 Live from Las Vegas, it's The Cube, covering Fortinet Accelerate 18, brought to you by Fortinet. Welcome back to The Cube's continuing coverage. Live from Fortinet Accelerate 2018, I'm Lisa Martin with The Cube, along with my co-host Peter Burris, and we're very excited to welcome The Cube alumni back to The Cube, Derek Mankey, the global security strategist from Fortinet. Welcome back. Yeah, so it's always good to be here. We have great conversations. We do. We're happy that you think that. So lots of news coming out today, but I want to kind of start with, maybe a top-down approach, the theme of the event, Strength and Numbers. As a marketer, I'm like, what are they going to share? And of course, Ken and a lot of your peers shared a lot of interesting statistics. From your standpoint, what you're doing with FortiGuard Labs, Strength and Numbers, help us understand that from the technology standpoint. What does that mean to you? Sure, sure, sure. So there's a couple of aspects to that. First of all, I've always been a firm advocate that we can never win the war on cybercrime alone. We have to be able to collaborate, a collaboration is a key aspect. The attack surface today now, just from, if you look at the complexity of attacks, the attack surface is massive today, and it's going to continue to expand. I mean, 15 years ago, we're just dealing with threats that would operate on IRC channels or some websites and just some spam attacks. Now we have to deal with that in addition to this growing attack surface, right? Specifically with IOMT, the Internet of Medical Things, OT as well, within that OT umbrella, obviously things like the connected vehicles and all of these different things, which I know you've seen here also in Accelerate. So when we look at that attack surface, you need security in all aspects, end to end, right? And so from a security architecture perspective, strength in numbers is important to have that whole coverage of the attack surface, right? That's not complex and easy to manage. At the same time, being able to interoperate, that's another strength, you know? The more a structure is bonded or glued together, the more resilient it's going to become as the exact concept of the fabric, right? The more that we can interweave the fabric and connect to the different nodes together and share intelligence, that becomes a much, much stronger structure, right? So to me that the strength in numbers means collaboration, information flow, and also end to end coverage between the security solutions too. But it also means, you know, the growing ecosystem, the need for additional expertise, greater specialization in people. Talk a little bit about how from a strategy standpoint, Fortinet is helping prepare people for different types of inclusion, different types of participation, and what it means to be great in a security way. Yeah, absolutely, I think there's very, it's, we're taking a multi-pronged approach to that. If you look at things like our NSE training program, it's the largest in the industry, so training other experts through our partners, doing that knowledge transfer and expertise onto new features like we're doing here at Accelerate is critically important. So that's one aspect, when you look at the ecosystem, when you look at something for FortiGuard as an example, what we're doing, we have traditionally, you know, we've trained up a very large team, we have 215 security experts in FortiGuard, which is one of the, for a network security organization, one of the largest in the world, if not the largest. And FortiGuard is a practical and active think tank, right? Absolutely, yeah, it's many things. It's reactive protection, it's proactive protection, now we've just launched the FortiGuard AI as well, artificial intelligence, machine learning, that's all the threat intelligence aspect, so it's threat detection and response. Again, if you look at technology, when we started just with antivirus and intrusion prevention and things like this, it was very signature based and reactive. We went from signature based detections to anomaly based detections. Now, the third generation of this is machine learning and deep learning. You know, going back to your question, we don't ever want to replace humans because humans are very important in this ecosystem. Rather repurpose them, right? So what we're doing as an example is when we train our analysts, instead of having them do day to day tasks, like some signature creation or something like this, we can actually have AI systems replace that to identify a threat, respond to it, and then repurpose those humans for some more strategic, you know, looking at the context, how bad is this threat? Why is it a threat? How do we respond to it? How do we work with partners and customers? We've launched our threat intelligence service as well. This is a good example of something that we've used internally within FortiGuard to protect customers. Now, we're offering this as a service to customers for security operation centers. We also have our Forti Analyzer product and incident response framework. These are all key components that we're empowering organizations to be able to respond to those threats. But again, strength and numbers. It's this ecosystem working together. So Fabric Ready partners is another good example of that strength and numbers, I think too. Well, I remember the first time I walked into a knock and found the security person and their eyes were literally bleeding. And it's nice to have AI be able to take that kind of a load off to be looking at some of these challenges or some of these anomalous things that previously we expected people to be able to uncover. Yeah, and when we talk about AI, to me it's a trust exercise as well. When you're talking about machine learning, it's accuracy problem, right? How accurate can the machines really be? When we pass the torch, as I say, to the machines to be able to take on those day-to-day jobs, we have to be able to trust it, saying you're doing a good job and you're accurate. So we're using supervised learning, right? Where we have our human experts actually training the machines. That's a good use for them instead of just doing the same cycles day-to-day as an example. So that's another way that we're scaling out that way. I think it's absolutely required in today's day and age. If you look at the numbers, it's an exponential curve right now. Last year, one year ago today, on average, we're seeing about a million hacking attempts in just a minute across the entire globe, right? Now we're seeing that number up over four million. So it's increased fourfold in just a year and that's just going to continue to rise. So having that automated defense and AI and machine learning, machine learning is just a learning aspect. The AI is the actionable part, how we can take that intelligence and put that into the fabric so that the customer doesn't have to do that themselves. I mean, the customer doesn't always have to be involved in the security aspect of that. And that's how we start reducing the complexity too. You mentioned a couple of terms that I wanted to pivot on in proactive reactive. One of the biggest challenges that we hear from the C-suite in this respect is visibility, complexity, but also high TCO reactivity. Where is for enabling, when you talk to customers, that shift, that successful shift from reactive to proactive? Right, yeah, good question, very good question. I think there's parallels. I mean, they're both always going to have to exist. That's just the nature. I mean, if you keep on walking across, it's like Frogger, if you keep walking across the busy highway, you're going to get hit eventually because there's that much traffic, that much attacks coming, right? So again, the incident response angle, using detection systems and threat reporting and this intelligence service to be able to alert on what sort of attacks are happening and how to prioritize that is one way on the reactive end. On a proactive end, consulting, we have a team of consulting engineers and specifically ones on 40 guards, so threat experts that are able to actually analyze. We have programs like CTAP, it's a cyber threat assessment program that is able to go into these new networks as a free service and do assessments. So audits and assessments on the state of security on that network and to end, right? So we're talking even up to the distributed enterprise level. That's very, very important because we're in a day and age of information overload. Especially if you talk to, most CISOs I talk to, they say, Derek, I got so much traffic being thrown at me, I got all these security logs that are letting up. How do I prioritize and respond to that? So if you can understand who your enemy is, what they're up to, then you can start building an appropriate security strategy around that as opposed to just building checkbox and building a fort and thinking you're protected against everything. That's a very important part. And of course, there's proactive security technologies, anomaly-based, things like sandbox detection that we've already integrated into the fabric ecosystem. But visibility is key first. Know your enemy, understand it, then build up a stack around that. So you're a strategist. Yes. What's the difference between a security strategist and a strategist, a business strategist? And what specifically, how is security strategy starting to find its way into business strategy? Really good question. So it's becoming blended, right? Because security is a vital part of business today. So if you look at some attacks that even happened last year, there's targeted attacks that are starting to go after big businesses, critical revenue streams and services, because these are high payouts, right? And so if you look at building a business, you have to identify what are your digital assets that could include services, intellectual property, and what would happen if that service was, there's a denial-of-service attack on that. How much lead or revenue loss are you going to have versus the cost of implementing an adequate security structure around that? So security's a board-level discussion right now, right? And so I think when you look at building out these businesses, security should be by design from the top down when it's starting. But is it finding its way, we've asked this question a couple of times, at least I have, is it finding its way into, hey, my balance sheet is a source of competitive advantage. My sales force is a source of competitive advantage. Is your security capabilities a source of competitive advantage in the digital business? I would say absolutely, yeah. It's starting to find its way in there. If you look at regions like Australia, they just implement a new mandatory breach disclosure, so in any business that's turning out, I think it's over $2 million in revenue, need to have a certain security posture in place and be able to respond to that. That's trust and brand recognition. So because having cases like this building trust with your provider, especially if we talk about cloud services, I'm putting my data into your hands and trust, how well do you trust that? Of course, if there's good reputation and a powerful security solution, customers are going to feel safer doing that. It's like, you're going to put your gold in Fort Knox or you're going to put it buried in your backyard. There's a definite relationship happening there, I think, yeah. I read, I didn't read this report, but I saw it the other day in 2017, kind of a cyber crime report that said by 2021, which isn't that far away, that the global impact will be $6 trillion in cyber crime. Yeah, yeah. How do you see the public sector, the private sector working together to help mitigate that where that cyber crime is concerned and the costs that are so varied and large? Yeah, it's not just cyber crime either, it's cyber terrorism. These other aspects, especially if you're talking about public sector, if you're talking about critical infrastructure and also with energy sector and operational technology and all these things too. So it becomes very important for doing a collaboration and alliances, that's something that's actually close to my heart. At Fortinet and FortiGuard, we've formed several strategic partnerships and alliance with public sector, mostly national computer emergency response, because we feel that we have a lot of intelligence. We're very good at what we do. We can protect our customers, detecting threats, but if there's an attack happening on a national level, we should be able to empower, to be able to work together to combat the threat. It's the same thing even with cyber crime, right? So as an example, we work with law enforcement as well, with cyber crime, trying to find threat actors in the adversary. Cyber criminals are running their own business and the more expensive you can make it for them to operate, it slows down their operations. Interesting, a cog's approach to competition. Yeah, yeah, yeah, yeah. And they're always going to find the path of least resistance, right? That's the whole idea of security strategy too, is we call it the attack chain, right? It's like layered security. That's the strength of numbers theme again, right? End to end security that makes it, the whole security chain stronger because of that bond and that makes it more expensive for the cyber criminals to operate too. So as an example, like I said, national cert, law enforcement, we're even teaming up in the private sector, the Cyber Threat Alliance as well. That's been a very successful project. Fortinet's a founding member. I'm on the steering committee of the Cyber Threat Alliance. It was Ken's brainchild, wasn't it? Yeah, yeah, yeah. And so we're competitors in the industry but we're actually, it's a friendly environment when we meet and it's actionable intelligence that's being shared. Again, it comes down to how well can you implement that technology or that information in your technology? That's an important part, yeah. So here we are at Accelerate 2018. This, I think Ken was saying the 16th year of this event. What are you looking forward to in 2018 for Fortinet, looking at the strength of the partners, those behind us? What's exciting you about the opportunities that Fortinet has in 2018? It's never a boring day. There's a lot of interesting opportunities to work with. I think it's, what's exciting to me is the vibe. People are very keen on this, right? If you look at our Fabric Ready program it's growing quite significantly. And I think it's fantastic. There's a lot of people that are energized and willing to work in these programs. There's a lot of programs we can build out specifically with Fortiguard as well. Like I said, these threat intelligence services that we're offering to our partners now which include proactive alerts, early warning systems. That empowerment and working together is definitely exciting. There's a lot of opportunities there. And there's going to be a lot of challenges to overcome. If we look at the threat landscape right now, one thing I'm talking about is swarm bots. So it's a swarm intelligence. So it's parallels here again. We talk about strength in numbers and what we're doing on our side. The bad guys are also teaming up and doing strength in numbers on their side too. So we're looking at, on the horizon, threats like this that are using, leveraging their own learning mechanisms, being able to self-adapt, to be much quicker to attack systems, right? Because that's on the horizon, we're already seeing indications of that. We have to get this right. I think for the first time in the industry, we're doing this right. If you look at years past, cyber criminals there, they can do a million things wrong and they don't care, right? So we need to be able to overcome more hurdles if we work together, which we're doing right now. I think for the first time, we have the opportunity to have an advantage over the cyber criminals too. So that's also exciting. Definitely, we've heard a lot of, I think, conversation today along the spirit of collaboration and compatibility. So that sentiment, I think, was well represented from your peers that we've spoken with today. Yeah, everybody has a part to play, I think, right? And that's the thing, you mentioned the word ecosystem and just exactly what it is, right? And that's another brilliant thing we're finding, is that everybody brings some strength to the table. So that's another aspect. And I think people are realizing that, organizations are realizing that they can actually play in these collaborations. It's not a zero-sum game. No, no. It's not. I mean, there's so much diversity and so much opportunity if this digital transformation is going to have touched so many different corners in so many different ways. But at this point in time, it's how fast can we all work together to take advantage of the opportunities and not, I want that piece and I want that piece because then the whole thing won't grow as fast. Yeah, and the other challenge is the technology challenge and that's something we are addressing as well. Actually creating a solution to this framework as we did with the Cyber Threat Alliance but also with the fabric program as well. So having those tools is very important, I think, as well to help grow that ecosystem, right? Exciting stuff. Derek, thanks so much for joining us on theCUBE and sharing some of the things that you're working on and it sounds like, like you said earlier, never a dull moment, every day is a busy day. Absolutely not, yeah. There's a long road ahead. I think there always will be but like I said, it's a lot of exciting times and it's good to see progress in the industry. Absolutely. Well, thanks for your time. We look forward to your chat next year and to see what happens then. Okay, thank you so much. Absolutely. We want to thank you for watching theCUBE's continuing coverage of Fortinet Accelerate 2018 for Peter Burris. I'm Lisa Martin. We'll be right back after a short break.