hello everyone and welcome back to the cubes live coverage of Neta converge here in Las Vegas Nevada I'm your host Rebecca Knight sitting alongside my co-host and analyst Rob stretche Rob we're hearing we've had a lot of great guests on already we're hearing what customers are looking for Simplicity uh Innovation security yeah andI think we're going to get to dig a little bit more into what that what does that really mean from a net apppp perspective and how does that really help broadly with that and within the government as well exactly well I'd like to welcome our next guest to the show she is Kristen verderi she is the VP government relations at Neta thank you so much for coming on the cube Kristen my pleasure it's great to be here with you guys I'm glad you're here to support NF and tell all the good stories yeah well there there's a lot of them so let's talk about security um nedap recently pledged to support the cyber security and infrastructure security agencies by Design progam I know oh my gosh I got it out though um talk a little bit about whatthat means andwhy it is socrucial sure so Department of Homeland Security has a division called the cyber security and infrastructure Security Agency which is the big mouthful uh I chair the it sector coordinating council's industry advisory group called The ITC right our job is uh to advise sisa and other government agencies within the US government inside cyber security policy so uh we have over 150 tech companies who are members of all different sizes flavors shapes and sizes uh and cisa comes to us and says hey we want to do this and we sit there and think about how can we do that right there's certain things that we can or can't do we have cost constraints uh we have business plans that are all unique to all these tech companies and the technology sometimes limits us too we'll sometimes be able to say we literally can't do that from a technological standpoint so our job is to work with assisted to find that win-win right where can we actually get there so when they came to the itcc uh probably 2 months ago they said they wanted to launch a pledge at RSA they're really secure they're really passionate about secure by Design they want to get companies to sign up to it officially how can we do that so the first version they brought us zero companies would have signed so we had many conversations getting it to a point where technically companies could sign up and legally companies could sign up right you don't want to actually publicly sign up to a Ed and not do it or the SEC or the FTC or you'll invite all sorts of legal issues so we got over those two humps and last week at RSA we announced the pledge and 68 companies including netp oh put their John Hancock on it so it's been a really goodexample of how the itcc works with sisa to get to their joint goals of securing this country's infrastructure yeah and Ithink that's huge now especially with people talking about again AI being kind of the you know if we don't talk about it we'll get kicked off the internet so we have to talk about it but when you start to look at that and the best practices that somebody like net app has been doing for forever I mean even when I was here it was really big in the fed and sled markets and which had you know pretty uh stringent and some of the certifications but when you start to look at those best practices and how people and how you have to get other people I mean getting 68 is pretty amazing what were some of the best practices that net app brought to bear that really helped sisa really get to this pledge that people could actually sign up to sure so the good news is that as we're having these conversation with sisa we realized that we were already doing almost everything on the pledge already it's a question of how far we were required to go and when right uh our business kind of like Financial Services is really built on security we're holding everybody's data I think of financial services and one of the reasons they're really the furthest ahead or very far head in the cyber security game is because that's their business case right if their networks go down nobody has any money they will have no customers it's same thing for us and you brought up aiis data right we heard this morning AI fuel data fuels AI I say that all the time you've got the data the compute and the networking we're a third of that story if we don't secure that data properly and actually manage it where you can access it quickly and securely when you need to you can't do AI you can't do it so for us security is an imperative we won't have a business if we don't take it seriously right and Ithink even with thatwhole thing is being built in and I mean even uh Gabby talked about it and George talked about it and I think everybody I think being built in to BU design like you said because people are bringing the AI to the data but like they used to say you know why do people rob banks because that's where the money is why people go after you know AI because that's where the data isthat what you're seeing as part of this whole system initiative was to really securing that data 100% And I think what sisa is trying to do and director easterly who's a great friend of ours at net apppp uh flip that narrative right so companies would come out with the latest bells and whistles for their software and put the money into the bells and whistles she's trying to get companies to put money into the security side so that the manufacturer owns security not the end user you know you and I opening up our laptop we got to then go get a firewall and we get all these alerts have to deal with ourselves trying to prevent that from happening and put the onus on the manufacturers we're not adverse to that that's actually okay as long as it's done in a way that fits those three things I talked about right our cost our business plan and the technology if we can figure that out we everybody wins so that's what we try to look for is those win-wins can you talk a little bit about some of the specific ways that Neta istackling the goals of the Pledge as you said you're already doing you already had a lot of these best practices in place butyou do now have to get to them by a certain time so what are some of the ways that net app is working to get there sure well we already have existing programs in place uh to address multiactor authentication those types of things uh and I think the area where Ithink is probably easiest to highlight is the requirement or the goal to reduce or eliminate entire classes of vulnerabilities that doesn't mean anyone's ever going to get rid of a class of vulnerability because it's impossible to do the hackers will innovate and innovate but putting effort towards bigger issues right so mot who runs our security organization has a great fishing campaign within net apppp right some of us love it some of us hate it but she'll send us those emails and try and trick us and then it gets reported up to your manager if you fell for the tricks then you have to go do additional training I did fall for it I'm a cyber security person I fell for a couple of them oh my god well then what hope did the rest of us have I know but it was good training so now I literally never click on anything on my phone like ever because that's when it is least discernable right you really can't tell that's my policy now I never do it and that's across the whole company so that's raising the bar on fishing it will never eliminate it that's a human thing we're never going to do that uh same thing with Insider threat that's another class of vulnerability but we have a very robust program at neep to address Insider threat so yeah Imean again you know sitting here in Vegas and talking about that r i mean the social engineering aspect of it and some of the things that go on like you said it it's people aren't zero days yes they're definitely going after zero days and things like that but a lot of it is the social engineering aspect of it as well talk to aboutthat whenyou're seeing that from the government perspective as well they know that at the end of the day it's people who end up tripping up the systems right I think one of the smart ways in which they're focusing and we're working with them on is to focus on the smaller companies as well you'll see the people who signed the pledge we've got really big companies like uset Microsoft AWS you got a lot of small entities on there as well this we're only as weak or as strong I guess I want to get the metaphor right as strong as the weakest link yeah that includes small companies are vendors they get into our systems the target hack the home to beo hack years ago those were from small parties that were part of the network so the secure by Design program and the pledge is really meant to bring in those weak links um we're all human we've got smaller companies they have different costs and business plans that we do the big companies so we're trying to get everybody into the same net with the same end game so net app really is known for having such astrong culture and a positive culture I'm curious if you could talk a little bit about how you bring that culture to your the relationships that you have with government entities and how you work together tosolve problems and overcome challenges and how you bring net apps culture tothat working relationship and collaboration that is an awesome question I run Global government relations so I'm kind constantly talking with governments around the world and telling the net app story we are not the most known company I joke that we're the biggest company no one's ever heard of the good news is we get to define the narrative when we walk in the door and the narrative is so good it makes my job so easy we're partners with everybody we're built into the three hyperscalers we are interoperable with almost every system so we will work with anybody we'll do it in the cloud we'll do it hybrid we'll do it on Prem we'll do a combination we'll do it with whoever you want so we go into governments and help them with major initiatives which is part of our culture right I talked about the corporate values and caring for ourselves and our community for example we go to the Japanese government which is trying to digitalize its entire government and we say look we we're going to be part of this however you do this if you take 5 years 10 years it's all good if you work with these Partners or those Partners we're going to be part of it because we're friends with everybody in the ecosystem but we've done this before and we can help you figure this out and do it the right way the first time we won't charge you for it we're just in here as a thought leader and anme to kind of help get you there that's a great example of how we kind of take our culture of helping others and securing the rest of the world um by just being partners with people right just sitting at the table with them and helping them get it done back to secure by Design kind of when you look out 12 months where do you hope we are with secure by Design asa as an ecosystem not just as net app well I hope we have a lot more people who signed the pledge hope we have a lot more signator and I know we're going to be doing meetings with sisa along the way various other vendors are going to go and meet with them and talk about how we're achieving different goals part of theprocess is for those of us who are maybe perhaps more sophisticated incyber security teaching the folks who maybe are not so by using director easterly's the phrase radical transparency right showing what we're doing to try and get there to these folks who may not have that same road map that should improve everybody and in cyber security what I was just saying we you know we raise all boats with the tide and that's really the goal finally I'd love you to just reflect a little bit about your role in helping government entities uh transform and innovate because the government is not known for being a fast mover in this area andsuch Forward Thinking when it comes to technology but this is a special moment in time I'mcurious how you would describe thepeople that you're working with in their mindset as they approach these problems I think they're faced with a number of drivers to innovate right first of all most governments want to be the first for AI regulation right even if their own countries are very unsophisticated they want to be the world leader un regulating AI I won't name names they're all my friends but you've also got economic drivers where they want their own companies to really Thrive and benefit the Innovation that's out there you've got National Security right not just the hackers in the world the criminal cyber people but we've got nation states that are coming after all of us so there are so many drivers that are forcing governments to innovate my goal is to say how can we make this easier for you and it's not just net up we work as I said many partners we go in with Partners all the time how do we work together to get that win-win situation get you where you want to go without causing too much pain again that's where net app is so much fun to work for because as we heard in thepresentations earlier today we work with everybody every system you don't have to rip everything out we'll work with what you've already got we can tweak what you've already got we're going to be in there anyway at some point so let's help you figure out the way so I think that's kind of the messaging and the drivers that are forcing Innovation by governments to want it themselves that we can then step in and help them with excellent Christen veram thank you so much for coming on the cube a really fascinating conversation thank you my pleasure thanks for having me here today I'm Rebecca Knight for Rob stret stay tuned for more of the Cube's live coverage of metet app converge you're watching the cube the leader in Enterprise technology coverage and Analysis