 Good afternoon everyone, welcome back to theCUBE's live coverage of VMware Explorer 23, live from the hub at Venetian Expo. We've had one full day of great coverage. We're approaching a second full day of coverage, but you know that, because you've kept it right here on theCUBE for all the action. Lisa Martin with Dave Vellante. We're going to be talking about cyber resilience and that's one of my favorite topics. Michael Wilkie is here, senior consultant product marketing at Dell and Jim Stout, advisory systems engineer data protection team at Dell Technologies. Guys, great to have you on the program. Thanks Dave, Lisa. What's been your experience at VMware Explorer 23 so far? We're halfway through day two, especially where security data protection are concerned. Michael, we'll start with you. Well, I think we obviously have a fairly long relationship with VMware and the data protection space, from the early days to now. And so it's a big customer group for us. And I think we've continued to maintain our, what we believe is our Dell advantage for VMware customers through things like deep rich integration points across all of the VMware ecosystem, vSphere, vRealize, Tanzu, et cetera. Our focus on cloud native, the ability to support a platform across all the VMs, apps, across whatever cloud. So, and finally cyber resiliency. Obviously we run our cyber recovery solutions in all the major public clouds. So, all of that adds up to a fairly robust set of offers and outcomes that we can deliver to VMware customers. So we're always excited to have those conversations. Those deep integrations are critical because we're always talking about you can't bolt on data protection, but if you don't have deep integrations, it's going to get bolted on. And all the buzz of course here is, Broadcom, multi-cloud, AI, and it's the data protection piece sometimes gets lost in the conversation, but it's becoming more embedded. Correct. And presumably the integrations are part of that. But Jim, what are you seeing from the standpoint of what the way it used to be and how it is today with cloud cloud services, data protection as a service? Yeah, absolutely. It's a great question. I mean, we see across the board, pretty much all verticals are really trying to adopt that multi-cloud approach, right? And there's a lot of benefits to multi-cloud. A lot of streamlined processes, a lot of agility that comes with that approach. But there's also some challenges with that. A lot of those come with governance and some security and some other things, right? And at Dell Technologies, what we're trying to do is help customers overcome those challenges. Just like VMware has tried to help customers overcome some of the multi-cloud hurdles with their offerings, we do the same thing from a data protection perspective by offering protection for those multi-cloud solutions in a consistent and highly performant manner. Can you talk a little bit more about power protect from Dell and how you're working together with VMware? Because as Dave was saying, and as I always call it your brilliant analysis, your breaking analysis. Oh. In terms of VMware really being on the precipice of really owning the multi-cloud era. How are you guys working together to enable customers to manage and protect data across clouds, across applications, globally in this hybrid workforce? Sure. Well, that's a very good question too, right? So we've done a lot of work across multiple verticals to make that happen. So starting off with some co-innovation that we did with Microsoft, I'm sorry, not Microsoft, with VMware, we work with Microsoft very closely as well, to enhance our ability to protect virtual machines. We have a solution called transparent snapshots, right? So one of the challenges customers face as they try to transform is, how do they take these large, transactionally heavy workloads and virtualize them and cloud-enable them? Well, VMware's done a lot of work to make that happen. But there still was risk and still was challenges with trying to protect those workloads as they created situations like VM Stun. Things like that that prevented those virtual machines from being protected, therefore prevented them from being able to be digitally innovated, right? So with transparent snapshots, we've worked with VMware. We've created a way to eliminate all stun for these highly transactional workloads. So now more workloads can be virtualized more than ever. We can protect those workloads. We can protect them much faster than any other capability. And as a former IT director, my favorite part about this is that you can protect up to 5,000 virtual machines with only using a single proxy. There's no other solution that could come close to doing that. So we're faster. You drastically simplify management, the overhead of backups while eliminating that stun. You know, Lisa and I were on a session earlier today. We were kind of speculating, okay, what happens from a customer perspective? How should they think about the impact of the Broadcom acquisition, et cetera? And we use the Walmart example, if you're familiar with the Walmart triplet model, they basically got their on-prem data center, where that's where they keep all their family jewels. And it happens to be an open stack implementation. They build it themselves. Most customers can't do that. And then they use Google for their data analytics and they use Azure for collaboration software. Sensible, right? But their family jewels stay on-prem. And again, they have the resources to be able to build all that. Most customers don't. So what we said was it's likely for many customers, they're going to rely on VMware for that on-prem and partners like Dell. And the data protection policies, they might be different. You know, you might not be spending as much in the cloud for the lighter weight workloads as you will on-prem. And to your point, you can now modernize those workloads on-prem. You don't have to move it to the cloud necessarily. Maybe you don't even want to. What's the business case to do that? So what do you think about that model of data protection? Were there horses for courses? Well, we've talked about this, where applications are going to run based on a number of variables. But I mean, one of the things is that this is really kind of still a tale of two cities, where VMware is just so pervasive. You know, we're generating so much data that's running in their environment that it's still a challenge just to keep up. And what Jim was explaining about, how do you, and now it's just not small VM, it's massive databases that are mission critical. How do you protect those? And so, we're innovating still in the area of just performance. How do we do things faster, easier? But also when it comes to the cloud, look, we have north of 17 exabytes of data protected in public clouds from Dell. Much of that is using VMware multi-cloud services. So, and it's spread out over not just one cloud, but multiple clouds. So how do you simplify the management across a number of clouds? And then how do you make that experience the same as it is on-premises? So that you don't have to really worry about where the data is. You can manage it efficiently with less resources. And from a mobility standpoint, whether it comes back or goes up, what we're working to do is just to make that as seamless as possible. So multi-cloud is inherently complicated. So your job is to simplify that. So how do you do it? What are customers demanding of you? Sure. You want to take that? No, you go ahead. Okay, great, no. So again, you're right. It's a push-pull situation, right? Yeah, customers want to go to a multi-cloud topology, right? But they're having to overcome those obstacles. Their data's growing. It's becoming more distributed. It's harder to not only protect and manage, but it's also harder to do things like create cyber resiliency as well, right? So our goal is to help with that, right? And that starts with being able to support those workflows across those multi-clouds. Being able to protect those in a manner that is consistent, it's like Michael said, across regardless of where that cloud is, whether that's a VMware cloud on-premises, in a colo, in a public hyperscaler, or anywhere else. Having that consistent layer of protection, and having that data mobility so that data can very efficiently move from one source to another. So you mentioned earlier, David, about maybe customers don't want to move their crown jewels into a different location. That's absolutely true, but we want to give them the option to, right? We want to make them cloud-enabled and make them green light them to be able to do that should they choose to or need to in the future for whatever reason. And I think ultimately the customer's dream is to make it irrelevant. Right, exactly. So it's just, give me some infrastructure that's programmable, and I want to apply whatever policies are necessary based on the value of those applications. Right. And that's kind of nirvana, but we're moving in that direction. We're a lot closer now for sure than we were 10 years ago. I mean, even pre-COVID. Yes. Right? I mean, even the conversations that we might have had at a VM world, seven years ago, or even five years ago are just so drastically different now because of that very shift in terms of how people are leveraging, not just the cloud, but VMware in the cloud. And we've talked about this on theCUBE many times where, again, pre-COVID people were really relying on the disaster recovery systems and processes. Oh, we're covered. We're good there. And all of a sudden they realized, well, maybe not. They get hit by a ransomware attack. Right. The probability of that, you know, they used to be once every 10 years, I'm going to have some natural disaster. Right. Fire, flood, hurricane, earthquake, whatever. Now it's like that's pretty much the probability is much, much higher. Right. That adjacency of that data protection and cyber resiliency, as you liked it. Yes, right. And the impact. And we talk about a lot. And the impact is the same. Yes. So you have a much higher probability and the same impact. So that means that you have to rethink your entire data protection strategy. Right. Absolutely. To customers, some do. I don't know if you can percentage or bell curve it. Where are customers on that maturity? Do they understand that? Jim, you might, I mean, from a CTO office. I think that maturity is rapidly evolving. Right. So I remember it wasn't too long ago where a cyber attack was considered a game overplay for certain organizations. Right. You got attacked, it was out. Right. Investors are going to flee and there's no coming back. And everybody got fired. Yeah, exactly. Right. Well, that's changed drastically. Right. It's now about being able to recover, being resilient from that attack. Right. And there's only so many ways that you can accomplish that. Right. The very most effective way, the very kind of that last line of defense is having that data in an offline copy. In a way that's isolated from the bad actors and having intelligence wrapped around that. So if there is any infection in that data, you can rapidly detect it and make sure you recover only clean data. Right. And we're just now starting to, you know, envision, you know, the potential impact of generative AI on, you know, not just data protection in general, but, you know, cyber threats and what that can mean. And, you know, we're in the midst of doing some research that we're going to hopefully have in November where we're going to probe a little bit more into that. Just, it's just another wrinkle that we're seeing, you know, as we, you know, we talk to protecting, you know, in the cloud or on premises. When you're talking with customers about becoming cyber resilient, obviously that's a journey. There's a lot of stages of getting there. Data protection is an enabler of cyber resiliency. Is that a fair assessment? Well, I think it's, I mean, from our perspective, you know, step one is to protect your data. So you need to protect it, you know, initially, you know, through your, whatever you're doing to do your backups needs to be immutable, you know, it needs to be, you know, frequent enough that you'll be able to recover in a, you know, in a timely matter. But the next step then is, okay, assume, and this is sort of, you know, you can spend money on preventative and you can spend money on resiliency, but, you know, the inevitability of an attack of some kind is so high that you have to essentially not just back up and protect your data and do everything you can at that stage, but then you also have to have that sort of storage of last resort that you can recover from. And that's sort of what our cyber recovery vault does. It provides that, you know, isolated, immutable, isolated, intelligent source of data so that, you know, when that day comes, you have clean data recover from. It's the right data to get the business back up and running that sort of critical data. And, you know, so you need both, you know, and then from there, you know, you, you know, we've talked a lot that, you know, the landscape around cybersecurity is very wide, you know, it runs from, you know, recovery all the way up to, you know, how do you secure your supply chain from your vendors, you know, safe bios. We have other security features, you know, in all of our products. So, but, you know, we do believe strongly that, you know, prepare for that day, you know, with some, you know, with a solution that's going to allow you to get your business back on its feet in the event of a cyber attack. And have the operational model intact to be able to actually make it work. This is why you were talking before about the adjacency. And, you know, it's one of my favorite topics. But Jim, I wonder if you could comment on this. So, when I talk to customers, you know, I ask people and consultants and about, you know, best practice and they always, they'll revert to like the NIST framework or the MITRE framework. And that's cool. Great. It's really well thought out. But customers are frustrated because they're like, how do I operationalize that? And this is an example of how you operationalize. It doesn't take, it doesn't do the whole enchilada. That's not what you're claiming to do, but it's an adjacency that actually is a component that's operationalized. And you can test it, right? Especially with the cloud, it helps you test. People used to never test this type of thing. It was too risky. So now you can test and you can, you can bring that into your operations. That one, they work on the other, operationalizing the other pieces. Do you hear that from customers? Absolutely, right? Because it is a complex situation, especially when you have a multi-cloud model. So you have to have the ability to put together an architecture that can protect against cyber resilience, right? And when Michael's talking about that last line of defense, it's because, and one of the reasons we're doing that is because the bad actors are attacking the primary backups, right? That's what they're going after now. They've become sophisticated. They're smarter now, right? So we have to have that isolated copy, but that isolated copy has to hold all of those critical components regardless of where they originated from, whether it's a public cloud or whether it's a SaaS offering or wherever, right? So you have to have that architecture in place. Then you have to have the ability to recover those in a clean manner into a sandbox type of situation so you can test those. So you can ensure that, should that situation happen, you're prepared. Yeah, and you got to think about, you were talking before about the recovery point objective. You want, how much data are you willing to lose? Well, none. Okay, well how much money do you have to spend? Say, okay. That's when you get into the probabilities and say, okay, if I snapshot it whenever every or change data capture every in minutes, seconds, hours, whatever it is that's appropriate for the business, now at least know I've done everything I possibly can that I can afford to do. And you can go to your board and say, look, these are the trade-offs that we make. You can explain that in business term. And that's a step forward, right? And it's not like you're boiling the ocean when you start talking about zero trust architectures. I mean, there's prescriptive steps that you can take to improve your posture. And the other point is, the bad guys, there's a numerator, which is how much value they can extract, and there's denominator, which is how painful it is for them, how much cost it is. So if you do these types of things, it makes it harder for them. It increases the denominator, makes their ultimate value less, and they'll go somewhere else, ideally. Which is incredibly important. And we're talking about mission criticality because I think I read a stat, I believe it was from Cyber Adventures, and this is from probably last year that a cyber attack happens, a ransomware, excuse me, once every 11 seconds, and that number is only probably going to get less. So we're talking about mission critical capabilities for businesses in every industry because nobody's safe from ransomware. It's not a matter of, is it going to happen to us? It's when, how do we recover? Well, you know, as we've talked before, I mean, at least the conversation is getting easier because the people at the table have changed. Everybody from the board, to the C-suite, to the traditional IT operations people. And so that's making, it's a high priority. So that at least helping the conversation. And then, as we've discussed, and we're going to have on one of our upcoming events with you all, how it can happen. We're going to feature Nature Fresh Farms. I mean, that story is a remarkable story of just how, you know, benign this thing can be when it'll happen in the most unassuming way. And next thing you know, you're in the middle of it. So it doesn't have to be a big bang. It could be just a little opening here. And next thing you know, you're wondering how you get your business back on your feet. Well, I'm glad you brought that up because I want to tease this. Yeah, please. So it's called navigating the road to cyber resiliency. This is our second episode. And in that, we talked to Keith Bradley. Lisa, you and I talked to him at Dell Tech World. And we're going deeper along those lines. Keith comes into the studio remotely and we go through the anatomy of a cyber attack and he's very open about it. That's next Tuesday, August 29th at 9 a.m. Pacific. Go to thecube.net and you'll see navigating the road to cyber resiliency. Very excited about this episode. This one really featuring some customer examples. We've got a mini doc that we're bringing to the market as well with a lot of really good thought leadership and expertise around this. It's not, we're not pushing product and you guys are really good at that. So, but this is really about helping people sort of understand, educate them and inspire them to take action to really make their business more resilient. I think one of the things that was so great about that conversation that you and I had with Keith Bradley at NatureFresh at Dell Technologies World was the transparency. Most customers I talked to or even vendors who have customers who were hit by ransomware will not talk about it. And so you uncovered something that was really interesting in that conversation with Keith and that is how much value he now adds to his organization having experienced this, navigated through it and built a far more resilient organization. So if you want to kind of a precursor for navigating the road to cyber resiliency episode two go to YouTube, probably the easiest way to find it, Keith Bradley, The Cube, find it from Dell Technologies World. It was a fantastic conversation that Dave had. I think it was, I think I told you after that was a master class in a customer story testimonial about ransomware, but it really shows every single organization, no matter how big or small no one is safe and cyber resiliency is not a nice to have. It's an absolute essential. It's good stuff, really good. It's good stuff. So when is that Dave, August 29th? Next Tuesday, 9 a.m. Pacific, go to thecube.net is where you find it, so. Be there, Jim, Michael, thank you so much for joining us on the program. We could continue unpacking and peeling the layers of this talking about multi-cloud cyber resiliency for hours, but we do appreciate you guys coming by and sharing with us what's going on. Thank you. All right, for our guest and for Dave Vellante, I'm Lisa Martin. You're watching The Cube, the leader in live tech coverage. We're going to be back after a short break.