 The cybersecurity landscape has changed dramatically over the past 24 to 36 months. Rapid cloud migration has created a new layer of security defense, sure, but that doesn't mean CISOs can relax. In many respects, it further complicates or at least changes the CISOs scope of responsibilities. In particular, the threat surface has expanded and that creates more seams and CISOs have to make sure their teams pick up where the hyperscalar clouds leave off. Application developers have become a critical execution point for cyber assurance. Shift left is the kind of new buzz phrase for devs, but organizations still have to shield right, meaning the operational teams must continue to partner with SecOps to make sure infrastructure is resilient. So it's no wonder that in ETR's latest survey of nearly 1500 CISOs and IT buyers, that business technology executives cite security as their number one priority, well ahead of other critical technology initiatives, including collaboration software, cloud computing, and analytics rounding out the top four. But budgets are under pressure and CISOs have to prioritize. It's not like they have an open checkbook. They have to contend with other key initiatives like those just mentioned to secure the funding. And what about zero trust? Can you go out and buy zero trust or is it a framework, a mindset in a series of best practices applied to create a security consciousness throughout the organization? Can you implement zero trust? In other words, if a machine or human is not explicitly allowed access, then access is denied. Can you implement that policy without constricting organizational agility? The question is, what's the most practical way to apply that premise and what role does infrastructure play as the enforcer? How does automation play in the equation? The fact is that today's approach to cyber resilience can't be an either or, it has to be an and conversation, meaning you have to ensure data protection while at the same time advancing the mission of the organization with as little friction as possible. And don't even talk to me about the edge. That's really going to keep you up at night. Hello and welcome to this special cube presentation of Blueprint for Trusted Infrastructure made possible by Dell Technologies. In this program, we explore the critical role that trusted infrastructure plays in cybersecurity strategies, how organizations should think about the infrastructure side of the cybersecurity equation and how Dell specifically approaches securing infrastructure for your business. We'll dig into what it means to transform and evolve toward a modern security infrastructure that's both trusted and agile. First up are Pete Geer and Steve Keniston. They're both senior cybersecurity consultants at Dell Technologies. And they're going to talk about the company's philosophy and approach to trusted infrastructure. And then we're going to speak to Parasar Kodati, who's a senior consultant for storage at Dell Technologies to understand where and how storage plays in this trusted infrastructure world. And then finally, Rob Emsley who heads product marketing for data protection and cybersecurity. He's going to take a deeper dive with Rob into data protection and explain how it has become a critical component of a comprehensive cybersecurity strategy. Okay, let's get started. Pete Geer, Steve Keniston, welcome to theCUBE. Thanks for coming into the Marlboro Studios today. Great to be here, Dave. Thanks, Dave. Good to see you. Great to see you guys. Pete, start by talking about the security landscape. You heard my little rap up front. What are you seeing? I thought you wrapped it up really well and you touched on all the key points, right? Technology is ubiquitous today. It's everywhere. It's no longer confined to a monolithic data center. It lives at the edge. It lives in front of us. It lives in our pockets and smartphones. Along with that is data. And as you said, organizations are managing sometimes 10 to 20 times the amount of data that they were just five years ago. And along with that, cyber crime has become a very profitable enterprise. In fact, it's been more than 10 years since the NSA chief actually called cyber crime the biggest transfer of wealth in history. That was 10 years ago. And we've seen nothing but accelerating cyber crime and really sophistication of how those attacks are perpetrated. And so the new security landscape is really more of an evolution. We're finally seeing security catch up with all of the technology adoption, all the build out, the work from home and work from anywhere that we've seen over the last couple of years. We're finally seeing organizations. And really it goes beyond the IT directors. It's a board level discussion today. Securities become a board level discussion. Yeah, I think that's true as well. It's like it used to be that security was, okay, the SecOps team, you're responsible for security. Now you've got the developers are involved. The business lines are involved. It's part of onboarding for most companies. You know, Steve, this concept of zero trust, it was kind of a buzzword before the pandemic. And I feel like I've often said it's now become a mandate, but it's still fuzzy to a lot of people. How do you guys think about zero trust? What does it mean to you? How does it fit? Yeah, I thought, again, I thought your opening was fantastic in this whole lead into what is zero trust. It had been a buzzword for a long time. And now ever since the federal government came out with their implementation or desire to drive zero trust, a lot more people are taking a lot more seriously because I don't think they've seen the government do this. But ultimately, let's see, ultimately it's just like you said, right? If you don't have trust to those particular devices, applications or data, you can't get at it. The question is, and you phrase it perfectly, can you implement that as well as allow the business to be as agile as it needs to be in order to be competitive? Because we're seeing with your whole notion around DevOps and the ability to kind of build, make, deploy, build, make, deploy, right? They still need that functionality, but it also needs to be trusted, it needs to be secure and things can't get away from you. Yeah, so it's interesting, we attended every reinforce, since 2019 and the narrative there is, hey, everything in the cloud is great. And this narrative around, oh, security's a big problem, is it doesn't help the industry. The fact is that the big hyperscalers, they're not strapped for talent, but CSOs are. They don't have the capabilities to really apply all these best practices. They're playing whack-a-mole. So they look to companies like yours to take your R&D and bake it into security products and solutions. So what are the critical aspects of the so-called Dell trusted infrastructure that we should be thinking about? Yeah, well, Dell trusted infrastructure for us is a way for us to describe the work that we do through design development and even delivery of our IT system. So Dell trusted infrastructure includes our storage, it includes our servers, our networking, our data protection, our hyperconverge, everything that infrastructure always has been. It's just that today, customers consume that infrastructure at the edge as a service in a multi-cloud environment. I mean, I view the cloud as really a way for organizations to become more agile and to become more flexible and also to control costs. I don't think organizations move to the cloud or move to a multi-cloud environment to enhance security. So I don't see cloud computing as a panacea for security. I see it as another attack surface and another aspect in front that organizations and security organizations and departments have to manage. It's part of their infrastructure today, whether it's in their data center in a cloud or at the edge. I mean, I think that's a huge point because a lot of people think, oh, data's in the cloud, I'm good. It's like, Steve, we've talked about, oh, why do I have to back up my data? It's in the cloud. Well, you might have to recover it some day. So I don't know if you have anything to add to that or any additional thoughts on it. No, I mean, I think like what Pete was saying, when it comes to all these new vectors for attack surfaces, people did choose the cloud in order to be more agile and more flexible and all that did was open up to the CISOs who need to pay attention to now, okay, where can I possibly be attacked? I need to be thinking about, is that secure? And part of that is Dell now also understands and thinks about as we're building solutions, is it a trusted development life cycle? So we have our own trusted development life cycle. How many times in the past did you used to hear about vendors saying you got to patch your software because of this? We think about what changes to our software and what implementations and what enhancements we deliver can actually cause from a security perspective and make sure we don't give up or have security become a whole just in order to implement a feature. We got to think about those things. And as Pete alluded to, our secure supply chain. So all the way through knowing what you're going to get when you actually receive it is going to be secure and not be tampered with becomes vitally important. And Pete and I were talking earlier, when you have tens of thousands of devices that need to be delivered, whether it be storage or laptops or PCs or whatever it is, you want to know that those devices can be trusted. Okay guys, maybe Pete, you could talk about how Dell thinks about its framework and its philosophy of cybersecurity and then specifically what Dell's advantages are relative to the competition. Yeah, definitely Dave, thank you. So we've talked a lot about Dell as a technology provider, but one thing Dell also is, is a partner in this larger ecosystem. We realize that security, whether it's a zero trust paradigm or any other kind of security environment is an ecosystem with a lot of different vendors. So we look at three areas. One is protecting data and systems. We know that it starts with and ends with data. That helps organizations combat threats across their entire infrastructure. And what it means is Dell's embedding security features consistently across our portfolios of storage, servers, networking. The second is enhancing cyber resiliency. Over the last decade, a lot of the funding and spending has been in protecting or trying to prevent cyber threats, not necessarily in responding to and recovering from threats. We call that resiliency. Organizations need to build resiliency across their organization. So not only can they withstand a threat, but they can respond, recover and continue with their operations. And the third is overcoming security complexity. Security is hard. It's more difficult because of the things we've talked about, about distributed data, distributed technology and attack surfaces everywhere. And so we're enabling organizations to scale confidently to continue their business, but know that all of the IT decisions that they're making have these intrinsic security features and are built and delivered in a consistent security. So those are kind of the three pillars. Maybe we could end on what you guys see as the key differentiators that people should know about that Dell brings to the table. Maybe each of you could take a shot at that. Yeah, I think first of all, from a holistic portfolio perspective, right? The secure supply chain and the secure development life cycle permeate through everything Dell does when building things. So we build things with security in mind. All the way from, as Pete mentioned, from creation to delivery. We want to make sure you have that secure device or asset. That permeates everything from servers, networking storage, data protection through hyperconverged through everything. That to me is really a key asset because that means you understand when you receive something, it's a trusted piece of your infrastructure. I think the other core component to think about and Pete mentioned as Dell being a partner for making sure you can deliver these things is that even though that's part of our framework, these pillars are our framework of how we want to deliver security. It's also important to understand that we are partners and that you don't need to rip and replace. But as you start to put in new components, you can be assured that the components that you're replacing as you're evolving, as you're growing, as you're moving to the cloud, as you're moving to more on-prem type services or whatever that your environment is secure. I think those are two key things. Got it. Okay, Pete, bring us home. Yeah, I think one of the big advantages of Dell is our scope and our scale. We're a large technology vendor that's been around for decades and we develop and sell almost every piece of technology. We also know that organizations might make different decisions. And so we have a large services organization with a lot of experienced services people that can help customers along their security journey depending on whatever type of infrastructure or solutions that they're looking at. The other thing we do is make it very easy to consume our technology, whether that's traditional on-premise in a multi-cloud environment or as a service. And so the best of breed technology can be consumed in any variety of fashion and know that you're getting that consistent secure infrastructure that Dell provides. Well, and Dell's got the top supply chain not only in the tech business but probably any business. And so you can actually take your dog food and then allow other people your champagne, sorry, and allow other people to share best practices with your customers. All right, guys, thanks so much for coming on theCUBE. Appreciate it. Okay, keep it right there after this short break. We'll be back to drill into the storage domain. You're watching a blueprint for trusted infrastructure on theCUBE, the leader in enterprise and emerging tech coverage. Right back.