 Welcome back to Boston, theCUBE's coverage of AWS Reinforce 2022. This is our second live Reinforce. We did two in the middle that were all digital. Aaron Brown is here as US AWS Cyber Leader for Deloitte and Ryan Orsey is the Cloud Foundation Leader for Partners for Amazon Web Services. Gents, welcome to theCUBE. Thanks for having us. Good to see you. Tell us about the story of Deloitte in Cyber and then we'll get into Deloitte Cyber on AWS or maybe even start there. Yeah, sure. I mean, obviously Deloitte one of the largest cyber consultancies in the world. We've been working with AWS for a very long time, 2013. I was involved with, you know, the first Alliance Agreement with them. And then we've been in cloud managed services about five years delivering workloads for clients. We have over 200 clients on that platform. And then about a year and a half ago or so, the MSSP program came and it made a ton of sense to us, right? To really level the playing field and gave us a chance to really come out and demonstrate our capability around MSSP. The MSSP program, I saw a slide yesterday and McKee notes it in the analyst program was, you know, there's technology partners, there's MSSP partners, explain the MSSP partner. Sure, sure. So at the AWS Partner Network, we break it down. The program is called the Level One MSSP competency program. And it is for both those companies that are sort of more of a software company with a managed service and those that are more of a pure service company. It's for both. But it's the general concept. It hosts the community of partners like Deloitte with that concentrated talent pool around 24 by seven monitoring and response of AWS security events. So what is Deloitte? Deloitte is not a pure software play. It's not a pure services play anymore. It's sort of a mixed conflict. Yeah, you know, asset enabled services, right? It's the way that we look at it. So yeah, we're definitely not trying to compete with software companies out there, but we do have assets, right? So we do everything as infrastructure as code and that allows us to deploy our solutions in the client environments really quickly. So where you might spend months on third party tool integrations, we leverage all native AWS tools in our standard offering and we can deploy into a client and get those services up and running in a couple of weeks. So you sell your software as an integrated service. Is that correct? You don't. It's service. It's really a service. Yeah, we sell a metered service. You don't sell your software separately, but no, I should say it differently. You include your software as part of the service. Is that right? Yeah, it is, but actually there's another element. There are obviously some clients who don't want to be in a managed service in perpetuity. And so those same assets that I talked about that we use for MSSP, you know, for the right clients, we don't just give away everything to anybody, but for the right clients, for the right engagement, we will work with clients to help them build the capability that they need to run it themselves. And our solution is built in a way where they can do that, right? We have a base component and a variable component to the solution and we will impart those assets to a client if the situation is right. So okay, so you'll actually transfer the software and would you charge for that? Yeah, certainly. But there's obviously a big service component that goes into it, right? That's really where your expertise is. We don't have a standard list price, but we'll work with clients to basically help them build out that capability because frankly the market moves so fast that you need a constant capability and engine to update that solution. It's not something that you're going to sell and someone's just going to use it that out of the box for the next five years. But a lot of the value that Deloitte brings is you don't run from customization, you welcome that, if a client says, hey, I need this special and that special or this compliant or whatever it is, you'll go attack, you have the staff, the talent to attack that problem and you use software in areas where you can have repeatability and it helps you scale and be more productive. Is that a fair way to think about it? Yeah, that's right. I mean, I guess one of the phrases that we use is we like big hairy problems, right? That's sort of our sweet spot, the very simple, hey, I need a couple of guys to do a couple of things. Typically we're not the right firm for that. So we use, yes, we use the assets because we realize like, hey, out of everything that needs to be done, there's a significant portion of this that everybody needs more or less the same way. And then we build that, we build the automation to get it in and then we have that variable component working with clients to say, hey, let's make this work in your environment. We use a combination of AWS native services but then some clients have investments in third-party tools and we can work with that. So it's a perfect match for AWS because you guys are all about providing tools for builders and here's some primitives, some APIs and go. We don't want that highly customized snowflake for every single client. Exactly, I mean, that's what I feel like the partnership with Deloitte's really bringing to the table for everybody and our mutual customers and builders out there that we both work with is, again, they don't run from complexity or customization, that security can be complex, it can be hard. Deloitte's helping make it much easier. The AWS partner network is helping kind of bring the ecosystem together and of software service architectures that AWS recommend for like a security best practice around what to monitor, how to respond, what kind of enriched data should be added to that security finding and kind of pushing that out through our partnerships with such as Deloitte. One of the things that I, I mean, certainly big takeaway from this event, the security tracks that reinvent, previous reinforced events is AWS imparting, educating its customers on best practice and how to's and things that they should be thinking about, you know, do this, don't do that. In 2019, it was a lot about, hey guys, there's this shared responsibility model and kind of explaining that, we're way, way beyond that. Now, should we think about Deloitte sort of as an extension of that best practice AWS expertise that can be applied at your clients? I'll go to Deloitte because I don't have the talent to deal with that, I mean, I got talented people, but I just don't have enough of them. Exactly, yeah, yeah, and that's really what, you know, what our offerings tend to be comprehensive across all the domains and like I said, the full life cycle of security operations all the way from, you know, identify the issue to resolve it and recover from it. And, you know, we look at the shared responsibility model, you know, we like to say, hey, we will take you really far up that stack, that customer responsibility area, you know, for our service, we cover a significant portion of that landscape on our clients' behalf, because you know, what do they care about? Deploying workloads, getting the application running, right? Security is just another one of those important, necessary things, but it's just sort of standing between you and the business value of your workload. And your ideal target customer would be a large medium up to a large enterprise, or is all exclusively large or? Definitely not exclusively large, you know, the fact that we have all the automation that we do, we have significant portion of our security operations folks are off-shore, allows us to be really competitive. And so we're able to serve clients that maybe, you know, years past wouldn't have been what you'd think of as traditional. So like clients leveraging the marketplace, you know, we're able to serve that market segment. So, billion dollar up kind of? Yeah, and even south of that a bit. Okay, so maybe half a billion, a 500 million up, okay. So thinking about that ideal sort of profile, if you don't know, you don't know. I'm going to ask you to guess. What percent of those target companies, enterprises, have a sock? Is it 100%? 50%? You know, or are you 75, 75% of most of you? Okay, so let's say three quarters. So you compliment the sock, right? You're not the sock, but you may be in some cases. Now we're talking about it's a function of what their IT enterprise landscape looks like. If they're 100% AWS, yeah, if you're born in the cloud startup and you know, you don't do anything else and we have a few of those, right? And they want to give us everything. They're like, you know, we're just going to have a, our security guys just going to kind of understand what you guys are doing and feel good about it. Yeah, we do that, but for the most it, there is an existing sock, right? And so what we do is we have, we leverage, you know, an ITSM software to E-bond with our clients service management functions so that when we're generating things, they have full visibility to what's going on. We're still resolving things on their behalf. We are also, we need to communicate with some clients, right? Because a lot of security issues that need to get resolved require engagement with the asset owner. So it's not, we're not just a black box. So we do have to talk to folks on the ground at the client to resolve issues. And that's actually one thing they really impressed me at getting to know Aaron and his team more and more throughout this journey together in the partnership is they're not throwing alerts over the fence to the customer sock team saying, well, here's some recommended remediation steps. They're actually rolling up their sleeves and doing some remediation themselves and informing the customer. This was taken care of for you. That's, I think that's really unique. Yeah. In addition to, you know, our solution obviously has a bunch of auto-remediations that we do as part of the solution. So, what's the engagement like? What's the conversation like when people come to you and say, I have a problem, it's blank, right? What are the typical, you know, a lot of it has been organizations where there's either a business unit that is kind of maybe off-run and doing their own thing. And, you know, it's only sort of come to light with the compliance and security organization inside the client that like, hey, these guys maybe need some help and boy, we're really strapped. We don't have the people, because talent's so tight, to go help these guys and make them get it right. We're going to go ahead and keep them kind of off to the side and, you know, we'll do this managed service to help get that addressed. And then another typical scenario is when companies are acquired. So, you know, an organization buys a company and they've got a pre-existing. Again, they look under the covers and they're like, oh, these guys really need some help. Because of the way that we deploy everything as infrastructure is coded really very quickly, it's a great way to just kind of get it sorted. It's a metered service so it's not some massive investment that they have to make. We can just get it sorted out until maybe they get a chance to process and actually onboard that new entity into their enterprise structure. So as part of the MSSP program within AWS, you've got to be really good at understanding how to utilize the AWS portfolio of cybersecurity services natively. So you do that. Does that check the box on everything you need or the clients typically say, no, no, you've got to integrate with all this other mess that I have there. Can you sweep that mess aside and say, hey, I can do this all in the cloud? Or what's that dynamic like? The answer is yes, both, right? So typically clients will have significant investments in existing third-party tools and then either politically because of the investment or from a practical standpoint, it makes sense to integrate those. Now that does slow down the deployment and the customization a bit, but a lot of times that makes sense for the client. Well, it gets hairy. Like you said, you love these kind of hairy. Yeah, that's right. You run towards it. That's right, we run towards fire. Ryan, your focus on partners is all partners or is it really the MSSP's? All partners, all kinds of partners in the security space, right? So software companies, professional services, managed services. And we're focused on trying to make security easier for both of our mutual customers here, right? So that what you mentioned about best practices and how do you tell what best practices are per AWS service or third-party software that's operating in an AWS environment? That's part of what our team does is we create these partner programs. There's a very detailed, very prescriptive technical checklist that our internal security experts are going through with the Lloyd folks, for example, as a part of their membership in the level one MSSP program to make sure that those best practices, which could be fresh off the AWS documentation truck, are built into their services. And the reason those best practices exist is for a good reason. They're built, tried and tested in our own environments before they reach the documentation website. But all of that is incorporated into that whole kind of validated checklist that we do together. So it's a great way to make sure that operations from partners like the Lloyd, software delivered, customization delivered, aligns with what we're able to see from our Amazon culture of being so customer obsessed and really listening to all of those very specific challenges they might have that the customer will have at different points in their cloud journey. Those challenges are baked directly into key technical requirement criteria that the Lloyds teamed up with us to go achieve. What are you seeing at the macro, Aaron? When we talk to practitioners, we'll survey, we have a survey partner called ETR, and they'll do spending surveys coming into the year of CIOs and IT buyers. We're expecting 8% to 8.5% budget growth, post-Ukraine inflation, Fed tightening, the tech lash, all that. It's dialed down a bit. It's still pretty robust at 6%, and security still remains the number one priority. Have you seen, we've seen a little bit of momentum deceleration even in security spend across the board, but not anything tragic. Are you seeing the same, or are you seeing security budgets kind of where they were expected to be at the beginning of the year? Yeah, I haven't seen, you know, I haven't seen it decline. I mean, I think the fact of the matter is for all the things that we talked about before, right, basically the skill shortages and just the coordination with other cloud programs, there's a tremendous backlog of stuff that needs to be done and enterprises have more appreciation now for the need for all the various ransomware things that have happened and others that hey, they need to get a handle on the security in their environment, and so it isn't, I think a lot of what's been going on in the last year hasn't, the reason it hasn't been faster hasn't been for a lack of appetite. It's just been a lack of skills and process to do. As the business case changed and the variables may be the same, but it used to be, hey, if you don't do this, you're exposed, okay? There's a fear of getting infiltrated. And then it's going to be, if you want to quantify it, it's like, okay, what's the expected loss with and without, you know, the insurance terms. Is the business case shifting with digital toward, this is a fundamental component of monetization in order to be able to monetize, you have to ensure this level's secure. Are we there yet? Yeah, I think so. I don't think anyone's arguing whether it's, you know, needed or not, right? So now it's a question of, hey, and I think CJ Moses had a good slide in the opening yesterday where he was saying, you know, make the, what was it, make the path, the secure path, the path of least resistance, right? And so that's a big part of how we deliver our solution. We really want to make it easy for the enterprise to absorb the security services that we have, right? And that's really critical. I think that's where the focus is, is make it easier to do security because the value comes right along with it. All right, I'll give you each the final word. Ryan, you go first, then Aaron, kind of put a bumper sticker on Reinforce 2022. It's not slowing down, it's only picking up in terms of innovation, software tools, operational processes, and some of the unique ways that all these tools are tied together, third-party, native AWS, consulting, the way these services come together, it's only accelerating. It's been pretty exciting to see some of the innovation here at this time at this Reinforce. Right, Aaron, please. Yeah, I would agree. I mean, just the breadth of capabilities, the new announcements by AWS of the capabilities in their solution stack, I mean, for me, it's just, you know, I just kind of wonder like, when does it narrow or when does it settle down? And I know that that's not now. Keep waiting. Yeah, but yeah, I think, you know, we will continue to see, you know, just rapid acceleration and new features and services. I often say the next decade at Cloud ain't going to be like the last. So gentlemen, thanks for coming on theCUBE. It was great to see you. Thanks for having us. All right, thank you for watching. Keep it right there. This is Dave Vellante for theCUBE. I'll be back right after this short break from Boston. AWS Reinforce 2022.