 Welcome back everyone to theCUBE's live coverage of Teradata Possible. I'm your host, Rebecca Knight, along with my co-host and analyst Rob Streche. We are joined by Billy Spears, and he is the Chief Information Security Officer here at Teradata. Thank you so much for coming on the show, a future CUBE alum. This is exciting, thanks for having me on the show. I really appreciate it. Yeah, so research shows that business leaders are so excited about the potential for AI to transform their organizations, their productivity, their workforces, but there is also a lot of concern, fear, anxiety about security, privacy, and governance. How do you think about these things as the CISO of Teradata, and then how do you talk to customers about these very important issues? Yeah, great question. I think first, breathe a lot. Breathing is always good and helpful. Deep breaths. For sure. When you wake up in the morning, you have to think about things like what you're talking about. It starts with fear, uncertainty, and doubt, so what that means is people know a lot of facts and figures, and when they compile them themselves without understanding exploitability or some of the other risks, sometimes they can spiral out of control. And at Teradata, what we try to do is we try to take this layered approach, but think about anything always, meaning we can go back into things like gen AI and say, here's some way that we're going to help you get better, faster, smarter, smarter, accumulate the results of your data much quicker, and we think about the adversarial consequences so you don't have to. Our goal with security at Teradata is to do two things. The first is we want to continue to build trust with our customers. We want to grow that trust so they'll continue to expand their use of our platform and get all the goodness as a result. The second thing we want to do is we want to think about resiliency right from the start. So if bad things do happen, we're right there side by side and helping you get back up and running as quick as possible. A lot of what your job is is not only keeping the customer safe, but it's keeping Teradata safe as well. Teradata must have a lot of data. So what is advice you can give to other CISOs who are out there who are sitting there going, okay, we're at Teradata customer. How do I keep this safe? And where do they start? And one of the things we've heard over the last, obviously with the MGM and Caesar's Fund that they had from a social engineering perspective, but also is authentication and things of that nature. Where do you look that CISOs might want to think about starting? Oh my gosh, you guys are awesome. This is like a Houdini trick, right? So if you go back to magic, it's really about the exploitation of the artifact itself. So I could bring in an unlimited budget, which would be awesome, but I don't have that. And we could build the most robust security system on the planet. But if the people walk the adversary through the security system to the crown jewels and back out of the house, then we haven't really done our job. So if I think about the people first, right? We have to educate them. For example, let me tell you a quick funny story. This is a real life thing that's occurring in our industry right now. We have all these things called something.ishing, right? So it might be fishing, but not the kind with a pole. It's the kind where people are trying to target your companies and exploit data or get your people to take action. We have this new thing since working from home, this smishing where they want to send you this text message and say, buy me gift cards because somehow that's going to be how you pay your bills. And then this new one, there's plenty of others, but this new one that got my attention and made me giggle a few weeks ago is this thing called QR code fishing or quishing. When I first heard that, I thought it was this funny playoff, like a quiche or something. And I was like, what is this term? The more we got into it, it's interesting how quick people are to take a selfie or take a picture and it drive them to somewhere else, that pass the paywalls or whatever. And it starts to solicit things like your Uber or your MFA. Hey, this is resetting. Take the code and connect to your device. But really what you're doing is you're connecting to the adversary or you're putting a credit card in or something to pay, someone that's not designed to be paid from your system. So for us, the education, the community, bringing it together and making it fun, this is not like it was at some point in the past where we have this big stick and we're scaring people. That doesn't help when people work from home and they can work from anywhere. We have to educate them not only in the company but extend the network into their homes so they can be better and safer as a result. And so much of what Rob and I have learned from conferences that we've been to in the past is how you can sit back and say, oh, I'd never fall for that, the cushion, please. I know better. But in fact, it really is, people are so vulnerable. And so the education piece, the component of what you're talking about is so critical. It's so true. When I think about that, you have to go back to all the things you hear a lot. You hear a state sponsored, you hear local, you think adversary. And you don't realize the puzzle that people are putting together by the time it gets to you. These people are smart. They're capable. They're intelligent and they change. And the industry doesn't keep up with the innovation of your adversaries. So it's really important for security leaders, CISOs, folks that are on the front lines to make sure they educate, they improve, but also put some controls in place because sometimes it's really important to help people when they don't know they need to be helped. And that's what we try to do here at Teradata. We bring it together. So while we're extending the footprint of our controls, whether it be corporate or the product we sell, we're doing it in a way that it drives efficiency, meaning just the way that you open up your iPhone and you look at the camera and now, boof, you're working. There's so many layers of control in between you looking at the camera and the product you're actually attached to. We want to do the same thing behind the scenes to give people a better experience on the front end but protect everyone through all the different layers in between. Yeah, it would seem that that's a key given that data is, as they were saying earlier today, one of the keynotes is gold, right? I mean, that is what people are fishing for and trying to get at and try to steal or obfuscate or encrypt or what have you. And to that point, I mean, it's not about zero days or something like that. It's probably going to be more a fishing attack or something of that nature that's going to get you. To your point, I've gotten those text messages about gift cards quite often saying, hey, it's the CEO of the company X and I'm on somebody else's phone but can you go and get me $5,000 worth of Starbucks gift cards? I'm like, I'm undercapitated today or something like that. So what are other things that people should be looking out for that maybe they're not as aware of? Because I think that the text messaging is starting to become pretty, the QR code actually was new on me. So I haven't gotten hit with that yet. So probably will now after this. That's right. All of your audience members, oh, we got you now. Exactly. What other things should they be learning about? Because to your point, I think it's not about protecting against the first person who gets hit. It's about making sure that the second person doesn't get hit. How do you see that? Well, I think a couple of things. So here's that cool one for your audience at home. Everyone has a Wi-Fi. Everyone sets their Wi-Fi password and everyone's proud of it. But there's an administrative credential behind your router. And so people don't know, look it up and Google it. But if you put that in, typically you'll see that the SSID is admin and your password is password. That's not good at all. So change it. Because you're connecting your work and your home and they're uniting and you have all these smart TVs and all these things where you put your credit card and you certainly don't want to leave yourself open or be susceptible to it. Something simple. You're attaching your garage and your alarm systems and whatever, so that's at home. At work, let's think about, you know, you have the ishings. Seven or eight different variations of it. They're all fairly clever. And what I'll tell people always is it depends on what's happening in your life of whether or not you're more or less susceptible. If I tell you I'm going to break into your house, you're typically going to arm whatever it is you think I'm going to use to get into your house or the pathway I'm going to use. But if I look at your house and I sit across the street and I just do research, film you, understand your movements, figure out your patterns. When do you do whatever you do and what are the most common services you use? I'm going to be able to put together an attack that's likely going to be able to fool you and it's not your fault. I think that's important. Users have to start understanding that it is not their fault. These people are awesome at what they do. So companies have to have that next couple layers to protect themselves. For example, all developers in the world know that when they have a cool solution and they start, they always embed the credentials into the innovation part of the product. If you don't know that, now you do. What's really important is to come back and get rid of those things. But that's a common misnomer. People forget. So the attackers in this particular case, they know very well how to exploit those things. So on security teams, it's important to have good logging. You have to be able to see things. As a CSO, what keeps me up at night is not being able to see. The unknown attacker is super scary. The things that I understand, it's easy. We have things like this mitre attack framework and whatnot. As long as I can keep you to the left, I win. The further to the right you get, you win. Which really means the company loses, the customers lose. We can't afford to have that in 2023 going into 2024. One of the things you started talking about when we first began this conversation was the importance of trust and resilience. And obviously you get both those things with having great products that work the way they're supposed to do, that are easy to use, that people understand that are accessible. But those are also behaviors. So how in your organization, in the security office at Teradata, do you try to model that and then make sure that that is something that is reinforced in your workforce? Yeah, it's a great question. Inside of Teradata, we work on the model of not just trust and credibility. Like for example, all of listeners and you at stage, we've had security people walk in the room and it's like the air goes out of their lungs. That hurts my feelings, everybody. Like when you put it in the room, you shouldn't be like, oh, security's here. No way, we're going to make your day better, turn your phone upside down and we're going to get to an answer. And if security's done right, it drives efficiency. Because again, you have all those layers and if things are working, you don't know security's there. It's when there's friction in one of those layers or something's broken or there's a misconfiguration. That's the problem and that's what goes to trust. Security has to come in, partner with you and get you to a yes. I like to say yes if because there's always an intangible of saying I can get you to where you want to be if you do these two or three things. But it doesn't stop there. We're not leaving the room. We have to stay side by side with our counterparts to help them engineer and architect these great solutions because while developers and IT folks, they're awesome at what they do. They don't have the experience that we do. We have to compliment their experiences to get a better product for our companies and we do that a lot. So lots of trust falls but also lots of support. So we're constantly earning credibility and doing what we say so we can be more relied upon internal to the company. It's a new improv game, yes if. That's right, yes if, always. It's great. You're here first, yeah. So what are some of the things that you're hearing that is exciting to you but then maybe some things that are unnerving to you that you're hearing at this conference, conversations you're having with customers? I think it's always exciting to get the customers reaction to our new innovation. Behind the scenes, we're in this, I'm paying a picture for your audience, we're in this lab and we have all these things and we're throwing things against the wall and saying, ooh, this is cool. We have all these new products. Like for example, I really get excited about our regular product, which is the serverless product we have. It changes the game for Teradata. 40 years, the way we've been doing it. We've been putting everything in a cage and we've just literally ripped the bolts off the cage. So if you haven't seen it, you got to come check it out because it's a 2.0 version of where we've been. And then getting our customers from on-prem through what we call Vantage Cloud Enterprise and eventually into Vantage Cloud Lake so you can really have all the versatility of your data, driving results before you even know you need them, that gets me up and gets me really excited. Yeah, yeah. So I think it's one of these things where you were just talking about and kind of said the attack service though has definitely grown. Oh my gosh, yeah. Yeah, so how do you take that into consideration with everything that's going on? Yeah, lots of excedrin' for sure. I mean, again, as you do new things, your footprint expands, the attack surface starts to grow. But again, I think it's about discovery. So if you go back to fundamentals, just like maybe a great football team and you watch your film and you make some tweaks and adjustments and come back, that's how we do it. So as our attack surface continues to change, we follow the risk. Wherever there's more risk, we purposely appoint resources to minimize that risk and we go back and find the new thing. However, we always try to fix the root, not the symptom. So for me, I'm saying here's all these symptoms, I think those are distractors. What's the root? Let's solve that root and watch how the behavior of the symptoms also follows suit. What are some things that you are looking forward to in the year ahead that we're going to be talking about it next year as possible? I'm looking, so I'll get nerdy from security. From security, I'm looking forward to the introduction of Gen AI into security operations. I'm looking forward to showing the power of Teradata and how we merge it to you and deliver compounding results out to our customer. That's going to be really, really cool. I know it was sort of a teaser for all of you. Stay tuned, check back with us and I hope you come back to possible next year and get to see all about it. Yeah, that's what I want to hear is how are you using that so you can get and enable your team to actually find things faster, look for anomalies and stuff like that. That has to be some of the stuff that you're kicking around in the lab and looking to use. Because I mean obviously being a data company, I'm sure you have a lot of security sensor data and things of that age. We do. We look at billions and billions of events every single day. Not joking, multiple billions. So it's hard for any human to really hone in. So it's really important that you have great intake, so data from everywhere. You have a great accumulation so you get everything into that same place so you can make a logical decision. You write rules to weed out sort of the data that's unnecessary. But you also have great threat feeds because that's the landscape. We need good intelligence. So as we understand what's happening from left to right across our landscape, we know how to adjust internally. And most importantly, we have to have great plans we can follow. So as we get from a tier one all the way through tier three and then those incident response plans, we have to be able to stand them up effectively so that we can again deliver consistent results, not just for internal customers, but external customers alike. Excellent. Well, Billy Spears, thank you so much for coming on theCUBE. It's been a lot of fun. Thank you. This was awesome. I'm Rebecca Knight for Rob Stretch A. You are watching Teradata Possible, theCUBE's live coverage. Stay tuned.