 from San Francisco, it's theCUBE. Covering RSA Conference 2019, brought to you by Forescout. Hey, welcome back everybody, Jeff Frick here with theCUBE. We're at RSA Conference North America 2019, 40,000 plus people in the brand new leaf refinished Moscone, they finally got it down. It looks great, we're excited to be here. And the guy, one of the many people responsible for this whole event is joining us for a return visit. He's Rohi Guy, the president of RSA. Congratulations on another incredible event. Thank you, it is incredible indeed, and the scope of the conversation and the breadth of the conversation, amazing. Right, I was looking a couple of years ago, I think it was Valentine's Day. Thankfully, you didn't do a Valentine's Day this year because I don't think Moscone was ready for you. That's right, I don't think that would have played out well, yes. Right, so let's jump into it a little bit. Kind of general impressions, security is not getting any less in demand, we're seeing increased threats, we're getting dumbed down to breaches, I don't know, we'll give you the facts, how many vendors are here displaying today? How many sponsors, what are some of the basics? Yeah, so look, 40,000 plus attendees, we have 800 plus folks on the show floor. There is a total of 1700 plus vendors in this industry, so it's a very fragmented industry and everybody who's anybody in cybersecurity is actually here. Right. The other stat that is interesting is in terms of the share of voice and the media coverage that actually happens at the RSA conference, if you just put that together, that's more than any of the social conversations throughout the year, so this one week will generate more share of voice around cybersecurity than the entire year. It's the place to be. So let's jump into it, so one of the big issues that you've always talked about is using really kind of a business approach to assessing risk and some of the math behind making a good business decision on how much you invest and what do you protect. But you've expanded that vision a little bit this year. Tell us a little bit more about that. Yeah, we see our role as RSA to provide a safe passage of the world to its digital future state. As you know, digital transformation is a buzzword. Every company is trying to go digital, but they don't know what they don't know. Technology is permeating things where it's never been before, right? It's inside baby monitors, inside pacemakers, inside cars. Companies that are adopting this technology are not, they don't have the competency to actually mitigate risk. You know, the stat I use is one trillion lines of code will be shipped over the next decade by companies that have shipped exactly zero lines of code. One trillion new, marginal lines of code. Right, so the meta point is we face unprecedented digital risk because of the adoption of digital technology. Technology is a force for the good, but you have to embrace it mindfully and pay attention to digital risk management and that's our role. The role of RSA is to help companies manage digital risk. Right, and how do they sort through it all? I just feel for all the size of it between the number of threats, the number of solutions, the IoT is coming on board, the Internet of Things, the OT is now being connected to the IT. Your head's got to be just spinning. It feels overwhelming, doesn't it? And what I say is any time you feel overwhelmed, you have to do three things. You have to reduce the amount of work. You do that by designing security in resilient infrastructure. Second is you have to automate work, right? Which is basically using technology like artificial intelligence and machine learning. But as you know, the bad guys of all the AI and MLV, the good guys do. So the third recipe for success is business-driven security, which means you have to apply business contacts to your security posture so you focus on the right problems, the right cyber incidents right here, right now. And that's our unique advantage. The good guys, the only advantage we, the good guys have, is our understanding of our business contacts. We call that business-driven security. So an interesting piece of that is how the value proposition is changing, right? It used to be the young kid packing the school site, giving himself an A, and then it got to people getting the bank accounts and personal information. But now we're seeing with the nation-states, we're seeing with political motivation. There's a lot of different motivations. So it kind of gets into this whole valuation of data. What is the data that they want and is valuable? Because what they want or is valuable tomorrow might be different than what it was today. You're right, you're right. The clock speed of digital business is markedly enhanced. So you need solutions that can move at the pace of business, right? And so it's no longer about efficacy, it's about speed. Both on the risk side and security, you need solutions that can process this vast ocean of data, make sense of it to prioritize your response, to focus on the things that are most important right now. Yeah, it's crazy. And then we have this other kind of trend that's happening now, which is kind of, somebody said big tech, like from big oil, meaning not a positive connotation of a blowback. Right where people are kind of waking up to the fact that my data is important and people are using it for ways that I didn't necessarily want them to. So this trust issue is really, really significant. It is significant. It was, in fact, the topic of my keynote yesterday, we call it the trust landscape in which we painted a story that we are at the beginning of an era which is a trust crisis where people are losing faith in technology as a force for good. And unless we act now, we will put humanity in harm's way and get in the way of human progress. And I think there is some things we need to do. If you think about trust, trust is based on reputation. Trust is not perfection. I don't trust you because you're perfect. I trust you because I can count on how you're going to behave in certain circumstances. It's based on your reputation. And if you think about today, we are inviting complete strangers into our cars and homes with platforms like Airbnb and Uber and Lyft because there is a technology trust platform. We need that on the enterprise side. And what we're doing on the cybersecurity world is we are actually making withdrawals from our trust or reputation bank account because breaches and bad news is the only thing gets reported. We are not reporting good cyber incidents. So that's the place where we need to work toward where we are able to not just take withdrawals from our reputation bank account but make deposits by reporting not just bad cyber news but good cyber news. When we prevent breaches or when we mitigate business impact of cyber incidents, all of those things, we need to be more transparent about that. But it's kind of tricky, right? Because it's the old spy dilemma. You don't want to tell them that you caught them because then you're not in a position to catch them the next time. Yes, I think there are solutions there though. I think the reason we've been guarded in cybersecurity to share good news is because again, we don't want to reveal details of our security posture and we don't want to taunt the bad guy and attract attention towards ourselves. Having said that, I think there is a way to do that anonymously without compromising your security posture and having this quantified way to measure your reputation or your cyber capability. Right. It's really interesting you go down this trust angle because the whole fake news thing is protecting your reputation really a more significant value than necessarily, I don't know how I can make up some other kind of silly data breach, but your reputation and the trust that comes from that of the relationship we have with your customer is really, really important. Absolutely. Your reputation, ascertains, how your company will live through any crisis incident, right? And in the past corporate reputations were based on things like corporate social responsibility. Your conduct in the physical world, environment, sustainability, corporate ethics in terms of how you're treating your employees on a fair basis. In the digital world, just like you have corporate social responsibility, you have corporate digital responsibility. You need to demonstrate conduct in terms of how you deal with data, how you take care of cost consumer data and are a good custodian for it, how you participate in the ecosystem, the Facebook Cambridge Analytica example, right? But you share data with partners, you have to feel accountability to that, right? So in this hyper-connected economy, third-party risk is actually probably higher than first-party risk. So you no longer just need to worry about your own data landscape and your own infrastructure landscape, you need to worry about your ecosystem as well. Right, and that's before you count in. It's an API-based economy and you've got stuff in the cloud, you've got stuff in your data center. Indeed. You've got stuff at remote locations. Absolutely. The complexity has significantly, significantly changed. Absolutely, absolutely. The good news is there's a great recipe which is digital risk management. Risk and trust have to coexist, right? If you don't take risk, you can make progress or innovate. Right. But in order to have trust, you need to have predictability. And that comes through a risk management approach and that's why RSA is so excited about this idea of digital risk management. It's a great responsibility to, you know, chart the course to the digital future of the world. Well, you certainly got everybody's ears, as you said, everybody who's anybody is here and this is the place to be this week. So congratulations again on a very big and successful show and we're excited that we got to sit down this time not standing in the hallway. Thank you, thank you. All right, thanks again. Enjoy the conversation. All righty. He's Rohit, I'm Jeff, you're watching theCUBE. We're at RSA North America Conference in Moscone. Thanks for watching, we'll see you next time.