 Here are your hosts, Dave Vellante and Jeff Frick. Back, Sheila Jordan is here. She's the CIO of Symantec. We're live. This is theCUBE. We're at ServiceNow Knowledge 14 at Moscone in San Francisco. We're going to be here today, Wednesday and most of Thursday. So stop by if you're at Moscone. Moscone South, come in, look to the right. theCUBE is there. Stop by and say hello. Sheila Jordan is here. She's the CIO of Symantec. We're live. This is theCUBE. We're at ServiceNow Knowledge 14 at Moscone in San Francisco. Stop by and say hello. Sheila, welcome to theCUBE. Thank you very much. Exciting to be here. Yeah. So you were across the street, I guess, at the CIO event, right? Yes. What's the vibe like over there? Describe it. Well, I would say that's probably about 300 or so CIOs. And it really is fascinating because everyone's kind of discovering how important the cloud is becoming and how relevant the cloud is becoming in the CIO world. It was, you know, years ago it was more about if the cloud is coming and now it's here. And it's a question of, CIOs are struggling with our answer. And the question is, how does this really integrate with kind of on-prem solutions? So really it's making the cloud more and more real. You know, it's interesting. Five years ago, if I asked a CIO about the cloud, you know, they would say, hey, it's another quiver in the, another arrow in the quiver. And, you know, we're looking at it, et cetera, et cetera. Some might say, hey, we're not using the cloud, especially in financial services. But IT practitioners would roll their eyes. Oh, the cloud. Yeah, the cloud. It's IT. What do you mean, the cloud, the cloud, the cloud? That seems to have changed. Yes. And the practitioner base is more accepting of that notion of the cloud. What's changed? Well, I would say a couple of things. One is I think that when we used to kind of roll our eyes, we were very concerned about the security of the cloud, for sure. And I think with the cloud providers, we've seen lots of improvements in the security angle. The other thing I'll tell you is in IT, we constantly get the pressure of delivering things faster and cheaper. And the cloud offers us that solution to be able to deliver things faster and cheaper, whether that's, you know, for your HR systems or whether that's for some of the other solutions. So the promise is real, and we're beginning to see that. And I think they're really shoring up the security aspects of the cloud as well. How does it change your role? I mean, what are the changes that are sort of required from the CIO's perspective? Yeah, I will say that I think that the CIO today is really focused on five big things. Mobile, cloud, structured and unstructured data. So the whole data play, as well as, you know, kind of your personal and professional identity. And then, of course, the final one is the Internet of Everything. So more devices coming into the enterprise. And I really think the thing that flows through those five things is two things. One is the data that flows through that. So whether the data is sourced from the cloud or on-prem, the end user wants to have that similar experience, whether we're the data it's sourced from. And the second component is, of course, you know, how we secure that. You know, the whole notion of security is becoming more and more critical that, you know, securing things at the network layer is good, but in the end device is good. But now we're being asked to really make sure that we're securing things across the entire enterprise stack while everything's changing. The devices are changing, the sourcing is changing, as well as, you know, now the new devices with the Internet of Things. We do a lot of big data shows and everybody talks about the, you know, data is the new oil and, you know, the data centric organization. How real is that at Symante? I mean, you've only been there three months, I know. But, you know, based on your observations, just Symante, but generally in your IT community, how real is that? I think it's very real. In fact, I would say that the job of the CIO is to protect the company's assets and to protect the data. And that's assumed that the employees assume that the CIO is going to do that. It's certainly become a bit more difficult given cyber criminals are getting smarter and there's more hackers and more ways to hack. And of course the device is coming in, but I still think that the role of the CIO has to be to protect the company's assets. There's an interesting discussion we have. We actually do a conference, Chief Data Officer Conference with MIT in July. And the premise that MIT has put forth is that the Chief Data Officer is a new role in the organization, should be independent of the CIO, should be a peer of the CIO and have ownership over a lot of different sort of data assets, the data taxonomy, data sources. It's still fuzzy where the lines are done. When you talk to a lot of the big data practitioners, they say no way. That's the CIO's job. Have you thought about that much in terms of, do you need a data czar? Are you the data czar? Yeah, I actually think you could, but especially I think it depends on certain industries would make that more realistic. Healthcare, financial services, the regulators. But I actually think the Chief Information Officer has information and data already and I think that's a big part of our role. So whether it's a separate role or not, the coordination, the combination and the reliance on each role is really critical. So don't you have enough to do? Yes, we do. Well, now they want you to innovate, right? Now they want you to be a force of innovation. They want you to be a business partner, a value creator outside of just the asset. So how is that all playing within your... And that's why I guess it's so fun. I've always said that being in IT, you've got to like change. And being in IT for an IT company, you really got to like change. And I would say that what's exciting about the CIO role is yes, I categorize it simplistically, but it's around run the business, change the business and grow the business. And if historically it might have been that CIOs were just about run the business, not anymore. The CEOs are expecting us to run, change and grow. And we got to find solutions and technology cost-effectively of how we can do that. And now you've got all these mega trends hitting you like a ton of bricks, like you said, the cloud, mobile, social. How has that kind of changed the game in the last couple of years? Well, I think it's both exciting and daunting at the same time. I think it's exciting because it does open things up. And again, most of our employees, all of our employees are consumers. So they're having this consumer-like experience and they want to come into IT and they want to come to work and have the same kind of experience. So I think it opens up a whole new way to deliver services. And one of the things we're working on in Symantec IT is to create a services-led organization but we actually are delivering services. So your email services, your content service, your video service, your pricing service so that we can really deliver these services in a way that you have consumed those services as a consumer. So it used to be, I mean still is, most IT shops talk about systems. Insurance companies, my claims system. That's where my investment is going. It's this big silo infrastructure built around it. Do you see that changing? The parlance even changes to, these are my services. This is my service catalog. This is how I'm charging for that. Yes, I do. Pretty substantially and we're implementing that kind of services-led mentality at Symantec now. And the reason is because the system and the applications is at some level kind of irrelevant. You're going to replace systems and applications but ultimately you don't want to replace the service. The customer, our employees, want to get used to having that video service. They really don't care anymore from on-prem in the cloud. And they don't necessarily care about what technology was used to get there. They want their service. So I think as an IT organization, one, by creating the services-led organization, you are really clear about how you're spending the IT dollars and really clear about how the transparency of the cost of those services. And then really clear to your point, I love to shop on the internet as a consumer and I'm so used to picking and clicking, right? And so we want to deliver services that simply to the organization to understand the service and the cost of the services. So did you, let's see, I love the whole concept of portfolio management, the application portfolio, run the business, grow the business, transform the business. The old meta group attacks on me. I love that. And I could see, I used to work with CIOs all the time and they would actually use that and say, okay, we're just going to subjectively say here's my run the business apps, here's my grow the business, here's the transform the business. We're going to allocate the portfolio accordingly. Do you look at your services catalog, the same way, and how does it, where would you like to see it? It's very difficult to get out of that 70, 30 year, you know? Because by definition, you're always running. But how do you look at that mix and how do you, what's your ideal mix? Well, it's very difficult because you do have to do kind of portfolio planning but I do think with cloud solutions, it offers us a different solution to be more cost effective and agile. So clearly you're going to have someone run the business but I'm not necessarily spending a lot of money on the actual infrastructure to take some of the on-prem solutions that we used to do. So the cost will be, total cost of ownership should be less with some of the cloud services, that's the promise. So when I think about run, grow, change, I know other sources like Gartner and Forrester will say that a large enterprise company spends 65 to 70% on run the business still, even though we've made all these advancements. We have an aspirational goal at Symantec IT. I'm not sure we can get there because again, it feeds but if we could get to a point that we are really a third, a third, a third, wouldn't it be cool if IT could deliver two-thirds of the IT spend on change and grow versus run? So it's aspirational and I'm not giving any of that. But you know what, too, maybe we're thinking about it the wrong way because maybe that's an impossible equation to solve, maybe we should be looking, I wonder if we can get your feedback on this, it just struck me. Maybe we should think about it almost like product cycles. I remember one of the CEOs around here, we used to be very proud of the fact that he was in a product cycle intensive business and 70% of the products that we have, 70% of our revenue is coming from products that we've announced in the last 12 months. Maybe that's how we should be looking at it because by definition, they're going to be more modern, more innovative, and with the services catalog approach, you may be able to do that. These are the services that we've launched in the last X number of months. We can look at consumption. Do you think that's a reasonable way to look at it? It's actually an interesting way to look at it and I would say that some of the things now is actually introducing, you know, one of the things we want in IT is just visibility. What services are being used? If I had to rank them and rate them, ranking and rating, you know, they're four stars, five stars, we want that visibility across the organization and delete, delete, delete the things that aren't effective and that aren't working. Sometimes in IT, we don't know that or see that. So one of the things I think it's really important is with ServiceNow or any of the other solutions is that when we get that visibility, we can go back and say to the organization, look, four people are using the service, you know, it's no longer effective as it used to be. Let's delete it. And again, that feeds into that cost savings. We'll feed into run the business and grow and change. GRS, getting rid of stuff. We never get rid of stuff. And I really, that's my goal. It's value we have to delete, delete, delete. Well, Sheila, it's interesting that you put a different twist on, we hear a lot about now that the app is king, right? Everyone is about the app, the app, the app line. A business wants to build their own app, but you're really delivering the app as a service above the actual application and knocking down the value of the particular app that delivers that service. Yeah, and I am for a couple reasons. First of all, not necessarily on a mobile device, you're going to need your apps or all are addicted to our certain apps for sure. But the reason why I think about that in the enterprise is because a service is going to be ultimately comprised of the technology, process, and culture and people, right? So an app in my mind still gets us to just the technology when in reality to make these services real and continue to optimize the services, you're going to need the service owner, you're going to need people and process to really optimize that service. So it's the Uber structure. Right. Above the app. Yeah. To deliver the real value. Yes, yes. And that's a really good point. I think in the past, IT is always, and we always will be, held a total cost of ownership. It's really, really, really critical that we show and be fully transparent of our cost. But I actually think with the new technology that's available and we're being expected by our CEOs is we have to deliver value as much as cost. Value at a reduced cost or an improved cost, but I think the conversation needs to continue to push what's the value that technology can deliver, not only the cost side. Right. And that's happening. Right. We heard earlier today, I don't know if you saw Frank's keynote, but he was talking about how you had, you know, sort of the traditional days, you got application group, you got infrastructure group, infrastructure does operations, they, you know, they take the code and they take it, you know, they deploy it, the application guys, you know, we all know the story. Right. And now you're seeing the DevOps culture, you're seeing programmable infrastructure. Is that happening in your organization? Do you see those sort of two worlds, either fusing or morphing into the business and becoming a DevOps culture? In pockets. So I would say where we have those labs or where we have proof of concepts in pockets, yes. Has it been pervasively changed in the IT organization not quite yet? And I think a couple of things. One is we're in some ways just learning about kind of infrastructure as a service and how I can actually, you know, push up a server in 15 seconds or less type thing and provision that server in 15 seconds. So we're learning as an organization, the whole, some organizations are certainly better at it than others, but we're learning on the whole infrastructure as a service, we're learning how we can deliver the applications as a service, so I think the next, and so we're using agile development and things in scrums and things like that, but I think the next natural evolution is DevOps. Now I would say that you got to be kind of careful in where you play and push that because it's a whole new learning, the talent you have can really, yeah, yeah, skills and talents, but I do think it's the next area of focus. So we'll pick up on infrastructure as a service. Obviously you got the gold standard of Amazon. You look at Amazon and you go, wow, that's pretty impressive what they've done. Do you look at that and say, okay, there's a big chunk of stuff in the margins, development that we should just put into that cloud, or do you say, why don't we duplicate that, replicate that in-house? Which approach do you think your organization offers? Well, for almost the reasons we're doing private cloud, you know, again, I want to be the biggest proof point of Symantec's products that I possibly can, so that means I have to be customer one to our Symantec products and test them out and make sure that we're giving the feedback back to the Symantec group. So we're building our private cloud inside Symantec right now, which really will become that infrastructure as a service using the latest and greatest technology, software-defined networks, et cetera, that we're really putting together the whole stack that allows us to do that, where we are today versus what the vision is, it will actually leapfrog the foundation of what we're able to do at the company. Okay, so you want to essentially duplicate that and leapfrog what the public cloud guys are doing. That's- In a very secure environment. Pressure's on. Yes. Yes. Believe me, I know when time has been the clock, and the clock is clicking. Now, does that change, we've been talking about skill sets before, does that change the type of people you need to bring in? Do you have to hire more PhDs? Well, it's not necessarily the PhDs, it's the real technical talent that knows this new space. So again, we had done several years, Symantec has outsourced their IT organization, and as we bring that in, we got to make sure and bring in the right skills that supports the new technology. So outsourcing ended up being sort of my mess for less, and it ended up not being less, and so a lot of guys have brought that back in. But okay, so you sort of replicate and try to leapfrog that capability. Do you become a profit center? Oh, I think it's dangerous. I think it's a real slippery slope if IT becomes a profit center. And the reason I say that is because I think our focus and our number one job is to really deliver an optimal, excellent experience for our employees while providing, again, being an IT for an IT company, I think our job is to make sure we're delivering the best experience we can while showcasing our products internally and testing and using them. The second you have another motive or another driver, I think it takes the eye off the ball. So I kind of agree with you. I mean, I do and I don't. On the one hand, if you were to sell your IT services externally, then I would disagree. But because you've got a captive audience, you're saying you would basically monopolistic power, corrupt like all monopolies. And we can certainly come up with what I've suggested to my team is we can come up with a whole bunch of ideas of how to improve the product or maybe there's a gap in our product strategy that we can suggest to the business unit. So I think in that case as we come up with, we are the number one customer of our products. If we have ways to enhance it before the product goes to market or opens up another opportunity, our business unit leaders are really open to that. Now what about charge backs? Okay, so you're not going profit center. What about charge backs? You know, another thing that I think is a pretty slippery slope. You know, cross-charging charge backs, it's a complex overhead that if you're one company, why do you add that low? I'm a real simple person. I'm a real simple person and I just like simple and easy to come and hold accountable. Companies don't do it. I mean, 15% of companies will do charge backs and it's sort of, you know, stuck there. It's a lot of overhead. It's a lot of overhead. It's a lot, yeah, yeah. And I'd rather drive accountability into the person that's delivering the service has accountability to do that as cost-effectively as possible. So Sheila, and the five things you mentioned, one of them was your personality? Well, it was a personal thing. No, it's your personal. You went through it very quickly. Oh, I'm sorry. So the five big trends that I see happening from an IT, from a trending perspective in the IT industry that CIOs are really going to need to be thinking about and they have all written. So this really isn't new, but I do think the five together is pretty powerful. It's, of course, mobility. It's cloud, all the cloud services. The third is around data. So both unstructured and structured data coming together. And of course, I think Nirvana on that one is when unstructured data can be fed into part of the decision-making like structured data is. That's going to be interesting. The fourth is the convergence of personal and professional identities. So people are coming into the organization with their mobile phones and they want one phone. They want one device. So how does IT professionals and what's the right solution for different industries merge or at least containerize, whichever one you want to do, the personal versus professional identities. And then the last one is, of course, mobility is one thing, but all this explosion of other devices. It'd be on the mobile. And then what glues all that together is data and, of course, security. We have to make sure all that's secured as we traverse all those different trends. Ashley's points. Where do you report into the organization? I report to our COO, Steven Gillette. COO, okay. So let's say Steven's doing your performance review. When you came on, he said, okay, these are your objectives. If you maybe, you know, you guys write it together. What are your objectives for the next 12 months? Yeah, so it's an interesting time. It's semantic. And I would say that we've agreed that it is, and I've been there now six, two days. So what we've agreed is, really, this insourcing is a pretty big effort and initiative, and especially around how we can stand up our own data center, our own network, all the application migration. It's a pretty big effort. The other part, I would tell you, is pretty important for semantic right now is the Global Security Office reports to me as well. So understanding the security risks and making sure that we really do have understood and really being thought leadership in the security space. That's kind of number two. And I would say in general, the overall service is led, how we change the structure of the IT organization would be number three. And I would imagine you're an early consumer of a lot of the semantic security products. Yes, we are. So you must be a pretty important constituent of the product groups. They have a lot of juice for those guys. That's part of the job that's really, really fun is when we can actually provide some input and feedback on their products and see it built into the roadmap. It gets quite exciting. So how, you know, we heard again in Frank this morning saying, look, the CIO's got to know as much about the business as the business people do. That's a tall order, especially in a company the size of Symantec. But do you buy that, at least in part? And how do you develop that knowledge? Well, I would say that, you know, first of all, yes, I buy into it. I really do think, and again, it goes back to being an IT for an IT company, being their customer, you have a pretty big seat at the table. And I think it's really important that you're not only giving advice and counsel on, you know, the product strategy and where we think there could be potential gaps and where things could be improved, but you're also having to tell someone, you know, that the product's old or we don't want to use that anymore or show some of the inefficiencies in the product. So I think one is being absolutely tied to the product strategy and having a voice in the product strategy is really critical. And again, I think, given that you represent the customer base at that table, is also quite exciting. Do you go to sales meetings? I'm actually, not yet, 60 days, but we actually have our big customer meeting coming up next week, which I'll be attending. That's a great way to learn about the products and the challenges. And I love talking to the customers. In my previous roles, I talk to a lot of the customers a lot. So to talk about the evolution of the role of the CIO in the not tech company and the change of tech as a competitive differentiator in New York to Disney three years before Cisco I saw at LinkedIn. So how is that changing? Well, I'd say actually it's kind of similar challenges. In being an IT for the tech company, you really are kind of tied to the product and being an instrumental influence in the product strategy. That's one. In a non-tech company, you are challenged with this whole notion well that's what I get as a consumer. So I still even think in a non-technology technology company, when they come to work and they have a less technical experience and the user experience is less than the way to get at home, I think consumers in general are just getting smarter and smarter and smarter about I have that email storage 10X that at home. I have my mobile device that, all these things that were experienced as consumers is coming into all the industries and that expectation of I want to work differently is just that you get all companies. With no appreciation of what it means even more just the magic. Magic Kingdom is appropriate. So come back to the conversation we had before. Is the goal to really replicate that or just get good enough? Microsoft they always say software is good enough. Microsoft is a good enough company in the good enough business. Because can you get there? Because you are talking about scale of Amazon and Google and Facebook and Microsoft. So do you have to be just good enough or do you have to be as good or better? You said leapfrog before. That was notable. We are going to leapfrog our data center structure and data center strategy. What I do think in delivering when I have two teenage children in college and they sometimes wonder why they can't quite figure out talking to interns at work. They can't quite figure out why they don't have this is 2021 else. They can't quite figure out why the experience isn't the same. When I told my children as well as the intern group I said listen work is a bit more complicated than pictures and status. Work really is and as an IT professional you have this obligation and responsibility to protect the company's assets. So no do I ever want to get to a point that it's as easy as Facebook? Do I ever want to get to a point that it's not practical to put that in the enterprise? Do I want to get to a point that there are applications that they use on a daily basis and we're driving a sales forecast and it's really important that timely and decision making of that is an app on their phone? Yes I do. And it's self-service. So yes I think we have to be really careful and really explicit about what apps are the right apps for work and what apps are the ones that are just too much risk. That's expectation setting, communications and all the stuff that the new CIO has really got to be good at. That crystal ball. That crystal ball. Alright Sheila we've got to leave it there. Thanks very much for coming to the Cube. Thank you very much. Alright everybody keep it right there. We'll be back to wrap up day one from Service Now Knowledge. We're live. This is the Cube. We're right back.