 Hey, welcome back everybody. Jeff Frick here with theCUBE. We're in Palo Alto at the Four Seasons Hotel. The Chertoff event is called Security in the Boardroom. It's an annual event they do. They do a couple every year. And we're excited to be here. The security conversation doesn't really go to the boardroom that often in most of the shows that we go to. So we're excited to be here. And Steve Daley's our next guest. He's the president and CEO of Avanti. Steve, welcome. Well, thank you. Glad to be here. Absolutely. So they said you're the ransomware guy when we were preparing to come in here. Right on, right on. What special relationship does Avanti have with ransomware? We do a lot of it. You do a lot of it? No, no, no. We actually, we have a number of solutions to help customers so that they don't fall prey to these phishing attacks. The stuff that kind of allows somebody to come in and hijack your systems and be able to ransom you for this stuff. So why do you see, you know, from your sitting, the growth in the ransomware in terms of, you know, you used to always be hacking and phishing and people doing stupid things. Clicking on things they're not supposed to. But now suddenly, you know, it's got much more aggressive. Now it's got this kind of ransomware piece to it. Why do you see that? Well, I see a couple of things happening in the industry. One is, I like to think of it as, you think about medieval times, right? You had these castles. And the castles had these walls or modes are very well protected. That's what our data centers have become like. We've got really good security. We've got really good ability to keep the assets that are behind the firewall in the data center very secure. So as the bad guys keep trying to attack and they keep falling against the wall and getting crushed, they start to look at different ways to get past the walls. And what they realize is that you and me, as we're out in the wild, we're like the guys that go outside of the wall. We're out there and we're getting infected. We're getting attacked. They realize that that's the easiest way for them to get back in behind the wall because if they can infect us, then we'll take them back behind the wall through our credentials and our security and get them into where they really want to be, which is where I personally identifyable information is or the high value assets are. And so I think they've recognized that it's harder and harder to attack directly into the data centers. And so let's go at the end points. Let's go attack the weak point and get on those and let them take us back into the data center. And so they look at us and they say, okay, well, how are we gonna get Steve to let us use his credentials? And the best way for them to do that is to fish us and to bring in technology that we accidentally click on and once they get there, then they've got access to us. And so this is just an evolution of that idea that says, okay, well, I could get back into the data center. Why don't I just charge this guy just to let me, let him get back to the data that he wants access to. And so I think it's just an evolution, sophistication, if you will, in the bad actors and their ability to extort value out of companies. The other trend we hear about is kind of a rise of the state sponsored. You know, it's not just the kid living in his mom's basement anymore, who's hacking around, maybe even for fun, right? Just because he could and to brag to other hackers, but really it's state sponsored. So, you know, the motivations behind the powers behind the investment behind the resources behind is very, very different. Yeah, and in that case, when you think about ransomware, this really is about somebody's trying to make some money. State sponsored isn't, they're not trying to make money, right, it's not, they're trying to cut their budget deficit by ransomware and a bunch of Americans type of thing. What they're after is they really are trying to get behind the moat, behind the walls of the castle. And they know the best way for that to do is to infect me so that I take that virus, I take that sickness back into the data center because when I come to the door, they're gonna drop the drawbridge, they're gonna let me in because they know me. And so the idea of phishing, the idea of getting me to click on something that I shouldn't click on is that those techniques really are really powerful. Because one, you can either ransom somebody and get their data back or you can use that as a vehicle to slip back into the behind the wall. But it's so interesting, the more you read up on this topic, there's so many just big gaping holes where people are just not applying patches and they're not doing, it seems like a lot of really simple things. And then on the other hand, people in processing culture and like you said, people are the weakest link, my favorite story somebody said one time, they came to like the company Picnic website which was hanging off the corporate website and I don't know if they said they were the plastic fork vendor or something, but you know that was the way. They infiltrated the company, right, with the sport. So as you're talking to clients, how often do you see that they're just taking care of the basics before you can really even start to get into some of the more advanced techniques? And I think that's a big challenge for companies and I think it comes back to, particularly when we start to talk about end user computing, the way that the industry has evolved is very fragmented in IT, the way that IT decides to support us and our devices. You think about it, in an IT organization there'll be a desktop operations group, there'll be a mobile group if we're using our mobile phones instead of our desktops, there's a security group, there's a service delivery, there's a service support group, they're all separate siloed organizations that are responsible for ultimately keeping us up and running and secure. But when they're siloed like that, it's really hard for IT to be able to say, okay, well, let's do the basic hygiene. Let's make sure that the desktop operations group is patching these things in a normal way. Let's make sure the asset team is bringing in assets and they're tracking through the life cycle, making sure that the software on there is up to date, those types of things. Make sure that the security team has visibility across all of it, it's so siloed. There's no way that IT can, it's really hard for IT to really bring that together. And I think that's a fundamental problem with the way that we're organized. And I think that has to change. I think the people process side of the thing is we have to start to bring and unify IT, particularly when you're talking about injuries or compute environments, because the way it's fragmented is one, it's really expensive, it's costly. You've got all these different teams that have to talk and you have to stitch technology together and IT's responsible for that. And two, it becomes really, really risky just because what you brought up is, this team is concerned, has their own remit, it's not necessarily 100% security and so patching falls to the bottom of the list. And yet for the security guy, most exploits are done on exploits that have had a patch available for at least nine months. So it's not that it's a brand new thing, zero day that just pops into the end, it's that the teams haven't patched the systems in nine months, it's crazy. And so I think if we can break down, we can unify IT, we can break down those silos, then I think we got a much better chance of doing the basic hygiene and getting all the technologies together in a way that allows IT to really address this problem and really focus, it's really a cultural change. IT's going to have to change it and the only way for a CIO to be able to affect this change is there has to be some organizational consolidation. Right. And as you seem kind of the growth of cloud, right? Public clouds and private clouds where some of that security responsibility can be shifted off to Microsoft Azure team or to the AWS team. It's interesting on one hand, they've got massive resources that they can deploy at no individual company or very few individual companies have. On the other hand, you still have to hit the knobs, even the most recent AWS breach is somebody just didn't turn the knob on to close it down. So are you seeing, because I imagine from a smaller, mid-sized company, the security challenges across all these fronts that are escalating at a rapid rate, really tough to have the resources to fight. So are they adopting more, not necessarily always cloud, but kind of larger solutions that they can leverage so they don't have all that responsibility on their own heads. I think that's some of the impetus behind a move to cloud. I think the challenge is still, when you're talking about end user computing, right? All we're talking about is moving the castle in the moat to somebody else's castle and moat, right? You still as a company, you still got all these users of IT that have their own devices that are wandering around out in the forest, right? And maybe they can get you back in and maybe that moat might be a little better than the one I could build myself, but I'm still held responsible for, a ransomware attack doesn't matter if I'm using Azure, right? If I'm using a Windows laptop and somebody tells me that I can win a million dollars and I click on that, bang, right? That's a problem for me as a healthcare provider, for instance, right? It doesn't matter what kind of castle I've got built by Microsoft or Amazon or Google or whoever. I'm still responsible for that piece of it. And that's not going to change. Steve, so much to talk about. We didn't even get into IoT and the increasing attack surface area of our cars and washing machines and watches. All right, well, we'll leave it there. Thanks for stopping by, enjoy the rest of the show. Yes, good to meet you. And look forward to our next conversation. We'll jump into the IoT. All right, he's Steve Daley. I'm Jeff Frick. You're watching theCUBE. It's your top security in the boardroom event. Follow up though. Thanks for watching.