hey everyone this is thecube's live coverage from los angeles of kubecon and cloud native con north america 21 lisa martin with dave nicholson we're going to be talking with the founder and ceo next of cloudnatics rohit seth rohit welcome to the program thank you very much lisa pleasure to meet you good to meet you too welcome so tell the the audience about cloudnatics what you guys do when you were founded and what was the gap in the market that you saw that said we need a solution so just to start uh cloud9x was started in 2019 by me and the reason for starting cloud netex was as i was starting to look at the cloud adoption and how enterprises are kind of almost blindly jumping on this cloud bandwagon i started reading what are the key challenges the market is facing and it started resonating with what i saw in google 15 years before when i joined google the first thing i noticed was of course the scale would just overwhelm anyone but at the same time how good they are utilized at that scale was the key that i was starting to look for and over the next couple of months i did all the scripting and such with my teams and found out that lower teens is the utilization of their computers servers and uh lower utilization means if you're spending a billion dollars you're basically wasting the major portion of that and a tech savvy company like google if that's a state of affair you can imagine what would be happening in other companies so in any case we actually now started work at that time started working on a technology so that more groups more business units could share the same machine in a efficient fashion and that's what led to the invention of containers over the next six years we rolled out containers across the whole google fleet the utilization went up at least three times right fast forward 15 years and you start reading 125 billion dollars are spent on a cloud and 60 billion dollars of waste someone would say 90 billion dollars a waste you know what i don't care whether 60 or 90 billion is a very large number and if tech savvy company google couldn't fix it on its own i bet you it it's not an easy problem for enterprises to fix it so we i started talking to several executives in the valley about is this problem for real or not the worst thing that i found was not only they didn't know how bad the problem was they actually didn't have any means to find out how bad the problem could be right one cfo just ran like headless chicken for about two months to figure out okay i know i'm spending this much but where is that spend going so i started kind of trading those waters and i started saying okay visibility is the first thing that we need to provide to the end customer saying that listen it doesn't need to be rocket science for you to figure out how much is your marketing spending how much your different business units so the first line of action is basically give them the visibility that they need to make the educated business decisions about how good or how bad they are doing their operations once they have the visibility the next thing is what to do if there is a waste there are a thousand different type of vms on aws alone people talk about complexity on multi-cloud hybrid cloud and that's all right but even on a single cloud you have thousand vms the heterogeneity of the vms with dynamic pricing that changes every so often is a killer and so and so rohit when you talk about driving levels of efficiency you're not just you're not just talking about abstraction versus bare metal utilization you're talking about even in environments that have used sort of traditional virtualization yes okay absolutely i think all clouds run in vms but within vms sometimes you have containers sometimes you don't have containers if you don't have containers there is no way for you to securely have a protagonist and antagonist job running on the same machines so containers basically came to the world just so that different applications could share the same resources in a meaningful fashion we are basically extending that landscape to to the enterprises so that that utilization benefit exists for everyone right so first of first order business for cloud natick is basically provide them the visibility on how well or bad they are doing the second is to give them the recommendation if you are not doing well what to do about it to do well and we can actually slice and dice the data based on what is important for you okay we don't tell you that these are the dimensions that you should be looking at of course we have our recommendations but we actually want you to figure out basically do you want to look at your marketing organization or your engineering organization or your product organization to see where they are spending money and you can slice and match that data according and we'll give you recommendations for those organizations but now you have the visibility now you have the recommendations but then what right if you ask a cubernities administrator to go and apply those recommendations i bet you the moment you have more than five cluster which is a kind of a very ordinary thing it'll take at least two hours just to figure out how to go from where you are to be able to log in and to be able to apply those recommendations and then changing back the ci cd pipelines and asking your developers to be cognizant about your resources next time is a month-long ordeal no one follows it that's why those recommendations falls on deaf ears most of the time what we do is we give you the choice you want to apply those recommendations manually or you can put the whole system on autopilot in which case once you have enough confidence in cloud native platform we will actually apply those recommendations for you dynamically on the fly as your workloads are increasing or decreasing in utilization and where are your customer conversations happening you mentioned the cfl you mentioned the billions in cloud waste where do you start having these conversations within an organization because clearly you mentioned marketing services you can give them that visibility across the organization who are you talking to within these customers so we start with mostly the cios ctos vp of engineering but it's very interesting we say it's a waste and i think the waste is most more of an effect than a cause the real cause is the complexity and who is having the complexity is the devops and the developers so in 99 of our customer interactions we basically start from cios and ctos but very soon we have these conversations over a week with developers and devops leads also sitting in the room saying that but this is a challenge on why i cannot do this so what we have done is to address the real cause and waste aspect of cloud computing we have we have what we call the management console through which we reduce the complexity of kubernetes operations themselves so think about how you can log into a crashing pod within two minutes rather than two hours right and this is where cloud native start differentiating from the rest of the competition out there because we provide you not only or do this recommendation do this right sizing of vm here or there but this is how you structurally fix the issue going forward right i'm not going to tell you that your containers are not going to crash loop their failures are regular part of distributed systems how you deal with them how you debug them and how you get it back up and running is a core integral part of how businesses get run that's what we provide in cloud natives platform a lot of this learning that we have is actually coming from our experience in hyperscalers we have a chief architect who is also from google he was a dl of a technology called borg and then we have sonic who was the head of products at mesosphere before so we understand what it takes for an enterprise who's primarily coming from on-prem or even the companies that are starting from cloud to scale in cloud often you hear this trillion dollar paradoxes that hey you're stupid if you don't start from cloud and you're stupid if you scale at cloud we are saying that if you're really careful about how you function on cloud it has a value prop that can actually take you to the web scalar heights without even blinking twice can you share an example of one of your favorite customer stories absolutely even by industry only where you've really shown them tremendous value in savings absolutely so a couple of discussions that happened that led like oh but we are we have already spent a team of four people trying to optimize our operations over the last year and we said that's fine uh you know what our onboarding exercise takes only 20 minutes right let's do the onboarding in about a week we will tell you if we could save you any money or not and put your best devops on this pov prove a value exercise to see if it actually help their daily life in terms of operations or not this particular customer only has 30 clusters so it's not very small but it's not very big in terms of what we are seeing in the market first thing the maximum benefit or the cost optimization that they could do over the past year using some of the tools and using their own top-class engineering shots were about seven to ten percent within a week we told them 38 without even having those engineers spend more than two hours in that week we gave them the recommendations right another two weeks because they did not want to put it on autopilot just because it's a new platform in production within next two hours they were able to apply i think at least close to 16 recommendations to their platform to get that 37 improvement in cost what are some examples of of recommendations um obviously you don't want to reveal too much of the secret sauce behind the scene but but but you know what are some what are some classic recommendations that are made so some of them could be as low-hanging fruit as or you have not right sized your vms right this is what i call a lot of companies you would find that oh you have not right side but for us that's the lowest hanging code you go in and you can tell them that whether you have right size that thing or not but in kubernetes in particular if you really look at how auto scaling up and how auto scaling down happens and particularly when you get a global federated view of the number of losses that's where our secret sources start coming and that's where we know how to load balance and how to scale vertically up or how to scale horizontally within the cluster right those kind of optimization we have not seen anywhere in the market so far and that's where the most of the value prop that our customers are seeing kind of comes out and it doesn't take uh too much time i think within a week we have enough data to to say that this service that has thousands of containers could benefit by about this much and just to kind of give you i wouldn't be able to go into the specific dollar numbers here but we are talking in at least a 5 million ish kind of a range of a spend for this cluster and think about it 37 of that if we could save that that kind of money is a real money that not only helps you save your bottom line but at that level you're actually impacting your top line of the business as well sure right that's our uh value crop that we are going to go in and completely automate you're not going to look for devops that don't exist anymore to hire one of the key challenges i'm pretty sure that you must have already heard 86 percent of businesses are not able to hire the devops and they want to hire 86 percent what happens when you don't have that devops that you want to have your existing devops want to move as fast cutting corners sometimes not because they don't know anywhere but just because there's so much pressure to do so much more they don't scale when things become brittle that's when um the fragility of the system comes up and when the demand goes up that's when the systems break but you're not prepared for that breakage just because you have not really done the all the things that you would have done if you had all the time that you needed to do the right thing it sounds like some of the microservices that are in containers that are that run the convention center here have just crashed i think it's gone hopefully the background noise didn't get picked up too much yeah but you're the so the the time to value the roi that you're able to deliver to customers is significant yes you talked about that great customer use case are there any kind of news or announcements anything that you want to kind of share here that folks can can be like looking forward to without the index absolutely so two things even though this is kubecon and everyone is focused on kubernetes kubernetes is still only about three to five percent of enterprise market okay we differentiate ourselves by saying that it doesn't matter whether you're running kubernetes or you're in running legacy vms we will come on board in your environment without you making a single line of change in less than 20 minutes and either we give you the value prop in one week or we don't all right that's number one number two we have a webinar coming on november 3rd uh please go to cloudnetix.com and subscribe or sign up for that webinar sonic and i will be presenting that webinar giving you the value proposition going through some use cases that oh we have seen with our customers so far so that we can actually educate the broader audience and let them know about this beautiful platform i think that my team has built up here all right cloudnatics.com rohit thank you for joining us sharing with us what you're doing at cloud natives why you founded the company and the tremendous impact and roi that you're able to give to your customers we appreciate learning more about the technology thank you so much and i really believe that cloud is here for stay for a long long time it's a trillion dollar market out there and if we do it right i do believe we will accelerate the adoption of cloud even further than what we have seen so far so thanks a lot lisa it's been a pleasure nice to meet you it's a pleasure we want to thank you for watching for dave nicholson lisa martin coming to you live from los angeles we are at kubecon cloudnativecon north america 21. dave and i will be right back with our next guest thank you you

>> Narrator: Live from San Francisco it's theCUBE covering RSA Conference 2020 San Francisco brought to you by SiliconANGLE media. >> Welcome back, everybody. Jeff Frick here with theCUBE. We are at the RSA 2020, a really special segment. As you can tell it's really quiet here, it's not like normal CUBE action, we are here before the expo hall even opens on Thursday morning with a very special guest, we pulled them away from a crazy busy week if not more, it's Rohit Ghai the president of RSA, Rohit great to see you again. >> Always a pleasure, thanks Jeff. >> Absolutely, so I was really looking forward to this, I was really impressed by the opening keynotes, first it rolled out George Takei, that's a pretty bold move even more bold is to try to follow him up. >> Totally (laughing) >> So congratulations, and you know, that was pretty brave. >> I appreciate it, thank you. That was quite a, you know, quite a hurdle to got to follow George Takei. >> Right, and I just want to get kind of these other things that were kind of bubbling above the surface out of the way you know, a big piece of news, I think a week it came out before the show is that RSA was sold to Symphony I believe? >> Rohit: Symphony Technology Group. >> Right, so give us a little bit of the story there. >> Absolutely, so you know we entered into a definitive agreement, Symphony Technology Group acquiring RSA from Dell Technologies. What this does is this it basically clarifies the swim lanes for Dell Technologies to focus on intrinsic security and RSA can focus on managing digital and cyber risk, and you know, we are excited about the opportunity to become agile and independent and you know, kind of play in a smaller company setting to pursue our future, so we are super excited to be part of Symphony. >> Yeah, that's great, and the other thing that's kind of a pall, I mean just to put it out there is the corona virus thing. And you know, Mobile World Congress, a completely different show but a big show, probably the first big show of our industry this year was canceled. A hundred thousand plus people, so I just am just wondering if you can share kind of what were some of your thoughts and the team's thoughts 'cause we were all curious to see well how is this going to happen, there was a couple of drop outs but I think it's been a very good week. >> It has been a great week, you know what I'll say is it was a demonstration of resilience on part of the attendees, you know when we analyzed the situation what we noted was about 82 plus percent of our attendees are from the Americas right, so there was a core set of attendees that were perhaps not as impacted in terms of travel, et cetera, so we decided to move forward, we've been in close collaboration with the CDC and the mayor's office right here, Major London Breed's office right here is SF to make sure it's going to be a safe event for everyone and you know, the team put together a great kind of set of measures to make sure everyone has hand sanitizer. >> Great, great. >> And you know, we made sure we did what was needed to manage the risk and ensure resilience through this sort of you know very global risk that is playing out, so very proud of the team, and we garnered 40 thousand plus attendees despite you know, despite the coronavirus issue. >> You know, good job I am sure it was touch and go and a real sensitive situation and I can tell you a lot of other people and event organizers you know, were getting ready to head into a very busy event season, it's what we do and so, you know nice kind of lead indicator from you to execute with caution. >> I appreciate it, thank you. >> So let's jump into the fun stuff. So your key note was not really talking that much about bad guys and technology and this and that, you talked about story telling and you got very much into kind of the human element, which is the theme this year, but really the role of stories, the importance of stories, and most importantly for the security industry to take back their story and not let it get away from them. >> You summed it up really well Jeff, and you know what I said is hey if the theme of the conference is the human element, let's explore what intrinsically makes us human and the point, you know you've all know that it is stories that makes us human and I feel we've lost control of the narrative as an industry and as such we need to take that back and make sure we clarify the role of all the human characters in our story because until we do that, until we change our story we have no shot at changing our reality. >> Right, but you're kind of in a weird spot right, it's the classic spy dilemma. You can't necessarily tell people what you know because then they'll know that you know it and you might not be able to get more or better information down the road, so as you said in you keynote you don't necessarily have the ability to celebrate your wins, and a DDoS attack thwarted doesn't make the news. I keep thinking it's like ref in a game or like a offensive lineman in football you only hear about them on that one play when they get the holding call, not the 70 other plays were they did their job. >> Rohit: Totally, totally. >> So it's a unique challenge though >> It is, it is a challenge, it is not an easy problem and you know, there is a couple of recipes that I put out there for us to consider as an industry is you know, recipe one is we can celebrate our successes at a collective level right so, just like we put out breach reports, et cetera, in terms of what the statistics are, where the breaches are animating from we can talk about defensive strategies that are working at a collective level as an industry and share that sort of best practices recipes to win, that would be a fine start. I think another area, another point that I made was that we don't have to win for the hacker to lose. 71% of the breaches were motivated by financial gains, right, and as such if we, despite breaches, which is not a win for us, if we deny financial gain to the hackers we make them lose and they are subject to the same laws of economics, they have a profit and loss statement, they are spending resources for gain and when we deny them gain we make them lose, so those are a couple of ideas on how we can begin to change the narrative. >> Right. So the other piece of the human part is the rise of the bots, right, and the raise of AI and the rise of these increasingly smart and sophisticated machines. I think I saw one of those reports that we talk about on air was you know that people are an increasingly targeted group we hear it all the time, we hear about social engineering. As that gets more complicated, how does the role of people change? 'Cause clearly they can't monitor tens and tens and hundreds of thousands of concurrent attacks all the time. >> Absolutely, so you know the bad guys are using AI you know I cited the example of a deep fake audio clip that actually duped the CEO into initiating a wire transfer so they are using all these sophisticated attacks so to your point, we cannot rely on the end user to discern through these very sophisticates. It's unfair for us to think of them as the first line of defense, we have to on the IT side, we have to bring in technology, make the technology more usable, so you don't have to pay attention to this one millimeter by one millimeter lock at the corner of the browser to realize whether a web interaction is safe or not. We need to make more usable software, we need to do a better job of managing and reducing vulnerabilities to reduce the attack surface so IT has to step up in that regard, and then on the security teams I think they have to step up to use AI to detect bot initiated attacks so we are not leaning on the human to discern what is an anomalous interaction and what could be a phishing or a smishing attack, et cetera, you know we need to bring AI to fight the good fight on our behalf. >> Right. So the other kind of angle on that I thought was really interesting, Wendy's keynote, a couple of keynotes after yours from Cisco talked about, you know, a theme we see over and over in tech which is really kind of the democratization of security and get it out of just the hallowed halls of the super billion CSOCs and technologists that are just security and open it up to everybody so make them part of the solution and not those pesky people that keep clicking on links that they are not supposed to. >> Absolutely. She did a great job of kind of making that point and you know the way I think about it is again we need to move from a culture of elitism to a culture of inclusion. Until we really get the steaming going, not just within the security professionals which we are doing a better job of certainly in the industry, but we have to team with the user, the IT and the business teams in order to have a shot at tipping the balance in our favor. >> Yeah, it's really funny 'cause that kind of democratization theme is something that we see kind of across many levels of technology, whether it's in big data, can get away from the data scientists, in doing your own reports, in having access to your own marketing material and you know, so it's kind of funny that now we are just hearing it here I guess the last bastion of we're the smartest people in the room, no no, you need to use all the brain power. >> All the brain power. I use the phrase let's stop being STEM snobs and let's be more inclusive, and you know garner the entire spectrum of the diverse talent pool that we have available and you know making the point, perhaps a provocative point, that the cyber talent gap, a bit of it might be actually self-inflicted because we have been in this sort of elitism mindset. >> Right, and I think one of the themes that you talked about in you keynote was because of kind of the elite mindset we only want to focus on the elite challenges and in fact it's not the hardest challenges that are necessarily the most dangerous or the ones that are more frequently used, it doesn't have to be the craziest hardest way in. >> It absolutely does not. The point I made was preparing for the worse does not prepare you for the likely and the statistics are overwhelming. 60% of the breaches were on the back of six stolen credentials. That's a pretty table stakes basic issue that ought to be just taken off the table, and if we take care of the basics then we can focus our energy on the corner cases but let's first prepare for the likely before we get to the worst situations. >> Right. So Rohit I'm just curious to get your take as you have been here for the last couple of days, you know you did a whole lot of work getting into that keynote and getting this thing up and off the ground but you've had a couple of days to be here walked around, talked to a lot of customers and clients, partners, I wonder if there is anything that's kind of come up as a theme that you either didn't expect or kind of reinforced some of thoughts that you had coming into this week. >> Absolutely. I think if I would've net it out Jeff what I'm sensing is there is a whole movement to shift security left, which is this whole idea of IT stepping up as the first line of defense, reduce cyber exposure, take care of patching, multi-factor authentication, reduce the attack surface intrinsic security right so DevOps and SecDevOps take care of it right up front before the apps even get built right, then there is another movement to shift things right which is take care of the new aspects of the attack surface right, what the hacker always take advantage of are the areas where they sense we are unprepared and for a long time they've seen us being unprepared in terms of reducing the attack surface and then they go after the new aspects of the attack surface and what are those? IT, IoT, OT, data as an attack surface and the Edge right, so these are areas were there is a lot of activity, a lot of innovation, you know, on the floor here if you walk the corners shifting left shifting right as in all the new aspects of the attack surface. I am seeing a lot of conversations, a lot of innovation is that area. >> Yeah. Well, there's certainly no shortage of innovation in the companies here and in fact I think it's probably one of the biggest challenges that I think of from a virus perspective is to walk this floor and to figure it all out 'cause I don't know how many thousand of vendors there are but there's really big ones and there is lot's of little ones like you said tucked in the corner in kind of the cutting edge of the innovation. What advice do you give to people who is their first time coming to RSA? >> Yes, I think you know, it's a huge challenge for customers, there's 14 of every category. I think the customers what they have to see is they have to think about the recipe rather they have to focus not on the tool but the concept behind the tool, and think about the architecture right and they should seek out vendors that take this platform approach. It is, you know, the market hasn't consolidated that much where they can just go to a few vendors but when they build that architecture they should choose vendors that behave well as a puzzle piece in the jigsaw puzzle that our customers are having to assemble together right, that they are investing in the API integrations on the edges so they can slot in and be part of a broader solution. That's a key, key criteria that customers should utilize in their selection of the vendors. >> Yes, that's good. That's good advice, and they should be listening. So Rohit, thanks again for your time. Congratulations on a week and I hope you get that weekend of absolutely nothing coming up in just a couple of days that you talked about. >> I absolutely do. The joke I made was, you know, the only time I'm okay being labeled as useless is the weekend after RSA conference. So, I fully look forward to being useless over this weekend, it's been a great week and thank you again for having me. >> All right, two more days, 48 hours. All right, thanks again. He's Rohit, I'm Jeff, you're watching theCUBE. We're at RSA 2020, the year we're going to know everything with the benefit of hindsight. We're not quite there yet but we're trying yo get a little closer. Thanks for watching, we'll see you next time. (upbeat music)

>>LA from Las Vegas. It's the cube covering AWS reinvent 2019 brought to you by Amazon web services and along with its ecosystem partners. >>Hey, welcome back to Vegas baby. This is the cubes coverage of AWS reinvent 19 this is day three. John Walls is my cohost Jay. Welcome back to Vegas baby Vegas. It's Vegas baby. And you know I'm looking out back. So this is not like a day three crowd. It's really not. Now you can kind of yell out in the hallway and your echo bounce around, but there are a lot of people still here, a lot of business still being done. There really are. There's no shortage of that. And because we're live on the queue, what happens in Vegas doesn't stay in Vegas. So we're happy to welcome a couple of new guests to the queue that are going to share all these great things about security and teach us to, to my left is Robbie's sort of Austin VP of solutions and platform marketing from forest points and from AWS. >>Roe had gooped up global segment leader insecurity. Gentlemen, welcome. Thank you. Thanks for having us. So we can't go to any event without talking about security. It's, it's one of those topics that I think every generation understand when there are big breaches like Capitol one that happened recently or Facebook, even the older generations who are still in the workforce today, they understand it to some degree. The security is so complex. And, and Ravi, one of the things I know that's most challenging about security, especially cyber, is humans are 90 plus percent of the problem. It's human errors, right? Talk to us about Forcepoint. I love the tagline, human centric cybersecurity. How can you help us humans fix all of the errors that we're causing? Or can you, Doug, good question. It's, it's the cat and mouse game, right? Uh, so Forcepoint is a purpose belt, a user and data protection company, right? >>And we're focused on the digital identities and the behavior of their cyber behavior to be able to understand that and then protect, um, data and the users as well. So that's what we refer to as human centric cybersecurity. And how long have you guys been working on this? Oh, we've been working on this for decades. It's the problem with traditional security was all infrastructure centric, guns, guards and Gates and magic will happen. And then turns out those bad actors figure out the guns, guards and Gates and always looking to compromise users and their access. And so independent of whether the attack is external or internal, it's that compromise that that's the focus. And so when you focus on the compromise, that's where we focused on in terms of how to help companies with security. So, so what, what does that connection between behavior in between operations? >>I mean, so what are you looking for in terms of what that user's doing correctly or incorrectly? I mean, what kind of markers do you have? What kind of signs do you get? And in what corrective measures can you put into the process that automatically will correct or at least address that? Yeah, so let me take an example. Right? Um, so if I'm a developer, I'm building using Amazon's awesome services, putting a lot of content in there. I use get hub as a storage. I put a lot of information in there and I'm doing that quickly to get my project done. Right. As I do that and I launched that application, then security comes along after after fact and says, well, let's put security design a day and then how do we protect the data? That model is breaking. Why is it breaking? Because companies are saying users are no longer coming just from the enterprise. >>They're working from home, they're working from the Starbucks and they're accessing the same data and bad actors follow that too. What do they do? They follow the users and go, I can then pretend to be Ravi and get access to the data. And that's how you see a lot of the breaches. So what we're looking at is the behavior of Ravi as an employee. I engage with my mobile device, with my laptop, I get access. I work from eight to five, I'm in Austin most of the times. So the markers are user related, device related, and also context. It's like, why am I logging in from Austin? And at the same time also seeing a login from China that doesn't look right. So that's, that's an example of a behavior. So what's the red flag that goes up there? And you mentioned China, that's an extreme example, but I'm sure there are some more subtle or some not quite as obvious. >>I mean, what exactly is that, that prophylactic measure that that comes in that's automated that says, wait a minute, I don't think this is Ravi, although it's in Denver or it's on this server, whatever month. You know what I mean? Absolutely. So again, the context is built out of three things, users, devices and the environment. Right? By triangulating on those three things, you can actually capture very subtle needle in the haystack of being able to say, look, this is Robbie's behavior. So we're going to let him access get hub. We're going to let him access all the resources on Amazon, but as soon as we see deviations from that, we're going to throw a yellow flag. We're going to ask them to login with a multifactor authentication or some, some other additional form of engaging. Then if we still see more deviations, then we say the word, I'm actually blocked that and I can safely block it because I know that this is not Ravi anymore. Right. And that's how we've seen a lot of organizations use behavior at the heart of their security posture. >>So Rohit, before we went live, you, you told John and me that you've been in security for a thousand years. So one of the biggest challenges though besides people is, is being reactive. And when companies have to be reactive to security events, whether they're ostensible or, or more subtle like John talked about, that can potentially be catastrophic. Can you just talk to us a little bit about some of the historical changes say in the last few years that you've seen where companies, there's no time to go from react to be reactive. How are companies leveraging technologies like Forcepoint and AWS to go from reactive to predictive to eventually prescriptive? >>Yes, that's a good question. And firstly, it's a dozen years, not a thousand years, but, uh, it feels like that sometimes. Uh, so what we have found is that the cloud actually has helped companies become more secure because security is about visibility and control. And what the cloud does is provide better visibility than was available before because you have things like cloud trail that are showing any event that is happening in the system that you could actually use to figure out what happened before and then you can learn from that quickly and take action to fix it. So that's where the control part comes in. Over time you will get better at understanding the signals, as Robbie was saying, and you can be more predictive or you can take action much faster. And even if you don't completely solve the problem right away, you are able to react much faster. So the damages is minimal. Right? And so we've seen that change happened over the years. Companies are using automation that the cloud brings and coupled with the visibility to really gain control back. >>You know, there, there's um, I don't know if you'd call it a natural tension, but there's certainly some friction. Speed. Security, right? I want to go, go, go, go, go. I want to stop, stop, stop. So I've stopped. Right? So I mean our, our, our, our, they to take years, you know, cat and mouse are the, are they natural enemies or friction or can they be complimentary now in such a way because of what you are developing are the tools that we do have at our disposal now, can you address both? It's very, very interesting. The, when you started with an infrastructure centric security, when you put guns, guards and Gates, they were that tension, right? But when you start to change the conversation about, look, we're not about stopping progress, we want the developers to use the data, but we want them to do use it securely, right? And as you start to think about that approach, then security can actually be an enabler for digital transformation. Just as Amazon is talking today or throughout the last three days about how you've lots of services and enabling digital transformation. That's really our focus too, is how to enable that securely. How to enable users to be able to touch the data wherever it is, but secure that along the value chain >>is security. Is this question for both of you and Rohit? Let's start with you. Where is security and terms of the conversation as Andy Jassy talked about on Tuesday when he was talking about business, true business transformation gotta start at the top, you to have that senior exec level initiative sponsorship that's pushed down into the organization is security at that. I imagine it is at that senior level. Talk to us about how you've seen that evolve and how it is really a cornerstone to digital transformation. >>Yeah. I think security used to be an afterthought. The developers were not concerned about it. They don't teach security or at least they didn't teach security in college and computer science courses. It was not even that important. It's gone from that to an hour board level and perhaps even a regulatory level of discussion where it is being addressed by much higher authorities then even the board of the company. Right. So yes, it has definitely gone from a backroom operation that people didn't care about to something that is really very important and as Ravi said, you can move fast and stay secure. You almost have no choice because you have to move fast, right? Figuring out how to be secure in that environment and you don't do not want to end up in the news ultimately. And so that is why it is a conversation that is elevated. Now to the board level. >>Do you see that, speaking of ending up in the news, and there's a couple of folks whose boobs are here that have been in the news recently for significant breaches, human caused, is that when that becomes a sensational story, is that a facilitator of more conversations of customers coming? And maybe, maybe Ravi, I'll start with you. Customers coming to Forcepoint going, gosh, you know what, here's another example of a breach that affected millions and millions. We need to get our hands around this in a better way so that we can really use that data for competitive advantage to those, those news breaking stories, good for business. >>So we get invited to a lot of board level conversations. Our leaders get invited to speak to boards and the two common questions they get asked is, am I going to be the next target? Right? And then most importantly, the second one is how am I doing against my peer group? Right? And so when it comes to that conversation, as you as rotors, there's describing it, organizations are saying, look, I've gotta be able to run my business and I need to run it securely in order to do that. If I can answer those two questions, I'm not going to worry about the threats and attacks and what happened to in the news. I'm more focused on how can I get this new project deployed, security connected? How do I do this new mobile application? Get that and to protect the data, right? So that's the conversation that boards want to know. >>So they do want the reference point, for sure. Can we, you know, at least it's talk about the headlines and we all see that almost to the point that we're kind of numb to it, right? We're almost desensitized. Another hack, another breach or whatever. So we've, in a way, our mindset is, or Facebook that it happens. Can we get to the different, flip that paradigm to where we almost take for granted that it won't happen, that that are our guide. Our guards are that good. I mean, what does it take to get to that point to where we don't accept preachers and we look at them as an anomaly rather than for kind of the cost of doing business. I mean that's, that's been the central focus for us with the human centric cybersecurity. We're saying if you take, uh, any breach and their story reads, breach happened and then you get all the other what they did after effect, right? >>And then they'd tell you a story that happened that the bad actor or the compromise was happened over some period of time, whether it was months to detecting bad things. Ex-post is hard. But what we are focused on when you look at human centric security as we're saying, the time to steal data is in minutes, but the indicators that it takes to steal that data has been building up. So we're saying if we can use behavior to show that buildup, then we could block it before a breach happens. So it's kind of like a slow drip in your ceiling, right? You see it there, go and go ahead. Don't wait for the ceiling to collapse. Right? You've got a ring that's growing there, so do something about it. Exactly how to identify it. >>Last question as we look at, one of the other things that Andy showed on Tuesday is that 97% of it spend is still on prem. We know that there's a lot of hybrid cloud out there in those types of environments which are becoming more and more the norm. How do you help customers manage all of that data regardless of what's on from what's in the cloud and how things are moving in a secure way. >>And that's where for us the partnership is critical and we see the partnership with Amazon to be very strategic in the fact that Amazon's building up awesome set of foundational controls. That's great. We'll let the developers use that, right? And now as enterprises connect with their data, data is on prem and in the cloud and everywhere in between. How do you then implement security that's closest to where the data sits? So we were leverage a lot of the security controls that Amazon provides. And in addition to that, we then offer more of a unified policy control to provide that control wherever the data sits, whether it's on the end point in line or in the cloud. >>Exciting stuff. Well guys, thank you for joining John and me on the program, giving us more information on, on cybersecurity and some of the opportunities that businesses have to actually use that as an advantage. We appreciate your time. Thank you. Thank you for the time for John Walls. I'm Lisa Martin. You're watching the Q for Vegas. Re-invent 19 thanks for watching.

>> Live from San Francisco, its theCUBE. Covering RSA Conference 2019. Brought to you by Forescout. >> Hey welcome back everybody Jeff Frick here with theCUBE. We're at RSA Conference North America 2019. 40,000 plus people in the brand newly refinished. Moscone, they finally got it done and it looks great, we're excited to be here and the guy, one of the many people responsible for this whole event is joining us for a return visit. He's Rohit Ghai, the president of RSA. Rohit, congratulations on another incredible event. >> Thank you, it is incredible indeed and the scope of the conversation, the breadth of the conversation, amazing. >> Right, I was looking a couple of years ago I think it was Valentine's Day, thankfully you didn't do Valentine's Day this year 'cause I don't think Moscone was ready for you. >> That's right, I don't think that would have played out well, yes (laughs). >> So lets jump into it a little bit, kind of general impressions you know security is not getting any less in demand. We're seeing increased threats, we're getting dumbed down to breaches. Give me the facts, how many vendors are here displaying today, how many sponsors? What are are some of the basics? >> Yeah, so look 40,000 plus attendees you know we have 800 plus folks on the show floor. There is a total of 1,700 plus vendors in this industry so its a very fragmented industry and everybody whose anybody in cyber-security is actually here. The other stat that is interesting is in terms of shared voice and the media coverage that actually happens at the RSA conference, if you just put that together that's more than any of the social conversations throughout the year. So this one week will generate more shared voice around cyber-security than the entire year. >> It's the place to be. So let's jump into it, so one of the big issues that you've always talked about is using a really kind of business approach to assessing risk and some of the math behind making a good business decision on how much you invest and what do you protect. You've expanded that vision a little bit this year. Tell us a little more about that. >> We see our role as RSA to provide a safe passage of the world to its digital future state. As you know digital transformation is a buzz-word. Every company is trying to go digital but they don't know what they don't know. Technology is premiering things where its never been before. It's inside baby monitors, inside pace makers, inside cars. Companies that are adapting this technology don't have the competency to actually mitigate risk. The stat I use is one-trillion lines of code will be shipped over the next decade by companies that have shipped exactly zero lines of code. >> One trillion new marginal lines of code. >> So, the meta point is we face unprecedented digital risk, because of adoption of digital technology. So technology is a force for the good but you have to embrace it mindfully and pay attention to digital risk management and that's our role. The role of RSA is to help companies manage digital risk. >> Right, and how do they sort through it all? I just feel for all this between the number of threats, the number of solutions, the IOT is coming on board, 'Internet of Things'. The OT is now being connected to the IT, your head's got to be just spinning. >> It feels overwhelming doesn't it. What I say is anytime you feel overwhelmed you could do three things. You have to reduce the amount of work, you do that by designing security in, resilient infrastructure. Second is that you have to automate work. Which is basically using technology like artificial intelligence and machine learning. But as you know the bad guys have all the AI and ML we the good guys do. So the third recipe for success is business driven security. Which means you have to apply business contacts to your security posture, so you focus on the right problems. The right cyber incidents right here right now. And that's our unique advantage the good guys, the only advantage we the good guys have is our understanding of our business contacts. We call that business driven security. >> So an interesting piece of that is how the value proposition is changing. It used to be the young kid hacking the school site giving himself an A. Then it got to people getting into bank accounts and personal information. But now we're seeing with the nation's states, we're seeing political motivation. >> Exactly. >> There's a lot of different motivations so it gets into this whole evaluation of data, what is the data that they want and is it valuable? Because what they want or is valuable tomorrow might be different than what it was today. >> You're right, the clock speed of digital business is markedly enhanced. So you need solutions that can move at the pace of business. So its no longer about efficacy, its about speed, both on the risk side and security you need solutions that can process this vast ocean of data, make sense of it, to prioritize your response. To focus on the things that are most important right now. >> Yeah, its crazy. Then we have this other trend that's happening now, which is kind of Big-Tech like from Big-Oil meaning not a positive connotation in a blowback. Where people are kind of waking up to the fact that my data is important and people are using it for ways that I didn't necessarily want them to. So this trust issue is really really significant. >> It is significant because in fact the topic of my keynote yesterday. We call it the trust landscape in which we painted a story that we are at the beginning of an era which is a trust crisis. Where people are losing faith in technology as a force for good and unless we act now we will put humanity in harms way and get in the way of human progress. And I think there is some things we need to do, if you think about trust, trust is based on reputation. Trust is not perfection, I don't trust you because you're perfect. I trust you because I can count on how you're going to behave in certain circumstances. Its based on your reputation. >> Right. >> If you think about today we are inviting complete strangers into our cars and homes with platforms like Airbnb and Uber Lyft. Because there is a technology trust platform. We need that on the enterprise side and what we're doing in the cyber security world is, we are actually making withdrawals from our trust or reputation bank account because breaches and bad news is the only thing that's reported. We are not reporting good cyber incidents. So that's the place where we need to work toward, where we are able to not just take withdrawals from our reputation bank account but make deposits by reporting not just bad cyber news but good cyber news. >> Right. >> When we prevent breaches or when we mitigate business impact or cyber incidents. All of those things we need to be more transparent about that. >> But its kind of tricky right now because its the old spy dilemma, you don't want to tell them that you caught them because then you are not in a position to catch them the next time. >> Yes, I think there is solutions there though. I think the reason we have been guarded in cyber security to share good news is because again we don't want to reveal details of our security posture. And we don't want to taunt the bad guy and attract attention towards ourselves. Having said that I think there is a way to do that anonymously without compromising your security posture and having this quantified way to measure your reputation or your cyber capability. >> Right, its really interesting that you go down this trust angle because the whole fake news thing. Is protecting your reputation really of more significant value than necessarily, I don't know, make up some other kind of silly data breach but your reputation and the trust that comes from that or the relationship you have with your customer is really really important. >> Absolutely, your reputation ascertains how your company will live through any crisis incident, right? And in the past corporate reputations were based on things like corporate social responsibility. Your conduct in the physical world, environment, sustainability, corporate ethics, in terms of how you are treating your employees on a fair basis. In the digital world, just like you have corporate social responsibility, you have corporate digital responsibility. You need to demonstrate conduct in terms of how you deal with data, how you take care of consumer data and are a good custodian for it. How you participate in the ecosystem. The Facebook Cambridge analytica example, when you share data with partners you have to feel accountability to that. So in this hyper-connected economy, third-party risk is actually probably higher than first party risk. So you no longer just need to worry about your own data landscape and your own infrastructure landscape. You need to worry about your ecosystem as well. >> Right, and that's before you count in if its an API based economy and you've got stuff in the cloud, you've got stuff in your data center, you've got stuff at remote locations. So the complexity is significantly changed. >> Absolutely. The good news is there's a great recipe which is digital risk management. Risk and trust have to coexist right? If you don't take risks you can't make progress or innovate but in order to have trust you need to have predictability. And that comes through a risk management approach and that's why RSA is so excited about this idea of digital risk management. Its a great responsibility to chart the course to the digital future of the world. >> Well you've certainly got everybody's ear as you said everybody whose anybody is here and this is the place to be this week so congratulations again on a very big and successful show and we're excited that we got to sit down this time not standing in the hallway. >> Thank you, thank you. >> Alright thanks again. >> I enjoyed the conversation. >> Alrighty, he's Rohit, I'm Jeff, you're watching theCUBE. We're at RSA North American conference in Moscone. Thanks for watching we'll see you next time.

>> Live, from San Francisco, it's theCUBE covering IBM Think 2019. Brought to you by IBM. >> Hello everyone, welcome back to theCUBE's live coverage here in San Francisco for IBM Think 2019. I'm John Furrier, Stu Miniman with theCUBE. Stu, it's been a great day. We're on our fourth day of four days of wall to wall coverage. A theme of AI, large scale compute with Cloud and data that's great. Great topics. Got two great guests here. Rohit Badlaney, who's the director of IBM Z As a Service, IBM Systems. Real great to see you. And Nataraj Nagaratnam, Distinguished Engineer and CTO and Director of Cloud Security at IBM and Hybrid Cloud, thanks for joining us. >> Glad to be here. >> So, the subtext to all the big messaging around AI and multi-cloud is that you need power to run this. Horsepower, you need big iron, you need the servers, you need the storage, but software is in the heart of all this. So you guys had some big announcements around capabilities. The Hyper Protect was a big one on the securities side but now you've got Z As a Service. We've seen Linux come on Z. So it's just another network now. It's just network computing is now tied in with cloud. Explain the offering. What's the big news? >> Sure, so two major announcements for us this week. One's around our private cloud capabilities on the platform. So we announced our IBM Cloud Private set of products fully supported on our LinuxOne systems, and what we've also announced is the extensions of those around hyper-secure workloads through a capability called the Secure Services Container, as well as giving our traditional z/OS clients cloud consumption through a capability called the z/OS Cloud Broker. So it's really looking at how do we cloudify the platform for our existing base, as well as clients looking to do digital transformation projects on-premise. How do we help them? >> This has been a key part of this. I want to just drill down this cloudification because we've been talking about how you guys are positioned for growth. All the REORG's are done. >> Sure, yeah >> The table's all set. Products have been modernized, upgraded. Now the path is pretty clear. Kind of like what Microsoft's playbook was. Build the core cloudification. Get your core set of products cloudified. Target your base of customers. Grow that and expand into the modern era. This is a key part of the strategy, right? >> Absolutely right. A key part of our private cloud strategy is targeted to our existing base and moving them forward on their cloud journey, whether they're looking to modernize parts of their application. Can we start first with where they are on-premise is really what we're after. >> Alright, also you have the Hyper Protect. >> Correct. >> What is that announcement? Can you explain Hyper Protect? >> Absolutely. Like Rohit talked about, taking our LinuxOne capabilities, now that enterprise trusts the level of assurance, the level of security that they're dependent on, on-premise and now in private cloud. We are taking that further into the public cloud offering as Hyper Protect services. So these are set of services that leverage the underlyings of security hardening that nobody else has the level of control that you can get and offering that as a service so you don't need to know Z or LinuxOne from a consumption perspective. So I'll take two examples. Hyper Protect Crypto Service is about exposing the level of control. That you can manage they keys. What we call "keep your own keys" because encryption is out there but it's all about key management so we provide that with the highest level of security that LinuxOne servers from us offer. Another example is database as a service, which runs in this Hyper Secure environment. Not only encryption and keys, but leveraging down the line pervasive encryption capabilities so nobody can even get into the box, so to say. >> Okay, so I get the encryption piece. That's solid, great. Internet encryption is always good. Containers, there's been discussions at the CNCF about containers not being part of the security boundaries and putting a VMware around it. Different schools of thought there. How do you guys look at the containerization? Does that fit into Secure Protect? Talk about that dynamic because encryption I get, but are you getting containers? >> Great question because it's about the workload, right? When people are modernizing their apps or building cloud-native apps, it's built on Kubernetes and containers. What we have done, the fantastic work across both the IBM Cloud Private on Z, as well as Hyper Protect, underlying it's all about containers, right? So as we deliver these services and for customers also to build data services as containers or VM's, they can deploy on this environment or consume these as a compute. So fundamentally it's kubernetes everywhere. That's a foundational focus for us. When it can go public, private and multicloud, and we are taking that journey into the most austere environment with a performance and scale of Z and LinuxONE. >> Alright, so Rohit, help bring us up to date. We've been talking about this hybrid and multi-cloud stuff for a number of years, and the idea we've heard for many years is, "I want to have the same stack on both ends. I want encryption all the way down to the chip set." I've heard of companies like Oracle, like IBM say, "We have resources in both. We want to do this." We understand kubernetes is not a magic layer, it takes care of a certain piece you know and we've been digging in that quite a bit. Super important, but there's more than that and there still are differences between what I'm doing in the private cloud and public cloud just naturally. Public cloud, I'm really limited to how many data centers, private cloud, everything's different. Help us understand what's the same, what's different. How do we sort that out in 2019? >> Sure, from a brand perspective we're looking at private cloud in our IBM Cloud Private set of products and standardizing on that from a kubernetes perspective, but also in a public cloud, we're standardizing on kubernetes. The key secret source is our Secure Services Container under there. It's the same technology that we use under our Blockchain Platform. Right, it brings the Z differentiation for hyper-security, lockdown, where you can run the most secure workloads, and we're standardizing that on both public and private cloud. Now, of course, there are key differences, right? We're standardizing on a different set of workloads on-premise. We're focusing on containerizing on-premise. That journey to move for the public cloud, we still need to get there. >> And the container piece is super important. Can you explain the piece around, if I've got multi-cloud going on, Z becomes a critical node on the network because if you have an on-premise base, Z's been very popular, LinuxONE has been really popular, but it's been for the big banks, and it seems like the big, you know, it's big ire, it's IBM, right? But it's not just the mainframe. It's not proprietary software anymore, it's essentially large-scale capability. >> Right. >> So now, when that gets factored into the pool of resources and cloud, how should customers look at Z? How should they look at the equation? Because this seems to me like an interesting vector into adding more head room for you guys, at least on the product side, but for a customer, it's not just a use case for the big banks, or doing big backups, it seems to have more legs now. Can you explain where this fits into the big picture? Because why wouldn't someone want to have a high performant? >> Why don't I use a customer example? I had a great session this morning with Brad Chun from Shuttle Fund, who joined us on stage. They know financial industry. They are building a Fintech capability called Digital Asset Custody Services. It's about how you digitize your asset, how do you tokenize them, how you secure it. So when they look at it from that perspective, they've been partnering with us, it's a classic hybrid workload where they've deployed some of the apps on the private cloud and on-premise with Z/LinuxONE and reaching out to the cloud using the Hyper Protect services. So when they bring this together, built on Blockchain under the covers, they're bringing the capability being agile to the market, the ability for them to innovate and deliver with speed, but with the level of capability. So from that perspective, it's a Fintech, but they are not the largest banks that you may know of, but that's the kind of innovation it enables, even if you don't have quote, unquote a mainframe or a Z. >> This gives you guys more power, and literally, sense of pretty more reach in the market because what containers and now these kubernetes, for example, Ginni Rometty said "kubernetes" twice in her keynote. I'm like, "Oh my God. The CEO of IBM said 'kubernetes' twice." We used to joke about it. Only geeks know about kubernetes. Here she is talking about kubernetes. Containers, kubernetes, and now service missions around the corner give you guys reach into the public cloud to extend the Z capability without foreclosing the benefits of Z. So that seems to be a trend. Who's the target for that? Give me an example of who's the customer or use case? What's the situation that would allow me to take advantage of cloud and extend the capability to Z? >> If you just step back, what we're really trying to do is create a higher shorten zone in our cloud called Hyper Protect. It's targeted to our existing Z base, who want to move on this enterprise out journey, but it's also targeted to clients like Shuttle Fund and DAX that Raj talked about that are building these hyper secure apps in the cloud and want the capabilities of the platform, but wanted more cloud-native style. It's the breadth of moving our existing base to the cloud, but also these new security developers who want to do enterprise development in the cloud. >> Security is key. That's the big drive. >> And that's the beauty of Z. That's what it brings to the table. And to a cloud is the hyper lockdown, the scale, the performance, all those characteristics. >> We know that security is always an on-going journey, but one of the ones that has a lot of people concerned is when we start adding IoT into the mix. It increased the surface area by orders of magnitude. How do those type of applications fit into these offerings? >> Great question. As a matter of fact, I didn't give you the question by the way, but this morning, KONE joined me on stage. >> We actually talked about it on Twitter. (laughs) >> KONE joined us on stage. It's about in the residential workflow, how they're enabling here their integration, access, and identity into that. As an example, they're building on our IoT platform and then they integrate with security services. That's the beauty of this. Rohit talked about developers, right? So when developers build it, our mission is to make it simple for a developer to build secure applications. With security skill shortage, you can't expect every developer to be a security geek, right? So we're making it simple, so that you can kind of connect your IoT to your business process and your back-end application seamlessly in a multi-cloud and hybrid-cloud fashion. That's where both from a cloud native perspective comes in, and building some of these sensitive applications on Hyper Protect or Z/LinuxONE and private cloud enables that end to end. >> I want to get you guys take while you're here because one of the things I've observed here at Think, which is clearly the theme is Cloud AI and developers all kind of coming together. I mean, AI, Amazon's event, AI, AI, AI, in cloud scale, you guys don't have that. But developer angle is really interesting. And you guys have a product called IBM Cloud Private, which seems to be a very big centerpiece of the strategy. What is this product? Why is it important? It seems to be part of all the key innovative parts that we see evolving out of the thing. Can you explain what is the IBM Cloud Private and how does it fit into the puzzle? >> Let me take a pass at it Raj. In a way it is, well, we really see IBM Cloud Private as that key linchpin on-premise. It's a Platform as a Service product on-premise, it's built on kubernetes and darker containers, but what it really brings is that standardized cloud consumption for containerized apps on-premise. We've expanded that, of course, to our Z footprint, and let me give you a use case of clients and how they use it. We're working with a very big, regulated bank that's looking to modernize a massive monolithic piece of WebSphere application server on-premise and break it down into micro-services. They're doing that on IBM Cloud Private. They've containerized big parts of the application on WebSphere on-premise. Now they've not made that journey to the cloud, to the public cloud, but they are using... How do you modernize your existing footprint into a more containerized micro-services one? >> So this is the trend we're seeing, the decomposition of monolithic apps on-premise is step one. Let's get that down, get the culture, and attract the new, younger people who come in, not the older guys like me, mini-computer days. Really make it ready, composable, then they're ready to go to the cloud. This seems to be the steps. Talk about that dynamic, Raj, from a technical perspective. How hard is it to do that? Is it a heavy lift? Is it pretty straight-forward? >> Great question. IBM, we're all about open, right? So when it comes to our cloud strategy open is the centerpiece offered, that's why we have banked on kubernetes and containers as that standardization layer. This way you can move a workflow from private to public, even ICP can be on other cloud vendors as well, not just IBM Cloud. So it's a private cloud that customers can manage, or in the public cloud or IBM kubernetes that we manage for them. Then it's about the app, the containerized app that can be moved around and that's where our announcements about Multicloud Manager, that we made late last year come into play, which helps you seamlessly move and integrate applications that are deployed on communities across private, public or multicloud. So that abstraction venire enables that to happen and that's why the open... >> So it's an operational construct? Not an IBM product, per say, if you think about it that way. So the question I have for you, I know Stu wants to jump in, he's got some questions. I want to get to this new mindset. The world's flipped upside down. The applications and workloads are dictating architecture and programmability to the DevOps, or infrastructure, in this case, Z or cloud. This is changing the game on how the cloud selection is. So we've been having a debate on theCUBE here, publicly, that in some cases it's the best cloud for the job decision, not a procurement, "I need multi-vendor cloud," versus I have a workload that runs best with this cloud. And it might be as if you're running 365, or G Suite as Google, Amazon's got something so it seems to be the trend. Do you agree with that? And certainly, there'll be many clouds. We think that's true, it's already happened. Your thoughts on this workload driving the requirements for the cloud? Whether it's a sole purpose cloud, meaning for the app. >> That's right. I'll start and Rohit will add in as well. That's where this chapter two comes into play, as we call Chapter Two of Cloud because it is about how do you take enterprise applications, the mission-critical complex workloads, and then look for the enablers. How do you make that modernization seamless? How do you make the cloud native seamless? So in that particular journey, is where IBM cloud and our Multicloud and Hybrid Cloud strategy come into play to make that transition happen and provide the set of capabilities that enterprises are looking for to move their critical workloads across private and public in bit much more assurance and performance and scale, and that's where the work that we are doing with Z, LinuxONE set of as an underpinning to embark on the journey to move those critical workloads to their cloud. So you're absolutely right. When they look at which cloud to go, it's about capabilities, the tools, the management orchestration layers that a cloud provider or a cloud vendor provide and it's not only just about IBM Public Cloud, but it's about enabling the enterprises to provide them the choice and then offer. >> So it's not multicloud for multicloud sake, it's multicloud, that's the reality. Workload drives the functionality. >> Absolutely. We see that as well. >> Validated on theCUBE by the gurus of IBM. The cloud for the job is the best solution. >> So I guess to kind of put a bow on this, the journey we're having is talking about distributed architectures, and you know, we're down on the weeds, we've got micro-services architectures, containerization, and we're working at making those things more secure. Obviously, there's still a little bit more work to do there, but what's next is we look forward, what are the challenges customers have. They live in this, you know, heterogeneous multicloud world. What do we have to do as an industry? Where is IBM making sure that they have a leadership position? >> From my perspective, I think really the next big wave of cloud is going to be looking at those enterprise workloads. It's funny, I was just having a conversation with a very big bank in the Netherlands, and they were, of course, a very big Z client, and asking us about the breadth of our cloud strategy and how they can move forward. Really looking at a private cloud strategy helping them modernize, and then looking at which targeted workloads they could move to public cloud is going to be the next frontier. And those 80 percent of workloads that haven't moved. >> An integration is key, and for you guys competitive strategy-wise, you've got a lot of business applications running on IBM's huge customer base. Focus on those. >> Yes. >> And then give them the path to the cloud. The integration piece is where the linchpin is and OSSI secure. >> Enterprise out guys. >> Love encryption, love to follow up more on the secure container thing, I think that's a great topic. We'll follow-up after this show Raj. Thanks for coming on. theCUBE coverage here. I'm John Furrier, Stu Miniman. Live coverage, day four, here live in San Francisco for IBM Think 2019. Stay with us more. Our next guests will be here right after a short break. (upbeat music)

>> Live from San Francisco, it's TheCUBE. Covering IBM Think 2019. Brought to you by IBM. >> Welcome back to Moscone North at IBM Think 2019 I'm Stu Miniman, and my cohost for this segment is Dave Vellante. Happy to welcome two IBMers from the Z Group, we have Michael Jordan, distinguished engineer, everybody I'm sure in your family calls you the Michael Jordan? >> Nah, no, no >> Not the other one? >> I won't get into what they call me. >> Rohit Badlaney, who's a director of IBM Z as a service. So Rohit, we have to start there. We're very familiar with Z, you know, all the different pieces of it, but Z as a service, something new for this week, maybe help explain what the news is and-- >> Absolutely, so my mission in life is around Z and cloud. And this week you heard Jenny talk about Hyper Protect, and Hyper Protect is a family of services built in our IBM Cloud, on a cloud-ready systems, which are the ZR1 systems, in a multi-zone platform factor, so it provides the high availability disaster recovery. There are really four key services that we're announcing at this conference. One's around crypto and key management, provides the highest levels of security for our cloud. The second's around data as a service, which does traditionally really well on the platform, as a data-serving platform. The third's virtual servers, the fourth's containers that's going to be tied in to our Kubernetes Service. So we're bringing the breadth of our Z to our cloud. >> Yeah, you know, Michael, I show my age in the industry, I remember when we talked about security was, you know, lock the door on that rack that was in, or that mainframe that sat in the corner, we knew that that was secure. It's a little bit different when we talk about security and Z these days, it's cloud, it's global, >> Sure. >> It's all over the place. >> So-- >> But in fairness, right, I mean RACF was the gold standard of security, you know, before all this distributed systems stuff. You knew, you had full visibility on who did what, when, where, you know, very very detailed. Have you been able to carry that level of transparency and rigor into the cloud? >> Yeah, so some of this is what's old is new again, so one of the key areas that is a big focus for security in the cloud is encryption, right? You know encryption is going to a central part of being able to move data to the cloud, and the concepts of being able to bring your own key, is absolutely essential, and some of the capabilities that we've had on the Z platform for a very long time actually lend themselves extremely well to a cloud environment so for example, our cryptographic hardware can be virtualized, right? So each server can have 16 cryptographic cards, with 85 virtual domains per card, so you multiply that out it's, really serves cloud scale very well. And in addition to that, the cryptographic hardware is designed to meet the highest level of security certification standards, so a combination of security, and that virtualization really lends itself to offering a set of cloud services. >> If I think about the workloads that are running on Z, clearly there's no business case to move them off Z, into some commodity cloud, that would make no sense. You'd put your business at risk if you did that. But what's the business case of Hyper Protect, and Z as a service, could you talk about that a little bit? >> Yeah, so today our focus is primarily to elevate the security of our core and our cloud. If you look at what we are doing, it's around our Linux systems and not our traditional z/OS systems, and we're really focusing on where Z differentiates. It's around, you know Mike talked about key management, and key protection. It's around data protection, it's around scale. So the workloads, to your point, that do really well on the platform, are workloads that need that level of infrastructure characteristics. And it's not a well-known fact, but actually our Blockchain platform, and all the success IBM's had on Blockchain, has been running in our cloud, on our Z systems, over the last two years with 500 plus clients. Right, so those are the kind of workloads that benefit from the hardware characteristics, as well as the security characteristics. >> Just double-click on that, so you think Blockchain, often times you're thinking about distributed apps, you know, you think about transaction limits, et cetera et cetera, so what are the attributes of Z that lend itself well to those workloads? >> Oh that's a great question, so, several attributes, right? Definitely the key protection, and the data protection on Z, the sheer TPS, you know it's funny, I was actually with our BC doing a session today, and they were talking about the transaction per second they get by just running on Z versus commodity hardware. And they've had tremendous success, right? So those two, combined with you know, our Blockchain technology in our cloud runs on something called a Secure Services Container, which is an absolutely locked down container that no one can get access to. And those are the characteristics that, if you think about permissioned blockchain, that's where Z excels. So that's. >> One of the discussions we've been having is that, in a multi-cloud world I have different skillsets for the different environments. Can you give me a little compare/contrast how security fits in Z versus you know, x86, Linux, and public clouds? And also, how do I, as a customer, manage across those environments from a security standpoint? >> Sure, so a couple points on there. You know, one is, one of the benefits that we have with Z is we control a large portion of the stack, right? So we're able to integrate security into multiple layers of the stack. So Rohit mentioned the Secure Service Container, and that combines a number of capabilities that we've built in from the hardware, the firmware, the operating system, end to end. So for example, the Secure Service Container by default, all of the code and data associated with with one of these Secure Service Containers is encrypted. You don't have to do anything, it's, you deploy an application in of these containers, everything gets encrypted, in flight and at rest. And there's no configuration, no set up for that, it happens automatically. We validate, digitally sign and validate all of the firmware, the operating system, the application, and the entire package that gets loaded into one of these environments, to protect against introducing malware to that environment, and lastly is we block and restrict administrative access to prevent administrators from having uncontrolled access to the file system. So looking at that, right, since we own that stack and we can really integrate those security capabilities vertically through that stack to give the true value and the capabilities that you need in the cloud to protect both the application and the data. >> And that's always been the strength of the mainframe, is like you said, security's not a bolt-on, it's designed in from the very beginning. I mean when I started in the business, whatever IBM did with the 390, or whatever it was at the time-- >> You're dating yourself. >> Yeah, that's true. But the whole industry would focus on that. And then, frankly, IBM in the early '90s kind of lost it's way because it had that sort of install base, and it didn't really have to innovate. That's not the case today, you guys, well you have an install base who eats up, sort of every new cycle of Z. You've had to innovate, you've had to really invest in the roadmap, and stay current. Whether it's, you mentioned Blockchain, certainly Linux, et cetera. Now infusing AI as a service, so I wonder if you could talk a little bit about the sort of roadmap that you and your colleagues are on. Without obviously divulging futures, but there's a legacy there that you've invested in, and had to keep really current with some of the major industry trends to keep your clients happy. >> Yeah, and I'll weigh in and then Mike can jump in. I mean, the legacy of Z has always been scale, performance, hyper security, for the most regulated industries, for the most compliant industries, and our biggest enterprises. And that's going to continue, and the next generation of Z's going to continue down that theme. We are very focused on making Z part of the cloud. And so, there's a breadth of announcements, and I know we talked about Hyper Protect and the public cloud, but we're also expanding the Kubernetes orchestration on-premise with our IBM Cloud private product being supported fully on LinuxOne, and expanding it to Linux workloads, and z/OS workloads. And that is, you know, the cloudification of the platform is, I think, the next big step for us. >> But, so what's the real business driver for clients there? Is it just the notion of pay by the drink, and as a service? I mean obviously mainframe invented virtualization, and simplified management, and was always a key part of it, a key tenet. What's the real business driver for people to move to the cloud? >> I mean, in my view guys, it's the speed that they need to move at, right? I mean, you look at why we are standardizing on PaaS platforms, whether it's on the cloud or on-premise. The teams are constantly getting pushed to move faster, DevOps, now there's a new concept of DevSecOps, right? It's all about speed that's driving the need for the cloudification of the platform. The other reason is skills, right? Can I work with the mainframe in a way that I'm abstracting away the special skills needed, but I could still move with that speed in the DevOps cycle, right? So I think it's a combination of those both that's really driving this. >> And from a security perspective, I think a couple of the key points are looking ahead we're really focused on the data, right? How do we allow organizations, 'cause it's going to happen, right? Organizations will need to move data, whether it's temporarily, or longer term. They're going to need to move data to the cloud, that's just, it's a fact of life. So, how do we leverage and harness the capabilities that we have, that we've been talking about with the Z platform to enable clients to securely move their applications, pieces of applications, and data to the cloud so they can take advantage of the capabilities that Rohit was doing, with confidence that their data is not going to be compromised. And that includes a data-centric approach to protection of data, as well as protecting encryption keys and leveraging and taking advantage of the capabilities that we have on the platform for key protection, which is already a key part of the solution that we're bringing to market today. >> So the Z customer that bets his or her business on your platform, I mean, it's embedded, it's fundamental. What's the reaction been to Hyper Protect, you know, kind of feedback that you've had from clients? >> You know, everyone wants to be cloud today, right? So the reaction is actually been really positive. You know we've been working with our biggest Z clients, through what we call the Z Design Council, you know, validating the story. Because we want to help them on this enterprise-out journey. And the reaction has been good. Now, it's, it really depends on where they are on their cloud journey as well, right? Some are very much still want to be an on-premise shop, and some are aggressively moving to the public cloud. So our goal's really to intercept them wherever they are on that cloud journey. >> Yeah well many of them have a cloud mandate, right? >> Absolutely. >> Well, and I have clients come up to me on almost a continuous basis. When they look at what we, the capabilities that we've delivered with our z14 machine, and the cryptographic horsepower that we have with that machine, they're looking at it and saying hey, how do I harness this as a, you know, a crypto as a service for our enterprise? Which is kind of the precursor to what we're doing with the Hyper Protect services, but there is a keen interest from organizations to have a secure, performant, secure, stable environment for cryptographic services because, encryption is becoming ubiquitous, so providing that capability I think is significant. >> Yeah, and our goal, like Mike said, is really to make security easy, right? Whether it's in the public cloud and the enterprise developers don't have to worry about it. Can they get the levels of security that they need for their enterprises, or their enterprise workloads, but in an easy, cloud-native consumption model? That's really what Hyper Protect is. >> Yeah, I guess so final question is, what's the pricing implications of this new offering, and how do customers get started? Is this ready, shipping today? >> It's shipping in March. It's available today, that's the beauty of cloud, right? We went through what we call the experimental services, it's available in beta today. You could go to our IBM Cloud Catalog, access it, get it, try it. >> Great, give you a final word and takeaways you want people to have when it comes to security in the Z space. >> Yeah, so I think the main thing is that Z has a very proud tradition of security leadership and innovation, and what we're bringing to the market here is just another example of that security leadership and innovation. >> All right, well Michael and Rohit, thank you so much for bringing us the update-- >> Thanks, guys. >> Congratulations, on bringing the product to market. >> Thank you. >> Look forward to-- >> Good luck with it. >> Thank you. >> Thank you guys so much. >> All right, for Dave Vellante, I'm Stu Miniman, we'll be back to wrap up our day three of four days live, wall-to-wall coverage here, from Moscone North, IBM Think 2019, thanks for watching TheCube. (energetic techno music)

(light music) >> Hi, I'm Peter Burris and welcome to another CUBE Conversation from our wonderful studios in beautiful Palo Alto, California. Today we're going to be talking about digital transformation, more specifically the tooling that you have to establish or put in place to achieve digital transformation objectives and to do that, we've got Actian corporation here today. Rohit De Souza is the President CEO of Actian. Rohit, welcome to theCUBE. >> Thank you, Peter, I'm glad to be here. >> Well, we're happy to have you 'cause this is a really important topic, but before we get into the actual topic, give us the update on what's going on with Actian. >> Perfect, I'm not sure how much you know about Actian or how much you've followed it, but we've assembled over the years a series of assets that range from Data Management to Data Integration and Data Analytics, really targeted at the next generation of hybrid-data management, really helps companies manage the digital transformation. >> Alright, so let's jump into that digital transformation because that's where a lot of the conversation about hybrid starts, so our belief, and I want to test this with you, is that there really is a difference between a business and a digital business. And that difference is the degree to which a digital business treats data as an asset. >> Absolutely. >> And, in fact, we think that digital transformation is the process by which you re-institutionalize work, reorganize everything else to achieve the goals of using data as an asset, does that? >> Absolutely, and it's not just using the data as purely an asset, but it's using, it's leveraging the data that an enterprise has or has access to and the quantitative analysis of this to influence all aspects of that businesses functions or processes, the way it deals with customers, the way it deals with internal processes, and so on. >> You have to be able to capture data better, you have to be able to turn that data into value, and then you have to be able to act on it. Where does Actian fit in that kind of virtuous cycle? >> So Actian fits all along that chain. We've got the data management assets to allow you to manage that data effectively, we've got the integration assets to allow you to move data to the compute, to the compute to the data effectively, and we've got the best high-performing tools to be able to extract insights from that data at scale and do this all on commodity hardware, so you're doing this at a price-performance level that you can match up elsewhere. >> So it sounds like, but sounds really like you're more focused on creating value out of your data. You might be doing some work at the edge. >> Absolutely. >> And you might have some tooling-- >> Absolutely, absolutely. >> So tell us a little bit about how Actian's vision of data warehousing, data analytics, data warehousing, that whole range of capabilities, is different because of what the base tooling is capable of doing. >> Absolutely, the Actian, the premise behind Actian is that we're going to supplement an organization's digital strategy or data management strategy. So, we're not talking about having to replace stuff in mass, but we're talking about being able to supplement these things where necessary and giving organizations the flexibility to run things on premise or in the cloud, in multi-clouds giving them the flexibility to move from one cloud to the other, and so on. Those capabilities, that capability to manage that data, whether it's in relational systems, whether it's object-oriented systems, whether it's edge systems. To be able to extract the information from those edge systems, move that along to your central systems and then run analytics through it is what Actian does really, really well. >> So if I can kind of repeat that back to you, so, the idea here is that we've got data in an analytics function, that is now, has to be much more high-performance than it used to be. >> That's correct. >> So that we can do a faster close with almost operational time instead of queries from the analytics back to the transaction systems, have I got that right? >> Absolutely, so if you go back a ways the whole process was and the transactional systems here that are generating some information. I pull that information out into an enterprise data warehouse. I've got some things that happen with that, some results and analytics that results, that are driven and those are the results. May or may not make their way back into operations. Today, the business is slightly different. In this era of hyper-personalization, it's no use to me to find out that you were on my website last week, and you were looking at these three products, and you did buy this last year. I want to understand that you're here now and I want to understand how best we can make use of your presence on our company's website to sell you something else, to give you the next best offer, to know how you're interacting with us at that point and to change the interaction that we have with you. If that's going to take place, that needs to happen while the transaction systems are currently in operation. And so the notion of this operational data warehouse, is I'm interacting, I'm generating analytics while I've got those transactions in flight. >> I would even say that it sounds like it's not just a transaction systems are operational but the transaction-- >> That's correct. >> Is open. >> That's correct. >> So that you have, so you need a high-performance store data manager that's capable of responding while the transaction's open to shape, guide, and hyper-personalize the characteristics of the transaction. >> Absolutely. >> Alright, so now let's talk about the hybrid part. You mentioned that earlier. Another belief that we have is that we're going to see a lot of data moved up into the cloud but we can increasingly, the cloud is going to move to the data. We're going to see the services associated the cloud be bought down to the data. >> Couldn't agree more and, oh, by the way, this move to the cloud, this is not just a one time move. Most people think movement to the cloud is a one-time affair. I've got my data on premises for the move to the cloud. No, it's going to move from cloud to cloud. I'm going to have the ability, at some point and time, I'm going to want the ability to run this thing on multiple clouds. I'm not going to risk locking myself in to a particular vendor, so this notion of movement of data from premise to the cloud, perhaps from the cloud back to premise. And into cloud, is here to stay. So, the notion of creating the platform or the capability to move this data around, to move my compute to that data when I need to. It's here to stay, it's going to be with us for awhile. >> Well, it's one of the premises of cloud. The whole motion that data has to be made more fungible, you don't want to go to a bank where your money is contingent upon the definition of money by the bank. >> Absolutely. >> Same thing exists in cloud, so we want that degree of openness, a degree of evolveability but it also, and this is what I'm testing with you is, we think increasing the businesses are going to look at the value propositions, what activities are necessary to deliver those value propositions, where those activities are going to be extent or going to be an operation, and what data's going to be necessary to satisfactory and successfully and with high quality perform those. So, it means increasing that the data is going to be, you're going to want to move the data closer to the activity with right performance, manageability, security, everything else in place. >> That's correct. Or move the compute to the data. >> Or move the compute to the date. So is that kind of the vision that Actian has? Because you've got this family of data managers that each can be, start to become associated with certain styles or transactions or, better put, certain styles of compute and work, digital work. >> Absolutely, now, we take that one step further. There are people who do this today, but many of the approaches that people are using are either cost-prohibitive or don't work. What we've done is actually developed a set of approaches that make these approaches accessible. Today, the notion of true operational data warehousing to operation analytics has been available to really the large companies that have invested completely in extracting value from their data assets. We're bringing that value all the way down to enterprises without gigantic IT staffs, without necessarily spending an arm and a leg on some of the bespoke data management systems of yesterday. We're looking at leveraging commodity hardware to really move performance up a notch, taking your traditional hadoop systems, transitioning those from these swamps that they were into really, honest, goodness operational data store, operational data warehouses, so I can actually update and delete and manage these things like I would any ordinary database. And I've done this on commodity hardware which is distributed across the enterprise. >> So, it is the commodity hardware allows us to place the processing wherever we want. >> That's correct. >> And now we can put the manageability of the data and creating value out of the data. >> That's correct. >> Wherever we want. >> Very. >> So that we are not constrained by associating the data with the action wherever it needs to be. >> Absolutely. >> So as you look forward, what types of future do you anticipate for the evolving role of transaction systems, operational data stores, and digital business? >> I see them converging. I see there being a convergence of these... Digital business involves the operational data stores and the transaction systems, I think you're going to see an increasing number of hybrid systems. These systems that are good at doing both transactions and analytics out of the same systems. We've got one such one. Such one where we've embedded a very high-speed Colmar engine into a traditional relational source. That allows us to do very, very rapid reporting off of existing transactional systems but get analytics out of these systems without any additional overhead. >> Do you anticipate that customers, I mean, I do, but do you anticipate that enterprises are increasing to get alook at almost a data control plane? How does that likely to evolve and what role might Actian play in that? >> I think you bring up a very interesting point for the next generation of data management. There will be a data control plane, we aspire to play in that data control plane. It's not one plane yet. I don't think that the architecture of that one control plane that manages all your data assets across the company. >> And there probably never will be. >> Come about very soon but-- >> Nor is there likely to be one control plane for the reasons you said, you don't want to get locked in. >> But Actian does play in that control plane to allow enterprises the ability to then move their data selectively from on premise to the cloud or between the clouds. >> Alright, so, Rohit, you're a CEO, you've been around for a long time, lot of different places. Imagine, put yourself in the seat of another CEO at one of these large companies. What is the message that they need to bring to their senior staff and others in your organization about affecting this core transition with technology to become more data-oriented, data-friendly, and a culture rated to data utilization? >> I think if you're looking at, you more than likely underestimated the value that's locked in the data that's within your enterprise. Either from a view from a customer or competitive view or a view to improving the processes in you organization. If you task your organization with unlocking this, unlocking the value of these data assets, and being able to respond in more real time to some of the customer or the operations requirements, I think that would go a long way. >> And a part (mumbles) of that is if you've undervalued the data, you're under-investing in the tooling to get value out of the data. >> That's correct. >> Rohit De Souza is the president and CEO of Actian Conversation. Once again, Rohit, thanks for being on theCUBE and talking to us about digital transformation and Actian. >> Thank you very much, Peter. >> And once again, I'm Peter Burris and this has been another CUBE Conversation. Thanks very much for listening, until next time. (lightt music)

(instrumental electronic music) (crowd) >> Hey welcome back everybody, Jeff Frick, here with The Cube. We are live in Moscone Center, with 40,000 security experts at the RSA Conference, the biggest conference of its size, and one of the biggest tech conferences in the industry, second maybe only to Salesforce and Oracle's. So, there's a lot people here, a lot of action-- >> Absolutely. >> We're excited to be joined by the president of RSA, Rohit Ghai. Welcome. >> Thank you. Thank you. >> So first thing, kind of impressions of the show, we were here briefly last year, this thing was 34,000. This year, they're saying it's 40. >> Forty thousand, yeah. Look, RSA has the great burden and privilege of bringing the cyber security community together, and it's a true testimonial to the caliber of the people that this year we are able to attract 40,000 people. We have almost 500 plus, 550-something, I believe vendors and exhibitors. And the level of the conversation, in terms of the CEOs from different countries, the CEOs from all the mega corporations, public sector participants, the entire gamut of cyber security stakeholders are here today. >> That's an interesting kind of take because on one hand, you think there's so many people, but as a few people had mentioned earlier, really they're all here so, and on the grand scheme of things, it's not that many people. It's really this group of people-- >> Exactly. >> And they all know each other. People are all giving each other hugs, as they're walking up and down the booth, so this really is it. >> This is a community, and it's a tight-knit community. It's all the good guys and some linked together (laughing), and figured out what to do about the bad guys (laughing). >> I know, I just hope they all don't go to the bad side at the same time, we'd be in trouble. >> Absolutely. >> One of the things that comes up over and over at tech conferences specifically, and at here, too, is the ecosystem. >> Rohit: Yeah. >> Right? Nobody can do it alone-- >> Rohit: Yep. >> You've got to have an ecosystem-- >> Rohit: Yep. >> And there's a lot of conversations about sharing information-- >> Yep. >> More broadly-- >> Yep. Yep. >> More automated, faster-- >> Rohit: Yep. >> Really an important part of the strategy to fight the bad guys. >> Absolutely. In fact, that was a recurring theme from all the keynote speakers this morning, the notion of working together. The only shot we have of beating the bad guys is if we collaborate and share the information that we have, and go at it together. So, the ecosystem is super important to your point. >> Yep. So, what are some that are accounted for the people that aren't here-- >> Rohit: Yep. Kind of the key themes, some of the big announcement that RSA's make-- >> Rohit: Yeah. >> And I know the press release feed is full (laughing) this morning-- >> Rohit: Yeah. >> But what are you guys excited about for this year? >> Look, what I'm most excited about is a new approach. And here's the way I tee it up, the bad guys are getting really good, right? Every company is going digital, and digital companies are really juicy targets. We don't have enough good guys to fight on our behalf, enough trained good guys, which means we ought to bring technology to assist use, all the things like advanced, artificial intelligence, machine learning, data science, all those things have great capabilities, but the reality is we have to realize the bad guys have all the same technology that we do. So, it's not a technology problem anymore-- >> Right, right. >> We have to play to our strengths, play to our advantage, so this new approach, we call it business-driven security, which means take the security incidents and apply business context to it, enabling customers to take command of their cyber risk, and secure and protect what matters most. >> Right, right. >> So, it's a sense of prioritization, and if we do that successfully, then we are able to keep the bad guys, they're only inside the door, but we can curtail the damage and we can detect the breaches, and respond in a much more expedient manner. >> Right, always the problems within arm's race, right? Both people have the same amount of weapons, so it's how to use those weapons-- >> Rohit: It's how to use the weapons. >> More effectively. >> Absolutely. And therein the context is super important if you're going to apply business context to the way you apply that information-- >> Right. >> With those tools, that's how you win. >> Now, another theme that keeps coming up is kind of state-sponsored threats-- >> Rohit: Yep, yep. >> Which are different than, maybe, kind of commercially, or just-- >> Rohit: Yep, Yep. >> Kind of activists. >> Rohit: Yep. >> That's really changing the game because-- >> Rohit: It is. >> The resources behind those folks significantly bigger. >> Indeed. So, there's new kind of bad guys, like the nation state threat actors, and their objectives are totally different, right? Their objective is not just to steal data, but to tamper with data, and change the conversations as we saw in the case of the election-- >> Right, right. this year, the presidential elections. By tampering data you can actually shift conversations and influence outcomes, so it's a whole new ball game, in terms of the new types of threats and new types of threat actors like nation states, who are getting into the game. >> Yeah, I thought one of the interesting points that came up earlier in the keynote today-- >> Rohit: Yeah. >> I think they called it salting or spiking the algorithm-- >> Rohit: Yep. >> With intentional bad data to send the algorithm on a path, in which it really shouldn't go. >> Exactly, exactly. And the way you respond to that is, again, to back to my point around business-driven security. If you have data, and if you understand the business context around how that data ought to be used, then you're able to protect it and secure it, and make sure it doesn't get weaponized, or used against you. >> Right, right. And another theme that came up at another session I attended is kind of the unique role that companies are in versus-- >> Rohit: Yep. >> The government-- >> Rohit: Yep. >> Because even if there is state-sponsored-- >> Rohit: Yep. >> Issues going on-- >> Rohit: Yep. >> Because many of the companies, RSA included-- >> Rohit: Yeah. >> Operate globally across the number of geos. >> Yep. >> They potentially have even more data, different data, to fight the threat than any one government does on its own. >> Indeed, and this is where sharing of information is vital, and along those lines, RSA is excited to announce this year that we've joined the Cyber Threat Alliance, which is a consortium of private companies who have decided that it's not the threat intel data, it's how you use it that's going to be the differentiating factor. >> Right. >> So, in the spirit and vein of working together, we are sharing threat data with each other, so that we can respond to the bad guys. >> Right. So, give you the last word-- >> Rohit: Yeah. >> It's February 14th, Happy Valentine's Day. Start of the new year, what are some of your priorities as you look down the other road, what are we going to be talking about a year from now? >> Yeah. >> What's things that are on your plate that you're really thinking about? >> Yeah, yeah. Look, so, in the vein of Valentine's Day, I totally love cyber security (laughing). Let me say that, and in terms of what we're looking forward to. Look, RSA is in the game to innovate and set the table, and set the agenda for the cyber security market. We play the role of bringing the cyber security community together, but it's our innovation along the axis of business-driven security. We want to take that conversation, drive that into the industry because we believe that without that, we don't have a shot of beating the bad guys. >> Right. Alright, well, we're all rooting for you (laughing)-- >> Thank you. I appreciate that. >> And everybody else in this building, alright. >> I appreciate that. Thanks. >> He's Rohit. I'm Jeff. You're watching The Cube, live from RSA 2017, in downtown San Francisco. Thanks for watching. >> Thank you. (instrumental electronic music) (upbeat instrumental music)

(upbeat music) >> Welcome to theCUBE's coverage of HPE Discover 2021. I'm Lisa Martin. Robert Christiansen joins me, one of our alumni the VP of Strategy in the Office of the CTO at HPE. Robert, it's great to see you, welcome back to the program. >> It's nice being here, Lisa. Thank you so much for having me. >> So here we are still in this virtual world. Things are opening up a little bit, which is nice but one of the things I'm excited to talk to you about today is Edge to Cloud from the customer's perspective. Obviously, that's why HPE does what it does for its customers. So let's talk about some of the things that you see from your perspective, with respect to data. We can't have a Cube conversation without talking about data, there's more and more of it, value but getting access to it quickly, getting access to it in real-time and often cases to make data-driven decisions is a challenging thing to do. Talk to me about what you see from the customer's lens. >> Well, the customer at a very highest level from the board level on down they're saying, "Hey, what is our data strategy? How are we going to put the value of data in place? Are we going to have it manifest its value in an internal fashion where it makes us run better as an organization? Can we get cost improvements? Can we move quicker with that? And then can we monetize that data if it's like very specific to an industry like healthcare or pharma or something like that? Can we expose that data to the rest of the world and give them access into what we call like data sets?" And there's a lot of that going on right now too. So we're seeing these two different angles about how they're going to manage and control that data. And you were talking about, and you mentioned it, you know the Edge related focus around that. You know, the Edges where business is done is where people actually do the transaction whether it's in a healthcare like in a hospital or a manufacturing facility et cetera. And then, but that data that they're using at that location is really important to make a decision at that location. They can't send it back to a Cloud. They can't send it back to someplace, wait for a decision to happen and then shoot it back again and say, "Hey, stop the production line because we found a defect." You need to act at that moment which the clients are saying, "Hey, can you improve my reliability? Can you give me better SLS? Can you improve the quality of my products? Can you improve healthcare in a hospital by immediate decisions?" And that is a data problem. And that requires the movement of compute and networking and storage and fundamentally the core piece of HPE's world. But in addition to that, the software necessary to take the action on that data when they detect that there's some action that needs to be taken. >> And I mentioned a minute ago, you know real-time and we've learned in the last 15 months plus. One of the things we learned is for a lot of cases, access to real-time data is no longer a nice to have. It's really going to be something, an element that separates those that succeed versus those that aren't as competitive. But I want to talk about data from a consumption perspective consumers, producers, obviously, meeting to ensure that the data consumers have what they need, what is it? What is your thought when you talk with customers, the consumers versus the producers? >> Yeah, that's a great question, Lisa. One of the key fundamental areas that HPE and the Office of the CTO has really been focused on over the last six months is something that we call data spaces and that is putting in place a platform, a set of services that connect data consumers with data producers. And when you think about that, that really isn't nothing new. I mean, you could go all the way back, if you've been around for a while remember the company called TRW and they used to have credit reporting, and they used to sell that stuff. And then it moved into Experian and those things. But you've got Bloomberg and next LexisNexis and all these companies that sell data. And they've been doing it, but it's very siloed. And so the explosion of data, the valuableness the value of the data for the consumers of it has put the producers in a position where they can't readily be discovered. And whether it be a private source of data like an IoT device and an industrial control, or a set of data that might say, "Hey, here's credit card for our data on a certain geography." Those sets need to be discovered, curated, and be made available to those who would want that. You know, for example, the folks that want to know how IoT device is working inside an industrial control or a company who's trying to lower their fraud rates on credit card transactions, like in stadiums or something like that. And so this discoverability in this space, or what you just talked about is such a core piece of what we're working on right now. And we haven't, our strategy is not only to just work on what HPE has to bring that and manifest that to the marketplace. But more importantly, how are we working with our partners to really bridge that gap and bring that next generation of services to those clients that can make those connections. >> So connecting and facilitating collaboration, absolutely key, as well as that seamless flow of data sharing without constraints. How are customers working with HPE and some of your partners to be able to create a data strategy, launch it, and start gleaning value from data faster than they can before? (Robert chuckles) >> This is the big question because it's a maturity curve. Organizations are in various states of what we call data maturity or data management maturity. They can be in very early stages. You know what we consider, you know, they just more worried about just maintaining the lights on DR strategies and make sure that data doesn't go away versus all the way through a whole cycle where they're actually governing it and putting it into what I call those discoverable buckets that are made available. And there's a whole life cycle about that. And so we see a big opportunity here for our A&PS and other professional services organizations to help people get up that maturity curve. But they also have to have the foundational tools necessary to make that happen. This is really where the Ezmeral product line or software applications really shines being able to give that undercarriage that's necessary to help that data maturity and the growth of that client to meet those data needs. And we see the data fabric being a key element to that, for that distributed model, allowing people to get access and availability to have a highly redundant, highly durable data fabric and then to build applications specifically as data-intensive applications on top of that with the Ezmeral platform all the way into our GreenLake solutions. So it's quite a journey here, Lisa. I want to just, point to the fact that HPE has done a really, really good job of positioning itself for the explosion of all of these data-intensive AI/ML workloads that are making their way into every single conversation every single enterprise to this day that wants to take advantage of the value of the data they have and to augment that data through other sources. >> One, when you think about data-intensive applications the first one that pops into my mind is Uber. And it's one of those applications that we just expect. We kind of think of as a taxi service when really it's logistics and transportation, but all of the data on the backend that it is organizing to find the ride for me at my location to take me where I'm going. The explosion of data-intensive applications is great but there's also so much more demand from consumers whether we're in business or we're consuming in our personal lives. >> It's so true and that's a very popular example. And you know, you think about the real-time necessity of what's the traffic patterns at the time I order my thing. Is it going to route me the right way? That's a very real consumer facing one, but if we click into our clients and where HPE very much is like the backbone of the global economy. We provide probably one third of the compute for the global economy and it's a staggering stat if you really think about it. Our clients, I was just talking with a client here earlier, very, very large financial services company. And they have 1200 data sets that have been selling to their clients globally. And a lot of these clients want to augment that data with their existing real-time data to come up with a solution. And so they merge it and they can determine some value through a model, an AI model. And so we're working hand-in-hand with them right now to give them that backbone so that they can deliver data sets into these other systems and then make sure they get controlled and secured. So that the company we're working with, our client has a deep sense of security that that data set is not going to find itself out into the wild somewhere. And uncontrolled for a number of reasons, from security and governance mind. But the number of use cases, Lisa are as infinite as the number of opportunities for people see value in business today. >> When you're talking about 1200 data sets that a company is selling, and of course there are many, many data sets that many types of companies consume. How do you work with them to ensure that they don't just proliferate silos, but that they get more of a unified data repository that they can act on? >> Yeah, that's a great question. A key tenant of the strategy at HPE is Open-source. So we believe in a hybrid, multi-Cloud environment meaning that as long as we all agree that we are going to standardize on Open-source technologies and APIs, we will be able to write and build applications that can natively run on any abstract platform. So for example, it's very important that we containerize, for example, and we use storage and data tools that adhere to Open standards. So if you think about that, if you write a Spark application you want that Spark application potentially to run on any of the hyperscalers, the Amazon's or the Microsoft to GCPS, or you want it to run on-premises and specifically like on HPE equipment. But the idea here is I consider one of our clients right now. I mean, think about that. One of our clients specifically ask that question that you just said. They said, "Hey, we are building out this platform, this next generation platform. And we don't want the lock-in. We want to be, we want to create that environment where that data and the data framework." So they use very specific Open -source data frameworks and they open, they use very specific application frameworks the software from the Open-source community. We were able to meet that through the Ezmeral platform. Give them a very high availability, five nines high availability, redundant, redundant geographically to geographic data centers to give them that security that they're looking for. And because of that, it's opened so many other doors for us to walk in with a Cloud strategy that is an alternative, not just the one bet to public Cloud but you haven't other opportunity to bring a Cloud strategy on-premises that is compatible with Cloud-native activities that are going on in the public Cloud. And this is at the heart of HPE strategy. I think it's just, it's been paying off. It continues to pay off. We just keep investing and keep moving down that path. I think we're going to be doing really well. >> It sounds to me that the strategy that HP is developing is highly collaborative and synergistic with your customers. Talk to me a little bit about that, especially in the last year, as we've seen a massive acceleration in digital transformation about the rapid pivot to work from home, the necessity to collaborate electronically. Talk to me a little bit about that yin and yang with HPE and its customers in terms of your strategy. >> Yeah, well, I think when COVID hit one of the very first things that just took off with VDI. Rohit Dixon and I were talking on a podcast we had earlier around the work from home strategy that was implemented almost immediately. Well, we had it already in the can, we already were doing it for many clients already but it went from like a three priority to a 12, 10 being the max. Super, super charged up on how do we get work from home secured, work from home applications and stuff in the hands of people doing, you know, when data sensitivity is super important, VDI kicks in that's on that side. But then if you start looking at the digital transformation that has to happen in the supply chain that's going on right now. The opening up of our economies it's been various starts and stops if you look around the globe. The supply chains have absolutely gone under a huge amount of pressure, because, unlike in the United States, everybody just wants everything now because things are starting to open up. I was talking to a meat packing company and a restaurant business a little while ago. And they said, "Everybody wants to order the barbecue. Now we can't get the meat for the barbecues 'cause everybody's going to the barbecues." And so the supply, this is a multi-billion dollar industry supplying meat to all of the rest of the countries and stuff like that. And so they don't have optics into that supply chain today. So they're immediately having to go through a digitization process, the transformation in something as what you would call as low tech as delivering meat. So no industry is immune, none anywhere in this whole process. And it will continue to evolve as we exit and change how we live our life going into these next couple of years. I think it's going to be phenomenal just to watch. >> Yeah, it's one of the things I call a COVID catalyst some of the silver linings that have come out of this 'cause I wouldn't have thought of the meatpacking industry as a technology field as well, but now thanks to you, I will. Last question for you. When customers in this dynamic world in which we're still living talk about Edge to Cloud are they working with you to develop a Cloud initiatives, Cloud mandates, Cloud everywhere? And if so, how do you help them start? >> Yeah, that's a great question. So again, it's like back into the data model, everybody has a different degree or a starting point that they will engage us with a strategy but specifically with what you're talking about. Almost everybody already has a Cloud strategy. So they may be at different maturity levels with that Cloud strategy. And there's almost always a Cloud group. Now, historically HPE has not had much of a foot in the Cloud group because they never really historically looked at us says that HPE is a Cloud company. But what's happened over the last couple of years with the acceleration of the acceptance of Cloud on-premises and GreenLake, specifically, and the introduction of Ezmeral and the Cloud-native infrastructure services and past layer stuff that's coming up through the Ezmeral product into our clients. It's immediately opened the door for conversations around Cloud that is available for what is staying on-premises which is in excess of 70% of the applications today. Now, if you were to take that now and extend that into the Edge conversation, what if you were able to take a smaller form factor of a GreenLake Cloud and push it more closer to an Edge location while still giving the similar capabilities, Cloud-native functions that you had before? When we're provocative with clients in that sense they suddenly open up and see the art of the possible. And so this is where we are really, really breaking down a set of paradigms of what's possible by introducing, you know, not just from the Silicon all the way up but the set of services all the way to the top of stack to the actual application that they're going to be running. And we say, "Hey, we can offer it to you in as a pay as you go model, we can get you the consumption models that are necessary, that lets you buy at the same way as the Cloud offers it. But more importantly, we'll be able to run it for you and provide you an abstraction out of that model. So you don't have to send your people out into the field to do these things. We have the software, the tools, and the systems necessary to manage it for you." But the last part is I want to be really really focused on when clients are writing that application for the Edge that matters. They are putting it into new Cloud-native architectures containers, microservices, they're using solid pipelines development pipelines, they've implemented what they call their DevOps or their DataOps practices in field, in country, if you would say. That's where we shine. And so we had a really, really good conversation start there. And so how we start that is we arrive with a set of blueprints to help them establish what that roadmap looks like. And then our professional services staff, or A&PS groups around the globe are really really set up well to help them take that trip. >> Wow, that's outstanding, Robert. We could have a whole conversation on HPE's transformation. Internet itself that was my first job in tech was at Hewlett Packard back in the day. But this has been really interesting, really getting it your vision of the customer's experience and the customer's perspective from the Office of the CTO. Great to talk to you, Robert. Thank you for sharing all that you did. This could have been a Part 2 conversation. >> Well, I'm hopeful then that we'll do Part 3 and 4 here as the months go by. So I look forward to seeing you again, Lisa. >> Deal, that's a deal. All right. >> All right. >> For Robert Christiansen, I'm Lisa Martin. You're watching theCUBE's coverage of HPE Discover 2021. (upbeat music)

(upbeat music) >> Welcome to theCUBE's coverage of HPE Discover 2021. I'm Lisa Martin. Robert Christiansen joins me, one of our alumni the VP of Strategy in the Office of the CTO at HPE. Robert, it's great to see you, welcome back to the program. >> It's nice being here, Lisa. Thank you so much for having me. >> So here we are still in this virtual world. Things are opening up a little bit, which is nice but one of the things I'm excited to talk to you about today is Edge to Cloud from the customer's perspective. Obviously, that's why HPE does what it does for its customers. So let's talk about some of the things that you see from your perspective, with respect to data. We can't have a Cube conversation without talking about data, there's more and more of it, value but getting access to it quickly, getting access to it in real-time and often cases to make data-driven decisions is a challenging thing to do. Talk to me about what you see from the customer's lens. >> Well, the customer at a very highest level from the board level on down they're saying, "Hey, what is our data strategy? How are we going to put the value of data in place? Are we going to have it manifest its value in an internal fashion where it makes us run better as an organization? Can we get cost improvements? Can we move quicker with that? And then can we monetize that data if it's like very specific to an industry like healthcare or pharma or something like that? Can we expose that data to the rest of the world and give them access into what we call like data sets?" And there's a lot of that going on right now too. So we're seeing these two different angles about how they're going to manage and control that data. And you were talking about, and you mentioned it, you know the Edge related focus around that. You know, the Edges where business is done is where people actually do the transaction whether it's in a healthcare like in a hospital or a manufacturing facility et cetera. And then, but that data that they're using at that location is really important to make a decision at that location. They can't send it back to a Cloud. They can't send it back to someplace, wait for a decision to happen and then shoot it back again and say, "Hey, stop the production line because we found a defect." You need to act at that moment which the clients are saying, "Hey, can you improve my reliability? Can you give me better SLS? Can you improve the quality of my products? Can you improve healthcare in a hospital by immediate decisions?" And that is a data problem. And that requires the movement of compute and networking and storage and fundamentally the core piece of HPE's world. But in addition to that, the software necessary to take the action on that data when they detect that there's some action that needs to be taken. >> And I mentioned a minute ago, you know real-time and we've learned in the last 15 months plus. One of the things we learned is for a lot of cases, access to real-time data is no longer a nice to have. It's really going to be something, an element that separates those that succeed versus those that aren't as competitive. But I want to talk about data from a consumption perspective consumers, producers, obviously, meeting to ensure that the data consumers have what they need, what is it? What is your thought when you talk with customers, the consumers versus the producers? >> Yeah, that's a great question, Lisa. One of the key fundamental areas that HPE and the Office of the CTO has really been focused on over the last six months is something that we call data spaces and that is putting in place a platform, a set of services that connect data consumers with data producers. And when you think about that, that really isn't nothing new. I mean, you could go all the way back, if you've been around for a while remember the company called TRW and they used to have credit reporting, and they used to sell that stuff. And then it moved into Experian and those things. But you've got Bloomberg and next LexisNexis and all these companies that sell data. And they've been doing it, but it's very siloed. And so the explosion of data, the valuableness the value of the data for the consumers of it has put the producers in a position where they can't readily be discovered. And whether it be a private source of data like an IoT device and an industrial control, or a set of data that might say, "Hey, here's credit card for our data on a certain geography." Those sets need to be discovered, curated, and be made available to those who would want that. You know, for example, the folks that want to know how IoT device is working inside an industrial control or a company who's trying to lower their fraud rates on credit card transactions, like in stadiums or something like that. And so this discoverability in this space, or what you just talked about is such a core piece of what we're working on right now. And we haven't, our strategy is not only to just work on what HPE has to bring that and manifest that to the marketplace. But more importantly, how are we working with our partners to really bridge that gap and bring that next generation of services to those clients that can make those connections. >> So connecting and facilitating collaboration, absolutely key, as well as that seamless flow of data sharing without constraints. How are customers working with HPE and some of your partners to be able to create a data strategy, launch it, and start gleaning value from data faster than they can before? (Robert chuckles) >> This is the big question because it's a maturity curve. Organizations are in various states of what we call data maturity or data management maturity. They can be in very early stages. You know what we consider, you know, they just more worried about just maintaining the lights on DR strategies and make sure that data doesn't go away versus all the way through a whole cycle where they're actually governing it and putting it into what I call those discoverable buckets that are made available. And there's a whole life cycle about that. And so we see a big opportunity here for our A&PS and other professional services organizations to help people get up that maturity curve. But they also have to have the foundational tools necessary to make that happen. This is really where the Ezmeral product line or software applications really shines being able to give that undercarriage that's necessary to help that data maturity and the growth of that client to meet those data needs. And we see the data fabric being a key element to that, for that distributed model, allowing people to get access and availability to have a highly redundant, highly durable data fabric and then to build applications specifically as data-intensive applications on top of that with the Ezmeral platform all the way into our GreenLake solutions. So it's quite a journey here, Lisa. I want to just, point to the fact that HPE has done a really, really good job of positioning itself for the explosion of all of these data-intensive AI/ML workloads that are making their way into every single conversation every single enterprise to this day that wants to take advantage of the value of the data they have and to augment that data through other sources. >> One, when you think about data-intensive applications the first one that pops into my mind is Uber. And it's one of those applications that we just expect. We kind of think of as a taxi service when really it's logistics and transportation, but all of the data on the backend that it is organizing to find the ride for me at my location to take me where I'm going. The explosion of data-intensive applications is great but there's also so much more demand from consumers whether we're in business or we're consuming in our personal lives. >> It's so true and that's a very popular example. And you know, you think about the real-time necessity of what's the traffic patterns at the time I order my thing. Is it going to route me the right way? That's a very real consumer facing one, but if we click into our clients and where HPE very much is like the backbone of the global economy. We provide probably one third of the compute for the global economy and it's a staggering stat if you really think about it. Our clients, I was just talking with a client here earlier, very, very large financial services company. And they have 1200 data sets that have been selling to their clients globally. And a lot of these clients want to augment that data with their existing real-time data to come up with a solution. And so they merge it and they can determine some value through a model, an AI model. And so we're working hand-in-hand with them right now to give them that backbone so that they can deliver data sets into these other systems and then make sure they get controlled and secured. So that the company we're working with, our client has a deep sense of security that that data set is not going to find itself out into the wild somewhere. And uncontrolled for a number of reasons, from security and governance mind. But the number of use cases, Lisa are as infinite as the number of opportunities for people see value in business today. >> When you're talking about 1200 data sets that a company is selling, and of course there are many, many data sets that many types of companies consume. How do you work with them to ensure that they don't just proliferate silos, but that they get more of a unified data repository that they can act on? >> Yeah, that's a great question. A key tenant of the strategy at HPE is Open-source. So we believe in a hybrid, multi-Cloud environment meaning that as long as we all agree that we are going to standardize on Open-source technologies and APIs, we will be able to write and build applications that can natively run on any abstract platform. So for example, it's very important that we containerize, for example, and we use storage and data tools that adhere to Open standards. So if you think about that, if you write a Spark application you want that Spark application potentially to run on any of the hyperscalers, the Amazon's or the Microsoft to GCPS, or you want it to run on-premises and specifically like on HPE equipment. But the idea here is I consider one of our clients right now. I mean, think about that. One of our clients specifically ask that question that you just said. They said, "Hey, we are building out this platform, this next generation platform. And we don't want the lock-in. We want to be, we want to create that environment where that data and the data framework." So they use very specific Open -source data frameworks and they open, they use very specific application frameworks the software from the Open-source community. We were able to meet that through the Ezmeral platform. Give them a very high availability, five nines high availability, redundant, redundant geographically to geographic data centers to give them that security that they're looking for. And because of that, it's opened so many other doors for us to walk in with a Cloud strategy that is an alternative, not just the one bet to public Cloud but you haven't other opportunity to bring a Cloud strategy on-premises that is compatible with Cloud-native activities that are going on in the public Cloud. And this is at the heart of HPE strategy. I think it's just, it's been paying off. It continues to pay off. We just keep investing and keep moving down that path. I think we're going to be doing really well. >> It sounds to me that the strategy that HP is developing is highly collaborative and synergistic with your customers. Talk to me a little bit about that, especially in the last year, as we've seen a massive acceleration in digital transformation about the rapid pivot to work from home, the necessity to collaborate electronically. Talk to me a little bit about that yin and yang with HPE and its customers in terms of your strategy. >> Yeah, well, I think when COVID hit one of the very first things that just took off with VDI. Rohit Dixon and I were talking on a podcast we had earlier around the work from home strategy that was implemented almost immediately. Well, we had it already in the can, we already were doing it for many clients already but it went from like a three priority to a 12, 10 being the max. Super, super charged up on how do we get work from home secured, work from home applications and stuff in the hands of people doing, you know, when data sensitivity is super important, VDI kicks in that's on that side. But then if you start looking at the digital transformation that has to happen in the supply chain that's going on right now. The opening up of our economies it's been various starts and stops if you look around the globe. The supply chains have absolutely gone under a huge amount of pressure, because, unlike in the United States, everybody just wants everything now because things are starting to open up. I was talking to a meat packing company and a restaurant business a little while ago. And they said, "Everybody wants to order the barbecue. Now we can't get the meat for the barbecues 'cause everybody's going to the barbecues." And so the supply, this is a multi-billion dollar industry supplying meat to all of the rest of the countries and stuff like that. And so they don't have optics into that supply chain today. So they're immediately having to go through a digitization process, the transformation in something as what you would call as low tech as delivering meat. So no industry is immune, none anywhere in this whole process. And it will continue to evolve as we exit and change how we live our life going into these next couple of years. I think it's going to be phenomenal just to watch. >> Yeah, it's one of the things I call a COVID catalyst some of the silver linings that have come out of this 'cause I wouldn't have thought of the meatpacking industry as a technology field as well, but now thanks to you, I will. Last question for you. When customers in this dynamic world in which we're still living talk about Edge to Cloud are they working with you to develop a Cloud initiatives, Cloud mandates, Cloud everywhere? And if so, how do you help them start? >> Yeah, that's a great question. So again, it's like back into the data model, everybody has a different degree or a starting point that they will engage us with a strategy but specifically with what you're talking about. Almost everybody already has a Cloud strategy. So they may be at different maturity levels with that Cloud strategy. And there's almost always a Cloud group. Now, historically HPE has not had much of a foot in the Cloud group because they never really historically looked at us says that HPE is a Cloud company. But what's happened over the last couple of years with the acceleration of the acceptance of Cloud on-premises and GreenLake, specifically, and the introduction of Ezmeral and the Cloud-native infrastructure services and past layer stuff that's coming up through the Ezmeral product into our clients. It's immediately opened the door for conversations around Cloud that is available for what is staying on-premises which is in excess of 70% of the applications today. Now, if you were to take that now and extend that into the Edge conversation, what if you were able to take a smaller form factor of a GreenLake Cloud and push it more closer to an Edge location while still giving the similar capabilities, Cloud-native functions that you had before? When we're provocative with clients in that sense they suddenly open up and see the art of the possible. And so this is where we are really, really breaking down a set of paradigms of what's possible by introducing, you know, not just from the Silicon all the way up but the set of services all the way to the top of stack to the actual application that they're going to be running. And we say, "Hey, we can offer it to you in as a pay as you go model, we can get you the consumption models that are necessary, that lets you buy at the same way as the Cloud offers it. But more importantly, we'll be able to run it for you and provide you an abstraction out of that model. So you don't have to send your people out into the field to do these things. We have the software, the tools, and the systems necessary to manage it for you." But the last part is I want to be really really focused on when clients are writing that application for the Edge that matters. They are putting it into new Cloud-native architectures containers, microservices, they're using solid pipelines development pipelines, they've implemented what they call their DevOps or their DataOps practices in field, in country, if you would say. That's where we shine. And so we had a really, really good conversation start there. And so how we start that is we arrive with a set of blueprints to help them establish what that roadmap looks like. And then our professional services staff, or A&PS groups around the globe are really really set up well to help them take that trip. >> Wow, that's outstanding, Robert. We could have a whole conversation on HPE's transformation. Internet itself that was my first job in tech was at Hewlett Packard back in the day. But this has been really interesting, really getting it your vision of the customer's experience and the customer's perspective from the Office of the CTO. Great to talk to you, Robert. Thank you for sharing all that you did. This could have been a Part 2 conversation. >> Well, I'm hopeful then that we'll do Part 3 and 4 here as the months go by. So I look forward to seeing you again, Lisa. >> Deal, that's a deal. All right. >> All right. >> For Robert Christiansen, I'm Lisa Martin. You're watching theCUBE's coverage of HPE Discover 2021. (upbeat music)

(upbeat music) >> Hello, welcome to theCUBE studios of Palo Alto California for RSA conference keynote coverage and conference coverage. I'm Sean for your host of theCUBE. We're breaking down the keynote of RSA day one kickoff. We had Mark Nunnikhoven, who's the distinguished cloud strategist at Lacework. Mark former cube alumni and expert and security has been on many times before, Mark great to see you. Thanks for coming on and helping me break down RSA conference 2021 virtual this year. Thanks for joining. >> Happy to be here. Thanks for having me John. >> You know, one of the things Mark about these security conferences is that interesting, RSA was the last conference we actually did interviews physically face to face and then the pandemic went down and it was a huge shutdown. So we're still virtual coming back to real life. So and they're virtual this year, so kind of a turn of events, but that was kind of the theme this year in the keynote. Changing the game on security, the script has been flipped, connectivity everywhere, security from day one being reinvented. Some people were holding onto the old way some people trying to get on there, on the future wave. Clearly you got the laggards and you've got the innovators all trying to kind of, you know, find their position. This has been obvious in this keynote. What's your take? >> Yeah and that was exactly it. They use that situation of being that last physical security conference, somewhat to their advantage to weave this theme of resiliency. And it's a message that we heard throughout the keynote. It's a message we're going to hear throughout the week. There's a number of talks that are tying back to this and it really hits at the core of what security aims to do. And I think aims is really the right word for it because we're not quite there yet. But it's about making sure that our technology is flexible that it expands and adapts to the situations because as we all know this year, you know basically upended everything we assumed about how our businesses were running, how our communities and society was running and we've all had to adapt. And that's what we saw at the keynote today was they acknowledged that and then woven into the message to drive that home for security providers. >> Yeah and to me one of the most notable backdrops to the entire thing was the fact that the RSA continues to operate from the sell out when Dell sold them for alright $2 billion to a consortium, private privately private equity company, Symphony Technology Group. So there they're operating now on their own. They're out in the wild, as you said, cybersecurity threats are ever increasing, the surface area has changed with cloud native. Basically RSA is a 3000 person startup basically now. So they've got secure ID, the old token business we all have anyone's had those IDs you know it's pretty solid, but now they've got to kind of put this event back together and mobile world Congress is right around the corner. They're going to try to actually have a physical event. So you have this pandemic problem of trying to get the word out and it's weird. It's kind of, I found it. It's hard to get your hands around all the news. >> It is. And it's, you know, we're definitely missing that element. You know, we've seen that throughout the year people have tried to adapt these events into a virtual format. We're missing those elements of those sorts of happenstance run-ins I know we've run into each other at a number of events just sort of in the hall, you get to catch up, but you know as part of those interactions, they're not just social but you also get a little more insight into the conference. Hey, you know, did you catch this great talk or are you going to go catch this thing later? And we're definitely missing that. And I don't think anyone's really nailed this virtual format yet. It's very difficult to wrap your head around like you said, I saw a tweet online from one InfoSec analyst today. It was pointed out, you know, there were 17 talks happening at the same time, which you know, in a physical thing you'd pick one and go to it in a virtual there's that temptation to kind of click across the channels. So even if you know what's going on it's hard to focus in these events. >> Yeah the one conference has got a really good I think virtual platform is Docker con, they have 48 panels, a lot of great stuff there. So that's one of more watching closest coming up on May 27. Check that one out. Let's get into this, let's get into the analysis. I really want to get your thoughts on this because you know, I thought the keynote was very upbeat. Clearly the realities are presenting it. Chuck Robbins, the CEO of Cisco there and you had a bunch of industry legends in there. So let's start with, let's start with what you thought of Rowan's keynote and then we'll jump into what Chuck Robbins was saying. >> Sure yeah. And I thought, Rohit, you know, at first I questioned cause he brought up and he said, I'm going to talk about tigers, airplanes and sewing machines. And you know, as a speaker myself, I said, okay, this is either really going to work out well or it's not going to work out at all. Unfortunately, you know, Rohit head is a professional he's a great speaker and it worked out. And so he tied these three examples. So it was tiger king for Netflix, at World War II, analyzing airplane damage and a great organization in India that pivoted from sewing into creating masks and other supplies for the pandemic. He wove those three examples through with resiliency and showed adaptation. And I thought it was really really well done first of all. But as a cloud guy, I was really excited as well that that first example was Netflix. And he was referencing a chaos monkey, which is a chaos engineering tool, which I don't think a lot of security people are exposed to. So we use it very often in cloud building where essentially this tool will purposely blow up things in your environment. So it will down services. It will cut your communications off because the idea is you need to figure out how to react to these things before they happen for real. And so getting keynote time for a tool like that a very modern cloud tool, I thought was absolutely fantastic. Even if that's, you know, not so well known or not a secret in the cloud world anymore, it's very commonly understood, but getting a security audience exposure to that was great. And so you know, Rohit is a pro and it was a good kickoff and yeah, very upbeat, a lot of high energy which was great for virtual keynote. Cause sometimes that's what's really missing is that energy. >> Yeah, we like Rohit too. He's got some, he's got charisma. He also has his hand on the pulse. I think the chaos monkey point you're making is as a great call out because it's been around the DevOps community. But what that really shows I think and puts an exclamation point around this industry right now is that DevSecOps is here and it's never going away and cloud native and certainly the pandemic has shown that cloud scale speed data and now distributed computing with the edge, 5G has been mentioned, as you said, this is a real deal. So this is DevOps. This is infrastructure as code and security is being reinvented in it. This is a killer theme and it's kind of a wake-up call. What's your reaction to that? what's your take? >> Yeah, it absolutely is a wake-up call and it actually blended really well into a Rohit second point, which was around using data. And I think, you know, having these messages put out to the, you know, what is the security conference for the year always, is really important because the rest of the business has moved forward and security teams have been a little hesitant there, we're a little behind the times compared to the rest of the business who are taking advantage of these cloud services, taking advantage of data being everywhere. So for security professionals to realize like hey there are tools that can make us better at our jobs and make us, you know, keep or help us keep pace with the business is absolutely critical because like you said, as much as you know I always cringe when I hear the term DevSecOps, it's important because security needs to be there. The reason I cringe is because I think security should be built into everything. But the challenge we have is that security teams are still a lot of us are still stuck in the past to sort of put our arms around something. And you know, if it's in that box, I'm good with it. And that just doesn't work in the cloud. We have better tools, we have better data. And that was really Rohit's key message was those tools and that data can help you be resilient, can help your organization be resilient and whether that's the situation like a pandemic or a major cyber attack, you need to be flexible. You need to be able to bounce back. >> You know, when we actually have infrastructure as code and no one ever talks about DevOps or DevSecOps you know, we've, it's over, it's in the right place, but I want to get your thoughts and seeing if you heard anything about automation because one of the things that you bring up about not liking the word DevSecOps is really around, having this new team formation, how people are organizing their developers and their operations teams. And it really is becoming programmable and that's kind of the word, but automation scales it. So that's been a big theme this year. What are you hearing? What did you hear on the keynote? Any signs of reality around automation, machine learning you mentioned data, did they dig into automation? >> Automation was on the periphery. So a lot of what they're talking about only works with automation. So, you know, the Netflix shout out for chaos monkey absolutely as an automated tool to take advantage of this data, you absolutely need to be automated but the keynote mainly focused on sort of the connectivity and the differences in how we view an organization over the last year versus moving forward. And I think that was actually a bit of a miss because as you rightfully point out, John, you need automation. The thing that baffles me as a builder, as a security guy, is that cyber criminals have been automated for years. That's how they scale. That's how they make their money. Yet we still primarily defend manually. And I don't know if you've ever tried to beat, you know the robots that are everything or really complicated video games. We don't tend to win well when we're fighting automation. So security absolutely needs to step up. The good news is looking at the agenda for the week, taking in some talks today, while it was a bit of a miss and the keynote, there is a good theme of automation throughout some of the deeper dive sessions. So it is a topic that people are aware of and moving forward. But again, I always want to see us move fast. >> Was there a reason Chuck Robbins headlines or is that simply because there are a big 800 pound gorilla in the networking space? You know, why Cisco? Are they relevant security? Is that signaling that networking is more important? As of 5G at the edge, but is Cisco the player? >> Obviously Cisco has a massive business and they are a huge player in the security industry but I think they're also representative of, you know and this was definitely Chuck's message. They were representative of this idea that security needs to be built in at every layer. So even though, you know I live on primarily the cloud technologies dealing with organizations that are built in the cloud, there is, you know, the reality of that we are all connected through a multitude of networks. And we've seen that with work from home which is a huge theme this year at the conference and the improvements in mobility with 5G and other connectivity areas like Edge and WiFi six. So having a big network player and security player like Cisco in the keynote I think is important just because their message was not just about inclusion and diversity for skills which was a theme we saw repeated in the keynote actually but it was about building security in from the start to the finish throughout. And I think that's a really important message. We can't just pick one place and say this is where we're going to build security. It needs to be built throughout all of our systems. >> If you were a Cicso listening today what was your take on that? Were you impressed? Were you blown away? Did you fall out of your chair or was it just right down the middle? >> I mean, you might fall out of your chair just cause you're sitting in it for so long taken in a virtual event. And I mean, I know that's the big downside of virtual is that your step counter is way down compared to where it should be for these conferences but there was nothing revolutionary in the opening parts of the keynote. It was just, you know sort of beating the drum that has been talked about, has been simmering in the background from sort of the more progressive side of security. So if you've been focusing on primarily traditional techniques and the on-premise world, then perhaps this was a little a bit of an eye-opener and something where you go, wow, there's, you know there's something else out here and we can move things forward. For people who are, you know, more cloud native or more into that automation space, that data space this is really just sort of a head nodding going, yeap, I agree with this. This makes sense. This is where we all should be at this point. But as we know, you know there's a very long tail insecurity and insecurity organizations. So to have that message, you know repeated from a large stage like the keynote I think was very important. >> Well you know, we're going to be, theCUBE will be onsite and virtual with our virtual platform for Amazon web services reinforced coming up in Houston. So that's going to be interesting to see and you compare contrast like an AWS reinforce which is kind of the I there I think they had the first conference two years ago so it's kind of a new conference. And then you got the old kind of RSA conference. The question I have for you, is it a just a position of almost two conferences, right? You got the cloud native AWS, which is really about, oh shared responsibility, et cetera, et cetera a lot more action happening there. And you got this conference here seem come the old school legacy players. So I want to get your thoughts on that. And I want to get your take on just just the cryptographers panel, because, you know, as I'm not saying this as a state-of-the-art that the old guys saying get off my lawn, you know crypto, we're the crypto purists, they were trashing NFTs which as you know, is all the rage. So I, and Ron rivers who wrote new co-create RSA public key technology, which is isn't everything these days. Is this a sign of just get off my lawn? Or is it a sign of the times trashing the NFTs? What's your take? >> Yeah, well, so let's tackle the NFTs then we'll do the contrast between the two conferences. But I thought the NFT, you know Ron and Addie both had really interesting ways of explaining what an NFT was, because that's most of the discussion around the NFT is exactly what are we buying or what are we investing in? And so I think it was Addie who said, you know it was basically you have a tulip then you could have a picture of a tulip and then you could have something explaining the picture of the tulip and that's what an NFT is. So I think, you know, but at the same time he recognized the value of potential for artists. So I think there was some definitely, you know get off my lawn, but also sort of the the cryptographer panels is always sort of very pragmatic, very evidence-based as shown today when they actually were talking about a paper by Schnorr who debates, whether RSA or if he has new math that he thinks can debunk RSA or at least break the algorithm. And so they had a very logical and intelligent discussion about that. But the cryptographers panel in contrast to the rest of the keynote, it's not about the hype. It's not about what's going on in the industry. It's really is truly a cryptographers panel talking about the math, talking about the fundamental underpinnings of our security things as a big nerd, I'm a huge fan but a lot of people watch that and just kind of go, okay now's a great time to grab a snack and maybe move those legs a little bit. But if you're interested in the more technical deeper dive side, it's definitely worth taking in. >> Super fascinating and I think, you know, it's funny, they said it's not even a picture of a tulip it's s pointer to a picture of a tulip. Which is technically it. >> That was it. >> It's interesting how, again, this is all fun. NFTs are, I mean, you can't help, but get an Amber by decentralization. And that, that wave is coming. It's very interesting how you got a decentralization wave coming, yet a lot of people want to hang on to the centralized view. Okay, this is an architectural conflict. Is there a balance in your mind as a techie, we look at security, certainly as the perimeter is gone that's not even debate anymore, but as we have much more of a distributed computing environment, is there a need for some sensuality and or is it going to be all decentralized in your opinion? >> Yeah that's actually a really interesting question. It's a great set up to connect both of these points of sort of the cryptographers panel and that contrast between newer conferences and RSA because the cryptographers panel brought up the fact that you can't have resilient systems unless you're going for a distributed systems, unless you're spreading things out because otherwise you're creating a central point of failure, even if it's at hyper-scale which is not resilient by definition. So that was a very interesting and very valid point. I think the reality is it's a combination of the two is that we want resilient systems that are distributed that scale up independently of other factors. You know, so if you're sitting in the cloud you're going multi-region or maybe even multicloud, you know you want this distributed area just for that as Verner from AWS calls it, you know, the reduced blast radius. So if something breaks, not everything does but then the challenge from a security and from an operational point of view, is you need that central visibility. And I think this is where automation, where machine learning and really viewing security as a data problem, comes into play. If you have the systems distributed but you can provide visibility centrally which is something we can achieve with modern cloud technologies, you kind of hit that sweet spot. You've got resilient underpinnings in your systems but you as a team can actually understand what's going on because that was a, yet another point from Carmela and from Ross on the cryptographers panel when it comes to AI and machine learning, we're at the point where we don't really understand a lot of what's going on in the algorithm we kind of understand the output and the input. So again, it tied back to that resiliency. So I think that key is distributed systems are great but you need that central visibility and you only get there through viewing things as a data problem, heavy automation and modern tooling. >> Great great insight, Mark. Great, great call out there. And great point tied in there. Let me ask you a question on your take on the keynote in the conference in general as first day gets going. Do you see this evolving from the classic enterprise kind of buyer supplier relationship to much more of a CSO driven or CXO driven? I need to start building about my teams. I got to start hiring developers, not so much in operation side. I mean, I see InfoSec is these industries are not going away. People are still buying tools and stacking up the tool shed but there's been a big trend towards platforms and shifting left from a developer CICB pipeline standpoint which speaks to scale on the cloud native side and that distributed side. So is this conference hitting that Mark, or you still think there are more hardware and service systems people? What's the makeup? What's the take? >> I think we're definitely starting to a shift. So a great example of that is the CSA. The Cloud Security Alliance always runs a day one or day zero summit at RSA. And this year it was a CSO executive summit. And whereas in previous years it's been practitioners. So that is a good sign I think, that's a positive sign to start to look at a long ignored area of security, which is how do we train the next generation of security professionals. We've always taken this traditional view. We've, you know, people go through the standard you get your CISSP, you hold onto it forever. You know, you do your time on the firewall, you go through the standard thing but I think we really need to adjust and look for people with that automation capability, with development, with better business skills and definitely better communication skills, because really as we integrate as we leave our sort of protected little cave of security, we need to be better business people and better team players. >> Well Mark, I really appreciate you coming on here. A cube alumni and a trusted resource and verified, trusted contributor. Thank you for coming on and sharing your thoughts on the RSA conference and breaking down the keynote analysis, the RSA conference. Thanks for coming on. >> Thank you. >> Well, what we got you here to take a minute to plug what you're doing at Lacework, what you're excited about. What's going on over there? >> Sure, I appreciate that. So I just joined Lacework, I'm a weekend. So I'm drinking from the fire hose of knowledge and what I've found so far, fantastic platform, fantastic teams. It's got me wrapped up and excited again because we're approaching, you know security from the data point of view. We're really, we're born in the cloud, built for the cloud and we're trying to help teams really gather context. And the thing that appealed to me about that was that it's not just targeting the security team. It's targeting builders, it's targeting the business, it's giving them that visibility into what's going on so that they can make informed decision. And for me, that's really what security is all about. >> Well, I appreciate you coming on. Thanks so much for sharing. >> Thank you. >> Okay CUBE coverage of RSA conference here with Lacework, I'm John Furrier. Thanks for watching. (upbeat music)

>>Fly from San Francisco. It's the cube covering RSA conference, 2020 San Francisco brought to you by Silicon angle media >>and welcome back. You're ready Jeffrey here with the cube. We are a day four here at the RSA conference in Moscone Thursday. We've been going all day Monday, Tuesday, Wednesday, Thursday. It's a huge conference over 40,000 people, you know, kind of the first big us conference after the mobile world Congress thing with a coronavirus. So we were all kind of curious to see how it would work out. There was some companies that pulled out but you know Rohit and the team stayed the course, they got the support they needed from the city and it's turned out to be quite a show. So I'm sure there's a lot of people all over the industry kind of watching this as an indicator of how do you execute a conference and these kinds of crazy times. So we're excited for our next guest. He's Andy Smith, the senior vice president of marketing for Centrify. >>Andy, great to see you. Good to be here, Jeff. Doing great. So you said you've been coming to this show for a while, you're a seasoned veteran of the industry. First off kind of general impressions of this show versus versus other kinds of RSAs you've been doing in the past. It's super interesting to watch. It ebbs and flows of the security industry, right? I mean I've been 15 years over the past 25 I've been at this show and you've seen it be big and then shrink down, you know, to one hall and then the two halls again. I mean what's interesting the last couple of years is it's, it's big again, like security is hot. We know budgets are going up, a breach, cultures out there. And so, you know, the IC, the RSA show is a reflection of what's happening with the industry when you look at the size and number of attendees. >>Right. The other kind of theme this year was the human centric, uh, boat. And we had row head guy on just a little bit earlier in his keynote. I thought it was really interesting. It was not about security per se. It was not about threats and detection. It was really about stories and narratives and peoples and kind of taking that back as an industry. I wonder, you know, kinda your impression as this kind of human centric theme as we're surrounded by tech tech and more tech. It is, if you think about human centric, it's a, it's a big piece of your, your security strategy, right? I mean, uh, what, there was just this morning, uh, one of the sharks got fished, right? Lost $400,000. One of the, yeah. And so, uh, you know, educating people about looking out for fishing attacks, right? Uh, uh, looking at insiders who are one of our biggest threats and you know, they're, they're a huge piece of this is not technology at all. >>Right? I thought Wendy's keynote was great too from Cisco. Talking about everything we do on computers is about clicking. And yet we tell people, you know, click the download the patch, but don't click on anything else. And really, you know, kind of taken an approach that people need to be part of the solution. They're not these horrible people that keep clicking on the wrong things, but you really need to integrate them into your strategy. Yeah, absolutely. I mean, it's about educating your workforce. It's about educating consumers, right? Whether you're talking B to C security or whether you're talking to me to be that human element and educating to be diligent right to you, you got to know a little bit about how to look for something that might be suspicious and know what is, what you should be clicking on, what you shouldn't. There's, there's not a lot of technology that can solve that for you. >>It's getting out and, and, and making sure people are educated. And unfortunately, the bad guys have been working hard on their grammar and, uh, and doing all the AI on the background. So, you know, it's not, a lot of things today are not easily identifiable like they used to. They've gotten, that's no longer really kind of a baseline, a hope not to click that thing. They've gotten way better. Right? So rather than these attacks that are spray and pray, they're going after, you know, just going after anybody. They can, they're targeted now. Right? So spear fishing, right. And uh, and so specific individuals. And that's why one of the things that, that is a little bit coming up at this show and something that we talk about is identity centric security. So that you've got a tie, that kind of human element to your security. >>You know, there's network centric, but getting identity centric and tying that human element to your security aspect, making sure the security, the identity technologies and the security technologies are working together. That is brings that human element into your own security strategy. And when you, when you talk about identity, how should people be thinking about identity? Because clearly we see the kind of the rise in multi-factor now, right? We have to do, we have to go to the, our phones all the time with the code. Now we're hearing people, you know, can spoof identity, they can Smoove faces. I guess identity is not a face, but you know, some of these indicators of identity. So when you help people think about identity, what are some of the factors they should think about? What are the things they don't but they should be thinking about? Yeah, yeah. >>I mean some of the things that we talked a lot about is multifactor authentication. So although yes, right, real sophisticated people can have ways of getting around that, but most attackers and hackers are lazy, right? They're going to go for somebody who's got no multi-factor in place, like even doing the basics is way better than doing nothing. I mean, the statistics bear out that you do a little something right? And then you can always step it up and get more sophisticated where you've got tokens that you have to put your finger on, right? And you know, you can get smart cards and all those kinds of things. You can get much more sophisticated, but multi-factor in general works. I mean, you're just going to take it a far bit above. But what's interesting about identity, because we always think of humans, right? But when we talk identity, where this market is going is identity is machines. >>You have to give a machine an identity, you have to give a service account, an identity, you have to give a microservice identity. And these more and more, this is just completely automated world. This isn't humans logging into things anymore. This is microservices talking to each other. Each of those needs an identity needs an authorization cause they have accounts that can be hacked also. Right? So the you need protect those just as much as needed to protect those human accounts. It's funny cause we, we cover a lot of RPA shows, right? And the whole talk of, of of people that do RPA, right, is that they're, they're, they treat them as people, right? They treat them as kind of like your little assistance, your own little bot to do little tasks that you assigned them to do. So treating them with kind of an identity protocol. >>Then that gives all the authorizations and you kind of leverage all that back end is the way to integrate them into the workforce. Absolutely. It's all about access controls, authentication, authorization. Those are the controls that have been there forever. You're supplying these two new types of identities and you know, the, we're in the privileged access management space, so it used to always be a windows admin or a Unix Linux admin logging into a physical box, right? And so it was about protecting those accounts. But more and more it's about giving a machine and identity and a microservice and identity and how are those things talking to each other? We're protecting, that's all completely automated with dev ops. You think about if I have a, as I moved to the cloud, I want to be able to scale out dynamically, right? Uh, horizontally, vertically. So all of a sudden new servers, virtual servers or containers just popping up automatically. >>You have to be able to control the access to all those automatically, dynamically on the spot, and then they shrink back down. You need to get rid of all that, right? So the automation that's come into our space, although the same, I'm still trying to do authentication, authorization, same type of privilege access controls we've been doing for 30 years, but how they're applied in this new world is much different right now. What about then you layer you layer on top of that zero trust, so I definitely want to identify, but I have zero trust and I'm presuming at some point in time you might end up either being a bad guy or some bad guy's going to come in via your credential. How does the zero trust piece fit on top of the identity kind of management? It's really why we're talking about identity centric security now is because you can't, you, you have to assume somebody on your network. >>You can't trust all those perimeter controls that are there. The reality is they're going to get in and so that identity centric security starts at that access layer and not not trusting just because you got onto the network that, Oh, sure, here you go. You can, you can do whatever you want. That's where zero trust comes in. I don't, every time I want to get access to a piece of data or a system, et cetera, I need to do that F indication that authorization apply, that multi-factor. Those are all identity centric controls that result in this, this journey towards the zero trust world. It's, it's funny, uh, I've sat down with Mike and Caesar, uh, for scout and you know, he talks about when they do the little sniff on all the little devices that are plugged into the networks and it's usually multiples back of what people think are on the network, especially remote location. >>People are plugging stuff in. But then too, you know, like you said in the machine, identify, you know, what should a logic cam do and how should it act. And as soon as it starts acting and asking for things in accounts payable, maybe that's not necessarily what a lot to take camera wants do or should be doing. Yeah. Yeah. And so first there's like knowing what that device is giving you an identity so he know what it is, know what it should be doing. It has a role, it has specific access and authorization rights that are granted to it. So the logic camera, if I know what that camera is, you have an identity. I know what it's supposed to be doing. I should be able to restrict the access it has to just what it needs to do. Right. Rather than it's got root account to do whatever or some God account to create, you know, like those are the kinds of controls we have in place. >>And it's just logical identity management controls that have been there forever. But you're a, once you can identify those devices connected, you can, you can give them those, you know, limited. There's talk about least privilege, right? That's again, a 30 year old control, but giving at least privilege on just what it should do and nothing more. And do you see in the future just more and more kind of multifactor, uh, validation points that we'll have to get added to the, to the process as we move from single factor to factor, however many factors is going to take? For sure. Yeah. I mean, so the multi-factor, cause there's one thing are you authenticate yourself at the front door, right? So that's what most authentication is, but there's this concept of continuous authentication. You're the trust in that, uh, that initial authentication degrades as your session goes on. >>Right? So the longer I've had a session open, you know, is that still that same person or that same service that is clicking away at the keyboard there? There's cool stuff, wrong continuous authentication where there they can tell it's still the same person based on the cadence. They click on the keyboard, other biometric methods, the swiping I do on my phone and stuff like that. So there's ways to have continuous concepts now called continuous authentication. Right? And so I absolutely see that those behavior based, uh, types of, uh, of authentication. You're going out through a user's entire session. So I want to shift gears a little bit. One of the things that amazes me about this show, and I don't know when it was small, but it's been big ever since I've been coming. It's right, there's so many vendors here, there's so many companies in this and there's so many kinds of stories that a lot of really enthusiastic people work in booths that are screaming at you to come over and tell you all the great things they do. >>From a marketing point of view, you're, you're the SVP marketing. How do you, you know, kind of package your messaging, how do you kind of break through the clutter? What advice do you give to, to buyers, um, to help them kind of navigate what is a, a very large, loud and complex system? Yeah, it's a, it's a complex battle, right? So you have to be able to, because there are so many different technologies here, uh, in, in the security arena, uh, we're all fighting for the same share of wallet in a sense. Right? And so first you have to identify yourself with something people recognize a market that people recognize like identity, privilege, access management, endpoint security, you know, et cetera. But then you have to differentiate yourself within that market, right? So you've got to add something to the market space I'm in to that gives a little twist. >>So for us, it's identity centric, privilege access management and that, you know, we suppose that against Balt centric or you know, something else that we've tried to put the other bets. So you try to, in your message, you got to categorize what's the space I'm in and how do I differentiate? And in something as short and brand-able as possible. And then you got to have this kind of ongoing solutions, partnership relationship with, with your clients, right? Because this is not something you're going to be switching things out that frequently and, and, and, and the landscape and the threats evolve and change so rapidly. I think we've had a number of people come on to publish this report or that report, his report, he's come out every six months and there's actually the online version so he can keep up with what happened today or what happens tomorrow. >>So not an easy, uh, not an easy kind of marketing challenge to stay relevant, stay connected and state stay really in people's mind. Well, and you know, there's, there's awareness aspects to it and it is really just what really helps is you just create as many happy customers as you can. Right? I mean, you're amazed at the how connected this industry actually is. I mean, the attendees that are coming to this conference, they know each other. They've been coming here from here. It's just like we have. Right, right. And a word of mouth between people who have used your technology, they share that with something else. I mean the security industry as big as it is, it's, it's super interconnected. One person goes from one company to the other and so tons of business just comes from word of mouth, referral, etc. So the happier you can keep your customers, the more uh, you know, mind share. >>You can get up there. Okay. Last question before I let you go. We just like to say we just had row hit on one of the topics was they just got bought by a symphony. I think it's symphony, a private equity firm. Um, we met the other night at a, at a cocktail party put on by Tom Thoma Bravo and you were at Centrify before they came in. And after, you know, I think some people are kind of confused, you know, what is private equity, how does it impact the company? So wonder if you can kind of share, you know, how that transition has come along and you know, kind of give us an update on what's going on at Centrify and where you guys are going next. Yeah, so we were acquired about a year and a half ago now, uh, by private equity and you know, they basically, they take later stage companies and uh, help them get, uh, profitable, uh, they increased value and then they look for going, taking that company IPO or selling it off, et cetera. >>Right? But it's really about looking for opportunities, uh, in existing market with larger companies, the venture capitalists will go after smaller, much larger risks. These are bigger dollar amounts, right? Larger companies. But then they, they look about how to optimize. They're very sophisticated on how to run a B to B business. Tama Bravo happens to have a huge investment in security and it comes like eight or 10 companies there the other night. Yeah. So they, they realize that this is a hot space right now. So they've, if they can take a company and create value that they realize that there's more stuff popping up. There's probably money being invested in. And one of the things that, but not all private equities created equal. Yes, they are about all about kind of optimizing, increasing value. But what we really found with Tom or Bravo is they're interested in investing in that company, looking at other folds and acquisitions, et cetera. >>And that's a part of a strategy for me as a, as a manager and an I'm part of the executive team. When you're backed, they don't have the money to go after acquisitions. Uh, like that they, you know, they make these smaller investments. We're talking about Bravo actually does have the capital to look at other things that can be immediately accretive and add to your value. And that's a, a real part of our strategy now that didn't exist before we were owned by PE. I think they spun out a whole nother, another company out of what your technology say. Correct. Exactly. So one of the unique things about our particular acquisition is Centrify was both a privileged access management. And a identity as a service. And I Daz a company and they looked at what we were doing and they said, geez, you're really selling to two different markets and it's two different sales cycles and two different business models. >>We could actually create more value if we split these up and each of you focused on your individual markets. And so that there's a, there's an MQ and a market segment and a wave for IDASS and there's an MQ and a wave, you know, et cetera for Pam. But there's not anything that does both. And that's what Centrify was. So they actually, we, we completely divested of our IDASS capabilities spun off in an entirely separate company called adaptive. And so over the last year, that's was a lot of the work that was going on. It was, was splitting this company, uh, uh, into two. But it really provided us a much more focused to go after the market that we were going after. Well, they wouldn't come in if they didn't see some opportunity to, uh, to pull some more value out that wasn't really being unlocked. Absolutely. Right. Andy, we'll thank for taking a few minutes and uh, and great to catch up and best you for the rest of the show. Awesome. Thanks a lot, Jay. He's Andy. I'm Jeff. You're watching the cube where? At the RSA show in San Francisco. Thanks for watching. We'll see you next time.

>>Fly from San Francisco. It's the cube covering RSA conference, 2020 San Francisco brought to you by Silicon angle media. >>Hi everyone. Welcome back to the cubes coverage here at in San Francisco, the Moscone center for RSA conference 2020 I'm job for your host. We are the very special guests, the COO of VMware, Sanjay Poonen, cube alumni. When you talk about security, talk about the modern enterprise as it transforms new use cases, new problems emerge. New opportunities exist here to break it down. Sanjay, welcome back. Thank you John. Always a pleasure to be on your show and I think it's my first time at RSA. We've talked a number of times, but nice to see you here. Well, it's a security guard. Well, this is really why I wanted you to talk, talk to you because operations is become now the big conversation around security. So you know, security was once part of it. It comes out and part of the board conversation, but when you look at security, all the conversations that we're seeing that are the most important conversations are almost a business model conversation. >>Almost like if you're the CEO of the company, you've got HR people, HR, organizational behavior, collaboration, technology, stack compliance and risk management. So the threat of cyber has to cut across now multiple operational functions of the business. It's no longer one thing, it's everything. So this is really kind of makes it the pressure of the business owners to be mindful of a bigger picture. And the attack velocity is happening so much faster, more volume of attacks, milliseconds and nanosecond attacks. So this is a huge, huge problem. I need you to break it down for me. >> Good. But then wonderful intro. No, I would say you're absolutely right. First off, security is a boardroom topic. Uh, audit committees are asking, you know, the CIO so often, you know, reports a report directly, sometimes, often not even to the CIO, to the head of legal or finance and often to the audit. >>So it's a boardroom topic then. You're right, every department right now cares about security because they've got both threat and security of nation state, all malicious, organized crime trying to come at them. But they've also got physical security mind. I mean, listen, growing a virus is a serious threat to our physical security. And we're really concerned about employees and the idea of a cyber security and physical security. We've put at VMware, cybersecurity and, and um, um, physical security. One guy, the CIO. So he actually runs vote. So I think you're absolutely right and if you're a head of HR, you care about your employees. If you're care ahead of communications, you care about your reputation and marketing the same way. If you're a finance, you care about your accounting systems and having all of the it systems that are. So we certainly think that holistic approach does, deserves a different approach to security, which is it can't be silo, silo, silo. >>It has to be intrinsic. And I've talked on your show about why intrinsic and how differentiated that intrinsic security, what I talked about this morning in my keynote. >> Well, and then again, the connect the dots there. It's not just security, it's the applications that are being built on mobile. For instance, I've got a mobile app. I have milliseconds, serious bond to whether something's yes or no. That's the app on mobile. But still the security threat is still over here and I've got the app over here. This is now the reality. And again, AirWatch was a big acquisition that you did. I also had some security. Carbon black was a $2 billion acquisition that VMware made. That's a security practice. How's it all coming together? Can you think of any questions? Blame the VMware because it's not just security, it's what's around it. >> Yeah. I think we began to see over the course of the last several years that there were certain control points and security that could help, you know, bring order to this chaos of 5,000 security vendors. >>They're all legitimate. They're all here at the show. They're good vendors. But you cannot, if you are trying to say healthy, go to a doctor and expect the doctor to tell you, eat 5,000 tablets and sailed. He just is not sustainable. It has to be baked into your diet. You eat your proteins, your vegetables, your fruit, your drink, your water. The same way we believe security needs to become intrinsically deeper parts, the platform. So what were the key platforms and control points? We decided to focus on the network, the endpoint, and you could think of endpoint as to both client and workload identity, cloud analytics. You take a few of those and network. We've been laboring the last seven years to build a definitive networking company and now a networking security company where we can do everything from data center networking, Dell firewalls to load balancing to SDN in this NSX platform. >>You remember where you bought an nice syrup. The industry woke up like what's VM ever doing in networking? We've now built on that 13,000 customers really good growing revenue business in networking and and now doing that working security. That space is fragmented across Cisco, Palo Alto, FIU, NetScaler, checkpoint Riverbed, VMware cleans that up. You get to the end point side. We saw the same thing. You know you had an endpoint management now workspace one the sequel of what AirWatch was, but endpoint security again, fragmented. You had Symantec McAfee, now CrowdStrike, tenable Qualis, you know, I mean just so many fragmented IOM. We felt like we could come in now and clean that up too, so I have to worry about to do >> well basically explaining that, but I want to get now to the next conversation point that I'm interested in operational impact because when you have all these things to operationalize, you saw that with dev ops and cloud now hybrid, you got to operationalize this stuff. >>You guys have been in the operations side of the business for our VMware. That's what you're known for and the developers and now on the horizon I gotta operationalize all the security. What do I do? I'm the CSO. I think it's really important that in understanding operations of the infrastructure, we have that control point called vSphere and we're now going to take carbon black and make it agentless on the silverside workloads, which has never been done before. That's operationalizing it at the infrastructure level. At the end point we're going to unify carbon black and workspace one into a unified agent, never been done before. That's operationalizing it on the client side. And then on the container and the dev ops site, you're going to start bringing security into the container world. We actually happened in our grade point of view in containers. You've seen us do stuff with Tansu and Kubernetes and pivotal. >>Bringing that together and data security is a very logical thing that we will add there. So we have a very good view of where the infrastructure and operations parts that we know well, a vSphere, NSX workspace one containers with 10 Xu, we're going to bring security to all of them and then bake it more and more in so it's not feeling like it's a point tool. The same platform, carbon black will be able to handle the security of all of those use cases. One platform, several use cases. Are you happy with the carbon black acquisition? Listen, you know, you stay humble and hungry. Uh, John for a fundamental reason, I've been involved with number of acquisitions from my SAP VMware days, billion dollar plus. We've done talking to us. The Harvard business review had an article several years ago, which Carney called acquisitions and majority of them fail and they feel not because of process of product they feel because good people leave. >>One of the things that we have as a recipe does acquisition. We applied that to AirWatch, we apply the deny Sera. There is usually some brain trust. You remember in the days of nice area, it was my team Cosato and the case of AirWatch. It was John Marshall and that team. We want to preserve that team to help incubate this and then what breve EV brings a scale, so I'm delighted about Patrick earlier. I want to have him on your show next time because he's now the head of our security business unit. He's culturally a fit for the mr. humble, hungry. He wants to see just, we were billion dollar business now with security across networking endpoint and then he wants to take just he's piece of it, right? The common black piece of it, make it a billion dollar business while the overall security business goes from three to five. >>And I think we're going to count them for many years to come to really be a key part of VMware's fabric, a great leader. So we're successful. If he's successful, what's my job then? He reports to me is to get all the obstacles out of the way. Get every one of my core reps to sell carbon black. Every one of the partners like Dell to sell carbon black. So one of the deals we did within a month is Dell has now announced that their preferred solution on at Dell laptops, this carbon bike, they will work in the past with silence and crowd CrowdStrike. Now it's common black every day laptop now as a default option. That's called blank. So as we do these, John, the way we roll is one on here to basically come in and occupy that acquisition, get the obstacles out of the way, and that let Patrick scaled us the same way. >>Martine Casado or jumbo. So we have a playbook. We're gonna apply that playbook. Stay humble and hungry. And you ask me that question every year. How are we doing a carbon black? I will be saying, I love you putting a check on you. It will be checking in when we've done an AirWatch. What do you think? Pretty good. Very good. I think good. Stayed line to the radar. Kept growing. It's top right. Known every magic quadrant. That business is significant. Bigger than the 100 million while nice here. How do we do a nice hero? NSX? It's evolved quite a bit. It's evolved. So this is back to the point. VMware makes bets. So unlike other acquisitions where they're big numbers, still big numbers, billions or billions, but they're bets. AirWatch was a good bet. Turned out okay. That the betting, you're being conservative today anyway. That's it. You're making now. >>How would you classify those bets? What are the big bets that you're making right now? Listen, >> I think there's, um, a handful of them. I like to think of things as no more than three to five. We're making a big bet. A multi-cloud. Okay. The world is going to be private, public edge. You and us have talked a lot about VMware. AWS expanded now to Azure and others. We've a big future that private cloud, public cloud edge number two, we're making a big bet on AB motorization with the container level 10 zoos. I think number three, we're making a big bet in virtual cloud networking cause we think longterm there's going to be only two networking companies in matter, VMware and Cisco. Number four, we're making a big bet in the digital workspace and build on what we've done with AirWatch and other technologies. Number five, and make it a big bet security. >>So these five we think of what can take the company from 10 to 20 billion. So we, you know, uh, we, we've talked about the $10 billion Mark. Um, and the next big milestone for the company is a 20 billion ball Mark. And you have to ask yourself, can you see this company with these five bets going from where they are about a 10 billion revenue company to 20. Boom. We hope again, >> Dave, a lot that's doing a braking and now he might've already shipped the piece this morning on multi-cloud. Um, he and I were commenting that, well, I said it's the third wave of cloud computing, public cloud, hybrid multi-cloud and hybrids, the first step towards multi-cloud. Everyone kind of knows that. Um, but I want to ask you, because I told Dave and we kind of talked about this is a multi-decade growth opportunity, wealth creation, innovation, growth, new opportunity multicloud for the generation. >>Take the, this industry the next level. How do you see that multicloud wave? Do you agree on the multigenerational and if so, what specifically do you see that unfolding into this? And I'm deeply inspired by what Andy Jassy, Satya Nadella, you know, the past leading up to Thomas Korea and these folks are creating big cloud businesses. Amazon's the biggest, uh, in the iOS pass world. Azure is second, Google is third, and just market shares. These folks collectively are growing, growing really well. In some senses, VM-ware gets to feed off that ecosystem in the public cloud. So we are firm believers in what you're described. Hybrid cloud is the pot to the multicloud. We coined that term hybrid thought. In fact, the first incantation of eco there was called via cloud hybrid service. So we coined the term hybrid cloud, but the world is not multi-cloud. The the, the key though is that I don't think you're gonna walk away from those three clouds I mentioned have deep pockets. >>Then none of them are going away and they're going to compete hard with each other. The market shares may stay the same. Our odd goal is to be a Switzerland player that can help our customers take VM or workloads, optimize them in the private cloud first. Okay? When a bank of America says on their earnings caller, Brian Warren and said, I can run a private cloud better than a public cloud and I can save 2 billion doing that, okay? It turns off any of the banks are actually running on VMware. That's their goal. But there are other companies like Freddie Mac, we're going all in with Amazon. We want to ride the best of both worlds. If you're a private cloud, we're going to make you the most efficient private cloud, VMware software, well public cloud, and going to Amazon like a Freddie Mac will help you ride your apps into that through VMware. >>So sometimes history can be a predictor of future behavior. And just to kind of rewind the computer industry clock, if you looked at mainframe mini-computers, inter networking, internet proprietary network operating systems dominated it, but you saw the shift and it was driven by choice for customers, multiple vendors, interoperability. So to me, I think cloud multicloud is going to come down to the best choice for the workload and then the environment of the business. And that's going to be a spectrum. But the key in that is multi-vendor, multi, a friend choice, multi-vendor, interoperability. This is going to be the next equation in the modern error. It's not gonna look the same as mainframe mini's networking, but it'll create the next Cisco, the create the next new brand that may or may not be out there yet that might be competing with you or you might be that next brand. >>So interoperability, multi-vendor choice has been a theme in open systems for a long time. Your reactions, I think it's absolutely right, John, you're onto something there. Listen, the multicloud world is almost a replay of the multi hardware system world. 20 years ago, if you asked who was a multi hardware player before, it was Dell, HP at the time, IBM, now, Lenovo, EMC, NetApp, so and so forth and Silva storage, networking. The multicloud world today is Amazon, Azure, Google. If you go to China, Alibaba, so on and so forth. A Motiva somebody has to be a Switzerland player that can serve the old hardware economy and the new hardware economy, which is the, which is the cloud and then of course, don't forget the device economy of Apple, Google, Microsoft, there too. I think that if you have some fundamental first principles, you expressed one of them. >>Listen where open source exists, embrace it. That's why we're going big on Kubernetes. If there are multiple clouds, embrace it. Do what's right for the customer, abstract away. That's what virtualization is. Managed common infrastructure across Ahmed, which is what our management principles are, secure things. At the point of every device and every workload. So those are the principles. Now the engineering of it changes. The way in which we're doing virtualization today in 2020 is slightly different from when Diane started the company and around the year 2020 years ago. But the principals are saying, we're just not working just with the hardware vendors working toward the cloud vendors. So using choices where it's at, the choice is what they want. Absolutely, absolutely. And you're right. It's choice because it was the big workloads. We see, for example, Amazon having a headstart in the public cloud markets, but there's some use cases where Azure is applicable. >>Some use his word, Google's applicable, and to us, if the entire world was only one hardware player or only one cloud player, only one device player, you don't need VMware. We thrive in heterogeneity. It's awesome. I love that word. No heterogeneity provides not 3000 vendors. There's almost three, three of every kind, three silver vendors, three storage vendors, three networking vendors, three cloud vendors, three device vendors. We was the middle of all of it. And yeah, there may be other companies who tried to do that too. If they are, we should learn from them, do it better than them. And competition even to us is a good thing. All right. My final question for you is in the, yeah, the Dell technologies family of which VMware is a part of, although big part of it, the crown jewel as we've been calling them the cube, they announced RSA is being sold to a private equity company. >>What's the general reaction amongst VMware folks and the, and the Dell technology family? Good move, no impact. What we support Dell and you know, all the moves that they've made. Um, and from our perspective, you know, if we're not owning it, we're going to partner it. So I see no overlap with RSA. We partner with them. They've got three core pillars, secure ID, net witness and Archer. We partnered with them very well. We have no aspirations to get into those aspects of governance. Risk and compliance or security has been, so it's a partner. So whoever's running it, Rohit runs on very well. He also owns the events conference. We have a great relationship and then we'll keep doing that. Well, we are focused in the areas I described, network, endpoint security. And I think what Michael has done brilliantly through the course of the last few years is set up a hardware and systems company in Dell and allow the software company called Vima to continue to operate. >>And I think, you know, the movement of some of these assets between the companies like pivotal to us and so on and so forth, cleans it up so that now you've got both these companies doing well. Dell has gone public, we Hammer's gone public and he has said on the record, what's good for Dell is good, what's good for VMware and vice versa and good for the customer. And I think the key is there's no visibility on what cloud native looks like. Hybrid, public, multi, multi, not so much. But you get almost, it's an easy bridge to get across and get there. AI, cyber are all big clear trends. They're waves. Sasha. Great. Thank you. Thanks for coming on. Um, your thoughts on the security show here. Uh, what's your, what's your take to, uh, definitive security shows? I hope it stays that way. Even with the change of where RSA is. >>Ownership goes is this conference in black hat and we play in both, uh, Amazon's conference. I was totally starting to, uh, reinforce, reinforce cloud security will show up there too. Uh, but we, we think, listen, there's what, 30,000 people here. So it's a force. It's a little bit like VMworld. We will play here. We'll play a big, we've got, you know, it just so happens because the acquisition happened before we told them, but we have two big presences here. We were at carbon black, um, and it's an important business for us. And I said, like I said, we have $1 billion business and security today by 30,000 customers using us in a security network, endpoints cloud. I want to take that to be a multi, multiple times that size. And I think there's a pot to do that because it's an adjacent us and security. So we have our own kind of selfish motives here in terms of getting more Mindshare and security. >>We did a keynote this morning, which was well received with Southwest airlines. She did a great job. Carrie Miller, she was a fantastic speaker and it was our way of showing in 20 minutes, not just to our point of view, because you don't want to be self serving a practitioner's point of view. And that's what's really important. Well finally on a personal note, um, you know, I always use the term tech athlete, which I think you are one, you really work hard and smart, but I got to get your thoughts. But then I saw you're not on Twitter. I'm on. When IBM announced a new CEO, Arvin, um, fishnet Indian American, another CEO, this is a pattern. We're starting to see Indian American CEOs running cup American companies because this is the leadership and it's really a great thing in my mind, I think is one of the most successful stories of meritocracy of all time. >>You're quick. I'm a big fan of oven, big fan of Shantanu, Sundar Pichai, something that Ellen, many of them are close friends of mine. Uh, many of them have grown up in Southern India. We're a different ages. Some of them are older than me and in many cases, you know, we were falling behind other great players like Vino Cosla who came even 10 to 15 years prior. And you know, it's hard for an immigrant in this country. You know, um, when I first got here and I came as an immigrant to Dartmouth college, there may have been five or 10 Brown skin people in the town of Hanover, New Hampshire. I don't know if you've been to New Hampshire. I've been there, there's not many at that time. And then the late 1980s, now of course, there's much more, uh, so, you know, uh, we stay humble and hungry. >>There's a part of our culture in India that's really valued education and hard work and people like Arvin and some of these other people are products. I look up to them, the things I learned from them. And um, you know, it's true of India. It's a really good thing to see these people be successful at name brand American companies, whether it's IBM or Microsoft or Google or Adobe or MasterCard. So we're, we're, I'm in that fan club and there's a lot I learned from that. I just love being around people who love entrepreneurship, love innovation, love technology, and work hard. So congratulations. Thank you so much for your success. Great to see you again soon as you put in the COO of VM-ware here on the ground floor here at RSA conference at Moscone, sharing his insight into the security practice that is now carbon black and VMware. All the good things that are going on there. Thanks for watching.

whether you're just getting started in terms of transforming your data center modernizing looking at hyperconvergence infrastructure or whether you're building out your cloud strategy thinking about private public distributed clouds Nutanix and the partners that you met here are committed to helping you on that journey I am very excited and proud to share that together we have made quite an impact on the four organizations that were here at dot next is part of our dot heart initiative girls intact the women's Sports Foundation move the foundation for hospital art and workforce opportunity services we have thanks to your generosity donated more than 7,500 dollars now we have a couple more hours to go to get to ten thousand and I know that we can do it so thank you so much for your generosity and be sure to take advantage of the last couple of hours I'm a solutions Expo to grab some tokens and get us to ten thousand dollars it is also my pleasure in the spirit of giving to award this tricked-out Nutanix colored Trek bicycle to one lucky winner from our social contest trek has been a customer of newt annexes since 2014 and like Nutanix they share a number of business values around giving back into the community creating positive change building things that last memories relationships products and so I'd like to take a moment to please welcome back out to stage Nutanix CMO Ben Gibson to help me do the honors [Music] [Applause] welcome back hey Julie that's a gorgeous bike yeah lights it's very like carbon fiber frame look at this thing Wow sleek can you tell me a little bit about it you know Julie this bike I mentioned before I'm a cyclist this is not only in beautiful Nutanix brand color it's got top-of-the-line component REE Shimano El Tigre this thing all comes together I'd like to think of this as hyperconvergence for the cyclist just as beautiful the same impute value it does have a Nutanix monkey on the front all right so we ready to unveil our winner let's do it all right so the winner of the trek social contest is Rob chlorine are you here yeah now Rob yeah come on up you got to come you know check this out we're not gonna ask you to clip in well actually maybe you should clip in I'm not sure we can ship it home for you so maybe you just ride it all the way home where you from New York from New York it's just a short ride back up there congratulations Rob we'll get this ship to you awesome thank you I think we have someone help you out done okay been in the spirit of giving I think I'm just gonna continue let the good times roll yeah in the beginning yesterday you also put out a challenge to our next audience trying to find the Easter eggs that were in the brand video yeah so we got some good responses people were hunting watching the video if you look carefully you could see some of these Easter eggs that were popping up on this video you look carefully you see some Nutanix logo you see prism up on the screen for someone who's showing freedom to get a lot of work done the one my favorite actually is number three there that's artistic the Nutanix acts in the sky so Julie we had a lot of people that tweet it in to try to identify and we have a winner don't worry yeah it was a little bit harder than I think people thought but there was one lucky winner who was one of the first people to find the Nutanix Easter eggs and that is Chad door are you here dad or are you here so you'll recall Chad gets to join us at dot next 2019 all expenses paid airfare hotel and pass very good we also intrude on X fashion like to reward the person who's been the most active on our mobile app so this is someone who's been giving us feedback being part of the community very prolific with the dot next app so congratulations to Faizal Joe waves if you are here you also will be joining us at Sonic's 2019 on us and then how many people are interested in the Nook anyone understand if we were given away all right congratulations to Mike Gellar nice job Mike so we have given away two prizes all expenses paid to dot next 2019 however we haven't mentioned where that's going to be Julie where is dot next 2019 well I think maybe in the spirit of the the culinary theme that we've been on we had Anthony Bourdain on stage we could make us a challenge we will throw out three culinary hints to you Nutanix employers you may not play and I think I have oh I do I have one more science cookbook for whoever gets it right all right so everything you get it right shout it out we've got people in the audience you're gonna be listening and then why don't you do the honors of the first clue all right first hint we're going to a place that's going undergoing a culinary revolution there's a famous chef named Jimmy Martinez just opened up a new restaurant renowned for handcrafted tacos I'm not sure with mr. Modine would say about that but handcrafted they sound delicious to me no I'm here too a few coming out let me give you a second I don't I'm not hearing it this city is also renowned the city is also renowned for celebrating the medieval era so you can enjoy a four-course meal while you're watching nice just for their honor I haven't yet say it again Anaheim yes so you will be joining us dot next 2019 in the sunny Southern California area of Anaheim so please mark your calendars May 7 through 9 and then of course if you really enjoyed the learning and the fun that we had this week and maybe some of your teammates weren't able to join you we will be out on dot next on tour coming to a city near you and if you enjoy the conference experience and would like to participate six months from now across the pond please feel free to join us at Dominic's conference in London from November 27th through 29 and I think maybe one of the the high notes to end on then might be to circle back on freedom yeah you know like I said when I opened our show this week this is a community we talked about enterprise cloud we explored a lot around what invisibility means and what we're achieving together on that front and we talked about why why are we together on it's about realizing new freedoms freedoms to build the data so do you want to build all the way through to freedom to play and I was at the party last night and I saw a good deal play last night too you know we were thrilled to have you join us here this week as a continuation of this growing community I want to thank you for your time and your energy and your engagement to make this what it is and I thought also I wanted to mention a couple things first of all thank you to all the wonderful Nutanix engineers and employees that worked so hard to bring this all together and there's two people in particular I want to acknowledge as part of our Newt annex family and broader community here that really put their heart and soul into making this experience what it is the first is Aaron Alonso and her wonderful team who create this entire event thank you very much Aaron amazing there's another gentleman named Rohit Goyal and he's not the only one but Rohit more than anyone else and his colleagues spend immeasurable amounts of time creating the wonderful content that showed up in all of our breakout sessions Rohit thank you so much and as a reminder those breakout sessions actually continue our last said right after this session here we'll go to our last set of breakout sessions and then we're going to depart for home so again Julie and I both thank you so much for being a part of this week hope to see you in London and if not London I heard a yes and if not London certainly we'll see you in Southern California beautiful Anaheim next year thank you so much baby thank you Jordao free [Applause] ladies and gentlemen this concludes our afternoon keynote breakout sessions will begin in 20 minutes