 Live from San Francisco, it's theCUBE. Covering IBM Think 2019, brought to you by IBM. Welcome back to theCUBE's coverage, day one, IBM Think 2019. I'm Lisa Martin with Dave Vellante. We're in San Francisco where IBM Think, the second IBM Think is at this new rejuvenated Moscow in the center. We're welcoming back to theCUBE, Bina Hallman, VP of Offering Management from IBM. Bina, it's great to have you back on the program. Thanks for having me back, good morning. And we're welcoming to theCUBE, Alistair Simon, VP of Storage Development at IBM. Welcome. Yeah, thank you, good to be here. So we're going to be here for four days, big event. Bina, we were talking before we went live, expecting 25,000 to 30,000 people at the second annual IBM Think, which is this conglomeration of five to six, what used to be disparate shows. Talk to us about some of the exciting announcements coming out with respect to data protection, storage, cyber resiliency. Yeah, no, this is a great event. As you said, this is our second first time in San Francisco here and a great venue. We have close to 30,000 clients and participants here, so big event, right? The topics around and announcements you'll hear about around cloud, multi-cloud, solutions, AI, security, infrastructure, right? So in general, quite a broad set of new topics at announcements at Think, but from a storage perspective, we've done a number of new announcements or doing a number of new announcements around things we're doing around data protection, around solutions in general, whether it's blockchain, cyber resiliency, private cloud solutions, those types of things. And then of course, around our flash systems offering. So we have a great set of announcements occurring this week. I know you guys have to think about, put on your binoculars and think about what's coming next. So I wonder if we could talk about some of the big drivers, Vina, that you're seeing in the marketplace and Alistair, that you're driving in development. I mean, data obviously, if we talk about data, but we talk about data differently than we used to talk about 10 years ago. Cloud obviously is a mega trend. You're mentioning some new technologies like blockchain and AI. What are the big drivers that you guys look at and how does that affect your development roadmaps? Yeah, certainly from an industry perspective and what clients are dealing with and looking for solutions for. From us, you mentioned AI, having that end to end data pipeline and set of capabilities. We made a number of announcements, second half of last year around AI solutions that allow clients to start from the beginning all the way to the end and meet their data needs whether it's high performance, storage and ingest to capacity tiers. So being able to hold large amounts of data and having that complete end to end solution whether it's with our power AI enterprise or some of those things we did around our spectrum storage for AI within Nvidia. So a lot of focus around AI, but also as clients are getting more and more into moving some of their cloud work, workloads to the cloud or leveraging multi-cloud. You know, today, clients are about 20% on their cloud journey. There's still that 80% that's there that we need to help them with. And a lot of the solutions today, they tend to from a cloud perspective, proprietary, potentially, you know, inconsistent set of management tools. So being able to help clients and focus on multi-cloud solutions, that's a big area for us as well. And then cyber resiliency is the other. Yeah, and I think just talking about the multi-cloud aspect, clearly when we develop our products, we're very focused on being able to connect to the different cloud protocols that are required to move the data from the storage out there to the cloud and do it in a performance related way. I think the other thing from an analytics standpoint that's really important is we've been very focused in delivering the performance in the storage system that's required both from a bandwidth and sheer IOPS perspective and very low latency. And you'll see that with some of the technologies we brought out very recently in our old flash arrays where we're all NVME based, both connected to the servers and to the storage. So really low latency for applications so you can get the data as fast as you can into the analytic engines. So very focused on these new technologies that enhance the new capabilities. Bini, you mentioned something interesting. I always love stats, I geek out, Dave knows this about me. The customers are about 20% of the way into their cloud journey. We talk about it as a journey on the time right, Dave, digital transformation. That's an interesting number. You also mentioned something that IBM is really poised to help customers achieve is this AI journey from beginning to end. If a customer is in this process of digital transformation and has what are the stats? An average enterprise has between five private and public clouds. What is that AI journey? Obviously it has to be concurrent with a cloud journey. There's no time to actually do one person than the other. But I'm curious, what is the beginning of that AI journey for a customer who is going, all right, we're in this hybrid multi-cloud world, that's where we live. We have to start preparing our data for AI because we know on multiple levels there's a tremendous amount of opportunity. How do you help them start? Yeah, and what we typically see for clients is they'll start out on some small AI projects and different parts of their environment. And those can start in server with internal storage or internal SSDs, et cetera. But pretty soon as they want to move that to an enterprise or more of the complete set of solution, that requires more of the enterprise capability. So as Alistair talked about, right, for ingest to be able to have the right set of solution, whether it's having the right set of performance, the latency attributes, et cetera, and making sure we're working, and then the capacity tier. So it's really important that, and we do this with our clients, is help them start with the initial footprint, but then make sure that from an architecture perspective, they're set up to be able to grow into that larger, because analytics is all about that volume of data and you're kind of mining it. So that's kind of the key there. Alistair, the first time I ever went to Tucson, I was there for on a tape mission. It was largely a tape facility. Lots has changed, I'm sure, since then. The development protocol, the environment, to hear a lot about two pizza teams, speed and agile. Can you talk a little bit about IBM's process and development process? Yeah, we're actually very much well down the road towards a drive to agile development throughout all of our development teams worldwide, not just in Tucson. And that brings a number of benefits to us. It allows us to quickly prototype new functions so that we can test them out with our clients very early in the development process. We're not just waiting till the end of the cycle to try something just like a beta test, which we do to a large extent, but we want to get with clients early in the cycle so we can get that initial feedback on designs to make sure that we've done the right thing. And an example of that would be what we did with cyber resiliency and our safeguarded copy on our DS8000 Enterprise Array. We worked with a large financial institution early on to model the design we were going to provide for that. And then we worked with them through the introduction of it and through the early testing. And we've put that out at the end of last year and are seeing great demand for it. So that allows you to take snapshots of your data, make those snapshots immutable, bad actors can't come in and delete that data. And if somebody does corrupt your production copy, you can do a quick restore from it. All done hand in hand with a client through the process. So this is a ransomware play, is that right? Or not necessarily, maybe we could take us through a likely solution for a client. You're creating the ransomware you hear about air gaps, but there's more to it than air gaps. So a typical solution, it's really around being able to work with clients to plan for cause given these events are happening more and more frequently. And if you assume that the bad guys are going to get in or they're already in and you need to, it's just a matter of time, then storage plays a huge role in the cyber resiliency plan, right? So it's really around planning, then the tech and recovery. So we talk about it in that way. And from a planning perspective, we do a lot of things. We ensure clients data is on infrastructure that can't be compromised. We ensure that they have things like air gapping. Air gapping is where, you know, if a bad actor gets into one environment, they can't do something bad with the other environment. Think about it as, you know, creating a physical separation. We have our tape solutions as a classical example, but there's also technologies like immutable, write once, read many. We have that on our cloud object storage, our spectrum scale software defined storage offerings. And then also around data protection in general, making sure, you know, your copies, well, snapshots essentially, that you're setting up the snapshots in a way that they are secure, you create that separation. But that's the planning phase. Another aspect of it that we help clients was, you know, model that baseline operation. What does the environment look like under normal operations? What are these storage, you know, infrastructure patterns? What are the systems that are the most critical for your business, you know, operations? What's their day-to-day usage? Where are they? Once you have that established, then it's all about monitoring and looking for abnormal activities. And if you do see some set of abnormal activities, being able to detect that, our spectrum-protect offering, that's a data protection, we've built in analytics to look for things and patterns like malware, ransomware, right? And be able to alert. Now once you've detected something like that, being able to quickly recover from that is really important, get the business up and running. And that's where, you know, a lot of our storage offerings are automated from a data restore perspective, being able to bring those copies back very quickly, get your business running very quickly. That's important. And so all of these, you know, plan, detect, recover is where storage plays a huge role across all of that. I'm curious, we know that security issues are unfortunately commonplace every day. I think the ad and I saw a stat the other day, the average security breach will cost an organization upwards of $3.8 million. One of the things I'm curious about is in your customer conversations, we're talking about data protection at the storage level and infusing that technology with the intelligence and the automation to facilitate that recovery, where are your conversations in a customer? Are they at the business level? Because I imagine, you know, security and protection is at the C-suite. How are those business objectives helping to facilitate development of the actual technology? Yeah, these are definitely CIO types of conversations, but we also, you know, once we engage in that conversation and go down that journey, we work with the clients very closely. We do what we call design thinking kind of workshops. So together with the client, we work on what types, what are some of the top three things that from a business need perspective that they see and then we work to ensure that we come to what we call these hills, these goals that we define jointly and then Alastair and his team work to go over find those and as they're developing, then work closely with the client to ensure that we're achieving what we both expected and deliver it to, whether it's a starting with a minimal available product to productizing or full productization. And again, I would say engaging with the clients early in the process is really important because we'll find out things like, what are the security requirements within their own data centers, which can vary from client to client and it helps us understand how to build in things like, how do they want to manage their encryption keys and which particular ways they want for that to meet their own security requirements and it can drive different development strategies from that. You guys were talking about spectrum protect earlier and just data protection in general. It's a space that's heating up. I was talking, joking about Tucson before and tape and tape used to be backup, that was it. Even the language is changing. It's called data protection now. Some people call it data management, which of course could mean a lot of things to a lot of different people. If you're talking to a database person, different maybe from a storage person, but the parlance is evolving and it fits into multi-cloud. People are trying to get more out of their backup than just insurance. So what are you seeing as some of the drivers there? How does it fit into your multi-cloud strategy and what is ultimately IBM's data protection portfolio strategy? Yeah, so tape in general, when you've got large amounts of data that you're looking to archive, tape is a great solution and we are seeing more and more interest from cloud service providers, leveraging tape as their archived tier from an overall data protection and data management perspective. We think that that basis, basic data protection and making sure that the data is available when you need it is there, but we think that has also evolved to where you do things like snapshots, right? Snapshots that are in the native format so you can for operational recovery very quickly be able to restore those and over a period of time, if you no longer need it, you can back it up to traditional data protection. From that snapshot based technology, of course then you have the different cloud consumption models and cloud scale that are enabling clients to leverage other types of storage, whether it's cloud tier or cloud object storage in our portfolio. So you've got the consumption models, the scale that's driving some of that, put on top of that some of the things we talked about like cyber resiliency, ensuring security and protecting that data from things like malware, the bad actors, right? That's very important. And then what we see coming forward from a transformation perspective, client transformation is really bringing all of that together so you have your data protection, you've got your unstructured data whether I talk about cloud object storage, our scale offerings, you've got your archive data but also then being able to put it all together and get value out of that data. By looking at the metadata, we've introduced an offering in second half of last year or fourth quarter we call Spectrum Discover allows clients to be able to get a catalog of that metadata and very quickly be able to get view and insights into their environment but also be able to integrate that into their analytic workflow and be able to customize that metadata. So you can see a holistic solution coming together from not just data protection all the way up through a complete AI solution. DevOps, analytics, disaster recovery, business continuance, the whole spectrum. That's right, that's right. No pun in 10. Is this really, I'm kind of you know if we think about this thematically from a transformation perspective, is this really what you're talking about facilitating security transformation? Absolutely, I mean security at all aspects whether it's the basic encryption of data at rest, encryption of data in flight to the higher level detection of these types of security breaches or events. And also the protection, even if somebody does breach you you've still got the recovery point and say a safeguarded copy that you can go back to to make sure your data is restored. So even going beyond the and protecting against the breach itself, fully encompassing. And last question in terms of that data protection where's the people element, right? Cause we all know that that's the one common denominator of any sort of security issue is people. Where are, what's the human element in the conversation about what you guys are delivering? Are there maybe some human error proof components that are essential that you're helping to develop based on all the history that we've seen with breaches? Yeah, yeah. I think overall from helping the client ensure that they've got their environment set up properly from a role-based access control perspective ensuring that that separation and the overall solution is architected to include some of these capabilities whether it's air gapping or the immutable technologies, those types of things. Look, whether the bad actors, whether they're outside of the company getting in or someone within the company, you have to have the right set of measures that are implemented. And it is around security, encryption, role-based access control, all of that. Well, Bina Alistair, thank you so much for joining Dave and me on theCUBE this morning. We appreciate your time and look forward to hearing a lot of more news coming out over the next four days. Great, thank you very much. Yeah, thank you. For Dave Vellante, I'm Lisa Martin. You're watching theCUBE live at IBM Think 2019. Stick around, we'll be right back with our next guest.