 Welcome, Chris Lovejoy, Global Security and Resilience Practice Leader, Kendral, or for Kendral, to Dell's Navigating the Road to Cyber Resilience. Welcome. Thank you. It's wonderful to be here. Yeah, I really appreciate you being here. I know just looking at your LinkedIn, you've been all over the place. And I think that's bringing that global view to this event is really helpful. I think, again, security and cyber resilience is not a local thing. It's a worldwide thing and really needs to take into account all of those. So what does it mean to be the practice leader for security and resilience at Kendral? So I look after two things at Kendral. So first and foremost, as a practice leader, my responsibility is to run the business of security and resiliency for our customers. So that's what we build and sell vis-a-vis security services. And so today we've got about 8,000 or so folks within the team that are focused on this particular area around 50 different countries. So my other role is being on a plane a lot. And then the second role is leading the kind of how we manage security around our strategic outsourcing accounts. So think about that as more of a almost an internal look at the policies we've put in place to protect our customers and then ensuring that we're in compliance with those contracts. That's super interesting because I think, again, people may not know who Kendral is. I mean, Kendral is a fairly new company but has been around for a while. Do you want to kind of give a little color to that? Yeah. And thank you so much for asking. We are a really well-kept secret. So that almost exactly two years ago, Kendral split off from IBM. We are the services organization that was doing a lot of the strategic outsourcing IT services for IBM split off into an independent company. We are completely and wholly independent. We're a public company today of about 85,000 people altogether. And we focus on cloud security, mainframe and just infrastructure management around your more traditional infrastructure, applications, data and AI, digital workplace services, network transformation, and then my practice, security and resiliency. Yeah. No, I think that's the thing I've known about you because I've worked with you and partnered with you at previous employers. And I know that just to that example, even though you were part of IBM, now you're partnered with Dell. And I think that you take the best, always taken the best of breed technologies and brought them to with policies, procedures and processes and the people to deploy that at your customers. I know you're traveling around as you said, you know, on airplanes a lot and you're talking to customers and user customer organizations all the time. What are the most significant challenges and trends that you're seeing as it relates to cybersecurity, resilience and data protection across those customers? So I'm going to put those challenges into three basic buckets. So the first challenge is a compliance challenge. Many organizations today, and this is particularly in Europe where I just got back from our struggling with how do they address the new resiliency requirements that are coming out from the EU in the form of Dora and this too? You know, what's happening in the UK, you know, as well as some of the new obligations, you know, vis-à-vis the SEC guidance of public disclosure of material incidents. And this has got everybody really focused on the concept of overall business resilience. What does that mean? How do I ensure that I understand what is the minimum viable business? How do I understand whether or not I can anticipate risk? I can protect myself against those risks. I can detect and respond to those risks. And most importantly, and this is the big area that they're focused on in, you know, in particular is how do I recover in from those particular risks? So compliance around resilience and the board reporting, big focus. Second, big focus is more of a response to some of the current crises that we see in the news. Organizations are being hammered by ransomware. We just did a study with IDC and the results were pretty depressing about, you know, the number of, you know, cut up the companies that are getting hit by ransomware, the number of companies that are actually paying ransomware, the fact that even if they're paying the ransomware, they're not not. Depends on the ransomware fees. There may not be getting the data back. So this is a big issue, ransomware prevention, as well as the recovery from ransomware. And then the third big trend is more on the need for vendor consolidation, infrastructure simplification. And, you know, I think this is kind of a result of both the economic pressures that our customers are facing, as well as the fact that they are recognizing that one of the reasons why they're not able to recover very quickly or protect themselves, quite honestly, is they got too many vendors, too many bespoke solutions, too many subject matter experts that are necessary to manage those solutions, too much complexity in between the seams, so they're not able to actually recover their workloads. Anyway, all in all, this kind of complexity issue is driving customers to really look at how do they simplify their infrastructure, the control infrastructure and implement capabilities that really help them get to an overall resilient posture. Yeah, no, I think it totally makes sense that things like Dora, which is not the cute cartoon character with the backpack that you would see, it's, you know, what is it, digital operational resilience act, which more or less says, hey, financial organizations, you need to be able to either back out of the cloud you're in and set up shop either on premise or in another cloud in a certain amount of time to ensure operations and you have to be able to prove that, which is really just crazy. I think these types of things are coming and they're going to come to the US eventually, I guarantee that it, you know, like sustainability as well, but eventually, hopefully sooner rather than later. And I think it's really key, but how are you really looking at this and trying to, you know, help your customers stay ahead of these emerging trends and threats that are out there? Like you said, ransomware, we hear it all the time. And I'm sure that the IDC, I can imagine the stats are just, you know, abysmal about how many people are getting hit and what they're paying. I had heard some stat, it was like 1.8 million had been paid on average, which is just crazy that people are paying that versus being resilient. So how are you, what do you help clients be prepared? What are you doing to do that? Yeah, so a number of different things that we're doing, I mean, you know, let's just talk about, you know, first and foremost, how we're, how we get to the point where we're advising our clients. And, you know, I think one of our reputation is, you know, we are forward leaning, but we're also very practical. And I think the reason for that practicality is we are one of the biggest providers of business continuity, disaster recovery services on the planet. We see everything. And oftentimes, when, you know, a company goes down, you know, there's this period of what happened, like, you know, was it a security event? Was it a network outage? Was it a data center outage? Was it a, you know, somebody just made a mistake and they took the system? Like what happened? And what we're finding is that most of the cases, there is a hardware software failure, that you know, it just happens, and we have no idea why it's happens. And quite frankly, sometimes we never find out why it happened, but it just happened. You've got so that's about 40 to 50%. Then you've got about 20% that are cyber related issues. And then you've got another set of, you know, issues that are related to networks, etc. Anyway, all in all, when you roll it up and you look at it, it informs us as to what happens, why things go wrong within an organization. So we've got this massive body of evidence that points to if there was a security incident, this is why it happened. If there was a data center outage, this is why it happened. And this informs the strategy that we take to our clients. And so what we do today to help our clients is typically we start with a cyber resiliency maturity assessment. So it's looking at the business and understanding where are you? What is what is your minimum viable business and what's getting in your way of actually being able to either protect it or bring it back. Once we've done that, then we recommend the approach that we take. And then we often work with client customers, not customers, I'm sorry, with partners like yourself, to bring the solutions, the right solutions to the customers so that they can achieve their overall resilience goal. Yeah, no, I think that's the key is working with the customers to get them prepared. Like you said, understand where where they are and meet them where they are, where they have that starting point. And I mean, obviously, you have a lot of customers. It's you're a very large company, like you said, well kept secret, but very large company, and it's out there working with a lot of different customers. Really, when things do go bump in the night and there are incidences, how do you help those companies that you're working with? Oh, I mean, my goodness, we do, we have managed recovery services. So oftentimes, cyber incident recovery services. So what we'll do is we'll actually run the systems, we will do the monitoring, we will do the actual, you know, the backups, the storage will do the vaulting of the systems vaulting of the data will run them the anomaly detection capabilities to ensure that what we're, you know, collecting is good. And if something goes wrong, we'll restore it for them. Now, if a client is not on contract, you know, for those kinds of services, we actually have a retainer service. It's a combination of an incident response and a recovery retainer. So if they have a cyber incident will fly people into the forensics, but what we'll also do is restore the systems into a clean room, as well as in parallel plan for the restoration of the entire business service. And if the customer needs an army of people to come in and restore those systems for them, I don't care if it's mid range, mainframe, it's cloud workloads, whatever, we can fly people in and help them. Well, that's great. I think that that full range of services is key to providing that. And, you know, let's kind of shift gears a little bit because I think that everybody's talking about gen AI. There's gen AI news every week. There's new models coming out. You had Google releasing theirs. Last week, you have a whole number of different things coming out. What's your, you know, point of view from a perspective of gen AI, both from a bad actor perspective, and from the good guys perspective and really trying to be the good actors and use that to our advantage. Yeah, it's a great question. So I think let me just take it from start with the good and then head to the bad. So I do absolutely think that there is a valuable role for gen AI in our businesses. I think I just want to be a little bit careful about this. We're still, I think we're on the road to maximizing use of ML, both structured and unstructured, sorry, supervised and unsupervised learning based machine learning, reinforcement learning, deep learning, et cetera. We're well on the road to using those technologies effectively. Generative AI, I think as a mechanism for augmenting human humans is well on its way. So what I mean by that is generative AI can be used to do things like if I'm doing incident, incident response call, gen AI is really good at creating the narrative of what happened in the call, doing the summarization, writing the email trail, creating that evidence. That's great. It can help you do some dumpster diving in your logs that you have to be very careful about how you craft the question. There's some things that it's very good at. Would I run generative AI today unleashed for something like threat detection and then automated response? I'm a little less comfortable with that. And the reason I'm a little bit less comfortable with that is because historically in this field, data is not necessarily available in a format that can be completely trusted. And so what I would say is, I would use, if you're going to be using generative AI for threat detection and automated response, it has to be done with guardrails in place, very strong guardrails in place. You can ensure that if there is any suspect in the integrity of the data that is being used to train the corpus, feed the corpus or feed the algorithm, you've got to have somebody involved. So that's on the good side. Yes, it can be used with guardrails. On the bad side, attackers, we are seeing attackers use generative AI in one really scary way, which is in social engineering. We're beginning to see some language, natural language models being used to create what we're calling multi vector attacks. So voice, email, text, kind of attacks coming in. At the same time, it may be targeted one individual, their colleagues are beginning to get the same kind of echoed attack coming in, which is reinforcing the social engineering. So we're seeing that kind of in faith right now. That's very hard to protect against because it just seems so legitimate. And then the next area that we're beginning to see a little bit is the use of generative AI and creating malware. You can kind of tell that they're creating malware because the code is so clean. Usually when you're doing forensics, you can tell which actor created it because you can see from the comments. In this particular case where it comes out real clean, you're like, I see where that's going. But in any case, you know, those are the two areas where I'd say we're seeing the mal actors use generative AI. I would say the third area that I'm particularly worried about, this is my looking around the corners and I'm beginning to just is making me really nervous is the use of generative AI when it comes to creating drones that can use biomimicry. That scares me. Drone security is already something that's keeping me up at night. Drones with biomimicry that can act like birds and cannot be found and cannot be taken down. That's really scary. So if you think about where I'm looking, you know, a couple years from now, it's that area. Wow. Yeah, that that that's going to keep me up tonight. So that was definitely that definitely was not where I thought you were going to go with the third point, which is I think fascinating because I think again, it's one of these things. We talk about gen AI and I like how you broke it down by the way that AI has been around for quite some time, ML, DL and so on. Then that gen AI is really just, you know, looking at the unsupervised side of that that spectrum. I think, you know, it's really key to understand that these things are going to continue to evolve. But with that, I mean, what would you be recommending? Where should customers really where should those end users really get started when they're trying to put kind of a comprehensive cyber security and resilience plan in place? Yeah, and I think, you know, it's interesting because and, you know, you're, you know, going back to that point of, you know, AI has been around for a long time and people, you know, that have been immersed in the in the field, they they've become more aware of the differences, right? And so what I would say is, you know, the market is kind of defining generative AI, not just as sort of the unsupervised side, but it's also what I see is they're they're also conflating automation into that picture. And so what Nirvana is, is sense and response, right? So I see nowhere coming in and I see that my system has not been patched. And I see that that system that hasn't been patched is a really, you know, very critical asset, so I'm going to automatically patch it. Okay, like I get that that's, I wish I'm not there yet, you know, I'm just not there. So what I'd say is, first and foremost, I always advise people to understand what is the role of machine learning AI more generally within the business. How are you defining generative AI? What are the business goals and then marry the right technology to that right business problem? And I think generative AI, it's a tool. It is a tool that gets you to an outcome. So again, you start with the strategy, the problem, and then you find the solution to the problem. Generative AI might be a great solution within the confines of the problem that you're trying to solve. It's kind of basic. Yep. No, that makes sense. And from a kindral perspective, if somebody was looking to get one of those, you know, I think you called it a cyber resilience audit type things, they go to the website and sign up there. How do they, how do they reach out? Yes, we will happily you can go to the Kindral website. There's a request for more information. There is a security and resiliency site where you actually have contacts where you can call in and get more information. But that's a great place to start. You can always reach out to me on LinkedIn and I will respond as well. And, you know, and or just send up a solar flare. Well, hopefully we'll see it. Excellent. Well, Chris, I want to thank you. This has been a pleasure. And, you know, I'm going to be thinking about biomimicking drones that look like birds on my ride home tonight. So definitely definitely going to be thinking about this for a while. So I really want to thank you for coming on board here. Thank you. Yeah, everybody thinks I'm crazy, but it keeps the hand. It's coming. It's coming. Oh yeah, absolutely. I'm sure I'm sure. Well, well, thank you again. All right, thank you. Okay, we're rolling along live in the studio and on demand from our Palo Alto studios. You're watching navigating the road to cyber resilience, a summit bringing together practitioners, cyber experts, analysts, technologists to explore cyber security and resilience. Keep it right here.