secure and resilient systems as we can from the ground up that keep the global commons of space free and open for exploration and for commerce um as john and i were talking earlier before we came online there's an aspect of cyber security for space systems especially for some of our legacy systems that's more how do we bolt this on because we fielded those space systems a number of years ago and the the challenges of cyber security in the space domain have grown so we have a part that we have to worry about bolting it on but then we have to worry about building it in as we as we field new systems and build in a flexibility that that realizes that the cyber threat or the cyber security landscape will evolve over time it's not just going to be stagnant there will always be new vulnerabilities and new threat vectors that we always have to look at look uh as secretary barrett who is our secretary of the air force likes to say most americans use space before they have their first cup of coffee in the morning the american way of life really depends on space and as part of the united states space force we work with defense leaders our congress joint and international military teammates and industry to ensure american leadership in space i really thank you for this opportunity to address the audience today john and thanks so much to cal poly for letting me be one of the speakers at this event i really look forward to this for uh several months and so with that i look forward to your questions as we kind of move along here general thank you very much for the awesome uh introductory statement uh for the folks watching on the stream brigadier general carthan is going to be in the chat answering any questions feel free to chat away he's the vice commander of space and missile systems center he'll be available um a couple comments from your keynote before i get to my questions because it just jumped in my head you mentioned the benefits of say space but the fires in california we're living that here that's really real time that's a benefit you also mentioned the ability for more people launching payloads into space and i only imagine moore's law smaller faster cheaper applies to rockets too so i'm imagining you have the benefits of space and you have now more potential objects flying out sanctioned and maybe unsanctioned so you know is it going to be more rules around that i mean this is an interesting question because it's exciting space force but for all the good there is potentially bad out there yeah so i i john i think the uh i think the basics of your question is as space becomes more congested and contested is there a need for more international norms of how satellites fly in space what kind of basic features satellites have to perhaps deorbit themselves what kind of basic protections does do all satellites should all satellites be afforded as part of a peaceful global commons of space i think those are all fantastic questions and i know that u.s and many uh allied policy makers are looking very very hard at those kinds of questions in terms of what are the norms of behavior and how we uh you know how how we field and field is the military term but you know how we uh populate uh using civil or uh commercial terms uh that space layer at different altitudes uh low earth orbit mid mid-earth orbit geosynchronous earth orbit different kinds of orbits uh what the kind of mission areas we accomplish from space that's all things that need to be definitely taken into account as uh as the place gets a little bit not a little bit as the place gets increasingly more popular day in and day out well i'm super excited for space force i know that a new generation of young folks are really interested in it's an emerging changing great space the focus here at this conference is space and cyber security intersection i'd like to get your thoughts on the approach that space force is taking to cyber security and how it impacts our national goals here in the united states yeah yeah so that's a that's a great question john let me let me talk about in two uh two basic ways but number one is and and i know um some people in the audience this might make them a little bit uncomfortable but i have to talk about the threat right um and then relative to that threat i really have to talk about the importance of uh of cyber and specifically cyber security as it relates to that threat um the threats that we face um really represent a new era of warfare and that new era of warfare involves both space and cyber uh we've seen a lot of action in recent months uh from certain countries notably china and russia uh that have threatened what i referred to earlier as the peaceful global commons of space for example uh it through many unclassified sources and media sources everybody should understand that um uh the russians have been testing on orbit uh anti-satellite capabilities it's been very clear if you were following just the week before last the department of defense released its uh 2020 military and security developments involving the people's republic of china um uh and uh it was very clear that china is developing asats electronic jammers directed energy weapons and most relevant to today's discussion offensive cyber uh capabilities there are kinetic threats uh that are very very easy to see but a cyber attack against a critical uh command and control site or against a particular spacecraft could be just as devastating to the system and our war fighters in the case of gps and important to note that that gps system also impacts many civilians who are dependent upon those systems from a first response perspective and emergency services a cyber attack against a ground control site could cause operators to lose control of a spacecraft or an attacker could feed spoofed data to a system to mislead operators so that they send emergency services personnel to the to the wrong address right attacks on spacecraft on orbit whether directly via a network of intrusion or enabled through malware introduced during the systems production uh while we're building the satellite can [ __ ] or corrupt the data denial of service type attacks on our global networks obviously would disrupt our data flow and interfere with ongoing operations and satellite control i mean if gps went down i you know i hesitate to say it this way because we might elicit some screams from the audience but if gps went down a starbucks wouldn't be able to handle your mobile order uber drivers wouldn't be able to find you and domino's certainly certainly wouldn't be able to get there in 30 minutes or less right so with a little bit of tongue-in-cheek there from a military operations perspective it's dead serious um uh we have become accustomed in the commercial world to threats like lance ransomware and malware and those things have unfortunately become commonplace in commercial terrestrial networks and computer systems however what we're seeing is that our adversaries with the increased competition in space these same techniques are being retooled if you will to use against our national security space systems uh day in and day out um as i said during my opening remarks on the importance of cyber the value of these systems is directly tied to their integrity if commanders in the field uh firefighters in california or baristas in in starbucks can't trust the data they see they're receiving then that really harms their decision-making capabilities one of the big trends we've recently seen is the mood move towards proliferated leo uh uh constellations obviously uh spacex's uh starlink uh on the commercial side and on the military side the work that darpa and my organization smc are doing on blackjack and casino as well as some space transport layer constellation work that the space development agency is designing are all really really important types of mesh network systems that will revolutionize how we plan and field warfighting systems and commercial communications and internet providing systems but they're also heavily reliant on cyber security uh we've got to make sure that they are secured to avoid an accident or international damage uh loss of control of these constellations really could be catastrophic from both a mission perspective or from uh you know satellites tumbling out of low earth orbit perspective another trend is introductions in artificial intelligence and machine learning on board spacecraft or at the edge our satellites are really not so much hardware systems with a little software anymore in the commercial sector and in the defense sector they're basically flying boxes full of software right and we need to ensure the data that we're getting out of those flying boxes full of software are helping us base our decisions on accurate data and algorithms govern governing the right actions and that those uh that those systems are impervious to the extent possible uh to nefarious uh modifications so in summation a cyber security is vital element of everything in our national security space goals and i would argue for our national uh goals uh writ large including uh economic and information uh uh dimensions uh the space force leadership at all levels uh from uh some of the brand new second lieutenants that general raymond uh swore into the space force this morning uh ceremonially from the uh air force association's air space and cyberspace conference uh to the various highest levels general raymond uh general d t thompson myself and a number of other senior leaders in this enterprise we've got to make sure that we're all working together to keep cyber security at the forefront of our space systems because it they absolutely depend on it you know you mentioned uh hardware software threats opportunities challenges i want to ask you because you you got me thinking of the minute there around infrastructure i mean we've heard critical infrastructure you know grids here on on earth you're talking about critical infrastructure a redefinition of what critical infrastructure is an extension of what we have so i'd love to get your thoughts about space force's view of that critical infrastructure vis-a-vis the threat vectors because you know the term threat vectors has been kicked around in the cyber space oh yeah threat vectors they're always increasing the surface area well if the surface area is from space it's an unlimited surface area so you got different vectors so you got new critical infrastructure developing real time really fast and you got an expanded threat vector landscape putting that in perspective for the folks that aren't really inside the ropes on these critical issues how would you explain this and how would you talk about those two things well so i tell you um i just like um uh just like uh i'm sure people in the security side or the cyber security side of the business in the banking industry feel they feel like it's uh all possible threat vectors represent a dramatic and protect potentially existential threat to all of the dollars that they have in the banking system to the financial sector on the department of defense side we've got to have sort of the same mindset um that threat vector from to and through space against critical space systems ground segments the launch enterprise or transportation uh to orbit and the various different uh domains within uh within space itself like i mentioned before uh leo mio and geo-based satellites with different orbits all of the different mission areas that are accomplished from space that i mentioned earlier some that i didn't mention like weather tactical or wide band communications uh various new features of space control all of those are things that we have to worry about from a cyber security uh threat perspective and it's a it's a daunting challenge right now right yeah it's awesome and one of the things we've been following on the hardware side here in the on the ground is the supply chain we've seen you know malware being you know really put into really obscure hardware who manufactures it as being outsourced obviously government has restrictions but with the private sector uh you mentioned china and and the us kind of working together across these these peaceful areas but you got to look at the supply chain how does the supply chain the security aspect impact the mission of the u.s space force yeah yeah so so um how about another um just in terms of an example another kind of california-based historical example right um the very first u.s satellite uh explorer one was built by uh the jet propulsion uh laboratory folks uh not far from here in el segundo up in uh up in pasadena um that satellite when it was first built in the late 50s uh weighed a little bit over 30 pounds and i'm sure that each and every part was custom made and definitely made by u.s companies fast forward to today the global supply chain is so tightly coupled and frankly many industries are so specialized almost specialized regionally around the planet we focus every day to guarantee the integrity of every component that we put in our space systems is absolutely critical to the operations of those satellites and we're dependent upon them but it becomes more difficult and more difficult to understand the the heritage if you will of some of the parts that are used the thousands of parts that are used in some of our satellites that are literally school bus sized right the space industry especially uh national security space sector um uh is relatively small compared to other commercial industries and we're moving to towards using more and more parts uh from non-us companies uh cyber security and cyber awareness have to be baked in from the beginning if we're going to be using parts that maybe we don't necessarily um understand 100 percent like an explorer one uh the the lineage of that particular part the environmental difficulties in space are well known the radiation environment the temperature extremes the vacuum those require specialized component and the us military is not the only uh customer in that space in fact we're definitely not the dominant customer uh in space anymore all those factors require us along with our other government partners and many different commercial space organizations to keep a very close eye on our supply chains from a quality perspective a security perspective and availability um there's open source reporting on supply training intrusions from um many different breaches of commercial retailers to the infectious spread of uh you know compromised patches if you will and our adversaries are aware of these techniques as i mentioned earlier with other forms of attack considering our supply chains and development networks really becomes fair game for our adversaries so we have to uh take that threat seriously um between the government and industry sectors here in the u.s we're also working with our industry partners to enact stronger defenses and assess our own vulnerabilities last fall we completed an extensive review of all of our major contracts here at space and missile system center to determine the levels of cyber security requirements we've implemented across our portfolio and it sounds really kind of you know businessy geeky if you will you know hey we looked at our contracts to make sure that we had the right clauses in our contracts to address cyber security as dynamically as we possibly could and so we found ourselves having to add new language to our contracts to require system developers to implement some more advanced uh protective measures in this evolving cyber security environment so that data handling and supply chain perspective uh protections um from contract inception to launch and operations were taken into account uh cyber security really is a key performance parameter for us now it's as important as the the mission performance of the system it's as important as cost it's as important as schedule because if we deliver the perfect system on time and on cost uh it can perform that missile warning or that communications mis mission perfectly but it's not cyber secure if it doesn't have cyber protections built into it or the ability to implement mitigations against cyber uh threats then we've essentially fielded a shoe box in space that doesn't do the k the the war fighter or the nation uh any good um supply chain risk management is a is a major challenge for us uh we're doing a lot to coordinate with our industry partners uh we're all facing it head on uh to try and build secure and trusted components uh that keep our confidence as leaders firefighters and baristas uh as the case may be uh but it is a challenge and we're trying to rise to that challenge you know this so exciting this new area because it really touches everything you know talk about geeking out on on the tech the hardware the systems but also you put your kind of mba hat on you go what's the roi of the extra development and how you how things get built because the always the exciting thing for space geeks is like you're building cool stuff people love it's it's exciting but you still have to build and cyber security has proven that security has to be baked in from the beginning and be thought as a system architecture so you're still building things which means you've got to acquire things you got to acquire parts you got to acquire build software and and sustain it how is security impacting the acquisition and the sustainment of these systems for space yeah from initial development uh through planning for the acquisition design development fielding or production fielding and sustainment it impacts all aspects of of the life cycle john uh we simply especially from the concept of baking in cyber security uh we can't wait until something is built and then try and figure out how to make it cyber secure so we've moved way further uh towards working side by side with our system developers to strengthen cyber security from the very beginning of a system's development cyber security and the resilience associated with it really have to be treated as a key system attribute as i mentioned earlier equivalent with data rates or other metrics of performance we like to talk in uh in the space world about uh mission assurance and mission assurance has always you know sort of taken us as we as we technically geek out right mission assurance has always taken us to the will this system work in space right can it work in a vacuum can it work in you know as it as it uh you know transfers through uh the van allen radiation belt or through the the um the southern hemisphere's electromagnetic anomaly right will it work out in space and now from a resiliency perspective yeah it has to work in space it's got to be functional in space but it's also got to be resistant to these cyber security threats it's it's not just i think uh general dt thompson quoted this term it's not just widget assurance anymore it's mission assurance um uh how does that satellite uh operator that ground control segment operate while under attack so let me break your question a little bit uh just for purposes of discussion into into really two parts uh cyber uh for cyber security for systems that are new and cyber security uh for systems that are in sustainment or kind of old and legacy um obviously there's cyber vulnerabilities that threaten both and we really have to employ different strategies for for defense of of each one for new systems uh we're desperately trying to implement across the department of defense in particular in the space world a kind of a devsecops methodology and practice to delivering software faster and with greater security for our space systems here at smc we have a program called enterprise ground services which is a tool kit basically a collection of tools for common command and control of different satellite systems egs as we call it has an integrated suite for defensive cyber capabilities network operators can use these tools to gain unprecedented insight to data flows and to monitor space network traffic for anomalies or other potential indicators of of bad behavior malicious behavior if you will um uh it's rudimentary at this point but because we're using devsecops and that incremental development approach as we scale it it just becomes more and more capable you know every every product increment that we field here at uh at uh la air force base uh uh we have the united space space forces west coast software factory which we've dubbed kobayashi maru they're using those agile devops uh software development practices uh to deliver uh space awareness software uh to the combined space operations center uh affectionately called the csp that c-spock is just down the road uh from cal poly uh there in san luis obispo at vandenberg air force base they've securely linked the c-spock with other space operation centers around the planet our allies australia canada and the uk uh we're partnering with all of them to enable secure and enhanced combined space operations so lots of new stuff going on as we bake in new development uh capabilities for our our space systems but as i mentioned earlier we've got large constellations on satellite of satellites on orbit right now some of them are well in excess of a decade or more old on orbit and so the design aspects of those satellites are several decades old and so but we still have to worry about them because they're critical to our space capabilities um we've been working with an air force materiel command organization uh called crows which stands for the cyber resiliency office for uh weapon systems to assess all of those legacy platforms from a cyber security perspective and develop defensive strategies and potential hardware and software upgrades to those systems to better enable them to to live through this increasingly cyber security uh concerned era that we currently live in our industry partners have been critical to to both of those different avenues both new systems and legacy systems we're working closely with them to defend and upgrade uh national assets and develop the capabilities to do similar with uh with new national assets coming online the vulnerabilities of our space systems really kind of threaten the way we've done business in the past both militarily and in the case of gps economically the impacts of that cyber security risk are clear in our acquisition and sustainment processes but i've got to tell you it that as the threat vectors change as the vulnerabilities change we've got to be nimble enough agile enough to be able to bounce back and forth we can't just say uh many people in the audience are probably familiar with the rmf or the risk management framework approach to um to reviewing uh the cyber security of a system we can't have program managers and engineers just accomplish an rmf on a system and then hey high five we're all good uh it's a journey not a destination that's cyber security and it's a constant battle rhythm throughout a weapon systems life cycle not just a single event i want to get to this commercial business needs and your needs on the next question but before i go there you mentioned the agile and i see that clearly because when you have accelerated innovation cycles you've got to be faster and we saw this in the computer industry mainframes mini computers and then when you started getting beyond me when the internet hit and pcs came out you saw the big enterprises the banks and and government start to work with startups it used to be a joke in the entrepreneurial circles is that you know there's no way if you're a startup you're ever going to get a contract with a big business enterprise now that used to be for public sector and certainly uh for you guys so as you see startups out there and there's acquisition involved i'm sure would love to love to have a contract with space force there's an roi calculation where if it's in space and you have a sustainment view edit software you might have a new kind of business model that could be attractive to startups could you share your thoughts on the folks who want to be a supplier to you uh whether they're a startup or an existing business that wants to be agile but they might not be that big company we are john that's a fantastic question we are desperately trying to reach out to to those new space advocates to those startups to those um what we sometimes refer to within the department of defense those non-traditional uh defense contractors a couple of things just for uh thinking purposes on some of the things that we're trying to highlight um uh three years ago we created here at uh space and missile system center uh the space enterprise consortium uh to provide a platform uh a contractual vehicle really to enable us to rapidly prototype uh development of space systems and to collaborate uh between the u.s space force uh traditional defense contractors non-traditional vendors like startups and even some academic institutions uh spec as we call it space enterprise consortium uses a specialized contracting tool to get contracts uh awarded quickly many in the audience may be familiar with other transaction agreements and that's what spec is based on and so far in just three years spec has awarded 75 different uh prototyping contracts worth over 800 million dollars with a 36 reduction in time to award and because it's a consortium based competition for um for these kinds of prototyping efforts the barrier to entry for small and non-traditional for startups even for academic institutions to be able to compete for these kinds of prototypings is really lowered right um uh these types of partnerships uh that we've been working through on spec uh have really helped us work with smaller companies who might not have the background or expertise in dealing with the government or in working with cyber security uh for their systems both their developmental systems and the systems that they're designing and trying to build we want to provide ways for companies large and small to partner together and support um uh kind of mutually beneficial uh relationships between all um recently uh at the annual air force association uh conference that i mentioned earlier i moderated a panel with several space industry leaders uh all from big traditional defense contractors by the way and they all stressed the importance of building bridges and partnerships uh between major contractors in the defense industry and new entrants uh and that helps us capture the benefits of speed and agility that come with small companies and startups as well as the expertise and specialized skill sets of some of those uh larger contractors uh that we rely on day in and day out advanced cyber security protections and utilization of secure facilities are just a couple of things that i think we could be prioritizing more so in those collaborations as i mentioned earlier the spec has been very successful in awarding a number of different prototyping contracts and large dollar values and it's just going to get better right there's over 400 members of the space enterprise consortium 80 of them are non-traditional kinds of vendors and we just love working with them another thing that many people in the audience may be familiar with in terms of our outreach to innovators uh if you will and innovators that include uh cyber security experts is our space pitch day events right so we held our first event last november in san francisco uh where we awarded over a two-day period about 46 million dollars to 30 different companies um that had potentially game-changing ideas these were phase two small business innovative research efforts uh that we awarded with cash on the spot uh we're planning on holding our second space pitch day in the spring of 2021. uh we're planning on doing it right here in los angeles uh covent 19 environment permitting um and we think that these are you know fantastic uh uh venues for identifying and working with high-speed startups startups and small businesses who are interested in uh really truly partnering with the us air force it's a as i said before it's a really exciting time to be a part of this business uh and working with the innovation economy uh is something that the department of defense uh really needs to do in that um the innovation that we used to think was ours you know that 80 percent of the industrial-based innovation that came from the department of defense uh the the script has been flipped there and so now more than 70 percent uh particularly in space innovation uh comes from the commercial sector not from uh not from the defense business itself and so um that's a tsunami of uh investment and a tsunami of uh capability and i need to figure out how to get my surfboard out and ride it you know what i mean yeah i mean it's one of those things where the flip the script has been flipped but it's exciting because it's impacting everything are you talking about systems architecture you're talking about software you're talking about a business model you talk about devsecops from a technical perspective but now you have a business model innovation all the theaters of uh are exploding in innovation technical business personnel this brings up the workforce challenge you've got the cyber needs for the u.s space force there's probably a great roi model for new kinds of software development that could be priced into contracts that's a entrepreneurial innovation you got the the business model theater you've got the personnel how does the industry adopt and change you guys are clearly driving this how does the industry adjust to you yeah so um i think a great way to answer that question is to just talk about the kind of people that we're trying to prioritize in the u.s space force from a from an acquisition perspective and in this particular case from a from a cyber security perspective as i mentioned earlier it's the most exciting time to be in space programs uh really since the days of apollo um uh you know just to put it in terms that you know maybe have an impact with the audience uh from 1957 until today approximately 9 000 satellites uh have been launched from the various space faring countries around the planet uh less than two thousand of those nine thousand are still up on orbit and operational and yet in the new space regime um players like spacex have plans to launch you know 12 000 satellites for some of their constellations alone it really is a remarkable time in terms of innovation and fielding of space capabilities and all of those space capabilities whether they're commercial civil or defense are going to require appropriate cyber security uh protections it's just a really exciting time uh to be working in stuff like this and so uh folks like the folks in this audience who have a passion about space and a passion about cyber security are just the kind of people that we want to work with because we need to make sure our systems are are secure and resilient we need folks that have technical and computing expertise engineering skills to be able to design cybersecure systems that can detect and mitigate attacks uh but we also as you alluded to we need people that have that business and um you know business acumen human networking background so that we can launch the startups and work with the non-traditional businesses uh help to bring them on board help to secure both their data and our data and uh and and make sure our processes and systems are are free as much as possible from uh uh from attack um for preparation for for audience members who are young and maybe thinking about getting into this uh trade space um you gotta be smart on digital networking uh you gotta understand basic internet protocols concepts uh programming languages uh database design uh learn what you can from penetration or vulnerability testing and and uh risk assessment i will tell you this and i don't think he will i know he will not mind me telling you this but you've got to be a lifelong learner and so two years ago i'm at home one evening and i get a phone call on my cell phone and it's my boss the commander of air force space command uh general j raymond who is now currently the chief of space operations and he is on temporary duty flying overseas he lands where he's going and he first thing he does when he lands is he calls me and he goes jt um while i was traveling um i noticed that there were e-books available on the commercial airliner i was traveling on and there was an e-book on something called scrumming and agile devsecops and i read it have you read it um and i said no sir but if you tell me what the title of the book is i will read it and so i got to go to my staff meeting um you know the very next week the next time we had a staff meeting and tell everybody in the stab meeting hey if the four star and the three star can read the book about scrumming then i'm pretty sure all of you around this table and all our lieutenants and our captains our gs13s all of our government employees can get smart on uh the scrumming development process and interestingly as another side i had a telephone call with him last year during the holidays where he was trying to take some leave and i said sir what are you up to today are you are you you know making eggnog for the event tonight or whatever and the chief of space operations told me no i'm trying to teach myself python i'm at lesson two and it's not going so well but i'm i'm gonna figure this out and so that kind of thing if the chief of staff or the you know the the the chief of space operations can prioritize scrumming and python language and innovation in his daily schedule then we're definitely looking for other people who can do that and we'll just say lower levels of rank uh throughout our entire space force enterprise um look i i we don't need to need people that can code a satellite from scratch but we need to know we need to have people that have a basic grasp of the programming basics and cyber security requirements and that can turn those things into into meaningful actions obviously in the space domain things like basic physics and orbital mechanics are also important uh space is not an intuitive uh domain so under understanding how things survive uh on orbit is really critical to making the right design and operational decisions and you know i know there's probably a lot because of this conference i know there's a probably a whole lot of high-speed cyber security experts out in the audience and i need those people in the u.s space force the the country is counting on it but i wouldn't discount having people that are just cyber aware or cyber savvy right i have contracting officers and logisticians and program managers and they don't have to be high-end cyber security experts but they have to be aware enough about it to be able to implement cyber security protections um into our space system so the skill set is is really really broad um our adversaries are pouring billions of dollars into uh define designing uh and fielding offensive and destructive space cyber security weapons right they've repeatedly shown really a blatant disregard of safety and international norms for good behavior on orbit and the cyber security aspects of our space systems is really a key battleground going forward so that we can maintain that as i mentioned before peaceful uh global commons of space we really need all hands on deck if you're interested in helping in uniform if you're interested in helping uh not in uniform uh but as a government employee a commercial or civil employee to help us make cyber security more important uh or more cape more able to be developed for our space systems then we'd really love to uh to work with you or have you on the team to build that safe and secure future for our space systems lieutenant general john thompson great insight thank you for sharing all that awesome stories too and motivation for the young next generation the united states space force approach of cyber security really amazing talk thank you for your time final parting question is as you look out and you had your magic wand what's your view for the next few years in terms of things that we could accomplish it's a super exciting time what do you hope for so um um first of all john thanks to you and and thanks to cal poly uh for the invitation and and thanks to everybody for uh for their interest in cyber security especially as it relates to space systems that's here at the conference um uh there's a quote and i'll read it here uh from uh bernard schriever who was the uh the founder if you will uh a legend in uh dod space the founder of the western development division which was a predecessor organization to space and missile systems center general shrever i think captures the essence of what how we see the next couple of years the world has an ample supply of people who can always come up with a dozen good reasons why new ideas will not work and should not be tried but the people who produce progress are breed apart they have the imagination the courage and the persistence to find solutions and so i think if you're hoping that the next few years of space innovation and cyber security innovation are going to be a pony ride at the county fair then perhaps you should look for another line of work because i think the next few years in space and cyber security innovation are going to be more like a rodeo um and a very dynamic rodeo as it goes it is a an awesome privilege to be part of this ecosystem it's really an honor for me to um to be able to play some small role uh in the space ecosystem and trying to improve it uh while i'm trying to improve the chances of uh of the united states of america in a uh in a space war fighting uh uh environment um and so i thank all of you for uh participating today and for this little bit of time that you've allowed me to share with you thank you sir thank you for your leadership and thank you for the for the time for this awesome event space and cyber security symposium 2020 i'm john furrier on behalf of cal poly thanks for watching [Music]

>> Narrator: From around the globe. It's theCUBE covering space in cybersecurity symposium 2020 hosted by Cal Poly. >> Hello, everyone. Welcome to the space and cybersecurity symposium, 2020 hosted by Cal Poly where the intersection of space and security are coming together. I'm John Furrier, your host with theCUBE here in California. I want to welcome our featured guest, Lieutenant General, John F. Thompson with the United States Space Force approach to cybersecurity. That's the topic of this session. And of course he's the commander of the space and missile system center in Los Angeles Air Force Base. Also heading up Space Force. General, thank you for coming on. I really appreciate to you kicking this off. Welcome to the symposium. >> Hey, so thank you very much, John, for that very kind introduction. Also very much thank you to Cal Poly for this opportunity to speak to this audience today. Also a special shout out to one of the organizers, Dustin Debrun, for all of his work, helping get us to this point. Ladies and gentlemen as a John mentioned, I'm JT Thompson. I lead the 6,000 men and women of the United States Space Force's Space and Missile System Center, which is headquartered here at Los Angeles Air Force Base and El Segundo. If you're not quite sure where that's at, it's about a mile and a half from LAX. This is our main operating location, but we do have a number of other operating locations around the country. We're about 500 people at Kirtland Air Force Base in Albuquerque, New Mexico, and an about another 500 people on the front range of the Rockies between Colorado Springs and Denver plus a smattering of other much smaller operating locations nationwide. We're responsible for acquiring, developing and sustaining the United States Space Force's, critical space assets. That includes the satellites in the space layer and also on the ground layer our ground segments to operate those satellites. And we also are in charge of procuring launch services for the US Space Force and a number of our critical mission partners across the Department of Defense and the intelligence community. Just as a couple of examples of some of the things we do, if you're unfamiliar with our work we developed and currently sustain the 31 satellite GPS constellation that satellite constellation, while originally intended to help with global navigation, those GPS signals have provided trillions of dollars in unanticipated value to the global economy over the past three decades. GPS is everywhere. I think everybody realizes that. Agriculture, banking, the stock market, the airline industry, separate and distinct navigation systems. It's really pervasive across both capabilities for our Department of Defense and capabilities for our economy and individuals, billions of individuals across our country and the planet. Some of the other work we do for instance, in the communications sector, secure communications satellites that we designed and build that link America's sons and daughters serving in the military around the world and really enable real time support and comms for our deployed forces. And those of our allies. We also acquire infrared missile warning satellites that monitor the planet for missile launches that provide advanced warning to the US Homeland and to our allies in case some of those missile launches are nefarious. On a note, that's probably a lot closer to home, maybe a lot closer to home than many of us want to think about here in the state of California. In 2018, SMC jumped through a bunch of red tape and bureaucracy to partner with the US Forest Service during two of the largest wildfires in the state's history, the Camp and Woolsey fires in Northern California. As those fires spread out of control, we created processes on the fly to share data from our missile warning satellites. Those are satellites that are systems that are purpose built to see heat sources from thousands of miles above the planet. And we collaborated with the US Forest Service so that firefighters on the ground could track those fires more in real time and better forecast fires and where they were spreading, thereby saving lives and property by identifying hotspots and flareups for firefighters. That data that we were able to working with our contractors pass to the US Forest Service and authorities here in California, was passed in less than an hour as it was collected to get it into the hands of the emergency responders, the first responders as quickly as possible and doing that in an hour greatly surpassed what was available from some of the other assets in the airborne and ground-based fire spotters. It was really instrumental in fighting those fires and stopping their spread. We've continued that involvement in recent years, using multiple systems to support firefighters across the Western US this fall, as they battled numerous wildfires that unfortunately continue. Working together with the US Forest Service and with other partners we'd like to think that we've made a difference here, but there's still a lot more work to go. And I think that we should always be asking ourselves what else can space data be used for and how can we more rapidly get that space data to stakeholders so that they can use it for purposes of good, if you will. How else can we protect our nation? How else can we protect our friends and allies? I think a major component of the discussion that we will have throughout this conference is that the space landscape has changed rapidly and continues to change rapidly. Just over the past few years, John and I were talking before we went live here and 80 nations now have space programs. Nearly 80 space faring nations on the planet. If you just look at one mission area that the Department of Defense is interested in, and that's small launch, there are currently over 100 different small launch companies within the US industrial base vying for commercial DoD and civil payload capabilities, mostly to lower earth orbit. It's truly a remarkable time. If you factor in those things like artificial intelligence and machine learning, where we're revolutionizing really, the ways that we generate process and use data. It's really remarkable. In 2016, so if you think about this four years ago, NASA estimated that there were 28 terabytes of information transiting their space network each day. And that was four years ago. Obviously we've got a lot of desire to work with a lot of the people in the audience in this conference, we need to work with big thinkers, like many of you to answer questions on how best we apply data analytics to extract value and meaning from that data. We need new generations of thinkers to help apply cutting edge theories of data mining, cyber behaviorism, and Internet of Things 2.0, it's just truly a remarkable time to be in the space business and the cyber aspects of the space business are truly, truly daunting and important to all of us. Integrating cyber security into our space systems, both commercial and government is a mandate. it's no longer just a nice to have as the US Space Force and Department of the Air Force leadership has said many times over the past couple of years, space is becoming congested and contested. And that contested aspect means that we've got to focus on cyber security in the same way that the banking industry and cyber commerce focus on cybersecurity day in and day out. The value of the data and services provided is really directly tied to the integrity and availability of that data and services from the space layer, from the ground control segments associated with it. And this value is not just military, it's also economic and it's not just American, it's also a value for the entire world, particularly our allies, as we all depend upon space and space systems. Your neighbors and friends here in California that are employed at the space and missile system center work with network defenders. We work with our commercial contractors and our systems developers, our international allies and partners to try and build as secure and resilient systems as we can from the ground up that keep the global comments of space free and open for exploration and for commerce as John and I were talking earlier, before we came online, there's an aspect of cybersecurity for space systems, especially for some of our legacy systems, that's more, how do we bolt this on? Cause we fielded those space systems a number of years ago, and the challenges of cybersecurity in the space domain have grown. So we have a part that we have to worry about, bolting it on, but then we have to worry about building it in as we field new systems and build in a flexibility that realizes that the cyber threat or the cybersecurity landscape will evolve over time. It's not just going to be stagnant. There will always be new vulnerabilities and new threat vectors that we all have to look at. Look, as Secretary Barrett, who is our secretary of the air force likes to say most Americans use space before they have their first cup of coffee in the morning. The American way of life really depends on space. And as part of the United States Space Force, we work with defense leaders, our Congress joint, and international military teammates and industry to ensure American leadership in space. I really thank you for this opportunity to address the audience today, John, and thanks so much to Cal Poly for letting me be one of the speakers at this event. I've really looked forward to this for several months. And so with that, I look forward to your questions as we kind of move along here. >> General, thank you very much for those awesome introductory statement. For the folks watching on the stream, Brigadier General Carthan's going to be in the chat, answering any questions, feel free to chat away. He's the vice commander of Space and Missile System Center, he'll be available. A couple of comments from your keynote before I get to my questions. Cause it just jumped into my head. You mentioned the benefits of say space with the fires in California. We're living that here. That's really realtime. That's a benefit. You also mentioned the ability for more people launching payloads into space. I'm only imagined Moore's law smaller, faster, cheaper applies to rockets too. So I'm imagining you have the benefits of space and you have now more potential objects flying out sanctioned and maybe unsanctioned. So is it going to be more rules around that? This is an interesting question cause it's exciting Space Force, but for all the good there is potentially bad out there. >> Yeah. So John, I think the basics of your question is as space becomes more congested and contested, is there a need for more international norms of how satellites fly in space? What kind of basic features satellites have to perhaps de orbit themselves? What kind of basic protections should all satellites be afforded as part of a peaceful global commons of space? I think those are all fantastic questions. And I know that US and many allied policy makers are looking very, very hard at those kinds of questions in terms of what are the norms of behavior and how we field, and field as the military term. But how we populate using civil or commercial terms that space layer at different altitudes, lower earth orbit, mid earth orbit, geosynchronous earth orbit, different kinds of orbits, what the kind of mission areas we accomplished from space. That's all things that need to be definitely taken into account as the place gets a little bit, not a little bit as the place gets increasingly more popular day in and day out. >> I'm super excited for Space Force. I know that a new generation of young folks are really interested in it's an emerging, changing great space. The focus here at this conference is space and cybersecurity, the intersection. I'd like to get your thoughts on the approach that a space force is taking to cybersecurity and how it impacts our national goals here in the United States. >> Yeah. So that's a great question John, let me talk about it in two basic ways. At number one is an and I know some people in the audience, this might make them a little bit uncomfortable, but I have to talk about the threat. And then relative to that threat, I really have to talk about the importance of cyber and specifically cyber security, as it relates to that threat. The threats that we face really represented a new era of warfare and that new era of warfare involves both space and cyber. We've seen a lot of action in recent months from certain countries, notably China and Russia that have threatened what I referred to earlier as the peaceful global commons of space. For example, it threw many unclassified sources and media sources. Everybody should understand that the Russians have been testing on orbit anti-satellite capabilities. It's been very clear if you were following just the week before last, the Department of Defense released its 2020 military and security developments involving the People's Republic of China. And it was very clear that China is developing ASATs, electronic jammers, directed energy weapons, and most relevant to today's discussion, offensive cyber capabilities. There are kinetic threats that are very, very easy to see, but a cyber attack against a critical command and control site or against a particular spacecraft could be just as devastating to the system and our war fighters in the case of GPS and important to note that that GPS system also impacts many civilians who are dependent on those systems from a first response perspective and emergency services, a cyber attack against a ground control site could cause operators to lose control of a spacecraft or an attacker could feed spoofed data to assist them to mislead operators so that they sent emergency services personnel to the wrong address. Attacks on spacecraft on orbit, whether directly via a network intrusion or enabled through malware introduced during the system's production while we're building the satellite can cripple or corrupt the data. Denial-of-service type attacks on our global networks obviously would disrupt our data flow and interfere with ongoing operations and satellite control. If GPS went down, I hesitate to say it this way, cause we might elicit some screams from the audience. But if GPS went down a Starbucks, wouldn't be able to handle your mobile order, Uber drivers wouldn't be able to find you. And Domino's certainly wouldn't be able to get there in 30 minutes or less. So with a little bit of tongue in cheek there from a military operations perspective, it's dead serious. We have become accustomed in the commercial world to threats like ransomware and malware. And those things have unfortunately become commonplace in commercial terrestrial networks and computer systems. However, what we're seeing is that our adversaries with the increased competition in space these same techniques are being retooled, if you will, to use against our national security space systems day in and day out. As I said, during my opening remarks on the importance of cyber, the value of these systems is directly tied to their integrity. If commanders in the field, firefighters in California or baristas in Starbucks, can't trust the data they're receiving, then that really harms their decision making capabilities. One of the big trends we've recently seen is the move towards proliferated LEO constellations, obviously Space X's Starlink on the commercial side and on the military side, the work that DARPA and my organization SMC are doing on Blackjack and Casino, as well as some space transport layer constellation work that the space development agency is designing are all really, really important types of mesh network systems that will revolutionaries how we plan and field war fighting systems and commercial communications and internet providing systems. But they're also heavily reliant on cybersecurity. We've got to make sure that they are secured to avoid an accident or international damage. Loss of control of these constellations really could be catastrophic from both a mission perspective or from a satellites tumbling out of low earth orbit perspective. Another trend is introductions in artificial intelligence and machine learning, onboard spacecraft are at the edge. Our satellites are really not so much hardware systems with a little software anymore in the commercial sector and in the defense sector, they're basically flying boxes full of software. And we need to ensure that data that we're getting out of those flying boxes full of software are helping us base our decisions on accurate data and algorithms, governing the right actions and that those systems are impervious to the extent possible to nefarious modifications. So in summation, cybersecurity is a vital element of everything in our national security space goals. And I would argue for our national goals, writ large, including economic and information dimensions, the Space Force leadership at all levels from some of the brand new second lieutenants that general Raymond swore in to the space force this morning, ceremonially from the air force associations, airspace and cyberspace conference to the various highest levels, General Raymond, General DT Thompson, myself, and a number of other senior leaders in this enterprise. We've got to make sure that we're all working together to keep cyber security at the forefront of our space systems cause they absolutely depend on it. >> You mentioned hardware, software threats, opportunities, challenges. I want to ask you because you got me thinking of the minute they're around infrastructure. We've heard critical infrastructure, grids here on earth. You're talking about critical infrastructure, a redefinition of what critical infrastructure is, an extension of what we have. So I'd love to get your thoughts about Space Force's view of that critical infrastructure vis-a-vis the threat vectors, because the term threat vectors has been kicked around in the cyberspace. Oh you have threat vectors. They're always increasing the surface area. If the surface area is from space, it's an unlimited service area. So you got different vectors. So you've got new critical infrastructure developing real time, really fast. And you got an expanded threat vector landscape. Putting that in perspective for the folks that aren't really inside the ropes on these critical issues. How would you explain this and how would you talk about those two things? >> So I tell you, just like, I'm sure people in the security side or the cybersecurity side of the business in the banking industry feel, they feel like it's all possible threat vectors represent a dramatic and protect potentially existential threat to all of the dollars that they have in the banking system, to the financial sector. On the Department of Defense side, we've got to have sort of the same mindset. That threat vector from, to, and through space against critical space systems, ground segments, the launch enterprise, or transportation to orbit and the various different domains within space itself. Like I mentioned before, LEO, MEO and GEO based satellites with different orbits, all of the different mission areas that are accomplished from space that I mentioned earlier, some that I did mention like a weather tactical or wide band communications, various new features of space control. All of those are things that we have to worry about from a cyber security threat perspective. And it's a daunting challenge right now. >> Yeah, that's awesome. And one of the things we've been falling on the hardware side on the ground is the supply chain. We've seen, malware being, really put in a really obscure hardware. Who manufactures it? Is it being outsourced? Obviously government has restrictions, but with the private sector, you mentioned China and the US kind of working together across these peaceful areas. But you got to look at the supply chain. How does the supply chain in the security aspect impact the mission of the US space Force? >> Yeah. Yeah. So how about another, just in terms of an example, another kind of California based historical example. The very first US Satellite, Explorer 1, was built by the jet propulsion laboratory folks, not far from here in El Segundo, up in Pasadena, that satellite, when it was first built in the late 50s weighing a little bit, over 30 pounds. And I'm sure that each and every part was custom made and definitely made by US companies. Fast forward to today. The global supply chain is so tightly coupled, and frankly many industries are so specialized, almost specialized regionally around the planet. We focus every day to guarantee the integrity of every component that we put in our space systems is absolutely critical to the operations of those satellites and we're dependent upon them, but it becomes more difficult and more difficult to understand the heritage, if you will, of some of the parts that are used, the thousands of parts that are used in some of our satellites that are literally school bus sized. The space industry, especially national security space sector is relatively small compared to other commercial industries. And we're moving towards using more and more parts from non US companies. Cybersecurity and cyber awareness have to be baked in from the beginning if we're going to be using parts that maybe we don't necessarily understand 100% like an Explorer one, the lineage of that particular part. The environmental difficulties in space are well known. The radiation environment, the temperature extremes, the vacuum, those require specialized component. And the US military is not the only customer in that space. In fact, we're definitely not the dominant customer in space anymore. All those factors require us along with our other government partners and many different commercial space organizations to keep a very close eye on our supply chains, from a quality perspective, a security perspective and availability. There's open source reporting on supply training intrusions from many different breaches of commercial retailers to the infectious spread of compromised patches, if you will. And our adversaries are aware of these techniques. As I mentioned earlier, with other forms of attack, considering our supply chains and development networks really becomes fair game for our adversaries. So we have to take that threat seriously. Between the government and industry sectors here in the US. We're also working with our industry partners to enact stronger defenses and assess our own vulnerabilities. Last fall, we completed an extensive review of all of our major contracts here at Space and Missile System Center to determine the levels of cyber security requirements we've implemented across our portfolio. And it sounds really kind of businessy geeky, if you will. Hey, we looked at our contracts to make sure that we had the right clauses in our contracts to address cybersecurity as dynamically as we possibly could. And so we found ourselves having to add new language to our contracts, to require system developers, to implement some more advanced protective measures in this evolving cyber security environment. So that data handling and supply chain protections from contract inception to launch and operations were taken into account. Cyber security really is a key performance parameter for us now. Performance of the system, It's as important as cost, it's as important as schedule, because if we deliver the perfect system on time and on cost, it can perform that missile warning or that communications mission perfectly, but it's not cyber secure. If it's doesn't have cyber protections built into it, or the ability to implement mitigations against cyber threats, then we've essentially fielded a shoe box in space that doesn't do the CA the war fighter or the nation any good. Supply chain risk management is a major challenge for us. We're doing a lot to coordinate with our industry partners. We're all facing it head on to try and build secure and trusted components that keep our confidence as leaders, firefighters, and baristas as the case may be. But it is a challenge. And we're trying to rise to that challenge. >> This is so exciting this new area, because it really touches everything. Talk about geeking out on the tech, the hardware, the systems but also you put your kind of MBA hat on you go, what's the ROI of extra development and how things get built. Because the always the exciting thing for space geeks is like, if you're building cool stuff, it's exciting, but you still have to build. And cybersecurity has proven that security has to be baked in from the beginning and be thought as a system architecture. So you're still building things, which means you got to acquire things, you got to acquire parts, you got acquire build software and sustain it. How is security impacting the acquisition and the sustainment of these systems for space? >> Yeah. From initial development, through planning for the acquisition, design, development, our production fielding and sustainment, it impacts all aspects of the life cycle, John. We simply, especially from the concept of baking in cybersecurity, we can't wait until something is built and then try and figure out how to make it cyber secure. So we've moved way further towards working side by side with our system developers to strengthen cybersecurity from the very beginning of a systems development, cyber security, and the resilience associated with it really have to be treated as a key system attribute. As I mentioned earlier, equivalent with data rates or other metrics of performance. We like to talk in the space world about mission assurance and mission assurance has always sort of taken us as we technically geek out. Mission assurance has always taken us to the will this system work in space. Can it work in a vacuum? Can it work in as it transfers through the Van Allen radiation belt or through the Southern hemisphere's electromagnetic anomaly? Will it work out in space? And now from a resiliency perspective, yeah, it has to work in space. It's got to be functional in space, but it's also got to be resistant to these cybersecurity threats. It's not just, I think a General D.T Thompson quoted this term. It's not just widget assurance anymore. It's mission assurance. How does that satellite operator that ground control segment operate while under attack? So let me break your question a little bit, just for purposes of discussion into really two parts, cybersecurity, for systems that are new and cybersecurity for systems that are in sustainment are kind of old and legacy. Obviously there's cyber vulnerabilities that threatened both, and we really have to employ different strategies for defensive of each one. For new systems. We're desperately trying to implement across the Department of Defense and particularly in the space world, a kind of a dev sec ops methodology and practice to delivering software faster and with greater security for our space systems. Here at SMC, we have a program called enterprise ground services, which is a toolkit, basically a collection of tools for common command and control of different satellite systems, EGS as we call it has an integrated suite for defensive cyber capabilities. Network operators can use these tools to gain unprecedented insight to data flows and to monitor space network traffic for anomalies or other potential indicators of a bad behavior, malicious behavior, if you will, it's rudimentary at this point, but because we're using DevSecOps and that incremental development approach, as we scale it, it just becomes more and more capable. Every product increment that we feel. Here at LA Air Force Base, we have the United Space Force's West Coast Software Factory, which we've dubbed the Kobayashi Maru. They're using those agile DevOps software development practices to deliver a space awareness software to the combined space operations center. Affectionately called the CSpock that CSpock is just on the road from Cal Poly there in San Luis Obispo at Vandenberg Air Force Base. They've so securely linked the sea Spock with other space operation centers around the planet, our allies, Australia, Canada, and the UK. We're partnering with all of them to enable secure and enhanced combined space operations. So lots of new stuff going on as we bake in new development capabilities for our space systems. But as I mentioned earlier, we've got large constellations of satellites on orbit right now. Some of them are well in excess of a decade or more or old on orbit. And so the design aspects of those satellites are several decades old. But we still have to worry about them cause they're critical to our space capabilities. We've been working with an air force material command organization called CROWS, which stands for the Cyber Resiliency Office for Weapon Systems to assess all of those legacy platforms from a cyber security perspective and develop defensive strategies and potential hardware and software upgrades to those systems to better enable them to live through this increasingly cybersecurity concerned era that we currently live in. Our industry partners have been critical to both of those different avenues. Both new systems and legacy systems. We're working closely with them to defend and upgrade national assets and develop the capabilities to do similar with new national assets coming online. The vulnerabilities of our space systems really kind of threatened the way we've done business in the past, both militarily and in the case of GPS economically. The impacts of that cybersecurity risk are clear in our acquisition and sustainment processes, but I've got to tell you, as the threat vectors change, as the vulnerabilities change, we've got to be nimble enough, agile enough, to be able to bounce back and forth. We can't just say, many people in the audience are probably familiar with the RMF or the Risk Management Framework approach to reviewing the cyber security of a system. We can't have program managers and engineers just accomplish an RMF on a system. And then, hey, high five, we're all good. It's a journey, not a destination, that's cybersecurity. And it's a constant battle rhythm through our weapon systems lifecycle, not just a single event. >> I want to get to this commercial business needs and your needs on the next question. But before I go there, you mentioned agile. And I see that clearly because when you have accelerated innovation cycles, you've got to be faster. And we saw this in the computer industry, mainframes, mini computers, and then we started getting beyond maybe when the internet hit and PCs came out, you saw the big enterprises, the banks and government start to work with startups. And it used to be a joke in the entrepreneurial circles is that, there's no way if you are a startup you're ever going to get a contract with a big business enterprise. Now that used to be for public sector and certainly for you guys. So as you see startups out there and there's acquisition involved, I'm sure would love to have a contract with Space Force. There's an ROI calculation where if it's in space and you have a sustainment view and it's software, you might have a new kind of business model that could be attractive to startups. Could you share your thoughts on the folks who want to be a supplier to you, whether they're a startup or an existing business that wants to be agile, but they might not be that big company. >> John, that's a fantastic question. We're desperately trying to reach out to those new space advocates, to those startups, to those what we sometimes refer to, within the Department of Defense, those non traditional defense contractors. A couple of things just for thinking purposes on some of the things that we're trying to highlight. Three years ago, we created here at Space and Missile System Center, the Space Enterprise Consortium to provide a platform, a contractual vehicle, really to enable us to rapidly prototype, development of space systems and to collaborate between the US Space Force, traditional defense contractors, non traditional vendors like startups, and even some academic institutions. SPEC, as we call it, Space Enterprise Consortium uses a specialized contracting tool to get contracts awarded quickly. Many in the audience may be familiar with other transaction agreements. And that's what SPEC is based on. And so far in just three years, SPEC has awarded 75 different prototyping contracts worth over $800 million with a 36% reduction in time to award. And because it's a consortium based competition for these kinds of prototyping efforts, the barrier to entry for small and nontraditional, for startups, even for academic institutions to be able to compete for these kinds of prototyping has really lowered. These types of partnerships that we've been working through on spec have really helped us work with smaller companies who might not have the background or expertise in dealing with the government or in working with cyber security for their systems, both our developmental systems and the systems that they're designing and trying to build. We want to provide ways for companies large and small to partner together in support kind of mutually beneficial relationships between all. Recently at the Annual Air Force Association conference that I mentioned earlier, I moderated a panel with several space industry leaders, all from big traditional defense contractors, by the way. And they all stressed the importance of building bridges and partnerships between major contractors in the defense industry and new entrance. And that helps us capture the benefits of speed and agility that come with small companies and startups, as well as the expertise and specialized skill sets of some of those larger contractors that we rely on day in and day out. Advanced cyber security protections and utilization of secure facilities are just a couple of things that I think we could be prioritizing more so in those collaborations. As I mentioned earlier, the SPEC has been very successful in awarding a number of different prototyping contracts and large dollar values. And it's just going to get better. There's over 400 members of the space enterprise consortium, 80% of them are non traditional kinds of vendors. And we just love working with them. Another thing that many people in the audience may be familiar with in terms of our outreach to innovators, if you will, and innovators that include cyber security experts is our space pitch day events. So we held our first event last November in San Francisco, where we awarded over a two day period about $46 million to 30 different companies that had potentially game changing ideas. These were phase two small business innovative research efforts that we awarded with cash on the spot. We're planning on holding our second space pitch day in the spring of 2021. We're planning on doing it right here in Los Angeles, COVID-19 environment permitting. And we think that these are fantastic venues for identifying and working with high-speed startups, and small businesses who are interested in really, truly partnering with the US Air Force. It's, as I said before, it's a really exciting time to be a part of this business. And working with the innovation economy is something that the Department of Defense really needs to do in that the innovation that we used to think was ours. That 80% of the industrial base innovation that came from the Department of Defense, the script has been flipped there. And so now more than 70%, particularly in space innovation comes from the commercial sector, not from the defense business itself. And so that's a tsunami of investment and a tsunami of a capability. And I need to figure out how to get my surfboard out and ride it, you know what I mean? >> Yeah, It's one of those things where the script has been flipped, but it's exciting because it's impacting everything. When you're talking about systems architecture? You're talking about software, you're talking about a business model. You're talking about dev sec opsx from a technical perspective, but now you have a business model innovation. All the theaters are exploding in innovation, technical, business, personnel. This brings up the workforce challenge. You've got the cyber needs for the US Space Force, It's probably great ROI model for new kinds of software development that could be priced into contracts. That's a entrepreneurial innovation, you've got the business model theater, you've got the personnel. How does the industry adopt and change? You guys are clearly driving this. How does the industry adjust to you? >> Yeah. So I think a great way to answer that question is to just talk about the kind of people that we're trying to prioritize in the US Space Force from an acquisition perspective, and in this particular case from a cybersecurity perspective. As I mentioned earlier, it's the most exciting time to be in space programs, really since the days of Apollo. Just to put it in terms that maybe have an impact with the audience. From 1957 until today, approximately 9,000 satellites have been launched from the various space varying countries around the planet. Less than 2000 of those 9,000 are still up on orbit and operational. And yet in the new space regime players like Space X have plans to launch, 12,000 satellites for some of their constellations alone. It really is a remarkable time in terms of innovation and fielding of space capabilities and all of those space capabilities, whether they're commercial, civil, or defense are going to require appropriate cybersecurity protections. It's just a really exciting time to be working in stuff like this. And so folks like the folks in this audience who have a passion about space and a passion about cybersecurity are just the kind of people that we want to work with. Cause we need to make sure our systems are secure and resilient. We need folks that have technical and computing expertise, engineering skills to be able to design cyber secure systems that can detect and mitigate attacks. But we also, as you alluded to, we need people that have that business and business acumen, human networking background, so that we can launch the startups and work with the non traditional businesses. Help to bring them on board help, to secure both their data and our data and make sure our processes and systems are free as much as possible from attack. For preparation, for audience members who are young and maybe thinking about getting into this trade space, you got to be smart on digital networking. You got to understand basic internet protocols, concepts, programming languages, database design. Learn what you can for penetration or vulnerability testing and a risk assessment. I will tell you this, and I don't think he will, I know he will not mind me telling you this, but you got to be a lifelong learner and so two years ago, I'm at home evening and I get a phone call on my cell phone and it's my boss, the commander of Air Force Space command, General, J. Raymond, who is now currently the Chief of Space Operations. And he is on temporary duty, flying overseas. He lands where he's going and first thing he does when he lands is he calls me and he goes JT, while I was traveling, I noticed that there were eBooks available on the commercial airliner I was traveling on and there was an ebook on something called scrumming and agile DevSecOps. And I read it, have you read it? And I said, no, sir. But if you tell me what the title of the book is, I will read it. And so I got to go to my staff meeting, the very next week, the next time we had a staff meeting and tell everybody in the staff meeting, hey, if the four star and the three star can read the book about scrumming, then I'm pretty sure all of you around this table and all our lieutenants and our captains our GS13s, All of our government employees can get smart on the scrumming development process. And interestingly as another side, I had a telephone call with him last year during the holidays, where he was trying to take some leave. And I said, sir, what are you up to today? Are you making eggnog for the event tonight or whatever. And the Chief of Space Operations told me no, I'm trying to teach myself Python. I'm at lesson two, and it's not going so well, but I'm going to figure this out. And so that kind of thing, if the chief of staff or the Chief of Space Operations can prioritize scrumming and Python language and innovation in his daily schedule, then we're definitely looking for other people who can do that. And we'll just say, lower levels of rank throughout our entire space force enterprise. Look, we don't need people that can code a satellite from scratch, but we need to know, we need to have people that have a basic grasp of the programming basics and cybersecurity requirements. And that can turn those things into meaningful actions, obviously in the space domain, things like basic physics and orbital mechanics are also important spaces, not an intuitive domain. So under understanding how things survive on orbit is really critical to making the right design and operational decisions. And I know there's probably a lot, because of this conference. I know there's probably a whole lot of high speed cybersecurity experts out in the audience. And I need those people in the US Space Force. The country is counting on it, but I wouldn't discount having people that are just cyber aware or cyber savvy. I have contracting officers and logisticians and program managers, and they don't have to be high end cybersecurity experts, but they have to be aware enough about it to be able to implement cyber security protections into our space systems. So the skill set is really, really broad. Our adversaries are pouring billions of dollars into designing and fielding offensive and destructive space, cybersecurity weapons. They repeatedly shown really a blatant disregard of safety and international norms for good behavior on orbit. And the cyber security aspects of our space systems is really a key battleground going forward so that we can maintain that. As I mentioned before, peaceful global comments of space, we really need all hands on deck. If you're interested in helping in uniform, if you're interested in helping, not in uniform, but as a government employee, a commercial or civil employee to help us make cyber security more important or more able to be developed for our space systems. And we'd really love to work with you or have you on the team to build that safe and secure future for our space systems. >> Lieutenant General John Thompson, great insight. Thank you for sharing all that awesome stories too, and motivation for the young next generation. The United States Space Force approach to cybersecurity. Really amazing talk, thank you for your time. Final parting question is, as you look out and you have your magic wand, what's your view for the next few years in terms of things that we could accomplish? It's a super exciting time. What do you hope for? >> So first of all, John, thanks to you and thanks to Cal Poly for the invitation and thanks to everybody for their interest in cybersecurity, especially as it relates to space systems, that's here at the conference. There's a quote, and I'll read it here from Bernard Schriever, who was the founder, if you will, a legend in a DoD space, the founder of the Western development division, which was a predecessor organization to Space and Missile System Center, General Schriever, I think captures the essence of how we see the next couple of years. "The world has an ample supply of people "who can always come up with a dozen good reasons "why new ideas will not work and should not be tried, "but the people who produce progress are breed apart. "They have the imagination, "the courage and the persistence to find solutions." And so I think if you're hoping that the next few years of space innovation and cybersecurity innovation are going to be upon a pony ride at the County fair, then perhaps you should look for another line of work, because I think the next few years in space and cybersecurity innovation are going to be more like a rodeo and a very dynamic rodeo as it goes. It is an awesome privilege to be part of this ecosystem. It's really an honor for me to be able to play some small role in the space ecosystem and trying to improve it while I'm trying to improve the chances of the United States of America in a space war fighting environment. And so I thank all of you for participating today and for this little bit of time that you've allowed me to share with you. Thank you. >> Sir, thank you for your leadership and thank you for the time for this awesome event, Space and Cyber Cybersecurity Symposium 2020, I'm John Furrier on behalf of Cal Poly, thanks for watching. (mellow music)

>> From Boston, Massachusetts, it's the Cube, covering LiveWorx 18, brought to you by PTC. (light electronic music) >> Welcome back to Boston, everybody. This is the Cube, the leader in live tech coverage. We're covering day one of the LiveWorx conference that's hosted by PTC. I'm Dave Vellante with my cohost Stu Miniman. Professor Linda A. Hill is here. She's the Wallace Brett Donham Professor of Business Administration at the Harvard Business School. Professor Hill, welcome to the Cube. Thanks so much for coming on. >> Thank you for having me. >> So, innovation, lot of misconceptions about innovation and where it stems from. People think of Steve Jobs, well, the innovation comes from a single leader and a visionary who gets us in a headlock and makes it all happen. That's not really how innovation occurs, is it? >> No, it is not, actually. Most innovation is the result of a collaboration amongst people of different expertise and different points of view, and in fact, unless you have that diversity and some conflict, you rarely see innovation. >> So this is a topic that you've researched, so this isn't just an idea that you had. You've got proof and documentation of this, so tell us a little more about the work that you do at Harvard. >> So really over 10 years ago, I began to look at the connection between leadership and innovation, because it turns out that like a lot of organizations, the academy is quite siloed, so the people studying innovation were very separate from the ones who studied leadership, and we look at the connection between the two. When you look at that, what you discover is that leading innovation is actually different from leading change. Leading change is about coming up with a vision, communicating that vision, and inspiring people to want to fulfill that vision. Leading innovation is not about that. It's really more about how do you create a space in which people will be willing and able to do the kind of collaborative work required for innovation to happen? >> Sometimes I get confused, maybe you can help me, between invention and innovation. How should we think about those two dimensions? >> Innovation and invention. The way I think about it is an innovation is something that's both an invention, i.e. new, plus useful. So it can be an innovation or it can be creative, but unless it's useful and addresses an opportunity or a challenge that an organization faces, for me, that's not an innovation. So you need both, and that is really the paradox. How do you unleash people's talents and passions so you get the innovation or the invention or the new, and then how do you actually combine that, or harness all of those different ideas so that you get something that is useful, that actually solves a problem that the collective needs solved? >> So there's an outcome that involves changing something, adoption, as part of that innovation. >> For instance, one of the things that we're doing a lot right now is we're working with organizations, incumbents, I guess you'd call them, that have put together these innovation labs to create digital assets. And the problem is that those digital assets get created, they're new, if you will, but unless the core business will adopt them and use them, they get implemented, they're not going to be useful. So we're trying to understand, how do you take what gets created in those innovation labs, those assets, if you will, and make sure that the organization takes them in and scales them so that you can actually solve a business problem? >> Professor Hill, a fascinating topic I love digging into here. Because you see so many times, startups are often people that get frustrated inside a large company. I've worked for some very large companies, so which have had labs, or research division, and even when you carve aside time for innovation, you do programs on that, there's the corporate antibodies that fight against that. Maybe talk a little bit about that dynamic. Can large companies truly innovate? >> Yes, large companies can truly innovate. We do see it happening, it is not easy by any means, and I think part of the dilemma for why we don't see more innovation is actually our mindset about what leadership is about and who can innovate. So if I could combine a couple of things you asked, invention, often when we talk to people about what is innovation, they think about technology, and they think about new, and if I'm not a technologist and I'm not creative, then I can't play the game. But what we see in organizations, big ones that can innovate, is they don't separate out the innovators from the executors. They tell everybody, guess what, your job no matter who you are, of course you need to deal with making sure we get done what we said we'd deliver, but if we're going to delight our customers or we're ever going to really get them to be sticky with us, you also need to think about not just what should you be doing, but what could you be doing. In the literature, in the research, that's called how do you close an opportunity gap and not just a performance gap? In the organizations we look at that are innovative, that can innovate time and again, they have a very democratic notion: everybody has a role to play. So our work, Collective Genius, is called Collective Genius because what we saw in Pixar was the touchstone for that work, is that they believe everybody has a slice of genius. They're not equally big or whatever, but everybody has a contribution to make, and you need to use yours to come up with what's new and useful. A lot of that will be incremental, but some of it will be breakthrough. So I think what we see with these innovation labs and the startups, if you will, is that often people do go to start them up, of course they eventually have to grow their business, so a part of what I find myself doing now is helping startups that have to scale, figure out how to maintain that culture, those capabilities, that allowed them to be successful in the first place, and that's tough one for startups, right? >> Yeah, I think Pixar's only about a 1,500 person company and they all have creativity in wat they do. I'm wondering if there's some basic training that's missing. I studied engineering and I didn't get design training in my undergraduate studies. It wasn't until I was out in the workforce that I learned about that. What kind of mindset and training do you have to do to make sure the people are open to this? >> One of the things that I did related to this is about five years ago, I told our dean of Harvard Business School that I needed to join the board of an organization called Arts Center. I don't know if you were aware of Arts Center in Pasadena. It's the number one school of industrial design in the U.S., and people don't know about it 'cause I always laugh at them. The man who designed the Apple store is a graduate there. The man who designed Tesla car and et cetera, so they're not so good at it, but one of the things that we've all come to understand is design thinking, lean startup, these are all tools that can help you be better at innovation, but unless you create an environment around that, people are going to be willing to use those tools and make the missteps, the failures that might come with it, know how to collaborate together, even when they're a large organization, I mean it's easier when you're smaller. But unless you know how to do all that, those tools, the lean startup or digital or design thinking or whatever, ' cause I'm working with a lot of the people who do that, and deep respect for them, nothing gets done. In the end, we are human, we all need to know first off that it's worthwhile to take the risk to get done whatever it is you want to get done, so what's the purpose of the work, how's it going to change the world? The second thing is we need to share a set of values about learning because we have to understand, as you well know, you cannot plan your way to an innovation, you have to act your way. And with the startup, you act as fast as you can, right, so somebody will give you enough money before you run out of money. Same similar process you have to do in a large company, an incumbent, but of course it's more complicated. The other thing that makes it more complicated is companies are global, and the other part of it that makes it more complicated that I'm seeing like in personalized medicine: you need to build an ecosystem of different kinds, of nanotechnologists, biotechnologists, different expertise to come together. All of this, frankly, you don't learn any of it in school. I remember learning that you can't teach anyone how to lead. You actually have to help people learn how to lead themselves and technologists will frequently say to me, i don't know why, you're a leadership professor? Well, this is a technical problem. We just haven't figured out the platform right, and once we get it right, all will be. No, once you get it right, humans are still going to resist change and not know how to necessarily learn together to get this done. >> I wonder if, are there any speacial leadership skills we need for digital transformation? Really kind of the overarching theme of the show here, help connect the dots for us. >> So the leading change piece is about having a vision, communicating it, and inspiring people. What it really does turn out when we look at exceptional leaders of innovation, and all of us would agree that they've done wonderful things time and again, not just once, they understand that is collective. They spend time building a culture and capabilities that really will support people collaborating together. The first one they build is, how do we know how to create a marketplace of ideas through debate and discourse? Yeah, you can brainstorm, but eventually, we have to abrade and have conflict. They know how to have healthy debates in which people are taught terms of skills, basic stuff, not just listening and inquiring, but how to actively advocate in a constructive way for your point of view, these leaders have to learn how to amplify difference, whereas many leaders learn how to minimize it. And as the founder of Pixar once said, you can never have too many cooks in the kitchen. Many people believe you can. It's like today, you need as much talent as you can get. Your job as a leader, what are the skills you need to get those top cooks to be able to cook a meal together, not to reduce the amount of diversity. You got to be prepared for the healthy fight. >> You've pointed this out in some of your talks is that you've got to have that debate. >> Yes, you have to. >> That friction, to create innovation, but at the same time it has to be productive. I know it can be toxic to an organization, maybe talk about that a little. >> I think one of the challenges is what skills do people need to learn? One is, how do you deal with conflict when people are very talented and passionate? I think many people avoid conflict or don't know how to engage that constructively, just truly don't, and they avoid it. I find that many times organizations aren't doing what they need to do because the leadrr is uncomfortable. The other thing, and I'm going to stereotype horribly here, but I'm an introvert, that book quiet is wonderful, but one of the challenges you have if you're more introverted or if you're more technical and you tend to look at things from a technical point of view, in some ways is that you often find the people with that kind of, that's what drives them, there's a right answer, there's a rational answer we need to get through or get to, as opposed to understanding that really innovative ideas are often the combination of ideas that look like they're in conflict initially, and by definition, you need to have the naive eye and the expert working together to come up with that innovative solution, so for someone who's a technologist to think they should listen to someone who's naive about a technical problem, just the very basic mindset you have about who's going to have the idea. So that's a tricky one, it's a mindset, it's not even just a skill level, it's more, who do you think actually is valuable? Where is that slice that you need at this moment going to come from? It may not be from that expert, it may be from the one who had no point of view. I heard a story that I was collecting my data, and apparently, Steve Jobs went to see Ed Land. We're here in Boston over Polaroid, which is one of our most innovative companies, right, in the history. And he said, what do I need to learn from you? And what Land said to him is, whenever my scientist and technologist get stuck, I have some of the art students or the humanities students come in and spend time in the lab. They will ask the stupid question because they don't know it's stupid. The expert's not going to ask the stupid question, particularly the tech expert, not going to ask it. They will ask the question that gets the first principles. I think, but I wouldn't want to be held to this, the person who was telling me the story, that's partly how they came up with the instant camera. Some naive person said, why do I have to wait? Why can't I have it now? And of course, silly so-and-so, you don't know it takes this, that, and the others. Then someone else thought, why does she have to wait? I think it was really a she who asked the question, the person telling me this, and they came up with a different way. Who said it has to be done in a darkroom in that way? I think that there's certain things about our mindset independently of our skill, that get in the way of our actually hearing all the different voices we need to hear to get that abrasion going in the right way. >> Listening to those Columbo questions, you say, can sometime lead to an outcome that is radically different. There's a lot of conversation in our industry, the technology industry, about, we call it the cordially shock clock, the companies are on a cordially reporting mechanism or requirement from the SEC. A lot of complaints about that, but at the same time, it feels like at least in the tech business, that U.S. companies tend to be more innovative. But again, you hear a lot of complaints about, well, they can't think for the long term. Can you help us square that circle? >> It's funny, so one thing is you rarely ever get innovation without constraint. If you actually talk to people who are trying to innovate, there needs to be the boundaries around it in which they're doing the constraint. To be completely free rarely leads to, it is the constraint. Now we did do a study of boards to try to understand when is a board facilitating innovation and when is a board interfering with it? We interviewed CEOs and lead directors of a number of companies and wrote an article about that last year, and what we did find is many boards actually are seen as being inhibitors. They don't help management make the right decision. Then of course the board would say now management's the one that's too conservative, but this question about how the board, with guidance, and all of these issues have come up when you're looking at research analysts and who you play to, and I've been on corporate boards. One thing is that the CEO needs to know that the board is actually going to be supportive of his or her choices relative to how you communicate why you're making the choices you're making. So there is pressure, and I think it's real. We can't tell CEOs, no, you don't need to care about it, 'cause guess what, they do get in trouble if they don't. On the other hand, if they don't know how to make the argument for investing in terms of helping the company grow, so in the long run, innovation is not innovation for innovation's sake, it's to meet customer needs so you can grow, so you need to have a narrative that makes sense and be able to talk with people, the different stakeholders, about why you're making certain choices. I must say that I think that many times companies may be making the right choice for the long haul, and get punished in the short run, for sure that happens, but I also think that there are those companies that get a way with a lot of investment in the long haul, partly because they do, over time, deliver, and there is evidence that they're making the right choices or have built a culture where people think what they're saying might actually happen or be delivered. What's happening right now because of the convergence of industries, is I think a lot of CEOS, it's a frightening time, it is difficult to sustain success these days, because what you have to do is innovate at low cost. Going back to some other piece about boards, one of the things we've found is so many board members define innovation as being technology. Technology has a very important enabling role to play in otherwise, but they have such a narrow definition of it in a way that again, they create a culture to let the people in the innovation lab innovate, but not one where everybody understands that all of us, together, need to innovate in ways that will also prepare us to execute better. They don't see the whole culture transformation, digital transformation often requires cultural transformation for you to be able to get this stuff done, and that's what takes a long time. Takes a long time to get rid of your legacy systems and put in these new, or get that balance right, but what takes even longer is getting the culture to be receptive to using that new data capability they have and working in different ways and collaborating when they've been very siloed and they're paid to be very siloed. I think that unless you show, as a CEO, that you are actually putting all of those building blocks in place, and that's what you're about, you understand it's a transformation at that level, you're just talking to the analysts about, we're going to do x, and there's no evidence about your culture or anything else going on, how you're going to lead to attract and retain the kind of talent you need, no one's buying that, I think that that's the problem. There's not a whole story that they're telling about how this goes together and they're going to move forward on it. >> To your other point, is there data to suggest, can you quantify the relationship between diversity and innovation? >> There are some data about that, I don't have it. I find it's very funny, as you can see, I'm an African-American woman. My work is on leadership globalization and innovation. I do a lot of work on how you deliver global strategies. I often find when I'm working with senior teams, they'll ask me, would you help us with our inclusion effort? And I think it's partly because of who I am and diversity comes up in our work, and if you actually build the environments for talking about, they tend to be more inclusive about diversity of thought. Not demographic diversity, those can be separate as we well know because we know Silicon Valley is not a place where you see a lot of demographic diversity, but you might see diversity of thought. I haven't asked, it's interesting, I have had some invitations by governments, too. Japan, which has womenomics, which is a part of their policy If they need to get more women in the economy, frankly, otherwise they can't grow as an economy. It turns out that the innovation story is the business case that many businesses or business people find one that they can buy into, doesn't feel like you're doing it 'cause it's the right thing, or not that you shouldn't do the right thing, but helping them understand how you really, really make sure that the minority voice is heard, and I mean minority of thought, independent of demographic, but if you create an environment as a leader where you actually run your team so that people do feel they can speak up, as you all know. It's so often, I'll talk to people afterwards and they'll say, I didn't say what I really thought about those ideas because I didn't want to be punished or I didn't want to step in that person's territory. People are making decisions based on varying complete information everyone knows. What often happens is it gets escalated up. We had this one senior team complaining, everything is so slow here, a very big bank, not the one I'm on the board of, another very big bank we're working with. Everything's so slow, people won't do anything. So when we actually ask people, what's happening? Why aren't you making decisions? First off, decisions making rights are very fuzzy in this organization, except for at the very top, so what they say is all decisions, actually, they're made on the 34th floor. We escalate 'cause if you make a decision, they're going to turn it over anyway, so we've backed off, or we don't say what we think 'cause I don't want them to say what they think about my ideas 'cause we actually have very separate business units here. >> We might get shot. >> You might get shot. That's the reality that many people live in, so we're not surprised to see that not very many organizations can innovate time and again when we think about the reality of what our contexts are. The good news for us is that in part, millennials won't tolerate some of these environments in the same way, which is going to be a good thing. I think they're marvelous to work with, I'm not one of them obviously, but I think a lot of what they're requesting, the transparency, the understanding the connections between what they do and are they having impact, the desire to be developed and be learning, and wanting to be an organization they're not ashamed of but in fact they're very proud to be a part of what's happening there, I think that that requires businesses and leaders to behave differently. One of the businesses we studied, if the millennial wants to know who's on the front line, he or she is making a difference. They had to do finance differently to be able to show, to draw the cause and effect between what that person was doing every day and how it impacted the client's work. That ended up being a really interesting task. Or a supply chain leader, who really needed them to think very differently about supply chain so they could innovate. What he ended up doing is, instead of thinking about our customers being the pharmaceutical company, the CBS or the big hospital chain or whatever it is, think about the end customer. What would we have to do with supply chain to ensure that that end patient took his or her pill on time and got better? And when they shifted the whole meaning of the work to that individual patient in his or her home, he was able, over time, to get the whole supply chain group organization to understand, we're not doing what we need to do if we're really going to reduce diabetes in the world because the biggest problem we have is not when they go and get their medication, it's whether they actually use it properly when they're there. So when you switched it to that being the purpose of the work, the mindset that everyone had to have, that's what we're delivering on. Everyone said, oh, this is completely appropriate, we needed digital, we need different kind of data to know what's going on there. >> Don't get me started on human health. Professor Hill, for an introvert, you're quite a storyteller, and we appreciate you sharing your examples and your knowledge. Thanks so much for coming on the Cube. It was great to meet you. >> Been my pleasure, glad to know you, thank you. >> Keep it right there, everybody, Stu and I will be back right after this short break. You're watching the Cube from LiveWorx in Boston. We'll be right back. (light electronic music)