 from San Francisco, it's theCUBE. Covering RSA Conference 2019, brought to you by Forescout. Hey, welcome back, everybody. Jeff Frick here with theCUBE. We are in downtown San Francisco at the brand new Open. I think it's finally complete, Moscone Center for RSA Conference 2019. We're really excited this year for the first time ever in the Forescout booth. We've been coming to RSA for a long time. We had Mike on last year. Mike, the CEO of Forescout. Appreciate you having me. We had you last year and you were so nice. You invited us to the booth this year, so thank you very much. We must have both done something right. Absolutely. And also, before we get too far into it, congratulations doing some homework. The stock is going well. You're making acquisitions. You said it's the anniversary of going public, so things are looking good for Forescout. Things have been good. We've been public company now for four quarters. We've beaten, raised on every metric we had out there, so we're feeling good about life. So I don't think the security threats are going down. I don't think your TAM is shrinking by any stretch of the imagination. It definitely does not feel like the threat landscape is getting less challenging these days. I mean, when you look at all the geopolitical stuff going on between the US and China and Russia, that usually spills into the cybersecurity world and kind of makes things a little bit more tense. Right. So the crazy talk in all its conferences now is machine learning and AI. And obviously, one of the big themes that came up, we had a great interview at Google, is you just can't hire enough professionals, regardless of the field, especially in this one, to take care of everything. So automation, really key, AI, really key. But at the same time, the bad guys have access to many of the same tools. So as you're in this middle of this arm race, how are you kind of taking a strategic view of machine learning and AI in this world? So what's amazing about cybersecurity in 2019 is the fact that the pace of innovation is exploding at an unprecedented rate, right? I mean, we're bringing more devices online every quarter now than the first 10 years of the internet combined. So the pace of adoption of new technologies is really what is driving the need for machine learning and AI. A human being, historically in the cybersecurity world, most corporations approach was, I'm going to have a whole bunch of different cyber products. They all have their own dashboards. I'm going to build this thing called a cyber operations center, a SOC, that is going to be the input of all those. But a human being is going to be involved in a lot of the research and prioritization of attacks. And I think just the volume and sophistication of the breaches these days in attacks is making those same companies turn towards automation. You have to be willing to let your cybersecurity products take action on their own and machine learning and AI play a very large role in that. Yeah, it's really interesting because there's very few instances where the AI and the ML actually generate an action. Oftentimes they'll generate a flag. They'll bring in a human to try to make kind of the final analysis. But it's not often that we actually give them the power to do something. Is that changing? Do you see that changing? Are people more accepting of that? Can you give it up that control? When you look at four scouts, kind of core value proposition, the category that we're in is device visibility and control. Device visibility, what's on the network? Control, when I find something that shouldn't be there, our customers want to block that. So we have a front row seat on watching customers that for decades have been unwilling to allow cybersecurity products to actually take action, turning our product on every day and allowing us to do exactly that. So when we look at the way that they approach the breaches in every one of these scenarios, they're trying to figure out how they can augment the personal staff they have with products that can provide that level of intelligence. And the thing too, we see over and over is that people are so fallible. Interviewed a gal, Grace Hopper, a couple of years. She was 100% at social engineering her way into any company that she tried. She had a kind of cool trick. She looked at Instagram photos. She would see the kind of browser that you had and you know, oh, the company picnic page won't let me in. Can you please try this? You're 100% success. So you guys really act in a very different way. You're kind of after the breach has happened, you're sensing and taking action, not necessarily trying to maintain that big moat. We're actually on the front end. We're before the breach takes place. So the way our product works is we plug into the network and then we turn that network. The 10 years ago, a CIO would control everything on their network. They would buy servers and load them with products and put them in their data centers and they'd buy end points and they'd give those to their employees. Those same CIOs now need to allow everything to connect and try to make sense of this growing number of devices. So the role that we play is preventative. We are on the front end. When a device first joins that network, you need to make sure that device is allowed to be there. So before we worry about what credentials that device is trying to log in with, let's make sure that's a device that the company wants to be on the network to begin with. So to your point, exactly, you're right. I mean, I think my CFO and I probably every week have some very sophisticated email that makes it sound like one of us asked the other to approve a check request, but they're getting good and you're right. They go on, they know that I went to Villanova or I'm a fish fan and they'll leverage some form of thing I'll post online as try to make that email a little bit more personalized, but our philosophy as a company is very basic, which is you need situational awareness of what devices are allowed to be on that network to begin with. If you get that in place, there's a lot less examples than what you described a couple of minutes ago. And as you said too, it's a really interesting philosophy having kind of an agentless methodology to identify and profile everything that's connected to the network as opposed to having an OS or having a little bug on there, which puts you in good shape for this operations technology thing, which is such a critical piece of the IoT and the IoT trend we're beginning to. There's no doubt. That's one of the most forthciteful things that Fourscout has ever done is we made the decision to go agentless 10 years ago. We saw that the world was moving from UNIX and Linux and Windows and all of these basic operating systems that were open and only a few of them to the world that we're in today, where every TV has a different operating system. Every OT manufacturer has their own operating system. The example I use is the Nest thermostat, where you buy that, you put it on the wall of your house, you pair it with your network and it's sitting right online next to your work laptop. And there's been breaches shown that a tax can come in through a device like that and get on to a more trusted asset, right? So just having that situational awareness is a big part to begin with. But OT, so let's talk about OT for a couple of seconds, is almost in front of us, post-WanaCry, I am seeing almost every CISO in the world not having had the cyber responsibilities for OT being pulled into the OT part of the business and it makes sense, you know? When you watch a breach like WannaCry, most companies didn't think they bought something from Windows. They thought they bought a controller from Scenens or GE or one of the larger manufacturers. What they realized on WannaCry was that those controllers have embedded versions of an old operating system from Microsoft called XP that had vulnerabilities and that's how it was exploited. So the approach of devices being online, what's changing in front of us is not just the volume of devices but they're not open anymore. So the agentless approach of allowing devices to connect to the network and then using the network to do our thing and figure out what's on it makes us a really relevant and big player in that world of IoT and OT. So do you have to hold their hand when they break the air gap and connect the OT into the IT to say, it'll be okay, we'll be able to keep an eye on these things? Or does a guy, you know, you talk about air gaps all the time as such a kind of a fundamental security paradigm in the old way but now the benefits of connectivity are outweighing the potential cost of maintaining that air gap. It's very difficult, right? I mean, one of the examples I always use is PG&E, our local power company here. We're up until a few years ago, they'd have a human being in a van would come to your house and knock on your door and all they wanted to do was get in your garage to read your meter, right? So they could bill you correctly and then they put smart meters on the side of our houses and I'm sure the ROI for them was incredible because they got rid of their entire fleet as a result but recognized that my house is the OT grid now connected back to the IT side which is billing. So there's just so many examples in this connected world that we're in. Companies want to do business online but online means interconnectivity. Interconnectivity means OT and IT connected. So yes, you're absolutely right. There's many companies believe they have systems air-gapped off from each other. Most of those same companies, once they get Forescout live, recognize they actually were not air-gapped off from each other to begin with. That's part of the role that we play. Just curious to get your take. You talked to a lot of CISAs about how the types of threats have evolved. More recently, we saw all the stuff with presidential campaign. The targets and what they're trying to do has changed dramatically over the last several years in terms of what the bad guys actually want to do once they get in and where they see the value. So how has that changed? I know it's not directly, because you guys don't worry about what they're trying to do bad. You want to protect everything but how has that kind of changed from the CISOs perspective? Our customers are governments, financial service companies, healthcare companies, manufacturing companies, because every one of those companies, I mean it sounds basic, but if you knew the bad thing was plugged into your network doing something bad, you would have blocked it. You didn't know it was there to begin with. So we actually have a role in all types of threats, but when you look at the threat landscape, it's shifted, you're right. I mean, 10 years ago it was mostly IP theft. You were hearing examples of somebody's blueprints being stolen before they got their product into the market. We then saw financial threat shift and that's still where the bulk of it is today, right? The ransomware attacks, I mean they're all money motivated, the swift breaches, they're all about trying to get a slice of money and as more money moves online, that becomes a good hunting ground for cybersecurity attackers, right? But what is now being introduced as well is all the geopolitical stuff and I think with our commander in chief being willing to be online tweeting and with other organizations, governments worldwide having a more social footprint, now that's on the table and can you embarrass somebody and what does that mean? And can you divide parties? But yeah, there's a lot of different reasons for people to be online. What's amazing is the attacks behind them are actually fairly consistent. The mechanisms used to actually achieve the objectives are actually quite similar. I'm curious from the CISO's perspective in trying to measure ROI and kind of where they should invest and not invest, how the changing kind of value proposition of the things that are at risk really has got to change the dynamics because they're not just stealing a little bit of money. These are much more complex and squishy kind of value propositions if you're trying to influence an election or you're trying to embarrass somebody or you're trying to influence things. If it's state funded or if it's believed to be state funded it typically has a different ROI model behind it, right? And it has different organizations but on the OT side that you described a second ago, right? Why is OT so hot right now? Because it's one thing to have a bunch of your employees have their laptops compromised with something you don't want to be on there, right? It's embarrassing. If your emails get stolen, it's embarrassing. It's a very different thing when you bring down a shipping line when a company can't ship their product. So the stakes are so high on the OT side for organizations that they obviously put a lot of energy into it these days. You need to talk about autonomous vehicles, misreading signs and giving up control and all kinds of things in this future. All right, Mike, so if we let you go be a busy guy, get thanks for having us in the booth. What are your kind of priorities for 2019? You know, for us at Forescout the priorities are continuing to execute. You know, we grew our business 33% last year. We achieved free cash flow profitability which is the first time in the company's history. So, you know, we have an obligation to our investment community and we intend to run a good solid business. From a product perspective, our priorities are right in the category of device visibility and control. It's one of the things when you look around this conference is, companies have to be careful. They don't increase their product size too quickly before they have the financial means to do so. And we just see such a large market in helping answer that question. What is on my network? That's our focus. And we want to do it across the extended enterprise at scale. Yeah, I saw an interesting quote from you on one of the earnings calls that I thought was neat. You know, a lot of people complain once you go public you're on the 90 day shot clock and that becomes a focus. But your take on it was now that everything's exposed, how much are you spending in R&D? How much are you spending in marketing? How much are you spending in sales? That it forces you to really take a deeper look and to make tougher decisions and to make sure you guys are prioritizing your resources in the right way, knowing that a lot of other people now are making those judgments. Yeah, you know, listen, the process of raising money and then going public is that you have to be willing to understand that you have an investment community, that you have an obligation to share a lot of detail about the business. From the other side of that, I get a chance to sit in front of some of the smartest people on the planet that look at my peer companies and me and then provide us input on areas that they're either excited about or concerned about. That's amazing input for me and helps me drive the business. And, you know, again, we're trying to build this into a big, organically large cyber security business, which is a rare thing these days. And we're quite, we're very happy about the trajectory that we're on. So. Well, Mike, thanks for sitting down with me. I like to sit down with smart people like you. Yeah, no, I appreciate it. And learn a lot. It's good to see you again. Congrats on this success. Thanks very much. All right, he's Mike, I'm Jeff. You're watching theCUBE. This is Scott Boo that RSA, North America, Moscone Center, we're in the North, North Hall just behind the RSA booth. Thanks for watching. We'll see you next time.