 From around the globe, it's theCUBE with digital coverage of AWS re-invent 2020. Special coverage sponsored by AWS Worldwide Public Sector. Hello and welcome to theCUBE virtual and our coverage of AWS re-invent 2020 with special coverage of public sector. We are theCUBE virtual and I'm your host Justin Warren and today I'm joined by two people. We have Jim Richberg, the CISO for Public Sector from Fortinet who comes to us from Washington DC. Jim, welcome. Thank you. Thank you, Justin. And we also have Kenny Holmes, who's the head of Worldwide Public Sector, go to market from Fortinet as well. And he comes to us from Chicago in Illinois. Kenny, thanks. Yes. Thank you. Thank you, Justin. Gentlemen, welcome to theCUBE. Now this year has been pretty dramatic and for a lot of us, as I'm sure you're very well aware and it's been a bit of an accelerator for people's interest in public cloud, in particular for the public sector. So what have you seen, Kenny? Sorry, Jim, we'll start with you around the federal government's interest in cloud. What have you noticed in their adoption of public cloud and AWS this year? So, you know, we used to joke in the federal government in my 34 years, they're never let a good crisis go to waste. You know, that you can make an upside out of any situation. And as you noted, Justin, this has been a dramatic accelerator to the federal government's adoption of cloud. Three quarters of the agencies were already moving in the direction of the cloud and planning to spend roughly $8 billion on it this year. And that was pre-COVID. And the pace certainly picked up. We had the guidance that came out of DHS, the interim guidance that facilitated abilities to let these now, as of mid-March, remote teleworkers connect directly to the cloud without having to connect back through their agency infrastructure. So they issued very quick guidance to say, look, you got to get the job done, you got to get it done in the cloud. So they did that as a way to accelerate it in the short-term. And then they put out the guidance later this year for trusted internet connection access, which had a use case that was built around, again, facilitating the ability to say you can connect directly to the cloud with security in that direct line stack. You no longer have to haul your data back to the enterprise edge, to the data center on-premise to then go straight out to the cloud. So the federal government said, we will give you the ability to move in the direction of the cloud and the agencies have been using this at scale. And that's why roughly half of the federal workforce is now working from home and many of them are using cloud-based applications and services. So dramatic impact on the federal government. Yeah, we've seen it here in my home of Australia, the federal government is very keen on that. But there's other levels of government, as I'm sure we're all aware, particularly as state and even local government. So Kenny, maybe you could give us a bit of a flavor how does local and that more regional government, have they been doing it basically the same as federal government or is there something unique to the way that they've had to adapt? Well, state and local governments are certainly facing really the perfect storm of arising demand and declining resources. The pandemic has certainly driven a lower tax base and lower revenues. As a result of that, we're seeing adjustments in budgets, et cetera. But we're also in a position uniquely where it's also driving digital innovation at the same time. So we're seeing the two of those and they don't necessarily kind of diabolically oppose if you think about it. So the two of those are coming together but so they're doing more with less and they're using digital transformation to get there where in the commercial world, a lot of folks have been doing digital transformation for a long time. Now, government is being more forced into doing it and they're really embracing it from our perspective. So we've seen traditionally security be at the top of their demands from a CIO perspective and the most important initiatives but now we're seeing digital transformation and more specifically we're seeing cloud, right? Be a key part of that. So they've done things initially obviously and moving email and some of those things but today we're seeing an increasing amount of workloads. We're seeing them move from maybe a previous provider over to AWS, et cetera. So those are some of the things that we're seeing from our state and local perspective. To build on Kenny's point, I think the key differentiator Justin between the federal and the state and local experience has been the resources. The federal government with COVID, the federal government runs a deficit. We've seen the deficit balloon. Federal spending is up 17 to 20% not what it's passed out on stimulus money but simply what government is spending at the federal level. So we are using cloud at the federal level to do more. As Kenny noted, state governments and local governments because they're funded exclusively by taxes they can't run a deficit. They have had to say we need to spend smarter because we can't spend more, we can't even spend as much and oh my goodness, we have to deliver more digital services at the same time. So for them, it has been a matter of having to eke greater efficiencies out of every dollar which has pointed them in the direction of AWS and the cloud in a different sense and the federal government that said there's greater efficiencies because we need our remote telework people to get the job done. State government, it's the perfect storm and if they don't do this they're literally gonna have to curtail vital services. Yeah, and as we've seen, the security challenge pretty much is the same everywhere. There's some local variations in exactly what sort of threat you might have as a federal government compared to local but broadly speaking, malware and ransomware and things of that nature is pretty much just a miasma that we have to wade through. So what is Fortinet helping with these customers particularly as they move to, as you mentioned they're moving a lot of things into AWS. So what is Fortinet's role there in helping customers make better use of public cloud? So I think one of the things that Fortinet really has brought to this equation is they really are a very broad based cybersecurity provider. And the biggest problem that organizations typically have of course, you know in the cloud it's misconfiguration by the customer. It's not AWS that's making the mistake 99% plus of the time it's misconfiguration by the customer. So having the ability to say, if you know how to do your security in an on-premise environment and you've got controls, capabilities and settings that you're comfortable with you can migrate those impact if they work for you into your cloud environment. So the fact that we are souped to nuts that we have things at the edge and offer that same suite of capabilities in AWS allows us to be able to help the users if they've configured it right not have to go back and start from scratch and say, well now that I'm in AWS I need to reconfigure other than as you have to do it because it's a different platform but if you've got the policies in place that are managing security, managing risk well for your enterprise carry them forward to a different environment. Kenny, is that a particular opportunity there for local government? As you mentioned that restrained resources means that it's much more difficult for them to correctly configure their environments but also to make this level of change they have a lot of other responsibilities it's difficult to become cybersecurity experts. Is that where you see Fortinet helping a great deal in more local government? It is one of the key areas the best way you can think of it is the ability to do what Jim was saying in a single pane of glass and the fact that we can do that that's something you don't hear a lot about anymore but Fortinet actually is one of the largest security providers in the world has a single pane of glass across being able to manage your on-prem infrastructure being able to manage whether someone if someone's migrating away from another cloud over to AWS and being able to look at these holistically is just a fantastic way for them to be efficient as well as around training and certifications and helping our customers to be able to take advantage of the products without additional costs or other things that I've been throwing down the gauntlet for other providers to say, hey, security shouldn't be something else that they have to invest they're going to invest in your technology you should provide them with security awareness surprising with certifications around your product that should be table stakes and we do see a lot of that structure of how to do this and provide that training tends to be the same regardless of where you are is that something that we see say to getting defined at federal government level with some of the standards and then that then sort of trickles down into more local government Kenny, is that something that you see happening at all or are we seeing things defined at local government that are actually going back the other way? Yeah, well, compliance runs across both I mean, there's probably more compliance on the federal side that Jim could speak to but there's certainly compliance is always a major factor and it can't be that just we need to do one-off solutions for a particular compliance issue it needs to be holistic as we're talking about if I have to pick solutions based on what and where they're protecting and now I have to think about the compliance for those as well that's yet another thing to think about I don't see our customers thinking that way they don't have the skills to continue to evolve that way that's an expanded use of what they're doing and they just don't have those resources so they have to be able to do more with less we're talking about and to be able to take a platform like the fabric that Fortinet offers it really offers that to them. At the federal level, I'm not even sure that I would characterize it as compliance and regulatory things that state and local government have to do but the National Institute of Standards and Technology, NIST tends to promulgate what are considered best practices the NIST cyber security framework has basically been adopted globally modified by certain places and did two in different ways but when NIST comes up with something like zero trust architecture NIST standards are understood the 800 series people, I'm surprised people in local government where we'll talk about 800-53 or 800-207 just like we Fed geeks do so it's really setting best practices and standards that are different from compliance but to build on Kenny's point about resources where I think it has flown the other way from local government up has been in the direction of saying state and local government have been the canary in the coal mine on saying you have to migrate to the cloud as a way of doing more with less so federal government has been turning the printing press turning the crank faster and faster that will change and this is one where they can say you're spending smarter by moving in the direction of AWS and accelerating that growth into the cloud because my prediction as a former intelligence analyst is probably this time next year a lot of federal agencies will be having the discussion about how to live in a much tightened budgetary environment because we went through something called sequestration 10 years ago that made for very tight zero sum budgeting that's going to be coming into action and that's going to push federal government even more so in the saying I got to get the data off-prem I've got to continue to tell the world hey, and look we can follow the best practices of state and local government in this case. Well, it certainly sounds like we'll be able to learn from each other and adapt as it's not going away we're certainly going to have cybersecurity issues for the foreseeable future but it sounds like there's a lot of work happening in there there's room for happiness about how things are generally going so, Janwin, thank you so much for joining us here please, thank you to my guests Jim Richberg and Kenny Holmes from Fortinet you've been watching The Cube Virtual and our coverage of AWS re-invent 2020 with special coverage of the public sector make sure you check out all the rest of our coverage on your desktop, laptop or phone wherever you might be I've been your host Justin Warren I look forward to seeing you again soon