 from San Francisco, it's theCUBE. Covering RSA Conference 2020 San Francisco, brought to you by SiliconANGLE Media. Welcome back to RSA for CUBE coverage here at RSA Conference in Moscone. I'm John Furrier with theCUBE. Our next guest is Shaykar Sarukai, who's with the McAfee and he's a technical fellow, formerly chief scientist and co-founder of Sky High Networks, which was acquired by McAfee. We're really pioneering some of the, what we're seeing as cloud as the driver of the security paradigm. Shaykar, thanks for coming on theCUBE. John, thank you so much for coming here. I know you don't have a lot of time, so just jump right in. Cloud is changing the game. You guys saw this wave early at Sky High. So how has it rendered itself today? We're seeing the signals out there. Palo Alto Networks earnings were down this week because of their on-premise business and shifting to the cloud. We think they'll do well, but it's obviously impacting. Everyone's got a shift, including their customers. What's going on? This is amazing. Last year, I think about a few months back, we did a survey of large enterprises, but for the first time, we found that the majority of the CIOs and CISOs felt that cloud was more secure than on-prem. That's a big deal. I mean, I've never seen that before. I didn't expect it to be this quick, but that actually manifests itself in enterprises ready to be cloud-first, are very cloud-friendly, and that's significantly different from when we started Sky High and even a couple of years ago. And because of that, how you secure the data, how you secure who connects to it, the kind of threats need to be looked at at a different lens. And I mean, we've seen breaches happen every week. If you look back over the last year, and a lot of those are cloud-native threats. These are not malware-based breaches of data, which is what you would think of when you traditionally look at... Microservices breaches? No, these are cloud breaches because cloud has, it's very, it's good, right? It's got transparency, it's got APIs. So whatever APIs you use, a bad actor could use it as well. The way they land, exfiltrate, and expand in the cloud footprint is very different from how traditional malware attacks happen within your enterprise network. And so we've been looking at cloud-native threats and what it means to even secure data in the cloud, which is very different from securing data in your enterprise. For example, I may run a DLP on my laptop, to check what kind of sensitive data is out there. But in the cloud, you don't do that, right? Because the data is cloud-native. And we, in our analysis, we've seen that 50% of traffic is cloud-to-cloud. So it bypasses your traditional enterprise network. It bypasses your devices. And so when you talk of data protection, you need to look at new ways of understanding cloud and integrating into it. Yeah, it's interesting. I've talked to many CISOs who have been cloud-native and born in the cloud, and they say their worst day in the cloud for security is better than any day they've had on-premise. In other words, security, there's actually more security in the cloud. But then when they start getting into hybrid, and now what we see is multi-clouds, that third wave coming, you start to look at on-premise-to-cloud, cloud-to-cloud, you have a network component, becomes a big part of it. Could you share your vision on how the network needs to evolve? Because Amazon and Azure, they've got their own networks. But it's also not on-premise either. So if I want to run a route from here to here, is the impact, what's the network impact? Yeah, I mean, I don't think network-based security control is going away. And if you look at what McAfee announced today, is what we call the unified cloud edge. We acknowledge that security is in depth. At the endpoint, at the cloud, and in the network. So we are the first product really to have integrated policies and visibility into data flow between the clouds, to and from the cloud, and in the device. And so in that model, you have a network component. So we use our secure web gateway, which is cloud hosted. So interestingly, you'll see that a lot of security tools are also becoming cloud-native. And so that's what we leverage. Our cloud-native, cloud security platform, cloud-native SWG, the web gateway, as well as EDR and endpoint protection from the cloud. Let me ask you a question, as a chief scientist, Nuru, that you are. The security posture of companies certainly has changed with the cloud. How would you describe the current posture from a customer with respect to the cloud in a good way? What do they need to be thinking about? Yeah, I think, actually, Gartner said it very well. In fact, a couple of years, last year, they had a MQ, which they actually said that 99% of your data breaches in the cloud is going to be because of customer fault. And it may be the most trivial things, but those are the ones which get you, right? And it turns out that while cloud is easy and quick to adopt, it's very easy to misconfigure stuff. So human error. Yeah, it's completely. And I kid you not, majority of the issues are failure to understand your shared responsibility model. It's hard to call so many a breach when the door is wide open. They're just walking through it. That's not really a breach. That's called just the door's open. They walk through. I mean, that's what you're talking about here. Yeah, exactly. And it's the responsibility of the customers to configure it appropriately. And I think that'll take care of the lowest hanging fruit for them. And then as they evolve their workloads moving into the cloud, they need to think about hybrid and not get into the trap of creating silos. So as a classic example, right? Security vendors, we're great at building that ton of products and companies around it. There's container security, there's VM security, there's cloud security. But at the end of the day, a customer is moving their workload and application into cloud. They need a consistent way to ensure that the configurations are right, the data is secure, and there's no threats to it. And we need to make that model of simplicity of consistency across all of these kinds of things. So it's clear that Macapy's transforming their business to cloud. You guys have been a big part of that. Congratulations. How would you describe Macapy's current situation with respect to the cloud growth, now the on-premise cloud hybrid integration and multi-cloud coming? Because you now have this entire systems architecture, aka cloud, multi-cloud hybrid public. All need to work together. You know, I think Macapy's very well positioned in this. I mean, honestly, when we joined Macapy, Macapy's strength was in the endpoint. And actually, they had a very good business in the server endpoint as well with the CWS product. When we came into the cloud-native approach where, and that product was selling very well for the private data center on-prem. What we were able to do is add a cloud security story, but also sort of be the catalyst for Mvision. Mvision is really this broad umbrella within Macapy for doing not only cloud security, but EDR, insights, not products which can run in the cloud at scale in a multi-tenant manner, you know, to secure it. And you can create a data-driven approach to make that human personalization work so they don't forget to secure that S3 bucket. Exactly. Which is the biggest problem, right? It's kind of like when you get out of your car, it's like you left your keys in. Exactly. I mean, there's a new level of personalization coming from the data. That's right. You see that as itself. We do. Clearly, what we see with customers is that going back to the shared responsibility model, it's almost like you rent a car. The renter has some responsibilities, the rental agency, and the car manufacturer responsibilities, and all of us have an understanding of what those responsibilities are. At the end of the day, I was just talking to another guest, we were saying, hey, the roles use the data to tell the human not to screw up. Yeah. You know, you're flying on a plane, you got to go secure your door, you got to, you know, it's about really minding the environment you're working with and not forgetting anything. That's right. And doing it in real time, because configurations change in the CICD pipelines in real time, right? And being able to catch that, and what we've done as part of Mac, over the last year, is do something which we call shift left, which is really before an application is born to make it secure. And it's possible in the cloud because it's very transparent. We can, and infrastructure is code. So as the code gets checked in, we can validate it and... Well, I'm glad you wrote that point real quick. I know you got to go, DevOps has been a real influence on a lot of infrastructure as code, but now you have SecOps, DevSecOps. So it's all kind of the same melting pot of agility, iteration, real time. What's your version of security, version of DevOps? Yeah, it is that. It is basically rather than playing back a mole after the fact, you know, going and looking at configuration failures or DLP or whatever, push it. And it actually helps the security team because they don't have bandwidth. They want to be able to co-opt developers and there's literally 100x more developers than security folks. And so being able to integrate it into the tooling for continuous integration deployment is something we've done. And it's a huge win for customers. Well, Shagya, thanks for sharing the insight. We'll be at your Mpower event coming up. We'll do more interviews there and do a deep dive. But real quick, what are you working on right now that's exciting? That's getting you motivated. That puts a little spring into your step. What's happening? Oh, I mean, there's a huge issue around cloud native threats and how we use MITRE and other frameworks to make the SOC teams more, you know, not get lost in all the noise. And you'll see a lot of that work from us, but there's a lot of exciting work. A lot of innovation coming out of that? A lot of innovation. A software-driven, obviously. Cloud-driven. Cloud-driven. Well, we'll get back and talk about some of the cloud-native nuances around Kubernetes, service mesh, state, date, state. Which we've done a lot of that, too. We've done a lot of action, a lot of tech. A lot of potential opportunities, but also challenges. Tiger, thank you for coming on theCUBE. Appreciate it. I'm John Furrier with theCUBE. We're here on the ground at RSA Conference. We'll be right back. Thanks for watching.