 Welcome to this CUBE Conversation. My name is Dave Vellante. We're going to talk about data protection in the age of ransomware. It's a top of mind topic. And with me are two great guests and CUBE alums, David Noy, who's the Vice President of Product Management at Dell Technologies. And Rob Emsley, Director of Data Protection Product Marketing at Dell. Guys, welcome back to theCUBE. It's good to see you both. Oh, thanks so much, appreciate it. Thanks for having us. Yeah, thanks a lot, Dave. Hey, David, let me start with you. Maybe we can look at the macro, the big picture at Dell for cybersecurity. What are you seeing out there? You know, I'm seeing an enormous amount of interest in cybersecurity, obviously driven by a string of recent events, but, and a presidential executive order around cybersecurity. Look, we're in unprecedented times where, you know, disaster readiness is not just about being prepared for a wildfire or a sprinkler going off in your data center. It's around a new class of malicious attacks that people just have to be ready for. And it's not even a question of when it's, if it's gonna happen, it's a question of when it's gonna happen. You know it's gonna happen, you're gonna get hit by them. And so we go beyond just thinking about, hey, how do you build in technical capabilities into the product to make it difficult for attackers? We actually wanna get predictive, we wanna use advanced technologies and capabilities like artificial intelligence and machine learning to go out and scan users' environments and look at their data, which is really the lifeblood of a business and say, hey, we can see that there is potentially an attack looming. We can start to look for dormant attack vectors. And as soon as something bad is happening, because we know something bad is gonna happen, we can help you quickly recover the restore or figure out which restore point to recover from. So you can get your business back and operational as soon as possible. Great, thank you for that, David. Hey, Rob, good to see you. We've seen a lot of changes recently, kind of as David was referencing. It used to be, okay, cybersecurity, that's the domain of the SecOps team. And the rest of the company said, okay, it's their problem. Data protection or backup, that was the backup admin. Those two worlds are kind of colliding together. We use terms like cyber resiliency now. It's a sort of super set up, if you will, of the traditional cybersecurity. So how can organizations get ahead of these cyber threats when you engage with customers? Do you have any sort of specific angles or tooling that you use to help? Yeah, Dave, there's a couple of things to unpack there. I think one of the things that you call out is cyber resiliency. I think there's a balancing act that customers are working through between cybersecurity and cyber resiliency. On the left-hand side of the balancing act, it's, how can I keep bad things out of my network? The reality is that it's very difficult to do that. There's many applications that customers have deployed to protect the perimeter. But as you know, many cyber threats are manifested from inside of the perimeter. So what we're seeing is customers starting to invest more in making themselves cyber resilient organizations. And as David mentioned, it's not the if it's the when. The question is, how do you respond to when a cyber attack hits you? So one of the things that we introduced probably about six months ago is a globally available cyber resiliency assessment. And we worked in collaboration with the Enterprise Strategy Group and we put out a free online assessment tool to allow customers to really answer questions around a big part of the NIST framework around detection, protection and recovery. And we give customers the opportunity to get themselves evaluated on are they prepared? Are they vulnerable? Or are they just black and white exposed? What we found over the last six months is that over 70% of the people that have taken this cyber resiliency assessment are falling into that category of they're vulnerable or they're exposed. Right, thank you for that. Yeah, the guys at ESG do a good job of that. They have deep expertise in that space. And David, Rob just talked about sort of the threats from inside the perimeter. And any person, you don't even need a high school diploma to be a ransomwareist. You can go on the dark web, you can acquire ransomware as a service. If you have access to a server and are willing to put a stick in there or do some bad things or give credentials out, hopefully you'll end up in handcuffs. But more often than not, people are getting away with really insidious crime. So how is Dell, David, helping customers respond to the threat of ransomware? So as I mentioned earlier, the product approach is pretty sophisticated. You're right, somebody can come and just put a USB stick into a machine or if they have administrative access, they can figure out a code that they've either been given because the trust has been placed in the wrong place or they've somehow socially engineered out of someone. Look, it's not enough to just say I'm gonna go lock down my system. Someone who's gained access can potentially gain access to other systems by helping through them. We take a more of a vault-based approach, which means that when you create a cyber vault, it's essentially locked down from the rest of your environment. Your cyber criminal is not able to get to that solution because it's been air gapped. It's kept somewhere else completely separate from that work, but it also has keys and two keys to the kingdom are that it opens up only at a certain time of day. So it's not vulnerable to coming in at any time. It goes and requests data, it pulls the data and then it keeps that immutable copy in the vault itself. So the vault is essentially like a gated off, moded off environment that an attacker cannot get into. If you find that there was an attack or if an attack has occurred, we're gonna attack real occur sooner or later, you can then basically prevent that attacker from getting access into that vaulted environment before that next opening event occurs. We also have to go back and look at time because sometimes these attackers don't instantiate all at once. I'm gonna basically go and encrypt all your data. They take a more of a graduated approach. And so you have to go and look at patterns, access patterns of how data has actually changed and not just look at the metadata, say, okay, well, it looks like the data changed at a certain time. You have to look at the data contents. You have to look at the, if there's a file type, oftentimes you can actually analyze that as well and say, hey, this given file, whether it's a PowerPoint file or Excel file or one of a hundred or a thousand different file types should look like this. It doesn't look like that inside. What many of the solutions that look for these attack vectors do is they're just looking at metadata access and then potentially just entropy. So how fast things are changing? Oh, it's changing more faster than it normally would. That's not enough. The attackers are just getting to get smarter about how they go and change things. They're gonna change it so that they don't change file suffixes or they don't change them with a very high entropy rate. And without using some kind of a system that's actually constantly tuning itself to say, hey, this is how these attack vectors are evolving over time. You're gonna miss out on these opportunities to go and protect yourself. So we have also a constantly evolving and learning capability to go and say, okay, as we see how these attack vectors are evolving to adapt to the way that we defend against them, we're going to also have the practices to make sure that we account for the new models. So it's a very adaptable kind of, really is an artificial intelligence form of protecting yourself. Can I ask you a question, David? Just a follow-up on the immutable copy. Where does that live? Is it going to live on prem? Is it in the cloud either? We're on both. So we have the ability to put that on prem. We have the ability to put that in a second data center. We have the ability to keep that actually in a colo site. So basically completely out of your data center, we have the ability to keep that in the cloud as well. Well, the reason I ask is because I just, putting my paranoid sec ops hat on, and I'm no expert here, but I've talked to organizations that say, oh yeah, it's in the cloud. It's a service. So okay, but it's immutable. Yeah, it's right once, read many. You can't erase it. Like, okay, can I turn it off? Well, no, not really. Well, what if I stop paying for the service? Well, we'd send a notice out. I said, I said, okay, wait a minute. So am I just being too paranoid here? How do you handle that objection? Of turning it off? Yeah, can I turn it off? Or can you make it so that nobody can turn it off? Oh yeah, that's a good question. So actually what we're building into the product roadmap is the ability to that product to actually self-inspect it and to look at whether or not even the underlying, so for example, if the service is running in a virtual machine, well, the attacker could say, let me just go attack that virtual machine and infect it and basically turn itself off, even in an on-prem, never mind in the cloud. And so we're looking at building or we're building into the roadmap a lot more self-inspection capabilities to make sure that somebody isn't going to shut down the service. And so that is actually, that kind of self-resiliency is critical even to a vaulted solution, which is air-gapped, right, to your point. You don't want someone going, well, I can just get around your solution, I'm just going to go shut it down. That's something that we need to protect again. So this talks, I think for the audience, this talks to the, it's like an ongoing game of escalation and you want to have a partner who has the resources to keep up with the bad guys because it's just a constantly upping the ante. Rob, you guys do a survey every year, the Global Data Protection Index. Tell us about that. What are the latest results? You survey a lot of people. I'm interested in the context of things like remote work and hybrid work. It's escalated the threat. What are you seeing there? Yeah, so as you mentioned, the Global Data Protection Index, we survey over a thousand IT executives around the globe. And in the most recent study, we absolutely started to ask questions specifically around, customers' concerns with regards to cybersecurity. And we found that over 60% of the customers surveyed really are concerned that they don't feel that they are adequately prepared to respond to cyber threats that they see, unfortunately on a day-to-day basis. Certainly, as you mentioned, the work from anywhere, the learn from anywhere, reality that many customers are dealing with, one of the concerns that they have is the increased attack surface that they now have to deal with. I mean, the perimeter of their network is now much broader than it ever has been in the past. So I think all of this leads, Dave, to cybersecurity discussions and cyber resiliency discussions being top of mind for really any CIO, their CISO in any industry. In the days of old, we used to focus out the financial services industry as a bunch of customers that we could have very relevant conversations with. But now that is now cross-industry-wide. There isn't a vertical that isn't concerned about the threats of cybersecurity and cyber attacks. So when we think about our business, especially around data vaulting with our Power of Tech portfolio, but also with our PowerScale portfolio, with our unstructured data storage solutions, we're really having constant conversations around how do you make your environment more cyber resilient? And we've been seeing rapid growth in both of those solution areas, both implementing extensions of customers, backup and recovery solutions, but also in the environments where we're deploying large-scale unstructured storage infrastructure, the ability to have real-time monitoring of those environments, and also to extend that to delivering a vaulted solution for your unstructured storage are all things that are leading us to work with customers to actually help them become more cyber resilient. Great, thanks. Last question, and maybe for both of you, maybe Rob, you start and David, you could chime in. I'm interested in what's exciting you guys, what's new in the portfolio, are there new features that you're delivering that map to the current market conditions? I mean, your unique value proposition and your capabilities have shifted. You have to respond to the market changes over the last 18 to 24 months, whether it's cyber, ransomware, the digital transformation, what's new in the portfolio, and what's exciting you guys? So, Dave, yeah, so quite recently, we, as well as running an event specifically to talk about protection in the age of ransomware and to discuss many of the things that we've covered on this call, data protection is still a foundational technology to help customers become more secure and reduce their risk profiles. So, innovation that we delivered very recently was really in three specific areas. VMware data protection, NAS data protection, and then also, we introduced a tech preview of a direction that we're taking to expand the scalability and manageability of our power protect appliances. So, transparent snapshots delivers capabilities to help customers better protect their VMware environment without the concern of disrupting their production applications when they're doing backup and recovery of virtual machines. Dynamic NAS protection moves away from the age old mechanism of MDMP and provides a much more performant and scalable solution for protecting all of that unstructured data running on NAS infrastructure. And then last but not least, to say the tech preview of smart scale, which is our new solution and architecture to allow customers to pull together multiple power protect appliances within their data sensors and give them a much easier way of managing the power protect appliances that they have and scaling their environment by implementing a federated namespace to allow them to get support in that environment. Nice, some great innovations there. All right, David, bring us home. What's exciting you? You shared a little bit with the roadmap. Yeah, look, I think all of this is about operations today, every enterprise is 24 by seven. It doesn't matter what vertically in, right? Down time is unacceptable. And whether that means whether it's down time because you got hit by a malicious attacker, it means down time because you are caused by disruption of virtual machine instances to Rob's point during the backup process. And we can't interrupt those processes. We can't impact their performance. It means, you know, making sure that your largest unstructured repositories in NAS deployments can be backed up in a time that makes sense so that you can meet your own SLAs. And it means that with a smart scale product, their ability to go and say, okay, as you're expanding your backup target environment, we can do that in a seamless fashion without disrupting your backup operations and your day-to-day operations. All of this is around making sure that we minimize the amount of disruption that our end users experience either because of malicious attacks or because of day-to-day operations and making sure that those businesses really can't operate 24 by seven. And that is the crux of a really true enterprise solution for data protection. Guys, it's a very important topic. I really appreciate you coming on theCUBE, great conversation, and keep up the good work of protecting our data. Well, good, thanks. Thanks, Dave. All right, and thanks everybody for watching this CUBE Conversations. This is Dave Vellante, and we'll see you next time.