 Hello, and welcome to today's session of the 2021 AWS global public sector partner awards for the award for best partner transformation, best cybersecurity solution. I'm now honored to welcome our next guests, General Keith Alexander, founder and co CEO of iron net cybersecurity, as well as Gil Kenyones, President and CEO of the New York Power Authority. Welcome to the program gentlemen delighted to have you here. It's an honor to be here. Terrific. Well, General Alexander I'd like to start with you tell us about the collective defense program or platform and why is it winning awards. Well, that's great question and it's great to have Gil here because it actually started with the energy sector. And the issue that we had is how do we protect the grid. The energy sector CEOs came together with me and several others and said how do we protect this grid together. We can't defend it each by ourselves. We've got to defend it together. And so the strategy that iron net is using is to go beyond what the conventional way of sharing information known as signature based solutions to behavioral base so that we can see the events that are happening. Share those among companies and among both small and large in a way that helps us defend. And because we can anonymize that data, we can also share with the government so the government can see a tax on our country. That's the future we believe of cybersecurity and that collective defense is critical for our energy sector and for all the companies within it. Well, Gill, I'd like to shift to you as the CEO of the largest state public power utility in the United States. Why do you think it's so important now to have a collective defense approach for utility companies. Well, the utility sector, I'd with the financial sector as number one targets by our adversaries, and you can't really solve cybersecurity and silos we night by my company in New York Power Authority alone cannot be the only one, and other companies doing this in a silo so what's really going to be able to be effective if all of the utilities and even other sectors financial sectors telecom sectors cooperate in this collective defense situation and as we transform the grid the grid is getting more and more decentralized, we'll have more electric cars, smart appliances, the grid is going to be more distributed with solar and batteries charging stations. So the threat surface and the threat points will be expanding significantly and it is critical that we address that issue collectively. Well, General Alexander with collective defense what industries and business models are you now disrupting. Well, we're doing the energy sector obviously, the defense industrial base, the healthcare sector as well as international partners along the way, and we have a group of what we'll call technical and other companies that we also deal with in a series of partner because no company alone can solve this problem no cyber security company alone. So partners like Amazon and others partner with us to help bring this vision to life. Terrific well staying with you what role does data and cloud scale now play in solving the security threats that face businesses but also nations. That's a great question because without the cloud bringing collective security together is very difficult, but with the cloud we can move all this information into the cloud. We can correlate and show a tax that are going on against different companies they can see that company ABC or D it's anonymized is being hit with the same thing, and the government, we can share that with the government they can see a tax on critical infrastructure energy, finance, healthcare, the defense industrial base or the government and doing that what we quickly see is a radar picture for cyber that's what we're trying to build that's where everybody's coming together. Imagine the future where a tax are coming against our country can be seen at network speed, and the same for our allies and sharing that between our nation and our allies begins to broaden that picture, broaden our defensive base, and provide insights for companies like NYPA and others. Terrific well now go I'd like to move it back to you. If you could describe the utility landscape and the unique threats that both large ones and small ones are facing in terms of cybersecurity and the rest of the the populace is that live there. Well, the power grid is amazing machine, but it is controlled electronically and many and more and more digitally. So, as we as I mentioned before, as we transform this grid to be a cleaner grid to be more of an integrated energy network with solar panels and electric vehicle charging stations and wind farms. The threat is going to be multiple from a cyber perspective now we have many smaller utilities there are towns and cities and villages that own their poles and wires they're called municipal utilities, rural cooperative systems, and they are not as sophisticated and well resource as a company like the New York Power Authority, or our investor utilities across the nation, but as the saying goes we're only as strong as our weakest link. And so we need to address the issues of our smaller utilities as well. Do you see potential for more collaboration between the larger utilities and the smaller ones. What do you see as the next phase of defense. Well, in fact, General Alexander's company ironed and, and NYPA are working together to help bring in the 51 smaller utilities here in New York in their collective defense tool. We had a meeting the other day where even thinking about bringing in critical state agencies and authorities, the Metropolitan Transportation Authority, Port Authority, New York and New Jersey and other relevant critical infrastructure agencies to be in this clouded to be in this radar of cybersecurity, and the, the beauty of what I or net is bringing to this arrangement is they're trying to develop a product that can be scalable and affordable by those smaller utilities I think that's important, because if we're going to achieve that then we can replicate this across the country where you have a lot of smaller utilities and rural cooperative systems. Yeah terrific well Gil staying with you I'd love to learn more about what was the solution that worked so well. The, in cyber security, you need public private partnerships so we have a public companies, a private companies like iron it that we're partnering with and others, but also partnering with state and federal government, because they have a lot of resources. So the key to all of this is bringing all of that information together and being able to react. The general mentioned network speed we call it machine speed has to be quick. And we need to protect and or isolate and be able to recover and be resilient. So that's that's the beauty of this solution that we're currently developing here in New York. Terrific well thank you for those points shifting back to general Alexander with your depth of experience in the defense sector in your view how can we stay in front of the attacks, mitigate them and then respond to them before any damages done. So, having run our nation's offense I know that the offense has the upper hand, almost entirely because every company and every agency defends itself as an isolated entity. Think about 50 midsize companies each with 10 people, they're all defending themselves and they depend on that defense and individually, and they're being attacked individually. Now take those 50 companies and their 10 people each and put them together and collective defense where they share information they share knowledge. This is the way to get out in front of the offense, the attackers that you just asked about. And when people start working together that knowledge sharing and crowd sourcing is the solution for the future, because it allows us to work together, where now you have a unified approach between the public and private sectors that can share information and defend each of the sectors together. And that is the future of cybersecurity. What makes it possible is the cloud by being able to share this information into the cloud and move it around the clouds or what Amazon has done with AWS has exactly that. It gives us the platform that allows us to now share that information and to go at network speed and share it with the government in an anonymous way. I believe that will change radically. How we think about cybersecurity. Yeah, terrific. Well, you mentioned data sharing, but how is it now a common tactic to get the best out of the data and now how is it sharing data among companies accelerated or changed over the past year. And what does it look like going forward when we think about moving out of the pandemic. So first, this issue of sharing data. There's two types of data. One about the known threats. So sharing that everybody knows because they use a signature based system and a set of rules that shared and that's the common approach to it. We need to go beyond that and share the unknown. The way to share the unknown is with behavioral analytics detect behaviors out there that are anonymous or anomalous are suspicious and are malicious and share those and get an understanding for what's going on in company a and see if there's correlations in BC and D that give you insights to suspicious activity like solar winds recognizes solar winds at 18,000 companies, each defending themselves. One of them were able to recognize that using our tools we did recognize it and three of our companies. So what you can begin to see is a platform that can now expand and work at network speed to defend against these types of attacks, but you have to be able to see that information the unknown unknowns and quickly bring people together to understand what that means is this bad is a suspicious. What do I need to be to know about this. Do you hear that information anonymized with the government they can reach and say, this is bad you need to do something about it and we'll take the responsibility from here to block that from hitting our nation or hitting our allies. I think that's the key part about cybersecurity for the future. Terrific. You know, General Alexander ransomware of course is the hottest topic at the moment. What do you see as the solution to that growing threat. I think a couple things on ransomware first doing what we're talking about here to detect the fishing and the other ways they get in is an advanced way so protect yourselves like that. But I think we have to go beyond we have to attribute who's doing it, where they're doing it from and hold them accountable. We need to really provide that information to our government as it's going on and going after these guys making them pay a price is part of the future it's too easy today. Look at what happened with the dark side and others they they hit colonial pipeline they said oh we're not going to do that anymore then they hit a company in Japan and prior to that they hit a company in Norway. So they're attacking, and they pretty much operate at will. And now let's indict some of them hold them accountable get other governments to come in on this. That's the way we stop it. And that requires us to work together, both the public and private sector. It means having these advanced tools, but also that public and private partnership. And I think we have to change the rhetoric. The first approach everybody takes is colonial. Why did you let this happen. They're a victim. If they were hit with missiles we wouldn't be asking that. But these were nation state like actors going after them. So now our government and the private sector have to work together. And we need to change that to say they're victim. And we're going to go after the guys that did this as a nation and with our allies. I think that's the way to solve it. Yeah, well, terrific. Thank you so much for those insights. Gill, I'd also like to ask you some key questions and, you know, of course, certainly people today have a lot of concerns about security, but also about data sharing. How are you addressing those concerns. Data governance is critical for a utility like the New York Power Authority a few years ago. We declared that we aspire to be the first end to end digital utility. And so by definition, protecting the data of our system or industrial controls and the data of our customers are paramount to us. So data governance, considering data or treating data as an asset, like a physical asset is very, very important. So we in our cybersecurity plans that is top priority for us. Yeah, and Gill thinking about, you know, industry 4.0. How has the surface area changed with cloud and IOT. Well, it's grown significantly, you know, at the power authority where we're installing sensors and smart meters at our power plants, at our substations and transmission lines so that we can monitor them real time all the time, know their health, know their status. Our customers were monitoring about 15 to 20,000 state and local government buildings across our state. So just imagine the amount of data that we're streaming real time all the time into our integrated smart operation center. So it's increasing and it will only increase with 5G, with quantum computing, computing, and you know, so this is just going to increase and we need to be prepared and integrate cyber into every part of what we do from beginning to end of our processes. So both of you actually, as we see industry 4.0 develop even further, are you more concerned about, you know, malign actors developing more sophistication, what steps can we take to really be ahead of them. Let's start with General Alexander. So I think the key differentiator and what the energy sector is doing, the approach to cyber security is led by CEOs. So you bring CEOs like Gil Pernonis in, you've got other CEOs that are actually bringing together forms to talk about cyber security. That's the first part. And then the second part is how do we train and work together that collective defense. How do we actually do this. I think that's another one that NYPA is leading with West Point and the Army Cyber Institute how can we start to bring this training session together and train to defend ourselves. This is an area where we can uplift our people that are working this process, our cyber analysts, if you will, at the Security Operations Center level, by training them, giving them hard tests and continuing to go. So that approach will uplift our cyber security and our cyber defense to the point where we can now stop these types of attacks. So I think CEO led bring in companies that give us the good and bad about our products. We'd like to hear the good, we need to hear the bad, and we need to improve that. And then how do we train and work together. I think that's part of that solution to the future. What are your thoughts as you know we embrace industry 4.0. Are you worried, you know that these malign actors are going to build up their own sophistication, and you know strategy in terms of, you know, data breaches and cyber cyber attacks against our utility systems. What can we do to really step up our game. As the general said, the good thing with the energy sector is that on the foundational level, we're the only sector with mandatory regulatory requirements that we need to meet. So we are regulated by the Federal Energy Regulatory Commission and the North American Energy Reliability Corporation to meet certain standards in cyber and critical infrastructure. As the general said, the good thing with the utility is by design just like storms, we're used to working with each other. So this is just an extension of that, you know, storm restoration and other areas where we work all the time together so we are naturally together when it comes to to cyber. We work very closely with our federal government partners Department of Homeland Security Department of Energy and the national labs, the national labs have a lot of expertise. And with the private sector like great companies like Iron Ed, Naipa, we stood up an excellence center of excellence with private partners like Iron Ed and Siemens and others to start really advancing the art of the possible and the technology innovation in this area and and as the governor mentioned we partnered with West Point because just like any sporting or just any sport, you know, actual exercises of a red team green team and doing that constantly tabletop exercises and having others try and and breach your walls. Those are good exercises to really be ready against the adversaries. Yeah, terrific. Thank you so much for those insights. General Alexander. Now I'd like to ask you this question. Can you share the innovation strategy as the world moves out of the pandemic. Are we seeing new threats, new realities. Well, I think it's not just coming out of the pandemic but the pandemic actually brought a lot of people into video teleconferences like we are right here so more people are working from home. You add in the 5G that Gil talked about that gives you a huge attack surface you're thinking now about instead of 100 devices per square kilometer up to a million devices. So you're increasing the attack surface. Everything is changing. So as we come out of the pandemic, people are going to work more from home. You're going to have this attack surface that's going on it's growing it's changing it's challenging. We have to be really good about now how we train together how we think about this new area, and we have to continue to innovate. So what are the cyber tools that we need for the IT side the the Internet and the OT side operational technology. So those kinds of issues are facing all of us, and it's a constantly changing environment. So that's where that education that training that communication working between companies they the customers they they night bus and the iron us and others and then working with the government to make sure that we're all in sync. It's going to grow and it's growing at an increased rate exponentially. Perfect. Thank you for that. Now Gil, same question for you as a result of this pandemic. Do you see any kind of new realities emerging. What is your position. As the general said, most likely, many companies will be having this hybrid setup. Right. And for companies like like mine. I'm thinking about okay how many employees do I have that can access our industrial controls in our power plants in our substations and and transmission system remotely. And what will that mean from a risk perspective, but even on the IT side our business information technology. You know, you mentioned about the, the, the, the colonial pipeline type situation, how do we now really make sure that our cyber hygiene of our employees is always up to date and that we're always vigilant from potential entry whether it's through phishing or other techniques that our adversaries are are using those are the kind of things that that keep myself like a CEO of a utility up at night. Yeah, well shifting gears a bit. This question for general Alexander, how can supply chain is such an issue. Well the supply chain of course for a company like NYPA, you have hundreds or thousands of companies that you work with, each of them have different ways of communicating with your company. And in those communications you now get threats if they get infected and they reach out to you. They're normally considered okay to talk to. But at the same time that threat could come in so you have both suppliers that help you do your job and smaller companies as Gil has he's got the 47 munis and for co ops out there 51 that he's got to deal with and then all the state agencies. So his ecosystem has all these different companies that are part of his larger network. And when you think about that larger network the issue becomes how am I going to defend that. I think, as Gil mentioned earlier, if we put them all together, and we operate and train together, and we defend together. Then we know that we're doing the best we can, especially for those smaller companies and munis and co ops that don't have the people in the security ops centers know the things to defend them, but working together we can help defend them collectively. That's terrific. And I'd also like to ask you a bit more on iron defense you spoke, you know about its behavioral capabilities that you know it's behavioral detection techniques excuse me. How is it really different from the rest of the competitive landscape what sets it apart from traditional cybersecurity tools. So traditional cybersecurity tools use what we call a signature based system think of that as a barcode for the threat. It's a specific barcode. We use that barcode to identify the threat at the firewall or at the end point. Those are known threats, we can stop those and we do a really good job we share those indicators of compromise and those barcodes in the rules that we have seracada rules and others. What about the issue becomes, what about the things we don't know about, and to detect those you need behavioral analytics behavioral analytics are a little bit noisier. So you want to collect all the data and anomalies with behavioral analytics, use an expert system to sort them out, and then use collected defense to share knowledge and actually look across those. The great thing about behavioral analytics is you can detect all of the anomalies, you can share very quickly and you can operate at network speed so that's going to be the future where you start to share that. And that becomes the engine, if you will, for the future radar picture for cybersecurity. You add in as we have already machine learning and AI, artificial intelligence people talk about that but in this case, it's a clustering algorithms that allow you to see those events and the ways of looking at it that allow you to up that speed up your confidence and whether it's malicious suspicious or benign, and share that. I think that is part of that future that we're talking about you've got to have that. And the government can come in and say you miss something here's something you should be concerned about, and up the call from suspicious to malicious that gives everybody in the nation, some of these insights. Okay, that's bad. Let's defend against it. Terrific. Well, how does the type of technology address the President's May 2021 executive order on cybersecurity, as you mentioned the government. So there's two parts of that. And I think one of the things that I liked about the president of the executive order is it talked about the first page, the public private partnership. That's the key. We got a partner together. And the other thing it went into that was really key is, how do we now bring in the IT infrastructure, what our company does with the OT companies like Drago's how do we work together for the collective defense for the energy sector and other key parts. So I think it is hit two key parts it also goes on about what you do about the supply chain for software all needed. So outside what we're talking about here today, the real key is how we work together between the public and private sector and I think it did a good job in that area. Terrific. Well, thank you so much for your insights. And to you as well go really lovely to have you both on this program. I'm here with the president of the U.S. General Keith Alexander founder and co CEO of iron net cybersecurity, as well as Gil Kinyones, the president and CEO of the New York Power Authority. That's all for this session of the 2021 AWS Global Public Sector Partner Awards. I'm your host for the Cube, Natalie Orlick stay with us for more coverage.