(upbeat music) >> Welcome to this CUBE conversation. I am Lisa Martin, excited to welcome back one of our distinguished alumni, Derek Manky joins me next. Chief security Insights and Global Threat Alliances at Fortinet's FortiGuard Labs. Derek, welcome back to the program. >> Yes, it's great to be here and great to see you again, Lisa. Thanks for having me. >> Likewise, yeah, so a lot has happened. I know we've seen you during this virtual world, but so much has happened with ransomware in the last year. It's unbelievable, we had this dramatic shift to a distributed workforce, you had personal devices on in network perimeters and non-trusted devices or trusted devices on home networks and lots of change there. Talk to me about some of the things that you and FortiGuard Labs have seen with respect to the evolution of ransomware. >> Yeah, sure, so it's becoming worse, no doubt. We highlighted this in our Threat Landscape Report. If we just take a step back looking at ransomware itself, it actually started in the late 1980s. And it didn't, that was very, they relied on snail mail. It was obviously there was no market for it at the time. It was just a proof of concept, a failed experiment if you will. But it really started getting hot a decade ago, 10 years ago but the technology back then wasn't the cryptography they're using, the technique wasn't as strong as easily reversed. And so they didn't really get to a lot of revenue or business from the cyber criminal perspective. That is absolutely not the case today. Now they have very smart cryptography they're experts when say they, the cyber criminals at their game. They know there's a lot of the attack surfaces growing. There's a lot of vulnerable people out there. There's a lot of vulnerable devices. And this is what we saw in our threat landscape group. What we saw at seven times increase in ransomware activity in the second half of 2020. And that momentum is continuing in 2021. It's being fueled by what you just talked about. By the work from anywhere, work from home environment a lot of vulnerable devices unpatched. And these are the vehicles that the ransomware is the payload of course, that's the way that they're monetizing this. But the reality is that the attack surface has expanded, there's more vulnerable people and cyber criminals are absolutely capitalizing on that. >> Right, we've even seen cyber criminals capitalizing on the pandemic fears with things that were around the World Health Organization or COVID-19 or going after healthcare. Did you see an uptick in healthcare threats and activities as well in the last year? >> Yeah, definitely, so I would start to say that first of all, the... Nobody is immune when it comes to ransomware. This is such again, a hot target or a technique that the cybercriminals are using. So when we look at the verticals, absolutely healthcare is in the top five that we've seen, but the key difference is there's two houses here, right? You have what we call the broad blanketed ransomware attacks. So these aren't going after any particular vertical. They're really just trying to spray as much as they can through phishing campaigns, not through... there's a lot of web traffic out there. We see a lot of things that are used to open playing on that COVID-19 theme we got, right? Emails from HR or taxes and scams. It's all related to ransomware because these are how they're trying to get the masses to open that up, pay some data sorry, pay some cryptocurrency to get access to their data back. Oftentimes they're being held for extortions. They may have photos or video or audio captures. So it's a lot of fear they're trying to steal these people but probably the more concern is just what you talked about, healthcare, operational technology. These are large business revenue streams. These are take cases of targeted ransoms which is much different because instead of a big volumetric attack, these are premeditated. They're going after with specific targets in mind specific social engineering rules. And they know that they're hitting the corporate assets or in the case of healthcare critical systems where it hurts they know that there's high stakes and so they're demanding high returns in terms of ransoms as well. >> With respect to the broad ransomware attacks versus targeted a couple of questions to kind of dissect that. Are the targeted attacks, are they in like behind the network firewall longer and faster, longer and getting more information? Are they demanding higher ransom versus the broader attacks? What's what are some of the distinctions there besides what you mentioned? >> Yeah, absolutely so the targeted texts are more about execution, right? So if we look at the attack chain and they're doing more in terms of reconnaissance, they're spending more cycles and investment really on their end in terms of weaponization, how they can actually get into the system, how they can remain undetected, collecting and gathering information. What we're seeing with groups like Ragnar Locker as an example, they're going in and they're collecting in some cases, terabytes of information, a lot, they're going after definitely intellectual property, things like source code, also PII for customers as an example, and they're holding them. They have a whole business strategy and plan in mind on their place, right? They hold them for ransom. They're often, it's essentially a denial of service in some cases of taking a revenue stream or applications offline so a business can't function. And then what they're doing is that they're actually setting up crime services on their end. They, a lot of the the newest ransom notes that we're seeing in these targeted attacks are setting up channels to what they call a live chat support channel that the victim would log into and actually talk directly live to the cybercriminal or one of their associates to be able to negotiate the ransom. And they're trying to have in their point of view they're trying frame this as a good thing and say, we're going to show you that our technology works. We can decrypt some of the files on your system as an example just to prove that we are who we say we are but then they go on to say, instead of $10 million, we can negotiate down to 6 million, this is a good deal, you're getting 30% off or whatever it is but the fact is that they know by the time they've gotten to this they've done all their homework before that, right? They've done the targets, they've done all the things that they can to know that they have the organization in their grasp, right? >> One of the things that you mentioned just something I never thought about as ransomware as a business, the sophistication level is just growing and growing and growing and growing. And of course, even other bad actors, they have access to all the emerging technologies that the good guys do. But talk to me about this business of ransomware because that's what it seems like it really has become. >> Absolutely, it is massively sad. If you look at the cybercrime ecosystem like the way that they're actually pulling this off it's not just one individual or one cyber crime ring that, let's say five to 10 people that are trying to orchestrate this. These are big rings, we actually work closely as an example to, we're doing everything from the FortiGuard Labs with following the latest ransomware trends doing the protection and mitigation but also working to find out who these people are, what are their tactics and really attribute it and paint a picture of these organizations. And they're big, we worked on some cases where there's over 50 people just in one ransomware gang. One of the cases we worked on, they were making over $60 million US in three months, as an example. And in some cases, keep in mind one of these targeted attacks like in terms of ransom demands and the targeted cases they can be an excess of $10 million just for one ransom attack. And like I said, we're seeing a seven times increase in the amount of attack activity. And what they're doing in terms of the business is they've set up affiliate marketing. Essentially, they have affiliates in the middle that will actually distribute the ransomware. So they're basically outsourcing this to other individuals. If they hit people with their ransomware and the people pay then the affiliate in the middle will actually get a commission cut of that, very high, typically 40 to 50%. And that's really what's making this lucrative business model too. >> Wow, My jaw is dropping just the sophistication but also the different levels to which they've put a business together. And unfortunately, for every industry it sounds very lucrative, so how then Derek do organizations protect themselves against this, especially knowing that a lot of this work from home stuff is going to persist. Some people want to stay home, what not. The proliferation of devices is only going to continue. So what are organizations start and how can you guys help? >> Start with the people, so we'll talk about three things, people, technology and processes. The people, unfortunately, this is not just about ransomware but definitely applies to ransomware but any attack, humans are still often the weakest link in terms of education, right? A lot of these ransomware campaigns will be going after people using nowadays seems like tax themes purporting to be from the IRS as an example or human resources departments or governments and health authorities, vaccination scams all these things, right? But what they're trying to do is to get people to click on that link, still to open up a malicious attachment that will then infect them with the ransomware. This of course, if an employee is up to date and hones their skills so that they know basically a zero trust mentality is what I like to talk about. You wouldn't just invite a stranger into your house to open a package that you didn't order but people are doing this a lot of the times with email. So really starting with the people first is important. There's a lot of free training information and security. There is awareness training, we offer that at Fortinet. There's even advanced training we do through our NSC program as an example. But then on top of that there's things like phishing tests that you can do regularly, penetration testing as well, exercises like that are very important because that is really the first line of defense. Moving past that you want to get into the technology piece. And of course, there's a whole, this is a security fabric. There's a whole array of solutions. Like I said, everything needs to be integrated. So we have an EDR and XDR as an example sitting on the end point, cause oftentimes they still need to get that ransomware payload to run on the end point. So having a technology like EDR goes a long way to be able to detect the threat, quarantine and block it. There's also of course a multi-factor authentication when it comes to identifying who's connecting to these environments. Patch management, we talk about all the time. That's part of the technology piece. The reality is that we highlight in the threat landscape report the software vulnerabilities that these rats more gangs are going after are two to three years old. They're not breaking within the last month they're two to three years old. So it's still about the patch management cycle, having that holistic integrated security architecture and the fabric is really important. NAC network access control is zero trust, network access is really important as well. One of the biggest culprits we're seeing with these ransom attacks is using IOT devices as launchpads as an example into networks 'cause they're in these work from home environments and there's a lot of unsecured or uninspected devices sitting on those networks. Finally process, right? So it's always good to have it all in your defense plan training and education, technology for mitigation but then also thinking about the what if scenario, right? So incident response planning, what do we do if we get hit? Of course we never recommend to pay the ransom. So it's good to have a plan in place. It's good to identify what your corporate assets are and the likely targets that cyber-criminals are going to go after and make sure that you have rigid security controls and threat intelligence like FortiGuard Labs applied to that. >> Yeah, you talk about the weakest link they are people I know you and I talked about that on numerous segments. It's one of the biggest challenges but I've seen some people that are really experts in security read a phishing email and almost fall for it. Like it looked so legitimately from like their bank for example. So in that case, what are some of the things that businesses can do when it looks so legitimate that it probably is going to have a unfortunately a good conversion rate? >> Yeah, so this is what I was talking about earlier that these targeted attacks especially when it comes to spear, when it comes to the reconnaissance they got so clever, it can be can so realistic. That's the, it becomes a very effective weapon. That's why the sophistication and the risk is rising like I said but that's why you want to have this multilayered approach, right? So if that first line of defense does yield, if they do click on the link, if they do try to open the malicious attachment, first of all again through the next generation firewall Sandboxing solutions like that, this technology is capable of inspecting that, acting like is this, we even have a FortiAI as an example, artificial intelligence, machine learning that can actually scan this events and know is this actually an attack? So that element goes a long way to actually scrub it like content CDR as well, content disarm as an example this is a way to actually scrub that content. So it doesn't actually run it in the first place but if it does run again, this is where EDR comes in like I said, at the end of the day they're also trying to get information out of the network. So having things like a Platinum Protection through the next generation firewall like with FortiGuard security subscription services is really important too. So it's all about that layered approach. You don't want just one single point of failure. You really want it, this is what we call the attack chain and the kill chain. There's no magic bullet when it comes to attackers moving, they have to go through a lot of phases to reach their end game. So having that layer of defense approach and blocking it at any one of those phases. So even if that human does click on it you're still mitigating the attack and protecting the damage. Keep in mind a lot of damages in some cases kind of a million dollars plus. >> Right, is that the average ransom, 10 million US dollars. >> So the average cost of data breaches that we're seeing which are often related to ransom attacks is close to that in the US, I believe it's around just under $9 million about 8.7 million, just for one data breach. And often those data breaches now, again what's happening is that the data it's not just about encrypting the data, getting access because a lot of organizations part of the technology piece and the process that we recommend is backups as well of data. I would say, organizations are getting better at that now but it's one thing to back up your data. But if that data is breached again, cybercriminals are now moving to this model of extorting that saying, unless you pay us this money we're going to go out and make this public. We're going to put it on paste and we're going to sell it to nefarious people on the dark web as well. >> One more thing I want to ask you in terms of proliferation we talked about the distributed workforce but one of the things, and here we are using Zoom to talk to each other, instead of getting to sit together in person we saw this massive proliferation in collaboration tools to keep people connected, families businesses. I talked a bit a lot of businesses who initially will say, oh we're using Microsoft 365 and they're protecting the data while they're not or Salesforce or Slack. And that shared responsibility model is something that I've been hearing a lot more about lately that businesses needing to recognize for those cloud applications that we're using and in which there's a lot of data traversing it could include PII or IP. We're responsible for that as the customer to protect our data, the vendor's responsible for protecting the integrity of the infrastructure. Share it with us a little bit about that in terms of your thoughts on like data protection and backup for those SaaS applications. >> Yeah, great question, great question tough one. It is so, I mean ultimately everybody has to have, I believe it has to have their position in this. It's not, it is a collaborative environment. Everyone has to be a stakeholder in this even down to the end users, the employees being educated and up-to-date as an example, the IT departments and security operation centers of vendors being able to do all the threat intelligence and scrubbing. But then when you extend that to the public cloud what is the cloud security stack look at, right? How integrated is that? Are there scrubbing and protection controls sitting on the cloud environments? What data is being sent to that, should it be cited center as an example? what's the retention period? How long does the data live on there? It's the same thing as when you go out and you buy one of these IOT devices as an example from say, a big box store and you go and just plug it into your network. It's the same questions we should be asking, right? What's the security like on this device model? Who's making it, what data is it going to ask for me? The same thing when you're installing an application on your mobile phone, this is what I mean about that zero trust environment. It should be earned trust. So it's a big thing, right? To be able to ask those questions and then only do it on a sort of need to know and medium basis. The good news is that a lot of CloudStack now and environments are integrating security controls. We integrated quite well with Fortinet as an example but this is an issue of supply chain. It's really important to know what lives upstream and how they're handling the data and how they're protecting it absolutely. >> Such interesting information and it's a topic ransomware that we could continue talking about, Derek, thank you for joining me on the program today updating us on what's going on, how it's evolving and ultimately what organizations in any industry need to do with protecting people and technology and processes to really start reducing their risks. I thank you so much for joining me today. >> All right it's a pleasure, thank you. >> Likewise Derek Manky I'm Lisa Martin. You're watching this CUBE conversation. (upbeat music)

(upbeat music) >> Welcome to this CUBE conversation. I am Lisa Martin, excited to welcome back one of our distinguished alumni, Derek Manky joins me next. Chief security Insights and Global Threat Alliances at Fortinet's FortiGuard Labs. Derek, welcome back to the program. >> Yes, it's great to be here and great to see you again, Lisa. Thanks for having me. >> Likewise, yeah, so a lot has happened. I know we've seen you during this virtual world, but so much has happened with ransomware in the last year. It's unbelievable, we had about 14 months ago, this dramatic shift to a distributed workforce, you had personal devices on in network perimeters and non-trusted devices or trusted devices on home networks and lots of change there. Talk to me about some of the things that you and FortiGuard Labs have seen with respect to the evolution of ransomware. >> Yeah, sure, so it's becoming worse, no doubt. We highlighted this in our Threat Landscape Report. If we just take a step back looking at ransomware itself, it actually started in the late 1980s. And it didn't, that was very, they relied on snail mail. It was obviously there was no market for it at the time. It was just a proof of concept, a failed experiment if you will. But it really started getting hot a decade ago, 10 years ago but the technology back then wasn't the cryptography they're using, the technique wasn't as strong as easily reversed. And so they didn't really get to a lot of revenue or business from the cyber criminal perspective. That is absolutely not the case today. Now they have very smart cryptography they're experts when say they, the cyber criminals at their game. They know there's a lot of the attack surfaces growing. There's a lot of vulnerable people out there. There's a lot of vulnerable devices. And this is what we saw in our threat landscape group. What we saw at seven times increase in ransomware activity in the second half of 2020. And that momentum is continuing in 2021. It's being fueled by what you just talked about. By the work from anywhere, work from home environment a lot of vulnerable devices unpatched. And these are the vehicles that the ransomware is the payload of course, that's the way that they're monetizing this. But the reality is that the attack surface has expanded, there's more vulnerable people and cyber criminals are absolutely capitalizing on that. >> Right, we've even seen cyber criminals capitalizing on the pandemic fears with things that were around the World Health Organization or COVID-19 or going after healthcare. Did you see an uptick in healthcare threats and activities as well in the last year? >> Yeah, definitely, so I would start to say that first of all, the... Nobody is immune when it comes to ransomware. This is such again, a hot target or a technique that the cybercriminals are using. So when we look at the verticals, absolutely healthcare is in the top five that we've seen, but the key difference is there's two houses here, right? You have what we call the broad blanketed ransomware attacks. So these aren't going after any particular vertical. They're really just trying to spray as much as they can through phishing campaigns, not through... there's a lot of web traffic out there. We see a lot of things that are used to open playing on that COVID-19 theme we got, right? Emails from HR or taxes and scams. It's all related to ransomware because these are how they're trying to get the masses to open that up, pay some data sorry, pay some cryptocurrency to get access to their data back. Oftentimes they're being held for extortions. They may have photos or video or audio captures. So it's a lot of fear they're trying to steal these people but probably the more concern is just what you talked about, healthcare, operational technology. These are large business revenue streams. These are take cases of targeted ransoms which is much different because instead of a big volumetric attack, these are premeditated. They're going after with specific targets in mind specific social engineering rules. And they know that they're hitting the corporate assets or in the case of healthcare critical systems where it hurts they know that there's high stakes and so they're demanding high returns in terms of ransoms as well. >> With respect to the broad ransomware attacks versus targeted a couple of questions to kind of dissect that. Are the targeted attacks, are they in like behind the network firewall longer and faster, longer and getting more information? Are they demanding higher ransom versus the broader attacks? What's what are some of the distinctions there besides what you mentioned? >> Yeah, absolutely so the targeted texts are more about execution, right? So if we look at the attack chain and they're doing more in terms of reconnaissance, they're spending more cycles and investment really on their end in terms of weaponization, how they can actually get into the system, how they can remain undetected, collecting and gathering information. What we're seeing with groups like Ragnar Locker as an example, they're going in and they're collecting in some cases, terabytes of information, a lot, they're going after definitely intellectual property, things like source code, also PII for customers as an example, and they're holding them. They have a whole business strategy and plan in mind on their place, right? They hold them for ransom. They're often, it's essentially a denial of service in some cases of taking a revenue stream or applications offline so a business can't function. And then what they're doing is that they're actually setting up crime services on their end. They, a lot of the the newest ransom notes that we're seeing in these targeted attacks are setting up channels to what they call a live chat support channel that the victim would log into and actually talk directly live to the cybercriminal or one of their associates to be able to negotiate the ransom. And they're trying to have in their point of view they're trying frame this as a good thing and say, we're going to show you that our technology works. We can decrypt some of the files on your system as an example just to prove that we are who we say we are but then they go on to say, instead of $10 million, we can negotiate down to 6 million, this is a good deal, you're getting 30% off or whatever it is but the fact is that they know by the time they've gotten to this they've done all their homework before that, right? They've done the targets, they've done all the things that they can to know that they have the organization in their grasp, right? >> One of the things that you mentioned just something I never thought about as ransomware as a business, the sophistication level is just growing and growing and growing and growing. And of course, even other bad actors, they have access to all the emerging technologies that the good guys do. But talk to me about this business of ransomware because that's what it seems like it really has become. >> Absolutely, it is massively sad. If you look at the cybercrime ecosystem like the way that they're actually pulling this off it's not just one individual or one cyber crime ring that, let's say five to 10 people that are trying to orchestrate this. These are big rings, we actually work closely as an example to, we're doing everything from the FortiGuard Labs with following the latest around some of the trends doing the protection and mitigation but also working to find out who these people are, what are their tactics and really attribute it and paint a picture of these organizations. And they're big, we're working some cases where there's over 50 people just in one ransomware gang. One of the cases we worked on, they were making over $60 million US in three months, as an example. And in some cases, keep in mind one of these targeted attacks like in terms of ransom demands and the targeted cases they can be an excess of $10 million just for one ransom attack. And like I said, we're seeing a seven times increase in the amount of attack activity. And what they're doing in terms of the business is they've set up affiliate marketing. Essentially, they have affiliates in the middle that will actually distribute the ransomware. So they're basically outsourcing this to other individuals. If they hit people with their ransomware and the people pay then the affiliate in the middle will actually get a commission cut of that, very high, typically 40 to 50%. And that's really what's making this lucrative business model too. >> Wow, My jaw is dropping just the sophistication but also the different levels to which they've put a business together. And unfortunately, for every industry it sounds very lucrative, so how then Derek do organizations protect themselves against this, especially knowing that a lot of this work from home stuff is going to persist. Some people want to stay home, what not. The proliferation of devices is only going to continue. So what are organizations start and how can you guys help? >> Start with the people, so we'll talk about three things, people, technology and processes. The people, unfortunately, this is not just about ransomware but definitely applies to ransomware but any attack, humans are still often the weakest link in terms of education, right? A lot of these ransomware campaigns will be going after people using nowadays seems like tax themes purporting to be from the IRS as an example or human resources departments or governments and health authorities, vaccination scams all these things, right? But what they're trying to do is to get people to click on that link, still to open up a malicious attachment that will then infect them with the ransomware. This of course, if an employee is up to date and hones their skills so that they know basically a zero trust mentality is what I like to talk about. You wouldn't just invite a stranger into your house to open a package that you didn't order but people are doing this a lot of the times with email. So really starting with the people first is important. There's a lot of free training information and security. There is awareness training, we offer that at Fortinet. There's even advanced training we do through our NSC program as an example. But then on top of that there's things like phishing tests that you can do regularly, penetration testing as well, exercises like that are very important because that is really the first line of defense. Moving past that you want to get into the technology piece. And of course, there's a whole, this is a security fabric. There's a whole array of solutions. Like I said, everything needs to be integrated. So we have an EDR and XDR as an example sitting on the end point, cause oftentimes they still need to get that ransomware payload to run on the end point. So having a technology like EDR goes a long way to be able to detect the threat, quarantine and block it. There's also of course a multi-factor authentication when it comes to identifying who's connecting to these environments. Patch management, we talk about all the time. That's part of the technology piece. The reality is that we highlight in the threat landscape report the software vulnerabilities that these rats more gangs are going after are two to three years old. They're not breaking within the last month they're two to three years old. So it's still about the patch management cycle, having that holistic integrated security architecture and the fabric is really important. NAC network access control is zero trust, network access is really important as well. One of the biggest culprits we're seeing with these ransom attacks is using IOT devices as launchpads as an example into networks 'cause they're in these work from home environments and there's a lot of unsecured or uninspected devices sitting on those networks. Finally process, right? So it's always good to have it all in your defense plan training and education, technology for mitigation but then also thinking about the what if scenario, right? So incident response planning, what do we do if we get hit? Of course we never recommend to pay the ransom. So it's good to have a plan in place. It's good to identify what your corporate assets are and the likely targets that cyber-criminals are going to go after and make sure that you have rigid security controls and threat intelligence like FortiGuard Labs applied to that. >> Yeah, you talk about the weakest link they are people I know you and I talked about that on numerous segments. It's one of the biggest challenges but I've seen some people that are really experts in security read a phishing email and almost fall for it. Like it looked so legitimately from like their bank for example. So in that case, what are some of the things that businesses can do when it looks so legitimate that it probably is going to have a unfortunately a good conversion rate? >> Yeah, so this is what I was talking about earlier that these targeted attacks especially when it comes to spear, when it comes to the reconnaissance they got so clever, it can be can so realistic. That's the, it becomes a very effective weapon. That's why the sophistication and the risk is rising like I said but that's why you want to have this multilayered approach, right? So if that first line of defense does yield, if they do click on the link, if they do try to open the malicious attachment, first of all again through the next generation firewall Sandboxing solutions like that, this technology is capable of inspecting that, acting like is this, we even have a FortiAI as an example, artificial intelligence, machine learning that can actually scan this events and know is this actually an attack? So that element goes a long way to actually scrub it like content CDR as well, content disarm as an example this is a way to actually scrub that content. So it doesn't actually run it in the first place but if it does run again, this is where EDR comes in like I said, at the end of the day they're also trying to get information out of the network. So having things like a Platinum Protection through the next generation firewall like with FortiGuard security subscription services is really important too. So it's all about that layered approach. You don't want just one single point of failure. You really want it, this is what we call the attack chain and the kill chain. There's no magic bullet when it comes to attackers moving, they have to go through a lot of phases to reach their end game. So having that layer of defense approach and blocking it at any one of those phases. So even if that human does click on it you're still mitigating the attack and protecting the damage. Keep in mind a lot of damages in some cases kind of a million dollars plus. >> Right, is that the average ransom, 10 million US dollars. >> So the average cost of data breaches ever seen which are often related to ransom attacks is close to that in the US, I believe it's around just under $9 million about 8.7 million, just for one data breach. And often those data breaches now, again what's happening is that the data it's not just about encrypting the data, getting access because a lot of organizations part of the technology piece and the process that we recommend is backups as well of data. I would say, organizations are getting better at that now but it's one thing to back up your data. But if that data is breached again, cybercriminals are now moving to this model of extorting that saying, unless you pay us this money we're going to go out and make this public. We're going to put it on piece and we're going to sell it to nefarious people on the dark web as well. >> One more thing I want to ask you in terms of proliferation we talked about the distributed workforce but one of the things, and here we are using Zoom to talk to each other, instead of getting to sit together in person we saw this massive proliferation in collaboration tools to keep people connected, families businesses. I talked a bit a lot of businesses who initially will say, oh we're using Microsoft 365 and they're protecting the data while they're not or Salesforce or Slack. And that shared responsibility model is something that I've been hearing a lot more about lately that businesses needing to recognize for those cloud applications that we're using and in which there's a lot of data traversing it could include PII or IP. We're responsible for that as the customer to protect our data, the vendor's responsible for protecting the integrity of the infrastructure. Share it with us a little bit about that in terms of your thoughts on like data protection and backup for those SaaS applications. >> Yeah, great question, great question tough one. It is so, I mean ultimately everybody has to have, I believe it has to have their position in this. It's not, it is a collaborative environment. Everyone has to be a stakeholder in this even down to the end users, the employees being educated and up-to-date as an example, the IT departments and security operation centers of vendors being able to do all the threat intelligence and scrubbing. But then when you extend that to the public cloud what is the cloud security stack look at, right? How integrated is that? Are there scrubbing and protection controls sitting on the cloud environments? What data is being sent to that, should it be cited center as an example? what's the retention period? How long does the data live on there? It's the same thing as when you go out and you buy one of these IOT devices as an example from say, a big box store and you go and just plug it into your network. It's the same questions we should be asking, right? What's the security like on this device model? Who's making it, what data is it going to ask for me? The same thing when you're installing an application on your mobile phone, this is what I mean about that zero trust environment. It should be earned trust. So it's a big thing, right? To be able to ask those questions and then only do it on a sort of need to know and medium basis. The good news is that a lot of CloudStack now and environments are integrating security controls. We integrated quite well with Fortinet as an example but this is an issue of supply chain. It's really important to know what lives upstream and how they're handling the data and how they're protecting it absolutely. >> Such interesting information and it's a topic ransomware that we could continue talking about, Derek, thank you for joining me on the program today updating us on what's going on, how it's evolving and ultimately what organizations in any industry need to do with protecting people and technology and processes to really start reducing their risks. I thank you so much for joining me today. >> All right it's a pleasure, thank you. >> Likewise Derek Manky I'm Lisa Martin. You're watching this CUBE conversation. (upbeat music)

>>From around the globe. It's the Cube with digital coverage of IBM think 2021 brought to you by IBM. Welcome back to the cubes coverage of IBM Think 2021 virtual. I'm john ferrier host of the cube. Got a great story here. Navigating Covid 19 with Watson advertising and weather channel conversations. Sherry back steen. Who's the gM of Watson advertising in the weather company. Sherry, thanks for coming on the cube. My favorite part of IBM think is to talk about the tech and also the weather company innovations. Thanks for coming on. >>Hi, happy to be here, john >>So COVID-19 obviously some impact for people that working at home. Um normally you guys have been doing a lot of innovation around weather weather data um certainly huge part of it. Right. And so lots been changing with AI and the weather company and IBM so let's first start before we jump in, just a little background about what your team has created because a lot of fascinating things here. Go ahead. >>Yeah. So when the pandemic started, you know we looked at the data that we were seeing and of course in weather accuracy and accurate data is really important trusted data. And so we created a COVID-19 hub on our weather channel app and on weather.com. And essentially what it was is an aggregated area where consumers could get the most up to date information on covid cases, deaths in their area, trends see heat maps uh information from the C. D. C. And what was unique about it. It was to a local level. Right so state level information is helpful but we know that consumers uh me included. I need information around what's happening around me. And so we were able to bring this down to a county level which we thought was really helpful for consumers >>share as watching sports on tv. And recently, a few months ago, the Masters was on and you saw people getting back into real life, It's almost like a weather forecast. Now. You want to know what's going on in the pandemic. People are sharing that. They're getting the vaccine. Um, really interesting. And so I want to understand how this all came together with you guys. Is was it something that has a weather data, a bunch of geeks saying, hey, we should do this for companies, but take us to the thought process with their team. Was it like you saw this as value? How did you get to this? Because this is an interesting user benefit. I want to know the weather, I want to know if it's safe. These are kind of a psychology of a user expectation. How did you guys connect the dots here for this project? >>Well, we certainly do have a very passionate team of people, um some weather geeks included, um and you're absolutely right watching the Masters a few months ago was amazing to see, you know, some sense of normality happening here. But you know, we looked at, you know, IBM, the weather company, like, how do we help during this pandemic? And when we thought about it, we looked at there's an amazing gap of information. And as the weather channel, you know, what we do is bring together data, give people insights and help them make decisions with that. And so it was really part of our mission. It's always been that way to give information to keep people safe. And so all we did is took a different data set and provided the same thing. And so in this case, the covid data set, which we actually had to, you know, aggregate from different sources whether it was the C. D. C. The World Health Organization uh State governments or county governments to provide this to consumers. But it was really really natural for us because we know what consumers want. You know we all want information around where we live, right? And then we want to see like where our friends live, where our relatives live to make sure that they're okay. And then that enables people to make the decisions that are right for their family. And so it was really really natural for us to do that. And then of course we have the technology to be able to scale to hundreds of millions of people. Which is really important. >>It's not obvious until you actually think about that. It's so obvious. Congratulations. What a great innovation. What were the biggest challenges you guys had to face and how did you overcome it? Because I'm curious. I see you've got a lot of, lot of large scale data dealing with diversity of data with weather. What was the challenges with Covid? And how did you overcome it? >>So again, without a doubt it was the data because you're looking at one, we wanted that county level data. So you're looking at multiple sources. So how do we aggregate this data? So first finding that trusted source that that we could use. But then how do you pull it in in an automated way? And the challenge was it with the State Department, the county departments that data came in all kinds of formats. Some counties used maps, some use charts, some use pds to get that information. So we had to pull all this unstructured data, uh, and then that data was updated at different times. So some counties did it twice a day, some did it once day, different time zones. So that really made it challenging. And so then, you know, so what we did is this is where the power of A I really helps because a I can take all of that data, bring in and organize it and then we could put it back out to the consumer in a very digestible way. And so we were able to do that. We built an automated pipeline around that so we can make sure that it was updated. It was fresh and timely, which was really important. But without a doubt looking at that structured data and unstructured data and really helping it to make sense to the consumer was the biggest challenge. And what's interesting about it. Normally it would take us months to do something like that. I challenged the team to say we don't have months, we have days. They turned that around in eight days, which was just an amazing herculean feat. But that's really just the power of, as you said, passionate people coming together to do something so meaningful. >>I love the COVID-19 success stories when people rally around their passion and also their expertise. What was the technology to the team used? Because the theme here at IBM think is transformation innovation, scale. How did you move so fast to make that happen? >>So we move fast by our Ai capabilities and then using IBM cloud and so really there's four key components are like four teams that worked on it. So first there was the weather company team um and because we are a consumer division of IBM, we know what consumers want. So we understand the user experience and the design, but we also know how to build an A. P. I. That can scale because you're talking about being able to scale not only in a weather platform. So in the midst of covid weather still happened, so we still had severe weather record breaking hurricane season. And so those A. P. S. Have to scale to that volume. Then the second team was the AI team. So that used the Watson AI team mixed with the weather Ai team to again bring in that data to organize that data. Um And we used Watson NLP so natural natural language processing in order to create that automated pipeline. Then we had the corralled infrastructure so that platform team that built that architecture and that data repository on IBM cloud. And then the last team was our data privacy office. So making sure that that data was trusted that we have permission to use it uh and just know really that data governance. So it's all of that technology and all of those teams coming together to build this hub for consumers. Um And it worked I mean we would have about four million consumers looking at that hub every single day. Um and even like a year later we still have a couple million people that access that information. So it's really kind of become more like the weather checking the weather's come that daily habit. >>That's awesome. And I gotta I gotta imagine that these discoveries and innovations that was part of this transformation at scale have helped other ways outside the pandemic and you share how this is connected to um other benefits outside the pandemic. >>Yeah so absolutely um you know ai for businesses part of IBM strategy and so really helping organizations to help predict um you know to help take workloads and automate them. So they're high valued employees can work on you know other work. And also you know to bring that personalization to customers. You know, it's really a i when I look at it for my own part of a IBM with the weather company, three things where I'm using this technology. So the first one is around advertising. So the advertising industry is at a really um you know, pivotal part right now, a lot of turmoil and challenges because of privacy legislation because big tech companies are um you know, getting rid of tracking pixels that we normally use to drive the business. So we've created a suite of AI solutions for publishers for you know, different players within the ad tech space, um which is really important because it protects the open web, so like getting covid information or weather information, all of that is free information to the public. We just ask that you underwrite it by seeing advertising so we can keep it free. So those products protect the open red. So really, really important. Then on the consumer side of my business, within the weather channel, we actually used Watson Ai um to connect health with weather. So we know that there's that connection, some health um you know, issues that people have can be impacted by weather, like allergies and flew. So we've actually used Watson Ai to build a um Risk of flu that goes 15 days out. So we can tell people in your local area this one actually goes down to the zip code level, um the risk of flu in your area or the risk of allergies. So help to manage your symptoms, take your prescription. So, um that's a really interesting way. We're using AI and of course weather dot com and our apps are on IBM cloud, so we have this strong infrastructure to support that. And then lastly, you know, our weather forecasting has always been rooted in a i you take 100 different weather models, you apply ai to that to get the best and most accurate forecasts that you deliver. Um and so we are using these technologies every day to, you know, move our business forward and to provide, you know, weather services for people. >>I just love the automation and as users have smartphones and more instrumentation on their bodies, whether it's wearables, people will plan their day around the weather, and retail shops will have a benefit knowing what the stock and or not have on hand and how to adjust that. This, the classic edge computing paradigm, fascinating impact. You wouldn't think about that, but that's a pretty big deal. People are planning >>around >>the weather data and making that available is critical. >>Oh, absolutely. You know, every business needs a weather strategy because whether it impacts your supply chain, um agriculture, should I be watering today or not even around, you know, um, if you think about energy and power lines, you know, the vegetation growth over power lines can bring power lines down and it's a disruption, you know, to customers and power. So there's just when you start thinking about it, you're like, wow, whether really impacts every business, um, not to say just consumers in general and their daily lives. >>And uh, and there's a lot of cloud scale to that can help companies whether it's um be part of a better planet or smarter planet as it's been called, and help with with global warming. I mean, you think about this is all kind of been contextually relevant now more than ever. Super exciting. Um Great stuff. I want to get your take on outside of um the IBM response to the pandemic more broadly outside of the weather. What are you guys doing um to help? Are you guys doing anything else with industry? How could you talk a little bit more about IBM s response more broadly to the pandemic? >>Yeah so IBM has been you know working with government academia, industry is really from the beginning uh in several different ways. Um you know the first one of the first things we did is it opened up our intellectual property. So R. I. P. And our technology our supercomputing To help researchers really try to understand COVID-19 some of the treatments and possible cures so that's been really beneficial as it relates to that. Um Some other things though, that we're doing as well is we created a chat bots that companies and clients could use and this chat but could either be used to help train teachers because they have to work remotely or help other workers as well. Um and also the chatbots was helping as companies started to re enter back to the workforce and getting back to the office. So the chatbots been really helpful there. Um and then, you know, one of the things that we've been doing on the advertising side is we actually have helped the ad council with their vaccine campaign. Um It's up to you is the name of the campaign and we delivered a ad unit that can dynamically assemble a creative in real time to make sure that the right message was getting out the right time to the right person. So it's really helped to maximize that campaign to reach people um and encourage them if it's the right thing for them, you know where the vaccines are available. Um and that you know, they could take those. So a lot of great work that's going on within IBM. Um and actually the most recent thing just actually in the past month is we release the Digital Health Pass in cooperation with the state of new york. Um and this is a fantastic tool because it is a way for individuals to keep their private information around their vaccines or you know, some of the Covid test they've been having on a mobile device that's secure and we think that this is going to be really important as cities start to reopen um to have that information easily accessible. >>Uh sure, great insight, um great innovation navigating Covid 19 a lot of innovation transformation at IBM and obviously Watson and the weather company using AI and also, you know, when we come out of Covid post, post Covid as real life comes back, we're still going to be impacted. We're gonna have new innovations, new expectations, tracking, understanding what's going on, not just the weather. So thanks >>for absolutely great >>work. Um, awesome. Thank you. >>Great. Thanks john good to see you. >>Okay. This is the cubes coverage of IBM. Think I'm john for a host of the cube. Thanks for watching. Yeah.

>> Announcer: From around the globe. It's theCUBE with digital coverage of IBM Think 2021, brought to you by IBM. >> Oh, welcome back to theCUBE's coverage of IBM Think 2021 virtual, I'm John Furrier, your host of theCUBE. We've got a great story here. Navigating COVID-19 with Watson advertising and weather channel conversations, Sheri Bachstein, who's the GM of Watson Advertising in the weather company. Sheri, thanks for coming on theCUBE. My favorite part of IBM Think is to talk about the tech and also the weather company innovations. Thanks for coming on. >> Hi, happy to be here John. >> So COVID-19 obviously some impact for people that working at home. Normally you guys have been doing a lot of innovation around weather, weather data, certainly huge part of it. And so lots been changing with AI and the weather company and IBM, so let's first start before we jump in just a little background about what your team has created because a lot of fascinating things here. Go ahead. >> Yeah, so when the pandemic started, we looked at the data that we were seeing and of course in weather accuracy and accurate data is really important trusted data. And so we created a COVID-19 hub on our weather channel app and on weather.com and essentially what it was is an aggregated area where consumers could get the most up-to-date information on COVID cases, deaths in their area, trends see heat maps, information from the CDC. And what was unique about it, it was to a local level, right? So state level information is helpful, but we know that consumers me included. I need information around what's happening around me. And so we were able to bring this down to a County level which we thought was really helpful for consumers >> Sheri's watching sports on TV. And recently a few months ago, the masters was on and you saw people getting back into real life. It's almost like a weather forecast. Now you want to know what's going on in the pandemic. People are sharing that they're getting the vaccine, really interesting. And so I want to understand how this all came together with you guys. Was it something that as a weather data and a bunch of geeks saying, Hey, we should do this for companies but take us to thought process 113. Was it like you saw this as value? How did you get to this? Because this is an interesting user benefit. I want to know the weather. I want to know if it's safe. These are kind of a psychology of a user expectation. How did you guys connect the dots here for this project? >> Well, we certainly do have a very passionate team of people some weather geeks included and you're absolutely right. Watching the masters a few months ago was amazing to see some sense of normality happening here. But we looked at IBM and the weather company like how do we help during this pandemic? And when we thought about it we looked at there's an amazing gap of information. And as the weather channel, what we do is bring together data give people insights and help them make decisions with that. And so it was really part of our mission. It's always been that way to give information to keep people safe. And so all we did is took a different data set and provided the same thing. And so in this case, the COVID data set which we actually had to aggregate from different sources whether it was the CDC, the world health organization, a state governments, our County governments to provide this to consumers. But it was really, really natural for us because we know what consumers want. We all want information around where we live, right? And then we want to see like where our friends live, where our relatives live to make sure that they're okay. And then if that enables people to make the decisions that are right for their family. And so it was really, really natural for us to do that. And then of course we have the technology to be able to scale to hundreds of millions of people, which is really important. >> Yeah, it's not obvious until you actually think about it, then it's so obvious. Congratulations, what a great innovation what were the biggest challenges you guys had to face and how did you overcome it? Because I'm curious, I see you got a lot of large scale data dealing with diversity of data with weather. What was the challenges with COVID and how did you overcome it? >> So again, without a doubt it was the data, because you're looking at one, we wanted that County level data. So you're looking at multiple sources. So how do we aggregate this data? So first finding that trusted source that we could use but then how do you pull it in, in an automated way? And the challenge was it with the state departments, the County departments, that data came in, all kinds of formats. Some counties used maps, some use charts some use PDFs to get that information. So we had to pull all this unstructured data and then that data was updated at different times. So some counties did it twice a day some did it once a day, different time zones. So that really made it challenging. And so then, so what we did is this is where the power of AI really helps, because AI can take all of that data bring it in, organize it, and then we could put it back out to the consumer in a very digestible way. And so we were able to do that. We built an automated pipeline around that so we can make sure that it was updated. It was fresh and timely, which was really important but without a doubt, looking at that structured data and unstructured data and really helping it to make sense to the consumer was the biggest challenge. And I'll, what's interesting about it. Normally it would take us months to do something like that. I challenged the team to say, we don't have months. We have days. They turned that around in eight days which was just an amazing Herculean feat but that's really just the power of as you said, passionate people coming together to do something so meaningful. >> I love the COVID-19 success stories when people rally around their passion and also their expertise, what was the technology did the team use? Because the theme here at IBM Think is, transformation, innovation, scale. How did you move so fast to make that happen? >> So we moved fast by our AI capabilities and then using IBM cloud. And so really there's four key components or like four teams that worked on it. So first there was the weather company team. And because we are a consumer division of IBM we know what consumers want. So we understand the user experience and the design but we also know how the build an API that can scale because you're talking about being able to scale not only in a weather platform. So in the midst of COVID weather still happen. So we still had severe weather record breaking hurricane season. And so those APIs have to scale to that volume. Then the second team was the AI team. So that used the Watson AI team mixed with the weather AI team to again bring in that data to organize that data. And we use Watson NLP. So natural language processing in order to create that automated pipeline. Then we had the collateral infrastructure. So that platform team that built that architecture and that data repository on IBM cloud. And then the last team was our data privacy office. So making sure that that data was trusted that we have permission to use it and just really that data governance. So it was all of that technology and all of those teams coming together to build this hub for consumers. And it worked, I mean we would have about 4 million consumers looking at that hub every single day. And even like a year later, we still have a couple million people that access that information. So it's really kind of become more like the weather checking the weather, that daily habit. >> That's awesome. And I got to imagine that these discoveries and these innovations that was part of this transformation that scale I've helped other ways outside of the pandemic. Can you share how this is connected to other benefits outside the pandemic? >> Yeah, so absolutely, AI for business is part of IBM strategy. And so really helping organizations to help predict, to help take workloads and automate them. So they're high valued employees can work on other work and also to bring that personalization to customers is really AI. When I look at it for my own part of a IBM with the weather company, three things where I'm using this technology. So the first one is around advertising. So the advertising industry is at a really pivotal part right now, a lot of turmoil and challenges because of privacy legislation because big tech companies are getting rid of tracking pixels that we normally use to drive the business. So we've created a suite of AI solutions for publishers, for different players within the ad tech space which is really important because it protects the open web. So like getting COVID information or weather information all of that is free information to the public. We just ask that you underwrite it by saying advertising so we can keep it free. So those products protect the open read. So really, really important. Then on the consumer side of my business within the weather channel we actually use Watson AI to connect health with weather. So we know that there's that connection. Some health issues that people have can be impacted by weather like allergies and flu. So we've actually used Watson AI to build a risk of flu that goes 15 days out. So we can tell people in your local area this one actually goes down to the zip code level the risk of flu in your area or the risk of allergies. So it help to manage your symptoms, take your prescription. So that's a really interesting way we're using AI and of course, weather.com and our apps are an IBM cloud. So we have this strong infrastructure to support that. And then lastly our weather forecasting has always been rooted in AI. You take a hundred different weather models you apply AI to that to get the best and most accurate forecast that you deliver. And so we are using these technologies every day to move our business forward and to provide weather services for people. >> I just love the automation as users have smartphones and more instrumentation on their bodies, whether it's wearables, people will plan their day around the weather and retail shops will have a benefit knowing what to stock or not have on hand and how to adjust that this the classic edge computing paradigm, fascinating impact. You wouldn't think about that, but that's a pretty big deal. People are planning around the weather data and making that available as critical. >> Oh, absolutely. Every business needs a weather strategy because whether it impacts your supply chain, agriculture should I be watering today or not, even around if you think about energy and power lines, the vegetation growth of our power lines can bring power lines down and it's a disruption, to customers and power. So there's just, when you start thinking about it you're like, wow, weather really impacts every business not to say just consumers in general and their daily life. >> Yeah, and there's a lot of cloud scale too, that can help companies whether it's be part of better planet or smarter planet as it's been called and help with, with global warming. I mean, you think about this is all kind of been contextually relevant now more than ever super exciting, great stuff. I want to get your take on outside of the IBM response to the pandemic, more broadly outside of the weather. What are you guys doing to help? Are you guys doing anything else with industry? How could you, talk a little bit more about IBM's response more broadly to the pandemic? >> Yeah, so IBM has been working with government academia industries really from the beginning in several different ways. The first, one of the first things we did is it opened up our intellectual property. So our IP and our technology, our super computing to help researchers, really try to understand COVID-19, some of the treatments and possible cures. So that's been really beneficial as it relates to that. Some other things though that we're doing as well is we created a Chatbot that companies and clients could use. And this Chatbot could either be used to help train teachers because they have to work remotely or help other workers as well. And also the Chatbot was helping as companies started to reenter back to the workforce and getting back to the office. So the Chatbot has been really helpful there. And then one of the things that we've been doing on the advertising side is we actually have helped the ad council with their vaccine campaign. It's up to you as the name of the campaign. And we delivered a ad unit that can dynamically assemble a creative in real time to make sure that the right message was getting out the right time to the right person. So it's really helped to maximize that campaign to reach people. And they encourage them if it's the right thing for them, where the vaccines are available and that they could take those. So a lot of great work that's going on within IBM and actually the most recent thing just actually in the past month is we released the digital health pass in cooperation with the state of New York. And this is a fantastic tool because it is a way for individuals to keep their private information around their vaccines, or some of the COVID tests they've been having on a mobile device that's secure. And we think that this is going to be really important as cities start to reopen to have that information easily accessible. >> Awesome Sheri, great insight, great innovation navigating COVID-19, lots of innovation transformation at IBM and obviously Watson and the weather company using AI. And also, when we come out of COVID post COVID, as real life comes back, we're still going to be impacted. We're going to have new innovations, new expectations, tracking, understanding what's going on not just the weather. So thanks for doing that great work. Awesome, thank you. >> Great, thanks John. Good to see you. >> This is theCUBE's coverage of IBM Think, I'm John Furrier, the host of theCUBE. Thanks for watching. (upbeat music)

>> Announcer: From around the globe, it's theCUBE, with digital coverage of AWS re:Invent 2020. Special coverage sponsored by AWS Worldwide Public Sector. >> Welcome to theCUBE Virtual and our coverage of AWS re:Invent 2020, the specialized programming for Worldwide Public Sector. I'm Lisa Martin. I'm joined by Nick Speece the chief federal technologist for Snowflake. Nick, welcome to theCUBE. >> Thank you, Lisa. It's great to be here. >> Likewise, chief federal technologist, that's the first time I've ever heard of that title. Tell me a little bit about that. >> It's probably the last time you'll hear it. So chief federal technologist is really somebody in the company who is focused on bringing the needs of the federal government back to our corporate headquarters, making sure that the product as it's developed and evolves has the federal requirements in mind. >> Excellent. So the last couple of months for Snowflake big, biggest software IPO and software history your market cap right now is at 66 billion 515 data workloads running on Snowflake's platform every day 250 petabytes of data under management, a lot is going on. Let's talk about Snowflake. You guys operate only in the cloud, why was that decision made and how does that impact businesses analysis of data? >> Yeah, so great question and the answer is actually in the opening that you gave for us and thank you for that reinforcement. Snowflake can't exist anywhere, but the cloud. Technology over the last five to 10 years has really seen a move from what the cloud originally was, which was I have a virtual machine in my data center, I'm going to run it on your stuff not mine, into more comprehensive service offerings like Snowflake. We can't reach the kind of scale that Snowflake operates at every day and that our customers demand without the technology of clouds like AWS. The technology has to be there, the underlying and underpinning architecture has to be there, otherwise our customers get left in the dark and we can't can't have that. >> And especially today as data volumes are massively increasing and we know that that's only going to go up. We know that IT is only going to be more complex but when we talk to businesses in any industry the value of the data is in the insights the ability to extract that data in real time glean insights from it so that businesses can make data-based decisions that pivot their business, especially critical during the year that we have now known as 2020. Talk to me a little bit about though digging into your marketing material, everyone, there's all these terms, right, that everyone uses and you guys use single source of truth. What does it actually mean for single source, for stuff like? >> Yeah, so we talk about cloud, we talk about single source of truth and when you're looking at data problems, the problem and the solution are the same thing. A massive amount of data is a raw resource, that's all it is. And trying to refine that raw resource into something that is insightful or something that is useful to a business process is a challenge that every customer in every market, in every region undergoes. And how you overcome that is critical. And one of the primary focuses of Snowflake is to evolve the data cloud. Snowflake platform is the underlying technology for the data cloud but the data cloud is where we're going. And what I mean by data cloud. If you have a data set, your internal data, that is your truth, but it might not be the truth. So in Snowflake we encourage our customers to collaborate on data sets. For example, if you want to know how many people are living in a certain borough in New York City you could go around with a clicker and count everyone, or you could just ask the Census Bureau. That's the nature of the data cloud and what we're talking about here. Going to the subject matter experts who have the data that you need, using our marketplace, using our private exchanges, using our data sharing to build your own data cloud and become part of the next gen architecture for data sharing and collaboration, to get to the source of the truth, to make better decisions, to gain better insights. It's great to combine your data with enrich data from other sources, especially when it comes to making federal decisions and governance decisions. >> Absolutely that's critical. That the biggest challenge customers have is being able to sort through all that and find. I like how you put this as their single source of truth. Can you give us some examples of some federal agencies maybe even just anonymously that are using the power of Snowflake to do just that? >> Absolutely. We've got customers in the healthcare space and in some of the law enforcement spaces and especially in public education that are trying to increase the awareness of the folks that are subscribing to their services, for example, folks that are looking for healthcare help. If you're filing claims for a certain healthcare providers or certain care facilities, we want to make sure that those claims that are forwarded to those entities are legitimate, first of all, for example, if you're filing a claim for knee surgery in Florida, you probably didn't have one in California, three hours later. So those kinds of enforcement activities, and not just trying to do audits but also to benefit everybody who's receiving care. There's a lot of push now about genetic sequencing, DNA and RNA vaccination is huge with COVID-19, getting access to massive amounts of data to do analysis against and figure out the best approach, that's critical for where we go in the next 10 to 15 years in healthcare. Snowflake is very, very honored and happy to be propelling that move in the healthcare space. >> It is that's going to be absolutely critical but we're also seeing it, you know, everywhere else, such as for universities and education, suddenly this need, the last few months for real-time learning. Talk to me about data analysis. Can Snowflake help companies, you talked about enriching data sets so not just companies sources of data but additional data sets that they can add in and evaluate and analyze to make great decisions, but from a historical real-time perspective, talk to me how Snowflake helps with that data analysis. >> Yeah, sure. Right. So Snowflake in and of itself can do some analysis work. We've got some great visualization tools in our new UI that was released recently on public preview. So there's some analysis tools built into Snowflake but really where the value comes from is in taking your tools that you already use today and connecting it to a data source or platform that can wrangle that data, that can move that data through automated pipelines to give you a model view of that data that's beneficial. For example, data scientists and data engineers spend 80% of their time, and I know a lot of statistics are made up on the spot, that was not a promise, but trying to move this data through and refine it and build features to get to the point where you can ask a question is 80% of these very valuable professionals time. Shortening those timelines is what Snowflake really aims to do in the analysis space. We're not trying to replace the analysis tools that you use today, we work fine with all of them. The big difference is presenting them with enough data volume to give you real insights and eliminate bias as much as we can in data sets. >> What are some of the things that differentiates Snowflake from data warehouses and other folks in the market? >> Yeah. Great question. The big difference is Snowflake was built natively for the cloud. We weren't adapted to the cloud, we didn't adopt the cloud at some point in the future, Snowflake was built from scratch to be in the cloud. And since this is the appropriate show to mention it the primary difference between us is we were built to use object storage foundationally underneath our technology. And I know that sounds really nerdy and it is, but it adds a tremendous amount of value. If you think about how we used to collaborate 10 years ago we'd have a spreadsheet that if I open that spreadsheet for my share drive and you tried to open it at the same time, you'd get locked out. You're told you couldn't have it. And if tradition stays true I would probably be on vacation for two weeks. Contrast that now with the massive Google Doc platform and Office 365, object storage has changed the way that we collaborate on the same kinds of documents. Multiple people interacting with one thing at one time without contention, that's the reason why Snowflake has to operate in the cloud. We bring that same paradigm, multiple actors on a single object and give you that source of truth the truth that you absolutely need to make decisions. >> And that's critical these days as we know. We're in living in uncertain times and one of the things I think we can expect is the uncertainty to continue, but also for many industries people to stay remote or some big percentage for quite a while. So the ability to have those collaboration tools and be able to collaborate in real time is table stakes for so many companies. But when we're talking about some of the things going on this year, security, we can't not talk about security. You know, all these folks from home accessing corporate networks, you know, maybe not through VPNs or behind firewalls, the cloud is paramount to that. How does Snowflake address the security issue? >> Absolutely. So I'll start by saying our security is inherited from the wonderful security platform that AWS has underneath it. So we inherit all the security around data storage the EC Compute, all of the different entities and end points that AWS already secures Snowflake takes the same precautions. More than that, we've also built and rolled this access control to ensure that people are getting access only to the data that they should be getting access to, we recently implemented data masking as well, so certain roles are not able to see unmasked data, but they can still do queries that use the underlying data to filter. So there's a lot of different capabilities built in, encryption at rest, encryption in flight, AES-256 encryption keys used in a hierarchial model. These are phenomenal security architectures that are paramount to the security of the folks that are using our platform. Because we know at the end of the day the first day we have a leak in Snowflake is probably our last day in business. We got to be good at that which is why it's our top priority. >> I didn't, to ever talk about security as an inherited, I must be a dominant trait if we're going to be talking about, you know, genetics and chromosomes and mRNA and things like that. So walk me through last question, a government organization, or say they're an AWS customer or they want to start using Snowflake, what's that process? How do they go about doing that to leverage those inherited security capabilities that you talked about? >> Well, thankfully AWS has helped us put a FedRAMP moderate certified Snowflake region together in AWS, East commercial, so we're very happy to have a FedRAMP moderate region. They can access Snowflake through the AWS Marketplace or from Snowflake.com, you can start a trial in just a couple of minutes. Our security is built into all of our regions although the FedRAMP regions are specialized in some of the encryption technology we use, but we always, always always protect our users' data, regardless of where it is. >> You make it sound easy, I got to say. (laughing) >> That's because it is. (laughing) Thank you cloud. >> That's good. And well, that's good and it should be, especially because there's so much complexity and uncertainty everywhere else in the world right now. Last question for you. As I mentioned in the beginning, the biggest IPO in software history, just a couple of months ago during probably one of the most strangest time of any of us have ever, and our relatives ever witnessed, what can we expect from Snowflake in 2021? Are you going to bring all the good vibes that we all need? (laughing) >> Well, good vibes is our business model. You know, Snowflake is a phenomenal platform. We've had a ton of success driven by the success of our cloud provider partners, driven by the success of our wonderful customers. We have over 4,000 people using Snowflake now to great effect. You can look for more features, you can look for more functions, but really the evolution of the data cloud, our big push is to help our customers get into the data cloud, get the truth out of their data and make better decisions every day. And you'll see more of that from us as time continues. >> One more question I wanted to sneak in, how did you work with those customers to evolve the data cloud? What's that feedback loop like? >> It's, a lot of it comes down to silos that the customers have built up over years and years and years of operation. That's the first step. In Snowflake there isn't such thing really as a data silo there's data put into Snowflake, everything is unified, you can do queries across databases, that's the first thing. The second thing is browsing our data marketplace. It's just like an App Store for your phone but instead it's data sets and the data sets are published by the experts who know that material better than anyone. I mentioned earlier bringing in everything from housing evaluation data to COVID-19 data from California and Boston, bringing World Health Organization data, John Hopkins University data, joining that with the data that you already use today along with weather and population counts, the main thing here, the strategy is almost endless. More and more data sets are being published over every day. We have over a hundred contributors in the marketplace now. >> That's exciting that we have the technology and the power like this to help the world re, you know, recover from such a crazy time. It's nice to know that, that there was the power of that behind that, and the smart folks like you chief federal technologists, helping to fine tune that and really ensure that organizations across the government can maximize the value of data and find their single source of truth. Nick, it's been a blast having you on theCUBE. Thank you for joining me. >> Thank you for having me. >> For next piece, I'm Lisa Martin. You're watching theCUBE Virtual. (upbeat music)

>>Hello, everyone. And welcome back to our wall to wall coverage of the data Cloud Summit. This is Dave a lot. And we're seeing the emergence of a next generation workload in the cloud were more facile access and governed. Sharing of data is accelerating. Time to insights and action. All right, allow me to introduce our next guest. Amy Irwin is here. She's the vice president of strategy for experience. And Matt Glickman is VP customer product strategy it snowflake with an emphasis on financial services. Folks, welcome to the Cube. Thanks so much for coming on. >>Thanks for >>having us >>nice to be here. Hey, >>So, Amy, I mean, obviously 2020 has been pretty unique and crazy and challenging time for a lot of people. I don't know why I've been checking my credit score a lot more for some reason. On the app I love the app I got hacked. I had a lock it the other day I locked my credit. Somebody tried to dio on and it worked. I was so happy. So thank you for that. But so we know experience, but there's a ton of data behind what you do. I wonder if you could share kind of where you sit in the data space and how you've seen organizations leverage data up to this point. And really, if you could address maybe some of the changes that you're seeing as a result of the pandemic, that would be great. >>Sure, sure. Well, Azaz, you mentioned experience Eyes best known as a credit bureau. Uh, I work in our marketing services business unit, and what we do is we really help brands leverage the power of data and technology to make the right marketing decisions and better understand and connect with consumers. Eso we offer markers products around data identity activation measurement. We have a consumer view data file that's based on off line P I and contains demographic interest, transaction data and other attributes on about 300 million people in the U. S. Uh, and on the identity side, we've always been known for our safe haven or privacy friendly matching that allows marketers to connect their first party data to experience or other third parties. Uh, but in today's world, with the growth and importance of digital advertising and consumer behavior shifting to digital, uh, experience also is working to connect that offline data to the digital world for a complete view of the customer you mentioned co vid, um, we actually we serve many different verticals. And what we're seeing from our clients during co vid is that there's a bearing impact of the pandemic. The common theme is that those that have successfully pivoted their businesses to digital are doing much better. Uh, as we all know, Kobe accelerated very strong trends to digital both in the commerce and immediate viewing habits. We work with a lot of retailers. Retail is a tale of two cities with big box and grocery growing and apparel retail really struggling. We've helped our clients leveraging our data to better understand the shifts in these consumer behaviors and better segment their customers during this really challenging time. Eso think about there's there's a group of customers that is still staying home that is sheltered in place. There's a group of customers starting that significantly varied their consumer behavior, but it's starting to venture out a little. And then there's a group of customers that's doing largely what they did before and a somewhat modified fashion. So we're helping our clients segment those customers into groups to try and understand the right messaging and right offers for each of those groups. And we're also helping them with at risk audiences. Eso That's more on the financial side. Which of your customers air really struggling? Do the endemic And how do you respond? >>It's awesome, thank you. You know, it's it's funny. I mean somebody I saw Twitter poll today asking if we measure our screen time and I said, Oh my no eso Matt, let me ask you. You spend a ton of time in financial services. You really kind of cut your teeth there, and it's always been very data oriented. You've seen a lot of changes tell us about how your customers are bringing together data, the skills that people obviously a big part of the equation and applications to really put data at the center of their universe. What's new and different that these companies were getting out of the investments in data and skills. >>That's a great question. Um, the acceleration that Amy mentioned Israel, Um, we're seeing it particularly this year, but I think even in the past few years, the reluctance of customers to embrace the cloud is behind us. And now there's this massive acceleration to be able to go faster on, and in some ways the new entrance into this category. Have an advantage versus, you know, the companies that have been in the space within its financial services or beyond. Um, and in a lot of ways they are are seeing the cloud and services like snowflake as a way toe not only catch up but leapfrog your competitors and really deliver a differentiated experience to your customers to your business, internally or externally. Um, and this past, you know, however long this crisis has been going on, has really only accelerated that, because now there's a new demand. Understand your customer better your your business better with with your traditional data sources and also new alternative data sources, Um, and also be able to take a pulse. One of things that we learned which was you know, I opening experience was as the crisis unfolded, one of our data partners decided to take the data sets about where the cases where were happening from the Johns Hopkins and World Health Organization and put that on our platform, and it became a runaway hit where now with thousands of our customers overnight, we're using this data to understand how their business was doing versus how the crisis was unfolding in real time. On this has been a game changer, and I think it's only it's only scratching the surface of what now the world will be able to do when data is really at their fingertips. You're not hindered by your legacy platforms. >>I wrote about that back in the early days of the pandemic when you guys did that and talked about some of the changes that you guys enabled and and, you know you're right about Cloud. I mean, financial services. Cloud used to be an evil word, and now it's almost become a mandate. Amy, I >>wonder if you >>could tell us a little bit more about what? What, you know your customers they're having to work through in order to achieve some of these outcomes. I mean, I'm interested in the starting point. I've been talking a lot and writing a lot on talking to practitioners about what I call the data lifecycle. Sometimes people call it the data pipeline. It za complicated matter, but those customers and companies that can put data at the center and really treat that pipeline is the heart of their organization, If you will, really succeeding. What are you seeing and what really is the starting point there? >>Yes, yes, that's a good question. And as you mentioned, first party, I mean, we start with first party data. Right? First party data is critical to understanding consumers on been in different verticals, different companies. Different brands have varying levels of first party data. So retailers gonna have a lot more first party data financial services company, then say an auto manufacturer. Uh, while many marketers have that first party data to really have a 3 60 view of the customer, they need third party data as well. And that's where experience comes in. We help brands connect those disparate data sets both 1st and 3rd party baked data to better understand consumers and create a single customer view, which has a number of applications. I think the last that I heard was that there's about eight devices on average per person. I always joke that we're gonna have these enormous. I mean, that that number is growing. We're gonna have these enormous charging stations in our house, and I think we're because all the different devices and way seamlessly move from device to device along our customer journey. And, um, if the brand doesn't understand who we are, it's much harder for the brand to connect with consumers and create a positive customer experience and way site that about 95% of companies are actually that they are looking to achieve that single customer view. They recognize, um, that they need that. And they've aligned various teams from e commerce to marketing to sales toe at a minimum in just their first party data and then connect that data to better understand, uh, consumers so consumers can interact with the brand through website and mobile app in store visits, um, by the phone, TV ads, etcetera. And a brand needs to use all of those touchpoints often collected by different parts of the organization and then adding that third party data to really understand the consumers in terms of specific use cases, Um, there's there's about three that come to mind, so there's first. There's relevant advertising and reaching the right customer. There's measurement s or being able to evaluate your advertising efforts. Uh, if you see an ad on the if I see it out of my mobile and then I by by visiting a desktop website understanding or get a direct mail piece, understanding that those connect those interactions are all connected to the same person is critical for measurement. And then there's, uh, there's personalization, um, which includes encourage customer experience amongst your own, um, touch points with that consumer personalized marketing communication and then, of course, um, analytics. So those are the use cases we're seeing? Great. >>Thank you, Amy. I'm out. You can't really talk about data without talking about, >>you know, >>governance and and and compliance. And I remember back in 2006, when the Federal Rules of Civil Procedure went in, it was easy. The lawyers just said, No, nobody can have access, but that's changed. One of things I like about what snowflakes doing with the data cloud is it's really about democratizing access, but doing so in a way that gives people confidence that they only have access to the right data. So maybe you could talk a little bit about how you're thinking about this topic, what you're doing to help customers navigate, which has traditionally been such a really challenging problem. >>No, it's another great question. Um, this is where I think the major disruption is happening. Um, and what Amy described being able to join together 1st and 3rd party data sets. Um, being able to do this was always a challenge because data had to be moved around, had a ship, my first party data to the other side. The third party data had to be shipped to me on being able to join those data sets together, um was problematic at best. And now, with the focus on privacy and protecting P, I, um, this is this is something that has to change. And the good news is with the data cloud data does not have to move. Data can stay where it belongs. Experiencing keep its data experience. Customers can hold on to their data. Yet the data can be joined together on this universal global platform that we call the data cloud. On top of that, and particularly with the regulations that are coming out that are gonna prevent data from being collected on either a mobile device or in wet warren as cookies and Web browsers, new approaches. And we're seeing this a lot in our space, both in financials and in media is to set up these data clean rooms where both sides can give access to one another, but not have to reveal any P i i to do that joint. Um, this is gonna be huge right now. You actually can protect your your customers, private your consumers, private identities, but still accomplish that. Join that Amy mentioned to be able to thio relate the cause and effect of these campaigns and really understand the signals. Um, that these data sets are trying to say about one another again without having to move data without having to reveal P. I We're seeing this happening now. This is this is the next big thing that we're gonna see explode over the next months and years to come. >>I totally agree. Massive changes coming in public policy in this area, and I wanted we only have a few minutes left. I wonder if for our audience members that you know, looking for some advice, what's the what's the one thing you'd recommend? They start doing differently or consider putting in place. That's going to set them up for success over the next decade. >>Yeah, that's a good question. Um, you know, I think e always say, you know, first harness all of your first party data across all touchpoints. Get that first party data in one place and working together Second back that data with trusted third parties and in mats, just in some ways to do that and then third, always with the customer first speak their language. Uh, where and when they want to be, uh, reached out thio on and use the information. You have to really create a better a better customer experience for your customers. >>Matt. What would you add to that? Bring us home if you would >>applications. Um, the idea that data can now be your data can now be pulled into your own business applications the same way that Netflix and Spotify are pulled into your consumer and lifestyle applications again without data moving these personalized applications experiences is what I encourage everyone to be thinking about from first principles. What would you do in your next app that you're gonna build? If you had all of your consumers, consumers had access to their data in the app and not having to think about things you know from scratch. Leverage the data cloud leverage these, you know, service providers like experience and build the applications of tomorrow. >>I'm super excited when I talked to practitioners like yourselves about the future of data Guys, Thanks so much for coming on. The Cube was really a pleasure having you and hope we can continue this conversation in the future. >>Thank you. >>All right. Thank you for watching. Keep it right there. We've got great content. Tons of content coming at the Snowflake Data Cloud Summit. This is Dave Volonte for the Cube. Keep it right there.

>> Hello everyone, and welcome back to our wall-to-wall coverage of the Datacloud summit, this is Dave Vellante, and we're seeing the emergence of a next generation workload in the cloud, more facile access, and governed sharing of data is accelerating time to insights and action. Alright, allow me to introduce our next guest. Aimee Irwin is here, she's the vice president of strategy for Experian, and Matt Glickman is VP of customer product strategy at Snowflake, with an emphasis on financial services, folks, welcome to theCUBE, thanks so much for coming on. >> Thanks Dave, nice to be here. >> Hey so Aimee, obviously 2020's been pretty unique and crazy and challenging time for a lot of people, I don't know why, I've been checking my credit score a lot more for some reason on the app, I love the app, I had to lock it the other day, I locked my credit, somebody tried to do, and it worked, I was so happy, so thank you for that. So, we know Experian, but there's a ton of data behind what you do, I wonder if you could share kind of where you sit in the data space, and how you've seen organizations leverage data up to this point, and really if you could address some of the changes you're seeing as a result of the pandemic, that would be great. >> Sure, sure. Well, as you mentioned, Experian is best known as a credit bureau. I work in our marketing services business unit, and what we do is we really help brands leverage the power of data and technology to make the right marketing decisions, and better understand and connect with consumers. So we offer marketers products around data, identity, activation, measurement, we have a consumer-view data file that's based on offline PII and contains demographic interest, transaction data, and other attributes on about 300 million people in the US. And on the identity side we've always been known for our safe haven, or privacy-friendly matching, that allows marketers to connect their first party data to Experian or other third parties, but in today's world, with the growth in importance of digital advertising, and consumer behavior shifting to digital, Experian also is working to connect that offline data to the digital world, for a complete view of the customer. You mentioned COVID, we actually, we serve many different verticals, and what we're seeing from our clients during COVID is that there's a varying impact of the pandemic. The common theme is that those who have successfully pivoted their businesses to digital are doing much better, as we all know, COVID accelerated very strong trends to digital, both in e-commerce and in media-viewing habits. We work with a lot of retailers, retail is a tale of two cities, with big box and grocery growing, and apparel retail really struggling. We've helped our clients, leveraging our data to better understand the shifts in these consumer behaviors, and better psych-map their customers during this really challenging time. So think about, there's a group of customers that is still staying home, that is sheltered in place, there's a group of customers starting to significantly vary their consumer behavior, but is starting to venture out a little, and then there's a group of customers that's doing largely what they did before, in a somewhat modified fashion, so we're helping our clients segment those customers into groups to try and understand the right messaging and right offers for each of those groups, and we're also helping them with at-risk audiences. So that's more on the financial side, which of your customers are really struggling due to the pandemic, and how do you respond. >> That's awesome, thank you. You know, it's funny, I saw a twitter poll today asking if we measure our screen time, and I said, "oh my, no." So, Matt, let me ask you, you spent a ton of time in financial services, you really kind of cut your teeth there, and it's always been very data-oriented, you're seeing a lot of changes, tell us about how your customers are bringing it together, data, the skills, the people, obviously a big part of the equation, and applications to really put data at the center of the universe, what's new and different that these companies are getting out of the investments in data and skills? >> That's a great question, the acceleration that Aimee mentioned is real. We're seeing, particularly this year, but I think even in the past few years, the reluctance of customers to embrace the cloud is behind us, and now there's this massive acceleration to be able to go faster, and in some ways, the new entrants into this category have an advantage versus the companies that have been in this space, whether it's financial services or beyond, and in a lot of ways, they all are seeing the cloud and services like Snowflake as a way to not only catch up, but leapfrog your competitors, and really deliver a differentiated experience to your customers, to your business, internally or externally. And this past, however long this crisis has been going on, has really only accelerated that, because now there's a new demand to understand your customer better, your business better, with your traditional data sources, and also new, alternative data sources, and also being able to take a pulse. One of the things that we learned, which was an eye-opening experience, was as the crisis unfolded, one of our data partners decided to take the datasets about where the cases were happening from the Johns Hopkins, and World Health Organization, and put that on our platform, and it became a runaway hit. Thousands of our customers overnight were using this data to understand how their business was doing, versus how the crisis was unfolding in real time. And this has been a game-changer, and it's only scratching the surface of what now the world will be able to do when data is really at their fingertips, and you're not hindered by your legacy platforms. >> I wrote about that back in the early days of the pandemic when you guys did that, and talked about some of the changes that you guys enabled, and you know, you're right about cloud, in financial services cloud used to be an evil word, and now it's almost, it's become a mandate. Aimee, I wonder if you could tell us a little bit more about what your customers are having to work through in order to achieve some of these outcomes. I mean, you know, I'm interested in the starting point, I've been talking a lot, and writing a lot, and talking to practitioners about what I call the data life cycle, sometimes people call it the data pipeline, it's a complicated matter, but those customers and companies that can put data at the center and really treat that pipeline as the heart of their organization, if you will, are really succeeding. What are you seeing, and what really is the starting point, there? >> Yes, yeah, that's a good question, and as you mentioned, first party, I mean we start with first party data, right? First party data is critical to understanding consumers. And different verticals, different companies, different brands have varying levels of first party data. So a retailers going to have a lot more first party data, a financial services company, than say, an auto manufacturer. And while many marketers have that first party data, to really have a 360 view of the customer, they need third party data as well, and that's where Experian comes in, we help brands connect those disparate datasets, both first and third party data to better understand consumers, and create a single customer view, which has a number of applications. I think the last stat I heard was that there's about eight devices, on average, per person. I always joke that we're going to have these enormous, and that number's growing, we're going to have these enormous charging stations in our house, and I think we already do, because of all the different devices. And we seamlessly move from device to device, along our customer journey, and, if the brand doesn't understand who we are, it's much harder for the brand to connect with consumers and create a positive customer experience. And we cite that about 95 percent of companies, they are looking to achieve that single customer view, they recognize that they need that, and they've aligned various teams from e-commerce, to marketing, to sales, to at a minimum adjust their first party data, and then connect that data to better understand consumers. So, consumers can interact with a brand through a website, a mobile app, in-store visits, you know, by the phone, TV ads, et cetera, and a brand needs to use all of those touchpoints, often collected by different parts of the organization, and then add in that third party data to really understand the consumers. In terms of specific use cases, there's about three that come to mind. So first there's relevant advertising, and reaching the right customer, there's measurement, so being able to evaluate your advertising efforts, if you see an ad on, if I see an ad on my mobile, and then I buy by visiting a desktop website, understanding, or I get a direct mail piece, understanding that those interactions are all connected to the same person is critical for measurement. And then there's personalization, which includes improved customer experience amongst your own touchpoints with that consumer, personalized marketing communication, and then of course analytics, so those are the use cases we're seeing. >> Great, thank you Aimee. Now Matt, you can't really talk about data without talking about governance and compliance, and I remember back in 2006, when the federal rules of civil procedure went in, it was easy, the lawyers just said, "no, nobody can have access," but that's changed, and one of the things I like about what Snowflake's doing with the data cloud is it's really about democratizing access, but doing so in a way that gives people confidence that they only have access to the right data. So maybe you could talk a little bit about how you're thinking about this topic, what you're doing to help customers navigate, which has traditionally been such a really challenging problem. >> Another great question, this is where I think the major disruption is happening. And what Aimee described, being able to join together first and third party datasets, being able to do this was always a challenge, because data had to be moved around, I had to ship my first party data to the other side, and the third party data had to be shipped to me, and being able to join those datasets together was problematic at best, and now with the focus on privacy and protecting PII, this is something that has to change, and the good news is, with the data cloud, data does not have to move. Data can stay where it belongs, Experian can keep its data, Experian's customers can hold onto their data, yet the data can be joined together on this universal, global platform that we call the data cloud. On top of that, and particularly with the regulations that are coming out that are going to prevent data from being collected on either a mobile device or as cookies on web browsers, new approaches, and we're seeing this a lot in our space, both in financials and media, is to set up these data clean rooms, where both sides can give access to one another, but not have to reveal any PII to do that join. This is going to be huge, now you actually can protect your customers' and your consumers' private identities, but still accomplish that join that Aimee mentioned, to be able to relate the cause and effect of these campaigns, and really understand the signals that these datasets are trying to say about one another, again without having to move data, without having to reveal PII, we're seeing this happening now, this is the next big thing, that we're going to see explode over the months and years to come. >> I totally agree, massive changes coming in public policy in this area, and we only have a few minutes left, and I wonder if for our audience members that are looking for some advice, what's the, Aimee, what's the one thing you'd recommend they start doing differently, or consider putting in place that's going to set them up for success over the next decade? >> Yeah, that's a good question. You know, I think, I always say, first, harness all of your first party data across all touchpoints, get that first party data in one place and working together, second, connect that data with trusted third parties, and Matt suggested some ways to do that, and then third, always put the customer first, speak their language, where and when they want to be reached out to, and use the information you have to really create a better customer experience for your customers. >> Matt, what would you add to that? Bring us home, if you would. >> Applications. The idea that data, your data can now be pulled into your own business applications the same way that Netflix and Spotify are pulled into your consumer and lifestyle applications, again, without data moving, these personalized application experiences is what I encourage everyone to be thinking about from first principles. What would you do in your next app that you're going to build, if you had all your consumers, if the consumers had access to their data in the app, and not having to think about things from scratch, leverage the data cloud, leverage these service providers like Experian, and build the applications of tomorrow. >> I'm super excited when I talk to practitioners like yourselves, about the future of data, guys, thanks so much for coming on theCUBE, it was a really a pleasure having you, and I hope we can continue this conversation in the future. >> Thank you. >> Thanks. >> Alright, thank you for watching, keep it right there, we got great content, and tons of content coming at the Snowflake data cloud summit, this is Dave Vellante for theCUBE, keep it right there.

>>Hello, everyone. And welcome back to our wall to wall coverage of the data Cloud Summit. This is Dave a lot. And we're seeing the emergence of a next generation workload in the cloud were more facile access and governed. Sharing of data is accelerating. Time to insights and action. All right, allow me to introduce our next guest. Amy Irwin is here. She's the vice president of strategy for experience. And Matt Glickman is VP customer product strategy it snowflake with an emphasis on financial services. Folks, welcome to the Cube. Thanks so much for coming on. >>Thanks for >>having us >>nice to be here. Hey, >>So, Amy, I mean, obviously 2020 has been pretty unique and crazy and challenging time for a lot of people. I don't know why I've been checking my credit score a lot more for some reason. On the app I love the app I got hacked. I had a lock it the other day I locked my credit. Somebody tried to dio on and it worked. I was so happy. So thank you for that. But so we know experience, but there's a ton of data behind what you do. I wonder if you could share kind of where you sit in the data space and how you've seen organizations leverage data up to this point. And really, if you could address maybe some of the changes that you're seeing as a result of the pandemic, that would be great. >>Sure, sure. Well, Azaz, you mentioned experience Eyes best known as a credit bureau. Uh, I work in our marketing services business unit, and what we do is we really help brands leverage the power of data and technology to make the right marketing decisions and better understand and connect with consumers. Eso We offer marketers products around data identity activation measurement. We have a consumer view data file that's based on offline P I and contains demographic interest, transaction data and other attributes on about 300 million people in the U. S. Uh, and on the identity side, we've always been known for our safe haven or privacy friendly matching that allows marketers to connect their first party data to experience or other third parties. Uh, but in today's world, with the growth and importance of digital advertising and consumer behavior shifting to digital, uh, experience also is working to connect that offline data to the digital world for a complete view of the customer you mentioned co vid, um, we actually, we start of many different verticals. And what we're seeing from our clients during co vid is that there's a bearing impact of the pandemic. The common theme is that those that have successfully pivoted their businesses to digital are doing much better. Uh, as we all know, Kobe accelerated very strong trends to digital both in the commerce and immediately eating habits. We work with a lot of retailers. Retail is a tale of two cities with big box and grocery growing and apparel retail really struggling. We've helped our clients leveraging our data to better understand the shifts in these consumer behaviors and better segment their customers during this really challenging time. Eso think about there's there's a group of customers that it's still staying home that is sheltered in place. There's a group of customers starting that significantly varied their consumer behavior, but it's starting to venture out a little. And then there's a group of customers that's doing largely what they did before in a somewhat modified fashion. So we're helping our clients segment those customers into groups to try and understand the right messaging and right offers for each of those groups. And we're also helping them with at risk. Audi's is S O. That's more on the financial side. Which of your customers are really struggling due to the pandemic. And how do you respond? >>So it's awesome. Thank you. You know it Zafon e I mean somebody. I saw Twitter poll today asking if we measure our screen time and I said, Oh my no eso Matt, let me ask you. You spend a ton of time and financial services. You really kind of cut your teeth there, and it's always been very data oriented. You've seen a lot of changes tell us about how your customers are bringing together data, the skills that people obviously a big part of the equation and applications to really put data at the center of their universe. What's new and different that these companies are getting out of the investments in data and skills. >>That's a great question. Um, the acceleration that Amy mentioned Israel, Um, we're seeing a particularly this year, but I think even in the past few years, the reluctance of customers to embrace. The cloud is behind us. And now there's this massive acceleration to be able to go faster on, and in some ways the new entrance into this category have an advantage versus, you know, the companies that have been in the space, whether it's financial services or beyond. Um, and in a lot of ways they are are seeing the cloud and services like snowflakes as a way toe not only catch up but leapfrog your competitors and really deliver a differentiated experience to your customers to your business, internally or externally. Um, and this past, you know, however long this crisis has been going on, has really only accelerated that, because now there's a new demand. Understand your customer better your your business better with with your traditional data sources and also new alternative data sources, Um, and also be able to take a pulse. One of things that we learned which was you know, I opening experience was as the crisis unfolded, one of our data partners decided to take the data sets about where the cases where were happening from the Johns Hopkins and World Health Organization and put that on our platform and it became a runaway hit. Where now, with thousands of our customers overnight, we're using this data to understand how their business was doing versus how the crisis was unfolding in real time. On this has been a game changer, and I think it's only it's only scratching the surface of what now the world will be able to do when data is really at their fingertips. You're not hindered by your legacy platforms. >>I wrote about that back in the early days of the pandemic when you guys did that and talked about some of the changes that you guys enabled. And you know you're right about Cloud. I mean, financial services. Cloud used to be an evil word, and now it's almost become a mandate. Amy, I >>wonder if you >>could tell us a little bit more about what? What you know your customers they're having to work through in order to achieve some of these outcomes. I mean, I'm interested in the starting point. I've been talking a lot and writing a lot on talking to practitioners about what I call the data lifecycle. Sometimes people call it the data pipeline. It's it's a complicated matter, but those customers and companies that can put data at the center and really treat that pipeline is, you know, the heart of their organization, if you will, Really succeeding. What are you seeing and what really is the starting point there? >>Yes, yes, that's a good question. And as you mentioned, first party, I mean, we start with first party data. Right? First party data is critical to understanding consumers on been in different verticals, different companies. Different brands have varying levels of first party data. So retailers gonna have a lot more first party data financial services company, then say an auto manufacturer. Uh, while many marketers have that first party data to really have a 3 60 view of the customer, they need third party data as well. And that's where experience comes in. We help brands connect those disparate data sets both 1st and 3rd party baked data to better understand consumers and create a single customer view, which has a number of applications. I think the last that I heard was that there's about eight devices on average per person. I always joke that we're gonna have these enormous. I mean, that that number is growing we're gonna have these enormous charging stations in our house, and I think we're because all the different devices and way seamlessly move from device to device along our customer journey. And, um, if the brand doesn't understand who we are, it's much harder for the brand to connect with consumers and create a positive customer experience and way site that about 95% of companies are actually that they are looking to achieve that single customer view. They recognize, um, that they need that. And they've aligned various teams from e commerce to marketing to sales so at a minimum in just their first party data, and then connect that data to better understand, uh, consumers. So consumers can interact with the brand through website and mobile app in store visits, um, by the phone TV ad, etcetera. And a brand needs to use all of those touchpoints often collected by different parts of the organization and then adding that third party data to really understand the consumers in terms of specific use cases, Um, there's there's about three that come to mind. So there's first. There's relevant advertising and reaching the right customer. There's measurement s or being able to evaluate your advertising efforts. Uh, if you see an ad on if I see it out of my mobile and then I by by visiting a desktop website, understanding or I get a direct mail piece understanding that those connect those interactions are all connected to the same person is critical for measurement. And then there's, uh, there's personalization, um, which includes improved customer experience amongst your own, um, touch points with that consumer Parsons marketing communication and then, of course, um, analytics. So those are the use cases we're seeing? Great. >>Thank you, Amy. I'm at you Can't really talk about data without talking about, >>you know, >>governance and and and compliance. And I remember back in 2006 when the Federal Rules of Civil Procedure went in, it was easy. The lawyers just said, No, nobody can have access, but that's changed. One of things I like about what snowflakes doing with the data cloud is it's really about democratizing access, but doing so in a way that gives people confidence that they only have access to the right data. So maybe you could talk a little bit about how you're thinking about this topic what you're doing to help customers navigate, which has traditionally been such a really challenging problem. >>No, it's another great question. Um, this is where I think the major disruption is happening. Um, and what Amy described being able to join together 1st and 3rd party data sets. Um, being able to do this was always a challenge because data had to be moved around, had to ship my first party data to the other side. The third party data had to be shipped to me. And being able to join those data sets together, um was problematic at best. And now, with the focus on privacy and protecting P, I, um, this is this is something that has to change. And the good news is with the data cloud data does not have to move. Data can stay where it belongs experience and keep its data experience. Customers can hold on to their data. Yet the data can be joined together on this universal global platform that we call the data cloud. On top of that, and particularly with the regulations that are coming out that are going to prevent data from being collected on either a mobile device or in wet warn as cookies and Web browsers. New approaches and we're seeing this a lot in our space, both in financials and in media is to set up these data clean rooms where both sides can give access to one another but not have to reveal any P i i to do that joint. Um, this is gonna be huge right now. You actually can protect your your customers, private your consumers, private identities, but still accomplish that. Join that Amy mentioned to be able to thio, relate the cause and effect of these campaigns and really understand the signals that these data sets are trying to say about one another again without having to move data without having to reveal P. I We're seeing this happening now. This is this is the next big thing that we're gonna see explode over the next months and years to come. >>I totally agree massive changes coming in public policy in this area, and I wanted we only have a few minutes left. I wonder if for our audience members that you know, looking for some advice, what's the what's the one thing you'd recommend? They start doing differently or consider putting in place That's going to set them up for success over the next decade. >>Yeah, that's a good question. Um, you know, I think e always say, you know, first harness all of your first party data across all touchpoints. Get that first party data in one place and working together psychic back that data with trusted third parties and mats, just in some ways to do that and then third, always with the customer first speak their language, uh, where and when they want to be, uh, reached out thio on and use the information. You have to really create a better a better customer experience for your customers. >>Matt. What would you add to that? Bring us home if you would >>applications. Um, the idea that data can now be your data can now be pulled into your own business applications the same way that Netflix and Spotify are pulled into your consumer and lifestyle applications again without data moving these personalized applications experiences is what I encourage everyone to be thinking about from first principles. What would you do in your next app that you're going to build? If you had all of your consumers. Consumers had access to their data in the APP and not having to think about things, you know, from scratch. Leverage the data cloud leverage these, you know, service providers like experience and build the applications of tomorrow. >>I'm super excited when I talked to practitioners like yourselves about the future of data Guys. Thanks so much for coming on. The Cube was really a pleasure having you and hope we can continue this conversation in the future. >>Thank you. >>Anything. >>All right. Thank you for watching. Keep it right there. We've got great content. Tons of content coming at the Snowflake Data Cloud Summit. This is Dave Volonte for the Cube. Keep it right there.

(logo chiming) >> Presenter: From theCUBE studios in Palo Alto in Boston, connecting with thought leaders all around the world, this is a cube conversation. >> Hi, welcome to this cube conversation. I'm Lisa Martin. And I'm pleased to welcome back one of our cube alumni from Dell Technologies. Joining me right now is Jim Clancy, the SVP of Global Data Protection Solutions Dell. Jim, great to have you back on theCUBE. >> Hey, Lisa, thanks for having me. Looking forward to our conversation. >> Though we're nice. So we're very appropriately socially distance as you can tell California East Coast. So 2020 has been a quite a year, right? We're only about halfway through it, Jim. But some of the things that I noticed from Dell Technologies is these three big waves that Dell Technologies that we want to ride these in 2020. And those waves are Cloud, VMware, and Cyber Recovery. >> That's right. >> Talk to me about these three waves and what's happening with those currents in this pandemic time. >> Yeah, it's really interesting. So back in February we, we actually had Dave Volante had a video that we shared with our teams at FRS, which is the global sales organization meeting. And we were talking about some of the things that we're seeing from our customers and how they're picking up. And those are the key waves that our teams have been focused on. But most importantly, these are what our customers are asking us about. These are the things that are really important to them, that are allowing them to know modernize in, some of the challenges that that have really kind of taken off and gotten, quite frankly, worse in the current environment. So yeah, we, we kind of jumped on the wave that Dave kind of brought forward to us at FRS and now we've been riding those with our customers. And if you can imagine that they're pretty choppy with some of the change in the environment that we're in today, but they certainly allow someone like Dell DPS to be able to be really successful if you write them correctly. >> Alright, so let's break down those choppy waves right now from a cloud perspective. So many organizations in every industry globally, are living in a multicloud world, whether it's strategic, and some of it is or by acquisition. And they're running traditional workloads, they're running emerging workloads. How is cloud now even more important from a data protection perspective? And what is Dell Technologies doing to help them in this navigate this multicloud world? >> Yeah, well, I think a couple a couple of different things. First, is that before COVID, and before the pandemic, customers were obviously living in a multicloud world they were picking applications choosing. Is it easier, is it faster to deploy in the cloud. And now with with the situation that we're in, customers are accelerating their adoption. So if you look at some of the announcements that come out from like Microsoft. The Microsoft's cloud businesses is just exploding right now. And a lot of it has to do with our customers are not going back to the data center, they don't have access. And the world has changed that their focus so much on work from home, that the quickest way to get going is to adopt the cloud. And so we're seeing a massive uptick on that. It's good news for Dell Data Protection, because there's a couple of key things that happen. When customers take some of these applications and put them in the cloud. They certainly open themselves up for some challenges, or they certainly open up with a cost really takes off if they're not leveraging an efficient data protection solution. So the first, first and foremost customers are adopting and leveraging the cloud more and more. And then about I think the numbers around 70% of customers today are looking to optimize their cloud experience. So they want to use it more, but they definitely understand that they're spending a tremendous amount of dollars out there and they want to optimize it. So we've had an example with a customer that wanted to leverage the cloud more. But the challenge was the cost just wasn't working out for them. And 60% of that cost that they felt they needed to update was their backup and archive. And so we went in, worked with them talked about how we could optimize that environment, to the extent that we could cut their costs in half. So there's a there's definitely a need, customers are going to continue working and going to the cloud, but they need an optimized, efficient Data Protection Solution. And Dell is the only one that can deliver that. >> And speaking of cost for a second, let's pivot on that. Because these days, it seems like the financing for Data Protection Solutions is as important as protecting the data itself. So when your customers are coming to you guys say, hey help us out, we need to leverage out more but we need to do some cost effectively. What are some of the the flexible financing options or even incentives and offers that Dell Technologies is delivering to it's customers? >> Yes. So we've been offering a lot to our customers for years in terms of flexible financing, we have the best finance organization sales financing organization in the world which is our DFS group. And what we've been able to do is start to look at more about how can we offer a subscription pricing to our customers flex on demand. But then on top of that, is we announced another program, which allows customers to extend their payment terms, right? It allows them to, zero dollar finance. So as the customer are really kind of focused on preserving their cash. We are bringing to market solutions, not only with DFS, that makes it more flexible from a consumption standpoint. But we're also looking at how do we kind of bundle some of our solutions together. How do we become more aggressive and help our customers get through this because cash is king for a lot of our customers today. And if we can help them preserve that cash it gives them the flexibility, they're going to remember that. Right? They're going to, they're going to want to partner with us more, they're going to see that we're stepping up to help them get through this difficult time. So, flex on-demand subscription pricing, those are the big things that we're starting to see more and more from our customers and Dell is here to help them with stepping up and helping our customers when it comes to the financing. >> Then imagine that applies not just to the Cloud environment, but also the VMware environment. That's another wave. Talk to me a little bit more about that wave and how you're helping customers to be able to protect their VMware workloads across the entire VMware stack. >> Yeah, and just let me add one thing to, from a when I talk about the financing, it's, it's whether someone runs stuff on-prem or in the cloud. So I know you mentioned that it's it's flexible pricing options across on-prem or off-prem, it doesn't matter. For us, it's a multicloud world and wherever you want to run it, you want to have flexible consumption models. But the topic of VMware which is just an amazing opportunity that we're working together with VMware and the partnership could never be any stronger than it is today is that VMware is working and growing, in every one of our customer environments today. And as they grow, they really need a strong Data Protection Solution that's going to bring governance, that's going to have scale, that's going to have cyber, Cybersecurity on it, that's going to give them that flexibility to be able to protect these workloads. And VMware wants to continue to virtualize more and more workloads, databases. And to do that, you need to be able to say that you can protect them recover that data. So customers are really pressing VMware and VMware is coming to Dell Data Protection to say, look, we're becoming more and more critical, and they've always been critical in the data center. But we really need to partner with you to be able to deliver a full experience and offer that protection that is necessary for a customer's mission-critical environment. So VMware and Dell DPS, I mean, together, no one can compete with us. It's actually exciting where we are today. But most importantly, some of the things that we're doing moving forward. >> And one of the obvious advantages that Dell Technologies has with respect to VMware is joint VMware engineering and that deep integration. Tell me a little bit more about that, and how that is an advantage when you're talking and sell situations with your customers? >> Yeah, it's a. So I always say that probably about 18 months ago, we really started to put together this joint development start to get really tighter from a technology standpoint, because you can't just show up one day and say, Hey, I'm the best in this market, right? You really need to be building, something and get to a point and so about 18 months ago, I tell customers, that's when Dell and VMware really came together and started doing more in terms of strategic solutions. And it's paying off for us. So if you think about VMC, very critical, VMware Cloud, very very important for their future and their success. We were the first to market with that integration. If you think of Kubernetes, and the importance of Kubernetes. Moving forward, we were first integrated with that with VMware, so our engineering investments are paying off. And this is just the beginning of where that relationship is going to be. As we exit this year, our solutions together will be second to none in the market. And quite frankly, there'll be no one else left in the market that can compete with us from a technology and that's good, not just for our customers and our partners, and not just good for Dell DPS. But most importantly, that's really important to VMware right? They're scaling, they're growing tremendously. They're the leader in this market, and they want to continue to own more of a customer experience. And to do that they need a data protection partner that can help them and so we got a great relationship going right now and it's only getting better. >> That's good to hear. So in terms of data protection, let's let's dig into that third wave, which was Cyber Recovery because one of the things that we know is happening during the pandemic is that cybersecurity issues are on the rise. We know that as technology advances, and it's used for good applications. The bad actors also have access to it. I was reading from the FCC the other day that just since March, there are about 1000 new domain names registered every day with COVID-19. There's malware that's easily dropped on a suspecting persons a endpoint because maybe it has a really entirely enticing title from the World Health Organization. What are you seeing in your customer environments with respect to Cyber Recovery? And is it is security now even more of an important factor given that this work from home situation is probably going to continue for some businesses for quite some time? >> Yeah, I think, our customers have a lot of different challenges now with with COVID-19. And one of them was how do you get your workforce working remotely. And sometimes you have to cut corners to get that done. And what that does is open you up for more challenges, more security breaches. And on top of that, is we're seeing the I call them the bad guys, the bad guys are out there right now attacking our customers more than they ever had. So, before COVID-19 ransomware was a big problem. And now it's, it's even worse. And so I think the bad guys see that they have an opportunity to go out there and really hurt some of these companies hold them, hold them for ransom, get some money from them, which is very unfortunate, but at the same time, that's the reality that we're living in. So before COVID-19, we had a massive customer acceptance, so looking at what we delivered from a Cyber Recovery Solution. And now since COVID-19, is about a 4,000% increase in ransomware attacks, we're seeing every one of our customers really starting to adopt the Cyber Recovery Vault that we delivered to the market today. Now we it's this isn't something new, right? We we've been building on this since about 2016. And our solution has gotten better and better and better, to now where absolutely, we've always been the leader in this market. But now we have such an incredible lead with our customers in terms of how we can help them in the challenges that are exacerbating in their install base. We're really in the right place at the right time. It's unfortunate for our customers, but at the same time, they have to protect their assets. They always have to be able to recover their their their assets or the business won't continue. So it's an unfortunate thing for them, but Dell is here to help take care of one of these problems that they have which is protecting their mission-critical assets. >> Right. And this mission-critical assets are on devices. They're in Cloud applications like office 365, or Salesforce business-critical, revenue-critical data. They're in a data center, they're in VMs. How are you helping customers kind of evaluate if they're in a situation now where they realize maybe we haven't put the emphasis into data protection that we need to? How do you help a customer sort of stack rank and prioritize knowing that the threat vectors are fairly holistic and get a solution from Dell Technologies implemented, and securing them as fast as possible? >> Yeah, it's a good it's a good question. It's kind of a hard one to answer because our customers have data everywhere. So it's a hard one for our customers to kind of figure it out. But what we can do is we can start in different places for them so we can work with them on assets that things that absolutely for them to restart their business, we have a solution that allows them or a way that we say look for you to get your business back up and running there's a critical rebuild there's things that absolutely need to be able to lay down your foundation before you even consider dropping assets, or any applications back out there. So that's like a first step of hey, let's at least size out how you get your critical rebuild up and running. But then there's other companies like big banks that say, well, I need all my customer information no matter what, and I need to recover that. So it's it can get a little complicated. Sometimes we have customers, because they have to figure out what assets they want to put in the vault and how do they want to recover that data. And what's the RPO RTO time but for us, we can work with them and say here's the critical rebuild. Here's the first step of getting your information back from the bad guys or back from wherever you're storing it today. But then on top of that, we can start to expand with them. And they can start to protect more and more things and add to the ball more and more the critical applications that they have out there. And, no one understands this better than us. And so it's good because we can help our clients size where they are today, we can help take a snapshot of their environment today. And then we can recommend what we think is step one, and depending on their appetite, depending on their urgency, we could take them from step one to step done, right? We can, we can cover all their assets, so we can start with their mission-critical and move down to other applications. So the good news for our customers, we have the only secure vault in the market. And we also have the expertise and the people to be able to help them understand how they can get going. >> Last question, Jim, for you in terms of the choices of the technologies that Dell Technologies offers to your customers, Dell has been the leader in the purpose-built backup of plan market. Since IDC invented that category, but the market is bifurcating, and we're seeing Integrated Data Protection Appliances IDPA, even though it's a smaller term, that market is growing faster. Talk to me about the different choices of technologies that you deliver to your customers? >> Yeah, I guess there's a couple ways to look at there's a traditional way of a customer building out their solution and that would be the traditional purpose-built backup appliance Data Domain with our software. And so they would kind of build that build on their own, they put the software in the hardware together, and that would be their solution. What we are seeing more and more is that customers are looking for that integrated appliance. And I'm happy to say that, our IDPA solution, which was a little bit behind getting to the market is now right in the center of the market and picking share right? We are easily outgrowing the market. This is something that we're putting our shoulder behind. We're pushing really high with our customers. Our customers are extremely happy. So thank you to the engineering team, the services team, the product management team that, really helped us get from where we were, say three years ago to where we are now. Now our customers are really pushing for that integrated experience, because they're flying to quality. There's a flight to quality right now, someone that might have multiple backup applications might have multiple hardware solutions. They're trying to get to one vendor, they're trying to get to one partner, they are trying to make this a simpler experience. And so from Dell, because we cover all the use cases that our customers have out there, they're looking at us as that one provider, that one vendor that can deliver on the full experience across their whole environment, not just maybe the VMware solution, maybe not just a couple of databases, maybe not just their Cloud applications. They want a vendor that can provide solutions. Across all of their workloads across all of their use cases, and no matter where the data sits in a remote office, on-prem in a data center or in the cloud, and that's where IDPA comes in, we can deliver a solution that covers all customers use cases, with the same experience from Dell, which is second to none. So that's where IDPA is exciting. That's where IDPA is growing up place in the market. And that's where teams have to really spend time helping customers understand how they can consolidate down to one vendor, which is Dell, and be able to cover all of their requirements. So it's pretty exciting time on what we're delivering from an IDPA standpoint. And we are clearly taking share on that market right now. >> Well Jim, thank you for joining me on theCUBE today talking about those three waves, Cloud, VMware, Cyber Recovery and how Dell is really helping your customers rapidly pivot in these turbulent waters to capitalize on some of the new opportunities that are clearly there, we appreciate your time, Jim. >> Yeah, thanks for having me and we're going to continue to ride the waves and be really successful. >> All right, for Jim Clancy, I'm Lisa Martin. You're watching theCUBES conversation with Dell Technologies. (soft music)

from around the globe it's the cube with digital coverage of Red Hat summit 2020 brought to you by Red Hat hi I'm Stu min a man and this is the cubes coverage of Red Hat summit 2020 of course this year the event is happening all online and that gives us an opportunity to meet with red hat executives customers partners and practitioners where they are around the globe in this segment one of our favorites ever years we're talking to the women in open source and joining me for this segment first of all we have Elissa and Alexander who is the executive vice president and chief people officer of Red Hat this award fit thunder her domain dallisa it is great to see you again thanks so much for joining us thank you so much for having us all right and we have two of the Award winners so first if you see right next bit Elissa we have an epic Sain who's a doctor and PhD candidate in clinical neuroscience at the University of Gothenburg coming to us from Sweden method great to see you thank you very much all right we also have Megan Burge Sinicki who is a manager of research and operations at the open source program office at Google Megan thank you so much for joining us off though thanks for having me all right so dallisa let me hand it off to you is give our audience a little bit if they're not familiar with whipping an open source what the initiative is the community and you know what might have changed from previous years when we've talked about this sure so we realized that the tech industry is a great industry for diverse populations but a lot of diverse populations don't realize that and so as the open source leader we wanted to shine a light on the contributions that some of our underrepresented populations are making an open source that trying to inspire more people to join communities to participate to contribute we know that more diverse populations help us to innovate more rapidly they help us to solve more problems and so it's really important especially today with what's happening in the world lots of important problems to solve that we really invite more of our other upper sort of populations to join in the communities awesome so absolutely there there are lots of people that volunteer there are lots of people that do it as their day job Megan why don't we fuck you have a roll open source first Google as a strong legacy and open source in general so tell us a little bit about you know what you were working on and what you're being recognized for here yeah well a lot of the recognition comes from my work with the Drupal Association I had been with Drupal for 8 years hoping to build that foundation in supporting that community and lots of different ways from fundraising to community events running sprints and helping with their developer tools and so that was a lot what the award was based on and now I'm at Google and I've been here for about a year and a half and I run their research and operations and so Google is an expression of open source and we have thousands of people using thousands of projects and we want to make sure they do it well they feel supported that we are good citizens in the projects that we participate in and so my group provides the operational support to make sure that happens you know you know what one of the things that's always fascinating when I go to Red Hat there's so many projects there's so many participants from various walks of life last year at the show there was a lot of discussion of you know it was a survey really and said that you know the majority of people that tribute now it's actually part of their job as opposed to when I think back you know you go back a couple of decades ago and it was like oh well in my spare time or down in my basement I'm contributing here so maybe talk a little bit about the communities and you know what what Megan is embodying CSUN she worked on project now she's working for obviously a good partner of Red Hat's that does a lot of open source yeah I love the way she described what her role is at Google and that it's fascinating and Google has been really a huge contributor in the community for in communities for years and years so I think that what we're seeing with the communities and people saying yeah now it's part of my day job is that you know 20 years ago the idea that open-source development would be kind of on par with proprietary development and on par in terms of being used in the enterprise and the data center was something that I think many people questioned proprietary software was the way that most people felt comfortable making sure that their intellectual property is protected and that users could feel comfortable using it within the parameters required so that was the way it was 20 years ago and then now you think about you know most companies there is some form of open source that is part of their infrastructure so now open source is no longer you know that disrupter but it's really a viable alternative and organizations really want to use both they want to have some propriety or they want to have some open sources so that means like every company is going to need to have some need to understand how to participate in communities how to influence communities and Red Hat's a great partner in helping enterprise customers to be able to understand what those red Nets might look like and then helping to kind of harden it make sure things that they need to have application city to have certified or certified and make it really usable in a way they're comfortable with in the enterprise that's kind of special Red Hat place but it's just a tribute to where we come in a world in terms of open source being really accepted and thriving and it helps us to innovate much more rapidly yeah and there's there's no better way to look at not only where we are but where we're going then talk about what's happening in the academic world so that gives it brings us Aneta so you are the academic award winner you're a PhD candidate so tell us a little bit about your participation and open source what it means to be part of this community my PhD project involves using virtual reality to measure the arm movements of people with stroke so we have participants coming in into our lab so they we're these 3d glasses and then they start seeing virtual objects in the 3d space and they use their hands to touch at these targets and make them disappear and we have all these movements data specially interpreters and then we write code and analyze the data and find out how much they have recovered within one year after stroke this is my PhD project but my involvement with open source happens they before like in starting from 2010 I have been editing Wikipedia and I have been writing several articles related to medicine and healthcare so that is where I started with open open knowledge and then I moved on words and after my medical studies I moved to research and worked on this awesome project and so there are multiple ways by which I have engaged with open source that's far that's awesome my understanding is also some of the roots that you had and some of the medical things that you're doing have an impact on what's happening today so obviously we're all dealing with the global pandemic in Koba 19 so I'd like to hear you know what your involvement there you know your data obviously is politically important that we have the right data getting to the right people as fast as possible definitely yes right now I'm working on writing creating content for Wikipedia writing on articles related to Kobe 19 so I mostly work on writing about its socio-economic impact writing about Kobe 19 testing and also about the disease in general mental health issues surrounding that social stigma associated began with it and so forth so I use all these high-quality references from the World Health Organization the United Nations and also from several journals and synthesize them and write articles on Wikipedia so we have a very cool project called wiki project code 19 on Wikipedia where people who are interested in writing articles creating data uploading images related to poet 19 come together and create some good content out of it so I am a very active participant there alright and making my understanding is you you also have some initiatives related to kovat 19 maybe you can tell us a little bit about those yeah well one I'm loosely affiliated with this kovat act now and that is a combination of developers data scientists epidemiologists and US state government officials and it's looking at how was the curve look like and how does that curve get flattened if governor's made decisions faster or differently than what they're making today and how does it impact the availability of ICU beds and ventilators and so that is a tool that's being used today by many decision-makers here in the US and my contribution to that was they needed some resources I reached into Google and found some smart generous volunteers that are contributing to the dataset and actually I just connected with Neda do this award program and now she's connected and is gonna start working on this as well yes oh that's fantastic yeah I mean dallisa you know we've known for a long time you want to move fast if you want to connect you know lots of diverse groups you know open sources is an important driver there what what else are you seeing in your group you know with your hat is the the people officer you know obviously this is a big impact not only on all of your customers partners but on fun Red Hatters themselves well it is a huge impact we're so fortunate that we have some experience working remotely we have about 25 percent of our population that historically works remotely so we have that as a foundation but certainly the quick move the rapid move to really thinking about our people first and having them work from home across the globe that is unprecedented and at this point we have some individuals who have been working from home for many many many week and others that are really in entering their fourth week so we're starting to have this huge appreciation for what it's like to work remotely and what we can learn about more effective inclusion so I think you know back to the idea of women and open source and diversity inclusion one of the things you may always prided ourself in is we focus on inclusion and we think about things like okay if the person is not in the room with their remote let's make sure for including them let's make sure they get to speak first etcetera well now we're learning what it's really like to be remote and for everyone to be remote and so we're creating this muscle as an organization I think most organizations are doing this right getting a muscle you didn't have before we really really having to think about inclusion in a different way and you're building a capability as an organization that you didn't have to appreciate those that are not in the room and to make sure they are included because no one's in the room you know we're really important pieces and dallisa you know one of the things that that's always great about Red Hat summit is you you bring together all these people as we just heard you know that your two Award winners here you know got connected through the awards so maybe give us a little bit of a peek as to what sort of things the community can still look forward to how they can continue to connect even though we're all going to be remote for this event yeah this event is is it going to be great event and I hope everyone joins us along our journey we are fortunate that Red Hat you know as the open source leader really wants to take a leadership position in thinking about how we can shine a light on opportunities for us to highlight the value of diversity and inclusion and so we've got a number of events not throughout the summit that we'd love people to join in and we're going to be celebrating our women and open-source again at our women's leadership community lunch is now not a lunch it is now a discussion unless you're having your lunch that you can check your desk but we're having a great conversation at that event I mean by people to join in and have a deeper conversation and also another look at our women in open source Award winners but these Award winners are just so amazing every year that applications that are submitted are just more and more inspiring and all the finalists were people that are so impressive so I love the fact that our community continues to grow and that they're more and more impressive people that are joining the community and that they're making those connections so that together we can you know really shine a light on the value that women bring to the communities and continue to inspire other underrepresented groups to join in and participate then a you know research obviously is an area where open-source is pretty well used but just give us a little bit of viewpoint from your standpoint yourself and your peers you know I would think from the outside that you know open sourced is just kind of part of the fabric of the tools that you're using is it something that people think specifically about a course or does it just come naturally that people are you know leveraging using and even contributing what what's available the tool I'm using is called cuteness it's an open source tool written in Python and so that gives me the possibility to have a look in deeper into the code and see what's actually inside for example I would like to know how what is the size of the target that is shown in the virtual space and I can fit know that correctly to the millimeters because it's available to me in open source so I think these are the advantages which researchers see when they have tools open-source tools and at the same time there's also a movement in Sweden and in most of Europe where they want the researchers are asking for publishing their articles in open access journals so they want most of their research be published as transparent as possible and there is also this movement where people want researchers want to have their data put in some open data city so that everybody can have a look at it and do analysis on the data and build up on that data if other people want to so there's a lot going from the open access side and knowledge side and also the open source side in the research community and I'm looking forward to what probably 19 will do to this movement in future and I am sure people will start using more more and more open-source tools because after the Manderly yeah making I'm curious from your standpoint when I think about a lot of these communities you know meetups are just kind of some of the regular fabric of how I get things done as well as you know just lots of events tie into things so when you're talking to your colleagues when you're talking to your peers out there how much is kind of the state of reality today having an impact in any any learnings that you can share with gaudí yeah that is definitely a challenge that we're going to figure out together and I am part of a group called Foss responders we are reaching out to projects and listening to their needs and amplifying their needs and helping to get them connected with resources and one of the top three areas of need include how do I run an online community event how do I replace these meetups and what is wonderful is that groups have been moving in this direction already and so who would release a guide of how they run online events and they provide some tooling as well but so has WordPress put out a guide and other projects that have gone down this path and so in the spirit of open source everyone is sharing their knowledge and Foss responders is trying to aggregate that so that you can go to their site find it and take advantage of it yeah definitely something I've seen one of the silver linings is you know these communities typically have been a lot of sharing but even more so everybody's responding everybody's kind of rallying to the cause don't want to give you the final word obviously you know this is a nice segment piece that we usually expect to see at Red Hat summit so what else do you want to help share where the community is final closing thoughts well I think that you know we're not done yet we have been so fortunate to be able to highlight you know the contributions that women make to open source and that is a honor that we get to take that role but we need to continue to go down this path we are not we're not done we have not made the improvement in terms of the the representative in our communities that will actually foster all of the improvements and all the solutions that need to happen in the world though we're going to keep down this pathway and really encourage everyone to think through how you can have a more inclusive team how you can make someone feel included if you're participating in a community or in an organization so that we really continue to bring in more diversity and have more innovation well excellent thank you so much Alisa for sharing it thank you too - both of you Award winners and really look forward to reading more online definitely checking out some of the initiatives that you've shared valuable pieces that hopefully everybody can leverage all right lots more coverage from Red Hat summit 2020 I'm Stu minimun and as always thank you for watching the cube [Music]

>> Announcer: From theCUBE Studios in Palo Alto and Boston, connecting with thought leaders all around the world, this is a Cube Conversation. >> Hey welcome back everybody, Jeff Frick here with theCUBE. We're in our Palo Alto Studios today, having a Cube Conversation, you know, with the COVID situation going on we've had to change our business and go pretty much 100% digital. And as part of that process, we wanted to reach out to our community, and talk to some of the leaders out there, because I think leadership in troubling times is even more amplified in it's importance. So we're excited to be joined today by two leaders in our community. First one being John Chambers, a very familiar face from many, many years at Cisco, who's now the founder and CEO of JC2 Ventures. John, great to see you. >> Jeff, it's a pleasure to be with you again. >> Absolutely. And joining him is Umesh Sachdev, he's the co-founder and CEO of Uniphore. First time on theCUBE, Umesh, great to meet you. >> Jeff, thank you for having me, it's great to be with you. >> You as well, and I had one of your great people on the other day, talking about CX, and I think CX is the whole solution. Why did Uber beat cabs, do you want to stand on a corner and raise your hand in the rain? Or do you want to know when the guy's going to come pick you up, in just a couple minutes? So anyway, welcome. So let's jump into it. John, one of your things, that you talked about last time we talked, I think it was in October, wow how the world has changed. >> Yes. >> Is about having a playbook, and really, you know, kind of thinking about what you want to do before it's time to actually do it, and having some type of a script, and some type of direction, and some type of structure, as to how you respond to situations. Well there's nothing like a disaster to really fire off, you know, the need to shift gears, and go to kind of into a playbook mode. So I wonder if you could share with the viewers, kind of what is your playbook, you've been through a couple of these bumps. Not necessarily like COVID-19, but you've seen a couple bumps over your career. >> So it's my pleasure Jeff. What I'll do is kind of outline how I believe you use an innovation playbook on everything from acquisitions, to digitizing a company, to dealing with crisis. Let's focus on the playbook for crisis. You are right, and I'm not talking about my age, (John laughing) but this is my sixth financial crisis, and been through the late 1990s with the Asian financial crisis, came out of it even stronger at Cisco. Like everybody else we got knocked down in the 2001 tech bubble, came back from it even stronger. Then in 2008, 2009, Great Recession. We came through that one very, very strong, and we saw that one coming. It's my fourth major health crisis. Some of them turned out to be pretty small. I was in Mexico when the bird pandemic hit, with the President of Mexico, when we thought it was going to be terrible. We literally had to cancel the meetings that evening. That's why Cisco built the PLAR Presence. I was in Brazil for the issue with the Zika virus, that never really developed much, and the Olympics went on there, and I only saw one mosquito during the event. It bit me. But what I'm sharing with you is I've seen this movie again and again. And then, with supply chain, which not many people were talking about yet, supply chain crisis, like we saw in Japan with the Tsunami. What's happening this time is you're seeing all three at one time, and they're occurring even faster. So the playbook is pretty simple in crisis management, and then it would be fun to put Umesh on the spot and say how closely did you follow it? Did you agree with issues, or did you disagree, et cetera, on it. Now I won't mention, Umesh, that you've got a review coming up shortly from your board, so that should not affect your answer at all. But the first playbook is being realistic, how much was self-inflicted, how much was market. This one's largely market, but if you had problems before, you got to address them at the same time. The second thing is what are the five to seven things that are material, what you're going to do to lead through this crisis. That's everything from expense management, to cash preservation. It's about how do you interface to your employees, and how do you build on culture. It's about how do you interface to your customers as they change from their top priority being growth and innovation, to a top priority being cost savings, and the ability to really keep their current revenue streams from churning and moving. And it's about literally, how do make your big bets for what you want to look like as you move out of this market. Then it's how do you communicate that to your employees, to your shareholders, to your customers, to your partners. Painting the picture of what you look like as you come out. As basic as that sounds, that's what crisis management is all about. Don't hide, be visible, CEOs should take the role on implementing that playbook. Umesh to you, do you agree? And have fun with it a little bit, I like the give and take. >> I want to see the playbook, do you have it there, just below the camera? (Jeff laughing) >> I have it right here by my side. I will tell you, Jeff, in crisis times and difficult times like these, you count all the things that go right for you, you count your blessings. And one of the blessings that I have, as a CEO, is to have John Chambers as my mentor, by my side, sharing not just the learning that he had through the crisis, but talking through this, with me on a regular basis. I've read John's book more than a few times, I bet more than anybody in the world, I've read it over and over. And that, to me, is preparation going into this mode. One of the things that John has always taught me is when times get difficult, you get calmer than usual. It's one thing that when you're cruising on the freeway and you're asked to put the brakes, but it's quite another when you're in rocket ship, and accelerating, which is what my company situation was in the month of January. We were coming out of a year of 300% growth, we were driving towards another 300% growth, hiring tremendously, at a high pace. Winning customers at a high pace, and then this hit us. And so what I had to do, from a playbook perspective, is, you know, take a deep breath, and just for a couple of days, just slow down, and calmly look at the situation. My first few steps were, I reached out to 15 of our top customers, the CEOs, and give them calls, and said let's just talk about what you're seeing, and what we are observing in our business. We get a sense of where they are in their businesses. We had the benefit, my co-founder works out of Singapore, and runs our Asia business. We had the benefit of picking up the sign probably a month before everyone else did it in the U.S. I was with John in Australia, and I was telling John that "John, something unusual is happening, "a couple of our customers in these countries in Asia "are starting to tell us they would do the deal "a quarter later." And it's one thing when one of them says it, it's another when six of them say it together. And John obviously has seen this movie, he could connect the dots early. He told me to prepare, he told the rest of the portfolio companies that are in his investment group to start preparing. We then went to the playbook that John spoke of, being visible. For me, culture and communication take front seat. We have employees in ten different countries, we have offices, and very quickly, even before the governments mandated, we had all of them work, you know, go work from home, and be remote, because employee safety and health was the number one priority. We did our first virtual all-hands meeting on Zoom. We had about 240 people join in from around the world. And my job as CEO, usually our all-hands meeting were different functional leaders, different people in the group talk to the team about their initiatives. This all-hands was almost entirely run by me, addressing the whole company about what's going to be the situation from my lens, what have we learned. Be very factual. At the same time, communicating to the team that because of the fact that we raised our funding the last year, it was a good amount of money, we still have a lot of that in the bank, so we going to be very secure. At the same time, our customers are probably going to need us more than ever. Call centers are in more demand than ever, people can't walk up to a bank branch, they can't go up to a hospital without taking an appointment. So the first thing everyone is doing is trying to reach call centers. There aren't enough people, and anyways the work force that call centers have around the world, are 50% working from home, so the capacity has dropped. So our responsibility almost, is to step up, and have our AI and automation products available to as many call centers as we can. So as we are planning our own business continuity, and making sure every single employee is safe, the message to my team was we also have to be aggressive and making sure we are more out there, and more available, to our customers, that would also mean business growth for us. But first, and foremost is for us to be responsible citizens, and just make it available where it's needed. As we did that, I quickly went back to my leadership team, and again, the learning from John is usually it's more of a consensus driven approach, we go around the table, talk about a topic for a couple of hours, get the consensus, and move out of the room. My leadership meetings, they have become more frequent, we get together once a week, on video call with my executive leaders, and it's largely these days run by me. I broke down the team into five different war rooms, with different objectives. One of them we called it the preservation, we said one leader, supported by others will take the responsibility of making sure every single employee, their families, and our current customers, are addressed, taken care of. So we made somebody lead that group. Another group was made responsible for growth. Business needs to, you know, in a company that's growing at 300%, and we still have the opportunity, because call centers need us more than ever, we wanted to make sure we are responding to growth, and not just hunkering down, and, you know, ignoring the opportunity. So we had a second war room take care of the growth. And a third war room, lead by the head of finance, to look at all the financial scenarios, do the stress tests, and see if we are going to be ready for any eventuality that's going to come. Because, you know, we have a huge amount of people, who work at Uniphore around the world, and we wanted to make sure their well being is taken care of. So from being over communicative, to the team and customers, and being out there personally, to making sure we break down the teams. We have tremendous talent, and we let different people, set of people, run different set of priorities, and report back to me more frequently. And now, as we have settled into this rhythm, Jeff, you know, as we've been in, at least in the Bay area here, we've been shelter in place for about a month now. As we are in the rhythm, we are beginning to do virtual happy hours, every Thursday evening. Right after this call, I get together with my team with a glass of wine, and we get together, we talk every but work, and every employee, it's not divided by functions, or leadership, and we are getting the rhythm back into the organization. So we've gone and adjusted in the crisis, I would say very well. And the business is just humming along, as we had anticipated, going into this crisis. But I would say, if I didn't have John by my side, if I hadn't read his book, the number of times that I have, every plane ride we've done together, every place we've gone together, John has spoken about war stories. About the 2001, about 2008, and until you face the first one of your own, just like I did right now, you don't appreciate when John says leadership is lonely. But having him by our side makes it easier. >> Well I'm sure he's told you the Jack Welch story, right? That you've quoted before, John, where Jack told you that you're not really a good leader, yet, until you've been tested, right. So you go through some tough stuff, it's not that hard to lead on an upward to the right curve, it's when things get a little challenging that the real leadership shines through. >> Completely agree, and Jack said it the best, we were on our way to becoming the most valuable company in the world, he looked me in the eye and said "John, you have a very good company." And I knew he was about to give me a teaching moment, and I said "What does it take to have a great one?" He said a near death experience. And I thought I did that in '97, and some of the other management, and he said, "No, it's when you went through something "like we went through in 2001, "which many of our peers did die in." And we were knocked down really hard. When we came back from it, you get better. But what you see in Umesh is a very humble, young CEO. I have to remember he's only 34 years old, because his maturity is like he's 50, and he's seen it before. As you tell, he's like a sponge on learning, and he doesn't mind challenging. And what what he didn't say, in his humbleness, is they had the best month in March ever. And again, well over 300% versus the same quarter a year ago. So it shows you, if you're in the right spot, i.e. artificial intelligence, i.e. cost savings, i.e. customer relationship with their customers, how you can grow even during the tough times, and perhaps set a bold vision, based upon facts and a execution plan that very few companies will be able to deliver on today. So off to a great start, and you can see why I'm so honored and proud to be his strategic partner, and his coach. >> Well it's interesting, right, the human toll of this crisis is horrible, and there's a lot of people getting sick, and a lot of people are dying, and all the estimations are a lot more are going to die this month, as hopefully we get over the hump of some of these curves. So that aside, you know, we're here talking kind of more about the, kind of, the business of this thing. And it's really interesting kind of what a catalyst COVID has become, in terms of digital transformation. You know, we've been talking about new ways to work for years, and years, and years, and digital transformation, and all these kind of things. You mentioned the Cisco telepresence was out years, and decades ago. I mean I worked in Mitsubishi, we had a phone camera in 1986, I looked it up today, it was ridiculous, didn't work. But now, it's here, right. Now working from home is here. Umesh mentioned, you know, these huge call centers, now everybody's got to go home. Do they have infrastructure to go home? Do they have a place to work at home? Do they have support to go home? Teachers are now being forced, from K-12, and I know it's a hot topic for you, John, to teach from home. Teach on Zoom, with no time to prep, no time to really think it through. It's just like the kids aren't coming back, we got to learn it. You know I think this is such a transformational moment, and to your point, if this goes on for weeks, and weeks, and months, and months, which I think we all are in agreement that it will. I think you said, John, you know, many, many quarters. As people get new habits, and get into this new flow, I don't think they're going to go back back to the old ways. So I think it's a real, you know, kind of forcing function for digital transformation. And it's, you can't, you can't sit on the sidelines, cause your people can't come to the office anymore. >> So you've raised a number of questions, and I'll let Umesh handle the tough part of it. I will answer the easy part, which is I think this is the new normal. And I think it's here now, and the question is are you ready for it. And as you think about what we're really saying is the video sessions will become such an integral part of our daily lives, that we will not go back to having to do 90% of our work physically. Today alone I've done seven major group meetings, on Zoom, and Google Hangouts, and Cisco Webex. I've done six meetings with individuals, or the key CEOs of my portfolio. So that part is here to stay. Now what's going to be fascinating is does that also lead into digitization of our company, or do the companies make the mistake of saying I'm going to use this piece, because it's so obvious, and I get it, in terms of effectiveness, but I'm not going to change the other things in my normal work, in my normal business. This is why, unfortunately, I think you will see, we originally said, Jeff, you remember, 40% maybe as high as 45% of the Fortune 500 wouldn't exist in a decade. And perhaps 70% of the start-ups wouldn't exist in a decade, that are venture capital backed. I now think, unfortunately, you're going to see 20-35% of the start-ups not exist in 2 years, and I think it's going to shock you with the number of Fortune 500 companies that do not make this transition. So where you're leading this, that I completely agree with, is the ability to take this terrible event, with all of the issues, and again thank our healthcare workers for what they've been able to do to help so many people, and deal with the world the way it is. As my parents who are doctors taught me to do, not the way we wish it was. And then get your facts, prepare for the changes, and get ready for the future. The key would be how many companies do this. On the area Umesh has responsibility for, customer experience, I think you're going to see almost all companies focus on that. So it can be an example of perhaps how large companies learn to use the new technology, not just video capability, but AI, assistance for the agents, and then once they get the feel for it, just like we got the feel for these meetings, change their rhythm entirely. It was a dinner in New York, virtually, when we stopped, six weeks ago, traveling, that was supposed to be a bunch of board meetings, customer meetings, that was easy. But we were supposed to have a dinner with Shake Shack's CEO, and we were supposed to have him come out and show how he does cool innovation. We had a bunch of enterprise companies, and a bunch of media, and subject matter expertise, we ended up canceling it, and then we said why not do it virtually? And to your point, we did it in 24 different locations. Half the people, remember six weeks ago, had never even used Zoom. We had milk shakes, and hamburgers, and french fries delivered to their home. And it was one of the best two hour meetings I've seen. The future is this now. It's going to change dramatically, and Umesh, I think, is going to be at the front edge of how enterprise companies understand how their relationship with their customers is going to completely transform, using AI, conversational AI capability, speech recognition, et cetera. >> Yeah, I mean, Umesh, we haven't even really got into Uniphore, or what you guys are all about. But, you know, you're supporting call centers, you're using natural language technology, both on the inbound and all that, give us the overview, but you're playing on so many kind of innovation spaces, you know, the main interaction now with customers, and a brand, is either through the mobile phone, or through a call center, right. And that's becoming more, and increasingly, digitized. The ability to have a voice interaction, with a machine. Fascinating, and really, I think, revolutionary, and kind of taking, you know, getting us away from these stupid qwerty keyboards, which are supposed to slow us down on purpose. It's still the funniest thing ever, that we're still using these qwerty keyboards. So I wonder if you can share with us a little bit about, you know, kind of your vision of natural language, and how that changes the interaction with people, and machines. I think your TED Talk was really powerful, and I couldn't help but think of, you know, kind of mobile versus land lines, in terms of transformation. Transforming telecommunications in rural, and hard to serve areas, and then actually then adding the AI piece, to not only make it better for the front end person, but actually make it for the person servicing the account. >> Absolutely Jeff, so Uniphore, the company that I founded in 2008. We were talking about it's such a coincidence that I founded the company in 2008, the year of the Great Recession, and here we are again, talking in midst of the impact that we all have because of COVID. Uniphore does artificial intelligence and automation products, for the customer service industry. Call centers, as we know it, have fundamentally, for the last 20, 30 years, not have had a major technology disruption. We've seen a couple of ways of business model disruption, where call centers, you know, started to become offshore, in locations in Asia, India, and Mexico. Where our calls started to get routed around the world internationally, but fundamentally, the core technology in call centers, up until very recently, hadn't seen a major shift. With artificial intelligence, with natural language processings, speech recognition, available in over 100 languages. And, you know, in the last year or so, automation, and RPA, sort of adding to that mix, there's a whole new opportunity to re-think what customer service will mean to us, more in the future. As I think about the next five to seven years, with 5G happening, with 15 billion connected devices, you know, my five year old daughter, she the first thing she does when she enters the house from a playground, she goes to talk to her friend called Alexa. She speaks to Alexa. So, you know, these next generation of users, and technology users will grow up with AI, and voice, and NLP, all around us. And so their expectation of customer service and customer experience is going to be quantum times higher than some of us have, from our brands. I mean, today when a microwave or a TV doesn't work in our homes, our instinct could be to either go to the website of the brand, and try to do a chat with the agent, or do an 800 number phone call, and get them to visit the house to fix the TV. With, like I said with 5G, with TV, and microwave, and refrigerator becoming intelligent devices, you know, I could totally see my daughter telling the microwave "Why aren't you working?" And, you know, that question might still get routed to a remote contact center. Now the whole concept of contact center, the word has center in it, which means, in the past, we used to have these physical, massive locations, where people used to come in and put on their headsets to receive calls. Like John said, more than ever, we will see these centers become dispersed, and virtual. The channels with which these queries will come in would no more be just a phone, it would be the microwave, the car, the fridge. And the receivers of these calls would be anywhere in the world, sitting in their home, or sitting on a holiday in the Himalayas, and answering these situations to us. You know, I was reading, just for everyone to realize how drastic this shift has been, for the customer service industry. There are over 14 million workers, who work in contact centers around the world. Like I said, the word center means something here. All of them, right now, are working remote. This industry was never designed to work remote. Enterprises who fundamentally didn't plan for this. To your point Jeff, who thought digitization or automation, was a project they could have picked next year, or they were sitting on the fence, will now know more have a choice to make this adjustment. There's a report by a top analyst firm that said by 2023, up to 30% of customer service representatives would be remote. Well guess what, we just way blew past that number right away. And most of the CEOs that I talked to recently tell me that now that this shift has happened, about 40% of their workers will probably never return back to the office. They will always remain a permanent virtual workforce. Now when the workforce is remote, you need all the tools and technology, and AI, that A, if on any given day, 7-10% of your workforce calls in sick, you need bots, like the Amazon's Alexa, taking over a full conversation. Uniphore has a product called Akira, which does that in call centers. Most often, when these call center workers are talking, we have the experience of being put on hold, because call center workers have to type in something on their keyboard, and take notes. Well guess what, today AI and automation can assist them in doing that, making the call shorter, allowing the call center workers to take a lot more calls in the same time frame. And I don't know your experience, but, you know, a couple of weekends ago, the modem in my house wasn't working. I had a seven hour wait time to my service provider. Seven hour. I started calling at 8:30, it was somewhere around 3-4:00, finally, after call backs, wait, call back, wait, that it finally got resolved. It was just a small thing, I just couldn't get to the representative. So the enterprises are truly struggling, technology can help. They weren't designed to go remote, think about it, some of the unique challenges that I've heard now, from my customers, is that how do I know that my call center representative, who I've trained over years to be so nice, and empathetic, when they take a pee break, or a bio break, they don't get their 10 year old son to attend a call. How do I know that? Because now I can no more physically check in on them. How do I know that if I'm a bank, there's compliance? There's nothing being said that isn't being, is, you know, supposed to be said, because in a center, in an office, a supervisor can listen in. When everyone's remote, you can't do that. So AI, automation, monitoring, supporting, aiding human beings to take calls much better, and drive automation, as well as AI take over parts of a complete call, by the way of being a bot like Alexa, are sort of the things that Uniphore does, and I just feel that this is a permanent shift that we are seeing. While it's happening because of a terrible reason, the virus, that's affecting human beings, but the shift in business and behavior, is going to be permanent in this industry. >> Yeah, I think so, you know it's funny, I had Marten Mickos on, or excuse me, yeah, Marten Mickos, as part of this series. And I asked him, he's been doing distributed companies since he was doing MySQL, before Sun bought them. And he's, he was funny, it's like actually easier to fake it in an office, than when you're at home, because at home all you have to show is your deliverables. You can't look busy, you can't be going to meetings, you can't be doing things at your computer. All you have to show is your output. He said it's actually much more efficient, and it drives people, you know, to manage to the output, manage to what you want. But I want to shift gears a little bit, before we let you go, and really talk a little bit about the role of government. And John, I know you've been very involved with the Indian government, and the French government, trying to help them, in their kind of entrepreneurial pursuits, and Uniphore, I think, was founded in India, right, before you moved over here. You know we've got this huge stimulus package coming from the U.S. government, to try to help, as people, you know, can't pay their mortgage, a lot of people aren't so fortunate to be in digital businesses. It's two trillion dollars, so as kind of a thought experiment, I'm like well how much is two trillion dollars? And I did the cash balance of the FAANG companies. Facebook, Apple, Amazon, Netflix, and Alphabet, just looking at Yahoo Finance, the latest one that was there. It's 333 billion, compared to two trillion. Even when you add Microsoft's 133 billion on top, it's still shy, it's still shy of 500 billion. You know, and really, the federal government is really the only people in a position to make kind of sweeping, these types of investments. But should we be scared? Should we be worried about, you know, kind of this big shift in control? And should, do you think these companies with these big balance sheets, as you said John, priorities change a little bit. Should it be, keep that money to pay the people, so that they can stay employed and pay their mortgage, and go buy groceries, and maybe get take out from their favorite restaurant, versus, you know, kind of what we've seen in the past, where there's a lot more, you know, stock buy backs, and kind of other uses of these cash. As you said, if it's a crisis, and you got to cut to survive, you got to do that. But clearly some of these other companies are not in that position. >> So you, let me break it into two pieces, Jeff, if I may. The first is for the first time in my lifetime I have seen the federal government and federal agencies move very rapidly. And if you would have told me government could move with the speed we've seen over the last three months, I would have said probably not. The fed was ahead of both the initial interest rate cuts, and the fed was ahead in terms of the slowing down, i.e. your 2 trillion discussion, by central banks here, and around the world. But right behind it was the Treasury, which put on 4 trillion on top of that. And only governments can move in this way, but the coordination with government and businesses, and the citizens, has been remarkable. And the citizens being willing to shelter in place. To your question about India, Prime Minister Modi spent the last five years digitizing his country. And he put in place the most bandwidth of any country in the world, and literally did transformation of the currency to a virtual currency, so that people could get paid online, et cetera, within it. He then looked at start-ups and job creation, and he positioned this when an opportunity or problem came along, to be able to perhaps navigate through it in a way that other countries might struggle. I would argue President Macron in France is doing a remarkable job with his innovation economy, but also saying how do you preserve jobs. So you suddenly see government doing something that no business can do, with the scale, and the speed, and a equal approach. But at the same time, may of these companies, and being very candid, that some people might have associated with tech for good, or with tech for challenges, have been unbelievably generous in giving both from the CEOs pockets perspective, and number two and three founders perspective, as well as a company giving to the CDC, and giving to people to help create jobs. So I actually like this opportunity for tech to regain its image of being good for everybody in the world, and leadership within the world. And I think it's a unique opportunity. For my start-ups, I've been so proud, Jeff. I didn't have to tell them to go do the right thing with their employees, I didn't have to tell them that you got to treat people, human lives first, the economy second, but we can do both in parallel. And you saw companies like Sprinklr suddenly say how can I help the World Health Organization anticipate through social media, where the next spread of the virus is going to be? A company, like Bloom Energy, with what KR did there, rebuilding all of the ventilators that were broken here in California, of which about 40% were, out of the stock that they got, because it had been in storage for so long, and doing it for all of California in their manufacturing plant, at cost. A company like Aspire Foods, a cricket company down in Texas, who does 3D capabilities, taking part of their production in 3D, and saying how many thousand masks can I generate, per week, using 3D printers. You watch what Umesh has done, and how he literally is changing peoples lives, and making that experience, instead of being a negative from working at home, perhaps to a positive, and increasing the customer loyalty in the process, as opposed to when you got a seven hour wait time on a line. Not only are you probably not going to order anything else from that company, you're probably going to change it. So what is fascinating to me is I believe companies owe an obligation to be successful, to their employees, and to their shareholders, but also to give back to society. And it's one of the things I'm most proud about the portfolio companies that I'm a part of, and why I'm so proud of what Umesh is doing, in both a economically successful environment, but really giving back and making a difference. >> Yeah, I mean, there's again, there's all the doctor stuff, and the medical stuff, which I'm not qualified to really talk about. Thankfully we have good professionals that have the data, and the knowledge, and know what to do, and got out ahead of the social distancing, et cetera, but on the backside, it really looks like a big data problem in so many ways, right. And now we have massive amounts of compute at places like Amazon, and Google, and we have all types of machine learning and AI to figure out, you know, there's kind of resource allocation, whether that be hospital beds, or ventilators, or doctors, or nurses, and trying to figure out how to sort that all out. But then all of the, you know, genome work, and you know, kind of all that big heavy lifting data crunching, you know, CPU consuming work, that hopefully is accelerating the vaccine. Because I don't know how we get all the way out of this until, it just seems like kind of race to the vaccine, or massive testing, so we know that it's not going to spike up. So it seems like there is a real opportunity, it's not necessarily Kaiser building ships, or Ford building planes, but there is a role for tech to play in trying to combat this thing, and bring it under control. Umesh, I wonder if you could just kind of contrast being from India, and now being in the States for a couple years. Anything kind of jump out to you, in terms of the differences in what you're hearing back home, in the way this has been handled? >> You know, it's been very interesting, Jeff, I'm sure everyone is concerned that India, for many reasons, so far hasn't become a big hot spot yet. And, you know, we can hope and pray that that remains to be the case. There are many things that the government back home has done, I think India took lessons from what they saw in Europe, and the U.S, and China. They went into a countrywide lockdown pretty early, you know, pretty much when they were lower than a two hundred positive tested cases, the country went into lockdown. And remember this is a 1.5 billion people all together going into lockdown. What I've seen in the U.S. is that, you know, California thankfully reacted fast. We've all been sheltered in place, there's cabin fever for all of us, but you know, I'm sure at the end of the day, we're going to be thankful for the steps that are taken. Both by the administration at the state level, at the federal level, and the medical doctors, who are doing everything they can. But India, on the other hand, has taken the more aggressive stance, in terms of doing a country lockdown. We just last evening went live at a University in the city of Chennai, where Uniphore was born. The government came out with the request, much like the U.S., where they're government departments were getting a surge of traffic about information about COVID, the hospitals that are serving, what beds are available, where is the testing? We stood up a voice bot with AI, in less than a week, in three languages. Which even before the government started to advertise, we started to get thousands of calls. And this is AI answering these questions for the citizens, in doing so. So it goes back to your point of there's a real opportunity of using all the technology that the world has today, to be put to good use. And at the same time, it's really partnering meaningfully with government, in India, in Singapore, in Vietnam, and here in the U.S., to make sure that happens on, you know, John's coaching and nudging, I became a part of the U.S.-India Strategic Partnership Forum, which is truly a premier trade and commerce body between U.S. and India. And I, today, co-chaired the start-up program with, you know, the top start-ups between U.S. and India, being part of that program. And I think we got, again, tremendously fortunate, and lucky with the timeline. We started working on this start-up program between U.S. and India, and getting the start-ups together, two quarters ago, and as this new regulation with the government support, and the news about the two trillion dollar packages coming out, and the support for small businesses, we could quickly get some of the questions answered for the start-ups. Had we not created this body, which had the ability to poll the Treasury Department, and say here are questions, can start-ups do A, B, and C? What do you have by way of regulation? And I think as a response to one of our letters, on Monday the Treasury put out an FAQ on their website, which makes it super clear for start-ups and small businesses, to figure out whether they qualify or they don't qualify. So I think there's ton that both from a individual company, and the technology that each one of us have, but also as a community, how do we, all of us, meaningfully get together, as a community, and just drive benefit, both for our people, for the economy, and for our countries. Wherever we have the businesses, like I said in the U.S., or in India, or parts of Asia. >> Yeah, it's interesting. So, this is a great conversation, I could talk to you guys all night long, but I probably would hear about it later, so we'll wrap it, but I just want to kind of close on the following thought, which is really, as you've talked about before John, and as Umesh as you're now living, you know, when we go through these disruptions, things do get changed, and as you said a lot of people, and companies don't get through it. On the other hand many companies are birthed from it, right, people that are kind of on the new trend, and are in a good position to take advantage, and it's not that you're laughing over the people that didn't make it, but it does stir up the pot, and it sounds like, Umesh, you're in a really good position to take advantage of this new kind of virtual world, this new digital transformation, that's just now waiting anymore. I love your stat, they were going to move X% out of the call center over some period of time, and then it's basically snap your fingers, everybody out, without much planning. So just give you the final word, you know, kind of advice for people, as they're looking forward, and Umesh, we'll get you on another time, because I want to go deep diving in natural language, I think that's just a fascinating topic in the way that people are going to interact with machines and get rid of the stupid qwerty keyboard. But let me get kind of your last thoughts as we wrap this segment. Umesh we'll let you go first. >> Umesh, you want to go first? >> I'll go first. My last thoughts are first for the entrepreneurs, everyone who's sort of going through this together. I think in difficult times is when real heroes are born. I read a quote that when it's a sunny day, you can't overtake too many cars, but when it's raining you have a real opportunity. And the other one that I read was when fishermen can't go out fishing, because of the high tide, they come back, and mend their nets, and be ready for the time that they can go out. So I think there's no easy way to say, this is a difficult time for the economy, health wise, I hope that, you know, we can contain the damage that's being done through the virus, but some of us have the opportunity to really take our products and technology out there, more than usual. Uniphore, particularly, has a unique opportunity, the contact center industry just cannot keep up with the traffic that it's seeing. Around the world, across US, across Asia, across India, and the need for AI and automation would never be pronounced more than it is today. As much as it's a great business opportunity, it's more of a responsibility, as I see it. There can be scale up as fast as the demand is coming, and really come out of this with a much stronger business model. John has always told me in final words you always paint the picture of what you want to be, a year or two out. And I see Uniphore being a much stronger AI plus automation company, in the customer service space, really transforming the face of call centers, and customer service. Which have been forced to rethink their core business value in the last few weeks. And, you know, every fence sitter who would think that digitalization and automation was an option that they could think of in the future years, would be forced to make those decisions now. And I'm just making sure that my team, and my company, and I, am ready to gear to that great responsibility and opportunity that's ahead of us. >> John, give you the final word. >> Say Jeff, I don't know if you can still hear me, we went blank there, maybe for me to follow up. >> We gotcha. >> Shimon Peres taught me a lot about life, and dealing with life the way it is, not the way you wish it was. So did my parents, but he also taught me it always looks darkest just before the tide switches, and you move on to victory. I think the challenges in front of us are huge, I think our nation knows how to deal with that, I do believe the government has moved largely pretty effectively, to give us the impetus to move, and then if we continue to flatten the curve on the issues with the pandemic, if we get some therapeutic drugs that dramatically reduce the risk of death, for people that get the challenges the worst, and over time a vaccine, I think you look to the future, America will rebound, it will be rebounding around start-ups, new job creation, using technology in every business. So not only is there a light at the tunnel, at the end of the tunnel, I think we will emerge from this a stronger nation, a stronger start-up community. But it depends on how well we work together as a group, and I just want to say to Umesh, it's an honor to be your coach, and I learn from you as much as I give back. Jeff, as always, you do a great job. Thank you for your time today. >> Thank you both, and I look forward to our next catch up. Stay safe, wash your hands, and thanks for spending some time with us. >> And I just want to say I hope and pray that all of us can get together in Palo Alto real quick, and in person, and doing fist bumps, not shake hands or probably a namaste. Thank you, it's an honor. >> Thank you very much. All right, that was John and Umesh, you're watching theCUBE from our Palo Alto Studios, thanks for tuning in, stay safe, wash your hands, keep away from people that you're not that familiar with, and we'll see you next time. Thanks for watching. (calm music)

(soft music) >> Narrator: From theCUBE studios in Palo Alto in Boston, connecting with thought leaders all around the world: this is a CUBE conversation. >> Everyone, welcome to this special cube conversation. We're here in the Palo Alto studios, where I am; here during this critical time during the corona virus and this work at home current situation across the United States and around the world. We've got a great interview here today around cybersecurity and the threats that are out there. The threats that are changing as a result of the current situation. We got two great guests; Derek Manky, Chief Security Insights and Global Threat Alliances at FortiGuard labs. And Renee Tarun, deputy Chief Information Security Officer with Fortinet net. Guys, thanks for remotely coming in. Obviously, we're working remotely. Thanks for joining me today on this really important conversation. >> It's a pleasure to be here. >> Thanks for having us. >> So Renee and Derek. Renee, I want to start with you as deputing CISO. There's always been threats. Every day is a crazy day. But now more than ever over the past 30 to 45 days we've seen a surge in activity with remote workers. Everyone's working at home. It's disrupting family's lives. How people do business. And also they're connected to the internet. So it's an endpoint. It's a (laughs) hackable environment. We've had different conversation with you guys about this. But now more than ever, it's an at scale problem. What is the impact of the current situation for that problem statement of from working at home, at scale. Are there new threats? What's happening? >> Yeah, I think you're seeing some organizations have always traditionally had that work at home ability. But now what you're seeing is now entire workforces that are working home and now some companies are scrambling to ensure that they have a secure work at home for teleworkers at scale. In addition some organizations that never had a work from home practice are now being forced into that and so a lot of organizations now are faced with the challenge that employees are now bringing their own device into connecting to their networks. 'Cause employees can't be bring their workstations home with them. And if they don't have a company laptop they're of course using their own personal devices. And some personal devices are used by their kids. They're going out to gaming sites that could be impacted with malware. So it creates a lot of different challenges from a security perspective that a lot of organizations aren't necessarily prepared for. It's not only from a security but also from a scalability perspective. >> When I'm at home working... I came into the studio to do this interview. So I really wanted to talk to you guys. But when I'm at home, this past couple weeks. My kids are home. My daughter is watching Netflix. My son's gaming, multiplayer gaming. The surface area from a personnel standpoint or people standpoint is increased. My wife's working at home. My daughters there, two daughters. So this is also now a social issue because there are more people on the WiFi, there's more bandwidth being used. There's more fear. This has been an opportunity for the hackers. This crime of fear using the current situation. So is it changing how you guys are recommending people protect themselves at home? Or is it just accelerating a core problem that you've seen before? >> Yeah, so I think it's not changing. It's changing in terms of priority. I mean, all the things that we've talked about before it's just becoming much more critical. I think, at this point in time. If you look at any histories that we've... Lessons we've learned from the past or haven't learned (laughs). That's something that is just front and center right now. We've seen attack campaigns on any high level news. Anything that's been front and center. And we've seen successful attack campaigns in the past owing to any sort of profile events. We had Olympic destroyer last last Olympic period, when we have them in Korea as an example, in South Korea. We've seen... I can go back 10 years plus and give a History timeline, every single there's been something dominating the news. >> John: Yeah. And there's been attack campaigns that are leveraged on that. Obviously this is a much higher focus now given the global news domination that's happening with COVID. The heightened fear and anxiety. Just the other day FortiGuard labs, we pulled up over 600 different phishing emails and scam attempts for COVID-19. And we're actively poring through those. I expect that number to increase. Everybody is trying to hop on this bandwagon. I was just talking to our teams from the labs today. Groups that we haven't seen active since about 2011, 2012. Malware campaign authors. They're riding this bandwagon right now as well. So it's really a suction if you will, for these cyber criminals. So all of the things that we recommend in the past, obviously being vigilant, looking at those links coming in. Obviously, there's a lot of impersonators. There's a lot of spoofing out there. People prefer pretending to be the World Health Organization. We wrote a blog on this a couple of weeks back. People have to have this zero trust mentality coming in. Is everyone trying to ride on this? Especially on social networks, on emails. Even phishing and voice vishing. So the voice phishing. You really have to put more... People have to put more of a safeguard up. Not only for their personal health like everyone's doing the social distancing but also virtual (laughs) social distancing when it comes to really trusting who's trying to send you these links. >> Well, I'm glad you guys have the FortiGuard guard labs there. And I think folks watching should check it out and keep sending us that data. I think watching the data is critical. Everyone's watching the data. They want the real data. You brought up a good point, Rene. I want to get your thoughts on this because the at scale thing really gets my attention because there's more people at home as I mentioned from a social construct standpoint. Work at home is opening up new challenges for companies that haven't been prepared. Even though ones that are prepared have known at scale. So you have a spectrum of challenges. The social engineering is the big thing on Phishing. You're seeing all kinds of heightened awareness. It is a crime of opportunity for hackers. Like Derek just pointed out. What's your advice? What's your vision of what's happening? How do you see it evolving? And what can people do to protect themselves? What's the key threats? And what steps are people taking? >> Yeah, I think, like Derek said, kind of similar how in the physical world we're washing our hands. We're keeping 6 feet away from people. We could distance from our adversaries, as well. Again when you're looking at your emails ensuring that you're only opening attachments from people that you know. Hovering over the links to ensure that they are from legitimate sources. And being mindful that when you're seeing these type of attacks coming in, whether they are coming through emails. Through your phones. Take a moment and pause and think about would someone be contacting me through my cell phone? Through sending me a text message? or emails asking me for personal information? Asking me for user IDs and passwords, credential and information. So you kind of need to take that second and really think before you start taking actions. And similar to opening attachments we've seen a lot of cases where someone attaches a PDF file to an email but when you open up the PDF it's actually a malware. So you need to be careful and think to yourself, was I expecting this attachment? Do I know the person? And take steps to actually follow up and call that person directly and say, "Hey, did you really send this to me? "Is this legitimate?" >> And the thing-- >> You got to to be careful what you're opening up. Which links you click on. But while I got you here, I want to get your opinion on this because there's digital attacks and then there's phone based attacks. We all have mobile phones. I know this might be a little bit too elementary, but I do want to get it out there. Can you define the difference in phishing and spear phishing for the folks that are trying to understand the difference in phishing and spear phishing techniques. >> The main difference is spear phishing is really targeting a specific individual, or within a specific role within a company. For example, targeting like the CEO or the CFO. So those are attacks that are specifically targeting a specific individual or specific role. Where phishing emails are targeting just mass people regardless of their roles and responsibilities. >> So I'm reading the blog post that you guys put out. Which I think everyone... I'll put the link on SiliconANGLE later. But it's on fortinet.com Under digital attacks you've got the phishing and spear phishing which is general targeting an email or individually spear spearing someone specifically. But you guys list social media deception, pre-texting and water holing as the key areas. Is that just based on statistics? Or just the techniques that people are using? Can you guys comment on and react to those different techniques? >> Yeah, so I think with the water holing specifically as well. The water holing attack refers to people that every day as part of their routine going to some sort of, usually a news source. It could be their favorite sites, social media, etc. Those sorts of sources because it's expected for people to go and drink from a water hole, are prime targets to these attackers. They can be definitely used for spear phishing but also for the masses for these phishing campaigns. Those are more effective. Attackers like to cast a wide net. And it's especially effective if you think of the climate that's happening right now, like you said earlier at the start of this conversation. That expanded attack surface. And also the usage of bandwidth and more platforms now applications. There's more traffic going to these sites simply. People have more time at home through telework. To virtually go to these sites. And so, yeah. Usually what we see in these water holing attacks can be definitely phishing sites that are set up on these pages. 'Cause they might have been compromised. So this is something even for people who are hosting these websites, right? There's always two sides of the coin. You got security of your client side security And your service side security-- >> So spear phishing is targeting an individual, water holing is the net that gets a lot of people and then they go from there. Can you guys, Renee or Derek talk about social media deception and pretexting. These are other techniques as well that are popular. Can you guys comment and define those? >> Yeah, so some of the pretexting that you're saying is what's happening is adversaries are either sending text, trying to get people to click on links, go to malicious sites. And they're also going setting up these fabricated stories and they're trying to call. Acting like they're a legitimate source. And again, trying to use tactics and a lot of times scare tactics. Trying to get people to divulge information, personal information. Credit card numbers, social security numbers, user IDs and passwords to gain access to either-- >> So misinformation campaigns would be an example that like, "I got a coven virus vaccine, put your credit card down now and get on the mailing list." Is that was that kind of the general gist there? >> Absolutely. >> Okay. >> And we've also seen as another example, and this was in one of our blogs I think about a couple weeks ago some of the first waves of these attacks that we saw was also again, impersonating to be the World Health Organization as part of pretexting. Saying that there's important alerts and updates that these readers must read in their regions, but they're of course malicious documents that are attached. >> Yeah, how do people just get educated on this? This is really challenging because if you're a nerd like us you can know what a URL looks like. And you can tell it's a host server or host name, it's not real. But when they're embedded in these social networks, how do you know? what's the big challenge? Just education and kind of awareness? >> Yeah, so I'll just jump in quickly on that. From my point of view, it's the whole ecosystem, right? There's no just one silver bullet. Education, cyber hygiene for sure. But beyond that obviously, this is where the security solutions pop in. So having that layered defense, right? That goes a long way of everything from anti-spam to antivirus. To be able to scan those malicious attachments. Endpoint security. Especially now in the telework force that we're dealing with having managed endpoint security from distributed enterprise angle is very important because all of these workstations that were within the corporate network before are now roaming--quote unquote--roaming or from home. So it's a multi-pronged approach, really. But education is of course a very good line of defense for our employees. And I think updated education on a weekly basis. >> Okay, before we get to the remote action steps, 'Cause I think the remote workers at scales like the critical problem that we're seeing now. I want to just close out this attack social engineering thing. There's also phone based attacks. We all have mobile phones, right? So we use such smartphones. There's other techniques in that. What are the techniques for the phone based attacks? >> Yeah, a lot of times you'll see adversaries, they're spoofing other phones. So what happens is that when you receive a call or a text it looks like it's coming from a number in your local area. So a lot of times that kind of gives you a false sense of security thinking in that it is a legitimate call when in reality they're simply just spoofing the number. And it's really coming from somewhere else in the country or somewhere else in the world. >> So I get a call from Apple support and it's not Apple support. They don't have a callback, that's spoofing? >> That's one way but also the number itself. When you see the number coming in. For example, I'm in the 410 area code. Emails coming in from my area code with my exchange is another example where it looks like it's someone that's either a close friend or someone within my community when in reality, it's not. >> And at the end of the day too the biggest red flags for these attacks are unsolicited information, right? If they're asking for any information always, always treat that as a red flag. We've seen this in the past. Just as an example with call centers, hotels too. Hackers have had access right to the switchboards to call guests rooms and say that there's a problem at the front desk and they just want to register the users information and they asked for credit card guest information to confirm all sorts of things. So again, anytime information is asked for always think twice. Try to verify. Callback numbers are a great thing. Same thing in social media if someone's messaging you, right? Try to engage in that dialect conversation, verify their identity. >> So you got-- >> That's also another good example of social media, is another form of essential engineering attacks is where people are creating profiles in say for example, LinkedIn. And they're acting like they're either someone from your company or a former colleague or friend as another way to try and make that human to human connection in order to do malicious things. >> Well, we've discussed with you guys in the past around LinkedIn as a feeding ground for spear phishing because, "Hey, here, don't tell your boss but here's "a PDF job opening paying huge salary. "You're qualified." Of course I'm going to look at that, right? So and a lot of that goes on. We see that happen a lot. I want to get your thoughts, Renee on the the vishing and phishing. Smishing is the legitimate source spoofing and vishing is the cloaking or spoofing, right? >> Yeah, smishing is really the text based attacks that you're seeing through your phones. Vishing is using more of a combination of someone that is using a phone based attack but also creating a fake profile, creating a persona. A fabricated story that's ultimately fake but believable. And to try and encourage you to provide information, sensitive information. >> Well, I really appreciate you guys coming on and talking about the attackers trying to take advantage of the current situation. The remote workers again, this is the big at scale thing. What are the steps that people can take, companies can take to protect themselves from or the at scale remote worker situation that could be going on for quite some time now? >> Yeah. So again, at that scale with people in this new normal as we call it, teleworking. Being at scale is... Everyone has to do their part. So I would recommend A from an IT standpoint, keeping all employees virtually in the loop. So weekly updates from security teams. The cyber hygiene practice, especially patch management is critically important too, right? You have a lot of these other devices connected to networks, like you said. IoT devices, all these things that are all prime attack targets. So keeping all the things that we've talked about before, like patch management. Be vigilant on that from an end user perspective. I think especially putting into the employees that they have to be aware that they are highly at risk for this. And I think there has to be... We talked about changes earlier. In terms of mentality education, cyber hygiene, that doesn't change. But I think the way that this isn't forced now, that starts with the change, right? That's a big focus point especially from an IT security standpoint. >> Well, Derek, keep that stat and keep those stats coming in to us. We are very interested. You got the insight. You're the chief of the insights and the global threat. You guys do a great job at FortiGuard guard labs. That's phenomenal. Renee, I'd like you to have the final word on the segment here and we can get back to our remote working and living. What is going on the mind of the CISO right now? Because again, a lot of people are concerned. They don't know how long it's going to last. Certainly we're now in a new normal. Whatever happens going forward as post pandemic world, what's going on in the mind of the CISO right now? What are they thinking? What are they planning for? What's going on? >> Yeah, I think there's a lot of uncertainty. And I think the remote teleworking, again, making sure that employees have secure remote access that can scale. I think that's going to be on the forefront. But again, making sure that people connecting remotely don't end up introducing additional potential vulnerabilities into your network. And again, just keeping aware. Working closely with the IT teams to ensure that we keep our workforces updated and trained and continue to be vigilant with our monitoring capabilities as well as ensuring that we're prepared for potential attacks. >> Well, I appreciate your insights, folks, here. This is great. Renee and Derek thanks for coming on. We want to bring you back in when should do a digital event here in the studio and get the data out there. People are interested. People are making changes. Maybe this could be a good thing. Make some lemonade out of the lemons that are in the industry right now. So thank you for taking the time to share what's going on in the cyber risks. Thank you. >> Thank you, we'll keep those stats coming. >> Okay, CUBE conversation here in Palo Alto with the remote guests. That's what we're doing now. We are working remotely with all of our CUBE interviews. Thanks for watching. I'm John Furrier, co-host to theCUBE. (soft music)

>> Announcer: Live, from Las Vegas, it's The Cube covering Interconnect, 2017. Brought to you by, IBM. >> Hey welcome back everybody, live here in Las Vegas at the Mandalay Bay IMB Interconnect 2017, it's The Cube's exclusive coverage, I'm Jon Furrier, my co-host Dave Vellante, our next guest is Ramesh Gopinath who's the VP of Block Chain Solutions and Research, welcome to The Cube. >> Thank you. >> Block chain front and center, super exciting, it's been trending pretty much throughout the conference, really is an amazing story, big props from the CEO and (mumbles) and a variety of the executives. Watching is instrumental in the future of business, we had Don Tapscott on yesterday really talking about the revolution of what this is all about and he's the author of the book, The Blockchain Revolution, but if blockchain is a game changer shift to how the business will be operating in the future, so just to level step, just give us the one on one blochchain, versus bitcoin, and why IBM is going in this direction and where it came from. >> So blockchain is all about increasing a trust in business transactions. This is something we recognize about a couple of years ago when a small team of us started playing around with, you know, the technology behind bitcoin, right. And we look at it and said hey look, here's an opportunity for the first time for companies to share some information in a secure fashion with each other and, in addition, run some workflows or business processes on top. That was an eye opener for us, it immediately told us this could have applications in all industries, right. And so what do we do first? So we said let's play around with this a little bit. We looked at existing technologies out there for blockchain and to pick the platform you tried a few use cases and realize, oh my god, there is a whole lot to be done to get a blockchain for business, right. And that's how we started this journey, almost a year and a half, two years ago. And we decided to explore that. >> And the key distinction Ramesh, and we know from just highlighting it here for the folks, is bitcoin is a currency that has a blockchain, so it's powering bitcoin. You're talking about something more fundamental for business which is using the blockchain technology for businesses and what bitcoin is to blockchain, business is to blockchain from your standpoint. >> That's right, and also I think the blockchain is really, the inspiration for it comes from bitcoin perhaps, that's a good way of thinking about it. But today for example, the hyperledger version one that was announced earlier this week at this conference is dramatically different from the underlying blockchain and bitcoin in other platforms out there, right. Because it's really built primarily based on requirements that we have gathered by working with hundreds of clients in financial services and supply chain, in public sector, et cetera, and realizing what levels of confidentiality, what levels of privacy, what level of permissioning, you know, who participates in the transaction. All of that is what has led to, what we call the (mumbles)- >> John: Okay somebody's got a question. >> John: I got a follow up on that, but go ahead. >> Uh, just one more point on this but you can follow up on my point. Give us the status of blockchain today for IBM. Lay out the solution because you move from research now to the exclusions group, you have customer action going on, sales motions, solutions motions. What is the architecture, what does it look like, what is the solution today from a blockchain standpoint? >> So, just, you asked what are you doing at a high level, essentially we have three broad, big investments. One is everything to do with you know, opensource in a hyperledger project, I mentioned that. Then there is you package that into a platform, IBM blockchain, high security business network, that was also announced earlier this week. And the third layer is again what you asked about solutions. What we have been doing over the last year, year plus is, in fact, it's an interesting journey, we started out with what I call blockchain tourism, there were a whole bunch of POC's if you want to call it that, starting with financial services initially, but in gradually other areas, like supply chain, in healthcare, et cetera. Towards the middle of 2016 we saw a transition, at least on the financial service side people were started to talk about, hey now I understand this technology and what it's capable of, let's talk about production deployments, right now I'll give you a few examples as we go along. >> Dave: So, I want to go back if I can a little bit and just get somewhat didactic for a moment. My understanding is there's three attributes, I'm sure there are many more of blockchain which are really relevant, and especially as it relates to the security if I may, it's distributed obviously, and it's been said it's virtually unhackable unless 50% of the stakeholders agree to collude, and then there's no need for a trusted third party so it reduces the threat space. Are those sort of accurate statements and when somebody says, well it's virtually unhackable, you know you tweet that and somebody says, well everything's hackable, help us understand sort of those fundaments of blockchain and why they're relevant. >> That's right, so the way I think about it is a blockchain is a trusted database. Now why is it trusted? There are three properties, I'll get to it, kind of overlaps with what you mentioned. The first one is, any transaction you do onto the database, anything that goes in it basically is done in a nonreputiable fashion. If I do something I can't say, "I didn't do that," so that helps. What goes in, you know you have that property. The second piece is, whatever goes in goes in through a vetting process, we will call it the consensus. There is some sort of a chat between parties before something goes in. Therefore, I can't unilaterally do something onto the blockchain, right, I can't, somebody else vetted what I did, that increases trust. And the third piece is, once it gets in there it cannot be tampered with. We say it's immutable sometimes, and what is that based on? There's a whole lot of topographic math behind it, but at a high level there are two aspects to it. One is, there are multiple copies. So if I change something, if I hack into mine, I'm inconsistent with what others have, so that's one. The second is, the transactions are chained together, blocks of transactions are chained together where a fingerprint of one block is put into the next. What that means is, if I tamper with the block say 15, a long blockchain, all transactions after that are invalid, I have to do a lot of work to fix it, so it's very very hard to tamper with. Of course, as with security, there's no such thing as nothing that is hackable, right, so collusions et cetera, potentially can happen. But the key is, significant increase in the level of trust is the way I would put it. >> Dave: Great, okay, and so now if we can get into sort of how people are specifically applying this technology, you guys started with the hyperledger, you know, open project, but can we get more specific in terms of how say organizations are actually deploying blockchain? >> Ramesh: So we are still running a blockchain in productions since September 6th, right, so it's been only four months. In fact that blockchain is more than a half a million blocks today, so let me tell you what that solution is so you get a sense of, and it's very prototypical in terms of, you know, all solutions that I've dealt with so far across industries. The use case is a following, so you have a buyer, you have a seller and you have a financer, that's IBM. We basically finance, shotgun financing of, think of it as channel financing or inventory finance. What happens typically is, the buyer basically orders something and the seller essentially gets approval from us to say, okay, yeah we can basically send it to the buyer. A few days go by, IBM has already paid the seller basically, just like credit cards (mumbles) consumers. A month later basically we go in, say hey look, guys, time for you to pay up and they say, look, we didn't even receive the goods. So this entire process, what I just described you can think of as a workflow where these three parties are sending messages back and forth. The way we do it in a blockchain is, this entire workflow is captured as a sequence of transactions that are registered on the blockchain. Now how does this help us? Take the example I gave, proof of delivery. If when the logistics company delivers it at the buyer's site, it's recorded on the blockchain. There is no need for a dispute. And typically disputes, basically puts a lot of capital, you know, it holds up a lot of capital right. Capital inefficiency is the problem we're after. In fact, after six months of deployment I can tell you essentially a significant improvement in terms of the time savings as well as elimination of disputes. >> John: That's a great efficiency. Who's buying, who's actually implementing it customers-wise. Can you name names? >> Ramesh: Yeah, so, examples are the, let me give you a few in financial services. So we are working with Salus Bank which does, you now, five trillion dollars worth of foreign transactions every day. They are building a netting engine called Salusnet a solution called Salusnet, and we're working with them on that. Another example is the work that we are doing with Northern Trust, where basically they have a private equity administration blockchain. In fact, it's a very interesting one because it also involves the regulator as a part of the blockchain, so that's a second example. A third one is the one we announced in January with the Depository, Trading and Clearing Corporation DTCC, and that one is for credit debitors, life cycle management, in fact all the examples if you notice, there is a life cycle like I gave in that example earlier of buying till all your goods are delivered, payment is made, those life cycles, those processes are captured as trusted processes on a trusted data store. That's basically blockchain for you, right, that's financial services. Maybe I'll touch upon two more examples to complete the story. Supply chain. I walk into a store and buy some sliced mangos at Walmart, is it safe to eat? To answer that question you need to know the provinence. Which farm in Mexico did it come from, who all touched it, who washed it, who processed it, et cetera, all the way till it got to the store. That sort of information sharing does not happen today in the supply chain. We believe with the block chain that is possible, that allow us to get a good sense of where things came from, making consumers more comfortable. Similar story can deal with pharma too. I pop a pill, I want to be sure that it's safe to have. In fact, as you know the World Health Organization says in Africa, every year a hundred thousand kids die of counterfeit malaria drugs alone, right, so imagine if you could capture these sorts of supply chain flows on a blockchain you could make dramatic improvements. >> Dave: Diamonds provenience is another one, and it's not just blood diamonds. >> Ramesh: I'm more excited by the providence of food and pharma, but diamonds- >> But there's tons of fraud in the diamond supply chain. >> Ramesh: Absolutely. >> And that's really where they're, you know- >> John: Well this brings up the whole business model disruptions, so, what are you guys seeing for the kids of conversations? Because you're getting at the business model impact significantly one, you're reducing costs of transactional costs for new measurement systems, aka blockchain, and you have all the methodology behind it, but everything from music to art to content, I mean, payments, this is like a game changer. >> Absolutely, and I think from the point of view, you know, in all of the use cases I've seen, the sort of value to the ecosystem is clean and obvious, and so you can immediately say, aha, this is going to happen overnight. But the reality is basically, it's a complex ecosystem play though. So, for example, in the supply chain use case, food safety, you need to have the farmers, the entire value chain involved, participating in some fashion on the blockchain. That is not easy to do. So there is, how do you sort of set up ecosystems is a key part of- >> John: What's your strategy there? I'm going to ask Marie when she comes on, but what's the strategy with ecosystem? Because you want to jump start this, you got to prime the pump big time. >> Ramesh: Absolutely, so there are many ways to solve this, but one approach we have taken so far, and it's obvious in all the sort of partnerships that we're working on. Take for example food safety. One way to start with it is to start with a big retailer, like a Walmart. They bring in the suppliers, and the suppliers bring in the farmers. Take the case of what we are doing in container shipping. So basically, movement of containers from point A to point B, we're trying to completely digitize that process, this is a project that we're doing with Maersk. Why Maersk? They are 20% of the container shipping market, right? But in all of these cases I got to be very clear, we are not building a solution for Maersk or for Walmart. We're really building something for the industry, because food safety, you want to solve it for the industry. Just by helping Walmart along. >> John: That's why the open source thing is critical here. >> That's right. >> John: And the update on that, it's all open source on which components, or is it all open source? >> Ramesh: So the open source is all about at the platform layer. The solution itself, you know not everything in the solution is going to be open source. But the key point I was trying to make is that you go off the sort of significant anchor tenants in the ecosystem that draws others into the picture, but that's still not enough, you need to make sure there are economic incentives for others to join in. >> John: So to put it together, tie it together, the ecosystem strategy is, take an industry scope and try the rising tides floats all boats kind of approach. So adoption's critical. >> Absolutely correct, absolutely correct, and I think again I can use food safety to make that point. Think about it, right? So there is, let's say, a spinach problem, we had it in 2006. So you find a problem, you trace it back to a source. Let's say Walmart is the store in which somebody bought it and it was traced from there. That's not good enough. From the source it went to many other retailers. So you need to be able to track down and pull all of them off the shelves. Therefore you have to go for an industry solution. >> John: I can imagine the healthcare thing would be even more impactful too, I mean, financial services pretty obvious, transactional stuff there, but healthcare, so many different variations of supply chain and transactions. >> Ramesh: Absolutely, so in a way, the way I think about it is in a financial service everybody had a hunch this could be big, but supply chain, we've come a really long way, I think this is going to be the space which will have the most destruction, and its interesting considering when we started my first conversation with folks, whether it be a Walmart or Maersk, first question is, "what is blockchain?" We've come a long way in the last say eight, nine months. >> John: You guys get so excited where you're kind of pinching yourselves because you can get kind of euphoric about some of the disruption impact. It's just mind blowing to think when you're talking about food, the food industry and healthcare. You got to get tampered down a little bit in some realism, is there that IBM excitement internally share some color internally within IBM the excitement, and then you got to be getting realistic, a lot of the clients rolling it out to kind of got to walk before they can run. >> Ramesh: Yeah, so, the way I would state it is if you had asked me a year ago do you expect to be in the shape we are in today, I would have said no way. I've been shocked at the pace at which this has been moving both from the point of view of the technology itself, maturing of the technology, and in fact when we say blockchain is here now, so that's at the technology layer level, but in terms of use cases, think about it, there are a number of financial services institutions that are talking about production deployments late this year, early next year. In fact, when we did our own IBM Institute for Business Values survey, came back with fully 15% of those who were surveyed, there were like 400-odd banks plus capital market institutions are going to be in production by end of this year. When I heard that in September I still didn't believe it, but I am beginning to believe it now. >> Well it's interesting I think, the cultural shift is that technologists from computer scientists to practitioners that are technologists, they get it. They can see what blockchain does, so I think as people get more and more momentum, that's the fly wheel that you guys are open for and it's happening. >> That's right, in fact I'm also a techie at heart, but in terms of conversation (mumbles) I never talk about technology anymore because the thing is, there are only two concepts in blockchain. It's trusted data across companies, trusted business process. Everything else is detail. >> John: Got it, Ramesh, thanks so much for sharing, great conversation, formerly with IBM research, now Vice-President of Blockchain Solutions at IBM, great to interview, great insight, blockchain revolution is here, check out our interview yesterday with Dom Tapscott yesterday on YouTube, The Blockchain Revolution, his book really kind of lays out some of the big disruptive game changers. This is The Cube, doing our share of blockchain right now, bringing content in blocks and chunks, not yet blockchain enabled. I'm John Furrier, Dave Vellante, be back with more after this short break. (synthesized music)