 from our studios in the heart of Silicon Valley, Palo Alto, California, this is a CUBE Conversation. Hello and welcome to this special CUBE Conversation in Palo Alto, California. We're here with our friends on Twitter and influencers in the cloud computing edge and open source game. We have our distinguished power panel here talking about if every tech company, every company should be a tech company and what does it mean in the era of a modern infrastructure. Pleased to have Mike Hale, who's the CTO of Everest.org from Los Gatos, California, Rob Hershfeld, founder and CEO of Rack N, calling in from, where are you calling in from? Austin, Texas. Austin, Texas, good to have you. And Mark Thiel, who's with Edge Gravity, brand new opportunity, congratulations. Calling in from Las Vegas. Thanks for coming in. Guys, thanks for spending the time on this CUBE power panel from the influencers. Good to see you. How are you? Excited to be here. It's great to see you guys on Twitter. But this morning I woke up, I was very active. I had a crowd chat earlier this morning and Mark, you wrote a post that got my attention because I think you hit a nerve that has been sparking around the the internet's around the role of technology as companies are starting to rethink and building out their enterprise architectures and their businesses. And we're seeing some signals around cybersecurity. DevOps certainly has been kind of banging on this drone with cloud computing and that is that the role of technology plays as a percentage of the business, part of the business. And your tweet was simply put, you said, if every business needs to become a tech business, a business has to decide to own its own infrastructure, some of that effect, which triggered me because it's like, that's a good question. IT isn't just a part of an organization, just supporting it. Tech is becoming much more instrumental. So I want to get your reaction. What was the motivation behind that tweet? What's your, what's your, what was your point around it? Yeah, I mean, like many of my tweets, they're poorly worded and rushed out. So, you know, it's not as clear as it could have been, but the real point of the message wasn't to highlight that a technology company has to be all in the cloud or has to own its infrastructure, but rather as a company makes a change towards becoming a technology company. I mean, if we go back to, you know, 1995 or 1996, when we wanted a library, we went to the library, but now we have Google. We didn't know that Google was going to become an online equivalent of a library, but it became a digital company before anybody asked for that solution or anybody was running that kind of solution in some sort of company format and then changed it over. But, you know, Google, Facebook, Microsoft, Intuit, Adobe, PayPal, we could go down the long list. They're all IT companies in the end. Whether you call the technology that they build to run their businesses engineering with a CTO or IT is immaterial. They are, in fact, large giant IT organizations that do what they do to make money. And so, as more companies look to make the change as digital transformation takes hold, as more efforts are presented to try to get a closer handle on customers to build loyalty with customers, create new engagement models, maybe at the edge, even in traditional application environments, then companies have to make a decision about how they're going to own IT and whether they're going to own any portion of the infrastructure of IT. And if they're going to do that, then I don't think that there's any question that they have to own it at least following a model of the way the large providers and the Facebooks, et cetera, have provided for us. We cannot continue, in other words, what I've been known to say before is we can't continue to throw in more hardware and people at the problem. Mike, I want to get your thoughts on this, because one of the things that was, I know you have been involved a lot with security and IT as well. In security, which is a canary in the coal mine for a lot of these architectural decisions, are all kind of looking at how they hire and build on-premise in-house around tech stacks. And one of the things that became apparent to me at Amazon AWS Reinforced, which is their Amazon's first cloud security conference, was most of the ceaseless I talked privately was saying, we don't really believe in multi-cloud. We have multiple clouds, but we are investing in people on certain stacks that fit our guiding principles of what we're building as a company. And they said, we then go to the suppliers and saying, well, here's the APIs we want you to support. So you start to see this shift from being hiring the general purpose software vendors to come in and supply them with IT stuff or hardware, as Mark pointed out, to much more the customer saying, no, no, this is our spec, we built it. And so the trend that points to the trend of a reinvestment of building tech at the core of the business, which would imply to Mark's point around their tech companies. What's your thoughts on this? So I'll nuance my answer. I think they're tech-enabled companies more than tech companies. Like tech is enabling, whether it's Google or Intuit or PayPal or the other companies Mark mentioned, technology is the base of their company's stack. Then to go into your security portion, security has to be architected and embedded into the core solutions, not bolted on after the fact with vendor solutions like it is today. And I think we've proven time and time again, including the Capital One issue as of the day or two ago, that the current approaches are not working. And I agree with whomever CISOs you've been talking to, like being, driving API integrations and being consumptive of them and telling what you need to build is a much better approach. Would you wanna build a custom house without actually talking to your builder and finding out later what features and fixtures have been installed in your home or would you wanna have a hand in that from the ground up? But I think that's the shift. Well, I want to come back to the Capital One point, that's going to be a separate talk track, so let's hold that thought. Rob, I want to go to you because Sarbit Jol, who's prolific on these threads as you know, posting his nice Twitter cards on there. He said, talking about leasing out extra capacity, private data centers, question marks, teasing out the question and then Ben Haynes responded and said, why the hell would you want to be in that business when you have a real business to run? Again, to what Mark was saying about, tech is going to be everywhere, why should I even be in the data center business? I don't want to be in that business, I got to figure out tech for the business. So Ben kind of brings that practitioner perspective. What's your thoughts? Because you're in the middle of this with the DevOps movement, bare metal's a big part of it, your thoughts. Yeah, and that's, we really focus on fixing the bare metal problem. And I want to come back to where bare metal fits with all this because you really can't get away from bare metal. I think the first question is really, is every data center, is every business and IT business? And not every business is a Google and strictly an IT business, but what we're seeing with machine learning and internet of things and just extension of what was traditionally siloed IT or data center IT into everyday operations, you can't get away from the fact that if you're not able to take in the data, work with the data, manipulate and understand what your customers are doing, then you are going to be behind. That's how you're going to lose, you're going to be out of business. And so I think that what we're doing is we're redefining business into not just a product that you're selling, but understanding how your customers are interacting with that product, what value they're getting from it. We really redefine supply chain in a very transformative way compared to anything else. And that's an IT enabled transformation. Ben brings up a good point with the Brent. I want to, Brent's point is essentially teasing out Mark and you saw about bare metal. All this stuff is complicated, you got to make investments. But Ben's teasing out, what the hell business do you want to be in? And I think that becomes a lot of this digital transformation conversation is, hey, cloud is an easy decision. We were a startup 10 years ago, we don't have IT, we got 50 plus people growing, we're all in the cloud and that's fine for us. Dropbox started in the cloud, all these guys started in the cloud. It's easy as hell to do it, there's no debate there. But as you start thinking more and more integration as a big enterprise, which wasn't born in the cloud, this is where the transformation is happening, is what business, what the hell are they doing? What's the purpose of their business? Yeah, but the reality of cloud infrastructure and how cloud infrastructure is structured does not really take you away from owning how you operate and run that infrastructure, right? Amazon's done an amazing marketing job of telling everybody that they're not smart enough to run their own infrastructure. And it's just not true. We definitely let operations get very lax, we built up a lot of technical debt that we need to be able to fix. And Amazon walked in and said, this is too hard for you, let us take it off your plate. But the reality is people using Amazon still have to own their operations to that infrastructure. Capital One doesn't just get a pass and say, I used Amazon, oh well, too bad, talk to them. You still own your infrastructure. Well technically it wasn't Amazon's fault. So let's get to Capital One as this brings up a good point. Converged infrastructure was the holy grail savior for the IT. If you go back when we started doing Cube interviews, Stu Miniman and I would talk about, oh, Converged is awesome. You got Nutanix kicked ass and grew like crazy. And so then you have the Converged kind of meets its maker when it sees the cloud. It's like, okay, I got great Converged infrastructure, but yet the breach on Capital One had nothing to do with AWS. It was basically an S3 bucket that the firewall misconfigured. So it was really, Amazon was a victim of its simplicity there. I mean, there was this. I mean, this is what we're talking about to me with this tweet is that we need to be better at operating the infrastructure we have. Whether it's Amazon or physical assets on your premises, what we've really done is we've eroded our ability to manage those pieces well and do it in a way that builds on itself. And so as soon as we can get an improvement there, I mean, this is where I went with this thread is if we can really improve our operational efficiency with the infrastructure we have, whether it's in the cloud or on premises, you create benefits there, then everything you build on top of that is going to have an improvement, right? We're going to change the way we look at infrastructure. Amazon's already done that. And we think about infrastructure in cloud terms, but I don't think that what they've done is the end destination. They've just taught us how to be better at running infrastructure. Well, it brings up the point. And so Mike Shaking his head, I'd love to get his thought and mark on this. If I, is it IT's problem or operational technologies problem? Because the world's not as simple as it used to be. It's not simple. You got Edge, you got external, you got SaaS, you got cloud players, now multi-cloud. So information technology teams and operational technology teams, whose fault is it? Who's responsible? And could you just have AI bots managing the filtering and access to S3 buckets that could have been automated away? What, whose problem was it? Operations technology or IT? So I think to touch upon what Rob was talking about, there's supply chain and technology. And the classic soundbite is people, process and technology. The core cause of literally every security breach, including Capital One, is a lack of sophisticated process and the root cause being people. And there's no amount of AI currently that can fix that. So you have to start focusing on your operational supply chain processes, which as Rob said, Amazon has really solidified. And the company should look to emulate that versus trying to emulate the cloud infrastructure and solve your process and your people challenges first. And then you can leverage the technology. Great point. I totally agree with you on that one. Mark, you've talked on that. Yeah, I would agree with everything that both Mike and Rob just said. And I would just add that we don't have any choice but to face the future that is IT. And in order to provide the best possible service to our customers for our applications that even haven't been built yet, we have to look at the services that are available to us and utilize them the best way possible and then find the appropriate management and Mike so correctly put it, supply chain processes for managing them. And so I've talked to people who are building unique cloud platforms internally to solve a specific business problem in ways that the individual clouds offered by the big three is an example can't do or can't do as well or can't do as cheaply. And the same thing applies to customers who are just using more than one of the big cloud providers even in some cases for workloads that might seem similar because each of the clouds provide a different opportunity associated with that specific set of requirements. And so we don't have any choice but to manage it better. And whether it's we make a choice to use it in our data center because it's more cost effective long-term and that's our single most important driver or whether we decide to leverage every tool in our tool belt, which includes a handful of cloud providers and some we do our own or we put it all in one cloud, it doesn't change our responsibility for owning it correctly, right? And my simple message really was that you have to figure out how to own and I'll steal from Mike again you have to figure out how to own that supply chain but more lower down more base if part of that supply chain is delivering compute into a data center or environment that you own then you have to find the tools and capabilities to ensure that you're not making the kind of mistakes that were made with capital or if you have tools or networks and tools you don't own look at the quote so-called scare of the China hack from super micro that's still a supply chain problem as well it's on the silicon. So again back to the process people equation I think that's right on this brings us kind of to the next talking track I want to get your thoughts on which is cloud 2.0. I mean I'm putting that term out there only as a provocative way because I remember web 2.0 works so well and everyone debated about what it was. If cloud 1.0 was Amazon web services thank you very much public cloud you could say cloud 2.0 or second inning would be just what happens next? Because you're seeing now a confluence of different dynamics edge, security, industrial edge and then you know this all coming into on-premises which is hybrid and public all working together and then you throw multi-cloud in there from a complexity standpoint do you want to have support Microsoft stack, Azure stack, Google and Amazon? This is the fundamental 2.0 question because things are more real time things are data specific there's costs involved there's real network innovation needed what's your thoughts on cloud 2.0? I think the base of cloud 2.0 is moving to the shared responsibility model and we should stop blaming people or teams for breaches as architectures become much more complex including network compute and storage and service orchestration layers like Kubernetes no one team or individual or one team can manage all of that so you're all responsible for infrastructure scalability performance and security so I think it's the cultural movement more than the technology movement at the base of cloud 2.0 Rob what's your definition of cloud 2.0 from your perspective? Oh boy I've been calling it post cloud is my feeling on this yeah to me it's about rethinking the way we automate you know we really learned that we had to interact with infrastructure via automation and eliminate the human risk elements of this doesn't mean that automation is full perf either it's not but what I think we've seen is that people have really understood that we have to bring the type of automation and power that we're seeing in cloud and the benefits because they're very real but back into everything that we do there's no doubt in my mind that infrastructure is moving back into the environment whereas which is edge from my perspective and we'll see computing in a much more distributed way and those benefits and getting that right and the automation that's necessary to run autonomous zero touch infrastructure in environmental situations that is going to be just as transformative right that environment makes the cloud look easy frankly. Mark what's your take I want to get because you know security has to be one element you got self-driving cars you got kind of a new front end of edge devices whether it's hey Siri buy me a song on iTunes which has to go out to a traditional system and purchase a song but that Siri piece is different than what the back end does the simply database get it move it over self-driving cars you're seeing all kinds of edge industrial activity you know the debate of moving compute to the data you got Amazon with ground station all these new infrastructure physical activities going on that needs software to power it what's your in cloud 2.0 seems to be a nice place not just for analytics but for operational thing your thoughts on cloud 2.0 well I mean you you described the opportunity relatively well I could certainly go in I've spent a lot of time going into detail about what edge might mean and what might populate edge and why people would use it but I think from if we just look at it from a cloud 2.0 standpoint maybe I'm oversimplifying but I would say you know if you add on to what Mike and Rob already so well pointed out is that it's best fit right it's best fit from compute location to CPU type to platform and and historically for IT they've always had to make pragmatic choices that I believe limit their ability and help to create more you know legacy tech that they have to manage and and create overhead tech debt as they call it and so I think 2.0 and in my book the best case for 2.0 is that I can put best fit work where I need it when I need it for as long as I need it and that's really kind of aspirational as well people have to get the software stood up and that's where I think Kubernetes has shown a nice position I want to extend this track to another thought another topic around networking so if you look at the three pillars of computing compute I mean industry compute storage and networking cloud 1.0 you can say pretty much compute storage does a good job Amazon has EC2, S3 everything went great networking always got taken to the woodshed you know networking was getting you know people were pissing and moaning about networking but if you look at kind of things we were just talking about networking seems to be an area that this cloud 2.0 could innovate on so I want to get each of your thoughts on if you could throw the magic wand out there around the network does it take the same track as DevOps so it gets abstracted away because you see VMware now doing deal with all the cloud providers they got they're going after Cisco with the networking piece you see Cisco trying to be relevant the big guys you got Edge which is power and network connection you need those things so what is the role of the network in 2.0 if you guys could you know wave the magic wand and have something magically happen or innovate what would it be I'll go ahead and start and play into it it's your world you know it's ironic that I said this to a competitor to my most previous company Ericsson company was Huawei they asked me after an event in Santa Clara I think it was a cloud expo I'd just gotten off stage and the gentleman came up to me and asked me so Mark you know the way you talked about cloud I appreciated the comments you made yada yada yada but what do you think about you know networking and I said well networking's big problem right now is that you can't follow cloud assumptions as far as usage characteristics and deployment characteristics with networking when that problem is solved we'll have moved like years ahead in how people can use and deploy IT because it doesn't matter if you can define a workload opportunity in 30 minutes on an edge device somewhere or on a new set of data centers belonging to Google or Tencent or anybody else if you can't treat the network with the same functionality and flexibility and speed to value that you can the cloud then it's unfortunately you're you're really reducing your opportunity and needlessly lengthening the time to value for whatever activity it is you're doing so network's certainly critical in 2.0 in terms of complexity Rob, Mike any thoughts there? So I think you know there's easy answers to this that aren't actually the answer you know IPv6 was the answer from a couple years ago and that hasn't solved been the tendency to solve all the problems just like 5G is not going to magically transform our edge infrastructure into this brilliant network the reality is networking is hard and it's hard because there's a ton of legacy embedded stuff that still has to keep working you can't just you know install a new container container system and say I've now fixed networking you have to deal with a globally interconnected mesh of systems and I think when we look at networking we have to do it in a way that respects the legacy and figures out migration strategies and one of the biggest problems I see with a lot of our technology stacks here is that they just assume we're going to pave over the problems of yesteryear and ignore them and with networking you don't get that benefit what you described with cloud networking never living up to potential it's because cloud networking isn't cloud networking it's you know for a better set of you know early days of the internet networking is still what we use today it's not something you can just snap your fingers and disrupt well I mean networking had two major things that were big parts of a networking anyone who built networks knows you provision them and you have policy stuff that runs on them right you're moving things from A to B and then you got networks you don't own right so that's kind of pedestrian old thinking but if you want to make networks programmable to me it just seems like it just seems to be so much more there that needs to be developed not just moving packets around what you just said is traditional networks were built first and the infrastructure was then built around them or leveraging them so you need to take like in in the zero trust paper when Bugsy Siegel built Las Vegas he built the town first and then put the roads around the infrastructure so you need to take that approach with networking you need to have the core infrastructure first and then lay down the networking around to support it and as Mark said that needs to be much more real time or programmable so moving from a hardware defined to a software defined model I think is how you fix networking it's not going to be fixed by a new protocol or set of protocols or adding more policies or complexity to it so you see a lot of change then based on that I'd take away that you see change coming to networking in a big way because Vegas we got a build up that has to happen the current way is not working and that's why we see the bottlenecks wherever well Mark you live in Vegas the traffic's brutal but you know still they got a they got some more roads to build change coming Mark your thoughts on the change coming with this networking paradigm shift there are a few companies in the space I'm going to refuse to name anyone at this point because one of them is a partner of my new company not my new company but the new company I work for and I don't want to leave them out of the discussion but there are several companies in the space right now that are attempting to do just that from centralized locations helping customers to more rapidly deploy network services to and from cloud or to and from other data centers in a chain of data centers programmatically as we've talked about but in the long run your ability to to lay down networking from your office without having to create new firewall rules and spend months on on contract language and things like that and being able to take a slice of the network you already have and deploy it and not have to go through the complex MPLS or or VPN setups that are common today and effectively reroute destinations when you want to or make new connections when you need to as far as I'm concerned that's vital to the success of anything we would call cloud 2.0 Well we're going to try to track some of these hot startups have you guys seen anyone around this area I love this topic I think it's worth talking a lot more about love to continue on with you guys on that another time final five minutes I'd love to spend with you guys talking about the digital transformation paradox Rob we were talking before we came on camera you love this paradox because it's simply not as easy as saying kill the old and bring in the new and everything's going to be hunky dory it's not that simple but it also brings up the fact that in all these major waves the hype outlives the reality too so you're seeing so I want to get your thoughts on digital transformation each of you share your thoughts on what's come home to be realistic in digital transformation and what hasn't showed up yet in terms of benefits and capability Sure I mean this to me is one of the things that we see happen in every wave the people jump on that bandwagon really hard and then they tell everybody who's doing the current stuff that they're doing it wrong and that to me actually does a lot more harm what we've seen in places where people said burn the boats we don't care they have actually not managed to get the traction and not create the long term sustainability that you would get if you created ways to bring things forward networking is a good example for that automating a firewall configuration and creating a soft firewall or virtual network function is just taking something that people understand and moving it into a much more controlled perspective and in a lot of ways that's what we saw with cloud cloud took working IT infrastructure that people understood added some change but also kept things that people can understand and so the paradox is that you is it the more you tell people they just have to completely disrupt and break everything they've done and walk away from their known IT infrastructure the less actually you create these long term values and I know there's people who are like oh no you got to totally change everything to create a disruptive value but a lot of the disruptive value comes from creating these incremental changes and then building something on top of that so what did what in digital transformation what has happened that's positive and what hasn't happened that was supposed to happen so when I look at DevOps and what people thought we were going to do just automate all things that turned out to be a much bigger lift than people expected but when we started looking at pipelines and deployment pipelines and something very concrete for that which let people start in one or two places and then expand I think pipelines and build deploy pipelines are transformative going from a continuously integrated system all the way to a continuously integrated data center that's transformative and it's very concrete just telling people automate everything is not been as effective guys other thoughts there on the digital transformation dream I agree with everything that Rob just said and would just add just because it's the boring piece that someone always has to say and nobody in tech ever wants to hear but every corporation at one point or another in its lifespan faces a transformative period of time because of product change or a new competitor that's doing things differently or has figured out a way to do it cheaper or whatever it is and they usually make or break that transformation not because of technology not because of whether they have smart people not because of whether they implemented the newest solution but because of culture and organizational motivation and the vast majority of like everything Rob said doesn't just apply to IT a lot of the best IT frameworks around Agile and DevOps apply to how the rest of the organization can and should react to opportunity so that if IT can be and should be real-time then it only makes sense that the business should be able to be real-time and responding to what is being created through IT systems and right now I would argue that the vast majority of the 80% of transformations that don't see the benefit that they're looking for have nothing to do with whether they could have gotten the right technology or done the technology correctly but it has to do with institutional culture and motivation and if you can fix that then the only piece I'll add onto that that again I vociferously agree with Rob on is that if you wanna lower the barrier to entry and you wanna get more people into this market and you wanna get more people to buy more of your stuff and grow what they own then you have to be able to show them a path to getting the most value out of what they already have. There is no doubt in my mind that that's the only way forward and that's where some of the tools that we're talking about and what we were talking about today on Twitter are so important. Mike, final thoughts on your thoughts on the digital transformation paradox. So the paradox that Rob described I think is set, the context is set incorrectly by calling it digital transformation. It should be digital evolution where the evolutionary process doesn't end. Transformation makes people think that there's some end state which means let's burn the boats, let's get rid of all of our on-prem infrastructure move to cloud and we're done. And really that's only the beginning which is why we were talking about cloud 2.0. So you have to take that approach that you want to have continuous evolution and improvements which segues into what Rob said about DevOps and automating all the things. You don't automate your tasks and processes and you're done. You wanna keep improving upon them, figuring out how to improve the processes and then change the automation to provide that. So it's a, as Mark said, it's a cultural and mental shift versus trying to get to this holy grail end state of transformation. Awesome. Well, I got you guys here. First of all, thanks for spending the time and unpacking this big issue. We'll do more of it. I'd love to just get your thoughts real quick on just your opinion of Capital One, the breach, survivability and impact of the industry since it's still in the news. Who wants to jump first? We'll start with Mike. Mike, start with you. We'll go down the line. Mike, Rob and Mark. I mean, the good news for Capital One is I don't think any personal information was breached that hasn't already been exposed by the various other massive breaches. You might social security number as a throwaway at this point, which never should have been used for identity, but I won't, I digress from that. So what do you think is recoverable? It's not gonna be as critical as, say, Equifax, which was brutal. It doesn't sound like there was negligence, where Equifax seemed like it was more negligent driven than just a bad process or bad hygiene around a user or a role account and access to a certain subset of data. I mean, this was someone who stumbled upon open S3 bucket and said, whoa, look at this, bragging about it on Twitter and the user groups. I mean, this was not like- From what the press said, I think there's other companies that may or may not be affected by this as well. So I don't think it's just Capital One, which will probably diffuse the attention on them and lessen the severity or backlash. Rob, your thoughts on Capital One? Yeah, I wish it would move the needle. I think that we have become so used to the security of Breach of the Week or the hardware. We need to really think through what it's really gonna take to treat security as a primary thing, which means actually treating operations and infrastructure and the human processes, piece of this, and slow down a little bit. And I don't know- Oh, we saw one lawmaker, one congresswoman said, more regulation. Yeah, they don't know this. I don't think regulation is the right thing. I don't know exactly what is, because I think- Regulate, well, you don't understand. That's Washington DC's MO. But we're building a very, very, very fragile IT infrastructure. And so this is not a security problem. It's a fact that we've built this Jenga Tower of IT infrastructure, and we don't actually understand how it's built. And I don't see that slowing down, unfortunately. Unlike Las Vegas, as Mike pointed out, it was built with purpose. They built the roads around the town. Mark, you live there now. What's your thoughts on this Capital One piece to end this out here? I agree with what you've been said. I would say that what I'm hoping, sort of like when you have a lack of employees for a specific job type, like right now in the United States, it's incredibly difficult to find a truck driver if you're a trucking company. So what does that mean? What that means is that it's gonna accelerate automation and truck driving, because that's the best alternative. If you can't solve it the old way, then you find a new way to solve it. And we have an enormous number of opportunities from a process standpoint, but also from a technology standpoint, to not build on the, pardon my French, the crap that we have already. That's okay, we're digital. We're not ruled by the FCC. Instead, build it the right way from the start. Well, you know what? We're soon to talk about self-driving security. We need it. Guys, thanks for spending the time this Cube Talk, Cube Conversation. Appreciate that, Mike. Rob, Mark, thanks for kicking it off. Thanks. Thank you. You're watching Cube Conversation with remote guests, panel discussion breaking down, how businesses should look at technology as part of their business. Cloud 2.0, security hacks, and digital transformation, digital evolution. I'm John Furrier. Thanks for watching.