 Live from Las Vegas, it's theCUBE! Covering AWS re-invent 2019. Brought to you by Amazon Web Services and Intel, along with its ecosystem partners. Hey, welcome back to Vegas, baby. This is theCUBE's coverage of AWS re-invent 19. This is day three. John Walls is my co-host, Joe. Welcome back to Vegas, baby. Vegas, baby. Three days. I love that, that's great. It's Vegas, baby. Looking out back still, this is not like a day three crowd, right? It's really not. Usually by now you can kind of yell out in the hallway and your echo bounce around, but there are a lot of people still here. A lot of business still being done. There really are. There's no shortage of that. And because we're live on theCUBE, what happens in Vegas doesn't stay in Vegas. So we're happy to welcome a couple of new guests to theCUBE that are going to share all these great things about security and teach us to. To my left is Robbie Srinivasan, VP of Solutions and Platform Marketing from Forcepoint, and from AWS, Rohit Gupta, global segment leader in security. Gentlemen, welcome. Thank you. Thanks for having us. So we can't go to any event without talking about security. It's one of those topics that I think every generation understands. When there are big breaches, like Capital One that happened recently, or Facebook, even the older generations who are still in the workforce today, they understand it to some degree. The security is so complex. And Robbie, one of the things I know that's most challenging about security, especially cyber, is humans are 90 plus percent of the problem is human errors. Talk to us about Forcepoint. I love the tagline, human-centric cyber security. How can you help us humans fix all of the errors that we're causing? Or can you? No good question. It's the cat and mouse game, right? So Forcepoint is a purpose-built user and data protection company, right? And we're focused on the digital identities and the behavior of their cyber behavior to be able to understand that and then protect data and the users as well. So that's what we refer to as human-centric cyber security. And how long have you guys been working on this? Oh, we've been working on this for decades. It's the problem of traditional security was all infrastructure-centric. Guns, guards, and gates, and magic will happen. And then turns out, those bad actors figure out the guns, guards, and gates and always are looking to compromise users and their access. And so independent of whether the attack is external or internal, it's that compromise that's the focus. And so when you focus on the compromise, that's where we're focused on in terms of how to help companies with security. Yeah, so what's that connection in? Between behavior and between operations? I mean, so what are you looking for in terms of what that user's doing correctly or incorrectly? I mean, what kind of markers do you have? What kind of signs do you get? And in what corrective measures can you put into the process that automatically will correct or at least address that? Yeah, so let me take an example, right? So if I'm a developer, I'm building using Amazon's awesome services, putting a lot of content in there. I use GitHub as a storage. I put a lot of information in there. And I'm doing that quickly to get my project done, right? As I do that and I launch that application, then security comes along after fact and says, well, let's put security, design it in, and how do we protect the data? That model is breaking. Why is it breaking? Because companies are saying users are no longer coming just from the enterprise. They're working from home, they're working from the Starbucks and they're accessing the same data and bad actors follow that too. What do they do? They follow the users and go, I can then pretend to be Ravi and get access to the data. And that's how you see a lot of the breaches. So what we're looking at is the behavior of Ravi as an employee. I engage with my mobile device, with my laptop. I get access. I work from eight to five. I'm in Austin most of the times. So the markers are user-related, device-related, and also context. It's like, why am I logging in from Austin? And at the same time, also seeing a login from China. That doesn't look right. So that's an example of a behavior. So what's the red flight that goes up then? You mentioned China, that's an extreme example, but I'm sure there are some more subtle or some not quite as obvious. I mean, what exactly is that prophylactic measure that comes in that's automated that says, wait a minute, I don't think this is Ravi, although it's in Denver, or it's on this serve, or whatever it might be. You know what I mean? Absolutely. So again, the context is built out of three things. Users, devices, and the environment, right? By triangulating on those three things, you can actually capture very subtle needle in the haystack of being able to say, look, this is Ravi's behavior. So we're going to let him access GitHub. We're going to let him access all the resources on Amazon, but as soon as we see deviations from that, we're going to throw up a yellow flag. We're going to ask him to log in with a multi-factor authentication or some other additional form of engaging. Then if we still see more deviations, then we say to it, I'm going to actually block that. And I can safely block it because I know that this is not Ravi anymore. And that's how we've seen a lot of organizations use behavior at the heart of their security posture. So Rohit, before we went live, you told John and me that you've been in security for a thousand years. So one of the biggest challenges, though, besides people is being reactive. And when companies have to be reactive to security events, whether they're ostensible or sort of like John talked about, that can potentially be catastrophic. Can you just talk to us a little bit about some of the historical changes, say in the last few years that you've seen where companies, there's no time to be reactive. How are companies leveraging technologies like Forcepoint and AWS to go from reactive to predictive to eventually prescriptive? Yes, it's a good question. And firstly it's a dozen years, not a thousand years, but it feels like that sometimes. So what we have found is that the cloud actually has helped companies become more secure, because security is about visibility and control. And what the cloud does is provide better visibility than was available before, because you have things like cloud trail that are showing any event that is happening in the system that you can actually use to figure out what happened before, and then you can learn from that quickly and take action to fix it. So that's where the control part comes in. Over time, you could get better at understanding the signals, as Ravi was saying, and you can be more predictive, you can take action much faster. And even if you don't completely solve the problem right away, you are able to react much faster so the damage is minimal. And so we've seen that change happen over the years. Companies are using automation that the cloud brings and to couple with the visibility to really gain control back. You know, there's, I don't know if you call it a natural tension, but there's certainly some friction speed security, right? I want to go, go, go, go, go. I want to stop, stop, stop, stop, stop, stop, right? So, I mean, are they, to take your cat and mouse, are they natural enemies or friction or can they be complementary now in such a way because of what you are developing or the tools that we do have at our disposal now? Can you address both? That's what I'm saying. Very interestingly, when you started with an infrastructure-centric security, when you put guns, guards, and gates, they were that tension, right? But when you start to change the conversation about, look, we're not about stopping progress. We want the developers to use the data, but we want them to use it securely, right? And as you start to think about that approach, then security can actually be an enabler for digital transformation. Just as Amazon was talking today throughout the last three days about how you have lots of services and enabling digital transformation, that's really our focus too, is how to enable that securely. How to enable users to be able to touch the data, wherever it is, but secure that along the value chain. Where is security? This is a question for both of you, and Rohit, let's start with you. Where is security in terms of the conversation? As Andy Jassy talked about on Tuesday, when he was talking about business, true business transformations, got to start at the top. You need to have that senior, exact level initiative sponsorship that's pushed down into the organization. Is security at that, I imagine it is at that senior level. Talk to us about how you've seen that evolve and how it is really a cornerstone to digital transformation. Yeah, I think security used to be an afterthought. The developers were not concerned about it. They don't teach security, or at least they didn't teach security in college and computer science courses. It was not even that important. It's gone from that to an hour board level and perhaps even a regulatory level discussion where it is being addressed by much higher authorities than even the board of the company, right? So yes, it is definitely gone from a back room operation that people didn't care about to something that is really very important. And as Ravi said, you can move fast and stay secure. You almost have no choice, because you have to move fast, figure out how to be secure in that environment, and you do not want to end up in the news, ultimately. And so that is why it is a conversation that is elevated now to the board level. Can you see that speaking of ending up in the news? And there's a couple of folks whose booths are here that have been in the news recently for significant breaches, human cause. Is that, when that becomes a sensational story, is that a facilitator of more conversations of customers coming, and maybe Ravi I'll start with you, customers coming to first point going, gosh, you know what? Here's another example of a breach that affected millions and millions. We need to get our hands around this in a better way so that we can really use that data for competitive advantage. So those news breaking stories, good for business. So we get invited to a lot of board level conversations. Our leaders get invited to speak to boards, and the two common questions they get asked is, am I going to be the next target, right? And then most importantly, the second one is, how am I doing against my peer group? And so when it comes to that conversation, as you, as Rohith was describing it, organizations are saying, look, I've got to be able to run my business, and I need to run it securely. In order to do that, if I can answer those two questions, I'm not going to worry about the threats and attacks and what happened to, in the news. I'm more focused on, how can I get this new project deployed securely connected? How do I do this new mobile application? Get that, and to protect the data, right? So that's the conversation that boards want to know. They do want the reference point, for sure. Can we, you know, at least let's talk about the headlines, and we all see that, almost to the point that we're kind of numb to it, right? We're almost desensitized. Another hack, another breach, and whatever. So we've, in a way, our mindset is, or Facebook, that it happens. Can we get to the different, flip that paradigm to where we almost take for granted that it won't happen? That our guide, our guards are that good. I mean, what does it take to get to that point to where we don't accept breaches, and we look at them as an anomaly, rather than the kind of the cost of doing business? I mean, that's been the central focus for us with the human centric cybersecurity. We're saying, if you take up any breach, and the story reads, breach happened, and then you get all the other, what they did after fact, right? And then they tell you a story that happened that the bad actor or the compromise was happened over some period of time, whether it was months. So detecting bad things exposed is hard. But what we were focused on when you look at human centric security is we're saying, the time to steal data is in minutes. But the indicators that it takes to steal that data has been building up. So we're saying, if we can use behavior to show that build up, then we could block it before a breach happens. It's kind of like a slow drip in your ceiling, right? You see it there going, don't wait for the ceiling to collapse, right? You've got a ring that's growing there, so do something about it ahead of time, identify it. Right, right. Last question, as we look at one of the other things that Andy showed on Tuesday is that 97% of IT spend is still on prem. We know that there's a lot of hybrid cloud out there in those types of environments, which are becoming more and more the norm. How do you help customers manage all of that data regardless of what's on prem, what's in the cloud and how things are moving in a secure way? And that's where for us, the partnership is critical. And we see the partnership with Amazon to be very strategic in the fact that Amazon's building out awesome set of foundational controls. That's great. We'll let the developers use that, right? And now as enterprises connect with their data, data is on prem and in the cloud and everywhere in between. How do you then now implement security that's closest to where the data sits? So we leverage a lot of the security controls that Amazon provides. And in addition to that, we then offer more of a unified policy control to provide that control wherever the data sits, whether it's on the endpoint, in line or in the cloud. Exciting stuff. Well guys, thank you for joining John and me on the program, giving us more information on cyber security and some of the opportunities that businesses have to actually use it as an advantage. We appreciate your time. Thank you. Thank you for the time. Thank you. For John Walls, I'm Lisa Martin. You're watching theCUBE from Vegas. It's ReInvent19. Thanks for watching.