 Live from Chicago, Illinois. It's theCUBE. Covering Veeamon 2018, brought to you by Veeam. Welcome back to Chicago, everybody. This is theCUBE, the leader in live tech coverage, and you're watching our exclusive coverage of Veeamon 2018. Hashtag Veeamon, my name is Dave Vellante, and I'm here with my co-host, Stuart Miniman. Stu, great to be working with you again. Thanks, Dave. Admiral David G. Simpson is here. He's the former chief public safety and Homeland Security Bureau, and CEO currently of Polaris, a consultancy that helps organizations think through some of the risk factors that they face. David, welcome to theCUBE. Thanks so much for taking time out. Thanks. It's my pleasure to be here. So, as I was saying, we missed a big chunk of your keynote this morning, because we had to come back to theCUBE and do our open, but let's start with your background and kind of why you're here. Sure. Well, I spent over three decades in the Navy where my responsibilities throughout included the resiliency of the ability to command and control forces in areas around the world, not always so nice and often arduous and often at sea. So that experience really has given me a very good appreciation, not only for how important economy of operations is, but how difficult it can be and how important the details are. So I am a natural fan of what Veeam is doing to make that easier for organizations. After DOD, I was recruited by the chairman of the FCC to lead the Public Safety and Homeland Security Bureau for the Federal Communications Commission. And in that position, I had responsibility for the nation's Diamond One system, emergency alerting and the resiliency of over 30,000 telecommunication companies in the domestic market. So both experiences really have given me a very good insight into the need, the consequence of not getting it right, how to prepare to get it right, but also an ability to look at what's coming down the pike with the new telecommunications technologies that will really be game changers for functionality in the new internet of things environment. So three decades of public service. First of all, thank you. Thank you. It's quite an accomplishment. And then we talked off camera that we, a couple of years ago, had Robert Gates on and we were getting detailed into how the experiences that someone like you has had in the public sector translated to the private sector, it used to be there was just such a huge gap between what you did and what a company had to worry about. Do you see that gap closing and maybe you could add some color to that? Sure, and in particular in the cyber arena, cyber unlike the land, sea and air domains is a domain of man's own making and the constraints around that domain are of our own choosing. And we're not constrained by physics, we're constrained by the investment decisions we make and the contours of that expanding environment. But the internet started out as DoD research and development project, DARPA. So it has not been unusual for DoD to be out in front in some of the development aspects where counter-intuitively we would normally see industry out in front. The same occurred I believe with cyber when our intelligence community over 10 years ago said, hey, this is a great thing, this internet thing and it's a super that we're doing more and more communications that we're talking with devices at the edge around the battle space. But it's vulnerable to attack and we need to organize so that we are capable in the defense of that great cyber set and the functionality that we've built. Could you expand us, you're doing some teaching in the cyber security world too, maybe share a little bit what you're doing, what you see as kind of the state of this today. Well thank you for asking that. About a year ago, the dean of the business school at Virginia Tech asked me if I wouldn't consider building a cyber program for the business school. Tech has always had a strong engineering component to cyber security and it's led by a good friend of mine Dr. Charles Clancy with some superb research going on but increasingly over two thirds of the work roles in cyber security are not engineering. They really have much more to do with traditional business functions yet most business leaders aren't well prepared to assess that risk environment, let alone appreciate it and then drive investments to address risk reduction. So at Virginia Tech we've built a series of four courses that in the MBA programs, the Masters of Accounting, the Masters of Business IT, we are now teaching prospective business leaders how to look at the risk environment and organize an investment structure using the NIST or National Institute of Standards and Technology risk management framework so that can be done in a repeatable way that communicates well with industry and companies like Veeam have an important role to play in that space because Veeam really translates much of the engineering complexity into business understandable conditions by which decisions about that data space can really be made. I want to share an observation that we had in theCUBE last year, one of my favorite interviews was with a gentleman from ICIT, James Scott, he's a security expert, you may know him, and we asked him what the biggest threat was to United States and his answer surprised me, I thought it was going to be cyber warfare or risks to critical infrastructure, he said the weaponization of social media was the number one threat, like wow, and we had a really interesting discussion about that and I think of your background, loose lip sync ships, people on social give up their credentials, all of a sudden you've got some outside bad actors controlling the narrative, controlling the meme and controlling the population without firing a shot, wow. So what are your thoughts on social media and its risk to our society and how to deal with it? Well, we're seeing in the last year that he was very oppressing him, right? And that you could lock down all the bits and the bites and get the integrity, the confidentiality, and the availability of your data sets taken care of, but in a world where the public square, if you will, is now a virtual public square, if an adversary can change the perception of reality in that public square, or if they can cause our democracy to lose confidence in that public square, then an adversary can really achieve a kill, if you will, a desired effect in a way that is very negative for the country. So I don't see that as being completely distinguished from cybersecurity. I see in my mind that we need to expand the universe, the protective universe of cyber into that cognitive space and we need to understand increasingly the origin of comment in the social media arena. We need to understand the role algorithms have to play in amplifying message and suppressing other messages. And we need to, I think, have a greater accountability for businesses that are in that virtual public square line of business to help consumers and communities continue to have confidence in that public square. And we're challenged in that area. You can see Mark Zuckerberg's testimony, right? Which illuminated some big challenges there. Yeah, I mean, my heart went out to Zuckerberg. It was like the poor guy, he's just trying to build out a social network and now he's getting attacked by politicians who are saying, wow, you mean you use data for political gain or you allowed somebody to do it? So he was in a tough spot. And politicians themselves I think were a bit embarrassed in revealing their lack of tech savvy in a world where we should expect policymakers to be at least aware enough of the parameters around the virtual public square where they can help develop the right policy to ensure that this continues to be a net asset for the United States, for communities and for consumers. And technology kind of got us into this problem but technology in and of itself is not going to get us out of this problem. It's others in the organization, the lines of business, the policies, the practices, some of the work that you do in your teachings. Maybe comment. Yeah, absolutely. And when I talked to aspiring business leaders, I communicated a couple of things to them. One, they need to get their heads out of being the decider as the CEO. Increasingly, they will be creating decision environments, right, where decision operations occur and are driven by algorithms, by machine learning and AI. And so they've got to be thinking about how do they create those environments to deliver the right kind of decision results that they're looking for. The second piece that I talked to them about this counterintuitive is that they need to, as they bring in network functional virtualization and in more and more software oriented things that used to be hardware, they've got to understand the risk exposure from that and bring in, bake in, a way to address cyber risk as they introduce new functionality in the market. Well, interesting, Admiral talking about network function virtualization, I'm very impressed. Admiral Simpson, thanks very much for coming on theCUBE. Really a pleasure having you and best of luck in your work. Well thank you, and it's great to be here with the Dean professionals that I think are really building a command and control layer of an enterprise's data space that will be very important for the future. All right, okay, thanks for watching everybody. We will be right back. Stu Miniman, Dave Vellante from VeeMon 2018. You're watching theCUBE. Great, thanks.