(upbeat music) >> Welcome back to Supercloud 2. This is Dave Vellante. We're here exploring the intersection of data and analytics in the future of cloud and data. In this segment, we're going to look deeper into the life sciences business with Jesse Cugliotta, who leads the Healthcare and Life Sciences industry practice at Snowflake. And Nicholas Nick Taylor, who's the executive director of Informatics at Ionis Pharmaceuticals. Gentlemen, thanks for coming in theCUBE and participating in the program. Really appreciate it. >> Thank you for having us- >> Thanks for having me. >> You're very welcome, okay, we're go really try to look at data sharing as a use case and try to understand what's happening in the healthcare industry generally and specifically, how Nick thinks about sharing data in a governed fashion whether tapping the capabilities of multiple clouds is advantageous long term or presents more challenges than the effort is worth. And to start, Jesse, you lead this industry practice for Snowflake and it's a challenging and vibrant area. It's one that's hyper-focused on data privacy. So the first question is, you know there was a time when healthcare and other regulated industries wouldn't go near the cloud. What are you seeing today in the industry around cloud adoption and specifically multi-cloud adoption? >> Yeah, for years I've heard that healthcare and life sciences has been cloud diverse, but in spite of all of that if you look at a lot of aspects of this industry today, they've been running in the cloud for over 10 years now. Particularly when you look at CRM technologies or HR or HCM, even clinical technologies like EDC or ETMF. And it's interesting that you mentioned multi-cloud as well because this has always been an underlying reality especially within life sciences. This industry grows through acquisition where companies are looking to boost their future development pipeline either by buying up smaller biotechs, they may have like a late or a mid-stage promising candidate. And what typically happens is the larger pharma could then use their commercial muscle and their regulatory experience to move it to approvals and into the market. And I think the last few decades of cheap capital certainly accelerated that trend over the last couple of years. But this typically means that these new combined institutions may have technologies that are running on multiple clouds or multiple cloud strategies in various different regions to your point. And what we've often found is that they're not planning to standardize everything onto a single cloud provider. They're often looking for technologies that embrace this multi-cloud approach and work seamlessly across them. And I think this is a big reason why we, here at Snowflake, we've seen such strong momentum and growth across this industry because healthcare and life science has actually been one of our fastest growing sectors over the last couple of years. And a big part of that is in fact that we run on not only all three major cloud providers, but individual accounts within each and any one of them, they had the ability to communicate and interoperate with one another, like a globally interconnected database. >> Great, thank you for that setup. And so Nick, tell us more about your role and Ionis Pharma please. >> Sure. So I've been at Ionis for around five years now. You know, when when I joined it was, the IT department was pretty small. There wasn't a lot of warehousing, there wasn't a lot of kind of big data there. We saw an opportunity with Snowflake pretty early on as a provider that would be a lot of benefit for us, you know, 'cause we're small, wanted something that was fairly hands off. You know, I remember the days where you had to get a lot of DBAs in to fine tune your databases, make sure everything was running really, really well. The notion that there's, you know, no indexes to tune, right? There's very few knobs and dials, you can turn on Snowflake. That was appealing that, you know, it just kind of worked. So we found a use case to bring the platform in. We basically used it as a logging replacement as a Splunk kind of replacement with a platform called Elysium Analytics as a way to just get it in the door and give us the opportunity to solve a real world use case, but also to help us start to experiment using Snowflake as a platform. It took us a while to A, get the funding to bring it in, but B, build the momentum behind it. But, you know, as we experimented we added more data in there, we ran a few more experiments, we piloted in few more applications, we really saw the power of the platform and now, we are becoming a commercial organization. And with that comes a lot of major datasets. And so, you know, we really see Snowflake as being a very important part of our ecology going forward to help us build out our infrastructure. >> Okay, and you are running, your group runs on Azure, it's kind of mono cloud, single cloud, but others within Ionis are using other clouds, but you're not currently, you know, collaborating in terms of data sharing. And I wonder if you could talk about how your data needs have evolved over the past decade. I know you came from another highly regulated industry in financial services. So what's changed? You sort of touched on this before, you had these, you know, very specialized individuals who were, you know, DBAs, and, you know, could tune databases and the like, so that's evolved, but how has generally your needs evolved? Just kind of make an observation over the last, you know, five or seven years. What have you seen? >> Well, we, I wasn't in a group that did a lot of warehousing. It was more like online trade capture, but, you know, it was very much on-prem. You know, being in the cloud is very much a dirty word back then. I know that's changed since I've left. But in, you know, we had major, major teams of everyone who could do everything, right. As I mentioned in the pharma organization, there's a lot fewer of us. So the data needs there are very different, right? It's, we have a lot of SaaS applications. One of the difficulties with bringing a lot of SaaS applications on board is obviously data integration. So making sure the data is the same between them. But one of the big problems is joining the data across those SaaS applications. So one of the benefits, one of the things that we use Snowflake for is to basically take data out of these SaaS applications and load them into a warehouse so we can do those joins. So we use technologies like Boomi, we use technologies like Fivetran, like DBT to bring this data all into one place and start to kind of join that basically, allow us to do, run experiments, do analysis, basically take better, find better use for our data that was siloed in the past. You mentioned- >> Yeah. And just to add on to Nick's point there. >> Go ahead. >> That's actually something very common that we're seeing across the industry is because a lot of these SaaS applications that you mentioned, Nick, they're with from vendors that are trying to build their own ecosystem in walled garden. And by definition, many of them do not want to integrate with one another. So from a, you know, from a data platform vendor's perspective, we see this as a huge opportunity to help organizations like Ionis and others kind of deal with the challenges that Nick is speaking about because if the individual platform vendors are never going to make that part of their strategy, we see it as a great way to add additional value to these customers. >> Well, this data sharing thing is interesting. There's a lot of walled gardens out there. Oracle is a walled garden, AWS in many ways is a walled garden. You know, Microsoft has its walled garden. You could argue Snowflake is a walled garden. But the, what we're seeing and the whole reason behind the notion of super-cloud is we're creating an abstraction layer where you actually, in this case for this use case, can share data in a governed manner. Let's forget about the cross-cloud for a moment. I'll come back to that, but I wonder, Nick, if you could talk about how you are sharing data, again, Snowflake sort of, it's, I look at Snowflake like the app store, Apple, we're going to control everything, we're going to guarantee with data clean rooms and governance and the standards that we've created within that platform, we're going to make sure that it's safe for you to share data in this highly regulated industry. Are you doing that today? And take us through, you know, the considerations that you have in that regard. >> So it's kind of early days for us in Snowflake in general, but certainly in data sharing, we have a couple of examples. So data marketplace, you know, that's a great invention. It's, I've been a small IT shop again, right? The fact that we are able to just bring down terabyte size datasets straight into our Snowflake and run analytics directly on that is huge, right? The fact that we don't have to FTP these massive files around run jobs that may break, being able to just have that on tap is huge for us. We've recently been talking to one of our CRO feeds- CRO organizations about getting their data feeds in. Historically, this clinical trial data that comes in on an FTP file, we have to process it, take it through the platforms, put it into the warehouse. But one of the CROs that we talked to recently when we were reinvestigate in what data opportunities they have, they were a Snowflake customer and we are, I think, the first production customer they have, have taken that feed. So they're basically exposing their tables of data that historically came in these FTP files directly into our Snowflake instance now. We haven't taken advantage of that. It only actually flipped the switch about three or four weeks ago. But that's pretty big for us again, right? We don't have to worry about maintaining those jobs that take those files in. We don't have to worry about the jobs that take those and shove them on the warehouse. We now have a feed that's directly there that we can use a tool like DBT to push through directly into our model. And then the third avenue that's came up, actually fairly recently as well was genetics data. So genetics data that's highly, highly regulated. We had to be very careful with that. And we had a conversation with Snowflake about the data white rooms practice, and we see that as a pretty interesting opportunity. We are having one organization run genetic analysis being able to send us those genetic datasets, but then there's another organization that's actually has the in quotes "metadata" around that, so age, ethnicity, location, et cetera. And being able to join those two datasets through some kind of mechanism would be really beneficial to the organization. Being able to build a data white room so we can put that genetic data in a secure place, anonymize it, and then share the amalgamated data back out in a way that's able to be joined to the anonymized metadata, that could be pretty huge for us as well. >> Okay, so this is interesting. So you talk about FTP, which was the common way to share data. And so you basically, it's so, I got it now you take it and do whatever you want with it. Now we're talking, Jesse, about sharing the same copy of live data. How common is that use case in your industry? >> It's become very common over the last couple of years. And I think a big part of it is having the right technology to do it effectively. You know, as Nick mentioned, historically, this was done by people sending files around. And the challenge with that approach, of course, while there are multiple challenges, one, every time you send a file around your, by definition creating a copy of the data because you have to pull it out of your system of record, put it into a file, put it on some server where somebody else picks it up. And by definition at that point you've lost governance. So this creates challenges in general hesitation to doing so. It's not that it hasn't happened, but the other challenge with it is that the data's no longer real time. You know, you're working with a copy of data that was as fresh as at the time at that when that was actually extracted. And that creates limitations in terms of how effective this can be. What we're starting to see now with some of our customers is live sharing of information. And there's two aspects of that that are important. One is that you're not actually physically creating the copy and sending it to someone else, you're actually exposing it from where it exists and allowing another consumer to interact with it from their own account that could be in another region, some are running in another cloud. So this concept of super-cloud or cross-cloud could becoming realized here. But the other important aspect of it is that when that other- when that other entity is querying your data, they're seeing it in a real time state. And this is particularly important when you think about use cases like supply chain planning, where you're leveraging data across various different enterprises. If I'm a manufacturer or if I'm a contract manufacturer and I can see the actual inventory positions of my clients, of my distributors, of the levels of consumption at the pharmacy or the hospital that gives me a lot of indication as to how my demand profile is changing over time versus working with a static picture that may have been from three weeks ago. And this has become incredibly important as supply chains are becoming more constrained and the ability to plan accurately has never been more important. >> Yeah. So the race is on to solve these problems. So it start, we started with, hey, okay, cloud, Dave, we're going to simplify database, we're going to put it in the cloud, give virtually infinite resources, separate compute from storage. Okay, check, we got that. Now we've moved into sort of data clean rooms and governance and you've got an ecosystem that's forming around this to make it safer to share data. And then, you know, nirvana, at least near term nirvana is we're going to build data applications and we're going to be able to share live data and then you start to get into monetization. Do you see, Nick, in the near future where I know you've got relationships with, for instance, big pharma like AstraZeneca, do you see a situation where you start sharing data with them? Is that in the near term? Is that more long term? What are the considerations in that regard? >> I mean, it's something we've been thinking about. We haven't actually addressed that yet. Yeah, I could see situations where, you know, some of these big relationships where we do need to share a lot of data, it would be very nice to be able to just flick a switch and share our data assets across to those organizations. But, you know, that's a ways off for us now. We're mainly looking at bringing data in at the moment. >> One of the things that we've seen in financial services in particular, and Jesse, I'd love to get your thoughts on this, is companies like Goldman or Capital One or Nasdaq taking their stack, their software, their tooling actually putting it on the cloud and facing it to their customers and selling that as a new monetization vector as part of their digital or business transformation. Are you seeing that Jesse at all in healthcare or is it happening today or do you see a day when that happens or is healthier or just too scary to do that? >> No, we're seeing the early stages of this as well. And I think it's for some of the reasons we talked about earlier. You know, it's a much more secure way to work with a colleague if you don't have to copy your data and potentially expose it. And some of the reasons that people have historically copied that data is that they needed to leverage some sort of algorithm or application that a third party was providing. So maybe someone was predicting the ideal location and run a clinical trial for this particular rare disease category where there are only so many patients around the world that may actually be candidates for this disease. So you have to pick the ideal location. Well, sending the dataset to do so, you know, would involve a fairly complicated process similar to what Nick was mentioning earlier. If the company who was providing the logic or the algorithm to determine that location could bring that algorithm to you and you run it against your own data, that's a much more ideal and a much safer and more secure way for this industry to actually start to work with some of these partners and vendors. And that's one of the things that we're looking to enable going into this year is that, you know, the whole concept should be bring the logic to your data versus your data to the logic and the underlying sharing mechanisms that we've spoken about are actually what are powering that today. >> And so thank you for that, Jesse. >> Yes, Dave. >> And so Nick- Go ahead please. >> Yeah, if I could add, yeah, if I could add to that, that's something certainly we've been thinking about. In fact, we'd started talking to Snowflake about that a couple of years ago. We saw the power there again of the platform to be able to say, well, could we, we were thinking in more of a data share, but could we share our data out to say an AI/ML vendor, have them do the analytics and then share the data, the results back to us. Now, you know, there's more powerful mechanisms to do that within the Snowflake ecosystem now, but you know, we probably wouldn't need to have onsite AI/ML people, right? Some of that stuff's very sophisticated, expensive resources, hard to find, you know, it's much better for us to find a company that would be able to build those analytics, maintain those analytics for us. And you know, we saw an opportunity to do that a couple years ago and we're kind of excited about the opportunity there that we can just basically do it with a no op, right? We share the data route, we have the analytics done, we get the result back and it's just fairly seamless. >> I mean, I could have a whole another Cube session on this, guys, but I mean, I just did a a session with Andy Thurai, a Constellation research about how difficult it's been for organization to get ROI because they don't have the expertise in house so they want to either outsource it or rely on vendor R&D companies to inject that AI and machine intelligence directly into applications. My follow-up question to you Nick is, when you think about, 'cause Jesse was talking about, you know, let the data basically stay where it is and you know bring the compute to that data. If that data lives on different clouds, and maybe it's not your group, but maybe it's other parts of Ionis or maybe it's your partners like AstraZeneca, or you know, the AI/ML partners and they're potentially on other clouds or that data is on other clouds. Do you see that, again, coming back to super-cloud, do you see it as an advantage to be able to have a consistent experience across those clouds? Or is that just kind of get in the way and make things more complex? What's your take on that, Nick? >> Well, from the vendors, so from the client side, it's kind of seamless with Snowflake for us. So we know for a fact that one of the datasets we have at the moment, Compile, which is a, the large multi terabyte dataset I was talking about. They're on AWS on the East Coast and we are on Azure on the West Coast. And they had to do a few tweaks in the background to make sure the data was pushed over from, but from my point of view, the data just exists, right? So for me, I think it's hugely beneficial that Snowflake supports this kind of infrastructure, right? We don't have to jump through hoops to like, okay, well, we'll download it here and then re-upload it here. They already have the mechanism in the background to do these multi-cloud shares. So it's not important for us internally at the moment. I could see potentially at some point where we start linking across different groups in the organization that do have maybe Amazon or Google Cloud, but certainly within our providers. We know for a fact that they're on different services at the moment and it just works. >> Yeah, and we learned from Benoit Dageville, who came into the studio on August 9th with first Supercloud in 2022 that Snowflake uses a single global instance across regions and across clouds, yeah, whether or not you can query across you know, big regions, it just depends, right? It depends on latency. You might have to make a copy or maybe do some tweaks in the background. But guys, we got to jump, I really appreciate your time. Really thoughtful discussion on the future of data and cloud, specifically within healthcare and pharma. Thank you for your time. >> Thanks- >> Thanks for having us. >> All right, this is Dave Vellante for theCUBE team and my co-host, John Furrier. Keep it right there for more action at Supercloud 2. (upbeat music)

(upbeat music) >> Hello, brilliant cloud community, and welcome back to AWS re:Invent. We are here in Las Vegas, Nevada. I'm Savannah Peterson, joined by my co-host Dave Vellante. Dave, how you doing? >> I'm doing well, thanks, yeah. >> Yeah, I feel like... >> I'm hanging in there. >> you've got a lot of pep in your step today for the fourth day. >> I think my voice is coming back, actually. >> (laughs) Look at you, resilient. >> I was almost lost yesterday, yeah. >> Yeah. (laughs) >> So, I actually, at a Hitachi event one time almost completely lost my voice. The production guys pulled me off. They said, "You're done." (Savannah laughing) They gave me the hook. >> You got booted? >> Dave: Yeah, yeah. >> Yeah, yeah, you actually (laughs) got the hook, wow. >> So, I have good memories of Hitachi. >> I was going to say (Dave laughing) interesting that you mentioned Hitachi. Our two guests this morning are from Hitachi. Sid and KP, welcome to the show. >> Thank you. >> Savannah: How you guys doing? Looking great for day four. >> Great. Thank you. >> Great. >> Hanging in there. >> Thank you, Dave and Savannah. (Savannah laughing) >> Dave: Yeah, cool. >> Savannah: Yeah. (laughs) >> Yeah, it was actually a Pentaho thing, right? >> Oh, Pentaho? Yeah. >> Which kind of you guys into that software edge. It was right when you announced the name change to Hitachi Vantara, which is very cool. I had Brian Householder on. You remember Brian? >> Yeah, I know. >> He was explaining the vision, and yeah (indistinct). >> Yeah. Well, look at you a little Hitachi (indistinct). >> Yeah, I've been around a long time, yeah. >> Yeah, all right. (Dave laughing) >> Just a casual flex to start us off there, Dave. I love it. I love it. Sid, we've talked a lot on the show about delivering outcomes. It's a hot theme. Everyone wants to actually have tangible business outcomes from all of this. How are customers realizing value from the cloud? What does that mean? >> See, still 2007, 2008, it was either/or kind of architecture. Either I'm going to execute my use cases on cloud or I'm going to keep my use cases and outcomes through edge. But in the last four or five years and specifically we are in re:Invent, I would talk about AWS. Lot of the power of hyperscalers has been brought to edge. If you talk about the snowball family of AWS, if you talk about monitor on edge devices, if you talk about the entire server list being brought into Lambda coupled inside snowball, now the architecture premise, if I talk about logical shift is end. Now the customers are talking about executing the use cases between edge and cloud. So, there is a continuum rather than a binary bullion decision. So, if you are talking about optimizing a factory, earlier I'll do the analytics at cloud, and I'll do machine on edge. Now it is optimization of a factory outcome at scale across my entire manufacturing where edge, private cloud, AWS, hyperscalers, everything is a continuum. And the customer is not worried about where, which part of my data ops, network ops, server ops storage ops is being executed. >> Savannah: It's like (indistinct). >> The customer is enjoying the use cases. And the orchestration is abstracted through an industrial player like Hitachi working very collaboratively with AWS. So, that is how we are working on industrial use cases right now. >> You brought up manufacturing. I don't think there's been a hotter conversation around supply chain and manufacturing than there has been the last few years. I can imagine taking that guessing game out for customers is a huge deal for you guys. >> Big because if you look at the world today, right from a safety pin, to a cell phone jacket, to a cell phone, the entire supply chain is throttled. The supply chain is throttled because there are various choke points. >> Savannah: Yeah. >> And each choke points is surrounded by different kind of supply and geopolitical issues. >> Savannah: 100%. >> Now, if we talk about the wheat crisis happening because of the Ukraine-Russia war, but the wheat crisis actually creates a multiple string of impacts which impact everything. Silicon, now we talk about silicon, but we then forget about nickel. Nickel is also controlled in one part of that geopolitical conflict. So, everything is getting conflagrated into a very big supply issue. So, if your factories are not performing beyond optimum, if they are not performing at real, I'm, we are talking about factory, hyperscale of the factory. The factory needs to perform at hyperscale to provide what the world needs today. So, we are in a very different kind of a scenario. Some of the economists call it earlier the recession was because of a demand constraint. The demand used to go down. Today's recession is because the supply is going down. The demand is there, but the supply is going down. And there is a different kind of recession in the world. The supply is what is getting throttled. >> And the demand is somewhat unpredictable too. People, you know, retailers, they've... >> Especially right now. >> kind of messed up their inventory. And so, the data is still siloed. And that's where, you know, you get to, okay, can I have the same experience across clouds, on-prem, out to the edge? Kind of bust those silos. >> Yep. >> You know, I dunno if it's, it's certainly not entirely a data problem. There's (laughs), like you say, geopolitical and social issues. >> Savannah: There's so much complexity. >> But there's a data problem too. >> Yes. >> Big. >> So, I wonder if you could talk about your sort of view of, point of view on that cross-cloud, hybrid, out to the edge, what I call super cloud? >> Absolutely. So, today, if you look at how enterprises are adopting cloud or how they're leveraging cloud, it's not just a hosting platform, right? It is the platform from where they can draw business capabilities. You heard in the re:Invent that Amazon is coming up with a supply chain service out of the box in the cloud. That's the kind of capabilities that business wants to draw from cloud today. So, the kind of multicloud or like hybrid cloud, public cloud, private cloud, those are the things which are kind of going to be behind the scenes. At the end of the day, the cloud needs to be able to support businesses by providing their services closer to their consumers. So, the challenges are going to be there in terms of like reliability, resilience, cost, security. Those are the ones that, you know, many of the enterprises are grappling with in terms of the challenges. And the way to solve that, the way how we approach our customers and work with them is to be able to bring resilience into the cloud, into the services which are running in cloud, and by driving automation, making autonomous in everything that you do, how you are monitoring your services, how we are making it available, how we are securing it, how we are making it very cost-effective as well. It cannot be manually executed; it has to be automated. So, automation is the key in terms of making the services leveraged from all of this cloud. >> That's your value add. >> Absolutely. >> And how do I consume that value add? Is it sort of embedded into infrastructure? Is it a service layer on top? >> Yeah, so everything that we do today in terms of like how these services have to be provided, how the services have to be consumed, there has to be a modern operating model, right? I think this is where Hitachi has come up with what we are calling as Hitachi Application Reliability Center and Services. That is focusing on modern operating, modern ways of like, you know, how you support these cloud workloads and driving this automation. So, whether we provide a hyper-converged infrastructure that is going to be at the edge location, or we are going to be able to take a customer through the journey of modernization or migrating onto cloud, the operating model that is going to be able to establish the foundation on cloud and then to be able to operate with the right levels of reliability, security, cost is the key. And that's the value added service that we provide. And then the way we do that is essentially by looking at three principles: one, to look at the service in totality. Gone are the days you look at infrastructure separately, applications separately, data and security separately, right? >> Savannah: No more silos. >> No more silos. You look at it as a workload, and you look at it as a service. And number two is to make sure that the DevOps that you bring and what you do at the table is totally integrated and it's end to end. It's not a product team developing a feature and then ops team trying to keep the lights on. It has to be a common backlog with the error budget that looks at you know, product releases, product functionalities, and even what ops needs to do to evolve the product as well. And then the third is to make sure that reliability and resiliency is inbuilt. Cloud offers native durability, native availability. But if your service doesn't take advantage of that, it's kind of going to still be not available. So, how do you kind of ingrain and embed all of these things as a value add that we provide? >> There's a lot of noise. We've got hybrid cloud. We've got multicloud. We've got a lot going on. It adds to the complexity. How do you help customers solve that complexity as they begin their transformation journey? I mean, I'm sure you're working with the biggest companies, making really massive change. How do you guide them through that process? >> So, it is to look at the outcome working backwards, like what AWS does, right? Like, you know, how do you look at the business outcome? What is the value that you're looking to drive? Again, it's not to be pinned through one particular cloud. I know there is lot of technology choices that you can make and lot of deployment models that you can choose from. But at the end of the day, having a common operating model which is kind of like modern, agile, and it is kind of like keeping the outcomes in the mind, that is what we do with our customers to be able to create that operating model, which completes the transformation, by the way. And cloud is just one part of the LEGO blocks which provides that overall scheme and then the view for driving that overall transformation. >> So, let's paint a picture. Let's say you've got this resilient foundation; you've kind of helped the customers build that out. How do they turn that into value for their customers? Do you have any examples that you can share? That'd be great. >> Yeah, I can start with what we're doing for one of the, you know, world's largest facility, infrastructure, power, cooling, security, monitoring company that has their products deployed in 2,000 locations across the globe. For them, and always on business means you are monitoring the temperature. You are monitoring the safety of people who are within the facility, right? A temperature shift of one to two degree can affect even the sustainability goals of NARC, our customer, but also their end consumers. So, how do you monitor these kind of like critical parameters? How do you have a platform? >> Savannah: Great example, yeah. >> How you have cloud resources that are going to be always on, that are going to be reliable, that are going to be cost-effective as well is what we are doing for one of our customers. Sid can talk about another example as well. >> Great. >> Yeah, go for it, Sid. >> So, there are examples: rail. We are working with a group in England; it's called West Coast Partnership. And they had a edge device which was increasing in size. Now, this edge device was becoming big because the parameters which go into the edge device were increasing because of regulation and because the rail is part of national security infrastructure. We have worked with West Coast Partnership and Hitachi Rail, which is a group company, to create a miniaturization of this edge device, because if the size of the edge device is increasing on the train, then the weight of the train increases, and the speed profile, velocity profile, everything goes down. So, we have miniaturized the edge device. Secondly, all the data profiles, signal control, traction control, traction motors, direction control, timetable compliance, everything has been kept uniform. And we have done analytics on cloud. So, what is the behavior of the driver? What is a big breaking parameter of the driver? If the timetable has being missed, is there an erratic behavior being demonstrated by the driver to just meet the timetable? And the timetable is a pretty important criteria in rail because if you miss one, then... So, what we have done is we have created an edge-to-cloud environment where the entire rail analytics is happening. Similarly, in another group company, Hitachi Energy, they had a problem that arguably one of the largest transformer manufacturer in the world. The transformer is a pretty common name now because you're seeing what is happening in Ukraine. Russia went after the transformers and substations before the start of the winter so that their district heating can be meddled with. Now, the transformer, it had a lead time of 17 weeks before COVID. So, if you put me an order of a three-phase transformer, I can deliver it to you in 17 weeks. After and during COVID, the entire lead time increased to 57 to 58 weeks. In cases of a complex transformer, it even went up to something like two years. >> Savannah: Ooh! >> Now, they wanted to increase the productivity of their existing plant because there is only that much sheet metal, that much copper for solenoid, that much microprocessor and silicon. So, they wanted to increase the output of their factory from 95 to 105, 10 more transformers every day, which is 500 and, which is 3,650 every- >> Savannah: Year. >> Year. Now, to do that, we went to a very complex machine; it's called a guard machine. And we increased the productivity of the guard machine by just analyzing all the throttles and all the wastages which are happening there. There are multiple case studies because, see, Hitachi is an industrial giant with 105 years of body of work. KP and I just represent the tip of the digital tip of the arrow. But what we are trying to do through HARC, through industry cloud, through partnership with AWS is basically containerizing and miniaturizing our entire body of work into a democratized environment, an industrial app store, if I may say, where people can come and take their industrial outcomes at ease without worrying about their computational and network orchestration between edge and cloud. That's what we are trying to do. >> I love that analogy of an industrial app cloud. Makes it feel easier in decreasing the complexity of all the different things that everyone's factoring into making their products, whatever they're making. So, we have a new challenge here on theCUBE at AWS re:Invent, where we are looking for your 30-second hot take, your Instagram reel, sound bite. What's the most important story or theme either for you as a team or coming out of the show? You can ponder it for a second. >> It might be different. See, for me, it is industrial security. Industrial OT security should be the theme of the Western world. Western world is on the crosshairs of multiple bad actors. And the industrial security is in the chemical plants, is in the industrial plants, is in the power grids, is in our postal networks and our rail networks. They need to be secured; otherwise, we are geopolitically very weak. Gone are the days when anyone is going to pick up a battle with America or Western world on a field. The battle is going to be pretty clandestine on an cyber world. And that is why industrial security is very important. >> Critical infrastructure and protecting it. >> Absolutely. >> Well said, Sid. KP, what's your hot take? >> My take is going to be a modern operating model, which is going to complete the transformation and to be able to tap into business services from cloud. So, a modern operating model through HARC, that is going to be my take. >> Fantastic. Well, can't wait to see what comes out of Hitachi next. Sid, KP... >> KP: Thank you. >> thank you so much for being here. >> Sid: Thank you. >> Absolutely. >> Dave: Thanks, guys. >> Savannah: This is I could talk to you all about supply chain all day long. And thank all of you for tuning in to our continuous live coverage here from AWS re:Invent in fantastic Sin City. I'm Savannah. Oh, excuse me. With Dave Vellante, I'm Savannah Peterson. You're watching theCUBE, the leader in high tech coverage. (digital xylophone music)

(lively music) >> Good morning. Welcome back to theCUBE's coverage at Supercomputing Conference 2022, live here in Dallas. I'm Dave Nicholson with my co-host Paul Gillin. So far so good, Paul? It's been a fascinating morning Three days in, and a fascinating guest, Ian from AWS. Welcome. >> Thanks, Dave. >> What are we going to talk about? Batch computing, HPC. >> We've got a lot, let's get started. Let's dive right in. >> Yeah, we've got a lot to talk about. I mean, first thing is we recently announced our batch support for EKS. EKS is our Kubernetes, managed Kubernetes offering at AWS. And so batch computing is still a large portion of HPC workloads. While the interactive component is growing, the vast majority of systems are just kind of fire and forget, and we want to run thousands and thousands of nodes in parallel. We want to scale out those workloads. And what's unique about our AWS batch offering, is that we can dynamically scale, based upon the queue depth. And so customers can go from seemingly nothing up to thousands of nodes, and while they're executing their work they're only paying for the instances while they're working. And then as the queue depth starts to drop and the number of jobs waiting in the queue starts to drop, then we start to dynamically scale down those resources. And so it's extremely powerful. We see lots of distributed machine learning, autonomous vehicle simulation, and traditional HPC workloads taking advantage of AWS Batch. >> So when you have a Kubernetes cluster does it have to be located in the same region as the HPC cluster that's going to be doing the batch processing, or does the nature of batch processing mean, in theory, you can move something from here to somewhere relatively far away to do the batch processing? How does that work? 'Cause look, we're walking around here and people are talking about lengths of cables in order to improve performance. So what does that look like when you peel back the cover and you look at it physically, not just logically, AWS is everywhere, but physically, what does that look like? >> Oh, physically, for us, it depends on what the customer's looking for. We have workflows that are all entirely within a single region. And so where they could have a portion of say the traditional HPC workflow, is within that region as well as the batch, and they're saving off the results, say to a shared storage file system like our Amazon FSx for Lustre, or maybe aging that back to an S3 object storage for a little lower cost storage solution. Or you can have customers that have a kind of a multi-region orchestration layer to where they say, "You know what? "I've got a portion of my workflow that occurs "over on the other side of the country "and I replicate my data between the East Coast "and the West Coast just based upon business needs. "And I want to have that available to customers over there. "And so I'll do a portion of it in the East Coast "a portion of it in the West Coast." Or you can think of that even globally. It really depends upon the customer's architecture. >> So is the intersection of Kubernetes with HPC, is this relatively new? I know you're saying you're, you're announcing it. >> It really is. I think we've seen a growing perspective. I mean, Kubernetes has been a long time kind of eating everything, right, in the enterprise space? And now a lot of CIOs in the industrial space are saying, "Why am I using one orchestration layer "to manage my HPC infrastructure and another one "to manage my enterprise infrastructure?" And so there's a growing appreciation that, you know what, why don't we just consolidate on one? And so that's where we've seen a growth of Kubernetes infrastructure and our own managed Kubernetes EKS on AWS. >> Last month you announced a general availability of Trainium, of a chip that's optimized for AI training. Talk about what's special about that chip or what is is customized to the training workloads. >> Yeah, what's unique about the Trainium, is you'll you'll see 40% price performance over any other GPU available in the AWS cloud. And so we've really geared it to be that most price performance of options for our customers. And that's what we like about the silicon team, that we're part of that Annaperna acquisition, is because it really has enabled us to have this differentiation and to not just be innovating at the software level but the entire stack. That Annaperna Labs team develops our network cards, they develop our ARM cards, they developed this Trainium chip. And so that silicon innovation has become a core part of our differentiator from other vendors. And what Trainium allows you to do is perform similar workloads, just at a lower price performance. >> And you also have a chip several years older, called Inferentia- >> Um-hmm. >> Which is for inferencing. What is the difference between, I mean, when would a customer use one versus the other? How would you move the workload? >> What we've seen is customers traditionally have looked for a certain class of machine, more of a compute type that is not as accelerated or as heavy as you would need for Trainium for their inference portion of their workload. So when they do that training they want the really beefy machines that can grind through a lot of data. But when you're doing the inference, it's a little lighter weight. And so it's a different class of machine. And so that's why we've got those two different product lines with the Inferentia being there to support those inference portions of their workflow and the Trainium to be that kind of heavy duty training work. >> And then you advise them on how to migrate their workloads from one to the other? And once the model is trained would they switch to an Inferentia-based instance? >> Definitely, definitely. We help them work through what does that design of that workflow look like? And some customers are very comfortable doing self-service and just kind of building it on their own. Other customers look for a more professional services engagement to say like, "Hey, can you come in and help me work "through how I might modify my workflow to "take full advantage of these resources?" >> The HPC world has been somewhat slower than commercial computing to migrate to the cloud because- >> You're very polite. (panelists all laughing) >> Latency issues, they want to control the workload, they want to, I mean there are even issues with moving large amounts of data back and forth. What do you say to them? I mean what's the argument for ditching the on-prem supercomputer and going all-in on AWS? >> Well, I mean, to be fair, I started at AWS five years ago. And I can tell you when I showed up at Supercomputing, even though I'd been part of this community for many years, they said, "What is AWS doing at Supercomputing?" I know you care, wait, it's Amazon Web Services. You care about the web, can you actually handle supercomputing workloads? Now the thing that very few people appreciated is that yes, we could. Even at that time in 2017, we had customers that were performing HPC workloads. Now that being said, there were some real limitations on what we could perform. And over those past five years, as we've grown as a company, we've started to really eliminate those frictions for customers to migrate their HPC workloads to the AWS cloud. When I started in 2017, we didn't have our elastic fabric adapter, our low-latency interconnect. So customers were stuck with standard TCP/IP. So for their highly demanding open MPI workloads, we just didn't have the latencies to support them. So the jobs didn't run as efficiently as they could. We didn't have Amazon FSx for Lustre, our managed lustre offering for high performant, POSIX-compliant file system, which is kind of the key to a large portion of HPC workloads is you have to have a high-performance file system. We didn't even, I mean, we had about 25 gigs of networking when I started. Now you look at, with our accelerated instances, we've got 400 gigs of networking. So we've really continued to grow across that spectrum and to eliminate a lot of those really, frictions to adoption. I mean, one of the key ones, we had a open source toolkit that was jointly developed by Intel and AWS called CFN Cluster that customers were using to even instantiate their clusters. So, and now we've migrated that all the way to a fully functional supported service at AWS called AWS Parallel Cluster. And so you've seen over those past five years we have had to develop, we've had to grow, we've had to earn the trust of these customers and say come run your workloads on us and we will demonstrate that we can meet your demanding requirements. And at the same time, there's been, I'd say, more of a cultural acceptance. People have gone away from the, again, five years ago, to what are you doing walking around the show, to say, "Okay, I'm not sure I get it. "I need to look at it. "I, okay, I, now, oh, it needs to be a part "of my architecture but the standard questions, "is it secure? "Is it price performant? "How does it compare to my on-prem?" And really culturally, a lot of it is, just getting IT administrators used to, we're not eliminating a whole field, right? We're just upskilling the people that used to rack and stack actual hardware, to now you're learning AWS services and how to operate within that environment. And it's still key to have those people that are really supporting these infrastructures. And so I'd say it's a little bit of a combination of cultural shift over the past five years, to see that cloud is a super important part of HPC workloads, and part of it's been us meeting the the market segment of where we needed to with innovating both at the hardware level and at the software level, which we're going to continue to do. >> You do have an on-prem story though. I mean, you have outposts. We don't hear a lot of talk about outposts lately, but these innovations, like Inferentia, like Trainium, like the networking innovation you're talking about, are these going to make their way into outposts as well? Will that essentially become this supercomputing solution for customers who want to stay on-prem? >> Well, we'll see what the future lies, but we believe that we've got the, as you noted, we've got the hardware, we've got the network, we've got the storage. All those put together gives you a a high-performance computer, right? And whether you want it to be redundant in your local data center or you want it to be accessible via APIs from the AWS cloud, we want to provide that service to you. >> So to be clear, that's not that's not available now, but that is something that could be made available? >> Outposts are available right now, that have this the services that you need. >> All these capabilities? >> Often a move to cloud, an impetus behind it comes from the highest levels in an organization. They're looking at the difference between OpEx versus CapEx. CapEx for a large HPC environment, can be very, very, very high. Are these HPC clusters consumed as an operational expense? Are you essentially renting time, and then a fundamental question, are these multi-tenant environments? Or when you're referring to batches being run in HPC, are these dedicated HPC environments for customers who are running batches against them? When you think about batches, you think of, there are times when batches are being run and there are times when they're not being run. So that would sort of conjure, in the imagination, multi-tenancy, what does that look like? >> Definitely, and that's been, let me start with your second part first is- >> Yeah. That's been a a core area within AWS is we do not see as, okay we're going to, we're going to carve out this super computer and then we're going to allocate that to you. We are going to dynamically allocate multi-tenant resources to you to perform the workloads you need. And especially with the batch environment, we're going to spin up containers on those, and then as the workloads complete we're going to turn those resources over to where they can be utilized by other customers. And so that's where the batch computing component really is powerful, because as you say, you're releasing resources from workloads that you're done with. I can use those for another portion of the workflow for other work. >> Okay, so it makes a huge difference, yeah. >> You mentioned, that five years ago, people couldn't quite believe that AWS was at this conference. Now you've got a booth right out in the center of the action. What kind of questions are you getting? What are people telling you? >> Well, I love being on the show floor. This is like my favorite part is talking to customers and hearing one, what do they love, what do they want more of? Two, what do they wish we were doing that we're not currently doing? And three, what are the friction points that are still exist that, like, how can I make their lives easier? And what we're hearing is, "Can you help me migrate my workloads to the cloud? "Can you give me the information that I need, "both from a price for performance, "for an operational support model, "and really help me be an internal advocate "within my environment to explain "how my resources can be operated proficiently "within the AWS cloud." And a lot of times it's, let's just take your application a subset of your applications and let's benchmark 'em. And really that, AWS, one of the key things is we are a data-driven environment. And so when you take that data and you can help a customer say like, "Let's just not look at hypothetical, "at synthetic benchmarks, let's take "actually the LS-DYNA code that you're running, perhaps. "Let's take the OpenFOAM code that you're running, "that you're running currently "in your on-premises workloads, "and let's run it on AWS cloud "and let's see how it performs." And then we can take that back to your to the decision makers and say, okay, here's the price for performance on AWS, here's what we're currently doing on-premises, how do we think about that? And then that also ties into your earlier question about CapEx versus OpEx. We have models where actual, you can capitalize a longer-term purchase at AWS. So it doesn't have to be, I mean, depending upon the accounting models you want to use, we do have a majority of customers that will stay with that OpEx model, and they like that flexibility of saying, "Okay, spend as you go." We need to have true ups, and make sure that they have insight into what they're doing. I think one of the boogeyman is that, oh, I'm going to spend all my money and I'm not going to know what's available. And so we want to provide the, the cost visibility, the cost controls, to where you feel like, as an HPC administrator you have insight into what your customers are doing and that you have control over that. And so once you kind of take away some of those fears and and give them the information that they need, what you start to see too is, you know what, we really didn't have a lot of those cost visibility and controls with our on-premises hardware. And we've had some customers tell us we had one portion of the workload where this work center was spending thousands of dollars a day. And we went back to them and said, "Hey, we started to show this, "what you were spending on-premises." They went, "Oh, I didn't realize that." And so I think that's part of a cultural thing that, at an HPC, the question was, well on-premises is free. How do you compete with free? And so we need to really change that culturally, to where people see there is no free lunch. You're paying for the resources whether it's on-premises or in the cloud. >> Data scientists don't worry about budgets. >> Wait, on-premises is free? Paul mentioned something that reminded me, you said you were here in 2017, people said AWS, web, what are you even doing here? Now in 2022, you're talking in terms of migrating to cloud. Paul mentioned outposts, let's say that a customer says, "Hey, I'd like you to put "in a thousand-node cluster in this data center "that I happen to own, but from my perspective, "I want to interact with it just like it's "in your data center." In other words, the location doesn't matter. My experience is identical to interacting with AWS in an AWS data center, in a CoLo that works with AWS, but instead it's my physical data center. When we're tracking the percentage of IT that's that is on-prem versus off-prem. What is that? Is that, what I just described, is that cloud? And in five years are you no longer going to be talking about migrating to cloud because people go, "What do you mean migrating to cloud? "What do you even talking about? "What difference does it make?" It's either something that AWS is offering or it's something that someone else is offering. Do you think we'll be at that point in five years, where in this world of virtualization and abstraction, you talked about Kubernetes, we should be there already, thinking in terms of it doesn't matter as long as it meets latency and sovereignty requirements. So that, your prediction, we're all about insights and supercomputing- >> My prediction- >> In five years, will you still be talking about migrating to cloud or will that be something from the past? >> In five years, I still think there will be a component. I think the majority of the assumption will be that things are cloud-native and you start in the cloud and that there are perhaps, an aspect of that, that will be interacting with some sort of an edge device or some sort of an on-premises device. And we hear more and more customers that are saying, "Okay, I can see the future, "I can see that I'm shrinking my footprint." And, you can see them still saying, "I'm not sure how small that beachhead will be, "but right now I want to at least say "that I'm going to operate in that hybrid environment." And so I'd say, again, the pace of this community, I'd say five years we're still going to be talking about migrations, but I'd say the vast majority will be a cloud-native, cloud-first environment. And how do you classify that? That outpost sitting in someone's data center? I'd say we'd still, at least I'll leave that up to the analysts, but I think it would probably come down as cloud spend. >> Great place to end. Ian, you and I now officially have a bet. In five years we're going to come back. My contention is, no we're not going to be talking about it anymore. >> Okay. >> And kids in college are going to be like, "What do you mean cloud, it's all IT, it's all IT." And they won't remember this whole phase of moving to cloud and back and forth. With that, join us in five years to see the result of this mega-bet between Ian and Dave. I'm Dave Nicholson with theCUBE, here at Supercomputing Conference 2022, day three of our coverage with my co-host Paul Gillin. Thanks again for joining us. Stay tuned, after this short break, we'll be back with more action. (lively music)

(upbeat music) >> Hey everyone, welcome back to theCUBE live in Miami on the floor of IFS Unleashed. I'm your host, Lisa Martin. Had some great conversations. Have more great conversations coming your way. I have two guests joining me. Please welcome Martin Schirmer, the President of Enterprise Service Management, IFS Assyst. And Parminder Khosa, the Senior IT Manager at Parexel. Guys, it's great to have you on the program. >> Lovely to be here. >> It's good to be here. >> Martin, talk to me a little bit... tell the audience a little bit about Assyst so that that get that context before we start asking questions. >> Yeah. Absolutely. So IFS Assyst is a recent acquisition. It's an acquisition we made about a year ago. And fundamentally, it's a platform that takes care of IT service management, enterprise service management and IT operations management. So think of it, of managing sort of the ERP for IT and then broadening that out into the sort of enterprise where you're driving enterprise use cases for all lines of businesses like HR, finance, facilities, so on and so forth. >> Got it. And then Parminder, give the audience just a little bit of a flavor of Parexel, who you guys are, what you do. >> Sure. >> Maybe the impact that you make. >> Yeah, so Parexel is a clinical research organization. And what that means is that we manage drug trials for big pharmaceutical companies. So we're a big company. We're 25,000 people. We have offices in 150 locations all the way from Japan and the east through to the West Coast of the USA. >> Big company. >> Yeah, we are. We are a lot of people. >> And let's start chatting now Martin with some of the questions that you have so we get the understanding of how IFS and Parexel are working together. >> Yeah. Absolutely. I suppose... I mean the first thing is and thank you for traveling here all the way from the UK. (Lisa chuckles) Appreciate it and great energy and vibe. So just what the first question I had really was, you're customer of ours for the last 15 years plus. Maybe just give the audience a bit of context into your journey and how you've evolved from the sort of early years to where you're going into the future. >> Sure. So our history, I was part of a company that Parexel acquired that was already using Assyst. And as Parexel acquired us, they were in the process of also buying Assyst. So it became a kind of natural fit where I carried on with Assyst. And we started relatively small, sort of just the service desktop. And throughout the ongoing 15 years or so, we've just grown and expanded into kind of being a critical tool for Parexel right now. >> Okay, that's fantastic. I mean part of that journey, I know you started in sort of the more they call a ticketing space or IT service management space. Expand a little bit how you've expanded out of that and really moved into the enterprise. >> Sure. So yeah. So when we first rolled Assyst out, it was as I say, purely IT. And eventually we reached out to other business units to say asking questions like, Are you managing your workload through email? Are you managing your workload through Excel spreadsheets? In which case, if you are, we've got a solution for you that will make it a much better experience for your customers. They're all internal. It'll make it much easier for you because you will have official tracking going on through our system. I'll make it better for your management because we can drive metrics from all of the data that we're getting. So if you imagine finance we're getting, kind of 200 miles a day because of the size of our company. And they were just working through them one by one responding, and they becomes just a mess. So we developed forms for them to say, "Okay, Larry raise all your requests here. We will pick it up. We will manage it. We will communicate with you. And once the piece of work that you've asked for is done, we will let you know." And as we go through that process, we'll make it better for us because as I say we're getting those metrics. And we'll make it better for you because we can spot where our gaps are. If a request is taking three days, and of that three days, two days is waiting for someone on our end to respond to you or is waiting for us waiting for a customer to respond, we can iron those out and make it a much better experience for everyone. >> That's fantastic. It's really music to my ears because we always pushing the industry to say move away from just the IT side and really get into the enterprise. And it sounds like you've really gotten a lot of sort of productivity and efficiency gains out of that. >> Definitely, definitely. And it becomes kind of a happy circle. So the finance guys will work with the procurement guys. And they also look... Well, we're doing all of our work through Assyst now. So procurement's a little turnaround. So, well we're using this big spreadsheet to manage all of ours. Can we do the same? And they'll reach out to us and we'll say, "Of course we can. What is your process?" For example, they will say, okay, if someone asks for a new laptop, we need to get the approval from their line manager, from the supplier. We need to do our own internal work and then we will send it out. So imagine if you're doing that in a an email chain. It just becomes chaos. >> Yeah. >> So we will build all of that out for them. And then procurement will talk to HR and it just becomes a snowball. And before you know it, we are doing about 4,000 tickets per day in our Assyst system. And of those, 50% perhaps maybe more than 50% now will be non IT related. >> Oh, that's fantastic. Really music to my ears. And it really breaking down the boundaries or silos within an organization. It's really good. Let the teams work together. Right? >> Definitely. And that's one of the key things that we've learned is that we have to engage completely with our business partners. And our business partners are becoming more and more IT literate as well. So for example, we had a recent big HR solution provided to us. And as part of that, we know there are going to be questions, and queries and perhaps even issues to do with our HR system. So we have to work with us guys, the Assyst front end, the IT HR guys who look after the databases, all of the technology in the background. Then there'll be IT HR who are Workday experts. And then kind of not necessarily at the bottom of the chain will be the HR people themselves who are in their own way, experts in their area, experts in IT in a certain way. So all of those people have to work together. We become the front end, but we have to work with all of those parts of the business. >> That's really great. It's basically what you just said is taking business, IT processes and underpinning solutions. Effectively digital transformation, right? >> Exactly. Yeah. So HR is a great example. They used to have paper flying around with leave request, with sickness requests, with all of those kind of issues. And you said, well if you have an issue with your HR system, you can't raise a leave request, or you can't raise a sickness request, tell us. We will take care of it. We will fix it for you. We will give you the instructions. And we will get rid of all of that paper. >> That's brilliant. Just sort of turning the attention. And all of that, how do you drive the sort of, we'll talk about the autonomous enterprise. How do you drive automation in that process? >> Yeah. Of course, we have to map all of those processes out. Because we're not the experts in HR or procurement or whatever the business area may be. We have to really dig into their work methods, their working areas. What is necessary for them? What is a must have? What is a like to have? What is we don't really need? So we really drive into that processes. Once we've got those, we will automate them. We will build them out in Assyst with the process designer. It's very intuitive now. The latest version is really good to work with. We will do some pretty clever stuff in there. We'll say, okay the manager approval. If the manager is not there, then escalate it to the next person. Then we go to HR and say, okay HR have taken two days to do this. We're not particularly okay with that. So we will escalate it to the next person. And all of that process is completely automated, completely in Assyst. >> Brilliant. I mean obviously, we have a codeless workflow engine with a designer. And if you look at one of the trends from post covid is a war in talent in particular developers. The IDC says there's going to be around 4 million shortage of developers. What is your view on, how easy... Do I need developers? Is it easy, is it difficult to do these workflow extensions and automations? >> Definitely not, no. So the two key areas that you mentioned that with the customizer to develop the forms to make them available to our end users, drag and drop. Really easy to do. You can put some nice filters in there. You can put some nice variables in there. You can drive intelligent drive the forms from there as well. So if option A is correct, then don't show me option B, show me option C. And all of that is codeless, entirely codeless. I don't need to type any code. And when we move on to a process designer that hooks in nicely with the form customizer because we can say, "Okay, if option B on that form is selected, then runs this process." And all of that process is entirely codeless as well. Drag and drop. Creates some tasks. Create some decisions. >> Fantastic. >> Brilliant. >> Sounds really good. Switching gears a little bit. You spoke about experience, and that's also obviously very topical post, well, Covid becoming a remote workforce. Clearly, we need to be digitally connected to our business and organization because the hybrid workforce, as we all know, is here to stay. And that employee experience is fundamental because it is their sort of channel to the engagement of the organization. Of course, that has retention impacts and productivity impact. So just from your perspective, how was Covid, from your perspective, and how easy or difficult was it to get your employees engaged and productive and working? >> Yeah. And for us, it's a double edged sword Covid was. Because of the nature of our business. We do covid stuff. We do drug stuff. So we may have issues with some trials that are related to that. So we need to escalate those. We need to be aware of them and move them to the top of the chain as soon as possible. And then Assyst becomes a source of truth. Everybody knows that if I've got an issue with the current environment that we're living in, I can raise it in Assyst. And everybody knows that's where that information is. There's no need to have huge conference calls or huge email chains to try and follow those around. So with our Assyst platform, with our employees as well, everybody knew that this is where the source of truth was. We didn't have any dropouts. We didn't have any concerns with our system or performance. We knew it was there. We had to do some work like, as I say, around covid issues just to make sure they get pushed up to the top of the chain. But otherwise, we were fine. And great credit to our IT operations team as well who managed that pretty much seamlessly. >> That's brilliant. That's good news. >> Yeah. >> It really is. Just taking a little bit further and talking a little bit about what next. My team has been, I know, talking to your team about the whole area of asset management. Maybe talk to us a little bit about that journey. >> Sure, sure. So we're an ITOM customer as well. So all of our hardware data is stored within the ITOM platform. So we've pushed out the agents to all of our end user machines, so 25,000 agents. And we're in the process of integrating that into our Assyst platform to make that the single source of truth. And that part of that we're working on the software asset management side as well. So we've got a really good idea of where our software assets are. It comes to all license auditing, we know exactly how much we've got there. And the more complex side of it is of course server. So software management management as well. So we're in the process of getting all of that data as well. So once we've done all that, there is other all as the next step. The next step will be to perhaps do monitoring or pushing out software using the ITOM platform and getting rid of some of the disparate systems that we have right now. >> Well that's good news. And I think I saw a study. I think, every single person as an employee carries around 15 or 20 assets with him at any one time. Be it from a PC, phone, physical software licenses, so on and so forth. In that context, I can imagine the business case around it. >> Definitely. Yeah. And every, again, we map every user to their assets and (indistinct) their assets. And again Assyst as a source of truth for that. So if you want to look at my record, so, all right. Pam's got a laptop. He's got a mobile phone. We're thinking about giving him a tablet, but we'll find out. That he's in the process of getting a tablet as well. So I can have a look at my user record and know exactly what I've got with all of the asset tags and the various links that it has to the software pieces so it becomes a big tree of my assets. >> That's wonderful. Just the question I had was, we spoke about breaking down silos and the enterprise use cases and the effect that has. Do you envisage that Assyst can really get to being enterprisewide as, when I say enterprisewide, everybody in the organization effectively using this tool as their sort of source of experience, and level of automation of process? >> Definitely, definitely. As I say, we're getting... We're really pushing to get to that. As I say, 4,000 tickets a day with a user base of 25,000 kind of means that everybody will interact with the system perhaps every two weeks or so. So we're getting to that point and with the new functionality that's coming out with the Assyst product, with the team's integration, and the bot and everything that will bring to us because we are a big. We use teams. We use bots. We use that kind of technology. It will just fit in seamlessly. And trying to break down the silos, as I say finance, procurement, all of the big beasts within our company already are using the Assyst tool. And we want to bring in more and more of those processes as we mature. >> Brilliant. I think Omnichannel's critical. We want to connect from any device from anywhere. It's just the way we work. So I think that's critical. Teams is of course a a tool that most of us have become too familiar with. >> Yup. (chuckles) >> To be fair. (chuckles) It's better to be here in person finally, right? >> Yeah. >> So I think, that's all exciting news. And it's really fantastic. >> Great. >> So I suppose maybe in the time that we have left, what's next? >> What's next for us is that we're in the process of migrating our solution to the cloud, to the IFS cloud. That will open up a huge new user base for us. If we think all of our customers, all of our people who work on studies will have the ability to connect to Assyst and ask questions. That's a lot of it is just ask a question, or raise an issue or ask for something. So we're talking, it could be expanded by hundreds of thousands of new users that will meet more people on the backend to manage those requests as well. So yeah. It's just going to get bigger and bigger. And as you say, with the CMDB work that we're doing as well, that's another big ongoing stream for us. >> It's great because as you know, with Assyst we have a disruptive licensing model. >> Yeah. >> We have a t-shirt size pricing. All you can need based a number of employees. So there's no barriers to entry for you. >> There really is. And that really helps us because as I said initially, particularly when finance came on board and now they're expanding, there is no cost implication for it. The more that we use it, the better it is for. The more bang for buck that we get. >> Yep. That's our mantra. Enterprise users, right? For the price of a cup of coffee, for the price of a user. That's our mantra. >> I love it. You guys have done such a great job of articulating the synergies in the relationship that IFS Assyst has with Paraxel. You talked about the great outcomes that you're achieving. And it's all about Martin, I know, from IFS Assyst perspective, it's all about helping customers achieve those outcomes and those moments of service that are so critical to your customers on the other end staying with you, doing more business. Whether it's the end user customer, whether it's the actual employee. You talked a lot about the customer experience, the employee experience, and what you guys are doing together to enable that. And I always think that the employee experience and the customer experience are like this. They're inextricably linked. You can't, you shouldn't. Otherwise you're going to have problems. >> Yeah, no, absolutely. And there's actually a study on that saying that, 70% of customers generally don't feel they get what they want from organizations. >> 70. Wow! >> And if you take that one step further to what you said, the interconnectivity between customer employee, employee shops on Amazon, right? It's on those websites. So you can't be rolling out and digitally connect to the employee with something that is clunky and has the wrong experience. Like I said, it really affects that level of engagement the employee has with the company which happens to be largely these days remote. >> It does. Last question Martin, is for you. Talk to us about what's next for IFS Assyst. Obviously, we're back in person. There's a lot of momentum about the company. I was talking with Darren, the growth and first half was great. He kind of gave us some teaser about second half, but what's next from your perspective? >> Yeah. So what's next for us is achieving our goal. We are here to disrupt the industry. It's an industry that's dominated by one player and a fair amount of legacy players. We've disrupted the business model as I've told you. We here to do more because it's a simple thing. And that's the word simple. We want to keep things simple. We're going to keep engineering and driving our product forward, right? We've made sure that our platform is up there with the best. Yeah. We've just been certified by pink. Pink is a verification of ITIL four they call it. So it's a body. And the top level is you can get 20 out of 20. We got 17 out of 20. There's only one other vendor that has more than us and it's only by little. And after it's a big white space, the next one is 14. So we on the right track. We are going to of course drive and capture the market. So watch this space. We here to grow. >> We will watch this space. Congratulations on being that disrupter. >> Thank you. >> Parminder great work with what you guys are doing. You did a great job of articulating, as I said, the customers tour here. We appreciate your insights, your time. >> Thank you very much. >> Pleasure. >> All right, my pleasure. >> Thank you. For my guests, I'm Lisa Martin. You're watching The Cube live from Miami on the show floor of IFS Unleashed. We'll be back after a short break.

(bright music) >> Welcome back everyone. theCube's live coverage here. Day two, of two sets, three days of theCube coverage here at VMware Explore. This is our 12th year covering VMware's annual conference, formerly called VM World. I'm John Furrier, with Dave Vellante. We'd love seeing the progress and we've got great security comes Tom Gill, senior vices, president general manager, networking and advanced security business group at VMware. Great to see you. Thanks for coming on. >> Thanks. for having me. >> Yeah, really happy we could have you on. >> I think this is my sixth edition on the theCube. Do I get frequent flyer points or anything? >> Yeah. >> You first get the VIP badge. We'll make that happen. You can start getting credits. >> Okay, there we go. >> We won't interrupt you. Seriously, you got a great story in security here. The security story is kind of embedded everywhere, so it's not called out and blown up and talked specifically about on stage. It's kind of in all the narratives in the VM World for this year. But you guys have an amazing security story. So let's just step back and to set context. Tell us the security story for what's going on here at VMware and what that means to this supercloud, multi-cloud and ongoing innovation with VMware. >> Yeah, sure thing. So probably the first thing I'll point out is that security's not just built in at VMware. It's built differently. So, we're not just taking existing security controls and cut and pasting them into our software. But we can do things because of our platform, because of the virtualization layer that you really can't do with other security tools. And where we're very, very focused is what we call lateral security or East-West movement of an attacker. 'Cause frankly, that's the name of the game these days. Attackers, you've got to assume that they're already in your network. Already assume that they're there. Then how do we make it hard for them to get to the stuff that you really want? Which is the data that they're going after. And that's where we really should. >> All right. So we've been talking a lot, coming into VMware Explore, and here, the event. About two things. Security, as a state. >> Yeah. >> I'm secure right now. >> Yeah. >> Or I think I'm secure right now, even though someone might be in my network or in my environment. To the notion of being defensible. >> Yeah. >> Meaning I have to defend and be ready at a moment's notice to attack, fight, push back, red team, blue team. Whatever you're going to call it. But something's happening. I got to be able to defend. >> Yeah. So what you're talking about is the principle of Zero Trust. When I first started doing security, the model was we have a perimeter. And everything on one side of the perimeter is dirty, ugly, old internet. And everything on this side, known good, trusted. What could possibly go wrong. And I think we've seen that no matter how good you make that perimeter, bad guys find a way in. So Zero Trust says, you know what? Let's just assume they're already in. Let's assume they're there. How do we make it hard for them to move around within the infrastructure and get to the really valuable assets? 'Cause for example, if they bust into your laptop, you click on a link and they get code running on your machine. They might find some interesting things on your machine. But they're not going to find 250 million credit cards. >> Right. >> Or the script of a new movie or the super secret aircraft plans. That lives in a database somewhere. And so it's that movement from your laptop to that database. That's where the damage is done and that's where VMware shines. >> So if they don't have the right to get to that database, they're not in. >> And it's not even just the right. So they're so clever and so sneaky that they'll steal a credential off your machine, go to another machine, steal a credential off of that. So, it's like they have the key to unlock each one of these doors. And we've gotten good enough where we can look at that lateral movement, even though it has a credential and a key, we're like wait a minute. That's not a real CIS Admin making a change. That's ransomware. And that's where you. >> You have to earn your way in. >> That's right. That's right. Yeah. >> And we're all kinds of configuration errors. But also some user problems. I've heard one story where there's so many passwords and username and passwords and systems that the bad guys scour, the dark web for passwords that have been exposed. >> Correct. >> And go test them against different accounts. Oh one hit over here. >> Correct. >> And people don't change their passwords all the time. >> Correct. >> That's a known vector. >> Just the idea that users are going to be perfect and never make a mistake. How long have we been doing this? Humans are the weakest link. So people are going to make mistakes. Attackers are going to be in. Here's another way of thinking about it. Remember log4j? Remember that whole fiasco? Remember that was at Christmas time. That was nine months ago. And whoever came up with that vulnerability, they basically had a skeleton key that could access every network on the planet. I don't know if a single customer that said, "Oh yeah, I wasn't impacted by log4j." So here's some organized entity had access to every network on the planet. What was the big breach? What was that movie script that got stolen? So there wasn't one, right? We haven't heard anything. So the point is, the goal of attackers is to get in and stay in. Imagine someone breaks into your house, steals your laptop and runs. That's a breach. Imagine someone breaks into your house and stays for nine months. It's untenable, in the real world, right? >> Right. >> We don't know in there, hiding in the closet. >> They're still in. >> They're watching everything. >> Hiding in your closet, exactly. >> Moving around, nibbling on your cookies. >> Drinking your beer. >> Yeah. >> So let's talk about how this translates into the new reality of cloud-native. Because now you hear about automated pentesting is a new hot thing right now. You got antivirus on data is hot within APIs, for instance. >> Yeah. >> API security. So all kinds of new hot areas. Cloud-native is very iterative. You know, you can't do a pentest every week. >> Right. >> You got to do it every second. >> So this is where it's going. It's not so much simulation. It's actually real testing. >> Right. Right. >> How do you view that? How does that fit into this? 'cause that seems like a good direction to me. >> Yeah. If it's right in, and you were talking to my buddy, Ahjay, earlier about what VMware can do to help our customers build cloud native applications with Tanzu. My team is focused on how do we secure those applications? So where VMware wants to be the best in the world is securing these applications from within. Looking at the individual piece parts and how they talk to each other and figuring out, wait a minute, that should never happen. By almost having an x-ray machine on the innards of the application. So we do it for both for VMs and for container based applications. So traditional apps are VM based. Modern apps are container based. And we have a slightly different insertion mechanism. It's the same idea. So for VMs, we do it with a hypervisor with NSX. We see all the inner workings. In a container world we have this thing called a service mesh that lets us look at each little snippet of code and how they talk to each other. And once you can see that stuff, then you can actually apply. It's almost like common sense logic of like, wait a minute. This API is giving back credit card numbers and it gives five an hour. All of a sudden, it's now asking for 20,000 or a million credit cards. That doesn't make any sense. The anomalies stick out like a sore thumb. If you can see them. At VMware, our unique focus in the infrastructure is that we can see each one of these little transactions and understand the conversation. That's what makes us so good at that East-West or lateral security. >> You don't belong in this room, get out or that that's some weird call from an in memory database, something over here. >> Exactly. Where other security solutions won't even see that. It's not like there algorithms aren't as good as ours or better or worse. It's the access to the data. We see the inner plumbing of the app and therefore we can protect the app from. >> And there's another dimension that I want to get in the table here. 'Cause to my knowledge only AWS, Google, I believe Microsoft and Alibaba and VMware have this. >> Correct >> It's Nitro. The equivalent of a Nitro. >> Yes. >> Project Monterey. >> Yeah. >> That's unique. It's the future of computing architectures. Everybody needs a Nitro. I've written about this. >> Yeah. >> Right. So explain your version. >> Yeah. >> It's now real. >> Yeah. >> It's now in the market, right? >> Yeah. >> Or soon will be. >> Here's our mission. >> Salient aspects. >> Yeah. Here's our mission of VMware. Is that we want to make every one of our enterprise customers. We want their private cloud to be as nimble, as agile, as efficient as the public cloud. >> And secure. >> And secure. In fact, I'll argue, we can make it actually more secure because we're thinking about putting security everywhere in this infrastructure. Not just on the edges of it. Okay. How do we go on that journey? As you pointed out, the public cloud providers realized five years ago that the right way to build computers was not just a CPU and a graphics process unit, GPU. But there's this third thing that the industry's calling a DPU, data processing unit. And so there's kind of three pieces of a computer. And the DPU is sometimes called a Smartnic. It's the network interface card. It does all that network handling and analytics and it takes it off the CPU. So they've been building and deploying those systems themselves. That's what Nitro is. And so we have been working with the major Silicon vendors to bring that architecture to everybody. So with vSphere 8, we have the ability to take the network processing, that East-West inspection I talked about, take it off of the CPU and put it into this dedicated processing element called the DPU and free up the CPU to run the applications that Ahjay and team are building. >> So no performance degradation at all? >> Correct. To CPU offload. >> So even the opposite, right? I mean you're running it basically Bare Metal speeds. >> Yes, yes and yes. >> And you're also isolating the storage from the security, the management, and. >> There's an isolation angle to this, which is that firewall, that we're putting everywhere. Not just that the perimeter, but we put it in each little piece of the server is running when it runs on one of these DPUs it's a different memory space. So even if an attacker gets to root in the OS, they it's very, very, never say never, but it's very difficult. >> So who has access to that resource? >> Pretty much just the infrastructure layer, the cloud provider. So it's Amazon, Google, Microsoft, and the enterprise. >> Application can't get in. >> Can't get in there. Cause you would've to literally bridge from one memory space to another. Never say never, but it would be very. >> But it hasn't earned the trust to get. >> It's more than barbwire. It's multiple walls. >> Yes. And it's like an air gap. It puts an air gap in the server itself so that if the server is compromised, it's not going to get into the network. Really powerful. >> What's the big thing that you're seeing with this supercloud transition. We're seeing multi-cloud and this new, not just SaaS hosted on the cloud. >> Yeah. >> You're seeing a much different dynamic of, combination of large scale CapEx, cloud-native, and then now cloud-native drills on premises and edge. Kind of changing what a cloud looks like if the cloud's on a cloud. >> Yeah. >> So we're the customer, I'm building on a cloud and I have on premise stuff. So, I'm getting scale CapEx relief from the hyperscalers. >> I think there's an important nuance on what you're talking about. Which is in the early days of the cloud customers. Remember those first skepticism? Oh, it'll never work. Oh, that's consumer grade. Oh, that's not really going to work. Oh some people realize. >> It's not secure. >> Yeah. It's not secure. >> That one's like, no, no, no it's secure. It works. And it's good. So then there was this sort of over rush. Let's put everything on the cloud. And I had a lot of customers that took VM based applications said, I'm going to move those onto the cloud. You got to take them all apart, put them on the cloud and put them all back together again. And little tiny details like changing an IP address. It's actually much harder than it looks. So my argument is, for existing workloads for VM based workloads, we are VMware. We're so good at running VM based workloads. And now we run them on anybody's cloud. So whether it's your east coast data center, your west coast data center, Amazon, Google, Microsoft, Alibaba, IBM keep going. We pretty much every. >> And the benefit of the customer is what. >> You can literally VMotion and just pick it up and move it from private to public, public to private, private to public, Back and forth. >> Remember when we called Vmotion BS, years ago? >> Yeah. Yeah. >> VMotion is powerful. >> We were very skeptical. We're like, that'll never happen. I mean we were. This supposed to be pat ourselves on the back. >> Well because alchemy. It seems like what you can't possibly do that. And now we do it across clouds. So it's not quite VMotion, but it's the same idea. You can just move these things over. I have one customer that had a production data center in the Ukraine. Things got super tense, super fast and they had to go from their private cloud data center in the Ukraine, to a public cloud data center out of harm's way. They did it over a weekend. 48 hours. If you've ever migrated a data center, that's usually six months. Right. And a lot of heartburn and a lot of angst. Boop. They just drag and dropped and moved it on over. That's the power of what we call the cloud operating model. And you can only do this when all your infrastructures defined in software. If you're relying on hardware, load balancers, hardware, firewalls, you can't move those. They're like a boat anchor. You're stuck with them. And by the way, they're really, really expensive. And by the way, they eat a lot of power. So that was an architecture from the 90's. In the cloud operating model your data center. And this comes back to what you were talking about is just racks and racks of X86 with these magic DPUs, or smart nics, to make any individual node go blisteringly fast and do all the functions that you used to do in network appliances. >> We just had Ahjay taking us to school, and everyone else to school on applications, middleware, abstraction layer. And Kit Culbert was also talking about this across cloud. We're talking supercloud, super pass. If this continues to happen, which we would think it will happen. What does the security posture look like? It feels to me, and again, this is your wheelhouse. If supercloud happens with this kind of past layer where there's vMotioning going on. All kinds of spanning applications and data across environments. >> Yeah. Assume there's an operating system working on behind the scenes. >> Right. >> What's the security posture in all this? >> Yeah. So remember my narrative about the bad guys are getting in and they're moving around and they're so sneaky that they're using legitimate pathways. The only way to stop that stuff, is you've got to understand it at what we call Layer 7. At the application layer. Trying to do security to the infrastructure layer. It was interesting 20 years ago, kind of less interesting 10 years ago. And now it's becoming irrelevant because the infrastructure is oftentimes not even visible. It's buried in some cloud provider. So Layer 7 understanding, application awareness, understanding the APIs and reading the content. That's the name of the game in security. That's what we've been focused on. Nothing to do with the infrastructure. >> And where's the progress bar on that paradigm. One to ten. Ten being everyone's doing it. >> Right now. Well, okay. So we as a vendor can do this today. All the stuff I talked about, reading APIs, understanding the individual services looking at, Hey, wait a minute this credit card anomalies, that's all shipping production code. Where is it in customer adoption life cycle? Early days 10%. So there's a whole lot of headroom for people to understand, Hey, I can put these controls in place. They're software based. They don't require appliances. It's Layer 7, so it has contextual awareness and it's works on every single cloud. >> We talked about the pandemic being an accelerator. It really was a catalyst to really rethink. Remember we used to talk about Pat as a security do over. He's like, yes, if it's the last thing I do, I'm going to fix security. Well, he decided to go try to fix Intel instead. >> He's getting some help from the government. >> But it seems like CISOs have totally rethought their security strategy. And at least in part, as a function of the pandemic. >> When I started at VMware four years ago, Pat sat me down in his office and he said to me what he said to you, which is like, "Tom," he said, "I feel like we have fundamentally changed servers. We fundamentally change storage. We fundamentally change networking. The last piece of the puzzle of security. I want you to go fundamentally change it." And I'll argue that the work that we're doing with this horizontal security, understanding the lateral movement. East- West inspection. It fundamentally changes how security works. It's got nothing to do with firewalls. It's got nothing to do with Endpoint. It's a unique capability that VMware is uniquely suited to deliver on. And so Pat, thanks for the mission. We delivered it and it's available now. >> Those WET web applications firewall for instance are around, I mean. But to your point, the perimeter's gone. >> Exactly. >> And so you got to get, there's no perimeter. so it's a surface area problem. >> Correct. And access. And entry. >> Correct. >> They're entering here easy from some manual error, or misconfiguration or bad password that shouldn't be there. They're in. >> Think about it this way. You put the front door of your house, you put a big strong door and a big lock. That's a firewall. Bad guys come in the window. >> And then the windows open. With a ladder. >> Oh my God. Cause it's hot, bad user behavior trumps good security every time. >> And then they move around room to room. We're the room to room people. We see each little piece of the thing. Wait, that shouldn't happen. Right. >> I want to get you a question that we've been seeing and maybe we're early on this or it might be just a false data point. A lot of CSOs and we're talking to are, and people in industry in the customer environment are looking at CISOs and CSOs, two roles. Chief information security officer, and then chief security officer. Amazon, actually Steven Schmidt is now CSO at Reinforce. They actually called that out. And the interesting point that he made, we had some other situations that verified this, is that physical security is now tied to online, to your point about the service area. If I get a password, I still got the keys to the physical goods too. >> Right. So physical security, whether it's warehouse for them or store or retail. Digital is coming in there. >> Yeah. So is there a CISO anymore? Is it just CSO? What's the role? Or are there two roles you see that evolving? Or is that just circumstance. >> I think it's just one. And I think that the stakes are incredibly high in security. Just look at the impact that these security attacks are having on. Companies get taken down. Equifax market cap was cut 80% with a security breach. So security's gone from being sort of a nuisance to being something that can impact your whole kind of business operation. And then there's a whole nother domain where politics get involved. It determines the fate of nations. I know that sounds grand, but it's true. And so companies care so much about it they're looking for one leader, one throat to choke. One person that's going to lead security in the virtual domain, in the physical domain, in the cyber domain, in the actual. >> I mean, you mention that, but I mean, you look at Ukraine. I mean that cyber is a component of that war. I mean, it's very clear. I mean, that's new. We've never seen. this. >> And in my opinion, the stuff that we see happening in the Ukraine is small potatoes compared to what could happen. >> Yeah. >> So the US, we have a policy of strategic deterrence. Where we develop some of the most sophisticated cyber weapons in the world. We don't use them. And we hope never to use them. Because our adversaries, who could do stuff like, I don't know, wipe out every bank account in North America. Or turn off the lights in New York City. They know that if they were to do something like that, we could do something back. >> This is the red line conversation I want to go there. So, I had this discussion with Robert Gates in 2016 and he said, "We have a lot more to lose." Which is really your point. >> So this brand. >> I agree that there's to have freedom and liberty, you got to strike back with divorce. And that's been our way to balance things out. But with cyber, the red line, people are already in banks. So they're are operating below the red line line. Red line meaning before we know you're in there. So do we move the red line down because, hey, Sony got hacked. The movie. Because they don't have their own militia. >> Yeah. >> If their were physical troops on the shores of LA breaking into the file cabinets. The government would've intervened. >> I agree with you that it creates tension for us in the US because our adversaries don't have the clear delineation between public and private sector. Here you're very, very clear if you're working for the government. Or you work for an private entity. There's no ambiguity on that. >> Collaboration, Tom, and the vendor community. I mean, we've seen efforts to try to. >> That's a good question. >> Monetize private data and private reports. >> So at VMware, I'm very proud of the security capabilities we've built. But we also partner with people that I think of as direct competitors. We've got firewall vendors and Endpoint vendors that we work with and integrate. And so coopetition is something that exists. It's hard. Because when you have these kind of competing. So, could we do more? Of course we probably could. But I do think we've done a fair amount of cooperation, data sharing, product integration, et cetera. And as the threats get worse, you'll probably see us continue to do more. >> And the government is going to trying to force that too. >> And the government also drives standards. So let's talk about crypto. Okay. So there's a new form of encryption coming out called processing quantum. >> Quantum. Quantum computers have the potential to crack any crypto cipher we have today. That's bad. Okay. That's not good at all because our whole system is built around these private communications. So the industry is having conversations about crypto agility. How can we put in place the ability to rapidly iterate the ciphers in encryption. So, when the day quantum becomes available, we can change them and stay ahead of these quantum people. >> Well, didn't NIST just put out a quantum proof algo that's being tested right now by the community? >> There's a lot of work around that. Correct. And NIST is taking the lead on this, but Google's working on it. VMware's working on it. We're very, very active in how do we keep ahead of the attackers and the bad guys? Because this quantum thing is a, it's an x-ray machine. It's like a dilithium crystal that can power a whole ship. It's a really, really, really powerful tool. >> Bad things will happen. >> Bad things could happen. >> Well, Tom, great to have you on the theCube. Thanks for coming on. Take the last minute to just give a plug for what's going on for you here at VMWorld this year, just VMware Explore this year. >> Yeah. We announced a bunch of exciting things. We announced enhancements to our NSX family, with our advanced load balancer. With our edge firewall. And they're all in service of one thing, which is helping our customers make their private cloud like the public cloud. So I like to say 0, 0, 0. If you are in the cloud operating model, you have zero proprietary appliances. You have zero tickets to launch a workload. You have zero network taps and Zero Trust built into everything you do. And that's what we're working on. Pushing that further and further. >> Tom Gill, senior vices president, head of the networking at VMware. Thanks for coming on. We do appreciate it. >> Thanks for having us. >> Always getting the security data. That's killer data and security of the two ops that get the most conversations around DevOps and Cloud Native. This is The theCube bringing you all the action here in San Francisco for VMware Explore 2022. I'm John Furrier with Dave Vellante. Thanks for watching. (bright music)

>>Welcome back everyone Cube's live coverage here. Day two, two sets, three days of cube coverage here at VMware Explorer. This is our 12th year covering VMware's annual conference, formally called world I'm Jean Dave ante. We'd love seeing the progress and we've got great security comes Tom Gill, senior rights, president general manager, networking and advanced security business group at VMware. Great to see you. Thanks for coming on. Thanks >>For having me. Yeah, really happy we could have you on, you know, I think, I think this is my sixth edition on the cube. Like, do I get freaking flyer points or anything? >>Yeah, you get first get the VIP badge. We'll make that happen. You can start getting credits. >>Okay. There we go. >>We won't interrupt you. No, seriously, you got a great story in security here. The security story is kind of embedded everywhere, so it's not like called out and, and blown up and talked specifically about on stage. It's kind of in all the narratives in, in the VM world for this year. Yeah. But you guys have an amazing security story. So let's just step back into set context. Tell us the security story for what's going on here at VMware and what that means to this super cloud multi-cloud and ongoing innovation with VMware. Yeah, >>Sure thing. So, so probably the first thing I'll point out is that, that security's not just built in at VMware it's built differently, right? So we're not just taking existing security controls and cut and pasting them into, into our software. But we can do things because of our platform because of the virtualization layer that you really can't do with other security tools and where we're very, very focused is what we call lateral security or east west movement of an attacker. Cuz frankly, that's the name of the game these days. Right? Attackers, you gotta assume that they're already in your network. Okay. Already assume that they're there, then how do we make it hard for them to get to what the, the stuff that you really want, which is the data that they're, they're going after. Right. And that's where we, >>We really should. All right. So we've been talking a lot coming into world VMware Explorer and here the event about two things security as a state. Yeah. I'm secure right now. Yeah. Or I, I think I'm secure right now, even though someone might be in my network or in my environment to the notion of being defensible. Yeah. Meaning I have to defend and be ready at a moment's notice to attack, fight, push back red team, blue team, whatever you're gonna call it, but something's happening. I gotta be a to defend. Yeah. >>So you, what you're talking about is the principle of zero trust. So the, the, when we, when I first started doing security, the model was we have a perimeter and everything on one side of the perimeter is dirty, ugly, old internet and everything on this side known good, trusted what could possibly go wrong. And I think we've seen that no matter how good you make that perimeter, bad guys find a way in. So zero trust says, you know what? Let's just assume they're already in. Let's assume they're there. How do we make it hard for them to move around within the infrastructure and get to the really valuable assets? Cuz for example, if they bust into your laptop, you click on a link and they get code running on your machine. They might find some interesting things on your machine, but they're not gonna find 250 million credit cards. Right. Or the, the script of a new movie or the super secret aircraft plans, right. That lives in a database somewhere. And so it's that movement from your laptop to that database. That's where the damage is done. Yeah. And that's where VMware shines. If they don't >>Have the right to get to that database, they're >>Not >>In and it's not even just the right, like, so they're so clever. And so sneaky that they'll steal a credential off your machine, go to another machine, steal a credential off of that. So it's like they have the key to unlock each one of these doors and we've gotten good enough where we can look at that lateral movement, even though it has a credential and a key where like, wait a minute, that's not a real CIS admin making a change. That's ransomware. Yeah. Right. And that's, that's where we, you have to earn your way in. That's right. That's >>Right. Yeah. And we're all, there's all kinds of configuration errors. But also some, some I'll just user problems. I've heard one story where there's so many passwords and username and passwords and systems that the bad guy's scour, the dark web for passwords that have been exposed. Correct. And go test them against different accounts. Oh one hit over here. Correct. And people don't change their passwords all the time. Correct? Correct. That's a known, known vector. We, >>We just, the idea that users are gonna be perfect and never make mistake. Like how long have we been doing this? Like humans with the weakest link. Right. So, so, so people are gonna make mistakes. Attackers are gonna be in here's another way of thinking about it. Remember log for J. Remember that whole ago, remember that was a Christmas time. That was nine months ago. And whoever came up with that, that vulnerability, they basically had a skeleton key that could access every network on the planet. I don't know if a single customer that was said, oh yeah, I wasn't impacted by log for J. So seers, some organized entity had access to every network on the planet. What was the big breach? What was that movie script that got stolen? So there wasn't one. Right? We haven't heard anything. So the point is the goal of attackers is to get in and stay in. Imagine someone breaks into your house, steals your laptop and runs. That's a breach. Imagine someone breaks into your house and stays for nine months. Like it's untenable, the real world. Right, right. >>We don't even go in there. They're still in there >>Watching your closet. Exactly. Moving around, nibbling on your ni line, your cookies. You know what I mean? Drinking your beer. >>Yeah. So, so let's talk about how this translates into the new reality of cloud native, because now know you hear about, you know, automated pen testing is a, a new hot thing right now you got antivirus on data. Yeah. Is hot is hot within APIs, for instance. Yeah. API security. So all kinds of new hot areas, cloud native is very iterative. You know, you, you can't do a pen test every week. Right. You gotta do it every second. Right. So this is where it's going. It's not so much simulation. It's actually real testing. Right. Right. How do you view that? How does that fit into this? Cuz that seems like a good direction to me. >>Yeah. It, it, it fits right in. And you were talking to my buddy AJ earlier about what VMware can do to help our customers build cloud native applications with, with Zu, my team is focused on how do we secure those applications? So where VMware wants to be the best in the world is securing these applications from within looking at the individual piece parts and how they talk to each other and figuring out, wait a minute. That, that, that, that, that should never happen by like almost having an x-ray machine on the ins of the application. So we do it for both for VMs and for container based applications. So traditional apps are VM based. Modern apps are container based and we, and we have a slightly different insertion mechanism. It's the same idea. So for VMs, we do it with the hypervisor, with NSX, we see all the inner workings in a container world. >>We have this thing called a service me that lets us look at each little snippet of code and how they talk to each other. And once you can see that stuff, then you can actually apply. It's almost like common sense logic of like, wait a minute. You know, this API is giving back credit card numbers and it gives five an hour. All of a sudden, it's now asking for 20,000 or a million credit card that doesn't make any sense. Right? The anomalies stick out like a sore thumb. If you can see them. And VMware, our unique focus in the infrastructure is that we can see each one of these little transactions and understand the conversation. That's what makes us so good at that east west or lateral >>Security. Yeah. You don't belong in this room, get out or that that's right. Some weird call from an in-memory database, something over >>Here. Exactly. Where other, other security solutions won't even see that. Right. It's not like there algorithms aren't as good as ours or, or better or worse. It's that, it's the access to the data. We see the, the, the, the inner plumbing of the app. And therefore we can protect >>The app from, and there's another dimension that I wanna get in the table here, cuz to my knowledge only AWS, Google, I, I believe Microsoft and Alibaba and VMware have this, it nitro the equivalent of a nitro. Yes. Project Monterey. Yeah. That's unique. It's the future of computing architectures. Everybody needs a nitro. I've I've written about this. Yeah. Right. So explain your version. Yeah. Project. It's now real. It's now in the market right. Or soon will be. Yeah. Here. Here's our mission salient aspects. Yeah. >>Here's our mission of VMware is that we wanna make every one of our enterprise customers. We want their private cloud to be as nimble, as agile, as efficient as the public cloud >>And secure >>And secure. In fact, I'll argue, we can make it actually more secure because we're thinking about putting security everywhere in this infrastructure. Right. Not just on the edges of it. So, so, so, okay. How do we go on that journey? As you pointed out, the public cloud providers realized, you know, five years ago that the right way to build computers was not just a CPU and a GPU graphics process, unit GPU, but there's this third thing that the industry's calling a DPU data processing unit. So there's kind of three pieces of a computer. And the DPU is sometimes called a smart Nick it's the network interface card. It does all that network handling and analytics and it takes it off the CPU. So they've been building and deploying those systems themselves. That's what nitro is. And so we have been working with the major Silicon vendors to bring that architecture to everybody. So, so with vSphere eight, we have the ability to take the network processing that east west inspection. I talked about, take it off of the CPU and put it into this dedicated processing element called the DPU and free up the CPU to run the applications that AJ and team are building. >>So no performance degradation at all, correct. >>To CPU >>Offload. So even the opposite, right? I mean you're running it basically bare metal speeds. >>Yes, yes. And yes. >>And, and, and you're also isolating the, the storage right from the, from the, the, the security, the management. And >>There's an isolation angle to this, which is that firewall that we're putting everywhere. Not just that the perimeter, we put it in each little piece of the server is running when it runs on one of these DPU, it's a different memory space. So even if, if an attacker gets to root in the OS, they it's very, very, never say never, but it's very difficult. >>So who has access to that? That, that resource >>Pretty much just the infrastructure layer, the cloud provider. So it's Google Microsoft, you know, and the enterprise, the >>Application can't get in, >>Can't get in there. Cause it, you would've to literally bridge from one memory space to another, never say never, but it would be very, very, >>It hasn't earned the trust >>To get it's more than Bob wire. It's, it's, it's multiple walls and, and >>It's like an air gap. It puts an air gap in the server itself so that if the server's compromised, it's not gonna get into the network really powerful. >>What's the big thing that you're seeing with this super cloud transition we're seeing, we're seeing, you know, multicloud and this new, not just SAS hosted on the cloud. Yeah. You're seeing a much different dynamic of combination of large scale CapEx, cloud native. And then now cloud native develops on premises and edge kind of changing what a cloud looks like if the cloud's on a cloud. So rubber customer, I'm building on a cloud and I have on-prem stuff. So I'm getting scale CapEx relief from the, from the cap, from the hyperscalers. >>I, I think there's an important nuance on what you're talking about, which is, is in the early days of the cloud customers. Remember those first skepticism? Oh, it'll never work. Oh, that's consumer grade. Oh, that's not really gonna work. And some people realize >>It's not secure. Yeah. >>It, it's not secure that one's like, no, no, no, it's secure. It works. And it, and it's good. So then there was this sort of over rush. Like let's put everything on the cloud. And I had a lot of customers that took VM based applications said, I'm gonna move those onto the cloud. You gotta take 'em all apart, put 'em on the cloud and put 'em all back together again. And little tiny details, like changing an IP address. It's actually much harder than it looks. So my argument is for existing workloads for VM based workloads, we are VMware. We're so good at running VM based workloads. And now we run them on anybody's cloud. So whether it's your east coast data center, your west coast data center, Amazon, Google, Microsoft, Alibaba, IBM keep going. Right. We pretty much every, and >>The benefit of the customer is what you >>Can literally vMotion and just pick it up and move it from private to public public, to private, private, to public, public, back and forth. >>Remember when we called VMO BS years ago. Yeah, yeah, yeah. >>We were really, skeptic is >>Powerful. We were very skeptical. We're like, that'll never happen. I mean, we were, I mean, it's supposed to be pat ourselves on the back. We, well, >>Because it's alchemy, it seems like what you can't possibly do that. Right. And so, so, so, and now we do it across clouds, right? So we can, you know, it's not quite VMO, but it's the same idea. You can just move these things over. I have one customer that had a production data center in the Ukraine, things got super tense, super fast, and they had to go from their private cloud data center in the Ukraine to a public cloud data center outta harm's way. They did it over a weekend, 48 hours. If you've ever migrated data, that's usually six months, right? And a lot of heartburn and a lot of angst, boom. They just drag and drop, moved it on over. That's the power of what we call the cloud operating model. And you can only do this when all your infrastructure's defined in software. >>If you're relying on hardware, load, balancers, hardware, firewalls, you can't move those. They're like a boat anchor. You're stuck with them. And by the way, really, really expensive. And by the way, they eat a lot of power, right? So that was an architecture from the nineties in the cloud operating model, your data center. And this goes back to what you were talking about is just racks and racks of X 86 with these magic DPU or smart necks to make any individual node go blisteringly fast and do all the functions that you used to do in network appliances. >>We just said, AJ taking us to school and everyone else to school on applications, middleware abstraction layer. Yeah. And kit Culver was also talking about this across cloud. We're talking super cloud, super pass. If this continues to happen, which we would think it will happen. What does the security posture look like? It has. It feels to me. And again, this is, this is your wheelhouse. If super cloud happens with this kind of past layer where there's B motioning going on, all kinds of yeah. Spanning applications and data. Yeah. Across environments. Yeah. Assume there's an operating system working on behind the scenes. Right. What's the security posture in all this. Yeah. >>So remember my narrative about like VA guys are getting in and they're moving around and they're so sneaky that they're using legitimate pathways. The only way to stop that stuff is you've gotta understand it at what, you know, we call layer seven at the application layer the in, you know, trying to do security, the infrastructure layer. It was interesting 20 years ago, kind of less interesting 10 years ago. And now it's becoming irrelevant because the infrastructure is oftentimes not even visible, right. It's buried in some cloud provider. So layer seven, understanding, application awareness, understanding the APIs and reading the content. That's the name of the game in security. That's what we've been focused on. Right. Nothing to do with >>The infras. And where's the progress bar on that, that paradigm early one at the 10, 10 being everyone's doing it >>Right now. Well, okay. So we, as a vendor can do this today. All the stuff I talked about about reading APIs, understanding the, the individual services looking at, Hey, wait a minute. This credit card anomalies, that's all shipping production code. Where is it in customer adoption life cycle, early days, 10%. So, so there's a whole lot of headroom. We, for people to understand, Hey, I can put these controls in place. There's software based. They don't require appliances. It's layer seven. So it has contextual awareness and it's works on every single cloud. >>You know, we talk about the pandemic. Being an accelerator really was a catalyst to really rethink. Remember we used to talk about pat his security a do over. He's like, yes, if it's the last thing I'm due, I'm gonna fix security. Well, he decided to go try to fix Intel instead, but, >>But, but he's getting some help from the government, >>But it seems like, you know, CISOs have totally rethought, you know, their security strategy. And, and at least in part is a function of the pandemic. >>When I started at VMware four years ago, pat sat me down in his office and he said to me what he said to you, which is like Tom, he said, I feel like we have fundamentally changed servers. We fundamentally changed storage. We fundamentally changed networking. The last piece of the puzzle of security. I want you to go fundamentally change it. And I'll argue that the work that we're doing with this, this horizontal security understanding the lateral movement east west inspection, it fundamentally changes how security works. It's got nothing to do with firewalls. It's got nothing to do with endpoint. It's a unique capability that VMware is uniquely suited to deliver on. And so pat, thanks for the mission. We delivered it and available >>Those, those wet like web applications firewall for instance are, are around. I mean, but to your point, the perimeter's gone. Exactly. And so you gotta get, there's no perimeter. So it's a surface area problem. Correct. And access and entry, correct. They're entering here easy from some manual error or misconfiguration or bad password that shouldn't be there. They're >>In. Think about it this way. You put the front door of your house, you put a big strong door and a big lock. That's a firewall bad guys, come in the window. Right. And >>Then the window's open and the window with a ladder room. Oh my >>God. Cause it's hot, bad user behavior. Trump's good security >>Every time. And then they move around room to room. We're the room to room people. Yeah. We see each little piece of the thing. Wait, that shouldn't happen. Right. >>I wanna get you a question that we've been seeing and maybe we're early on this, or it might be just a, a false data point. A lot of CSOs and we're talking to are, and people in industry in the customer environment are looking at CSOs and CSOs, two roles, chief information security officer, and then chief security officer Amazon, actually, Steven Schmidt is now CSO at reinforced. They actually called that out. Yeah. And the, and the interesting point that he made, we've had some other situations that verified. This is that physical security is now tied to online to your point about the service area. If I get a password, I still at the keys to the physical goods too. Right. Right. So physical security, whether it's warehouse for them is, or store or retail digital is coming in there. Yeah. So is there a CSO anymore? Is it just CSO? What's the role or are there two roles you see that evolving or is that just, >>Well, >>I circumstance, >>I, I think it's just one. And I think that, that, you know, the stakes are incredibly high in security. Just look at the impact that these security attacks are having on it. It, you know, companies get taken down, Equifax market cap was cut, you know, 80% with a security breach. So security's gone from being sort of a nuisance to being something that can impact your whole kind of business operation. And then there's a whole nother domain where politics get involved. Right. It determines the fate of nations. I know that sounds grand, but it's true. Yeah. And so, so, so companies care so much about it. They're looking for one liter, one throat to choke, you know, one person that's gonna lead security in the virtual domain, in the physical domain, in the cyber domain, in, in, you know, in the actual, well, it is, >>I mean, you mentioned that, but I mean, mean you look at Ukraine. I mean the, the, that, that, that cyber is a component of that war. I mean, that's very clear. I mean, that's, that's new, we've never seen >>This. And in my opinion, the stuff that we see happening in the Ukraine is small potatoes compared to what could happen. Yeah, yeah. Right. So the us, we have a policy of, of strategic deterrents where we develop some of the most sophisticated cyber weapons in the world. We don't use them and we hope never to use them because the, the, our adversaries who could do stuff like, oh, I don't know, wipe out every bank account in north America, or turn off the lights in New York city. They know that if they were to do something like that, we could do something back. >>I, this discuss, >>This is the red line conversation I wanna go there. So >>I had this discussion with Robert Gates in 2016 and he said, we have a lot more to lose, which is really >>Your point. So this brand, so I agree that there's the, to have freedom and Liberty, you gotta strike back with divorce and that's been our way to, to balance things out. Yeah. But with cyber, the red line, people are already in banks. So they're addresses are operating below the red line, red line, meaning before we know you're in there. So do we move the red line down because Hey, Sony got hacked the movie because they don't have their own militia. Yeah. If they were physical troops on the shores of LA breaking into the file cabinets. Yeah. The government would've intervened. >>I, I, I agree with you that it creates, it creates tension for us in the us because our, our adversaries don't have the clear delineation between public and private sector here. You're very, very clear if you're working for the government or you work for an private entity, there's no ambiguity on that. And so, so we have different missions in each department. Other countries will use the same cyber capabilities to steal intellectual, you know, a car design as they would to, you know, penetrate a military network. And that creates a huge hazard for us on the us. Cause we don't know how to respond. Yeah. Is that a civil issue? Is that a, a, a military issue? And so, so it creates policy ambiguity. I still love the clarity of separation of, you know, sort of the various branches of government separation of government from, >>But that, but, but bureau on multinational corporation, you then have to, your cyber is a defensible. You have to build the defenses >>A hundred percent. And I will also say that even though there's a clear D mark between government and private sector, there's an awful lot of cooperation. So, so our CSO, Alex toshe is actively involved in the whole intelligence community. He's on boards and standards and we're sharing because we have a common objective, right? We're all working together to fight these bad guys. And that's one of the things I love about cyber is that that even direct competitors, two big banks that are rivals on the street are working together to share security information and, and private, is >>There enough? Is collaboration Tom in the vendor community? I mean, we've seen efforts to try to, that's a good question, monetize private data, you know? Yeah. And private reports and, >>And, you know, like, so at VMware, we, we, I'm very proud of the security capabilities we've built, but we also partner with people that I think of as direct competitors, we've got firewall vendors and endpoint vendors that we work with and integrate. And so cooperation is something that exists. It's hard, you know, because when you have these kind of competing, you know, so could we do more? Of course we probably could, but I do think we've done a fair amount of cooperation, data sharing, product integration, et cetera, you know, and, you know, as the threats get worse, you'll probably see us continue to do more. >>And the governments is gonna trying to force that too. >>And, and the government also drives standards. So let's talk about crypto. Okay. So there's a new form of encryption coming out called quantum processing, calling out. Yeah. Yeah. Quantum, quantum computers have the potential to crack any crypto cipher we have today. That's bad. Okay. Right. That's not good at all because our whole system is built around these private communications. So, so the industry is having conversations about crypto agility. How can we put in place the ability to rapidly iterate the ciphers in encryption? So when the day quantum becomes available, we can change them and stay ahead of these quantum people. Well, >>Didn't this just put out a quantum proof algo that's being tested right now by the, the community. >>There's a lot of work around that. Correct. And, and, and this is taking the lead on this, but you know, Google's working on it, VMware's working on it. We're very, very active in how do we keep ahead of the attackers and the bad guys? Because this quantum thing is like a, it's a, it's a x-ray machine. You know, it's like, it's like a, a, a di lithium crystal that can power a whole ship. Right. It's a really, really, really powerful >>Tool. It's bad. Things will happen. >>Bad things could happen. >>Well, Tom, great to have you on the cube. Thanks for coming. Take the last minute to just give a plug for what's going on for you here at world this year, VMware explore this year. Yeah. >>We announced a bunch of exciting things. We announced enhancements to our, our NSX family, with our advanced load balancer, with our edge firewall. And they're all in service of one thing, which is helping our customers make their private cloud like the public cloud. So I like to say 0, 0, 0. If you are in the cloud operating model, you have zero proprietary appliances. You have zero tickets to launch a workload. You have zero network taps and zero trust built into everything you do. And that's, that's what we're working on and pushing that further and further. >>Tom Gill, senior vices president head of the networking at VMware. Thanks for coming up for you. Appreciate >>It. Yes. Thanks for having guys >>Always getting the security data. That's killer data and security of the two ops that get the most conversations around dev ops and cloud native. This is the queue bringing you all the action here in San Francisco for VMware. Explore 2022. I'm John furrier with Dave, Alan. Thanks for watching.

(bright upbeat music) >> In 2011, early Facebook employee and Cloudera co-founder Jeff Hammerbacher famously said, "The best minds of my generation are thinking about how to get people to click on ads, and that sucks!" Let's face it. More than a decade later, organizations continue to be frustrated with how difficult it is to get value from data and build a truly agile and data-driven enterprise. What does that even mean, you ask? Well, it means that everyone in the organization has the data they need when they need it in a context that's relevant to advance the mission of an organization. Now, that could mean cutting costs, could mean increasing profits, driving productivity, saving lives, accelerating drug discovery, making better diagnoses, solving supply chain problems, predicting weather disasters, simplifying processes, and thousands of other examples where data can completely transform people's lives beyond manipulating internet users to behave a certain way. We've heard the prognostications about the possibilities of data before and in fairness we've made progress, but the hard truth is the original promises of master data management, enterprise data warehouses, data marts, data hubs, and yes even data lakes were broken and left us wanting for more. Welcome to The Data Doesn't Lie... Or Does It? A series of conversations produced by theCUBE and made possible by Starburst Data. I'm your host, Dave Vellante, and joining me today are three industry experts. Justin Borgman is the co-founder and CEO of Starburst, Richard Jarvis is the CTO at EMIS Health, and Teresa Tung is cloud first technologist at Accenture. Today, we're going to have a candid discussion that will expose the unfulfilled, and yes, broken promises of a data past. We'll expose data lies: big lies, little lies, white lies, and hidden truths. And we'll challenge, age old data conventions and bust some data myths. We're debating questions like is the demise of a single source of truth inevitable? Will the data warehouse ever have feature parity with the data lake or vice versa? Is the so-called modern data stack simply centralization in the cloud, AKA the old guards model in new cloud close? How can organizations rethink their data architectures and regimes to realize the true promises of data? Can and will an open ecosystem deliver on these promises in our lifetimes? We're spanning much of the Western world today. Richard is in the UK, Teresa is on the West Coast, and Justin is in Massachusetts with me. I'm in theCUBE studios, about 30 miles outside of Boston. Folks, welcome to the program. Thanks for coming on. >> Thanks for having us. >> Okay, let's get right into it. You're very welcome. Now, here's the first lie. The most effective data architecture is one that is centralized with a team of data specialists serving various lines of business. What do you think Justin? >> Yeah, definitely a lie. My first startup was a company called Hadapt, which was an early SQL engine for IDU that was acquired by Teradata. And when I got to Teradata, of course, Teradata is the pioneer of that central enterprise data warehouse model. One of the things that I found fascinating was that not one of their customers had actually lived up to that vision of centralizing all of their data into one place. They all had data silos. They all had data in different systems. They had data on prem, data in the cloud. Those companies were acquiring other companies and inheriting their data architecture. So despite being the industry leader for 40 years, not one of their customers truly had everything in one place. So I think definitely history has proven that to be a lie. >> So Richard, from a practitioner's point of view, what are your thoughts? I mean, there's a lot of pressure to cut cost, keep things centralized, serve the business as best as possible from that standpoint. What does your experience show? >> Yeah, I mean, I think I would echo Justin's experience really that we as a business have grown up through acquisition, through storing data in different places sometimes to do information governance in different ways to store data in a platform that's close to data experts people who really understand healthcare data from pharmacies or from doctors. And so, although if you were starting from a greenfield site and you were building something brand new, you might be able to centralize all the data and all of the tooling and teams in one place. The reality is that businesses just don't grow up like that. And it's just really impossible to get that academic perfection of storing everything in one place. >> Teresa, I feel like Sarbanes-Oxley have kind of saved the data warehouse, right? (laughs) You actually did have to have a single version of the truth for certain financial data, but really for some of those other use cases I mentioned, I do feel like the industry has kind of let us down. What's your take on this? Where does it make sense to have that sort of centralized approach versus where does it make sense to maybe decentralize? >> I think you got to have centralized governance, right? So from the central team, for things like Sarbanes-Oxley, for things like security, for certain very core data sets having a centralized set of roles, responsibilities to really QA, right? To serve as a design authority for your entire data estate, just like you might with security, but how it's implemented has to be distributed. Otherwise, you're not going to be able to scale, right? So being able to have different parts of the business really make the right data investments for their needs. And then ultimately, you're going to collaborate with your partners. So partners that are not within the company, right? External partners. We're going to see a lot more data sharing and model creation. And so you're definitely going to be decentralized. >> So Justin, you guys last, jeez, I think it was about a year ago, had a session on data mesh. It was a great program. You invited Zhamak Dehghani. Of course, she's the creator of the data mesh. One of our fundamental premises is that you've got this hyper specialized team that you've got to go through if you want anything. But at the same time, these individuals actually become a bottleneck, even though they're some of the most talented people in the organization. So I guess, a question for you Richard. How do you deal with that? Do you organize so that there are a few sort of rock stars that build cubes and the like or have you had any success in sort of decentralizing with your constituencies that data model? >> Yeah. So we absolutely have got rockstar data scientists and data guardians, if you like. People who understand what it means to use this data, particularly the data that we use at EMIS is very private, it's healthcare information. And some of the rules and regulations around using the data are very complex and strict. So we have to have people who understand the usage of the data, then people who understand how to build models, how to process the data effectively. And you can think of them like consultants to the wider business because a pharmacist might not understand how to structure a SQL query, but they do understand how they want to process medication information to improve patient lives. And so that becomes a consulting type experience from a set of rock stars to help a more decentralized business who needs to understand the data and to generate some valuable output. >> Justin, what do you say to a customer or prospect that says, "Look, Justin. I got a centralized team and that's the most cost effective way to serve the business. Otherwise, I got duplication." What do you say to that? >> Well, I would argue it's probably not the most cost effective, and the reason being really twofold. I think, first of all, when you are deploying a enterprise data warehouse model, the data warehouse itself is very expensive, generally speaking. And so you're putting all of your most valuable data in the hands of one vendor who now has tremendous leverage over you for many, many years to come. I think that's the story at Oracle or Teradata or other proprietary database systems. But the other aspect I think is that the reality is those central data warehouse teams, as much as they are experts in the technology, they don't necessarily understand the data itself. And this is one of the core tenets of data mesh that Zhamak writes about is this idea of the domain owners actually know the data the best. And so by not only acknowledging that data is generally decentralized, and to your earlier point about Sarbanes-Oxley, maybe saving the data warehouse, I would argue maybe GDPR and data sovereignty will destroy it because data has to be decentralized for those laws to be compliant. But I think the reality is the data mesh model basically says data's decentralized and we're going to turn that into an asset rather than a liability. And we're going to turn that into an asset by empowering the people that know the data the best to participate in the process of curating and creating data products for consumption. So I think when you think about it that way, you're going to get higher quality data and faster time to insight, which is ultimately going to drive more revenue for your business and reduce costs. So I think that that's the way I see the two models comparing and contrasting. >> So do you think the demise of the data warehouse is inevitable? Teresa, you work with a lot of clients. They're not just going to rip and replace their existing infrastructure. Maybe they're going to build on top of it, but what does that mean? Does that mean the EDW just becomes less and less valuable over time or it's maybe just isolated to specific use cases? What's your take on that? >> Listen, I still would love all my data within a data warehouse. I would love it mastered, would love it owned by a central team, right? I think that's still what I would love to have. That's just not the reality, right? The investment to actually migrate and keep that up to date, I would say it's a losing battle. Like we've been trying to do it for a long time. Nobody has the budgets and then data changes, right? There's going to be a new technology that's going to emerge that we're going to want to tap into. There's going to be not enough investment to bring all the legacy, but still very useful systems into that centralized view. So you keep the data warehouse. I think it's a very, very valuable, very high performance tool for what it's there for, but you could have this new mesh layer that still takes advantage of the things I mentioned: the data products in the systems that are meaningful today, and the data products that actually might span a number of systems. Maybe either those that either source systems with the domains that know it best, or the consumer-based systems or products that need to be packaged in a way that'd be really meaningful for that end user, right? Each of those are useful for a different part of the business and making sure that the mesh actually allows you to use all of them. >> So, Richard, let me ask you. Take Zhamak's principles back to those. You got the domain ownership and data as product. Okay, great. Sounds good. But it creates what I would argue are two challenges: self-serve infrastructure, let's park that for a second, and then in your industry, one of the most regulated, most sensitive, computational governance. How do you automate and ensure federated governance in that mesh model that Teresa was just talking about? >> Well, it absolutely depends on some of the tooling and processes that you put in place around those tools to centralize the security and the governance of the data. And I think although a data warehouse makes that very simple 'cause it's a single tool, it's not impossible with some of the data mesh technologies that are available. And so what we've done at EMIS is we have a single security layer that sits on top of our data mesh, which means that no matter which user is accessing which data source, we go through a well audited, well understood security layer. That means that we know exactly who's got access to which data field, which data tables. And then everything that they do is audited in a very kind of standard way regardless of the underlying data storage technology. So for me, although storing the data in one place might not be possible, understanding where your source of truth is and securing that in a common way is still a valuable approach, and you can do it without having to bring all that data into a single bucket so that it's all in one place. And so having done that and investing quite heavily in making that possible has paid dividends in terms of giving wider access to the platform, and ensuring that only data that's available under GDPR and other regulations is being used by the data users. >> Yeah. So Justin, we always talk about data democratization, and up until recently, they really haven't been line of sight as to how to get there, but do you have anything to add to this because you're essentially doing analytic queries with data that's all dispersed all over. How are you seeing your customers handle this challenge? >> Yeah, I mean, I think data products is a really interesting aspect of the answer to that. It allows you to, again, leverage the data domain owners, the people who know the data the best, to create data as a product ultimately to be consumed. And we try to represent that in our product as effectively, almost eCommerce like experience where you go and discover and look for the data products that have been created in your organization, and then you can start to consume them as you'd like. And so really trying to build on that notion of data democratization and self-service, and making it very easy to discover and start to use with whatever BI tool you may like or even just running SQL queries yourself. >> Okay guys, grab a sip of water. After the short break, we'll be back to debate whether proprietary or open platforms are the best path to the future of data excellence. Keep it right there. (bright upbeat music)

(bright upbeat music) >> Welcome back to theCube's coverage of AWS re:Invent 2021. This is "theCube". We go out to the events. We extract the signal from the noise. We're here at a live event, hybrid event, two sets. We had two remote studios prior to the event, over 100 interviews. Really excited to have George Elissaios here. He's the director of product management for EC2 Edge, really interesting topic at AWS. George, great to see you. Thanks for coming on. >> Yeah, great to be here. Thanks for having me. >> So, everybody's talking about Edge, IoT, EC2. What's the scope of your portfolio, your responsibility? >> Yeah, well, our vision here at AWS is to really bring the power of the AWS platform wherever customers need it. AWS wherever our customers want it is our long-term vision. And we have a bunch of products in this space that help us do that and help us enable our customers whatever their use case is. So we have things like Wavelength. I know we talked about Wavelength before here in "theCube", where we bring full AWS service at the edge of the 5G network, so with 5G edge computing in partnership with telcos worldwide, our partnership with Verizon in the US has been flourishing. We're up to, I think, 15 or more Wavelength zones right now in many of the major cities in the US, but also in Japan and Korea, and in Europe with Vodafone. So that's one of the portfolio kind of offerings. And that helps you as a customer of AWS if you want to have the best latency to mobile devices, whether they are sensors, or mobile phones, or what have you. But we're also feeling out that Edge portfolio with local zones. Earlier today in Werner's keynote, we announced that we're going to launch another 30 local zones in 20 new countries, everywhere from South America, Africa, Asia, Australia, and Europe, obviously. So a lot of expansion there. Very excited about that. And that is kind of a similar offering, but it basically brings you closer to customers in metropolitan areas over the internet. >> So, Wavelength's a big feature. George, I want to get just to touch on it because I think latency comes up a lot in Edge conversations, low latency issues, whether it's cars, factories. You guys gave a demo yesterday to the press corps in the press room, I was there, where you had someone in San Francisco from the Opera and someone in person here in Vegas, and you had 13 milliseconds going back and forth demoing, real time- >> Collaboration. >> The benefit of low latency in remote. It wasn't next door. It was San Francisco. This is kind of the purpose of what Edge is about. Can you explain what that means, that demo, why it was important, and what you were trying to show, and how does it mean for the Edge? >> So there is multiple use cases. One of them is human collaboration, right? Like, we spent the last two years of our lives over conferences and kind of like the teleconferences, and trying to talk over each other and unmute ourselves desperately. But existing solutions kind of work, generally, for most of the things that we do, but when it comes to music collaboration where milliseconds matter, it's a lot harder with existing solutions to get artists to collaborate when they're hundreds of miles away. Last night, we saw a really inspiring demo, I think, of how two top tier musicians, one located in San Francisco and one located in Vegas, can collaborate in opera, which is one of the most precise art forms in the music world. There are no beats in opera to kind of synchronize, so you really need to play off each other, right? So we provided a latency between them of less than 30 milliseconds, which translates, if you're thinking about audio or if you're thinking about the speed of sound, that's like being in the same stage. And that was very inspiring. But there's also a lot of use cases that are machine to machine communications, where even lower latencies matter, and we can think of latencies down to one millisecond, like single digit milliseconds when it comes to, for example, vehicles or robots, and things like that. So we're, with our products, we're enabling customers to drive down that latency, but also the jitter, which is the variation of latency. Especially in human communications, that is almost more important than latency itself. Your mind can adapt to latency, and you can start predicting what's going to happen, but if I'm keep changing that for you, that becomes even harder. >> Well, this is what I want to get to because you got outcomes and applications like this opera example. That's an application, I guess. So working backwards from the application, that's one thing, but now people are really starting to trying to figure out, "What is the Edge?" So I have to ask you, what is AWS's Edge? Is it Outpost, Wavelength? What do people buy to make the Edge work? >> Well, for us, is providing a breadth of services that our customers can either use holistically or combine multiple of those. So a really good example, for example, is DISH Wireless. I'm sure you know we're building with DISH the first in the world mobile network, 5G mobile network fully on cloud, right? So these combines Outposts and combines local zones in order to distribute the 5G network across nationwide. And different parts of their applications live in different edges, right? The local zone, the Outputs, and the region itself. So we have our customers... You know, I talked about how local zones is going to be, you know, in total, 45 cities in the world, right? We're already in 15 in the U.S. We're going to do another 30. But customers might still come, and say, "Oh, why are you not," you know, "in "in Costa Rica?" Well, we'll have Outposts in Costa Rica. So you could build your own offering there, or you could build on top of Outputs while you distribute the rest of your workload in existing AWS offering. So to answer your question, John, there is no single answer. I think that it is per use case and per workload that customers are going to combine or choose which one of- >> Okay, so let's go through local zones. Explain what a local zone is real quick. I know we covered it a bit last year with the virtual event, but local zones are now part of the nomenclature of the AWS language. >> Yes. >> And we know what a region is, right? So regions are regions. What's a local zone? >> When your region's saying new availability zones, and then we're just (chuckles)- >> You got availability zones. Now you got local zones. Take us through the topology, if you will, of how to think about this. >> Right, so a local zone is a fully-managed AWS infrastructure deployment. So it's owned and managed and operated by AWS. And because of that, it offers you the same elasticity, and security, and all of the goodies of the cloud, but it's positioned closer to your end customers or to your own deployment. So it's positioned in the local urban, metropolitan or industrial center closer to you. So if you think about the U.S., for example, we have a few regions, like, in the East Coast and in the West Coast, but now, we're basically extending these regions, and we're bringing more and more services to 15 cities. So if you are in Miami, there is a local zone there. If you are in LA, there is two locals zones actually in LA. That enables customers to run two different types of workloads. One is these distributed clouds or distributed Edge kind of workload that we've been hearing more and more about. Think of gaming, for example, right? Like, we have customers that are, like Supercell, that need to be closer to the gamers, wherever they are. So they're going to be using a bunch of local zones to deploy. And also, we have these hyper-local use cases, where we're talking, for example, about Netflix that are enabling in LA their creative artists to connect locally and get like as low as single millisecond latencies. So local zone is like an availability zone, but it's closer to you. It offers the same scalability, the same elasticity, the same security and the same services as the AWS cloud. And it connects back to the regions to offer you the full breadth of the platform. >> So just to clarify, so the Edge strategy essentially is to bring the cloud, AWS, the primitives, the APIs, to where the customers are in instances where they either can't move or won't move their resources into the cloud, or there's no connectivity? >> Right, we have a bunch of use cases where customers either need to be there because of regulation or because of some data gravity, so data is being generated in a specific place and you need to locally process it, or we'll have customers in this distributed use case. But I think that you're pointing out a very important thing, which is a common factor across all of these offerings. It's it is the cloud. It's not like a copycat of the cloud. It's the same API. It's the same services that you already know and use, et cetera. So extending the cloud rather than copying it around is our vision, and getting those customers who, well, connectivity obviously needs to be there. We were offering AWS Private 5G. We talked about it yesterday. >> Now, a premise that we've had is that a lot of Edge use cases will be driven by AI inferencing. And so... First of all, is that a reasonable premise, that's growing, we think, very quickly, and it has huge potential. What does the compute, if that's the correct premise, what does the compute look like for that type of workload? >> That is a great premise, and that's why we think that the model that we're offering is so powerful, because you have the Edge and the cloud fully cooperating and being connected together. You know, the Edge is a resource that's more limited than the full cloud in the AWS region. So when you're doing inferencing, what you really want to do is you want to train your models back up in the region where you get more scalability and the best prices. You know, you have the full scale of AWS. But for the latency-sensitive parts of your applications, you want to push those to the Edge. So when you're doing the actual inferencing, not the training of the models- >> Real time. Yeah. >> Real time, you push that to the Edge, whether that's if your connectivity is 5G, you can push that into a Wavelength zone. If your connectivity is wired, you can push it into a local zone. If you really need it to be in your data center, you can push it in your Outposts. So you see how our kind of like building out for all of those use cases. >> But in those instances, I'm interested in what the compute looks like, 'cause I presume it's got to be low power, low cost, super high performance. I mean, all of those things that are good for data-driven workloads. >> Right, the power, if we think here, is the same compute that you know and love in the cloud. So the same EC2 instance types, the EBS volumes, the S3 for storage, or RDS for your databases and EMR clusters. You can use the same service. And the compute is the same powerful all the way down from the hardware up to the service. >> And is the promise to customers that eventually those... It's not all of those services, right? I mean, you go to Outposts today, it continues to grow. >> Continuing to grow, yeah. Right, so but conceptually, as many services you could possibly push to the Edge, you intend to do so? >> We are pushing services according to customer requests, but also there is a nuance here. The nuance is that you push down the services that are truly latency-sensitive. You don't need to push everything down to the Edge when you're talking about latency- >> Like, what's an example of what you wouldn't push down? >> So management tools, right? So when you're doing monitoring and management, yeah, you don't need these to be at the Edge. You can do that, and you can scale that. Or, you know, batch processing, it doesn't have to be at the Edge because it's, by definition, not online, not like a latency service. So we're keeping those, like AWS Batch, for example, that's in the region because, you know, that's where customers really use it. But things like EC2, EBS, EMR, we're pushing those to the Edge because those are more- >> We got two minutes left. I want to get the Outposts kind of update. I remember when Outposts launched. It was really a seminal moment for re:Invent. Hybrid. "Oh, Andy Jassy said hybrid." Yeah. "I'll never say hybrid." But now hybrid's kind of translated into all cloud operations. Now you got local zones. A lot's changed from Amazon Web Services standpoint since Outposts launched. Local zones, things are happening. 5G, DISH. Now what's the status of Outposts? Are you guys happy with it? What has it morphed into? Is it still the same game? What is Outposts today, vis-a-vis what people may think it is or isn't? >> Yeah, we've been focusing in what we're talking about, building out a number of services that customers request, but also being in more and more places. So I think we're in more than 60, now, countries with Outposts. We've seen very good adoption. We've seen very good feedback. You know, half of my EBCs have been on Outposts, but this year, I think that one of the most exciting announcements were the Outposts servers. So the smaller form factors that enable an additional use cases, like for example, retail or even building your 5G networks. You know, one of our partners, Mavenir, is moving their 5G core, so the smarts of the network that does all the routing, on Outposts servers, and we can distribute those all over the place. So, we're keeping on the innovation. We're keeping on the expansion. And we've been getting very good customer feedback- >> So all steam ahead, full steam ahead? >> Full steam ahead plus 10%. (John laughs) >> All right, guys. Thank you so much, George. Really appreciate it. We're seeing the cloud expand. The definition is growing, kind of like the universe, John. Dave Vellante for John John Furrier. You're watching "theCube" at AWS re:Invent, the leader in high tech coverage globally. We'll be right back.

>>Mhm >>Hello and welcome to today's session of the 2021 AWS Global Public Sector Partner Awards And I'm delighted to introduce our next guests. They are chris Saks Ceo of think stack and Michael Matthews President Ceo at mutual Credit Union. I'm your host for the cube Natalie. Ehrlich of course. And we're going to highlight the most impactful nonprofit partner award. Thank you gentlemen for joining the program. >>Thank you so much for having us. >>Terrific. Well delighted for you to be here. And Michael, I'd love to start with you. How did you figure out that cloud technology was critical to the future of mutual credit union? >>It's kind of by chance, Natalie, we're sitting down, we're looking at uh, racks of equipment in our I. T. Room and trying to keep everything up to date, um software updated, become a full time job and all of my staff and sat around and it come to a point where we were spending more time keeping upgrades, keeping servers upgraded. And we asked we reached out the things that they were a network provider at the time and we said, hey, whatever, what are our options? And they came back with several options and one of them was a W. S. And we explored it and uh we've not looked back. >>Terrific. Well, can you explain in further detail how you identified some of the gaps and what stood out to you about think stack, how this uh collaboration happened specifically? >>Well, some of the major gaps that you have is, you know, we're in Vicksburg Mississippi and I would say it's probably not the I. T mecca of the United States and staffing. What was a huge requirement for us if you're gonna make a move such as this, you've got to have the staffing and then along with the staffing is okay if you go out and we hire all these individuals to help help with this journey, are they going to become bored and you know, if we uh personally, if if I asked think stack, they would say, oh yes, don't do that hire us, but that's their job there, there there are parker vendor and so we went out, we asked other vendors that we use and what are the chances of us doing this and it was slim to none. And this type of technology you want, somebody who you can call and and all honesty, I want to be able to call chris and say chris, I'm having a problem versus, you know, one of my team called me and say we're having a problem, I'd rather call it and I love the vendor relationship. It has worked out well. Our major gaps in staffing though, Natalie >>what about staffing? >>That was our major gap. >>Oh God, it got it. Well, chris let's move on to you now. I'd love it if you could explain, you know, in some detail for our audience about the methodology of your company and also how you help your clients visualize their transformation processes. >>Yeah, for sure. Thanks Natalie. So we work with credit unions around the country and many of them are facing similar challenges to Michael at mutual. And in addition to staffing, they're often challenged with just the uncertain future of technology and that can include things like hurricanes, wildfires, various different disasters, pandemics and having to work remotely. But it also includes all of the opportunities that exist in transformative technologies for credit union. They need to keep pace with organizations like Robin Hood and stash and some of these other organizations that are providing cutting edge mobile apps and technology to their customers. And so how do you as an organization generally, that's a small nonprofit organization. How do you build the technology that will allow you to have a foundation to respond and react to whatever the world happens to throw actually, be that an opportunity to take advantage of for growth or some kind of risk from a cyber attack to a natural disaster. So what we try to do with our clients is take a very human centered approach first. And the idea behind that is to not walk in the door and talk about all the wonderful benefits of AWS or any other particular technology, but rather look at What do you expect. So if you take Michael, for example, you know, sitting down with him and trying to look out 10 years, what do you expect the industry to look like? What do you expect your organization to look like in? What goals do you have as a credit? You need to take advantage of those opportunities and to mitigate those risks. Once you identify those business needs, we can start looking at the humans that are involved in that experience. And so that would obviously be the employees and partners and vendors that support and make up the team at the credit union. And then obviously it's their current members and then any other members that they want to attract. And so you have to look at both sides of this. How how do you work securely efficiently? Um, as an employee on the flip side, how do you serve your members as well as you can serve them with cutting edge technology with technology that's always up and available. And then obviously with, with utmost security. So as we identify and build that picture, uh, we we generally do that with stick figures Natalie so we try to go in and and you know take um different personas and we use journey mapping and we use strategic foresight and various other exercise that help us uh literally paint a picture. Um and then from there we kind of back into that and say okay in order for you to accomplish these things into Have the organization that you want to have the next 10 years, what is your technology foundation and footprint need to look like to support that. And that's where we start to then back into that design which typically would include some type of public cloud services like AWS among other technologies from a cyber security perspective to build out that foundation and then allow them To respond and react to whatever the world throws at him over the next 10 years. >>Terrific. Well Michael would love to get your insight. How did you experience that human centered design focus, that think stack uh you know, is known for >>I think that's what says things take apart. You know, we there's numerous vendors you can go direct, there's there's plenty of software, there's plenty of technology out there you can buy. And as a credit union we can go out, we can just about get anything we wanted. But when we have a problem that we're trying to solve, it's not about that, it's about sitting down with chris his team and saying chris this this is a problem. We recently had one in password management, but we just this is a problem we're having. How do we solve this problem? And so the focus is not about trying to sell you another software. The focus is about solving the problem and having your staff and your team work more efficiently and effectively at their task. At the end of the day, you know, we're not arty people were in the financial service business. We rely on the solutions that we have to to help us do our jobs better and serve our members more effectively. >>Yeah, well, chris uh, you know, from your perspective, obviously human centered designed a really big component of your business, but what other key feature set your business apart from the competitive landscape? >>So I think the human centered design bleeds into another area that we really pride ourselves on, which is which is education and what I will call plain talk. So again, as Michael said, these organizations are our financial services, they're not technology experts, so you need to be able to communicate to those teams, those boards of directors, executive teams in a way that they can understand, and it can be uh somewhat difficult to talk about complex technical problems, um but when you boil it down back to that experience level, or you boil it down to a picture, it becomes a little easier to talk about. And what we want to be able to do as a partner is make sure our clients have confidence in the services or the products that they're purchasing, that they understand. How is this investment going to impact our credit union? How is this going to impact our members? And is this the right investment? It investments are, are significant. So we need to make sure that both parties understand the expectations of that investment and why they're doing that. So we take a lot of pride in the education and then probably the biggest piece uh and you know, it's one of those things that can be unappreciated, but its cybersecurity building, our infrastructure's with the tools and the processes and and the techniques so that everyone stays secure. I can tell you that there is nothing that would derail a digital transformation of an organization faster than a breach. So it's very important for us to make sure that those organizations, that everything that we do as fun as it is to talk about transformational technology equally as important that everything stays secure as we do it. >>Yeah. Well, excellent point. Certainly cybersecurity going to be a top uh topic for 2021 and beyond. Now, Michael, I'd like to move to you um what were the expected and unexpected business outcomes as a result of this partnership? >>Well, now we we we expected to have issues in the transition, which we really didn't um, I'll be honest with you, we we expected to have failures of servers. We expected stuff not to work because we were told by some of our other vendors that this will not work in a W S. Um and we were very surprised that most everything worked on AWS and it worked even better. Um some of the unexpected. So one of the main drivers of us moving to AWS was, I told you we had were limited on Rackspace I T room is when we want to implement a new service today, everything requires its own server. So everything needs an independent service, virtual server or physical server. We did not know how fast that could be done. So we would send a ticket in uh and we would say, hey, we need a new server here. The specs we're putting on this vendor, this is our time frame and we will get an email back the next morning. The servers ready to go where before? We weren't we didn't have that. That that was not an option. The main delay for new projects was to build up time and we weren't expecting that speech. No longer was that we all we expected that hey, we're not in a rush, but it'll be at least three months. And so now the team has to be ready to go as soon as you send the request in that we need this server is done uh and its speed up, speed up our time from uh, the idea our concept to going live with projects and we weren't that was something we had to get adjusted to. >>Yeah. And following up on that. What were some of the rational as well as the emotional impacts as a result of this collaboration? >>All right too. Two things and I don't know if they meet their, meet your that answer your question directly. But so one item we had in in a call, it's been several weeks back is when is the last time that anyone had to call it? Said, hey, I'm not working. My my can't access the server or I can complete dysfunction. And it's not been that way. We we've seen significantly improved up time, not only externally for our members who are logging in to do home banking or any other, any other feature, but internally for our staff we saw and I think it's just the entire transformation just made our company more resilient. What that was. I was as the metric we were seeing fewer instances of downtime. If we have downtown now, it's a power. We had an ice storm here in Mississippi, which is rare. Uh and we were down for a day. Um and if you lose internet today at any business you're down um The emotional side of I tell you, and it's been several years back on July four, we had a major major failure and our entire network was down and we this is prior to us moving to AWS and I'll just tell you I go home at night, this is the peace of mind that you can't put a dollar value on. I go home at night. And the last thing I'm worried about is my I. T. Network. I'm not worried about up time, I'm not worried about members, you know, going on facebook or any other social media and saying hey we can't we can't access your site what's going on and we don't have that anymore. And you know, I'm sure we could have had it any other way. But I leave that to the process of us moving from an in house holding everything on premise to moving to AWS, not only did it want to improve the results of those servers were able to back up to do different things, but it is to improve the overall working, working the functionality of our network. And I like I said I you can't put a dollar on this peace of mind and that is something I don't think there's any metric out there. You can measure, you can't measure that, but you know me and my team, we see it all the time. So >>Yeah, I agree, a peace of mind is certainly a priceless now Chris Let's move to you if you could outline to our audience some of the solutions that you provide, some of your other clients as well. Just give us a fuller picture of the services that you provide. Let's perhaps talk about, you know, 24/7 socks um services as well as data loss prevention or anything else that you think would be of interest to our audience? >>Yeah, for sure. So so obviously we I like to think of us like we design so we come in and we like to help you design and and figure out what your network needs to look like. That's not only your server and production network but also routing, switching. So Land Win S T Win various other networking projects equally. It's important that you can access the cloud as it is to move to the cloud, help with with productivity suite collaboration tools. Um and then finally, cyber security is a big part of that as well. So we try to come in and and look at all those things on the cybersecurity side. Very similar concept of what we do on the, on the cloud side, which is well design the tools and the infrastructure on the perimeter of the network, the configuration of any cloud environments, um such that they're secure and appropriate for your organization. Uh look at active directory or whatever organizational user management system you have to be using, implement those tools. Um and then as you mentioned, Natalie, we have a 24 x seven socks um with analysts watching that um that are all things that employees watching that board responding and reacting um using our our sin platform. And then we also have a 24 by seven uh network operations center or knocked. Um that is managing both the on site uh tools and network as well as any cloud uh networks that that they may have, keeping them up to date, doing all the routine maintenance, I will say from a cyber security perspective while it's not called the sock, the knock is just as important for cybersecurity as is the knock because we see that many cybersecurity attacks are often just taking advantage of systems that are not kept up to date. So the knock and that preventative maintenance is so important. So we do that for a lot of our clients. Some people pick and choose certain features. Some people use all of our services. >>Yeah. Terrific. Is that what you mean by security that's made to order? >>Yeah, exactly. Um you know, I think that's true of all technology. Um the biggest thing that we can do his look at the systems that you have during that design phase, we not only look at what technology should be should you be using, but also we take an assessment of your current team, What talent does your team have and where can we fill gaps if you have people that are doing security really well or you're doing preventative maintenance or some of these features? Uh Certainly you should keep that in house and we'll try to build services around those individuals that you have so that you're utilizing your talent to the best of your abilities and we're really fitting in um where you need us. >>Yeah. Terrific. Well, um you know, Michael, I'd like to shift to you now. What do you think will be the broader impact, you know, for the credit union industry? If others are not, you know, adopting the same kind of technologies um you know, to secure their cloud strategies. Mhm. >>I think whether credit unions want to or not, they're moving to the cloud. Um Most of our newest vendors are all cloud based. Um And so yes, he's either do it now or do it later. Which one do you want to be? And I do think that you're going to see more and more larger credit unions begin to move and it's scalable. It's more up time. It's easier to back up. A lot of people are hesitant. They don't want to take their information and move it out of town. They try to find a local data center are somewhere secure. And, and we looked at is what's the difference? You know, we, we we don't have latency issues with internet and fiber today. And so what is the difference of movement out of town and move to AWS by moving out of town? I still on the servers. I still leased the space. I still have to go over there. We have to have somebody there at all the time. And I'll be honest with you, I look at AWS as a trusted partner versus trying someone and then, and then it's not working locally and there's a lot of data centers you can, you can move to um I think I think it's going to come to the industry one way or the other. >>Yeah. Well, Terrific. Do you have any insight or you know, perhaps advice for another credit union who will, you know, like to take the next step? But, you know, as you mentioned, maybe a bit hesitant, >>I think doing your homework on it and looking at it as a, as a viable option is the first step. I know when I took it to my board and I talked about this um with chris and several people have so we we we talk about these things like the cloud, like it's this magical space and and our data is out there in Netherland and who knows where our data is. But when you break it down, you say, I have a East Coast data center and I have a West Coast data center. These are physical spaces where my dad is higher is held. Um I think it makes people think about a little differently. And and so when when you're if you're thinking about moving, if your if your in house today and you're thinking about how I'm gonna start outsourcing evaluate the cost, what are your ongoing cost, You know, who's gonna service you, Who's going to provide that service? And we've looked at other vendors over the years and I'll tell you, chris and his team have something unique that I found. Um I found very desirable in our situation is at our size and we're just under $300 million credit union. I don't think we have major projects that are too complicated to chris we're still, we're one of his better customers. I assume, chris me tell you something different in a minute, but we're not just a number, so I wouldn't go into a cube. You know, everybody knows each other. We're both small enough companies to where they're getting a lot bigger than we are now, but they're both small of companies where we're still, we we mean something to them, they care about moving to start versus just checking the box off. And so that's that's been our journey so far. Mhm. >>Yeah. Well, um, so, chris, uh, you know, first I want to know if Michael is one of your better customers, but uh, you know, really what I would I would really like to know is um, you know, what is your like, big sales pitch to? You know, as I mentioned to Michael, just some of those companies that are a little bit hesitant, a little bit on the edge. >>Michael is our best client of course because he's here doing this interview with us. No, um, you know, that that's something for us that are those, those human connections are, are, are so important and we do get very invested with any of the clients that we work with. But, um, in, in terms of the industry, I think Michael started to say at the beginning, which is, you're already there. We hear a lot of times from folks that they, I can't move to the cloud that the examiners or that the regulations do not allow them to be there. And that's, that's not true. Um, so what we're trying to do in partnership with KWS is educate the marketplaces as well as we can. Um, one of the biggest things that the cloud offers is this idea of flexibility and nimbleness and you know, unfortunately, I think Covid taught us that lesson, but there's, there's other lessons out there. I don't want to harp on Covid, I feel like that's all we talk about. Um, but if you look at any opportunity, whether it's a I machine learning, um, you know, Blockchain, pick the next technology, right? The reality is, none of us can really tell you where you're going to be in two years, maybe one year, three years, right? Like can you truly sit down after the past three years and tell me that you with no uncertainty, can tell me where your organization is going to be. And the reality is if you build your own data center right now, you have to make that guess Because you have to build something and designed for something and if you're making that investment, then you're doing that for the next probably 5-7 years. Whereas if you move to amazon you have the flexibility, whether that's scaling your organization up quickly, whether that's moving to the cloud, whether that's leveraging one of these technologies I just mentioned or in some cases even scaling back because things have hit a recession, we don't know what the future holds. But if you're in an environment like AWS, then you have the scalability and the flexibility to be able to move and pivot with that. And if you build your own and you happen to pick the wrong future, then then you could be in a bind and you've created your own limitations because you've decided to build for yourself. And I think that's the biggest thing is you can't build for yourself. You have to be flexible in this environment. That is that is the key. And the organizations that are flexible are the ones that are going to survive and thrive through all this uncertainty. Yeah. >>Well, really excellent point there. I totally agree with you. Wonderful to have you on our program. That was chris Saks Ceo of think stack as well as Michael Matthews, the president and Ceo at Mutual Credit Union. Thank you gentlemen for joining the show. Thanks so much. And that's all for this session of the AWS Global Public Sector Partner Awards. I'm your host Natalie or like thanks for >>watching. Mm.

>>mhm >>mm >>Hello and welcome back to HPD discovered 2021. My name is Dave Volonte and we're going to dig into H P E. Green Lake, we've heard a lot about this, we want to find out how real it is and test a little bit of how how can help solve your business problems. We also want to understand Green Lake relative to the competition. HPV was the first, as you probably know to declare it all in with an as a service model and virtually every major infrastructure player has now followed suit. So we want to hear from HP directly how it's different from the competition, where it's innovating and that means we're gonna poke a little bit of customer examples and how the partner ecosystem is adopting and responding to Green Lake and with me is the right person to do this is keith White, who is the senior Vice President General Manager of the Green Lake cloud services business unit at HP, keith, great to see you, thanks for coming back to the cube. >>Okay, fantastic to see you as always. So thanks so much for having me. >>Yeah, it's our pleasure. So look, we're hearing a lot leading up to discover and at this event about Green Lake you got momentum now, everybody's excited about it. What's driving demand? Where's the excitement coming from? >>No, it's a great question. And you know, the reality is customers are expecting this cloud experience, right? So they they've been using the public cloud, they've been engaging on that front and this cloud experience is really driven, a pretty high amount of customer expectations, make itself served, make it automated, make it easy to consume, only want to pay for what I'm using and then manage it all for me on the back end. But 60 to 70% of apps and data will stay on prem per Gardner and I D. C. And so give me that experience on prem. And so that's why I think Green Lake has gotten so much interest, so much positive growth and momentum is because we're bringing that cloud experience to our customers in their data center, in their Coehlo or at the edge and that's where they want to see it just as much. And so since the world is now hybrid, we have a fantastic solution for folks. >>So you, you were first in this game and so you took some arrows and I'm interested in how Green Lake has evolved, Take us through the journey maybe what were some of the bumps in the road that you had to overcome? Maybe how it compares with the competition. Maybe some of the things that they're going to have to go through as well to get to the point where you are. >>No, it's true. And you know, the great thing is HP as a company is really moving to be much more of a cloud services and software company. And you know, we're seeing this from our competition, as you mentioned, have followed suit. But in essence, you know, you have to move from just sort of providing lease type financing type scenarios for our customers into truly delivering that cloud experience. And that's what's been so exciting over this last year is we've gone from just the basic cloud services, compute storage, networking and VMS to really providing containers as a service, bare metal as a service. Uh, machine learning ops, S. A P V. D I. You know, we've now created a set of workloads and as you heard it discover we're now delivering industry solutions, so electronic medical records for hospitals or high delivery payment transaction processing for, for financial, so that the challenge of moving from just sort of leasing basic capabilities to a true cloud experience that again pay as I go, fully automated self serve, all managed for me has really been a challenge and it's exciting, it's exciting to see customers jump on and really sort of lean in and see the business value that comes from having that level of solution >>keith, am I correct in that pretty much every large tech company has a services arm and they could, they could sort of brute force, some kind of cloud like experience and that's kind of what people have done historically the layer in a financial like leasing financial as you said and and but every situation was unique, it was kind of a snowflake if you will and you guys are probably there a few years ago as well and so I'm interested in sort of how you evolved beyond that. Was it a mindset was a technology, was it sort of cultural? You know, it came from the top as well, but maybe you could describe that a little bit. >>Yeah, the ship comes from our customers because what's happening is customers no longer trying to buy component parts. They're saying it's really about Tesla's like, hey, I want you to deliver this for me. In essence, we're running the data center for them now. We're running their machine learning operations environment for them. Now, you know, we're migrating their mainframe over now. And so what's happening is these sls are really, what matters to customers like that? It's not so much about, hey, what are the speeds and feeds and this and that? And so yes, you can sort of brute force that piece of it. But what you really are having to do is create this deep partnership and relationship with your customer to truly understand their business challenges and then provide them with that capability. Now I think the things that's exciting is yes, the public cloud gives you some some significant benefits for certain workloads and certain capabilities. But what we're hearing from customers is hey, I want to have much more control over my data center. I want to ensure that it has the security required. I want to make sure that I can make the adjustments necessary and so you're doing all that at a lower cost with open platform that I can use a variety of tools and other applications just makes it that much more powerful. So I think that's what we're seeing is we're getting into what our customers really requiring and then you know the most interesting thing is how do you make it work with my entire environment because I am running Azure and I am running A W. S. And I am running google and I'm running some other things. And so how does this cloud really helped me bring all those together to really govern that hybrid estate? And that's where I think Green Lake has really shine. >>So it kind of part of the secret sauce is automation because you've got to be, you still have, you have to be competitive, you know, at least within reason to cloud cost, sometimes it's going to be less expensive, maybe sometimes it can be more expensive. You've got some advantages in certain cases where, you know, there's government governance things and and you know, we don't have to go through all that, but there's the automation but you've got to be profitable at this too. So there's the automation, there's the tooling, there's the openness. So, so that was really a key part of it. Is it not that sort of automating? >>That's right. Automation is key as is really understanding what that customer environment is and optimizing for that piece of it. And so as you heard, we're really excited to announce our Green Lake Lighthouse, which is really providing workload optimized systems that are fully managed for them that provide that capability to run multiple workloads for that customer. But at the same time, to your point, there's a lot of charges that happened on the public cloud side. So, you know, data is the new, you know, gold if you will right, everyone's trying to monetize their data, trying to use it to make decisions and really understand what's happening across their environment and in the cloud. You know, if you put it up in the cloud, you have to pay to get it out. The egress charges can be significant and it's also a bit slower at times because of the latency that happens across that that that connection. And so we are now in a situation where we're seeing a lot of customers that are really trying to analyze their data, leveraging our HPC systems, leveraging our machine learning operation systems in order to really get that data happening, Getting the dancers out much, much faster and a much lower cost than what it would cost them to do that in the cloud. >>So you have some experience at this now. I wonder if we could dig into the customers how customers are using Green Lake. Maybe you can give some examples of success. >>Yeah. Yeah, no. You know it's exciting because you know first off everyone's looking at their digital transformation and that means something different for every single customer, so really understanding what they're trying to do from a transformation standpoint and then saying, okay, well how can we bring a solution to help accelerate that? To help be uh, you know, more connected to your customers to help improve your product delivery. We went to Lyondellbasell for example, one of the largest manufacturers in the world. And you know, they said, hey look, we don't want to run our data center anymore. Most most customers are trying to get out of the data center management business and they're saying, hey, run this for me, uh let me free up resources to go focus on things that really can drive additional value for our customers instead of keeping the lights on patching, blah blah blah. So we have taken their entire environment and moved it to a Coehlo and we're managing it now for them. And so in essence we freed up not just a ton of resources, but they have also been able to drop their carbon footprint, which is also this whole sustainability push is significant as well. And then you look at a customer like care stream, one of the largest medical diagnostic companies in the world, saying hey we gotta be able to allow our doctors to be able to um analyze and diagnose things much much faster through our X ray systems and through our diagnostic machines. And so they have implemented our machine learning operations scenario to dramatically speed up those types of capabilities. So as you go down the list and you start to see these customers really um leveraging technology to meet that digital transformation, saving costs, moving their business forward, creating new business models. It's just, it's really exciting. >>What about partners keith? How how have they responded? I mean, on the one hand, you know, that's great opportunities for them, you know, they're they're transforming their own business model. On the other hand, you know, maybe they were comfortable with the old model, they got a big house, nice, nice boat, you >>know? >>But how are they changing their their their business and how are they leaning in >>similar to what we're seeing? The opportunity for partners is dramatic, right? Because what happens is you have to have a very different relationship with your customer to truly understand their digital transformation. Their business challenges the problems that they're having to address. And so where we're seeing partners really, really sort of the opportunity is where there's the services and that sort of deeper relationship piece of it. So in essence, it's creating much more opportunity because the white spaces dramatic we're seeing, I want to say it's in the 30 to $40 billion worth of market opportunity as we move into an as a service on prem world. So they're seeing that opportunity. They're seeing the ability to add services on top of that and deepen the relationship with our customers. And you know, it's it's from my SVS. We're working closely with S. A. P. For example, to deliver their new rise private cloud customer edition. We're working closely with loosest, for example, who is doing a lot of payment processing type scenarios Nutanix and their database as a service scenario and Splunk because again, we went back to the data piece and these guys are doing so much big data type implementations for risk analytics and and regulatory type scenarios. It's just significant. And so because there's such a push to keep things on prem to have the security to reduce the latency to get rid of the egress charges and everything else. There's just a significant white space for both our partners and then from our distributors and resellers, they're getting to change their business model again, to get much deeper in that relationship with our customers >>to be Green Lake is, I mean it's H. P. E. As a service, it's your platform. And so I wonder if you can think about how you're thinking about uh, share with us, How you think about platform innovation? Um, you've got the pricing model, you know, flex up, flex down. Is there other technology we should know about and other things that are going to move you forward in this battle for the next great hybrid cloud and edge platform? >>Yeah, it's a great push because if you think about it, we are Green Lake is the edge to cloud platform And in essence because we have such a strong edge capability with the arab acquisition we made a few years back. That's really significant momentum with the Silver Peak acquisition to give us SD when you've got that edge connectivity all the way up to our high performance computing. And so you'll see us deliver high performance computing as a service. We're announcing that here at discover um you'll see us announced, you know, machine learning ops I mentioned ASAP, but also a virtual desktops. I think the pandemic has brought a lot more work from home type scenarios and customers really want to have that secure desktop. And so, working with partners like Citrix and Nutanix and and VM ware and Crew were able to provide that again, unique scenario for our customers. And so, um, yeah, the innovation is going to keep coming. You know, I mentioned bare metal as a service because many people are starting to really leverage the metal that's out there. You're seeing us also engaged with folks like intel on our silicon on demand. So this is a really exciting technology because what it allows us to do is turn on cores when we need them. So hey, I need additional capacity. I need some power. Let's turn on some cores. But then I turn off those cores when I'm not using them. You go to a software core based software pricing model, like an oracle or a sequel server. I'm saving dramatic cost now because I don't have to pay for all the cores that are on the system. I'm only paying the licenses for the ones that I use. And so that should bring dramatic cost savings to our customers as well. So we're looking from the silicon all the way up. Uh you know, you hear us talk about project Aurora, which is our security capability. We're looking at the silicon level, but we're also looking at the the container and bare metal and then obviously the workloads in the industry solution. So we're sprinting forward. We're listening to our customers were taking their feedback. We're seeing what they're prioritizing and because we have that tight relationship with them as we help move them to the direction they want to go, it's giving us a ton of fantastic inside information for what really matters. >>Right, Thank you for that. So, I want to ask you about data. A lot of organizations are kind of rethinking their ideal data architecture, their organization. They're they're they're seeing the amount of data that is potentially going to be created at the edge, thinking about ai inference and influencing at the edge and maybe reimagining their data organization in this age of insight. I wonder how Green Lake fits into that. How are you thinking about the new era of data and specifically Green Lakes role? >>Yeah, you mentioned the age of insights and and it really is right. So we've moved sort of as the next phase of digital transformation is basically saying, hey look, I've got all this data. I've got to first get my arms around my data estate because in essence it's in all these different pockets around. And so Green Lake gives you that ability to really get that data estate established. Then I want to take and get the answers in the analytics out of it. And then I want to monetize that data either out to my customer set or out to my industry or out to other scenarios as well. And so as we start to deliver our develops capability, our ai and analytics capabilities through HPC. And it's an open platform. So it allows data scientists to easy boot up easily boot up a cluster with which to do their models and their training and their algorithms. But we can also then use and Estancia at that into the business decisions that our customers are trying to make again without the significant cost that they're seeing on that on the public cloud side and in a very secure way because they have the data exactly where they need it. You'll see us continue to do sort of disaster recovery and data protection and those types of scenarios both with our partners and from H P E. So it's exciting to just understand that now you're going to have the tools and resources so you can actually focus on those business outcomes versus how do I protect the data? Where do I start, how do I get my model set up, etcetera. All that becomes automated and self service. You mentioned earlier >>When you talk to customers Keith one of the big sort of challenges that you're addressing. What's the typical, there was no typical but the but the real nuts that they're trying to crack is it financial? We want to move from Capex to opec's is that hey we want this cloud model but we can't do it in the public cloud for a variety of reasons, edicts, organization leaders or we want to modernize our our state. What are the real sort of sticking points that you're addressing with Green Lake? >>Yeah, I think it's threefold and you sort of touched on those. So one is, it really does start with modernization. Hey, you know, we've got to take costs out of the equation. We've got to reduce our carbon footprint. We've got to automate these things because we have limited resources and how do we maximize the ones that we have? And so I mentioned earlier, getting out of the data center, modernizing our apps, really monetizing our data. So I think that's number one. Number two is what you said as well, which is, hey look, I don't need to have all these capital assets. I don't want to be in charge of managing all all these assets. I just want the capability and so being able to sell them that service that says, hey, we can, we can do X number of desktops for your V. D. I. We can run your S. A. P. Environment or we can make sure that you have the, the analytics structure set up to be able to run your models that becomes super compelling and it frees up a lot of resources in cash on that front as well. And then I think the third thing is what you said, which is the world is hybrid. And so I need to find out what's going to run best in my on prem environment and what's going to run best up in the cloud. And I want to be able to optimize that so that I'm not wasting costs in one place or the other, and I want to be able to govern and govern that holistically. So I have the ability to see what's happening end to end across that so I can manage my business most effectively. So I think those are the three big things that people are really excited about with Green Lake as they enable those things. Um and you know, the reality is that it also means that they have a new partner to help them really think through how can they move forward? So it's not them by themselves. Uh It's really in a one plus one equals three type scenario and then you bring the ecosystem in and now you've got, you know, things working really well. So, >>so big enterprise tech, it's like, it's like the NFL is a sort of a copycat league. And so what, you know what I'm saying? But you guys all got >>big, yeah, >>you've got great resources, hey, this West Coast office exactly is gonna work. We're gonna get a short passing game going. And so that happened. So I feel like, okay, you've raised the bar now on as a service and that's gonna become table stakes. Um you know, it's got a lot of work to get there. I know, and it's a it's a journey, but but when you think about the future uh for H. P. E. Uh what's exciting you the most? >>I think what's exciting me the most is this the reaction that we're seeing with customers because in essence it gets them out of the bits and bytes and speeds and feeds and you know, um >>you >>know, component goo and really gets into business value, business outcomes sls and, and that's what they're looking for because what they're trying to do is break out of, you know that day to day and be able to really focus on the future and where they're going. So I think that's one, I think the second big thing is as you see all these things come together, um you know, we're able to basically provide customers with, I would say a mindset that's like, hey, I can do this holistically, but I can always pick and choose the best that I want and if I ramp up, I have capacity. If I ramp down, I don't have to pay for first scenarios. And so I'm getting the best of both worlds across that piece of it. And then third is I mentioned it earlier. But this whole relationship thing is so important because you know, this isn't about technology anymore. As much as it it is about what's the value that you're going to get out of that technology. And how does that help us move the company and the world forward? Like I love the fact that H. P. E. Was so involved in this pandemic. >>You know, >>with our systems were able to actually uh to run a set of of algorithms and analysis on how to, you know, find a vaccine on how to how to address the things that are going forward. You've seen us now up in space and as we, we broaden our frontier and so as a company you're seeing technology turned into things that are truly helping the world go forward. I think that's exciting as well. >>Yeah. Space. It's like the ultimate edge. >>I >>like you said to me if I take it, it's not not about ports and Mick, nips and gigabytes anymore. It's about the outcome. You mentioned before the S L. A. Um, you know, the thing about, you know, think about virtual, it's great. We have to get in the plane. Its downside. We all know we can't hang out, you know, afterwards, you know, have a drink or you know, chit chat about what's going on in the world, but we can't reach a lot more people. But the other downside of virtual is, you know, you don't have the hallway track. It's not like, hey, did you check out that, that demo on IOT? It's really cool. Where is that? So give us the hallway track. How can folks learn more about discover where would you direct folks? >>You bet. You know, I'm doing a full spot. Obviously let me start with at the top right Antonio Neri our ceo he's going to lay out the whole strategy and then I'll have a spotlight. It's about a 30 minute deep dive on all of these things that that you and I just talked about and then we've got a bunch of breakout sessions were doing some with our partners like Nutanix and others, um, Microsoft as well as we talk about, we didn't really touch on that, but you know, we have a strong partnership with the hyper scholars with Microsoft and with others because in essence customers are expecting an integrated solution that's hybrid. And so, you know, we're showcasing all of that with the with the discover breakouts as well and they're available on demand. We have a huge opportunity with respect to that, so really excited and you know, frankly we're here to help, like I hope people understand this is our opportunity to help you be successful and so please know that our ears are wide open to hear what the challenges are and we're ready to help customers as they needed. >>I'm glad you mentioned the partnership with Microsoft and other hyper skills. I feel like keith, the the Hyper scale is giving us a gift. They've spent last year they spent over $100 billion on Capex build out. That is like, it's like the internet. Thank you. >>Now we're gonna build on >>top of it, we're gonna build an abstraction layer that hides all that underlying complexity. We're gonna connect things and and that's really your job. That's really kind of what you're bringing to the table I think with Green Lake and some of these innovations. So >>I really >>appreciate it. Go ahead please. >>I appreciate the time as well. It's always a pleasure and it's always exciting to get a chance to share with you and and as always, any time you don't want me back, I'm happy to happy to join. Alright, >>would love to do that. So appreciate that. And thank you for spending some time with us. Stay tuned for more great coverage from HPD discovered 21 everything is available on demand as well as the that is the other good thing about virtually go back and watch all this content. This is Dave Volonte for the cube the leader in enterprise tech coverage. Be right back

>>Okay, welcome back to the Cube coverage of Dr Khan 2021. I'm John for your host. Had a great guest here. Dana Lawson. Vice president. Engineering and technology partnerships that get up dana. Welcome to the cube. You're leading the engineering team over at GIT hub. Been been around the block in the cloud enterprise area. Congratulations. Welcome to the cube. >>Well, thanks for having me. Don, I am super excited. Dr. 2021 Wow. I can't believe it's been that long. Right. >>Got the keynote coverage automation. The top trend here in the world. DevoPS DEP sec apps, developer productivity, modern errors here, a lot of action uh and dr conscious more attendance every year, containers setting up the cloud native. You know the tsunami of new ways that people are programming. New way teams are formed new way people are being super productive with the pandemic. We've seen developers really lead the charge in the virtual work environment. So a lot of action. So first tell us what's going on in the developer community right now, give us your take, >>I mean, my take on it is the developer teams are just working closer than ever before. You know, we see this across all industries, whether you're going through your own digital transformation and trying to streamline your workflow, um you know, we have this concept of devops now for about a decade and and we all were hopeful I was one of those early adopters that like, yes, this will change the world, as you can imagine, and like we're seeing it materialized and I feel like in this historic year, uh it's on steroids, we see teams working across the aisle doing things we've never experienced before with this concept of interconnected tools. And so we're seeing really the, I would say the practice of devops really going across every member of the team and not being just a practice that maybe one person on your team did. You know, this trend has been ongoing for a while. But with these new key technologies out there, it's really on fire in my opinion, >>outside of just the whole cloud native awesomeness that's happening. You see kubernetes enabling a lot of new things, the virtual work environment with the pandemic developers, just like just the way we've been working a long time. Finally, it just got standardized for the rest of the world, the world. Um they didn't really miss a beat and, and combined again with the cloud scale and we saw the earnings from all the big companies, the developers have been super productive this year. Do you see um that continuing and what, how is it going to change in your opinion as the pandemic kind of lifts a little bit and now the new normal gets back to real life. Certainly those benefits came out is what's your take on this engineering dynamic going on. >>I mean you said it they're like this is a common kind of workflow that people had pre pandemic, especially in the open source community where it's literally a bunch of random people around the world that don't obviously get to talk as as quickly and as uh you know, synchronously and so a saint communications gone up in what we've seen there is teams really tuning in their automation, right? So whereas you may have had it in your backlog to say, you know what, I should probably go automate that workflow now that we have been forced. Even even companies that haven't haven't thought about in the past to say, okay, how do I get code from A to B. Seamlessly? There's spending time on those workflows. and I think that we're seeing that naturally, you know, in the keynote where I mentioned some of the Research that we've done is we're seeing developers work more but we're seeing them work more on open source projects and the things that they want to work on not necessarily going and saying I'm going to go and spend 20 hours at work. But really it's that that continuation of like hey instead of automation being an afterthought we're gonna make it something that is at the forethought of what we're doing. And so what it's really done is just increase the time spent on writing great code and hopefully having a better up time. I am a I am a DEvops SRE sys admin, whatever you wanna call it at heart forever will be. Um and so you know, getting to have more time to spend on S. L. O. S. And really the, you know like I call it the safety guards, the rails of your system so that you can just really go in there and allow everybody to contribute. And that's what I think we're seeing and we're going to continue to see that as things just get easier as stuff happens out of the virtual box. >>I mean simple or easy. It's always a good strategy. I was just reporting for our team on the cube con and cloud native con. There's more cloud native con going on than cube con because kubernetes got kind of boring. Um, and enabled more cloud native development. And then the other trend that we've been reporting on is end user contribution to open sores. You're starting to see end users, not just the usual suspects like lift and whatnot. You're seeing like real enterprises like having teams contributing into open source in a big way. This is a kind of a new, interesting dynamic. What's your take on that? Is that a signal of simplicity? What does it mean? >>I'm going to tell you, I think that companies and big names that realized they were using open source and they have been all along, um, it's been around for a minute. Some of our most favorite libraries and frameworks have been open source from the beginning. You hear me talking about Java and Tomcat that's open source. And so it's really this understanding of the workflow. So I want to say that what we see now is there should be an investment because the world's team of open source developers are powering our technology and why shouldn't we as companies embrace and actually get back and spend that quality time because us innovating together on open source privately and publicly just makes everything better for everybody. And so I I think we're going to continue to see this trim. I'm excited about it. GIT hub has done some amazing work in this space by with get up sponsors because we want open source to continue to enable the innovation and having people participate. And now we're seeing it with businesses alike. And so I think we're going to see this practice continue on and really take a look not only of the technology they're using, but the open source practices like how do these maintainers and these open source teams shit reliable quality code that is changing the world. And how can we put those practices within our own development teams on what we're building for our customers? So you're just going to continue to see this. And I think also with that being said because the barrier of entry has has lowered some by the advancement. What we're seeing the rise of the citizen developer as well. So we're seeing you know people all within the company and some that are much more further along with their transformations participate in a way they never have before. Whether it's like you know the design part in the design thinking of it to like how do you curate and have a great experience for your customers. We're just seeing participation at all levels of development stack and that also is the stuff outside of the actual code being written because it's so interconnected and so I I don't know I'm excited. I'm excited to see what we're going to unlock by having people participate more so than ever and then having companies invest in that participation. >>I love your enthusiasm. I agree. I think it's a great time for open source because it has democratized, it is bringing in new people. The aperture of the personas coming in >>is not >>just computer science and engineering. This hybrid SRE rolls developing and then you've got creative. There's a creativity aspect coming back and I've been riffing on this for a few years but I'm kind of seeing this development, love to get your thoughts used to be like craftsmanship was involved in building software and then Agile came in ship fast and iterate. Um and now craft is coming back. You're starting to see creativity and the developer experience through collaboration tools and kind of this democratization. What's your thoughts on this? And no, I know you I know you think about this as an engineering leader. Um Craft agile bring them both together. Speed and quality is craft coming back. >>Craft is definitely coming back and I think it is because we we melt the mundane stuff, right? Like, you know, we're all hyper focused on like you want to be the bush out there, you gotta ship immediately agile, agile, agile. But what we know is like you can ship a bunch of stuff, nobody wants very fast, you can ship a bunch of stuff that hasn't been curated to really, you know, solve the problem now, you'll be fast but will be awesome. I think people demand more. And I really believe that because we've embraced some of these frameworks, workflows and tool sets, that we get a focus on the craft and that's what we're trying to do, right? Ultimately we want every person that builds to be an innovator and not just an innovator for innovation state, but because they're changing and affecting somebody's life, right? And so when we dig deep and focusing on the craft, and we still have these expertise, we're just gonna be applying that in a very intentional way versus okay, hurry up. Bill, Bill Bill, hurry up, hurry up. Bill Bill, Bill, go, go, go, because now it's connected. And so we're seeing the rise of that craft and what I think is going to in turn happen is we're all going to have a better experience, we're all going to reap the benefits of having that expertise. You know, there's a spirit sometimes when we talk about automation and devops and, you know, interconnected tool systems that maybe you're taking somebody's job that they were doing before the daily task. No way. All we're doing is saying like, cool, take the repeatable thing that you're doing over and over and over, and let's focus on that craft, lets you know if your security person and you want to get down and deep and understand where vulnerabilities are going to come from and things that people haven't even thought of. Cool, let's take away some of the other things that we know can be caught and solved without you paying attention in some aspects. I think we just need along the whole stack. So it's pretty exciting times. >>Yeah, I did it and we call that different, undifferentiated heavy lifting, you know, just get it out of the way since you brought that up. Let's take automation down that road of experience. What does it mean for the developer? Because this is really an opportunity. Right. So the phrase I've heard is if you do it more than a few times, just automated away. So when is the right time to automate where this automation play into the developer experience? When does it make it more productive? Where's the innovation angle you share your thoughts on when people look through the prism of automation productivity versus innovation? What's the what's the automation view there? >>I mean, you know it is it is a good like, you know, little metric could be done it five times and it's the same thing over and over and over. Your question is now like do you have to be doing that? I mean you should because you're doing it. So I think it's about finding and defining your own boundary for what you need, right? I mean it's hard to get out there and say every workflow like we can go and apply the stamp. We already tried that with agile frameworks for like everybody you're gonna do scrum, we're going to combine, you know what? It doesn't work. What we really need to do is have teams understand their workflows, right, understand and do some diagnosis and saying like we're in the system and I think that's powerful metrics and insights of going like where are we having a slowdown? Where are people spending their time if people are spending their time doing break fix or they're spending their time continuously trying to jam something into a certain pipeline, you have to ask yourself, is this something that we should be spending that time on? What if we had that time freed up? And so I do think you can go and put some good boundaries in there, whatever yours may be. I love I love some of those rule sets but really you know, deadlocks and automation starts with the process, right? We think about it and when I developed software always think about it through that design. Thinking lands of how will this work when I get to it. And so if we're focusing on the design aspect and the user experience, then we start looking at the pieces in between from that code to having people use it and say what do I need to do? And sometimes you know depending on your industry, you may have these other needs that not everybody has. So it's hard to say there's a one size fits all. But there is a good rule like if you've done the same repeatable thing over every every day, uh numerous days like you probably should just go spend the time to automate that. And I think it's the convincing point, right? Like if we go and and a lot of us are are nerds and engineers at heart and I love freaking math. So it's that like okay if we spend two hours building maybe a hub action for a doctor one time instead of somebody happened to repeat this process no matter what it is. Like you're giving that time back in that time is mental capacity, mental capacity that can be applied to something that's more important and hopefully the more important thing is the user experience. Um So yeah, I mean you know we all have those little systems out there. I say use them but take a step back. I think the bigger, the harder part is like yes, you will have to slow down for a minute, which is scary to go and build something repeatable so that you can speed back up. You know, >>it's awesome. Great, great inside love, love the energy a lot to ask you while you're here because this is something I've been thinking about. I'm hearing a lot of developers talking about, understand the workflow you mentioned that's a key thing. I love that. Getting in and understanding the customer experience working backwards, but that brings up the whole. How do you form the teams? How do you think about team formation? Because at cloud scale with cloud native, you can use building blocks, You have automation, you can easily compose and then build intellectual property around things. Use containers, make things easier. So as you start thinking about teams, is it better to have teams focus on, say workflows and then decoupled teams? Is there a strategy for general purpose teams or how do you look at the team formation from the developer perspective to make the experience great, high quality. Is there a state of the art in your opinion, given the compose ability and all the ease of use going on? I mean, what's the ideal way to think this through? What's your thoughts? >>Oh, you know, there's, I'm going to say there's not one team team to rule them all, there's not one team kind of foundation that's gonna be able to be applicable, it's all different, right? Like even within the same company, especially at scale, you may have these different compositions of your team and I think it comes down to like, what problems are you trying to solve within your workflow? What are you trying to accomplish? I think when we, when we step back and we think about our Ci cd pipelines and really code from idea into cloud that I believe in a unified system, because I don't want developers worrying about it and doing one offs, I'm like, you don't need to know that, and that's been an argument that's going on, you know, I'm a huge kubernetes fan and so it's been like, should, should, should the feature developers understand the entrance of kubernetes? I'm gonna say something controversial, I'm gonna say no, I'm gonna say they don't need to know, they need to know how to monitor alert and how to have smart rollbacks and have a system that does it for them. That's why we have Orchestration, that's why we have dr containers, that's why we have world class eight PM and monitoring systems in place because we've done that, we've done that hard work. So I would say no, they don't need to know that, so, but you still need these needs, right? Depending upon where you are in this transformation, right? Maybe you're still like, you know, integrating some of these cloud needed principles and toolsets and so you need some smes I do really love the SRE embedded model, not embedded, like on your, you know, like embedded, like a chip set, but embedded in the team, because that person really should be a mentor and should be a force multiplier. You don't want to fall in the trap and be like oh we have an SRE on the team. They're going to do all the devops stuff. No no no no they're going to go and help you think about your product through a customer lens right there. They're the experts going like whoa maybe we should have an S. L. A. Because this is a tier one feature lets go and make sure we build that automation so that we curate this feature with the highest level availability but then teach the team how to do that. So now you have this practice as a part right? Like you're honing your craft, you have this practice now. Does that mean they need to go learn everything about like the monitoring sweet and tools are used. No, but they should understand how to read the output of that. And so there's not one team size to rule them all. Unfortunately, I personally, I'll tell you what I'm a fan of is like I think that you should have flexibility. Like once again think about the points where you need to have the connective unified system, right? And then you have this opportunity for developers to have some agency and creative freedom because maybe you've been on a team that's been working on, I don't know, let's say your audit service. I think every every software has some component of audit uh, you know, in some ability because you want to know what he was using one well after they've done their tour of duty because most of the cool stuff, they've already fixed and made a feature set. Let them go roll into something else because then you have that connective tissue on the inner points of your system that are always the same, right? We want really repeatability. We want them just to focus on writing the code. And I think because of these advancements we are unlocking opportunity for developers to think broader, right? Like maybe you've been on the platform team and you want to go dip your toes into writing features well, 90 okay, maybe not 90 but also 80% of that, you know, every day repeatable task, like focus on that and get that shit out. But then you have the sme and you're really thinking holistically as a customer obsessed team of what you're building and why. So I love that. No one way. >>Yeah, I love the idea of the platform person just having more flex out because that brings a platform mindset to the other pieces, but also feature acceleration versus product strategy. Thinking through the arc of why you're building in the first place, Right? So and then the embedded SRE great point there, great call out there because everything's cloud scale now, you gotta have pen tests built in automation, >>who's gonna >>design that. So I think it's really interesting how you're putting that together and I think that's very relevant. Um and any um new things that you see happening now with with cloud Native, you mentioned cabernets, I think you know the story that we've been telling is kubernetes got boring and that's good. Right? So, >>meaning its meaning it's working >>and people like it, it's interoperability or frustration. It feels like a unifying connective tissue between under the hood and above at the application layer. So it's nice but the consequence of that is there's more cloud native going on, so that means more services are going to be connected and torn down. You mentioned observe ability and monitoring. That's important too. So as an engineering leader, that's not another department. Right? That's gonna be core to the developers. What's your thoughts on how to integrate observe ability now there's a zillion companies doing it now but is that you know >>there is a zillion. My thoughts are like heck yeah. Like conservative observe ability isn't at the end of the stack. Right, observe ability is apart just like qualities apart. Just like when we think about agile, let me just throw it this way right? Like when dr came right, we had it basically have this maybe this baby os encompassed on servers. So you can have multiple, multiple, multiple, multiple distributed. Right? I think of like let's let's say that like your team is that Docker container man, you want everything in their right? It is a part of the practice. You want your learning, you want your logging, you want it all wrapped up in this nice little bow and you want lots of them all working together harmoniously. The same thing can be said about our teams. We want them to be their own little micro operating system where they have all the resources available for them to go and do the thing that they are intending to do and not have to worry about that subset. But it also gives them that control. Right? So it's building in that layer of abstraction that's needed but also understanding why it's important. So it's a little bit of both. Right? We're not going to curate deep subject matter experts. You know, I'm, you know the Oh yes, I model and every aspect right? Like we're not going to turn a friend and engineer necessarily into a network engineer. But utilizing the tool sets, having a playbook where it is controlled, maintained in a part of your culture. All that's gonna do is allow you to move faster and it's allow you to see what's really running out there in the wild. And I see these trends happening. I think we're continuing to see the rise of cloud native technologies because applications now are really a set of a P. I. S. That go across the world and in and out. And so the way that we develop is slightly different. And so we need to think about, well, how is it orchestrated and deployed? Well, if you have a repeatable pattern once again, if we go back to that and think of our team and I promise nobody asked me to come up with this as like a little darker, a little docker container itself. You know, you're gonna write that image into what makes sense for you and have all the resources available and you're gonna rinse and repeat that over and over and over again. And so I mean, we're just seeing, seeing this continue this continuation of, you know, monitoring devops? S sorry, it's not a problem. It's a culture, right? It's not one person's job or a role. It's a part of how you build great software. It's just a practice. >>You mentioned abstraction layer used to be conventional wisdom that they were good. But there's trade offs whose performance tradeoffs or some overhead. Not anymore. It's good. You can basically build an abstraction layer and say, hey, I don't want to deal with networking anymore. It's gonna make it programmable. >>That's cool. No >>problem. So you start to see these new innovation patterns. Right. So what are you most excited about when you start to see these new kinds of things of being brought on that were limited years ago? Like you start an abstraction layers, you see the role of the SRE you're seeing um the democratization of new developers coming in that are bringing new perspectives. She's seeing all these new kinds of ways that's re factoring how people write code. But what are you seeing is the most exciting >>for me? Honestly, it's like the opportunity for anybody to really be a builder maker developer, right? You don't have to have a traditional CS degree if you do that's awesome, Like come and teach us awesome stuff that we probably should know. That's foundational. I don't have a CS degree. You know, we're moving on from these opportunities where it's self taught to where you actually 100% can go and learn and build and create. We're seeing the rise in these communities. I feel like these toolsets are really just lowering the barrier of entry for those people that don't have advantage to go to like a four year school and get a degree for people that are just like have a great idea what excites me is that next developer, You know, we talk about the 100 million developer sitting somewhere in the world, just going, I have a great idea and I'm gonna change the world and I don't know how to get started, but they do, they have it at their hands now. You know, if you can go onto a website, get a little bit dangerous with these tool sets, you can go and get your idea to the masses and what we're going to end up doing is like you said, democratizing tech, it's going to bring in new ways to think it's going to change how we interact with systems. We get we get our blinders on sometimes, especially, you know, I live in Portland on the West Coast, the US, we know that the world is vast, majorly huge, dynamic, awesome place. The things that work for me may not work for somebody on the other side of the world. The things that I do may not be relevant. But we're going to find that human connection. We're going to continue to say, well, wait a minute. How can we optimize for any human anywhere? How can we help take all these differences but doing them in a repeatable pattern. So like for me that's exciting is these toolsets that we've been working on for years, are now going to put put in people's hands that never thought they could. And that is exciting. And like to see to see the rise of just creativity is what really makes humans special because we build and make >>and the fact that it's more inclusive now becoming more inclusive on all aspects of inclusive whether it's individuals and coders types of code. So uh integration is the new normal right integrating in uh data control planes, all that goodness coming in because of the ease of use of developer experience. Super awesome. Um dana you're awesome. Great to have you on the cube and sharing your energy and insight. Great call outs on many topics. A lot of gems being dropped. Their thanks for coming on the cube. >>Well thanks for having me. It's been awesome and doctor comes been great. I can't wait to see the rest of the show. >>Dr khan 2021 Virtual real life coming back maybe in physical next year or hybrid for sure. Just the cube coverage of Dr khan 2021. I'm sean for your host. Thanks for watching

from around the globe it's thecube covering space and cyber security symposium 2020 hosted by cal poly hello everyone welcome to the space and cyber security symposium 2020 hosted by cal poly where the intersection of space and security are coming together i'm john furrier your host with thecube here in california i want to welcome our featured guest lieutenant general john f thompson with the united states space force approach to cyber security that's the topic of this session and of course he's the commander of the space and missile system center in los angeles air force base also heading up space force general thank you for coming on really appreciate you kicking this off welcome to the symposium hey so uh thank you very much john for that very kind introduction also uh very much thank you to cal poly uh for this opportunity to speak to this audience today also a special shout out to one of the organizers uh dustin brun for all of his work uh helping uh get us uh to this point uh ladies and gentlemen as uh as uh john mentioned uh i'm jt thompson uh i lead the 6 000 men and women of the united states space forces space and missile system center which is headquartered here at los angeles air force base in el segundo if you're not quite sure where that's at it's about a mile and a half from lax this is our main operating location but we do have a number of other operating locations around the country with about 500 people at kirtland air force base in albuquerque new mexico uh and about another 500 people on the front range of the rockies uh between colorado springs and uh and denver plus a smattering of other much smaller operating locations nationwide uh we're responsible for uh acquiring developing and sustaining the united states space force's critical space assets that includes the satellites in the space layer and also on the ground layer our ground segments to operate those satellites and we also are in charge of procuring launch services for the u.s space force and a number of our critical mission partners across the uh department of defense and the intelligence community um just as a couple of examples of some of the things we do if you're unfamiliar with our work we developed and currently sustained the 31 satellite gps constellation that satellite constellation while originally intended to help with global navigation those gps signals have provided trillions of dollars in unanticipated value to the global economy uh over the past three decades i mean gps is everywhere i think everybody realizes that agriculture banking the stock market the airline industry uh separate and distinct navigation systems it's really pervasive across both the capabilities for our department of defense and capabilities for our economy and and individuals billions of individuals across our country and the planet some of the other work we do for instance in the communications sector uh secure communications satellites that we design and build that link america's sons and daughters serving in the military around the world and really enable real-time support and comms for our deployed forces and those of our allies we also acquire uh infrared missile warning satellites uh that monitor the planet for missile launches and provide advanced warning uh to the u.s homeland and to our allies uh in case some of those missile launches are uh nefarious um on a note that's probably a lot closer to home maybe a lot closer to home than many of us want to think about here in the state of california in 2018 smc jumped through a bunch of red tape and bureaucracy uh to partner with the u.s forest service during the two of the largest wildfires in the state's history the camp and woolsey fires in northern california as those fires spread out of control we created processes on the fly to share data from our missile warning satellites those are satellites that are systems that are purpose built to see heat sources from thousands of miles above the planet and we collaborated with the us forest service so that firefighters on the ground uh could track those fires more in real time and better forecast fires and where they were spreading thereby saving lives and and property by identifying hot spots and flare-ups for firefighters that data that we were able to working with our contractors pass to the u.s forest service and authorities here in california was passed in less than an hour as it was collected to get it into the hands of the emergency responders the first responders as quickly as possible and doing that in an hour greatly surpassed what was available from some of the other assets in the airborne and ground-based fire spotters it was really instrumental in fighting those fires and stopping their spread we've continued uh that involvement in recent years using multiple systems to support firefighters across the western u.s this fall as they battled numerous wildfires that unfortunately continue working together with the u.s forest service and with other partners uh we like to make uh we like to think that we made a difference here but there's still a lot more work to go and i think that we should always be asking ourselves uh what else can space data be used for and how can we more rapidly get that space data to uh stakeholders so that they can use it for for purposes of good if you will how else can we protect our nation how else can we protect our friends and allies um i think a major component of the of the discussion that we will have throughout this conference is that the space landscape has changed rapidly and continues to change rapidly um just over the past few years uh john and i were talking before we went live here and 80 nations now have uh space programs 80 nearly 80 space faring nations on the planet um if you just look at one mission area that uh the department of defense is interested in and that's small launch there are currently over a hundred different small launch companies uh within the u.s industrial base vying for commercial dod and civil uh payload capabilities uh mostly to low earth orbit it's it's just truly a remarkable time if you factor in those things like artificial intelligence and machine learning um where we're revolutionary revolutionizing really uh the ways that we generate process and use data i mean it's really remarkable in 2016 so if you think about this four years ago uh nasa estimated that there were 28 terabytes of information transiting their space network each day and that was four years ago um uh obviously we've got a lot of desire to work with a lot of the people in the audience of this congress or in this conference uh we need to work with big thinkers like many of you to answer questions on how best we apply data analytics to extract value and meaning from that data we need new generations of thinkers to help apply cutting edge edge theories of data mining cyber behaviorism and internet of things 2.0 it's just truly a remarkable time uh to be in the space business and the cyber aspects of the states of the space business are truly truly daunting and important to uh to all of us um integrating cyber security into our space systems both commercial and government is a mandate um it's no longer just a nice to have as the us space force and department of the air force leadership has said many times over the past couple of years space is becoming congested and contested and that contested aspect means that we've got to focus on cyber security uh in the same way that the banking industry and cyber commerce focus on uh cyber security day in and day out the value of the data and services provided is really directly tied to the integrity and availability of that data and services from the space layer from the ground control segments associated with it and this value is not just military it's also economic and it's not just american it's also a value for the entire world particularly particularly our allies as we all depend upon space and space systems your neighbors and friends here in california that are employed at the space and missile system center uh work with network defenders we work with our commercial contractors and our systems developers um our international allies and partners to try and build as secure and resilient systems as we can from the ground up that keep the global commons of space free and open for exploration and for commerce um as john and i were talking earlier before we came online there's an aspect of cyber security for space systems especially for some of our legacy systems that's more how do we bolt this on because we fielded those space systems a number of years ago and the the challenges of cyber security in the space domain have grown so we have a part that we have to worry about bolting it on but then we have to worry about building it in as we as we field new systems and build in a flexibility that that realizes that the cyber threat or the cyber security landscape will evolve over time it's not just going to be stagnant there will always be new vulnerabilities and new threat vectors that we always have to look at look uh as secretary barrett who is our secretary of the air force likes to say most americans use space before they have their first cup of coffee in the morning the american way of life really depends on space and as part of the united states space force we work with defense leaders our congress joint and international military teammates and industry to ensure american leadership in space i really thank you for this opportunity to address the audience today john and thanks so much to cal poly for letting me be one of the speakers at this event i really look forward to this for uh several months and so with that i look forward to your questions as we kind of move along here general thank you very much for the awesome uh introductory statement uh for the folks watching on the stream brigadier general carthan is going to be in the chat answering any questions feel free to chat away he's the vice commander of space and missile systems center he'll be available um a couple comments from your keynote before i get to my questions because it just jumped in my head you mentioned the benefits of say space but the fires in california we're living that here that's really real time that's a benefit you also mentioned the ability for more people launching payloads into space and i only imagine moore's law smaller faster cheaper applies to rockets too so i'm imagining you have the benefits of space and you have now more potential objects flying out sanctioned and maybe unsanctioned so you know is it going to be more rules around that i mean this is an interesting question because it's exciting space force but for all the good there is potentially bad out there yeah so i i john i think the uh i think the basics of your question is as space becomes more congested and contested is there a need for more international norms of how satellites fly in space what kind of basic features satellites have to perhaps deorbit themselves what kind of basic protections does do all satellites should all satellites be afforded as part of a peaceful global commons of space i think those are all fantastic questions and i know that u.s and many uh allied policy makers are looking very very hard at those kinds of questions in terms of what are the norms of behavior and how we uh you know how how we field and field is the military term but you know how we uh populate uh using civil or uh commercial terms uh that space layer at different altitudes uh low earth orbit mid mid-earth orbit geosynchronous earth orbit different kinds of orbits uh what the kind of mission areas we accomplish from space that's all things that need to be definitely taken into account as uh as the place gets a little bit not a little bit as the place gets increasingly more popular day in and day out well i'm super excited for space force i know that a new generation of young folks are really interested in it's an emerging changing great space the focus here at this conference is space and cyber security intersection i'd like to get your thoughts on the approach that space force is taking to cyber security and how it impacts our national goals here in the united states yeah yeah so that's a that's a great question john let me let me talk about in two uh two basic ways but number one is and and i know um some people in the audience this might make them a little bit uncomfortable but i have to talk about the threat right um and then relative to that threat i really have to talk about the importance of uh of cyber and specifically cyber security as it relates to that threat um the threats that we face um really represent a new era of warfare and that new era of warfare involves both space and cyber uh we've seen a lot of action in recent months uh from certain countries notably china and russia uh that have threatened what i referred to earlier as the peaceful global commons of space for example uh it through many unclassified sources and media sources everybody should understand that um uh the russians have been testing on orbit uh anti-satellite capabilities it's been very clear if you were following just the week before last the department of defense released its uh 2020 military and security developments involving the people's republic of china um uh and uh it was very clear that china is developing asats electronic jammers directed energy weapons and most relevant to today's discussion offensive cyber uh capabilities there are kinetic threats uh that are very very easy to see but a cyber attack against a critical uh command and control site or against a particular spacecraft could be just as devastating to the system and our war fighters in the case of gps and important to note that that gps system also impacts many civilians who are dependent upon those systems from a first response perspective and emergency services a cyber attack against a ground control site could cause operators to lose control of a spacecraft or an attacker could feed spoofed data to a system to mislead operators so that they send emergency services personnel to the to the wrong address right attacks on spacecraft on orbit whether directly via a network of intrusion or enabled through malware introduced during the systems production uh while we're building the satellite can [ __ ] or corrupt the data denial of service type attacks on our global networks obviously would disrupt our data flow and interfere with ongoing operations and satellite control i mean if gps went down i you know i hesitate to say it this way because we might elicit some screams from the audience but if gps went down a starbucks wouldn't be able to handle your mobile order uber drivers wouldn't be able to find you and domino's certainly certainly wouldn't be able to get there in 30 minutes or less right so with a little bit of tongue-in-cheek there from a military operations perspective it's dead serious um uh we have become accustomed in the commercial world to threats like lance ransomware and malware and those things have unfortunately become commonplace in commercial terrestrial networks and computer systems however what we're seeing is that our adversaries with the increased competition in space these same techniques are being retooled if you will to use against our national security space systems uh day in and day out um as i said during my opening remarks on the importance of cyber the value of these systems is directly tied to their integrity if commanders in the field uh firefighters in california or baristas in in starbucks can't trust the data they see they're receiving then that really harms their decision-making capabilities one of the big trends we've recently seen is the mood move towards proliferated leo uh uh constellations obviously uh spacex's uh starlink uh on the commercial side and on the military side the work that darpa and my organization smc are doing on blackjack and casino as well as some space transport layer constellation work that the space development agency is designing are all really really important types of mesh network systems that will revolutionize how we plan and field warfighting systems and commercial communications and internet providing systems but they're also heavily reliant on cyber security uh we've got to make sure that they are secured to avoid an accident or international damage uh loss of control of these constellations really could be catastrophic from both a mission perspective or from uh you know satellites tumbling out of low earth orbit perspective another trend is introductions in artificial intelligence and machine learning on board spacecraft or at the edge our satellites are really not so much hardware systems with a little software anymore in the commercial sector and in the defense sector they're basically flying boxes full of software right and we need to ensure the data that we're getting out of those flying boxes full of software are helping us base our decisions on accurate data and algorithms govern governing the right actions and that those uh that those systems are impervious to the extent possible uh to nefarious uh modifications so in summation a cyber security is vital element of everything in our national security space goals and i would argue for our national uh goals uh writ large including uh economic and information uh uh dimensions uh the space force leadership at all levels uh from uh some of the brand new second lieutenants that general raymond uh swore into the space force this morning uh ceremonially from the uh air force association's air space and cyberspace conference uh to the various highest levels general raymond uh general d t thompson myself and a number of other senior leaders in this enterprise we've got to make sure that we're all working together to keep cyber security at the forefront of our space systems because it they absolutely depend on it you know you mentioned uh hardware software threats opportunities challenges i want to ask you because you you got me thinking of the minute there around infrastructure i mean we've heard critical infrastructure you know grids here on on earth you're talking about critical infrastructure a redefinition of what critical infrastructure is an extension of what we have so i'd love to get your thoughts about space force's view of that critical infrastructure vis-a-vis the threat vectors because you know the term threat vectors has been kicked around in the cyber space oh yeah threat vectors they're always increasing the surface area well if the surface area is from space it's an unlimited surface area so you got different vectors so you got new critical infrastructure developing real time really fast and you got an expanded threat vector landscape putting that in perspective for the folks that aren't really inside the ropes on these critical issues how would you explain this and how would you talk about those two things well so i tell you um i just like um uh just like uh i'm sure people in the security side or the cyber security side of the business in the banking industry feel they feel like it's uh all possible threat vectors represent a dramatic and protect potentially existential threat to all of the dollars that they have in the banking system to the financial sector on the department of defense side we've got to have sort of the same mindset um that threat vector from to and through space against critical space systems ground segments the launch enterprise or transportation uh to orbit and the various different uh domains within uh within space itself like i mentioned before uh leo mio and geo-based satellites with different orbits all of the different mission areas that are accomplished from space that i mentioned earlier some that i didn't mention like weather tactical or wide band communications uh various new features of space control all of those are things that we have to worry about from a cyber security uh threat perspective and it's a it's a daunting challenge right now right yeah it's awesome and one of the things we've been following on the hardware side here in the on the ground is the supply chain we've seen you know malware being you know really put into really obscure hardware who manufactures it as being outsourced obviously government has restrictions but with the private sector uh you mentioned china and and the us kind of working together across these these peaceful areas but you got to look at the supply chain how does the supply chain the security aspect impact the mission of the u.s space force yeah yeah so so um how about another um just in terms of an example another kind of california-based historical example right um the very first u.s satellite uh explorer one was built by uh the jet propulsion uh laboratory folks uh not far from here in el segundo up in uh up in pasadena um that satellite when it was first built in the late 50s uh weighed a little bit over 30 pounds and i'm sure that each and every part was custom made and definitely made by u.s companies fast forward to today the global supply chain is so tightly coupled and frankly many industries are so specialized almost specialized regionally around the planet we focus every day to guarantee the integrity of every component that we put in our space systems is absolutely critical to the operations of those satellites and we're dependent upon them but it becomes more difficult and more difficult to understand the the heritage if you will of some of the parts that are used the thousands of parts that are used in some of our satellites that are literally school bus sized right the space industry especially uh national security space sector um uh is relatively small compared to other commercial industries and we're moving to towards using more and more parts uh from non-us companies uh cyber security and cyber awareness have to be baked in from the beginning if we're going to be using parts that maybe we don't necessarily um understand 100 percent like an explorer one uh the the lineage of that particular part the environmental difficulties in space are well known the radiation environment the temperature extremes the vacuum those require specialized component and the us military is not the only uh customer in that space in fact we're definitely not the dominant customer uh in space anymore all those factors require us along with our other government partners and many different commercial space organizations to keep a very close eye on our supply chains from a quality perspective a security perspective and availability um there's open source reporting on supply training intrusions from um many different breaches of commercial retailers to the infectious spread of uh you know compromised patches if you will and our adversaries are aware of these techniques as i mentioned earlier with other forms of attack considering our supply chains and development networks really becomes fair game for our adversaries so we have to uh take that threat seriously um between the government and industry sectors here in the u.s we're also working with our industry partners to enact stronger defenses and assess our own vulnerabilities last fall we completed an extensive review of all of our major contracts here at space and missile system center to determine the levels of cyber security requirements we've implemented across our portfolio and it sounds really kind of you know businessy geeky if you will you know hey we looked at our contracts to make sure that we had the right clauses in our contracts to address cyber security as dynamically as we possibly could and so we found ourselves having to add new language to our contracts to require system developers to implement some more advanced uh protective measures in this evolving cyber security environment so that data handling and supply chain perspective uh protections um from contract inception to launch and operations were taken into account uh cyber security really is a key performance parameter for us now it's as important as the the mission performance of the system it's as important as cost it's as important as schedule because if we deliver the perfect system on time and on cost uh it can perform that missile warning or that communications mis mission perfectly but it's not cyber secure if it doesn't have cyber protections built into it or the ability to implement mitigations against cyber uh threats then we've essentially fielded a shoe box in space that doesn't do the k the the war fighter or the nation uh any good um supply chain risk management is a is a major challenge for us uh we're doing a lot to coordinate with our industry partners uh we're all facing it head on uh to try and build secure and trusted components uh that keep our confidence as leaders firefighters and baristas uh as the case may be uh but it is a challenge and we're trying to rise to that challenge you know this so exciting this new area because it really touches everything you know talk about geeking out on on the tech the hardware the systems but also you put your kind of mba hat on you go what's the roi of the extra development and how you how things get built because the always the exciting thing for space geeks is like you're building cool stuff people love it's it's exciting but you still have to build and cyber security has proven that security has to be baked in from the beginning and be thought as a system architecture so you're still building things which means you've got to acquire things you got to acquire parts you got to acquire build software and and sustain it how is security impacting the acquisition and the sustainment of these systems for space yeah from initial development uh through planning for the acquisition design development fielding or production fielding and sustainment it impacts all aspects of of the life cycle john uh we simply especially from the concept of baking in cyber security uh we can't wait until something is built and then try and figure out how to make it cyber secure so we've moved way further uh towards working side by side with our system developers to strengthen cyber security from the very beginning of a system's development cyber security and the resilience associated with it really have to be treated as a key system attribute as i mentioned earlier equivalent with data rates or other metrics of performance we like to talk in uh in the space world about uh mission assurance and mission assurance has always you know sort of taken us as we as we technically geek out right mission assurance has always taken us to the will this system work in space right can it work in a vacuum can it work in you know as it as it uh you know transfers through uh the van allen radiation belt or through the the um the southern hemisphere's electromagnetic anomaly right will it work out in space and now from a resiliency perspective yeah it has to work in space it's got to be functional in space but it's also got to be resistant to these cyber security threats it's it's not just i think uh general dt thompson quoted this term it's not just widget assurance anymore it's mission assurance um uh how does that satellite uh operator that ground control segment operate while under attack so let me break your question a little bit uh just for purposes of discussion into into really two parts uh cyber uh for cyber security for systems that are new and cyber security uh for systems that are in sustainment or kind of old and legacy um obviously there's cyber vulnerabilities that threaten both and we really have to employ different strategies for for defense of of each one for new systems uh we're desperately trying to implement across the department of defense in particular in the space world a kind of a devsecops methodology and practice to delivering software faster and with greater security for our space systems here at smc we have a program called enterprise ground services which is a tool kit basically a collection of tools for common command and control of different satellite systems egs as we call it has an integrated suite for defensive cyber capabilities network operators can use these tools to gain unprecedented insight to data flows and to monitor space network traffic for anomalies or other potential indicators of of bad behavior malicious behavior if you will um uh it's rudimentary at this point but because we're using devsecops and that incremental development approach as we scale it it just becomes more and more capable you know every every product increment that we field here at uh at uh la air force base uh uh we have the united space space forces west coast software factory which we've dubbed kobayashi maru they're using those agile devops uh software development practices uh to deliver uh space awareness software uh to the combined space operations center uh affectionately called the csp that c-spock is just down the road uh from cal poly uh there in san luis obispo at vandenberg air force base they've securely linked the c-spock with other space operation centers around the planet our allies australia canada and the uk uh we're partnering with all of them to enable secure and enhanced combined space operations so lots of new stuff going on as we bake in new development uh capabilities for our our space systems but as i mentioned earlier we've got large constellations on satellite of satellites on orbit right now some of them are well in excess of a decade or more old on orbit and so the design aspects of those satellites are several decades old and so but we still have to worry about them because they're critical to our space capabilities um we've been working with an air force materiel command organization uh called crows which stands for the cyber resiliency office for uh weapon systems to assess all of those legacy platforms from a cyber security perspective and develop defensive strategies and potential hardware and software upgrades to those systems to better enable them to to live through this increasingly cyber security uh concerned era that we currently live in our industry partners have been critical to to both of those different avenues both new systems and legacy systems we're working closely with them to defend and upgrade uh national assets and develop the capabilities to do similar with uh with new national assets coming online the vulnerabilities of our space systems really kind of threaten the way we've done business in the past both militarily and in the case of gps economically the impacts of that cyber security risk are clear in our acquisition and sustainment processes but i've got to tell you it that as the threat vectors change as the vulnerabilities change we've got to be nimble enough agile enough to be able to bounce back and forth we can't just say uh many people in the audience are probably familiar with the rmf or the risk management framework approach to um to reviewing uh the cyber security of a system we can't have program managers and engineers just accomplish an rmf on a system and then hey high five we're all good uh it's a journey not a destination that's cyber security and it's a constant battle rhythm throughout a weapon systems life cycle not just a single event i want to get to this commercial business needs and your needs on the next question but before i go there you mentioned the agile and i see that clearly because when you have accelerated innovation cycles you've got to be faster and we saw this in the computer industry mainframes mini computers and then when you started getting beyond me when the internet hit and pcs came out you saw the big enterprises the banks and and government start to work with startups it used to be a joke in the entrepreneurial circles is that you know there's no way if you're a startup you're ever going to get a contract with a big business enterprise now that used to be for public sector and certainly uh for you guys so as you see startups out there and there's acquisition involved i'm sure would love to love to have a contract with space force there's an roi calculation where if it's in space and you have a sustainment view edit software you might have a new kind of business model that could be attractive to startups could you share your thoughts on the folks who want to be a supplier to you uh whether they're a startup or an existing business that wants to be agile but they might not be that big company we are john that's a fantastic question we are desperately trying to reach out to to those new space advocates to those startups to those um what we sometimes refer to within the department of defense those non-traditional uh defense contractors a couple of things just for uh thinking purposes on some of the things that we're trying to highlight um uh three years ago we created here at uh space and missile system center uh the space enterprise consortium uh to provide a platform uh a contractual vehicle really to enable us to rapidly prototype uh development of space systems and to collaborate uh between the u.s space force uh traditional defense contractors non-traditional vendors like startups and even some academic institutions uh spec as we call it space enterprise consortium uses a specialized contracting tool to get contracts uh awarded quickly many in the audience may be familiar with other transaction agreements and that's what spec is based on and so far in just three years spec has awarded 75 different uh prototyping contracts worth over 800 million dollars with a 36 reduction in time to award and because it's a consortium based competition for um for these kinds of prototyping efforts the barrier to entry for small and non-traditional for startups even for academic institutions to be able to compete for these kinds of prototypings is really lowered right um uh these types of partnerships uh that we've been working through on spec uh have really helped us work with smaller companies who might not have the background or expertise in dealing with the government or in working with cyber security uh for their systems both their developmental systems and the systems that they're designing and trying to build we want to provide ways for companies large and small to partner together and support um uh kind of mutually beneficial uh relationships between all um recently uh at the annual air force association uh conference that i mentioned earlier i moderated a panel with several space industry leaders uh all from big traditional defense contractors by the way and they all stressed the importance of building bridges and partnerships uh between major contractors in the defense industry and new entrants uh and that helps us capture the benefits of speed and agility that come with small companies and startups as well as the expertise and specialized skill sets of some of those uh larger contractors uh that we rely on day in and day out advanced cyber security protections and utilization of secure facilities are just a couple of things that i think we could be prioritizing more so in those collaborations as i mentioned earlier the spec has been very successful in awarding a number of different prototyping contracts and large dollar values and it's just going to get better right there's over 400 members of the space enterprise consortium 80 of them are non-traditional kinds of vendors and we just love working with them another thing that many people in the audience may be familiar with in terms of our outreach to innovators uh if you will and innovators that include uh cyber security experts is our space pitch day events right so we held our first event last november in san francisco uh where we awarded over a two-day period about 46 million dollars to 30 different companies um that had potentially game-changing ideas these were phase two small business innovative research efforts uh that we awarded with cash on the spot uh we're planning on holding our second space pitch day in the spring of 2021. uh we're planning on doing it right here in los angeles uh covent 19 environment permitting um and we think that these are you know fantastic uh uh venues for identifying and working with high-speed startups startups and small businesses who are interested in uh really truly partnering with the us air force it's a as i said before it's a really exciting time to be a part of this business uh and working with the innovation economy uh is something that the department of defense uh really needs to do in that um the innovation that we used to think was ours you know that 80 percent of the industrial-based innovation that came from the department of defense uh the the script has been flipped there and so now more than 70 percent uh particularly in space innovation uh comes from the commercial sector not from uh not from the defense business itself and so um that's a tsunami of uh investment and a tsunami of uh capability and i need to figure out how to get my surfboard out and ride it you know what i mean yeah i mean it's one of those things where the flip the script has been flipped but it's exciting because it's impacting everything are you talking about systems architecture you're talking about software you're talking about a business model you talk about devsecops from a technical perspective but now you have a business model innovation all the theaters of uh are exploding in innovation technical business personnel this brings up the workforce challenge you've got the cyber needs for the u.s space force there's probably a great roi model for new kinds of software development that could be priced into contracts that's a entrepreneurial innovation you got the the business model theater you've got the personnel how does the industry adopt and change you guys are clearly driving this how does the industry adjust to you yeah so um i think a great way to answer that question is to just talk about the kind of people that we're trying to prioritize in the u.s space force from a from an acquisition perspective and in this particular case from a from a cyber security perspective as i mentioned earlier it's the most exciting time to be in space programs uh really since the days of apollo um uh you know just to put it in terms that you know maybe have an impact with the audience uh from 1957 until today approximately 9 000 satellites uh have been launched from the various space faring countries around the planet uh less than two thousand of those nine thousand are still up on orbit and operational and yet in the new space regime um players like spacex have plans to launch you know 12 000 satellites for some of their constellations alone it really is a remarkable time in terms of innovation and fielding of space capabilities and all of those space capabilities whether they're commercial civil or defense are going to require appropriate cyber security uh protections it's just a really exciting time uh to be working in stuff like this and so uh folks like the folks in this audience who have a passion about space and a passion about cyber security are just the kind of people that we want to work with because we need to make sure our systems are are secure and resilient we need folks that have technical and computing expertise engineering skills to be able to design cybersecure systems that can detect and mitigate attacks uh but we also as you alluded to we need people that have that business and um you know business acumen human networking background so that we can launch the startups and work with the non-traditional businesses uh help to bring them on board help to secure both their data and our data and uh and and make sure our processes and systems are are free as much as possible from uh uh from attack um for preparation for for audience members who are young and maybe thinking about getting into this uh trade space um you gotta be smart on digital networking uh you gotta understand basic internet protocols concepts uh programming languages uh database design uh learn what you can from penetration or vulnerability testing and and uh risk assessment i will tell you this and i don't think he will i know he will not mind me telling you this but you've got to be a lifelong learner and so two years ago i'm at home one evening and i get a phone call on my cell phone and it's my boss the commander of air force space command uh general j raymond who is now currently the chief of space operations and he is on temporary duty flying overseas he lands where he's going and he first thing he does when he lands is he calls me and he goes jt um while i was traveling um i noticed that there were e-books available on the commercial airliner i was traveling on and there was an e-book on something called scrumming and agile devsecops and i read it have you read it um and i said no sir but if you tell me what the title of the book is i will read it and so i got to go to my staff meeting um you know the very next week the next time we had a staff meeting and tell everybody in the stab meeting hey if the four star and the three star can read the book about scrumming then i'm pretty sure all of you around this table and all our lieutenants and our captains our gs13s all of our government employees can get smart on uh the scrumming development process and interestingly as another side i had a telephone call with him last year during the holidays where he was trying to take some leave and i said sir what are you up to today are you are you you know making eggnog for the event tonight or whatever and the chief of space operations told me no i'm trying to teach myself python i'm at lesson two and it's not going so well but i'm i'm gonna figure this out and so that kind of thing if the chief of staff or the you know the the the chief of space operations can prioritize scrumming and python language and innovation in his daily schedule then we're definitely looking for other people who can do that and we'll just say lower levels of rank uh throughout our entire space force enterprise um look i i we don't need to need people that can code a satellite from scratch but we need to know we need to have people that have a basic grasp of the programming basics and cyber security requirements and that can turn those things into into meaningful actions obviously in the space domain things like basic physics and orbital mechanics are also important uh space is not an intuitive uh domain so under understanding how things survive uh on orbit is really critical to making the right design and operational decisions and you know i know there's probably a lot because of this conference i know there's a probably a whole lot of high-speed cyber security experts out in the audience and i need those people in the u.s space force the the country is counting on it but i wouldn't discount having people that are just cyber aware or cyber savvy right i have contracting officers and logisticians and program managers and they don't have to be high-end cyber security experts but they have to be aware enough about it to be able to implement cyber security protections um into our space system so the skill set is is really really broad um our adversaries are pouring billions of dollars into uh define designing uh and fielding offensive and destructive space cyber security weapons right they've repeatedly shown really a blatant disregard of safety and international norms for good behavior on orbit and the cyber security aspects of our space systems is really a key battleground going forward so that we can maintain that as i mentioned before peaceful uh global commons of space we really need all hands on deck if you're interested in helping in uniform if you're interested in helping uh not in uniform uh but as a government employee a commercial or civil employee to help us make cyber security more important uh or more cape more able to be developed for our space systems then we'd really love to uh to work with you or have you on the team to build that safe and secure future for our space systems lieutenant general john thompson great insight thank you for sharing all that awesome stories too and motivation for the young next generation the united states space force approach of cyber security really amazing talk thank you for your time final parting question is as you look out and you had your magic wand what's your view for the next few years in terms of things that we could accomplish it's a super exciting time what do you hope for so um um first of all john thanks to you and and thanks to cal poly uh for the invitation and and thanks to everybody for uh for their interest in cyber security especially as it relates to space systems that's here at the conference um uh there's a quote and i'll read it here uh from uh bernard schriever who was the uh the founder if you will uh a legend in uh dod space the founder of the western development division which was a predecessor organization to space and missile systems center general shrever i think captures the essence of what how we see the next couple of years the world has an ample supply of people who can always come up with a dozen good reasons why new ideas will not work and should not be tried but the people who produce progress are breed apart they have the imagination the courage and the persistence to find solutions and so i think if you're hoping that the next few years of space innovation and cyber security innovation are going to be a pony ride at the county fair then perhaps you should look for another line of work because i think the next few years in space and cyber security innovation are going to be more like a rodeo um and a very dynamic rodeo as it goes it is a an awesome privilege to be part of this ecosystem it's really an honor for me to um to be able to play some small role uh in the space ecosystem and trying to improve it uh while i'm trying to improve the chances of uh of the united states of america in a uh in a space war fighting uh uh environment um and so i thank all of you for uh participating today and for this little bit of time that you've allowed me to share with you thank you sir thank you for your leadership and thank you for the for the time for this awesome event space and cyber security symposium 2020 i'm john furrier on behalf of cal poly thanks for watching [Music]

>> Narrator: From around the globe, It's theCUBE! Covering the Upgrade 2020, the NTT Research Summit presented by NTT Research. >> Hey, welcome back everybody, Jeff Frick here with theCUBE. Welcome back to our ongoing coverage of Upgrade 2020. It's the NTT Research Summit covering a lot of really deep topics around a lot of the basic core research that NTT is sponsoring. Kind of like the old days of Mobell or some of the other kind of core research. And we're excited to have our next guest to go. A little bit beyond the core research and actually talk about working with people today. So we'd like to welcome in Alex Bennett. He is the global senior vice president of the intelligent workplace for NTT. Alex, good morning? >> Good morning, Jeff. How are you doing. >> Terrific. So I think for a lot of people, you know, probably know the NTT name, certainly in the States, but are not familiar with, I think, you know, the degree of which you guys have this huge business around services and workplace collaboration, I wonder if you can give us kind of a high level summary of the services angle at NTT, you know, beyond just putting in communications infrastructure equipment. >> Yeah, definitely. I mean, the NTT, as you said, is it's a huge organization, Very well known in Japan and growing in last year that we brought together about 32 different brands under the entity limited brand and we have NTT data services as well. So our role is really to look at the client requirements, the business needs that they have and be able to provide end to end solutions and wrap them with our services to make sure they've got, you know, efficiency gains, but also improving employee experience and experience around, you know, improving how they connect to their customers as well. >> Right, right. So obviously COVID-19, what was, you know, kind of a light switch moment back in March has now turned into, you know, kind of an ongoing, a new normal here we are six months plus into this, into this thing, really no end in sight in the immediate term. So, you know, people were thrown into the situation where work from home, work from anywhere had to happen with no prep. You've been in the business for a long time working on solutions. So there's the obvious things like security and access, but what are some of the less obvious things that people should be thinking about when they think about supporting their employees that are not now coming into the office? >> Well, I mean, it's been interesting, right. I said I have been in the sector for a long time and a lot of the themes have been the same for the last 10, 15 years, you know, how do we improve employee experience? How do we start to look at things like wellbeing? You know, how does it have an impact on productivity? And how do you make sure that we make it simple for people to carry out their tasks? Now, something I get asked a lot is this idea of how do we make it frictionless? A lot of the time, people don't really care about the brand or the technology. They just want to be able to carry out their role from whatever industry sector they aren't doing it efficiently and do it well, but also to be able to interact. I think it's been really important. And this pandemic has brought about this view, that people haven't been able to socialize in the same way they have in the past and work is really about people, you know, the workplace is also about people and how you connect those people into customers and provide efficiencies in that area. So the conversations I've been having in the last, you know, six to seven months, it's been quite interesting that the programs they were taking 18 months, 24 months, 36 months over, have had to be accelerated and really deployed in about three months. And then that's brought about the lows of operation on policy concerns. So as you mentioned, as you start to have this new, what we're calling, you know, distributed workforce, especially those organizations which have been perhaps more enterprise specific, you know, which are going into carpeted office environments, they've been requested by governments to only work from home. And that's brought about a huge impact to how people work, but also socialize. So from a technology standpoint, you've asked people, right, you're going to work from home, actually, do you have network connectivity? Can you actually connect with a technology tool? Like, you know, collaboration to be able to speak to your customers, to speak to your GOPs. Now what device are you actually working on? So we saw this real drive around what is this sort of immediate business continuity requirement for a secure remote worker. >> Right. And that brought about other concerns as well. >> Right. So there's so many layers to this conversation. I'm psyched to dig into it. But one of the ones I want to dig in is kind of tools overload, you know, this idea of collaboration and, you know, trying to get your work done and trying to get bears removed. At the same time though, it just can't seems like we just keep getting more tools added to the palette that we have to interact with every day, whether it's lack or a sauna or Salesforce or box, or you know, the list goes on and on and on. And the other thing that just seems strange to me is that right, all of these things have a notification component. So it's almost like the noise is increasing. I don't hear a lot of people ripping out old tooling or ripping out old systems. So how do you help guide people to say, that there's all these great collaboration tools, there's all these great communication tools, but you can't have all of them firing all the time and expect people to actually have time to get work done. >> Yeah. And it's also, you know, some people are used to that, you might have a digital native who's used to using multiple tools, but you don't have others that actually haven't been taught or a learning program about how to use different tools for different applications. And that becomes that person becomes frustrated and their productivity levels can go down. I think that what we'd really try and do is understand what are the business requirements by the persona? And also if you think of that distributed worker, that's now having to work from home and go into the office for specific tasks that are allowed, are they a sales person? No. Are they actually working in HR? What do they need and what are the tasks they need? And that start to provide the right types of tools and technology specifically for them and make sure they have a learning path that's driven around how they actually enable that technology. But you're right though. I think one of the thing that COVID founder's that doesn't happen overnight, you know, that's an engagement process. COVID hit and everyone was at home straight away. So we did see this huge transition from what may have been a legacy on premise application to starting to use more cloud based applications. And almost everyone was thrown in at the deep pant. Right? Well, here you go, just get on and use it. And at the same time they had WeChat or they had no other types of applications like WhatsApp and there were all these channels were happening. And they always had an impact on things like compliance and security, because all of a sudden, you're not using a corporately approved platform and solution. And you're starting to talk about perhaps confidential information. That's not in a way that is actually retained inside of a corporate network for the compliance and regulatory components. Right. So it's been a really interesting time in the last few months. >> Right. Well, so let's just touch on security for a minute. 'Cause obviously security is a huge concern. As you said, there's a whole bunch of security. You get kind of new security issues. One is just, everybody's working from home, whether they've got to VPN or not, or they're on their... You know, whatever their cable provider. You don't know what devices they're on, right? There's so many different devices and too as these apps have proliferated all over all these devices, whether access Salesforce on my phone or on my laptop or on my computer at work. Right. All very different. So when you look at the kind of security challenge that has come from distributed workforce with this super acceleration, you know, how many customers are ready for it, it's just caused a complete, you know, kind of fire, a hair on fire reaction to get up to speed, or, you know, are a lot of the systems of the monitored system relatively well locked down. So it wasn't a giant, you know, kind of adjustment back in March. >> Really. It depends on the type of company culture it was before. You know, what we've actually seen from some research we've done very recently across 1500 different companies, those organizations that have really invested become more digital disruptors. Now that they've embedded an idea of agility, they've actually already got a distributed workforce. They've already started to move a lot of their platforms and applications to the cloud. They've started to think about these IT policies and security. Previously, they've been very successful in how they've been able to pivot and drive this business continuity. I think for others that have been, no have large installed base of employees, no have set policies in place it's been harder for them to transition. And what we've seen is that they're the organizations that have really tried to integrate some of the new technologies into the old and that that's quite difficult sometimes. So, you know, around security, out of those 1500 organizations, nearly 70% of them said that they have a higher level of risk and concern about this. You're already in compliance today than they had prior to the pandemic. >> Right. >> What also is brought about is this idea of moving from a sort of perimeter security now where you'd come into an office and you have this perimeter where the network's secure, the physical location, and security, containerize the applications. And you've got to empower employees more now because you know, people are going to be mobile. They're going to be using multiple devices in different locations, all around the world. So we're seeing this transition as people move to cloud based platform, security is starting to get embedded into the application and it goes back to that persona aspect. So you can start to initiate things like you know, data loss protection and rights management about the content an individual has based on their location or the confidentiality of that document or piece of information. So that's where we're seeing this move is sort of really accelerating to the group, take the stress away from the employee embedded into an actual system and an application. And that has the intelligence to work out the security and the compliance on behalf of the individual. >> Right. You know, where I was going to go is, you know, there's a lot of conversations now about certain companies announcing that people can just work from home for the foreseeable future, especially here in Silicon Valley. And you mentioned that, you know, for some people that were already kind of down at digital transformation path, they're in good shape. Other people, you know, weren't that far, and of course all the means on social media are, you know, what drove your digital transformation, the CEO, the CMO, or COVID. And we all know the answer to the question. So I just want to get, you know, kind of a longterm perspective. You've been in this space for a long time. I think there's going to be, you know, a significantly increased percentage of people that are working from home. A significantly increased percentage of the time, if not a hundred percent of the time. How do you see this kind of, you know, extending out and how will it impact the way that people motivate? 'Cause at the end of the day, you've written a ton of blog posts on this, you know, motivation equals profitability. And a motivated engaged people do better work and do get better results on the bottom line. How do you see this as this as (indistinct) rules for six months, 12 months, 24 months, when there's some mishmash of combination of work from home and work from the office? >> I think probably the first thing to say is that from the research we've done, we think that's going to differ by different geographies. I mean, it's interesting when you look at areas like India and perhaps South Africa where the network connectivity home is actually not as good as in Northern Europe or North America, and actually it becomes quite hard to carry out your role and task at home. And it can become really frustrating. There's also sort of health and safety components to also working at home. Now we've had a lot of people, especially the younger generation who are in shared home, shared facilities. Now who's going to pay for the internet, the bundles, you know, and actually you only have your bedroom and is it healthy to work at your bedroom all day? So when you really sort of peel back the layers of this, this is a really complex environment, and it's also dependent on the industry sector you are. You're actually driving. But at a high level, one thing we're really seeing is most people still want to have a level of human interaction. That we as humans like to like to work together and engage together. And in fact, about 80% of the respondents of our report actually said, they want to come back to the office. Now this, this speaks to this idea of choice and flexibility. 'Cause it's not just about coming back for five days a week, eight to five, it's about going actually I've got a task to carry out. It'd be really helpful if I was with my team face to face. >> Right. >> And I can come in for four hours, book my time in that physical space, carry that out, and then I can go home and do that sort of really the research based work which I can do in the safety of my own environment. So that's what we're seeing across the industry whereas before. Now, I think everyone's trying to build these really nice big offices that looked fantastic, more huge and talked about your brand. Most organizations now are repurposing space 'cause they're not going to have as many people inside of those physical locations, but they're motivating for them to come in for creative work, you know, to be social, to think about how they do cross agile team development. >> Jeff: Right. >> And that's what we're starting to see today. >> Yeah. It's really interesting you think of some young engineer that just graduated from school, gets a job at Google and you know, you get all your food there and they'll do your dry cleaning and they'll change the oil in your car and they'll, you know, take care of everything. And, and so there's this little growth in these little micro houses. Well guess what, now you don't have any of that stuff anymore. The micro house with no kitchen or kitchen that does look so attractive. And I want to shift gears a little bit more detail on NTT. You know, we've talked to lots of people about new ways to work. IBM, Citrix, you know, VM-ware has a solution and you work with big company. So how does NTT fit in, you know, kind of a transformation process big and that on the big scale, but more kind of an employee engagement and a work from anywhere type of engagement. How do you guys fit within, you know, big system integrators, like a center that are driving organizational change and, you know, kind of all this other suite of technology that they might already have in place. >> Yeah. I mean, we sort of sit in that role of a service delivery organization as well as systems integrator. So our role is to actually go into those clients and sit down with them, which is now virtually, rather than in person a lot of the time. And really understand what are those business KPIs they have and help them shape that strategy. And to do that, you've got to understand what they have today, that view of the assets. And that goes across multiple components as you said, from, you know, desktop application, security, inclusive of culture, property assets, network. And what we do is really take a holistic view of those areas that go for you to reach that business goal, that KPI, you know, this is the project that you're going to have to do. And anything around employee engagement ultimately is fed also by how good your network is and how secure that network is to deliver those applications efficiently for that employee to carry out their task in that frictionless way. So we have a very holistic view about how we then deliver Upgrade. That the core infrastructure, we do that secure by design is our sort of policy and everything we do, you know, security is embedded into what we do, and then we deliver that outcome. But then we erupt things like adoption services. I think one thing in the past, you know, people say here's a technology, go on and do it. Especially nowadays, you've got quite complex platforms. You've got to really understand how do you give information to people to self serve them, that sort of nudge technology, so they can understand how to carry it out on that idea of adoption training. Change of management is becoming ever increasingly important for our clients. >> Right. So I wan shift gears again, Alex, and talk about the show Upgrade 2020. Lot of (laughs) a lot of really heavy science going on here in healthcare, in IT, in a whole bunch of areas. Pretty exciting stuff, you know, we've talked to some other guests about some of the real details and I'm definitely going to attend some sessions and have my brain exploded I'm sure. But I'm just curious of how it fits with what your doing, you know, you've been involved, as you said, not necessarily the NTT, but you've been involved in kind of workplace collaboration tools for a long, long time. You know, how do you see, you know, kind of basic research and some of this really fundamental research, you know, kind of helping you and your customers and your solutions, you know, as we kind of moved down the road. >> Alright, hold at that. The main conversation we're having with executives today is this idea of employee wellbeing and experience is fundamental to the success of their business. 'Cause it drives customer centricity productivity gains. You've got to think about how technology can underpin that and deliver insights to you. So, you know, the new currency is data. And what I find really interesting around and what we're talking about with Upgrade 2020 is this ideas of digital twins. So when you think of this concept of a digital twin, it all is based on this idea of extensibility. So all your decisions that you're making right to today, you know, these short term decisions you having to do for business continuity, you've got to think about the longterm impact of how you're going to be able to ingest that data from all those systems into a central area, to give you insight. Now, from that insight, you've then got the, you know, the power of machine learning and artificial intelligence to actually say right, for this component how many of my employees really are? Then well, are they doing well in the productivity gains? And from my property estate, you know, how many of my properties are actually reducing the energy consumption? And are we adhering to our sustainability goals? Are they well? So the actual physical environment is safe for those employees. So all of those disparate platforms have to come together into that one area and give you insight. So that the marrying of physical space with the how humans interact all into a digital twin, I think is really interesting and something I'm speaking to clients about day in, day out. >> I love that, that is awesome. You know, we're first exposed to the digital twin concept years ago, doing some work with general electric, because they were doing a lot of digital twin work around, you know, engines on airplanes and, you know, simulate an airplane engine that's running on a plane in the Middle East, it's going to act very different than a plane that's running in Alaska. And then, you know, I love the concept of digital twin around the context of people in medicine, right. And modeling a heart or modeling a behavior system or cardiovascular system. How are you talking about digital twins? 'Cause it sounds like you're talking about kind of a combination between, you know, kind of individual people and how they're doing versus some group of people as a unit or organization. And then you even mentioned, you know, sustainability goals and buildings. So when you're talking about digital twin in this context, what are the boundaries? How are you organizing that thing that you can then do, you know, kind of tests and kind of predictive exercises to see how the real thing is going to do relative to what the digital twin did. >> Yeah. But it goes back to defining those business outcomes. And most of the discussions we're having is, yeah, obviously increased productivity, but it's also a reducing costs. A big one we've seen in my area is attraction retention of talent. You know, intellectual property is going to differentiate organizations in the future as technology sort of standardizes. But sustainability again from the research we've done is really high up on the executives agenda. You know, the idea that we, as NTT as well, we have a duty to society to actually start giving back a view of how technology can improve the sustainability goal. And in fact, we've just become the business Avenger for the UN sustainability goal, number 11, around the idea of communities and smart cities. So the clients that I'm speaking to when they're looking at those business objectives are no 10, 15% of my, my actual costs associated to my property. We've now got a new distributed workforce, but I've got a huge amount of energy going into those properties. Now we can actually connect now building management systems into now that digital twin. We can also start to look at the other platforms such as lifts, you know, also all the heating and air ventilation. And start to get the data that allows us to model and predict when certain issues may occur. So, you know, as less people start coming in, you'll have occupancy data. You'll be able to say, you're actually, this location has only been used 30% capacity. We could reduce the amount of space we have, or in fact, we don't need that space at all. And in that space, we know that we're running an HVAC system and air conditioning a hundred percent of the time. You start to actually reduce that and you can reduce energy consumption by 30%. Now goes back to this whole idea of extensibility on one building that can have a big impact, but across 500 buildings that we're NTT have, that's a significant amount of energy that we can change. >> Jeff: Right. >> And also you can then start to think about the idea of, you know, more different type of power purchasing agreement with sustainable energy going into those environments. >> So many, you know, kind of so many interesting twists and turns on this journey since, you know, that COVID hit. And it is going to be really fascinating to see kind of what sticks and, you know, and the longterm ramifications. 'Cause we're not going back to the way that it was. I think that's not even a question. Just the last thing on kind of the data, you know, we saw some really, I think not such great things early on in this thing where, you know, you get put us basically a sniffer on and you know, our people sitting in front of their computer all day. I saw some nasty thing on Twitter the other day. My boss wants me to be on Zoom calls all day long. I mean, do people get it that, you know, there's an opportunity to increase motivation, not decrease motivation by, you know, a responsible use and a good use of this data versus, you know, a potential perception of, well now they're just big brothering me to death. >> It's such a hot topic, right? I mean, even before COVID we had, you know, the GDPR compliance in Europe. But that ultimately is a global compliance and the West coast America also got a similar one now about what data you're actually keeping about me as an individual. And I should have access to that and I can not speak to my company about it. And is it big brother or actually using that data to help inform me as an individual ways of improving the way I work or working in a way that has a better balance for me as an individual. And we're having these conversations with our clients right now about how we do this, because they having to work with workers counselors in countries like Germany. Because track and trace does have that view of that sort of big brother. What, where are you? What are you doing? And how long have you been on your computer? I think it's down to the culture of your business and the purpose that you have and how you engage with your employees, that you show that data to be about all benefiting them as an individual. Now, I'm going back to that digital twin, that the view of ingesting data, then from perhaps platforms like, you know, Cisco WebEx or Office 365, and you can see how long they are actually in front of their screen. You can then start to predict and see where you may have burnout or in fact affect change where you say RHR policy should dictate, you shouldn't be working 14 hours a day. That's not good for you. It's not good for us. And actually nudge them and teach them about taking no time away from the desk and actually having a better work balance. And that's important because it all goes back to increases the productivity longterm, but it's great brand association and it's good for attraction and retention of talent. >> Right, Right. Well, I think the retention and attraction is a huge thing. You keep talking about productivity and obviously in your blog post talking about engagement, right. And engagement is such a direct tie to that. And then at the bottom line (giggles) it's kind of like diversity of opinion. It actually makes good business sense. And you actually put more money in the bank at the end of the day, when you do some of these more progressive, you know, kind of approaches to how you manage the people. 'Cause they're not machines, they're people. >> Yeah. And you should allow them to make decisions. You know, that again, distributed working, you've got to think of how to empower them with the tools that gives them the choice to make decisions. And you know, that that decision making is more democratized inside of organizations that are successful. But if you don't have the technology that allows them to do that, it goes back to a hierarchical decision making. And that takes time, it's slower to market, and then you know, you're not as successful as your competition. So we're really trying to prove that this idea of thinking about people first using the data that backs it up you know, with empirical data to show the benefits, is the way forward for organizations today. >> Yeah. Alex, great conversation. Certainly nothing but opportunity (laughs) I had for you and what you do in this really fast evolving and transformative space, which is so important. Which is how do people work? How do they feel good? How are they engaged? How are they productive and really contribute? And at the end of the day, it is good business. So exciting times, good luck on the show and some of this crazy research coming out of it on the digital twin, and we look forward to continuing to watch the story unfold. >> Thank you very much, Jeff. >> Alright. He's Alex. I'm Jeff. You're watching Upgrade 2020. The continuous coverage from theCUBE. Thanks for watching. We'll see you next time.

>> Narrator: From around the globe. It's theCUBE covering space in cybersecurity symposium 2020 hosted by Cal Poly. >> Hello, everyone. Welcome to the space and cybersecurity symposium, 2020 hosted by Cal Poly where the intersection of space and security are coming together. I'm John Furrier, your host with theCUBE here in California. I want to welcome our featured guest, Lieutenant General, John F. Thompson with the United States Space Force approach to cybersecurity. That's the topic of this session. And of course he's the commander of the space and missile system center in Los Angeles Air Force Base. Also heading up Space Force. General, thank you for coming on. I really appreciate to you kicking this off. Welcome to the symposium. >> Hey, so thank you very much, John, for that very kind introduction. Also very much thank you to Cal Poly for this opportunity to speak to this audience today. Also a special shout out to one of the organizers, Dustin Debrun, for all of his work, helping get us to this point. Ladies and gentlemen as a John mentioned, I'm JT Thompson. I lead the 6,000 men and women of the United States Space Force's Space and Missile System Center, which is headquartered here at Los Angeles Air Force Base and El Segundo. If you're not quite sure where that's at, it's about a mile and a half from LAX. This is our main operating location, but we do have a number of other operating locations around the country. We're about 500 people at Kirtland Air Force Base in Albuquerque, New Mexico, and an about another 500 people on the front range of the Rockies between Colorado Springs and Denver plus a smattering of other much smaller operating locations nationwide. We're responsible for acquiring, developing and sustaining the United States Space Force's, critical space assets. That includes the satellites in the space layer and also on the ground layer our ground segments to operate those satellites. And we also are in charge of procuring launch services for the US Space Force and a number of our critical mission partners across the Department of Defense and the intelligence community. Just as a couple of examples of some of the things we do, if you're unfamiliar with our work we developed and currently sustain the 31 satellite GPS constellation that satellite constellation, while originally intended to help with global navigation, those GPS signals have provided trillions of dollars in unanticipated value to the global economy over the past three decades. GPS is everywhere. I think everybody realizes that. Agriculture, banking, the stock market, the airline industry, separate and distinct navigation systems. It's really pervasive across both capabilities for our Department of Defense and capabilities for our economy and individuals, billions of individuals across our country and the planet. Some of the other work we do for instance, in the communications sector, secure communications satellites that we designed and build that link America's sons and daughters serving in the military around the world and really enable real time support and comms for our deployed forces. And those of our allies. We also acquire infrared missile warning satellites that monitor the planet for missile launches that provide advanced warning to the US Homeland and to our allies in case some of those missile launches are nefarious. On a note, that's probably a lot closer to home, maybe a lot closer to home than many of us want to think about here in the state of California. In 2018, SMC jumped through a bunch of red tape and bureaucracy to partner with the US Forest Service during two of the largest wildfires in the state's history, the Camp and Woolsey fires in Northern California. As those fires spread out of control, we created processes on the fly to share data from our missile warning satellites. Those are satellites that are systems that are purpose built to see heat sources from thousands of miles above the planet. And we collaborated with the US Forest Service so that firefighters on the ground could track those fires more in real time and better forecast fires and where they were spreading, thereby saving lives and property by identifying hotspots and flareups for firefighters. That data that we were able to working with our contractors pass to the US Forest Service and authorities here in California, was passed in less than an hour as it was collected to get it into the hands of the emergency responders, the first responders as quickly as possible and doing that in an hour greatly surpassed what was available from some of the other assets in the airborne and ground-based fire spotters. It was really instrumental in fighting those fires and stopping their spread. We've continued that involvement in recent years, using multiple systems to support firefighters across the Western US this fall, as they battled numerous wildfires that unfortunately continue. Working together with the US Forest Service and with other partners we'd like to think that we've made a difference here, but there's still a lot more work to go. And I think that we should always be asking ourselves what else can space data be used for and how can we more rapidly get that space data to stakeholders so that they can use it for purposes of good, if you will. How else can we protect our nation? How else can we protect our friends and allies? I think a major component of the discussion that we will have throughout this conference is that the space landscape has changed rapidly and continues to change rapidly. Just over the past few years, John and I were talking before we went live here and 80 nations now have space programs. Nearly 80 space faring nations on the planet. If you just look at one mission area that the Department of Defense is interested in, and that's small launch, there are currently over 100 different small launch companies within the US industrial base vying for commercial DoD and civil payload capabilities, mostly to lower earth orbit. It's truly a remarkable time. If you factor in those things like artificial intelligence and machine learning, where we're revolutionizing really, the ways that we generate process and use data. It's really remarkable. In 2016, so if you think about this four years ago, NASA estimated that there were 28 terabytes of information transiting their space network each day. And that was four years ago. Obviously we've got a lot of desire to work with a lot of the people in the audience in this conference, we need to work with big thinkers, like many of you to answer questions on how best we apply data analytics to extract value and meaning from that data. We need new generations of thinkers to help apply cutting edge theories of data mining, cyber behaviorism, and Internet of Things 2.0, it's just truly a remarkable time to be in the space business and the cyber aspects of the space business are truly, truly daunting and important to all of us. Integrating cyber security into our space systems, both commercial and government is a mandate. it's no longer just a nice to have as the US Space Force and Department of the Air Force leadership has said many times over the past couple of years, space is becoming congested and contested. And that contested aspect means that we've got to focus on cyber security in the same way that the banking industry and cyber commerce focus on cybersecurity day in and day out. The value of the data and services provided is really directly tied to the integrity and availability of that data and services from the space layer, from the ground control segments associated with it. And this value is not just military, it's also economic and it's not just American, it's also a value for the entire world, particularly our allies, as we all depend upon space and space systems. Your neighbors and friends here in California that are employed at the space and missile system center work with network defenders. We work with our commercial contractors and our systems developers, our international allies and partners to try and build as secure and resilient systems as we can from the ground up that keep the global comments of space free and open for exploration and for commerce as John and I were talking earlier, before we came online, there's an aspect of cybersecurity for space systems, especially for some of our legacy systems, that's more, how do we bolt this on? Cause we fielded those space systems a number of years ago, and the challenges of cybersecurity in the space domain have grown. So we have a part that we have to worry about, bolting it on, but then we have to worry about building it in as we field new systems and build in a flexibility that realizes that the cyber threat or the cybersecurity landscape will evolve over time. It's not just going to be stagnant. There will always be new vulnerabilities and new threat vectors that we all have to look at. Look, as Secretary Barrett, who is our secretary of the air force likes to say most Americans use space before they have their first cup of coffee in the morning. The American way of life really depends on space. And as part of the United States Space Force, we work with defense leaders, our Congress joint, and international military teammates and industry to ensure American leadership in space. I really thank you for this opportunity to address the audience today, John, and thanks so much to Cal Poly for letting me be one of the speakers at this event. I've really looked forward to this for several months. And so with that, I look forward to your questions as we kind of move along here. >> General, thank you very much for those awesome introductory statement. For the folks watching on the stream, Brigadier General Carthan's going to be in the chat, answering any questions, feel free to chat away. He's the vice commander of Space and Missile System Center, he'll be available. A couple of comments from your keynote before I get to my questions. Cause it just jumped into my head. You mentioned the benefits of say space with the fires in California. We're living that here. That's really realtime. That's a benefit. You also mentioned the ability for more people launching payloads into space. I'm only imagined Moore's law smaller, faster, cheaper applies to rockets too. So I'm imagining you have the benefits of space and you have now more potential objects flying out sanctioned and maybe unsanctioned. So is it going to be more rules around that? This is an interesting question cause it's exciting Space Force, but for all the good there is potentially bad out there. >> Yeah. So John, I think the basics of your question is as space becomes more congested and contested, is there a need for more international norms of how satellites fly in space? What kind of basic features satellites have to perhaps de orbit themselves? What kind of basic protections should all satellites be afforded as part of a peaceful global commons of space? I think those are all fantastic questions. And I know that US and many allied policy makers are looking very, very hard at those kinds of questions in terms of what are the norms of behavior and how we field, and field as the military term. But how we populate using civil or commercial terms that space layer at different altitudes, lower earth orbit, mid earth orbit, geosynchronous earth orbit, different kinds of orbits, what the kind of mission areas we accomplished from space. That's all things that need to be definitely taken into account as the place gets a little bit, not a little bit as the place gets increasingly more popular day in and day out. >> I'm super excited for Space Force. I know that a new generation of young folks are really interested in it's an emerging, changing great space. The focus here at this conference is space and cybersecurity, the intersection. I'd like to get your thoughts on the approach that a space force is taking to cybersecurity and how it impacts our national goals here in the United States. >> Yeah. So that's a great question John, let me talk about it in two basic ways. At number one is an and I know some people in the audience, this might make them a little bit uncomfortable, but I have to talk about the threat. And then relative to that threat, I really have to talk about the importance of cyber and specifically cyber security, as it relates to that threat. The threats that we face really represented a new era of warfare and that new era of warfare involves both space and cyber. We've seen a lot of action in recent months from certain countries, notably China and Russia that have threatened what I referred to earlier as the peaceful global commons of space. For example, it threw many unclassified sources and media sources. Everybody should understand that the Russians have been testing on orbit anti-satellite capabilities. It's been very clear if you were following just the week before last, the Department of Defense released its 2020 military and security developments involving the People's Republic of China. And it was very clear that China is developing ASATs, electronic jammers, directed energy weapons, and most relevant to today's discussion, offensive cyber capabilities. There are kinetic threats that are very, very easy to see, but a cyber attack against a critical command and control site or against a particular spacecraft could be just as devastating to the system and our war fighters in the case of GPS and important to note that that GPS system also impacts many civilians who are dependent on those systems from a first response perspective and emergency services, a cyber attack against a ground control site could cause operators to lose control of a spacecraft or an attacker could feed spoofed data to assist them to mislead operators so that they sent emergency services personnel to the wrong address. Attacks on spacecraft on orbit, whether directly via a network intrusion or enabled through malware introduced during the system's production while we're building the satellite can cripple or corrupt the data. Denial-of-service type attacks on our global networks obviously would disrupt our data flow and interfere with ongoing operations and satellite control. If GPS went down, I hesitate to say it this way, cause we might elicit some screams from the audience. But if GPS went down a Starbucks, wouldn't be able to handle your mobile order, Uber drivers wouldn't be able to find you. And Domino's certainly wouldn't be able to get there in 30 minutes or less. So with a little bit of tongue in cheek there from a military operations perspective, it's dead serious. We have become accustomed in the commercial world to threats like ransomware and malware. And those things have unfortunately become commonplace in commercial terrestrial networks and computer systems. However, what we're seeing is that our adversaries with the increased competition in space these same techniques are being retooled, if you will, to use against our national security space systems day in and day out. As I said, during my opening remarks on the importance of cyber, the value of these systems is directly tied to their integrity. If commanders in the field, firefighters in California or baristas in Starbucks, can't trust the data they're receiving, then that really harms their decision making capabilities. One of the big trends we've recently seen is the move towards proliferated LEO constellations, obviously Space X's Starlink on the commercial side and on the military side, the work that DARPA and my organization SMC are doing on Blackjack and Casino, as well as some space transport layer constellation work that the space development agency is designing are all really, really important types of mesh network systems that will revolutionaries how we plan and field war fighting systems and commercial communications and internet providing systems. But they're also heavily reliant on cybersecurity. We've got to make sure that they are secured to avoid an accident or international damage. Loss of control of these constellations really could be catastrophic from both a mission perspective or from a satellites tumbling out of low earth orbit perspective. Another trend is introductions in artificial intelligence and machine learning, onboard spacecraft are at the edge. Our satellites are really not so much hardware systems with a little software anymore in the commercial sector and in the defense sector, they're basically flying boxes full of software. And we need to ensure that data that we're getting out of those flying boxes full of software are helping us base our decisions on accurate data and algorithms, governing the right actions and that those systems are impervious to the extent possible to nefarious modifications. So in summation, cybersecurity is a vital element of everything in our national security space goals. And I would argue for our national goals, writ large, including economic and information dimensions, the Space Force leadership at all levels from some of the brand new second lieutenants that general Raymond swore in to the space force this morning, ceremonially from the air force associations, airspace and cyberspace conference to the various highest levels, General Raymond, General DT Thompson, myself, and a number of other senior leaders in this enterprise. We've got to make sure that we're all working together to keep cyber security at the forefront of our space systems cause they absolutely depend on it. >> You mentioned hardware, software threats, opportunities, challenges. I want to ask you because you got me thinking of the minute they're around infrastructure. We've heard critical infrastructure, grids here on earth. You're talking about critical infrastructure, a redefinition of what critical infrastructure is, an extension of what we have. So I'd love to get your thoughts about Space Force's view of that critical infrastructure vis-a-vis the threat vectors, because the term threat vectors has been kicked around in the cyberspace. Oh you have threat vectors. They're always increasing the surface area. If the surface area is from space, it's an unlimited service area. So you got different vectors. So you've got new critical infrastructure developing real time, really fast. And you got an expanded threat vector landscape. Putting that in perspective for the folks that aren't really inside the ropes on these critical issues. How would you explain this and how would you talk about those two things? >> So I tell you, just like, I'm sure people in the security side or the cybersecurity side of the business in the banking industry feel, they feel like it's all possible threat vectors represent a dramatic and protect potentially existential threat to all of the dollars that they have in the banking system, to the financial sector. On the Department of Defense side, we've got to have sort of the same mindset. That threat vector from, to, and through space against critical space systems, ground segments, the launch enterprise, or transportation to orbit and the various different domains within space itself. Like I mentioned before, LEO, MEO and GEO based satellites with different orbits, all of the different mission areas that are accomplished from space that I mentioned earlier, some that I did mention like a weather tactical or wide band communications, various new features of space control. All of those are things that we have to worry about from a cyber security threat perspective. And it's a daunting challenge right now. >> Yeah, that's awesome. And one of the things we've been falling on the hardware side on the ground is the supply chain. We've seen, malware being, really put in a really obscure hardware. Who manufactures it? Is it being outsourced? Obviously government has restrictions, but with the private sector, you mentioned China and the US kind of working together across these peaceful areas. But you got to look at the supply chain. How does the supply chain in the security aspect impact the mission of the US space Force? >> Yeah. Yeah. So how about another, just in terms of an example, another kind of California based historical example. The very first US Satellite, Explorer 1, was built by the jet propulsion laboratory folks, not far from here in El Segundo, up in Pasadena, that satellite, when it was first built in the late 50s weighing a little bit, over 30 pounds. And I'm sure that each and every part was custom made and definitely made by US companies. Fast forward to today. The global supply chain is so tightly coupled, and frankly many industries are so specialized, almost specialized regionally around the planet. We focus every day to guarantee the integrity of every component that we put in our space systems is absolutely critical to the operations of those satellites and we're dependent upon them, but it becomes more difficult and more difficult to understand the heritage, if you will, of some of the parts that are used, the thousands of parts that are used in some of our satellites that are literally school bus sized. The space industry, especially national security space sector is relatively small compared to other commercial industries. And we're moving towards using more and more parts from non US companies. Cybersecurity and cyber awareness have to be baked in from the beginning if we're going to be using parts that maybe we don't necessarily understand 100% like an Explorer one, the lineage of that particular part. The environmental difficulties in space are well known. The radiation environment, the temperature extremes, the vacuum, those require specialized component. And the US military is not the only customer in that space. In fact, we're definitely not the dominant customer in space anymore. All those factors require us along with our other government partners and many different commercial space organizations to keep a very close eye on our supply chains, from a quality perspective, a security perspective and availability. There's open source reporting on supply training intrusions from many different breaches of commercial retailers to the infectious spread of compromised patches, if you will. And our adversaries are aware of these techniques. As I mentioned earlier, with other forms of attack, considering our supply chains and development networks really becomes fair game for our adversaries. So we have to take that threat seriously. Between the government and industry sectors here in the US. We're also working with our industry partners to enact stronger defenses and assess our own vulnerabilities. Last fall, we completed an extensive review of all of our major contracts here at Space and Missile System Center to determine the levels of cyber security requirements we've implemented across our portfolio. And it sounds really kind of businessy geeky, if you will. Hey, we looked at our contracts to make sure that we had the right clauses in our contracts to address cybersecurity as dynamically as we possibly could. And so we found ourselves having to add new language to our contracts, to require system developers, to implement some more advanced protective measures in this evolving cyber security environment. So that data handling and supply chain protections from contract inception to launch and operations were taken into account. Cyber security really is a key performance parameter for us now. Performance of the system, It's as important as cost, it's as important as schedule, because if we deliver the perfect system on time and on cost, it can perform that missile warning or that communications mission perfectly, but it's not cyber secure. If it's doesn't have cyber protections built into it, or the ability to implement mitigations against cyber threats, then we've essentially fielded a shoe box in space that doesn't do the CA the war fighter or the nation any good. Supply chain risk management is a major challenge for us. We're doing a lot to coordinate with our industry partners. We're all facing it head on to try and build secure and trusted components that keep our confidence as leaders, firefighters, and baristas as the case may be. But it is a challenge. And we're trying to rise to that challenge. >> This is so exciting this new area, because it really touches everything. Talk about geeking out on the tech, the hardware, the systems but also you put your kind of MBA hat on you go, what's the ROI of extra development and how things get built. Because the always the exciting thing for space geeks is like, if you're building cool stuff, it's exciting, but you still have to build. And cybersecurity has proven that security has to be baked in from the beginning and be thought as a system architecture. So you're still building things, which means you got to acquire things, you got to acquire parts, you got acquire build software and sustain it. How is security impacting the acquisition and the sustainment of these systems for space? >> Yeah. From initial development, through planning for the acquisition, design, development, our production fielding and sustainment, it impacts all aspects of the life cycle, John. We simply, especially from the concept of baking in cybersecurity, we can't wait until something is built and then try and figure out how to make it cyber secure. So we've moved way further towards working side by side with our system developers to strengthen cybersecurity from the very beginning of a systems development, cyber security, and the resilience associated with it really have to be treated as a key system attribute. As I mentioned earlier, equivalent with data rates or other metrics of performance. We like to talk in the space world about mission assurance and mission assurance has always sort of taken us as we technically geek out. Mission assurance has always taken us to the will this system work in space. Can it work in a vacuum? Can it work in as it transfers through the Van Allen radiation belt or through the Southern hemisphere's electromagnetic anomaly? Will it work out in space? And now from a resiliency perspective, yeah, it has to work in space. It's got to be functional in space, but it's also got to be resistant to these cybersecurity threats. It's not just, I think a General D.T Thompson quoted this term. It's not just widget assurance anymore. It's mission assurance. How does that satellite operator that ground control segment operate while under attack? So let me break your question a little bit, just for purposes of discussion into really two parts, cybersecurity, for systems that are new and cybersecurity for systems that are in sustainment are kind of old and legacy. Obviously there's cyber vulnerabilities that threatened both, and we really have to employ different strategies for defensive of each one. For new systems. We're desperately trying to implement across the Department of Defense and particularly in the space world, a kind of a dev sec ops methodology and practice to delivering software faster and with greater security for our space systems. Here at SMC, we have a program called enterprise ground services, which is a toolkit, basically a collection of tools for common command and control of different satellite systems, EGS as we call it has an integrated suite for defensive cyber capabilities. Network operators can use these tools to gain unprecedented insight to data flows and to monitor space network traffic for anomalies or other potential indicators of a bad behavior, malicious behavior, if you will, it's rudimentary at this point, but because we're using DevSecOps and that incremental development approach, as we scale it, it just becomes more and more capable. Every product increment that we feel. Here at LA Air Force Base, we have the United Space Force's West Coast Software Factory, which we've dubbed the Kobayashi Maru. They're using those agile DevOps software development practices to deliver a space awareness software to the combined space operations center. Affectionately called the CSpock that CSpock is just on the road from Cal Poly there in San Luis Obispo at Vandenberg Air Force Base. They've so securely linked the sea Spock with other space operation centers around the planet, our allies, Australia, Canada, and the UK. We're partnering with all of them to enable secure and enhanced combined space operations. So lots of new stuff going on as we bake in new development capabilities for our space systems. But as I mentioned earlier, we've got large constellations of satellites on orbit right now. Some of them are well in excess of a decade or more or old on orbit. And so the design aspects of those satellites are several decades old. But we still have to worry about them cause they're critical to our space capabilities. We've been working with an air force material command organization called CROWS, which stands for the Cyber Resiliency Office for Weapon Systems to assess all of those legacy platforms from a cyber security perspective and develop defensive strategies and potential hardware and software upgrades to those systems to better enable them to live through this increasingly cybersecurity concerned era that we currently live in. Our industry partners have been critical to both of those different avenues. Both new systems and legacy systems. We're working closely with them to defend and upgrade national assets and develop the capabilities to do similar with new national assets coming online. The vulnerabilities of our space systems really kind of threatened the way we've done business in the past, both militarily and in the case of GPS economically. The impacts of that cybersecurity risk are clear in our acquisition and sustainment processes, but I've got to tell you, as the threat vectors change, as the vulnerabilities change, we've got to be nimble enough, agile enough, to be able to bounce back and forth. We can't just say, many people in the audience are probably familiar with the RMF or the Risk Management Framework approach to reviewing the cyber security of a system. We can't have program managers and engineers just accomplish an RMF on a system. And then, hey, high five, we're all good. It's a journey, not a destination, that's cybersecurity. And it's a constant battle rhythm through our weapon systems lifecycle, not just a single event. >> I want to get to this commercial business needs and your needs on the next question. But before I go there, you mentioned agile. And I see that clearly because when you have accelerated innovation cycles, you've got to be faster. And we saw this in the computer industry, mainframes, mini computers, and then we started getting beyond maybe when the internet hit and PCs came out, you saw the big enterprises, the banks and government start to work with startups. And it used to be a joke in the entrepreneurial circles is that, there's no way if you are a startup you're ever going to get a contract with a big business enterprise. Now that used to be for public sector and certainly for you guys. So as you see startups out there and there's acquisition involved, I'm sure would love to have a contract with Space Force. There's an ROI calculation where if it's in space and you have a sustainment view and it's software, you might have a new kind of business model that could be attractive to startups. Could you share your thoughts on the folks who want to be a supplier to you, whether they're a startup or an existing business that wants to be agile, but they might not be that big company. >> John, that's a fantastic question. We're desperately trying to reach out to those new space advocates, to those startups, to those what we sometimes refer to, within the Department of Defense, those non traditional defense contractors. A couple of things just for thinking purposes on some of the things that we're trying to highlight. Three years ago, we created here at Space and Missile System Center, the Space Enterprise Consortium to provide a platform, a contractual vehicle, really to enable us to rapidly prototype, development of space systems and to collaborate between the US Space Force, traditional defense contractors, non traditional vendors like startups, and even some academic institutions. SPEC, as we call it, Space Enterprise Consortium uses a specialized contracting tool to get contracts awarded quickly. Many in the audience may be familiar with other transaction agreements. And that's what SPEC is based on. And so far in just three years, SPEC has awarded 75 different prototyping contracts worth over $800 million with a 36% reduction in time to award. And because it's a consortium based competition for these kinds of prototyping efforts, the barrier to entry for small and nontraditional, for startups, even for academic institutions to be able to compete for these kinds of prototyping has really lowered. These types of partnerships that we've been working through on spec have really helped us work with smaller companies who might not have the background or expertise in dealing with the government or in working with cyber security for their systems, both our developmental systems and the systems that they're designing and trying to build. We want to provide ways for companies large and small to partner together in support kind of mutually beneficial relationships between all. Recently at the Annual Air Force Association conference that I mentioned earlier, I moderated a panel with several space industry leaders, all from big traditional defense contractors, by the way. And they all stressed the importance of building bridges and partnerships between major contractors in the defense industry and new entrance. And that helps us capture the benefits of speed and agility that come with small companies and startups, as well as the expertise and specialized skill sets of some of those larger contractors that we rely on day in and day out. Advanced cyber security protections and utilization of secure facilities are just a couple of things that I think we could be prioritizing more so in those collaborations. As I mentioned earlier, the SPEC has been very successful in awarding a number of different prototyping contracts and large dollar values. And it's just going to get better. There's over 400 members of the space enterprise consortium, 80% of them are non traditional kinds of vendors. And we just love working with them. Another thing that many people in the audience may be familiar with in terms of our outreach to innovators, if you will, and innovators that include cyber security experts is our space pitch day events. So we held our first event last November in San Francisco, where we awarded over a two day period about $46 million to 30 different companies that had potentially game changing ideas. These were phase two small business innovative research efforts that we awarded with cash on the spot. We're planning on holding our second space pitch day in the spring of 2021. We're planning on doing it right here in Los Angeles, COVID-19 environment permitting. And we think that these are fantastic venues for identifying and working with high-speed startups, and small businesses who are interested in really, truly partnering with the US Air Force. It's, as I said before, it's a really exciting time to be a part of this business. And working with the innovation economy is something that the Department of Defense really needs to do in that the innovation that we used to think was ours. That 80% of the industrial base innovation that came from the Department of Defense, the script has been flipped there. And so now more than 70%, particularly in space innovation comes from the commercial sector, not from the defense business itself. And so that's a tsunami of investment and a tsunami of a capability. And I need to figure out how to get my surfboard out and ride it, you know what I mean? >> Yeah, It's one of those things where the script has been flipped, but it's exciting because it's impacting everything. When you're talking about systems architecture? You're talking about software, you're talking about a business model. You're talking about dev sec opsx from a technical perspective, but now you have a business model innovation. All the theaters are exploding in innovation, technical, business, personnel. This brings up the workforce challenge. You've got the cyber needs for the US Space Force, It's probably great ROI model for new kinds of software development that could be priced into contracts. That's a entrepreneurial innovation, you've got the business model theater, you've got the personnel. How does the industry adopt and change? You guys are clearly driving this. How does the industry adjust to you? >> Yeah. So I think a great way to answer that question is to just talk about the kind of people that we're trying to prioritize in the US Space Force from an acquisition perspective, and in this particular case from a cybersecurity perspective. As I mentioned earlier, it's the most exciting time to be in space programs, really since the days of Apollo. Just to put it in terms that maybe have an impact with the audience. From 1957 until today, approximately 9,000 satellites have been launched from the various space varying countries around the planet. Less than 2000 of those 9,000 are still up on orbit and operational. And yet in the new space regime players like Space X have plans to launch, 12,000 satellites for some of their constellations alone. It really is a remarkable time in terms of innovation and fielding of space capabilities and all of those space capabilities, whether they're commercial, civil, or defense are going to require appropriate cybersecurity protections. It's just a really exciting time to be working in stuff like this. And so folks like the folks in this audience who have a passion about space and a passion about cybersecurity are just the kind of people that we want to work with. Cause we need to make sure our systems are secure and resilient. We need folks that have technical and computing expertise, engineering skills to be able to design cyber secure systems that can detect and mitigate attacks. But we also, as you alluded to, we need people that have that business and business acumen, human networking background, so that we can launch the startups and work with the non traditional businesses. Help to bring them on board help, to secure both their data and our data and make sure our processes and systems are free as much as possible from attack. For preparation, for audience members who are young and maybe thinking about getting into this trade space, you got to be smart on digital networking. You got to understand basic internet protocols, concepts, programming languages, database design. Learn what you can for penetration or vulnerability testing and a risk assessment. I will tell you this, and I don't think he will, I know he will not mind me telling you this, but you got to be a lifelong learner and so two years ago, I'm at home evening and I get a phone call on my cell phone and it's my boss, the commander of Air Force Space command, General, J. Raymond, who is now currently the Chief of Space Operations. And he is on temporary duty, flying overseas. He lands where he's going and first thing he does when he lands is he calls me and he goes JT, while I was traveling, I noticed that there were eBooks available on the commercial airliner I was traveling on and there was an ebook on something called scrumming and agile DevSecOps. And I read it, have you read it? And I said, no, sir. But if you tell me what the title of the book is, I will read it. And so I got to go to my staff meeting, the very next week, the next time we had a staff meeting and tell everybody in the staff meeting, hey, if the four star and the three star can read the book about scrumming, then I'm pretty sure all of you around this table and all our lieutenants and our captains our GS13s, All of our government employees can get smart on the scrumming development process. And interestingly as another side, I had a telephone call with him last year during the holidays, where he was trying to take some leave. And I said, sir, what are you up to today? Are you making eggnog for the event tonight or whatever. And the Chief of Space Operations told me no, I'm trying to teach myself Python. I'm at lesson two, and it's not going so well, but I'm going to figure this out. And so that kind of thing, if the chief of staff or the Chief of Space Operations can prioritize scrumming and Python language and innovation in his daily schedule, then we're definitely looking for other people who can do that. And we'll just say, lower levels of rank throughout our entire space force enterprise. Look, we don't need people that can code a satellite from scratch, but we need to know, we need to have people that have a basic grasp of the programming basics and cybersecurity requirements. And that can turn those things into meaningful actions, obviously in the space domain, things like basic physics and orbital mechanics are also important spaces, not an intuitive domain. So under understanding how things survive on orbit is really critical to making the right design and operational decisions. And I know there's probably a lot, because of this conference. I know there's probably a whole lot of high speed cybersecurity experts out in the audience. And I need those people in the US Space Force. The country is counting on it, but I wouldn't discount having people that are just cyber aware or cyber savvy. I have contracting officers and logisticians and program managers, and they don't have to be high end cybersecurity experts, but they have to be aware enough about it to be able to implement cyber security protections into our space systems. So the skill set is really, really broad. Our adversaries are pouring billions of dollars into designing and fielding offensive and destructive space, cybersecurity weapons. They repeatedly shown really a blatant disregard of safety and international norms for good behavior on orbit. And the cyber security aspects of our space systems is really a key battleground going forward so that we can maintain that. As I mentioned before, peaceful global comments of space, we really need all hands on deck. If you're interested in helping in uniform, if you're interested in helping, not in uniform, but as a government employee, a commercial or civil employee to help us make cyber security more important or more able to be developed for our space systems. And we'd really love to work with you or have you on the team to build that safe and secure future for our space systems. >> Lieutenant General John Thompson, great insight. Thank you for sharing all that awesome stories too, and motivation for the young next generation. The United States Space Force approach to cybersecurity. Really amazing talk, thank you for your time. Final parting question is, as you look out and you have your magic wand, what's your view for the next few years in terms of things that we could accomplish? It's a super exciting time. What do you hope for? >> So first of all, John, thanks to you and thanks to Cal Poly for the invitation and thanks to everybody for their interest in cybersecurity, especially as it relates to space systems, that's here at the conference. There's a quote, and I'll read it here from Bernard Schriever, who was the founder, if you will, a legend in a DoD space, the founder of the Western development division, which was a predecessor organization to Space and Missile System Center, General Schriever, I think captures the essence of how we see the next couple of years. "The world has an ample supply of people "who can always come up with a dozen good reasons "why new ideas will not work and should not be tried, "but the people who produce progress are breed apart. "They have the imagination, "the courage and the persistence to find solutions." And so I think if you're hoping that the next few years of space innovation and cybersecurity innovation are going to be upon a pony ride at the County fair, then perhaps you should look for another line of work, because I think the next few years in space and cybersecurity innovation are going to be more like a rodeo and a very dynamic rodeo as it goes. It is an awesome privilege to be part of this ecosystem. It's really an honor for me to be able to play some small role in the space ecosystem and trying to improve it while I'm trying to improve the chances of the United States of America in a space war fighting environment. And so I thank all of you for participating today and for this little bit of time that you've allowed me to share with you. Thank you. >> Sir, thank you for your leadership and thank you for the time for this awesome event, Space and Cyber Cybersecurity Symposium 2020, I'm John Furrier on behalf of Cal Poly, thanks for watching. (mellow music)