 From theCUBE Studios in Palo Alto in Boston, connecting with thought leaders all around the world, this is a CUBE conversation. Hi, but this is Dave Vellante. And back in 2013, when it was becoming pretty obvious that the cloud was going to have a major impact on our industry, the IT industry, I wrote at the time that the way incumbents were going to have to compete was to really go into vertical markets and build ecosystems for their own clouds. And that's exactly what IBM did late last year when it announced the major partnership with Bank of America and the Financial Services Cloud. And guess what? Hillary Hunter is back in the house. She's the vice president and CTO of the IBM cloud and an IBM fellow. Hillary, great to see you again. Thanks for coming back on. Thanks so much for having me again. Always a pleasure to be here. So we had an awesome conversation at Think. We got into the FS cloud a little bit. But, you know, as I was saying, you guys announced, you know, last year Bank of America, but let me start here. What, what, why does the industry need a financial services cloud? Yeah, you know, it's key that we ground ourselves in that question of why a financial services cloud. And I think it really goes back to the sensitivity of the workloads and the data that that industry stewards. The financial services industry stewards the data of millions and millions of customers. And they are heavily regulated because of that. And they handle very high value transactions. And being able to take that context and translate that into what does it mean to do high value transactions, sensitive data, consumer data computing. Also, with all those benefits of elasticity and the value proposition of different deployment locations is really what financial cloud is about. And those needs of that industry are a little bit different. The regulations are higher, the bar on data protection is higher. And the need to interlock across workload characteristics and the cloud deployment is a bit different. And so we are bringing what we know about that industry to bear in the context also of cloud computing. Okay, so you're making some new announcement, there's some hard news here. But I want to know what's, if you're an executive or a business leader in the financial services industry, what's in it for me in these announcements? Yeah, what's in it for you is that we are moving into the next phase of financial services cloud in making the policy framework that has been developed through an enormous amount of work available to additional industry participants. And we're also moving into a phase of global expansion. And so being able to take this value proposition of an end-to-end considered secure and combined environment for financial services out to more players in the industry, out to additional geographies and deployment locations is an exciting moment because everyone's really not looking just for a cloud but they're looking for a choice of deployment locations. They're looking to move more workload to the cloud. And this is really about providing a cloud solution that more workload can move to, not just the first couple of phases of analytics and things like that, but also moving into more transformation of the core of banking and the core of banking business. So it is about getting more workload to the cloud, getting that done faster and getting it done at a net improved security and compliance posture. Got it. So I want to ask you about some learnings. Now you're the double whammy of learnings here. When you announced the collaboration with B of A obviously one of the top banks in the world, you've obviously made some progress since then, but the other part of that whammy was COVID. So what did you learn from the collaboration with B of A and have you guys sort of, how have you expanded your thinking BC from before COVID versus AC after COVID? Yeah, you know, the initial motivation for this program was about having trust and transparency in public cloud and having a public cloud suited also to sensitive and even core banking workloads. And we have seen this conversation and the need for it and the urgency for it only pick up since COVID. You know, a lot of things in the world kind of took a pause, but cloud computing really accelerated. We're seeing that, you know, businesses need to digitally transform their banking. So core banking transformation is a very hot topic. They need to deal with elasticity. We worked with banks during COVID that were having to suddenly stand up, you know, their national equivalent of the hero protection program, banks that had to suddenly have three times the elasticity because all of a sudden consumers were interacting with them purely digitally and cloud can enable all of those kinds of things. And so COVID has really accelerated the motivation toward banking in the cloud and also toward core banking transformation, which is at the heart of setting a very high security bar in public cloud, you know, to be able to also enable those kind of workloads. Yeah, so many changes as a result of COVID. I mean, the volume of loans, like you said, everything was digital. A lot of, I know a lot of older people that always still like to go into the bank. They'd like to see people and they knew people and people knew them. Well, they had no choice but to go digital. So that's huge. If you didn't have a digital solution and cloud is a fundamental in that equation, but let's get into it a little bit more. And we talked a little about this at IBM Think. But what are the key attributes that make the IBM Financial Services Cloud suitable for financial services? Is it the certifications? I wonder if you could add some color there. Yeah, so the key elements of the Financial Services Cloud program are number one, a policy framework, which is a set of controls that are customized to the financial services industry. So this isn't about some existing standard. This is a customization of controls and security for the financial services industry. And that's the major element of what we're announcing right now. In addition to the policy framework is also the way that the different elements of the industry and of regulatory expertise are coming together. So this cloud and these public cloud offerings were co-developed and co-designed with IBM Promontory, with IBM Security Services that work with banks, with our anchor partner. And moving forward will be advised by an advisory council of CISOs who have that day-to-day experience with security and with regulations. And so that is also a very unique context for not this being just a point in time with a policy framework, but being an ongoing initiative that will stay up to date as security concerns and as regulatory concerns change. And the third aspect is a really unique set of technologies that make all that possible. So you have to define how the cloud is going to be secure and then you have to actually do it. And the unique capabilities that we have in IBM Public Cloud that have enabled this program include a number of things, but amongst them, the industry's highest standard for data protection with our FIPS 140-2 level four based key protect service. It includes capabilities that will be releasing through our acquisition of Spanugo around cloud security and compliance posture management mapped back to that context of financial services. And so it's really three things. It's a policy framework custom and optimized for the financial services industry, the forward evolution of that through industry expertise and participation of multi-parties in that. And then core technologies that enable folks to accomplish that security posture through data protection, through cloud security posture management, et cetera. I forgot about the promontory. You guys made that acquisition several years ago. That's a nice little feature of the FS cloud. But I want to ask you, how hard is it to get these certifications? I mean, it's obviously not a layup. A lot of work, a lot of time. My reason for my question is this a moat for you as you guys start to scale? How difficult is it? Yeah, so we have been putting in the time and effort. And so that's why this is an exciting moment for us with the initial work product of this effort. And so our intention really is not for that to be a moat but for us having traversed the moat to now have a bridge there and through the methodology that we built through the control framework that we've built for others to now get across that mode. And so this is really about taking what is an extensive amount of work and an extensive amount of expertise. IBM promontory you just mentioned, but they monitor over 70 regulatory obligations in over 20 jurisdictions globally, right? I mean, this is a tremendous depth of expertise. And so having crossed the moat and having built the bridge across it, this is where we can then help others to save time in this process of adopting public cloud for further workloads. You've mentioned workloads, you talked about core financial workloads, but maybe give us a little insight on what type of workloads are the most suitable for the financial services cloud because let's face it, most of the hardcore mission critical workloads haven't moved. Actually, probably none of them have moved to the cloud. You can reference that before. Ginny Rometti talks about that all the time. But what are the right workload strategic fits for your cloud? Yeah, you mentioned Ginny Rometti. So I'll take a quick note there from some of the language that you'll hear her use. She talks about, there was chapter one of the cloud journey and stuff that was on less sensitive data, analytics, some things on public information were certainly done also in finance and also in regulated industries in the cloud. And she talks about chapter two, being mission critical workloads. And this program really is the definition of chapter two for the financial services industry. It is the enabling expertise, the enabling control set, the enabling security technologies, the enabling cloud services for that chapter two for that next layer of adoption of things that had been kept behind the firewall had been kept in a private cloud context can now be considered also for public cloud. And so easing that adoption, streamlining that process, et cetera is really what we're looking to accomplish. I mean, obviously IBM huge presence in the banking community. Is this really for just big banks? What about the ecosystem? What do you got in there for ISVs and SaaS providers? Yeah, you talked to the, you asked me a question at the beginning here about COVID and what's happened. And I think the transformation of ISV providers to become SaaS providers, the expansion of their capabilities being needed in payments and digital client experiences and such also for regionals and second and third tier banking institutions and such is as much of what is happening right now as anything else amongst the first years because there is just as much pressure for transformation and digital consumer experience and other things like that. Also in the regionals and second and third tiers. So part of our announcement is around the ecosystem of partners that we have now for the financial services cloud program. And that includes ISVs and SaaS providers that are servicing many different types of needs of institutions, large and small, right? So we're seeing, those that are servicing core banking and payments those that are servicing analytics use cases for this industry and even HR function just because of that concern about, stewarding data well for these industries and those first tier banks. And so that transition to digital that drive to infuse AI capabilities the need to transform core banking is something that's very much also happening within the ISV and SaaS providers. And we're thrilled with the wide variety of partner base that we're seeing develop there within our ecosystem for this program. I was talking to a CIO friend of mine several years ago and he said to me, you know, this idea of lifting and shifting is fine. You get little cost savings maybe but unless you change your operating model and you drive an innovation agenda you really aren't going to get the type of telephone number returns from cloud that you would want or expect. So my question is around innovation and we've said many times in the cube that the new innovation cocktail it's not Moore's law anymore. It's the combination of data applying machine intelligence and then the cloud. And the reason why the cloud is important is scale. Okay, there's a little maybe a little bit of cost as well but it's also innovation. It's the ability to attract people into an ecosystem and that resonates with line of business. If your cloud is just about, you know making IT, IT's life better. Well, that's nice. But what's in this announcement and in this initiative for the line of business? Yeah, you know, it is all about the workloads, right? I always say that to me, the cloud journey is about, you know number one your platform, right? Which is the thing onto what you modernize, right? It is, what are you going to get out of moving to containers? What are you going to get out of, you know moving to microservices? How does that help all of those cloud metrics that you mentioned? But number two, it's about the workload, right? Which workloads are we talking about? How will they deliver? How will those workloads be able to because of cloud deliver not just TCO but improvement in customer experience? How will those workloads be able to meet elasticity, resiliency, cybersecurity concerns, changes in the way the workforce is working these days, et cetera? And from the line of business perspective, you know there is a tremendous need to consume for example, fintech based innovation. You know, but a lot of folks have struggled to move past POCs because, you know of concerns about security and compliance for those, you know, deployment scenarios. And so being able to bring the ISPs and SaaS providers and then also fintechs into an ecosystem with a prescriptive and proactive security and compliance context is really what we're all about here. And that will enable a flourishing of adoption of innovation. You know, I always love to talk about, you know the competition on these episodes. But I want to ask like differentiation, how different is this? Can I just go to any cloud supplier and get this? Will I eventually be able to? What's IBM's differentiation Hilary? Yeah, so you want to think of it that, you know, in financial services you are concerned and you have to be concerned about everything. You have to be concerned about things into the details of the cloud itself. You have to be concerned about things that are related to, you know, the behavior and the permissions of your developers in that environment. Financial services cloud really has to be an end to end soup to not conversation. And so this is a program of our public cloud where end to end we can stand behind and provide trust and resiliency and this policy framework end to end within an environment that can be trusted for mission critical workload. And so when we look at differentiation, you know, our investments are in bringing together IBM's expertise all the way going back to, you know, regulations and security consulting that we've been doing for decades in this industry applying that to that cloud context, taking capabilities that are developed all the way down into the transistors, investors that investments we've made even into the silicon around how cryptography is done, bringing that into the cloud context. And so having brought those things together into our, you know, public cloud context, that's how we're able to solution this, you know, in a different way because it really is end to end about the expertise, you know, from all of that regulatory advising that security context all the way down into the silicon and the transistors. And I think that's a very unique value proposition as a cloud provider. It's a, you know, tremendous opportunity for us to bring together those pieces and to continue to be a trusted partner to these companies that we have long been a trusted partner of. Now, of course, you guys have a relationship with VMware. You were the first actually to announce a VMware cloud relationship. And so let's say, okay, I got some VMware workloads. I move them into your FS cloud. You know, make sure that I've got the security and compliance checked six months down the road. So I've done that sort of first step. What's next for me? Is that the end or are there other things on my journey? Yeah, so absolutely. I mean, VMware is part of what we are, you know, Solution Financial Services clients do, but also, you know, cloud native and, you know, OpenShift containerization that modernization journey is an ongoing journey for everyone. And so, you know, kind of to your point of what's next we're seeing a continual conversation of, you know, balancing lift and shift and modernization across, you know, workloads. And there are different reasons at different points in time for people to consider that. I think the key is that they trust where they are taking that data. And, you know, whatever the form is that the workload goes it needs to be in the context of that trust around the data and security context. And so we're absolutely seeing, you know, everything honestly from financial services institutions looking to engage with us also in our new research innovation lab where we're engaging directly with financial services clients that are trying to work through this, you know, differentiation, right? Is it virtualization? Is it containerization? Is it even serverless? What is the right and most effective, you know, balance of how workloads are programmed and run for the next generation of banking? You know, Hilary, I've been doing a lot of interviews in the last decade. And it's been interesting to see the ascendancy of cloud, of course, but also the sort of the change in perception particularly in financial services in the early days of cloud, folks of them, cloud was an evil word, you know, the sea that should not be named. And so I want to understand if I'm, and of course COVID has also changed the perception, right? Because if you weren't digital and you didn't have cloud you couldn't really transact businesses as well and you didn't have that business resiliency. So what if I'm a financial services person now? Okay, through the knot hole, I want to get started. Where do I start? Yeah, you know, we'll call us first, but you know, past that, I think that, you know, the conversations, the first conversations that we're having with our clients are number one, do you have an architecture, right? So is cloud not just a place, like I like to say, but is cloud a plan? Is there an architectural plan to enable you to have consistency, for example, in your developer experience between your private cloud environment and your public cloud environment? Is architecturally are there those foundational choices around, you know, common services about being able to deploy capabilities in one location and, you know, develop them in another, et cetera. All those value propositions of, you know, what we have been creating around open shift and cloud packs and our public cloud and consistency across different environments and such. I think that's the first thing to start with, is architecting a cloud, not accidental usage of multiple environments, but architecting use of multiple environments. And then I think the second conversation is to make a security compliance plan that is going to be robust enough to withstand even the intense scrutiny of a regulated industry CCO and risk team. And so that's the other, you know, kind of foundational conversation that we're having with our clients and helping them with, right? So, you know, we can provide, you know, services and reference architectures and all that other kind of thing to enable them to stabilize, you know, planning on both fronts, see both architecturally for what cloud means in its entirety, not just a cloud, but in its entirety, all clouds, multi-cloud, hybrid cloud, et cetera. And then secondly, then, you know, a comprehensive security plan for that public cloud choice. And that's what we're, you know, really locking down with this policy framework is to enable standardization on that for public cloud. Well, you know, a lot of innovation for the financial services community, which is again your wheelhouse. I wrote a piece right around, think that IBM's, you know, future rests on its innovation agenda. And I'm glad you brought up the notion of private, public, and they're the whole hybrid thing because I see OpenShift as a key and Red Hat as a key enabler of that across whether it's cloud on-prem, edge across multiple clouds. That's an ambitious agenda, you know, as somebody who's responsible for cloud. You know, that is something that is real innovation and really differentiable, I think, in the marketplace and probably pretty expensive to build out across all those different platforms. Yeah, you know, it is, but I think on the word innovation, my mind, you know, as an IBMer goes to the IBM Research Division, right, thousands of researchers globally they've very much been a part of this journey with us, right? The journey with us on containerization, the journey on workload modernization from monoliths to microservices, the journey of our public cloud and now also very much a part of our work in financial services. So our research division is this incredible gift and asset that we have that is working with us also on our, you know, cloud security and compliance posture management that security and compliance control center that we're talking about in this announcement, et cetera. And so, you know, them being a part of this innovation stream for us is a really exciting part again of bringing together all these different pieces that IBM has to offer in this space to make it all stack up to be a cloud for financial services. I got a couple of little housekeeping items before we close here. This is announced for the US first, right? What about other regions? Is that, first of all, is that correct? And what about other regions? That's correct. And we are also announcing additional participation of global banking partners as well in this announcement. And so this is also again, our initial public statement of our expansion past the US. Last question. So just give us a glimpse of the future. Where do you want to be in a few years thinking about, let's say three years down the road, what's that outcome look like? Yeah, you know, I think that three years from now, you know, we would love to see, you know, that people are able to make a decision, you know, going back to your question about the line of business owners, right? Make a decision about what they're trying to accomplish with a workload and not be held back by security and compliance concerns in terms of putting that workload where it needs to be, where it will be most efficient and where it can be embraced by a set of cloud capabilities that enable it to move in a competitive pace forward, right? Infusing AI into everything that is done, you know, leveraging the latest in technologies and, you know, serverless computing and all these other kinds of things that can facilitate a line of business delivering more value. So that cloud really, you know, continues, but also realizes its promises in that chapter two version of the story, also for regulated industries and also for their mission critical workloads. Well, Hillary, good luck with this. I mean, congratulations on the progress that you've made really since you guys announced this late last year and really excited to see this start to take off. And you're a great guest. I love having you on. Thank you so much. Thanks so much for having me. Pleasure talking to you as always. All right, cheers. And thank you everybody for watching. This is Dave Vellante for theCUBE and we'll see you next time.