 from Orlando, Florida. It's theCUBE, covering Accelerate 19. Brought to you by Fortinet. Welcome back to theCUBE. We are live in Orlando, Florida for Accelerate, Fortinet Accelerate 2019. Lisa Martin with Peter Burris, and we're pleased to welcome back to theCUBE the Chief Information Security Officer, CISO, from Fortinet, Phil Quaid. Phil, thank you so much for joining Peter and me on theCUBE today. Thanks for much. So, lots of news, lots of buzz. You can hear a lot of the folks behind us in the expo hall here. We've had probably, I think, five or six or seven guests today so far. You are on the front lines as the CISO of Fortinet talking with CISOs. I'd love to get your view on what are some of the things that are top of mind for CISOs today? The challenges that they're facing and how are they looking to Fortinet to mitigate those challenges? The good news is that the solution sets not as complicated as you'd think. So, all the CISOs and senior people I talked to are very much focused on how can they reduce complexity and how can they better leverage automation? I know there's some overlap between those two things, but they care quite a bit about that. Why? Because with less complexity, there's less mistakes. With less complexity, there's less OPEX, costs for people. And then with automation, it also helps with the OPEX problem. But automation also allows humans to do things that humans are better at doing things at and lets machines do things that they're better at doing things at. So, complexity management, leverage automation are really top of mind. Of course, the next level down, you really need to do segmentation well. You need to have good visibility. You need to do inspections, stuff like that. But I'd say those couple things are definitely top of mind no matter who you talk to. But one of the things that's especially important about this issue of complexity is that the threat surface goes to value. Right? So that as you think about IoT, as you think about more devices, more elements, et cetera, the threat surface is going to go up. The only way that you're going to be able to bring that in in a managed way that delivers consistent value without dramatically exploding the amount of risk is to reduce the complexity of the rest of the threat surface. Absolutely. If you're trying to face the problem of speed and scale, you have to adopt the solutions of automation and integration. You need a strategy. And of course, hope is never a strategy. And so you need to leverage these technologies to do that instead. It's all about automation and integration. Right. And this notion of the threat surface going to value has got to have some, I mean, CISOs, certainly some of the ones that I'm talking to are using terminology like that. Maybe not that concept directly, but they want to make sure that whatever tasks they're performing, whatever risk that they're engendering or dealing with has some correspondence back to value. Are you seeing that as well? Yeah. Since we're talking about value, the endpoint is becoming a whole lot more interesting in terms of value. So traditionally we think of the endpoint as being the place where there's desktops and then laptops and then tablets and now smartphones. And they've always been part of our cyber domain, but there's this new thing that's happening, I think, just left of endpoint. And it's where there's going to be the heavy instrumentation of physical processes and things. So it's starting with OT, operational technology. It's going to be magnified by IoT and then of course building automation. And so all of a sudden the definition of value, I think, is going to be the places that can collect data about physical processes and things, protect that data and then commoditize it. So value is moving further and further out into the endpoint defined as the collection of information about physical processes and things. So I call this environment cyber physical, more specifically more catchy, sci-fi, right? It's where cyber data and physical data will be intermingled to provide value and efficiencies to customers and things like that. It's a really important area that's the new endpoint. In physics we talk about transducers, right? A transducer is something that takes one form of energy and turns it into another form of energy so that it can perform a different kind of work. We're talking about what we call information transducers, the idea of you take one form of information and turn it into another form of information so that it can perform work. That's seminal to this notion that you're describing of the sci-fi. It's a great analogy. I haven't heard it described that way before. It's kind of like back in the day where people used fire to heat and people used sails to move things, right? And one day, winds, right? Wind move sails, sorry. Wings. Yeah, okay. And then someone saw, the story, as the story goes, someone saw a pot on a fire on a kettle full of water boil and a lid of the pot moves. So they realized, I can use heat to move. And so they started integrating different ways of doing things to achieve new effects. And I think that's what you're talking about. You use the word transducer, but I think it's the same thing. How can you use things previously kept separate to do things that you previously couldn't do? So let's talk about this sci-fi era, CY-PHY for those watching at home. What are some of the security challenges that this brings but also the opportunities to be uncovered, say that boiling pot analogy? Yeah, if you don't mind, I'll start with the positives, right? What are the potential benefits to society? So we are all of us and everyone behind us, we're creatures of the physical domain. And the opportunity is that there'll be new data connected about this physical domain that can affect us very personally. So in cyberspace, it's ultimately a virtual world. So there can be compromises in cyberspace that affect us in cyber ways, but when you have compromises in the physical domain, it can be a lot more personal. So let's say that you have a medical IoT device or you have something else that instruments the temperature, heat, humidity, vector, you name it. Failures in those areas can have a really profound effect on a negative way in this physical oriented domain. So now the flip side of that is it all has a very, very positive effect, right? These healthcare devices can bring new conveniences or perhaps even help address some very important things whether it be physical or mental disabilities. We can instrument very heavily how we create food products. And so maybe this heavy instrumentation of how you create food can help address world hunger. I know I'm getting kind of heady about this, but the heavy instrumentation of this physical domain has a lot of promise. Now back to the other side, it also has a lot of responsibility involved, right? Because as I mentioned earlier, we're creatures of the physical domain. So if you get it wrong, you could mess up something really important to our healthcare or our transportation. And then we also have a very strong feeling towards privacy. At some point, collecting too much about us physically is just too much. So you need to make sure that any such date is you have privacy protections built in. So like anything with great opportunity, there's great challenges involved, but by giving their name and starting to describe those challenges, we are one step down the path, I think. But if we take that and then turn that into a set of cyber security challenges, you know, secure network challenges that one of the other things you just described is we are constantly learning about what are the characteristics of a good, competent, reasonable interface between the physical and digital worlds. That knowledge then has to be put back into how we handle network security. That's right. I like your use of the word knowledge. And earlier today, I gave a talk about something I'm calling the digital Big Bang. It's an analogy that we had a digital Big Bang 50 years ago where an explosion of data is among us and there are some challenges. We'll get back to that in a second. The analogy is the cosmic Big Bang of 14 billion years ago. And it wasn't until we started, had a quest for knowledge about the fundamental elements of the cosmic Big Bang and the hard sciences behind it, physics, chemistry, biology, things like that, that we actually started obtaining and accumulating knowledge. So I think to your point, there's a lot of knowledge accumulation that we need to start a quest for in this cyber physical domain. And that's all about treating cybersecurity more like a science rather than an art. And I think the cyber sci-fi domain is a great place to start practicing that, accumulating knowledge in a very, very scientific way, build on the successes of our forefathers, if I can say. Sorry, if I can build on this for one second, sorry Lisa, that the entropy gets everything in the end, but isn't it interesting that the process of creating more information, creating more knowledge, and then securing it is our main fight against entropy, right? It's how we create increased optimization of our resources, how we get more out of less. And that seems to me to be an especially important thing here as we think about it is how we utilize that knowledge, share it, and in so doing, secure it so that we are sharing it appropriately. There's a great saying, I'm sure you're familiar with, each of you, it's called, I use it often as data is the oil of the 21st century. Right, so the last century, those who could find oil, exploit it, put it in good use and protect it, dominated that century. Let's fast forward to the 21st century. I think the same words apply. Data, right? Those who can find it, generate wisdom from it, insights from it, and protect it, will dominate in a good way the 21st century. So, and the way we're going to do that, this is the collective way, is by, as you said, collect data, make it better, send it back out, bring it back in, make it better, send it back out. It's a somewhat circular, but I think it's a very, very healthy example of a circular augmentation. So one thing I want to touch on a little bit with you, Phil, before we let you go is, we talked about knowledge a minute ago, and sharing that knowledge, Fortinet's very dedicated to education, educating your customers, educating your partners. When you're talking with CISOs, and we know that there's a sensible skills gap with cybersecurity, what are some of the solutions that you talk to those customers about, like, hey, this is how Fortinet and our ecosystem partners can help you here address this, so you can leverage the power of that data to, as you said, you know, for the 21st century, for example, data becomes the new oil. What's the education conversation like? There's a long game and a short game. You know, the short game is about leveraging, like we talked about a few minutes ago, speed automation to integration to complement the shortage of human beings, right? Relying machines more on for what machines are good at, and take the humans, the humans, the skilled personnel, and have them do the higher-order thinking. So the near-term game, which Fortinet's really well-proportioned to provide to our customers, is speed, automation, and integration. So that's the short game. The long game is about creating a larger workforce or a larger population of folks who can ultimately contribute to this great new world that we've been talking about. And that's training and that's education. And I think, you know, Fortinet's also, you know, working the long game as well with some near-term training at multiple levels for folks in the networking world, but we're also part of something called the World Economic Forum, the WEF's Center for Cybersecurity. We're a founding member. And in there, we're trying to create a long game where we can help educate a whole lot of people on cybersecurity and create the future workforces in the long game. So short-term long game, both are important. Excellent. Well, Phil, thank you so much for joining Peter and me on theCUBE this afternoon. We appreciate your time. Thanks again. It was nice being back. I appreciate it. Excellent. Our pleasure. For Peter Burris, I'm Lisa Martin. You're watching theCUBE.