 From Las Vegas, it's theCUBE, covering open systems. The future is crystal clear with security and SD-WAN. Brought to you by Open Systems. Hello everyone, welcome to theCUBE. We're here in Las Vegas again for another awesome set of conversations. CUBE coverage here at the Cosmopolitan Hotel, the Chandelier Bar. We're here covering open systems, having a special event in conjunction with a lot of the conference going on. Gartner's got a big symposium. A lot of things happening. We're here with MK Palmore, who's the head of the FBI's Cyber Security, San Francisco branch of the FBI. Great to have you. Thanks for spending the time. Thanks for having me, John. Chandelier Bar, everyone's having a good time. You guys had a lot of sessions today, conversations. You gave a speech today during a session around Infosec and culture. Infosec risk and leadership. Okay, talk about that. What was your main theme? So I've, over the past five years or so, had the opportunity to go out and speak a lot about the cyber threat landscape. Going into this year, because the message is getting a little stayed and old, I think I want to concentrate on those issues that I think can help move the ball down the field a little bit. So talking about cybersecurity risk as an enterprise risk, discussing it as a matter of an enterprise's responsibility to address cybersecurity as an enterprise risk is an important message to carry. And I like to add in topics and subjects about leadership and tie all of those in because in my view, information security professionals have to be leaders as well because we're all venturing into space that's not known to us. That's a great point. Leadership also has to take into the new environment. Right. You're dealing with, you know, decentralized threat landscape distributed, decentralized, global. Back in the old days, when I was in college, you get a pager, you get a new one. Now you get flip phones, you get swap them out. Now you're everywhere. You got social media. The ability to dodge the authorities is easier, almost easier than ever before, requires you guys to be on your toes to catch the bed because you need cutting edge technology. But you got to have a mindset and a management culture of leadership to empower people, the edges. How are you guys thinking about it? Because this is like one of the main cyber topics is setting that system up to be nimble, reactive, use data, what's your thoughts? Yeah, so I mean, frankly, the FBI is learning in new ways to approach the cybersecurity problem. We understand that we have to hire the right people with the right talent and that we as an organization who are used, frankly, used to fighting bad guys in the streets are now taking this fight to the networked environment and we have to come up with new ways of tackling the problem. One of the biggest problems that we face, and you touched on it, is the near 100% anonymity that criminals enjoy operating in the network environment. That ability to conduct transactions, that ability to essentially go unnoticed for long periods of time without anyone knowing your true identity creates a huge obstacle for law enforcement. But the good thing is that, frankly, it's something that we're very good at in terms of identifying who's on the other end of the keyboard, but it takes a lot of work. You know, I'm old enough to have some friends that have graduated from criminal justice majors when I was in college, I was a CS major. They went DEA, FBI, so a lot of friends and it's evolved a lot from having that branch office focus, you now have digital. And one comment that always kind of resonated from my friends that were in the law enforcement area was, John, it's like putting the puzzle together. And you got to get the puzzle pieces to put it all together. Now you have to see a puzzle pieces. It's almost like a three dimensional puzzle because you have to get the data. You got to understand the landscape now in multiple dimensions that you just mentioned. How do you guys keep up with putting that puzzle together before it changes? We get a lot of help, right? So what we're used to doing is using the FBI special agent as the main tool of our investigations. In the cyber world, we've had to add some pieces to that. Not only is there specific training now for cyber agents, those agents that are charged with investigating intrusions, we have computer scientists, we have data analysts, we have folks that we bring to bear in any one particular investigation who add talents and tools that every, you know, it's like everyone's at the table on these investigations. Bringing different aspects of the investigation together. And it is, like you said, multiple data points as any investigation is. Lots of pieces being brought together to tell a story that we ultimately have to, you know, convince a judge of in terms of a judge and a jury sometimes of the validity of what it is that we found. So timing is very important as well. Timing's huge. As we like to say, we want to be involved in intrusion matters as quickly and as often as we can. Part of the challenge that we face is that there's a little bit of tug and pull between us and the private sector. And we aren't always brought in as early in a breach investigation as we would like to be. And those, it's valuable, valuable minutes, valuable days that are lost sometimes in that transactional process. I interviewed Christine Halverson. I'm sorry, I didn't interview her. I watched her give a presentation at Amazon re-invent last week. She gave one of the key notes during a public sector summit with Teresa Carlson breakfast that she had. And she said something very fascinating. She said, we are in a data crisis at the FBI, meaning that they have to put the puzzle pieces together and get it done quick or something along those lines. But she said that the FBI has been very progressive in adopting new technology. You guys are moving very, very fast. And she said, she's excited by that. But she said, we need the data whether that's being called in quickly and or getting access to other databases. So it's like, the data is out there. So you guys need access to that. How do you guys, how is the FBI evolving with that? Architecture with the cloud and so what not? And how are you enabling the tools for the field agents and the people in the trenches? So data analytics is an interesting area to dive deeply into. I mean, we face the same challenges as any private organization in terms of how we intake the data, how the data is organized, how it is that we then retrieve the data, look at it, how it relates to the different data points relate to one another. We face all of those same challenges and we have the added challenge, I think in the environment that we're in, in terms of how we're able to adopt private sector products that are out there that might meet our needs. I mean, I've been in government now for over 30 years. It's a bit of a challenge being able to acquire the types of platforms and products that you would want to have as quickly as you would like to have them. But eventually we do get down those roads. We do adopt platforms that are useful to us. And again, like everyone else, we're trying to move as quickly as we possibly can in this environment to keep up with the bad guys. And you guys do a great job moving those antiquated and adequate systems to more real time, state of the art. We try. So I interviewed General Keith Alexander once. I mean, we talked about identity and private sector, public sector collaboration. Could you share your thoughts on that because this is something that's become a bigger trend recently in the past five or 10 years, past three years in particular where it's a sharing culture. It's not just, well, I'm not going to call the FBI. They're going to come in. It's no, no, we got to bring them in early, whether it's a breach you think or someone hiding them in a Marriott thing that even know they were there. So you guys are now spending more time collaborating with the enterprises and businesses. How has that changed your approach, your posture, how you look at the data? Can you give some insight into that? I mean, a lot of it's about relationship building. I will tell you that in the San Francisco division, one of the priorities we have within our cyber branch is to ensure that we have a certain level of rapport, not just with the big tech giants in the valley, but also with the medium size enterprises and the small enterprises. We spend a fair amount of time putting ourselves in front of the C-suite's boards of directors and talking to them about, one, what capabilities the FBI brings to the table. We open the lines of communication with them and we build a rapport in such a way that it allows them, the trust, to then bring problems to us and we then begin an exchange of information. The point you think about public-private collaboration, it's an absolute must. There's no way we get through this tough period that we're in without both sides sitting down at the table establishing some trust and then moving together to solve these problems. The other thing I'd observe, and you may or may not want to comment on this, I'd love to see if you would comment, but the notion of agility, especially with data and systems with cloud computing, CIA, the Department of Defense are moving to systems that can be as reactive and accurate as possible. And this is a change in the relationship of suppliers. And the government, oh, multiple suppliers. We got to do five different things. But if the systems don't talk to each other, you guys can't be fast. This is a sea change in the mindset. The whole government, I think, is beginning to understand that in this world of technology, we need to be much more agile in terms of our adoption of new products that will allow us to combat crime and, frankly, the threat from the national security sector that we're responsible for responding to. And so we understand that there's a certain level of agility, historically not present, that we need to move the marker to get toward. Let me ask you a question. Is the FBI having an app store? So we have secure telephones that we utilize and we certainly have an approved list of apps that we're allowed to have on our phones. We do. The short answer to that is yes, it's a very truncated list of apps that we have available to us, but they're helpful. Well, we were joking at a reinvent and always cloud conferences because the developer now ability to write new software apps is faster. So there's whole DevOps ethos of cloud computing. Secure DevOps, yeah. And so secure DevOps is really interesting because now you don't have, if you can free up the data and the infrastructure and has infrastructure as code, you're going to see a renaissance of new applications. So the joke was, you know, you made it when you have an app store inside the FBI. There's an app for that. Right. Okay, final question for you. As you guys do your thing, and I know you get called in a lot to mentor and also collaborate with enterprises, what's your advice on the InfoSec landscape? Do you talk to CISOs and CXOs? CISOs in particular under a lot of pressure, board level kind of responsibility, not part of IT anymore. They are now critical piece of building out these teams. What's your advice to them in terms of either whether it's observations or best practices that you've seen that they can think about? So a couple of the points that I typically hit on in my talks that I hit on today, one is this idea of looking at cybersecurity as an enterprise risk, which you just talked about. We need to get away from the old school thought process of cyber being an IT function, right? It's an enterprise risk. It needs to be talked about in terms of risk, the language of risk management with the C-suite, with the boards of directors, because when you talk in a language of the likelihood of an event happening, the impact to the organization and what that means in terms of daily revenue, daily dollars to the business, that's the language that business owners and business leaders understand. And then, so the onus is on information security leaders to adopt this language so that we can communicate our needs to our colleagues in the C-suite and boards of directors. So it's a sea change for information security professionals because this is not a language that they are typically used to speaking. And they got to level up there too because this is the reality. Absolutely. All right, final, final question. What's the most exciting thing that you're working on and or you're seeing happening around you that you get up in the morning and say, man, I'm so excited to work on that or trend or technology? I'll tell you, when you work for an organization like the FBI, which I've done for almost 22 years, at the end of the day, it's getting exposure to people who are engaged in trying to achieve the FBI's mission on a day-to-day basis. And at the end of the day, I don't care how much technology you have around you. I don't care how much policy you have in place. Having the right people in place who are dedicated to what we're trying to accomplish, that's the thing I get the most juice out of on a day-to-day basis. We get to actually, in this portion of my career, really work with some of the most talented people that the FBI has. And they're being empowered more than ever right now with technology. Absolutely. M.K. Palma, thanks for coming on theCUBE. Appreciate it. Head of the FBI, Cybersecurity in San Francisco. It's theCUBE here in Las Vegas at the Chandelier Bar at the Cosmopolitan, breaking it down. Bar to open systems, a private event. They just had a lot of stuff going on with Gartner. A lot of events happening here in Vegas. I'm John Furrier. Thanks for watching.