 I'm here. Maniar is here. He's the vice president of products at Dell Technologies. Maniar, thanks for coming in live to the studio. It's great to see you. Excited to be here, Dave, and it's nice to be in the studio when you're in Palo Alto. It's always better when we can go live. So tell us, Maniar, give us the sense of your scope, VP of products, but what products, where, how does it relate to cyber? Sure, Dave. So I've been actually in security for a while. I was in Junipailat security from the revenue set tricks and our application delivery and security. And now I'm in Dell. I'm the VP of products for ISG, which is our infrastructure solutions group, EDGE, and then security services. So happy to discuss about security, an important topic. And you did a, you think you did a stint that you said, you said Cisco, Juniper, Citrix, and now Dell. So you've seen a lot of changes over your career. What, how would you describe those changes and, and where are we today in the state of cyber security? A lot of things have changed. A lot of things haven't. Like today, if you go to see there are sophisticated attacks emerging because of the advent of AI. So that's one change that's happened compared to the traditional attacks, which are like insider, insider attacks or credential attack, you know, attacks that you basically use credentials, weak passwords to get into, into networks and so on. So those kind of things have remained the same, but the sophistication of attacks, the volume of attacks because of AI has increased dramatically, obviously. But the talent shortage that companies have remains for, for them to create a good cyber security hygiene to go and make sure that they have all the controls in place, the resiliency practices in place is really hard for them. So those kind of things have remained the same. But the thing which has evolved is the industry. The industry standards and frameworks keep evolving. You've got NIST, you've got CMMC, you've got MITRE framework, you've got presidential mandates coming out. So a lot of things are changing. A lot of things have remained the same. I think operationalizing those frameworks, let me take zero trust, for instance, is awesome. But then to operationalize it is challenging. And then you get, like you said, you get the executive order. The poor practitioner has all the stuff thrown at him or her. Right. And so when you think about, and you mentioned AI, does AI make that talent shortage worse or does it help with the talent shortage? Yeah, it's a great question. So if you look at AI, the first part is the sophistication of attacks because of AI increasing, right? So you're going to have the attackers use AI for having malware, which is much more sophisticated. So at the same time, you're going to have on the customer side with security operations, AI being used in co-pilots. So you have co-pilots for security operations teams that helps to overcome some of these attacks. And then you have some of these frameworks, whether it's the NIST extension or whether it is the MITRE extension with ATLAS to combat some of these attacks coming in because of AI. So you're going to have a combination of the adversaries are using AI to go and come up with sophisticated attacks, whether it's deep fakes, whether it's simulating your voice and acting as you or whether it's malware, which is using AI for discovering and being more dynamic. So those kind of attacks are increasing the volume as well as the sophistication. But then you're going to have on the security operations side, co-pilots coming out as well as these new frameworks. If the security operations teams makes these into effect, then you can combat some of these advanced attacks. A constant balance. Yeah, I think that's the thing. And there is no shortage of tooling and security products out on the market. How does it really come down to simplifying it for organizations? Because I think that's a big piece that I've been looking at. And when I talk to customers, they're always like, I have things in cloud. I have things on premise. I have things in colo, all the way out to the edge in IoT. How do you look at that? And how does Dell approach that from a complete overall strategy for those organizations? Yeah, I think if you go to see the threat, you're right, the threat surface area is expanded dramatically. You're having users coming from any location, you have things connecting to applications, applications morphing into multi-cloud. And so with this vast expansion of threat surface area, it's really hard for security professionals to keep up, including the sophistication of threats and then tenant shortages. So that's where Dell comes in. Dell wants to make sure that our CSG business, the client business and the infrastructure business, the ISG business, of which I'm a part of, we create trusted products. So the first step really is to create trusted products on both the sides of the fence, whether it's hardware or software or cloud products, going all the way from secure boot, secure OS, secure supply chain verification of hardware and software to create an infrastructure which customers can trust. The next step for Dell really is to take away the complexity from some of our customers by creating a set of managed security services, right, end-to-end security services that we can provide to customers which are facing these shortages. All the way from advisory services for Zero Trust to building out all these security controls, as you said, the threat surface area is expanded. So you've got to create all these controls to put into place. The third one being a very robust set of resiliency practices spanning from a good vulnerability management service that we can provide to pen testing and breach attack simulation service to kind of shift left and create more proactive set of services to catch things before they actually happen. But you've got to be prepared for emergencies and that's where the resiliency service comes in, where we can go and create the cybersecurity vault that we have in place. We are industrial leader number one in that. We have our MDR service. We launched an MDR Pro Plus which is a managed detective response service with a lot of shift left and proactive services over there because things are going to happen, right? And so you have to be able to detect threats and then respond to threats. And then worst case scenario, we have an incident response and recovery service where we're going to have feet on the ground in like, you know, 24 hours, you know, talk to customers who are breached in two hours and make sure that we can help them throughout this entire journey. So it's not just products. I mean, obviously Dell product company, but you're evolving your services as well. Let me ask you this. Are the services that you apply, how do you keep them from getting stovepipe? Because I'm presuming some of these services are going to be Dell services. Some are going to be partner services. Some are going to be focused on the cloud. Some are focused on the core. Some are focused on IoT. How do you ensure a sort of comprehensive set that's not in turn stovepipe? Yeah, it's a great question. So if you go to see Dell wants to be the turnkey end-to-end services provider, managed security solution provider to our end customers, right? With the sophistication of attacks, talent shortages, industry evolution with keeping up with all those attacks. So in order for us to do that, we want to be the single, single set of provider. In that case, we provide services on a managed service platform, which is the key platform that our customers interact with. So it doesn't matter if they're buying a vulnerability management service, or they're buying a MDR service, which is managed detection response or incident response service. They are interfacing to us like how you have with your AT&T mobile app. It's one-stop shop, whether it's using it for cell phone or telephone or cable or whatnot, right? So basically we provide a managed services platform, which is global in nature, right? It's a global platform digitally enhanced that we provide to our customers as a single-stop shop. And in turn, we use basically API calls to Dell products or third-party products that we use for creating this whole control, zero trust controls across the entire threat surface area. So we make it really simple for our customers to use our services. So Rob, you and I have talked a lot about the acronyms of privacy and compliance, you know, sort of GDPR is the one that everybody knows about. You've got a litany of other sort of acronyms that you use. I mean, we'll be even talking about things like DORA, which is not the Explorer with the backpack and cute things over in Europe where financial services have to really buckle down from an EU perspective and be able to be able to have that resiliency and recovery in a timeframe. I think that to me is the regulations keep getting bigger and bigger. How do you really work with your partners and your customers? You're providing the platforms. Do you give them the opportunity to then, you know, build on top of that? That's a great question. If you really go to see it right now, because of the threats, you know, expanding in terms of the sophistication and stuff of that, the regulations have to keep up with it, right? So in that sense, you have the regulations forming in terms of compliance. So compliance has been there for a while. So whether it's HIPAA, whether it's PCI, whether it's your SOC2 compliance, NIST compliance. And now you have additional with SEC. SEC is managing companies to make sure that they would, if there is an incident breach, they have to report the breach and the whole office is liable, right? So you can have compliance that company is going to meet, then you have controls in order for you to actually meet a certain benchmark. So in that, there are two main, like the gold standard release NIST. The NIST 853 has got 1200 fine grain control, security controls to put in place to prevent attacks from happening. Then you have the Zero Trust framework, which is a USDOD framework with 152 activities, right, that you put in place for preventing actually across the entire threat surface area. So basic, and you have Mitre framework, right, which is also very useful at expanding with Atlas for incorporating AI-based attacks. So I think we keep a tab of all these different frameworks, regulations, and we provide advisory services as well as the building of the controls. We can build the controls for customers, services as a one-stop shop, Zero Trust controls, using these frameworks and compliance and things, right? So we keep up with that. You mentioned the SEC new rules that basically require you to disclose a breach. Many of you in the audience know this, but some may not. The hackers are now ratting you out. So they'll hack you, and if you don't disclose it, they'll say, hey, by the way, we just hacked this company, and they're not disclosing it. So as a way to put increased pressure on the victim. I mean, it's incredible how sophisticated and brazen the attackers are, but that just underscores the nature of the threat, doesn't it? I completely agree. I mean, it's basically, it's like you're guilty until you're proven innocent, it's become like that. So companies have to make sure that they are disclosing all these different breaches, incidents happening, they're liable for it, as you've seen in some of the cases like Uber and others. So it's a really tough market right now, right, for CSOs and security operations teams. And that's why we provide this one-stop shop, we provide virtual CSO services, we have a robots program on controls as one side, and the other side is resiliency services. We have to make sure that things are going to happen, controls are prevention, prevention is better than cure. But we have to be prepared for preparing the customers for emergency, when emergencies happen, right? That's where resiliency kicks in, where we focus a lot on these things like what's your business impact analysis, right, in terms of your entire infrastructure, and RTO and RPO, which is the recovery, you know, time objective, or recovery point objective, to make sure that your business impact translates into the resiliency measures that we are going to put in place for our customers, right? Whether it's often our backups. Are you having a cyber resiliency service vault, which is an air gap vault, so no one can go and access, and it's immutable. Are you having a continuous monitoring, logging, and monitoring with managed detection response service, so that if something happens, you can detect a response with SOAR playbooks, SOAR is automation playbooks, and then we have the incident response runbooks to make sure that when something happens, there is people process and technology in place with the runbook to follow in order for you to counter that, right? So emergency preparation is everything. When you talk about the BIA, the business impact analysis, the way in which you typically look at these things is the reduction in expected loss, right? You're going to have some probability of getting hit and there's going to be some impact, and it used to be once every 10-year incident, now it's like once a month kind of thing. There's another small item in the BIA that I want to ask you about, which is insurance costs. Insurance costs are going through the roof on this stuff, but you know how when you install an alarm system in your home, you get a break on your insurance, presumably if you work with a company like Dell and you've got a comprehensive set of services and processes and procedures that you show to compliance or audit or an insurance company, you're actually going to get a little break on your insurance. Actually, you might not be able to get insurance unless you can show that. So it's not a huge financial impact, but it actually could be down the road. What are your thoughts on that? Oh yeah, I think that's a very important point you're raising right now, which is that insurance companies want to make money and breaches are happening much more often. So the loss that they encounter in paying back to the customers is very high. It's like easily 40-50% of the premiums they collect is paid off in paying off losses. So they have to make sure that when they dole out the insurance to customers that they are covered in terms of all these different basic premises that are there. Do you have a vulnerability management program? Do you have a pen testing program? Do you have the basic zero trust framework in place? Do you have residency process in place? Do you have a retainer with the insurance company in place so that you can be a provider? So Dell actually does work with insurance providers to be a provider, right? So that if customers get hacked and they go to insurance companies, Dell can be the instant response and recovery vendor, which can help that as a trusted vendor to customers to recover from the incident and respond to that, right? So yes, it's very important to have those basic principles in place that insurance companies can now can use to reduce the premiums for their end customers so that it's a win-win all for all. Right, you're reducing the customer's risk and also the insurance company's risk. Exactly. What are your thoughts here on the intersection of SEC ops and AI ops? Now with AI so front and center, we certainly saw the open AI governance meltdown was a big concern. We talked to a number of customers that were shutting off co-pilots as a result of that. So everybody's sort of freaked out a little bit about that. But what about that intersection between AI ops and SEC ops? How do you see that playing out? Yeah, I think if you go to see that there are three main things that we talk to our customers about. The first one is about having the rules and governance mechanisms that companies need to have for all the employees and how they can use AI. Like what are the AI best practices? What are the AI guidelines for using some of these new tools, right? So can you use your proprietary data for feeding into a cloud which is where the AI models are running? And so like we have those guidelines that we need to set for our customers. That's what we tell our customers. Make sure that guidelines are set for all the employees as to how to use AI, right? Safely, safely. The second one is around, security operations teams are facing also a lot of fatigue, right? So in order for helping them, the co-pilots are emerging, whether we use Microsoft tools or CrowdStrike as Charlotte and others that are, there's a key partner for us. We have a security operations teams use all these new methods which are AI centric and co-pilot centric to help them and for an average security analyst to become one of the best analysts using some of these tools, right? So that's very important. And the third step really about AI is hey, we've got to make sure that the customers are adopting some of these new controls which are extending when AI attacks come in. So you may have heard of OWASP top 10 for LLMs or the MITRE Atlas framework which has extended that this is the kind of AI attacks you can have and so how do you mitigate against that, right? And this is having extensions as well. So those have to be in place, right? So SecOps has to make sure that when AI happens, they are ready for that. And are you seeing this as a yet another piece of the security attack plane because there could be injections of data and things of that nature. How are you talking to customers about that where again from a security ops and AI ops coming together, they have to be resilient and be able to get the data back and things of that nature. Yeah, that is paramount. And that's exactly what I said. The controls are important, you know, shifting left and creating prevention mechanisms, very important, but things are going to happen. And so emergency preparation with the resiliency practices that we create with the BIA leading to RTO RPO and then leading to a robust backup plan for customers so that you have a business continuity and disaster recovery plan in place for the backups. And then having a vault that John and others have mentioned, John's company as I mentioned, to have a cyber agency vault in place, which is an air gap solution, immutable, no one can touch it. So in case you could ransom your attack, you can recover from that, right? To meet your RTO and RPO is super important. And having runbooks in place, like people actually run around when there's a breach or incident happening, right? Because you don't have the right processes in place. So it's all about making sure that the right people with the right processes use the right technology all comes together to recover from those kind of scenarios. And you can automate a lot of that. You mentioned Charlotte before. It's very cool how CrowdStrike is using Charlotte. It's LLM to really change the security ops experience. Last question, Mahir. What are the two or three things that you want SecOps pros in the audience to go home with and the big takeaways? Yeah, I would say the first one really is around make sure that you have a robust set of controls in place. Prevention does help. So the zero trust control framework from USDOD is a good framework to make sure that that's in place. That's not enough. So you're going to make sure you have a good vulnerability management program because let's face it, a lot of attacks happen because things are not patched. So you're going to make sure that you have a good program in place for catching those vulnerabilities much in advance before someone attacks and takes advantage of that, right? And the third and the second step is really around the residency programs to keep in place. Keep an eye on a retainer in place. Make sure you have a cyber recovery vault so that if you get attacked, you have something to recover from. And make sure you have a detection and response service which can continuously log and monitor with user and entity behavioral analytics so they can catch all these attacks. And the third one really is because it's so complex and talented short, pick your right service provider when you want to outsource. Pick someone like Dell who has the global footprint right from a physical scale standpoint. We provide like MDR pro plus in 75 countries, 24 by seven for instance, right? The second one is a digital scale, a platform which can be providing manage service platform, which can scale globally to all customers, right? And third one is really around like John's came on event through. We partner with the SRO organization, a security and resiliency organization that protects 130,000 employees and lots of different products, whether it's cloud, you know, hardware, software, whatnot. So we benefit from that knowledge and use it towards the services that we create for our customers, right? So those are things which are super important and I would say pick your right service provider like Dell. Mayor, thanks so much for coming into the studio today. It was really great to have you. Thank you, Dave. It's a pleasure. This is a different change for me. Excellent. I'd love to have you back. So look, if you're a small or even a mid-sized business, some of this stuff is pretty daunting. Up next, Daniel Bernard, who is with CrowdStrike and Rahul Tiku, who is Senior Vice President and GM of the client solutions group at Dell, are going to talk about a partnership that they have serving small and mid-sized businesses. You don't want to miss this. Stay right there.