 From Miami Beach, Florida, it's theCUBE, covering Acronis Global Cyber Summit 2019. Brought to you by Acronis. Hey, welcome back, everyone. It's theCUBE's two days of coverage here in Miami Beach at the Fontainebleau Hotel for the Acronis Global Cyber Summit 2019. I'm John Furrier, your host. James Slaby, the director of Cyber Protection for Acronis is here in theCUBE. Thanks for coming in. Great to see you. John, great to be here, thanks. So we talk on the day one reception and we have a chat about the cyber protection positioning and how the confluence of data protection is emerging in this new modernization of the enterprise. And sports teams are out there, you saw these big customers. So it's happening. Absolutely, it's something that the analyst community has been talking about for years. And certainly, I think people in the data protection space on the vendor side in the cybersecurity space have been seeing it coming. I think there's been a little bit of wariness of it on the end user side, particularly if you look at like the large enterprise space where you've got fairly large teams and they're specialized. You got the security folks on one side, data protection, IT operations on the other and often different budgets. They don't necessarily like each other or talk to each other a whole lot. Sometimes competing agendas. But frankly, the way the world is going with the kind of explosion in data, the fact that data is growing five times faster than IT staffing is able to grow. And with this explosion in the threat environment, not just cyber criminals, though they've gotten a lot clever in recent years, much more industrial in their methods. You know, basically I like to compare them to Salesforce, but evil, right? So they've industrialized their production methods. You've got- And they're causing disruption. I mean, they're disrupting the continuity of a business by hijacking their data, whether it's ransomware or zero day malware. I mean, it's here, it's happening all the time. Yeah, and it's not just the criminals. Now you have state actors involved. You know, North Korea basically runs itself as a criminal enterprise these days to fund the regime because of economic sanctions. And they're very well-funded, they're very expert and with tools like ransomware and crypto-jacking at their disposal, they're sustaining themselves. So between the threats on all sides and the explosion in data, the operation side of the house and the security side of the house really have to come together. It's not a luxury that frankly, small and medium businesses have ever had. You know, you typically have much smaller staffs. It's one, two, maybe three people handling all of that. So in some respects, that convergence is going to be a welcome simplification of life to them. You know, what's interesting to me and I want to get your thoughts and reaction to this is that, you know, with the cloud computing and this new modern era of compute power and software-defined stuff, you're seeing all categories that used to be kind of niche white space categories become full-blown important areas. To give you an example, network management turned into observability. Yes. Configuration management is now automation. So at the plumbing level, infrastructure will be starting to see stuff emerge that was once a feature and now important. Data protection involves a cyber protection. Again, it's elevating in importance because the game's changing, but it's still the same. It's data protection, but data's everywhere, but cyber's the driver. This is an interesting dynamic and I think you point that out again on our first night and just highlighted it there. Are all the analysts seeing it this way? And because we're seeing, I mean, observability, what is observability? It's network management on steroids. So this new modern architecture of an enterprise is our thinking like a system and cyber protection is a new, I guess, category, but it's not really a new category. Is data protection for cyber threats and cyber things? I mean, I think it's a useful coinage to capture in a couple of words this convergence of classic data protection, disaster recovery kind of functionality with cybersecurity. I do see the analyst community having kind of anticipated the trend by a couple of years, you know, Forrester where there's zero trust model is a slightly different perspective on it, but ultimately it puts data at the center of everything. You've got to protect data. You've got to protect people from stealing it. You've got to defend against people tampering with it. And once you start putting data at the center of your world, then all those other functions, whether they're classic IT operations functions or what we historically associate with cybersecurity, it doesn't make a whole lot of difference. The challenge is to find ways to achieve those basic functions in a way that is managing the complexity. You know, you've got an explosion of data sources, an explosion of data volume. You know, here comes the internet of things. Here comes 5G wireless. Suddenly everyone's going to be, you know, storing 10 terabytes of data on their smartphones. So you've got a lot more data in a lot more places to defend against. And you know, the bad guys are coming up with increasingly sophisticated new ways to get at it. So looking at it as data first, and I think what our MSP and VAR partners and what their customers are asking for are ways to help us manage that process in a way that's simpler to manage, that's cheaper and can defend against these kind of new more sophisticated threats. It's interesting you've got more threats, the complexity is increasing, data is increasing, the costs are increasing, and it all revolves around the digital business as data. And the Red Sox and the sports teams kind of encapsulate that because they ever do their products on the field, but also they have a business to run, they've got fans to serve, their consumers. It's a digital business model, it's a data. They look sort of like extreme examples today. Our business doesn't need like our F1, our Formula One partners to capture racetrack data from a rocket ship with a thousand sensors in it and real time telemetry. But that's only looks extreme today. We're not very far away from having to handle that kind of data in real time in our business. So in the same way that the Red Sox are capturing all kinds of video information and analytics and analyzing the performance of their players, we're going to be doing similar kinds of data collection and processing on business information in just a few short years. So it's useful to have leading edge partners like that, but the rest of us aren't really far behind. I think the platform play is very interesting, you guys put a lot of work in that, obviously you can't be that overnight. Many years have gone into that. Having an open ecosystem is key. You mentioned the VARs and partners earlier. This is the big part of the business model, the Chronus. And so that's ultimately the true test of a product because the channel is a very efficient business mechanism. If it works and it's profitable and creates happy customers, their customers are happy. They keep their customers. They're a very tough crowd too as well. What are your partners and VARs and ISVs? What is in demand of them from their customers? Because they're using selling your product as a solution, putting services around it. They have customers too. And they're looking for them to be a player and serve them well. What are they hearing? What's their customer customer? Yeah, you're right. They're absolutely, our partners are our key source of intel on what the buyers ultimately want. And again, your typical buyer, let's say it's a small to medium business for argument's sake here, is confronting the fact that there's a giant labor shortage in cybersecurity talent at the moment. So in two years, there'll be three and a half million cybersecurity job vacancies worldwide. I tell young people, I know, they're coming out of high school or college, like, go on cybersecurity. They're going to be a lot of work there in the coming years. This is advice I just gave to my nephew here. And they can't compete for the existing talent that's out there. If you're a great cybersecurity talent, you're going to want to work for like a managed service provider where you're constantly facing new challenges, new customers, new technologies. It's the great Petri dish to learn and hone your craft and move up in the world. Or maybe you go into the large enterprise space, a big cyber protection staff there where the pay is a little bit better. It's very tough for an SMB to kind of compete with that. They just can't find, retain, or pay the talent that they need to keep their own data secure. So that's a huge one, just finding help there. And they're also under a lot of pressure because the way these supply chain relationships work is I could have the best security on the planet, but if you're my business partner and you don't have good data hygiene, my data's exposed through you because we're working together. Listen, this is a real dynamic. Yeah, and it's kind of an interesting, it's a bit of an ancillary topic here, I think, but just attacks on elements of the supply chain like managed service providers themselves as something that has raised its head. So as a buyer, you have to evaluate whether your provider is taking appropriate steps to protect themselves because if they can't do that, then you will be as someone who's intimately connected with them, they will be vulnerable to the same evils that befall them. You know, I hear that a lot from people that are selling security and or data protection to customers that there's now requirements for in the sales process to do it. And I won't say audit, it's not the right word to look for, but inspection of how the data's being handled. Obviously you've got GDPR out there which is a whole nother animal, but this is now a real criteria. So if I'm a MSP, I have to build that out myself. Is this where they're using you guys? I mean, this is where it seems to be a dynamic where you guys are doing well. Surely ransomware has been a big part of it too. Well, so they have a couple of challenges our partners do. One is meeting that customer requirement to protect me. You know, make sure you've got the expertise that I can't retain to provide security for my data. Do it in a way that's cheap. Do it that will grow as my data volumes are growing and automate it wherever possible, right? I do not want to have to worry about this stuff. The MSPs have both technical and business challenges themselves. From a technical side, their problems are similar to the customers. They need any solution they have to be simple. They need it to be cheap. Automation is super important to them and they need to keep ahead of the security gap. From a business perspective, you've got additional challenges like, how do I grow my individual, my average revenue per user? How do I offer additional services that are going to increase my traction with them so that I can lose churn? You know, I want to be stickier, right? How do I get hooks into my existing billing and provisioning kind of systems? So the customer has a range of challenges that are reflected mainly in technical terms in the service provider, but the service provider is their own business users that are unique. And this is in part how things like Acronis Cyber protects at cyber infrastructure and the opening up of Acronis Cyber platform so that their ISVs and the providers of the tools that they're using can get tighter integration into the infrastructure that they use. You guys announced open APIs, opening up the APIs, developer network, and then the customer portal. Big news here at the show. You guys were holding back from us, and then we've got it covered. But this speaks to the ecosystem. Now I got to ask you about the competition, the industry, RSA, these big conferences, the buzzword bingo goes on all the time. Hype is like, I'm throwing a platform. I mean, I would be surprised if cyber protection, cyber protect is a category. As it emerged, people started whitewashing. We got a platform. So people are talking in the platform game. What is hype and reality? Take us through, unpack from your opinion. We're the hype and reality. Because customers are trying to squint through the noise and look at the hype versus the reality. How do you distinguish between what's real and what's not? Well, I would say a useful starting point is allowing me to to Acronis's horn here with what we have rolled out with Acronis Cyber Protect. So it starts with our classic value proposition, which is backup and disaster recovery. It's the next step is something that we got into the market with several years ago, which is anti-malware that is buttressed by machine learning and artificial intelligence. So the goal here is not just to be able to identify and stop known threats by their signatures, the classic antivirus approach. Given the increasing sophistication of malware developers, you have to be able to identify stuff by the way it behaves. So even if you've never seen it before, you have to be able to say, that looks suspicious, I've got to stop that. And do it in a way that's smart enough that you're not halting up innocent processes that might be doing something that vaguely looks suspicious, right? You got to stop the real threats and minimize the false positives, right? Now add to that things like health and performance monitoring. So the capability from the exact same console to monitor the health of your hardware, including being able to predict drive failure rates, again with the help of artificial intelligence, to the point where given that half your hard drives are gonna fail in five years, we can predict within 98% accuracy when a hard drive is gonna fail. And that's a giant way to head off a big data loss is move that data before the hard drive fails. But also monitor the performance of your network, your applications, your operating system, as well as hardware performance. It's an end-to-end holistic view of data. Yeah, it's something that you might be able to do with multiple tools and maybe cruder tools like the smart capability for drive analysis has been around for a while. But the name hasn't aged well. Health monitoring, remote desktop, right? So the ability really important to an MSP to kind of reach out and troubleshoot issues on a remote desktop, including things like managing their Windows Defender environment so that you're making sure that the end user isn't violating your security policies because they think it might improve their performance a little to shut off some features of Windows Defender, right? Where I think it really gets interesting is in capabilities like vulnerability assessment. So the ability to scan an endpoint and figure out which revisions of their operating system, their traditional productivity applications, all their third-party applications, where they are relative to the patches that are out there to close known vulnerabilities to malware threats. And then based on that, proceed to patch management where you figure out a sensible, scalable, manageable way to install patches on all those devices across your organization, which is part of the daily grind for operations people, frankly. So giving them all of those tools in one place with a single interface, oh, by the way, let's throw in URL filtering, another capability that really will keep your users out of a lot of trouble, keep them visiting sites where malware loves to lurk because we're pirated software and these kind of things, places you shouldn't go that people tend to go and invite the evils of the world. So imagine all these things on a single pane of glass that you need one organization with one training regimen to operate and suddenly you see the kind of efficiencies that you're going to generate as a service provider in terms of lowering your own costs, automating a lot of the functions that you previously had to do manually and so on. So sorry, I had to finish that. So that's the rest of the story on CyberProtect. Well, this highlights to me what I think is a very comprehensive offering. I mean, you guys have comprehensive story. You have infrastructure, your platform, and then a set of services. That's deep, deep bench of technology. Well, there's a lot of innovation in there as well. So this was something that had never occurred to me that fortunately occurred to our R&D people, which is the notion of why don't we start scanning our backup images instead of relying on endpoint scans? So we've got a recent image backup. Why don't we scan that, our copy of it, we can do the vulnerability assessment, the patch management of it. And oh, by the way, that means that we can do things like if you've got custom applications that maybe sometimes don't play nice with new res of the OS or patches, you can actually test that offline. Like do those upgrades, install those patches, run the application, if it doesn't work, if it gives you performance problems or functionality problems, you know not to roll those patches out across your environment. And those are kind of clever things that, oh, by the way, it reduces the burden and potential conflicts of scans on the endpoints. So again, I never... It shows the benefit of the ISV market, which as more stuff comes on, the benefits of the collective ecosystem get right back into the customer success. And it works a couple of ways. So some independent software vendors are going to integrate functionality from CyberProtect into their products in a way that is sort of invisible. There'll be a cronus inside, but their customers won't necessarily know it. It also means that MSPs and the vendors that serve them with a variety of tools can more tightly integrate their functionality with CyberProtect at the core of the managed service providers offering and provide value to both sides of that equation as well. You guys have great validation platform solutions, robust ecosystem that you're going to have to develop or so, congratulations. James, thanks for coming on and sharing the insights. Appreciate it. John, thanks so much. This was great. Cube coverage here in Miami Beach for the cronus Global Cyber Summit 2019. I'm John Furrier. Stay with us for more day two coverage after this short break.