 Hello everyone. Welcome back to SuperCloud 3, Security Plus AI. I'm John Furrier, host of theCUBE. We're here for a fireside chat keynote panel with J2 Patel, Executive Vice President, Security and Collaboration at Cisco, and Tom Gillis, Senior Vice President, General Manager, Security, Business Unit. Jim, thanks for coming back to theCUBE for our SuperCloud 3. Great to see you again. Thank you for having us, John. We just had a great chat at Cisco Live. You guys had the great focus strategy. You got the emerging team working on open source. A lot of cool stuff. Your business unit's booming. Security's top of mind. Security and AI. Certainly, the game changer is the generative AI story. Everyone has their angle. Security more than ever, and developers are seeing a lot of fruit coming off the tree immediately in Gen AI. You're seeing that trend. A lot of hype, okay? Every board's like, we need an AI strategy. And everybody develops like seeing ways to use it practically, so that you get this practical view. And then you have this now, executive mandate, almost a structural inflection point in all businesses generally accepted that's happening. This SuperCloud or multi-cloud, cross-cloud that's happening, you're starting to see the revolution of this layer of connectivity, connective tissue between clouds, and new apps are emerging. ISVs are turning into platforms. You guys run the networks, you're right in the front row here. What's your guys' view on the generative AI hype and the practical? How do you see it? Well, if you think about the industry in general, the attack surface is increasing. There's much, much more sophisticated caliber of attackers that are now actually participating in this ecosystem. So you simply can't handle security at human scale. You have to handle it at machine scale. And so we've been investing in AI now very heavily for a fair amount of time and definitely generative AI is a step function up. But even if you think about the predictive side, there's a fair amount that we've done to make sure that we can dig deep and try to detect breaches, especially in a world that becomes end-to-end encrypted and more and more of the workloads are moving to the public cloud, you need to make sure that you have some way of being able to detect whether or not there's malware in a packet without doing deep packet inspection. And so we've been doing that stuff for a while. We call it an encrypted visibility engine. It's on our firewall. You can go out and infer just from the movement of the packet on whether or not there's malware and then be able to do something about it. As you move into generative AI, the possibilities get pretty exciting and so do the risks because all of the tools and technologies that we have access to, so do the adversaries. And so on one end, we have to make sure that we can use generative AI in some really productive ways to enhance efficiency, to increase the efficacy and then make sure that the experience is way better for the end user. And so we're doing a lot of that. We announced at Cisco Live that we have this, the two major announcements we made around generative AI. The first one was policy assistant, where it's how do you make a power user that sets policy and security a super human? And you do that by making sure that the user experience has actually evolved to being much more natural language-based. And so you can set policy now in a firewall by saying, hey, you know, make sure that you exit this contractor from having any access to the systems and it'll give you the 15 things that you might need to go out and do as a checklist of items and allow you to do that. That's coming out at the end of the year. The second area that's actually super interesting is what we're doing with the SOC assistant. And that's an area which, you know, we've been thinking long and hard about because one of the big challenges the industry has is just shortage of talent. There's four million jobs that go unfilled every year. And so how do you go about making sure that you get talented resources to help you protect against preachers? And so the SOC assistants, what we're trying to do is people that are early in career, can they also have some kind of a sidekick, some kind of an assistant that can provide them with visibility into here's a breach that's occurring, here's what you might need to do to respond and remediate the breach. And so I think that the possibilities are enormous and we're just getting started. And we have to keep responsible AI in mind as you go about starting to build these things. I love the skills piece around the job, skills needed. That's the productivity gain. We're seeing productivity as the number one app of the Internet of AI right now, certainly in the coding area. We don't have any developers out there right now that's saying, coding, I'm got co-pilot, whatever you want to call it, it's increasing the productivity, which actually does all the heavy lifting. Okay, that being said, we'll get to that in a second. When you look at the practical aspect of it, there's a lot of hype and noise, I get that, but there are practical things happening. And you guys announced that Cisco like I mentioned a few of them, Tom and JT, what are some of the things that the enterprises are looking at that you think they should be focused on because super cloud and multi-cloud is coming fast. It's just distributed computing, something you guys know a lot about. You've been connecting networks for years, right? And have all that data. Yeah, maybe something to think about is, we all know the power of these models when you mess with chat GPT is a computer that can seem like it's reasoning with you, right? It can answer back in a cogent way. So the algorithms are really, really powerful. The other thing that makes it magic is the data that you're training with, right? And so I think for enterprise customers in general, you should be thinking about what repositories of data do we have that are text-based that were never useful before, but all of a sudden are. And I think what G2 was referring to is this SOC assistant, one of the areas that we think is extremely promising. We've been in the incident response business for decades and every time there's a security incident, we write up, here's what happened, here's what the response was, et cetera. And there's stacks and stacks of stacks of these write-ups that we can now feed through these large language models and start to create a very powerful assistant that create that order of magnitude efficiency that we're talking about about how do I respond to an incident in an automated fashion. And can I just add to that for, Tom brings up a really good point. There's one other area that we are really focused on right now, which is more and more large organizations are worried about information leakage. I'm gonna start, you know, I wanna debug a piece of code and so I'm gonna upload a proprietary piece of code to my Gen AI model so it can debug it for me. How do you make sure that you do some kind of data loss prevention on egress and how do you make sure that you do some kind of filtering on the ingress? So two use cases there, right? I wanna make sure that I don't allow someone to just upload a piece of source code to go out and debug. We can now, in our secure access offering, which is our SSE offering, allow you to make sure that that doesn't happen because you'll be able to say, no, you know, this is a proprietary piece of code, you can upload it. And on the download side, if you say generate a piece of code for me, it'll give you the probability that this was actually written by a Gen AI engine. So it'll say 95% likelihood this is written by a Gen AI engine. And that allows organizations to manage intellectual property policies internally and just operate in a more responsible manner. No shortage of opportunity, right? Well, no, I think you guys are highlighting, I mean, I got a lot of questions about you guys can write to the punchline, which is data and security of the two areas you're seeing the most active. And I'd say network and data are becoming more. So I just posted a piece on Substack, I waited a week before I published on Substack, but Matt Garmin at Amazon, who used to run EC2, he's kind of a no BS guy. He went right to the punchline too. It's how you set up your VPCs in the cloud, for instance. So you start to see these networking concepts emerge to solve the security problem and also the data problem. So you're kind of in this architectural view. And I think a lot of enterprises have acknowledged this is a security privacy, not like privacy like the user, but like how do you organize your data so it's not either restricted, too restricted or too loose and too promiscuous out there on the network. So this is your wheelhouse. Yeah, yeah. If you think about how applications used to be built, you had a data store, you had the app layer and then the presentation layer. And they all lived in one place for like performance and latency reasons, right? And very, very clearly now in the era of SuperCloud, the knowledge engine, the large language models, these things are so big and so powerful that they're going to be somewhere else. So the network now becomes like kind of the glue that holds us together, but it's the logical place to do the enforcement and the monitoring that we're talking about. It's more important than ever before. And policy segmentation. These are all concepts in the network. I want to circle back J2 to you because you brought up the IP and licensing side. So the new modes, as they say, in this next level of inflection points can be data value, proprietary data. It doesn't have to be big and large. It could be small and narrow, but in an app. So you've got a developer angle to that and you've got an intellectual property value. You have valuation of IP and then you have agility for a developer standpoint. I've never seen this before at this level. Even at the network level where you've got to lock everything down, packets got to be tight, but this is a whole nother power dynamic. Well, so if you rewind back to November 30th, when we all got exposed to chat GPT, the big thing over there, when it got went from GPT 3 to GPT 3.5 to 4 was the number of billions of parameters that this thing was going to be exposed to. It is now in six months time window, the large language model, the large is actually no longer relevant. You're not going from a trillion parameters to 10 trillion parameters and that's not going to give you exponentially greater value. I think the models themselves are starting to commoditize. And what's actually going to be unique is the data sets around the model and the experience that you build to make sure that you provide insight in a way that's very easily surfaced for the user. And I think you brought it up in the SOC Assistant, Security Center Assistant. And then also the data, you guys have a ton of data, your clients and customers have data. Unlocking that now was not really realized before because there was really no application for mine that day to other than slunking some logs or doing something from a debugging standpoint or efficiency standpoint. Yeah, kind of like kind of boring, I won't say boring stuff for that business, but like I'm talking about unlocking some value, intellectual value from that is unheard of before. This is new. Do you guys agree with that? Yeah, you know, if you look at the problems in security, Zero Trust says you got to assume that somehow a bad guy's going to get a toehold somewhere in the infrastructure. Okay, so assume that they're already in. So the name of the game becomes how do you stop them from moving around? Well, where do you see that? The network. My work. Yeah, so being able to pull this data in and analyze it, I know there's a lot of hype in the space, but the reason there's hype is because this is one of those step function type moments where our ability to analyze this stuff is exploding going forward with, not just the algorithm, even the silicon underneath it, right? Like, you know, what we can do with GPUs, there's analytics that we can run that were not even feasible a year ago. And now we're also like, hey, wait, this could actually work. You know, it's very exciting. I heard something on the queue for the first time whenever I hear something that's new that I've been thinking about for many years and it actually comes out of someone else's mouth. I mean, they're thinking about it too, was we've talked for years about moving compute to the data, especially at the edge, because data egress and cost and latency. I heard them move the workload from one cloud to the other. And with less than a millisecond failover, because you now have this kind of super cloud platform. So you have failover, but you also have workload portability. That was fantasy 10 years ago. Remember, I remember many women trying to wish that to be happening, but now it's possible you have this new dynamic where the workload could shift. So the value of the data will be so important that workloads will move across the networks. And there'll be a couple of reasons why that's going to happen. One, there's just going to be, for the foreseeable future, shortage and compute capacity in the world compared to what the world's appetite is to consume compute. Like right now, if you ask Sam Altman, what is the largest kind of constraint that he thinks about with chat GPT? He thinks he talks about two things, power shortage and compute shortage. And so portability is really important when you have compute shortage. You have flexibility of going out to anywhere where the data is available. That's number one. Number two is most customers right now, looking for public cloud economics without the public cloud lock-in. And you don't want to get locked into a public cloud. You can't get locked. There's no way to avoid lock-in if you only have one provider of the public cloud. So you need to make sure that you actually distribute your loads. And when you distribute your loads to multiple clouds, which what you call super cloud, well, we actually think there's a value in is a neutral third party that can abstract some of these services like networking and security and persist those as your traffic flows and get steered to multiple different clouds. So that that ability for us to be able to say, you know, when your policy is on one cloud, that actually policy can transcend when you move your workload to the other cloud, that's architecturally gonna be a really important requirement as the market evolves. I want to riff on that a tiny bit. So let's talk about those super cloud worlds we talked about where there's some complex TensorFlow over here on Google and then there's chat GPT which is running over here and then you've got all these different services now that make up an application. And there's gonna be this communication across the super cloud to make this stuff happen. We want to apply those same zero trust principles. So what G2 was talking about this abstraction layer, it needs to be able to understand a principle of least privilege. So you can't just say, oh, I'm gonna open up a pipe so that everything on Amazon can access everything in my private data center. Because that's where your source code is, that's where your customer database, right? So you need to be more selective to that. This is an example of it's a little more tactical but something we're focused on right now today is what we call multi-cloud defense. And so it's having the ability to say this workload running on Amazon can talk to this SaaS application like chat GPT or just Salesforce or Stripe and it can connect back to this customer database and only the customer database. That's the least privileges part, right? So you don't have this big giant flat network that would open up a huge attack surface, right? These are the kind of places that Cisco I think really shines. And here's the thing we found, right? Both of us found this out when we were the customer together. 90% of a lot of our customers, public applications need to access a resource in the private cloud. And today, how does it work? Well, the public cloud speaks services, the private cloud speaks IP addresses, there's no translation layer in the middle. And what we need to do is make sure that that actually exists so that people are able to access that resource. And to Tom's point, only that resource because we are applying zero trust principles, not just for user access, but also for application access in the cloud. That's a great call out. I want to just double down and just give people some context. You mentioned that at Cisco Live as well. That's a huge point that people should really reflect on. One, services, not a bad thing. Cloud services are amazing. But when you're on premises for decades running networks, their IP addresses, again, networks is the source of truth. You can't, a packet's a packet. Either good or bad, right? You got data on that. Now, okay, we've got full surveillance on the packets, deep packet inspection, okay, all that's great stuff. Check, check, check, been there, done that. Now, going up the stack, you're talking about bridging these two worlds together. It hasn't been easy. Hybrid's made a lot of progress. Where are we on that transition? Because that's the number one thing I hear too is, the network guys are so used to operating this way, you gotta show me real proof points that it's gonna work when I blend a web services framework or a Lambda function, server lists, now Gen AI, high velocity, microservices. It's never gonna fundamentally change because the whole notion of an IP address is it's a physical construct, right? There was a box, the box had an app, the app had an IP address and that was a basis for identity. So the public cloud works that way too, but they've built layers and layers of abstraction where you can't see, you don't wanna see, trust me. It's this detailed level of plumbing. And that's our view is like, let's make sure that we build tools that allow our customers to bridge these two worlds, the physical, where there's boxes and networks and VLANs and VRFs and then- So you're doing that today then? We're doing that today, yes, right. And this is a shipping product that we're talking about. Cisco multi-cloud defense that can make that least privileged connection between private to public, public to public, public to service, whatever it is, it understands these services and makes it easy to put basic security code. We're talking about a pretty fundamental control here of like, you know, you can, A can talk to B and only B, not C, D, E, or F. Yeah, you also wanna keep an eye on what apps are running in sandboxes. In sandboxes versus production. Totally, totally. This is what I wanted to get to. Now go ahead, USC. No, but I was gonna say, it's important that we all recognize that even in the most optimistic scenario, there will be thousands of applications that organizations will have for the foreseeable future that will be in the private cloud. There will be legacy applications. But what you have to do is still modernize the security infrastructure around those legacy applications. Because if the legacy application is something that they've deemed to say, I don't have resources right now, so I'm not gonna go modernize the application. That's fine. But you can't afford not to modernize the security infrastructure around it. And what we are trying to do is modernize the security infrastructure around an application that you might choose to have be legacy that needs to interface with the modern application that you have running on AWS or on Azure or GC. And that's the fundamental debate, Dave and I have about super cloud versus multi cloud because super cloud's a whole nother level of modernization and rethinking around scale, data, automation, the things that are kind of next gen cloud coming, low latency, managing the cost structure versus the enablement. Yeah, I'll argue, I spend a lot of time talking to customers exactly to G2's point about OT environments and that the super cloud principles are now extending into the factories, into the warehouses and into these highly distributed networks. Creates a whole new set of challenges, opportunities that I think is gonna be really rich for us over the next. I mean, think of what happens in a hospital. By the way, we interviewed Audi at your event was a great use case. They're doing some amazing modernization. I mean, think of what happens in a hospital if a device for providing dialysis that's connected to the internet gets hacked. Yeah, right. You need to make sure that that was never built with the mindset of, oh, this thing could get hacked and I wouldn't be able to perform dialysis on someone. But we are in that world today and so you gotta make sure you modernize the security around it. Yeah, I was talking to a customer this morning, pharmaceutical customer. They have these big giant factories and he's like, they used to all be air gapped. So we had this philosophy of like, this stuff is all safe and yeah, yeah. And now all of a sudden we have to make them connected. It opens up a whole new set of challenges and opportunities. And again, this is the whole idea of like modernization, enabling lower cost, more agility, more scale and security built in, not even a question, built in, not a bolt on. The question I want to get to before we run out of time is the customer orientation to the trend that's generative AI and security, mainly generative AI. It reminds me of the early days of the internet and the web where it's like, okay, we recognize this is happening. We just don't know yet how to interface with it. Do I do my own website? Do I own my own thing? Do I connect my buildings on my campus? Hence routing started, okay, this all grew. That happened and it started very embryonic but then grew very fast. Gen AIs have been a similar trajectory where, but it's happening faster where it's like, okay, I get it. Now I got to figure out where to start. And then what's that roadmap look like? Clearly, network and security and data and developers are low hanging fruit areas where people are smart. There's practical use cases, there's enough data to get success. That's been always the form of success. Where do you guys see your customers coming in and from a practical standpoint, leveraging some of these trends where they can get in and show some proof points of that scale, a little bit of three steps in the cloud of dust kind of before they start running. What's the areas that you guys would see that would be practical? So I mean, the way that we think about this is there's three major kind of areas of innovation in AI. The first one is, can you use AI to enhance your cybersecurity stack? And a bunch of the examples we gave are around that. The second thing that's gonna be there is, can you actually enhance your cybersecurity stack to protect against AI? Because as AI starts having more sophisticated uses, the bad intentions over there need to get protected against, right? And so that's the second area. And then the third area is this notion of preventing data loss on the egress to a gen AI engine. And intellectual property as these moots are developing? It's just pure IP, right? I think you just wanna make sure you protect for that. And then when you bring it back in, you've asked gen AI to do something. Because I think what's gonna happen in the world in the future is no one's gonna start from a blank slate. And so when you start from something that's gonna be 80% done that you're tweaking the final 20%, you gotta make sure that that's tying with the policies that's tying with the responsible AI framework that you might have within your organization. Those are things that you have to think about. And so these are three major building blocks where you'll actually start to see. It's funny you use the word building blocks. Reminds me of your composing models. It's gonna go, a preferred future might look like, hey, let's grab that model from 2023. Let's use that new one from 2028. If you think about the profound impact that open source had on software development, right? You don't have to go build a web proxy anymore because there's one that exists. This is what you just talking about is like the next layer there where there's gonna be sort of 80% of the solution just when you push a button and there's always gonna be need to apply reason and human intuition on top of that. But man, we can take a lot more. And context and data. You'll be very specific to your domain. Don't underestimate that context and data thing. I think we've seen this pattern over and over and over again, which is that the more you train a model, the algorithm more always kinda nets out to like, eh, they're all about the same. And so, and I'm sure there's scientists out there like, no, mine's different. Okay, but it's the data that matters and the quality of the data and how do you teach it right from wrong? It's a really hard problem, right? And that's where the enterprise is probably some opportunity that lies. Like think about what data do you have that is unique and valuable? All of a sudden a computer can understand that data. That is transformative once you start thinking about that. I think you guys have the bottoms up, guardrails that could enable massive value. My final question is how do you guys think about something that we're seeing emerge which is platforms of platforms? So we're moving from the point solution to platforms. And it's interesting, I used to, I'm, you know, the platform wars in the old days was, you know, top two platforms win. Maybe third one, third place gets some crumbs. Now you're seeing platforms emerge as a feature of intellectual property at scale. So you're seeing the coalescence and cohesion of multiple platforms working together because of APIs and of data sharing, privacy controls. You're starting to see different vendors have platforms that need to be working with other platforms. You guys are a platform. Obviously you got other data platforms with developers will be on. So this is a trend that's emerging. I want to get your thoughts on how you guys think about that because you guys are running the networks. You have all that IP underneath both IP. I'll start and you commentary. There's clearly movement towards platform, right? And the reason for that insecurity is that these attacks that you two was talking about earlier, the attackers have toolkits now that allow them to steal a credential, to, you know, sort of have a root kit to get in and emulate legitimate user behavior and legitimate application behavior really, really well. So if you're only looking at one little piece of the puzzle, if you're only looking at email stream, it's tough to say with confidence, yeah, there's no ransomware in there because there is, right? And it's indistinguishable from real email. If you're only looking at a web stream, if you're only looking at the endpoint, you're missing more than half the picture. That's what's driving this movement towards platforms. And so being able to look across multiple domains is gonna give you a better security outcome. But we think there's gonna be platforms that are unique to the vendors that deliver these platforms. So I think there'll be a platform that focuses on the operating system and the application, right? An obvious candidate for that is Microsoft, right? With Office 365 and Windows. And then there's gonna be a platform for everything that stitches those two things together. Connectivity, access, infrastructure. That's why we're here, gang. Authentication across networks are hard. Yeah, exactly, right? The network plays an essential role in your security ecosystem. So there will be a couple of platforms, and our view is we're gonna inter-operate with these other platforms that have a kind of rightful air to that position. And we wanna take our rightful position in the industry. And then there'll be additional platform and integration opportunities on top of that, right? Yeah, I think the philosophical constructs of a platform are, one, it has to be open. So you have to make sure that you even take data and telemetry from your competitors because the true enemy is not the competitor, it's actually the adversary. And we can't forget that in this industry, right? And so that's number one. Number two, as you think about how the Gen AI movement started in the past, since November 30th to now, one thing is for sure, it's gonna get increasingly hard to predict long-term outcomes in this industry because the rate of change of this industry is so fast now that I think you'll see scientific progress compound at least at 1,000 X of where we are today. It's virtually impossible to say what's my five-year outlook gonna look like? Anyone who thinks they've got a five-year vision is just nuts. Maybe Elon Musk has it, but the rest of us, you know, mere mortals, we have to actually have a much shorter window of time within which we're gonna be operating. And number three, you have to be responsible because the way in which bias will seep into a model, the way in which transparency and fairness need to be incorporated in a model are pretty important. And so those are three characteristics of a platform that are pretty important as we think through the evolving of the evolution of the platform. Great to have you guys on. Obviously the data is the value, the network and the security impacts huge. As people build apps, they're gonna need to put policies in place, have them brought on the right parts of the network, enabling that next generation applications. J2, Tom, thanks for coming on SuperCloud 3. Appreciate it. Thank you for having us. This is fireside chat keynote. I'm John Furrier. We'll be back with more SuperCloud 3 coverage after this short break.