 from San Francisco, it's theCUBE. Covering RSA Conference 2020 San Francisco, brought to you by SiliconANGLE Media. Look, welcome back everyone. This is theCUBE's coverage from RSA Conference on Moscone South. I'm John Furrier, host of theCUBE. Cyber security is changing and the next technology is right around the corner and it's got to be invented somewhere. And of course, Accenture Labs is part of our next guest is Lisa O'Connor, global security R&D lead for Accenture Labs. Lisa's working on some of those hard problems all around the world. Thank you for joining me today. Thanks for coming on. Thank you for having me. So we always get the good scoop from Accenture because you have a lot of smart people in that company. You know, they know their stuff. I know you got a huge analytics team. I talked to John Luke Shetlain before and I know you got a massive amount of deep bench of talent. But as you have to go do the applied R&D and maybe some of the crazy ideas, you got to start thinking about where the puck is going to be. You got to kind of understand that. Well, it's pretty clear to us that cloud is certainly there. Palo Alto Networks had a disappointing earnings yesterday because they're on premises, business is shifting to the cloud. You're seeing hybrid operating model and multi-cloud for the enterprise. But now you got global challenges. We absolutely do. Huge, so what's the, what are you guys working on that's coming? Tell us. So we're working on lots of exciting things and cloud is one of them. But some of the things I'm so passionate about and in labs, and I have the best job at Accenture, don't tell anyone, I do. So we are working on, like John Luke is working on applied intelligence. We are working on robust AI. So when we think about AI in the future, how do we feel that and know that it's okay? How do we put it out there? I know it's safe in production. We've done the right training. We've made our model resilient so it's out there. One of the things we see happening I love AI, love it. It has great potential and we get great insights out of it. But a lot of times we stop, we get the insights and we say, okay, it's in the box. We got a couple hits there. We're good, it's good. No, maybe not. And so really it's learning and creating the actually applied attacks on AI and then figuring out what the right defenses are. And depending on what type of machine learning you're using those defenses change. And so we're having a great time in our lab in Washington DC working on basically defending AI and building those techniques so that what we put out as extension is robust. You know, it's interesting. AI, you watch all the, some of the hardcore, social justice warriors out there going after Amazon, Google, because they're doing some pretty progressive things. Oh, facial recognition. You got AI, you got Alexa. You know, a lot of people are like, oh, I'm scared. But at the end of the day, they also have some challenges at network security. So you have all this AI up and down the stack. And one thing I like about what's being talked about in the industry is the shared responsibility model. So I got to ask you, as AI becomes exciting but also balancing frightening to people, how do you get that shared responsibility model so we get it right? Do the experimentation without people freaking out. So it's kind of like this weird mode we're in now where I want to do more AI because I think it's benefit society. But everyone's freaking out. Yeah, so in our tech vision that we just launched, the tech vision 2020, there's a lot of talk about value and values, which is really important when we think about AI because we can get great value out of it, but there's a values piece of it and it's how we're using it, how we're getting those insights. Because the one thing we have this circle and it's between customer experience because the companies that do a customer experience well are going to excel. They're going to keep their clients, they're going to do amazing things, they're going to become sticky. But to do that well, you have to be a good custodian of their data and their information and curate experiences that they want and not the creepy ones, not the ones they don't want. And so we really look at that trust is necessary in that ecosystem and building that and keeping that with clients. So that's something that came out of our technology vision. And in fact, we're going to be talking at the executive women's forum, this is tomorrow, and we're going to be having a panel on AI and defending it, which will be very interesting. Make sure your people film that conference. We'd like to get a head of view of it on YouTube after. We love those conferences, really insightful. But I want to get back to what you were talking about, the fun side. You got a lot of new things on your, you guys are kicking the tires on, scratching the surface on. You have two operating labs, one in Washington DC and one in Israel. What city in Israel? Is it in Tel Aviv or? Hurts, Lia. Hurts, okay. Yeah, the technolistic just north of Tel Aviv. It's the hotspot. So Silicon Valley, DC and Israel, hotbeds of technology now. Yes. What's coming out of those labs? What's hot? There's so much exciting stuff coming out of our lab in Hurts, Lia. One of the things that we have, and it's something that's been long and coming, it's been brewing for a while, but it's really looking at creating a model of the enterprise security posture. And when I say a model of it, I'm talking about a cyber digital twin, because so much we can't do in our production networks. We don't have the capabilities, we can look around the room, we don't have the capabilities on the SOC team side to ingest all this stuff. We need a playground where we can ask the what-ifs, where we can run high performance analytics, and we do that through a temporal knowledge graph. And that's a hard thing to achieve, and it's a hard thing to do analytics at scale. So that's one of the big projects that we're doing out of our Israel lab. And you see digital twins as a framework for that? Yeah, so the knowledge graph, we can create digital twins around many things, because a digital twin is a model of processes, people, technologies, the statefulness of things, and configurations, whatever you want to pull in there. So when we start thinking about what would we take in to create the perfect enterprise security posture, what would give us all the insights? And then we can ask the questions about, okay, how would an adversary do lateral movement through this? I can't fix everything that's a 10, but I could fix the right ones to reduce the risk impactfully. That's real sci-fi stuff that's right around the corner. The simulation environment. What ifs? Oh my God, the company just got hacked, we're out of business. That's just simulation. You could get to, that's the goal, right? It absolutely is, to ask those good business questions about the data, and then to report on the risk of it. And the other thing is we moved to 5G, this problem's getting bigger and bigger, and we're now bringing in very disparate kinds of compute platforms computing at the edge. And what does that do to our nice little network model that we had that our traditional systems are used to defend? I mean, just the segmentation of the network and the edge opens up so much more aperture to the digital twin, or a knowledge graph. You brought up knowledge graph. I want to get your thoughts on this. I was just having dinner last night with an amazing woman out of New York. She's a PhD in computer science, talking about graphs, and I love riffing on graph databases. But the topic came up about databases in general because with the cloud, it's horizontally scalable. You've got all kinds of simulations, a lot of elasticity going on. There's a lot of software being written on this. You got time series database, you got relational database, you got unstructured data, you got graphs. You got to make them all work together. This is kind of the unique challenge. And with security, leveraging the right database and the right construct is a super important thing. How do you guys look at that in the lab? Because is it something that you guys think about, or is it going to be invisible someday? Oh, we think about it a lot. In fact, we've had a number of research projects over the last five years, and actually six years, where we've really pivoted hard in cyber security to graph databases. And the reason for that is the many to many relationships and what we can do in terms of navigating, asking the questions, pulling on a thread. Because in cyber hunting, that's what we're doing. In many of these use cases that we're trying to defend an enterprise, we're following the next new path based on the newest information of now what the challenge is or what the current configuration is. So that's really important. So graph databases enable that so well. Now there's still the architecture challenge of, okay, when I ask a query, what am I doing? Am I disrupting the whole Apple cart? Do I have to process everything over? Or is there a way to do that elegantly where I can ask my query and because of how I've structured it in storage, I can do it much better. And I can do it much more efficiently. And that I think is where the opportunities are. I got to say, I'm getting excited now on this whole database, because you think about the logic around what you just said. The graph database with that kind of complexity. When you factor in contextually different things happening at any given time, the database needs to be parsed and managed differently. That's a huge challenge. It is a great research challenge, which is why we're doing it. What is that? How far along are we going to be able to be, have this dynamic self-evolving, self-governing, self-healing data modeling? Is that coming soon or? Yeah, I hope so. We wrote it about it a couple of years ago. The self-healing enterprise, aspirational. But I think, I mean, we try to get to real time, right? And we try to get to real time. And again, refactoring, as we talk about what an adversary is going to do or lateral movement through a business process, we're talking about a lot of computational horsepower to recalculate all that, process it again, update it, and then again, present that back. So the number of things we're asking, how we're asking it becomes also very important. Zooming up a little bit high level, what we're really talking about here is value of the data. And when you get into the valuation of the nodes and the arcs and all that graph side and other databases, you got to know what to pay attention to. It's kind of like going into the hospital and hearing all these alarms going off. At some point, you don't know what's in here, flat line or whatever. Right, that's a bad one. I mean, that's obvious, but now sometimes, there's so many alerts. There's so many alarms. How do you understand at any given time what to pay attention to because obviously when someone's having a problem, you want to pay attention to it. If it's a security alert, that's prioritized. The devil is in the analytics, right? What's the question we're asking and the analytics that give us that prioritization? And that's non-trivial because there are a lot of other folks that are doing prioritization in a different manner to do it at scale and to do it, not just one hop out, but I want to go all the way to the crown jewels. I want that whole path navigated and I want to know where to cut along that path. That's a hard thing to do. And so we've actually developed and we've submitted patents for them, but we've developed new analytics that'll support that. Awesome, Lisa, I want to ask you, kind of, I'll give you a plug here. Just going to get it out, because I think it's important. Skills gaps are big things, so I want to give you a minute to explain or share what you're looking for in your hiring. Who are you looking for? What kind of the makeup of individuality? Maybe do you stray more academic paper kind of people or practitioners? When you look to hire, what are some of the priorities that you look for and who would thrive in an essential labs environment? Take a minute to share what you're looking for. Yeah, so we love people that think out of the box and those kinds of people come from very different backgrounds. And so part of that is some of them, we look for PhDs that have wonderful applied skills and applied is a key word there. White papers are great. I need to be able to prove something. I need to be able to demo something that has value. So having the applied skills to a business challenge is really important. So that's sort of ground, understanding the business, very important too. But our talent comes from many different areas. I mean, I kind of joke, my lab looks like the UN, it's wonderful. I have people from across the globe that are in our cybersecurity lab. I have an Washington DC lab or 50% women, which is also exciting because we want different experiences and we shoot for cognitive diversity, right? So we're looking for people that think differently about solving problems and are not encumbered by what they've seen in the past because we're trying to be tip of spear. And I'm sure you know that from Paul Doherty. We are trying to be three to five years over the horizon. You guys got a good narrative. I always love talking to them with censure. They have a good vision. So I got to ask you the next logical question is obviously in the news, you can see everyone talking about breaches. And this, you know, it's not a breach but the door's open. They're really walking in. Nothing was really breached. Yeah, it's a passive invitation. Come on in. Human error is a big part of it. Then breaches is obviously targeted, fishing and all that good stuff. But as those stories get told, there's a whole nother set of stories that aren't being told that are super important. So I'd love to get your thoughts on what are the most important stories that we should be talking about that aren't being talked about? Yeah, so I have two that are front of mind for me. One theme we come back to, and it's not sexy, it's hygiene. It is IT hygiene. And so many of the large companies and even medium small companies, we have legacy technology and keeping that adds complexity. It adds to the whole breadth and depth of what we have to manage and defend. Keeping that attack surface simple and small, cloud enabled, all those good things is a real asset and it makes it much easier to defend. So that's kind of the first non-sexy one, hygiene. The other one I'll say that I think is a challenge that we are not dealing with yet, quantum computing, right? And so we're on the way to getting our post-quantum cryptography in place, but there's another dimension to it and it's our histories. So all of the things that have passed on the wire, all the communications with the key exchanges, all that brilliant stuff is sitting somewhere. Once we get to that point where this becomes very routine and it's coming fast, we predicted eight years. Two years ago. So all that exhaust is somewhere pent up. It's somewhere that we have to think about how much data we're keeping as custodians, how we're managing it, and then we have to think about the exposure from our past and say, okay, what does that mean that that was out there? Is it aged enough that it doesn't have value? And I think there's a real triage that needs to be done. And certainly data management. I think you know the hygiene principle, good point, it reminds me of the story Andy Jassy was telling about the mainframe customer that they couldn't find who had the password. They had to find that a person was retired 10 years earlier to get the password. You don't forget things, but also there's a human component in all this. Humans and machines are working together. And that's a huge part of it. It's not just machines dominating it all. It's going to be a human component. It's a societal impact that we're seeing with information. And whether that's out in the open or behind closed doors, there's all kinds of things looming. There are. And I think one of the things in the companies that we're seeing who are embracing innovation well are doing a lot of retraining because the things that people are excellent at, AI is not good at. And the things that AI is good at are not at all what people are good at. So the good news is there's a beautiful teaming there. If we retool the skills or if we re-envision those roles so that people can get into those roles. And I think that's really important because I'd rather see AI do all the heavy lifting well and be trustworthy and robust and all those great things. And the people be doing the much smarter things that require a human. Does the process serve the purpose? Does the purpose serve the process? Same kind of question, right? Exactly. AI, you can have great AI that does nothing. That's right. So it has to be relevant. It absolutely does. Relevant is kind of a big thing. And we own that context, right? Humans own that context. Well, thanks for coming in and sharing the insight. I really appreciate it. Final question, it's always tough to pick your favorite child, but what is your most coolest thing you're working on right now? I'll tell you, the cyber-digital twin stuff is so cool. The what? The cyber-digital twin stuff is so cool. When you see the power of what that picture and the analytics can do, we'll show you. Do you have a demo of that now? We absolutely do. Is it online or is it more in person? You've got to see it. More in person. Folks can reach out. You don't have to get exclusive on that. We do. I love those simulations. I think it's very beneficial. It is. A lot of learning. I mean, who doesn't want practice? Well, and a picture is worth a million dollars. It's just incredible to look at it and it clicks, it clicks of all the potential things you could ask or do. And that's the exciting part now is we show this with customers and we coordinate with customers. They're coming up with a laundry list of questions. And this is a beautiful thing about cloud is that new capabilities are emerging every day. And you get used to good ones. Lisa O'Connor is here. Thank you very much for sharing your insights. Global security are in the lead for Accenture Labs. Cube coverage, getting all the signal here on the show floor, extracting that from all the noise. I'm John Furrier. Thanks for watching.