 from San Francisco, it's theCUBE. Covering RSA Conference 2019, brought to you by Forescout. Hey, welcome back everybody, Jeffery here with theCUBE. We're at RSA North America, in the newly refinished Moscone Center downtown San Francisco, we're in the Forescout booth. Happy to be here first time and we have our next guest, she's Charlotte Wiley, the Chief of Staff from Symantec. Charlotte, great to meet you. Nice to meet you too, Jeff, thanks for having me. Absolutely, so impressions of the show, this is a crazy show, 40,000 plus people aren't many shows like this. It is huge, it's a little overwhelming, it's my second year here and it's no less overwhelming second year here. It's just prolific, everything that's here, the sessions, the keynotes, all the networking, the booths, it's amazing. So I'm curious how your perception has changed, I was looking at your background, you were at a financial institution before, so you were on kind of the purchaser side of the house, now you're over on this side of the house, how has that kind of changed your perception when you walk this crazy floor? I imagine before you're like, yeah, how am I going to digest all this stuff? Well, no one wants to be my friend anymore, which is interesting, so working on the vendor side, it defends the dark side, it's a very different experience when I came here a couple of years ago at the bank, everyone wants to talk to you, whereas this time there's a healthy competitive nature going on between all the vendors, which is great, you want to see that. But yeah, it's got the same enthusiasm, same buzz on the floor, which is wonderful. So Mayotech's been a leader in this space for a very, very long time, one of the original, kind of original security companies back in the day when we were just trying to protect, I guess our web browser, right, from some malicious activity. Wow, how the world has changed. Totally. And one of the big new components now is internet of things and this tie of IT with OT, operations technology, something you've spent some time on, I wonder if we'll get your take on how that's increasing the threat surface, increasing the complexity, and yet there's still a lot of value there if you can bring those two systems together. Yeah, absolutely. So I think the key thing is, you know, the simplicity here is what you don't know you can't see and what you can't see, you can't monitor. And that's the key thing to remember when you think about IoT and OT. So with IoT specifically, if you, you've definitely got an IoT in your network somewhere, everyone has, but if you can't see that thing, it is incredibly vulnerable throughout Vector for any organization. So really, it's a point of egress for any database filtration if you've got someone compromising the network already. And you know, we see it as being a very opportune ingress point to get an electronic move, right? So they are incredibly inherently vulnerable, right? These things are, they're usually hard coded, authenticated, they have massive vulnerabilities that often remain unpatched. And when you cannot see, you don't know. Right, right. So same with the OT side of the fence, right? The same problem exists. They typically were not built to connect to the internet. Right. So this is something very new that we're trying to tackle. Right. And one of the key things that I think about is that it's probably a little bit futile to make these OT and IoT devices inherently secure. You think about in 2020, we're going to see like 25 billion devices proliferating our globe, which is incredible. So how do we make it more secure? Well, let's back off from becoming inherently secure. Let's up on the visibility. So if you visualize, you can segment and you can enforce and then you can take control of what has access to your network. Right. Yeah. A lot of interesting conversations about this today, obviously, we were in the Forescale booth, but like one of the people earlier said they had 50% more devices on the network than they anticipated. And it turns out as remote offices and people are plugging things in. Another little factoid is that maybe that hidden OS on that device is actually a Windows NT. It's an NT little box that nobody even knew because it's an embedded NT. But then on the other side, we had Alisa on it. She was talking about great example on security cameras and just that a lot of these newer devices that you can connect have a plethora of services packaged in on the assumption that you might use them. So rather than have not too many, they put them all in but you don't necessarily need to turn all those things on. So again, you're just opening up this huge kind of exposure. Huge exposure. That's it. I think it's a really good conversation to have with your stakeholders about talking about the target breach. So when people start to understand that that really originated from a HVAC system, right? A compromised HVAC system. So when you're talking about IoT and visualization, that's a really good use case to say, look, this is a huge breach that was compromised from because they didn't have visibility over the IoT. It's funny, HVACs keep coming up over and over and over. They're obviously the biggest threat that we have. I can see like a movie with the mean, nasty HVAC thing come on to life, munching up the company. But it's funny. Different topic, shifting gears completely. Really about kind of diversity and diversity of opinion, diversity of perspective, diversity of thought, and how that's a really important and effective tool to use in trying to accomplish missions in this really crazy complex task. You can have single point of view, single point of reference, kind of a single pain that you think about. I know that's something that you've been spending a lot of time on. So my role at Symanteca's Chief of Staff, I own the diversity agenda for the Global Security Office and it's been a real laser focus for me for the past 12 months, which is our industry has a systemic problem around attracting and retaining talent from diverse backgrounds. So we've got to tackle it head on. And we've done that really successfully in Symanteca. So we gave this fabulous mandate through to our leadership who got on board with laser focus around making sure that we get a diverse-later candidates when we're bringing in new people. And that translated incredibly well. So we saw a rise of interview to conversion for an FTE for females in six months of 40%. 14 or 40. For zero. For zero. Yeah. So just by making it part of the interviewing experience, having it a diverse slate of candidates, making sure that we're really giving everyone an opportunity to come in, really has changed the playing game, the playing field. And then the other thing, of course, is the retention, which is a big problem. Retention is a huge problem. That will see women dropping out and not coming back. That's it. And this is where every organization has to step up to make sure that they're making a workforce that is flexible, that accommodates. So some of their mental load that women have, whether it's through childcare, whether it's through with older parents. But then also when we talk about diversity, it's definitely not just about the gender piece, right? We're going to accommodate for other people as well, underrepresented minorities, early career, different people from different socioeconomic background that maybe haven't come from a typical university training course, right? Something that we've focused on heavily. We've been working with a lot of not-for-profits to bring in early career guys who have not had a university background, who may have had a really rough time coming out of school, getting them in, training them up through internships, bringing them up to speed over six months and converting them into FTE, which I feel is a brilliant way to build a diverse workforce and give people an opportunity that didn't have it. That was someone spearheading that before you came on board, or was there an effort to really kind of put a dedicated resource on it when you took it over? So I took over about a year ago and I doubled down on the effort we were working with with Year Up. Before that, I had a fantastic colleague who was doing a lot of work with Year Up and we're just seeing fabulous results. We've converted nearly 33% of our internships into FTE. 33, and those 33 are not coming from kind of a classic, hand-picked population. Absolutely. These are eager, passionate, enthusiastic young people who have a tenacity to just pick things up because they're so grateful to be there. They're so happy to be given the opportunity and it's an untapped resource that I think a lot of people who are looking to have solved aside the security talent shortage should be looking into. Great that we get programs in place through Girl Scout or Middle School, but let's think about alternative ways of getting new talent in and I think that they're not-for-profits are a great way of doing it. It's such a big problem and like you said, it's a big problem from little girls all the way up to mid-career women that are dropping out and not coming back. Before we even get into the boardroom, we work with some organization like Athena Alliance which works at the boardroom level all the way down to Grace Hopper, who's working more kind of at the college graduate level. Girls in tech, I mean there's a lot of, luckily a lot of people are trying to focus on the problem but unfortunately the numbers are not turning in the correct direction, they're actually turning in the wrong direction. So really that's it for me, it's about laser focus. You really got to, if you make your part of your agenda, make your part of your agenda, don't give it the tertiary head nod, don't say that you will do the things, actually commit to it and get it done. I'm not a huge fan of Targus, but Targus work and so yeah, I think there's a lot of opportunity here that people, they don't step up to the plate and do it enough. To your earlier first line, right, if you're not measuring it, and you're not tracking against it, how do you know if you're being successful? Absolutely. And when it's underserved, you have to give it a little juice, right? You can't just expect the status quo to suddenly make a change, right? Absolutely, the metrics are incredibly important. Start with your metrics dashboard, record where you're tracking in terms of your representation of females underrepresented minorities, your vets, your early career. Really what you want to see is a huge influx through the interviewing stage into the FTE conversion. You want to see an influx in your leadership. You want more women in your leadership team because that's the way to drive a better female pipeline. Same goes to underrepresented minorities, same goes to early career. Yeah, it's so important that they look up and see somebody that looks like them. 100%. And see an opportunity to be that person someday. Absolutely, Jeff. All right, Charlotte, well, thanks for taking a few minutes of your day and great to learn about what you're working on. That's great. Thanks for having me. All right, she's Charlotte. I'm Jeff. You're watching theCUBE. We're at RSA 2019 in the Forced Cow booth. Thanks for watching. We'll see you next time. Okay. Thanks. Thanks.