All right, the doors are closed and we're locked in. Well, good morning everybody and thank you for coming to the uh session on data management needs and strategies across different industries. This discussion which is really a conversation this morning uh is about navigating the cloud and on premises data management needs across customers and different industries. The industries we're going to talk about today are financial services, service provider, government organizations. And we'll just cover some of the key challenges around data management, data privacy, scalability privacy, scalability uh and risk management. And the intent is that as you hear from each of these uh fine gentlemen on stage here that you may pick up some uh insights uh into strategies for effective data management. So, I'm going to introduce the uh the panel. Um starting on my left here with Mr. Ben O'Shea from Aussie Broadband. Yeah. Hi, uh Ben O'Shea, general manager of cloud at Aussie Broadband. Uh for those who don't know, Aussie Broadband is a Australianbased telco. Um you founded 20 years ago, celebrating our 20 year anniversary this year. uh initially providing residential broadband services into regional Australia uh the parts that the major telos wouldn't touch uh it was very successful for us uh and then expanded into delivering those services nationally you know given that residential broadband is a heavily commoditized market uh Aussie wanted to I guess diversify uh and are now sort of offering services B2B services into enterprise and government across you know both data voice uh and cloud which is the part of the business that I'm from uh and we have a real commitment to sustainability and have recently become BC Corp certified which is something that we're very proud of. Thanks Ben. Thanks for flying out. Uh my next studio guest is Mr. Rajes Singh from State Bank of India. Good morning all. Uh I am Rajes Singh, chief manager from State Bank of India. Uh those who do not know State Bank of India uh it is one of the largest bank uh on the planet in terms of customers in terms of number of transactions in terms of number of core banking uh branches. So just to give you an idea about it uh we are having 460 million customers uh if you can imagine 460 million daily we process uh 400 million transactions. We are having 26,000 plus branches, 60,000 plus ATMs. We are present in uh 32 countries outside India. So uh and we are running uh one of the largest private cloud onremise cloud uh in the Asia Pacific I can say. So the cloud that uh I am in charge of I am running the uh private cloud of the bank that is named as MGDU. uh magdut is a Hindi uh Sanskrit uh term for cloud. So uh we are running around uh 20,000 plus virtual machines on the cloud and uh recently we have built hybrid cloud with the uh few public uh cloud service providers and uh just uh the scale of cloud is that we are having uh 1,000 plus hosts and uh20 around 25 pabytes of storage. So the scale is massive when it comes to State Bank of India. So is our reach. That's it. >> Thank you. Thanks Rajes. And uh my third studio guest down the end, Mr. Philip Prrenchaw from uh CGI who's both a uh a partner and a customer. Philip, thank you very testing. I think I'm on. Yeah. So uh good morning almost good afternoon everyone. Uh thank you for coming to our panel. Uh very nice to see everyone. Um my name is Philip Krenshaw. I'm a vice president with CGI. I'm responsible for actually our managed services partnership with our friends at uh at NetApp. And if you could probably saw my socks earlier, I'm sporting my NetApp socks this morning. Um CGI has been around for about 45 years. I've been with them for about 25 of those 45 years. Um we actually uh do a lot in managed services. About 60% of our 12 billion in revenue comes from managed services and uh um the rest comes from SI and our IP organization. And I'll share a little more on that as we go forward. We've got about 400 offices globally. Um, and uh, I think that's it from me, Mike. Yep. Thanks, Phillips. Thanks, Phillips. Thanks, Phillips. I'm going to get into some uh, some questions. Ben, I'm going to I'mgoing to go toyou first. So, it' be fair to say I think um, on this panel, you're a good representative for a little bit. Okay. All right. Um, fair to say that you're a good representation of telco and service provider, right? Based on what you know where you've been. What kind of approaches have you adopted for data governance and complianceuh and maintaining quality integrity andsecurity? Yeah. So, uh look, my background in my part of the business isservice provider. Telco is a whole other sort of kettle of fish. Uh so, I'll talk to the service provider part. With service provider, the overwhelming bulk of the data that we store iscustomer data. Uh and across all of those different customers that you have, you've got vast and varied, you know, requirements around protection, compliance, uh you know, governance and data management. Uh particularly, you know, within government, we have a lot of uh government customers and due to the type of data that the government entities store, uh there's usually some, you know, fairly stringent requirements, uh that you don't sort of see in the private sector. Uh and our goal as a service provider is really to have you the systems and the frameworks and the capabilities in place that enable that compliance uh for our customers uh and sort of help them meet those compliance obligations in a way where the technology is really out of the way so that they can focus on you know their business their customers and the things that add value to them. Uh so essentially we want to build like asolid foundation uh that they can en build their compliance on top of without really having to think about the technology. Um you know managed services you know fromthen up you know is a big part of how we deliver that you know essentially all of those you know goals that I described that we have you know for how we want what we want to do for our customers is what managed services does for us. uh it allows my team to focus you know on the customer and the things that add value to them and helping them solve their problems or taking you know all that foundational pain and complexity away from us uh in managing astorage environment at service provider scale. Um you know that scale has a lot of complex environments uh and it really helps us sort of keep on top of that without having to have a really large workforce. um you know gives us the capabilities you know to enable different protection requirements, retention requirements, you know, immutability uh and have the confidence that those things are being delivered reliably and well and will work when we need to and also gives us the tooling and frameworks to you know identify, classify and report on you know customers uh data and their compliance against whatever regulations they have which is yeah really valuable. Ben, I think looking at uh your wehad this conversation looking at your business priorities and our messaging in the market particularly what we've heard in the last couple of days building a robust and modern uh infrastructure is a priority for us forus both um were there specific considerations that you had uh and planning for data management around using managed services? Yeah. So I mean data management at service provider scale isan interesting challenge andlook when I say service provider scale just forget all those stats that were just rattled off that make our environment look incredibly small but you know we've got a lot of disparit environments you know within data centers across all of our data centers and availability zones. We've got all these different performance tiers uh and capacity management you know across that environment is reallydifficult. you know customers uh can do unpredictable things with their data and where they store it. Um and often we get no leading indicators around you know what data type a customer is going to store andwhere uh and I think you know those unpredictable things that they do often don't line up with the use cases that we envisioned when we defined our storage architecture and we need to be able to you know respond to that uh andthose unpredictable things you know often have an implication on performance or can generate you know large uh and unexpected amounts ofchange within the environment. So, storage managed services, you know, really helps us be able to, you know, respond to and meet those customer needs. Making sure that we've got, you know, capacity available on the right performance tier, uh, to be able to meet the customers, you know, performance requirements, uh, as they sort of change, uh, and do that in a way that helps us, you know, keep our costs and our revenues, uh, closely aligned and really avoiding, you know, lumpy kind of capex uh, purchases. Um managed services also helps us keep that environment you know current uh and available uh and also you know when things get reallybusy you know being able to uh lean onthe NetApp team to provide top level expertise to augment my team you know it's been alifeline quite a few times and it's a heavy lean sometimes right yeah definitely so ju just sort of changing topic a little bit and I'm going to make this joke a couple of times and you're all allowed to laugh when I do right but um can you share some insights right on any emerging trends or challenges uh in data management in your sort of industry. Yeah, I mean look, I think the biggest challenge is just managing the sheer amount of data, right? So, uh within a service provider environment, you just see data grow constantly and exponentially. But really, the only time we ever see any kind of, you know, shrinking or contraction of that data is if a customer, you know, potentially leaves us or, you know, maybe moves an application or a large data set into the hyperscaler. So I think you know dealing with that growth you know making sure that it's you know protected ensuring that it's you know stored uh in alignment to compliance requirements uh helping customers make sense of that data and helping them manage their quality you know these are all challenges that our customers struggle with uh and as a service provider I think you know this is that's really the opportunity for us toadd value so uh yeah I think that's you know one of the key challenges um in terms of trends you know Ithink cloud strategy in general is sort of shifting away from you know these cloud first strategies that we saw uh into I guess cloud smart type strategies which means you know the those things are becoming increasingly hybrid and multicloud so what's theright cloud you know to store my data to store my application uh how do I think about you know the performance of those things the cost uh what it's going to cost me to store all that data uh and also I guess the concept of um data gravity. So by storing a certain data set in a particular cloud, what applications, what other sort of data sets does it sort of naturally draw in and attract that are required to be located close to that data uh so that it can perform in the way that it can uh that it needs to. So I think that's an interesting shift and I think that's sort of driving a real shift you know of cloud strategy in general away from application ccentric uh and increasingly starting to become you know datacentric uh cloud strategies. I think the elephant in the room right which we've heard a lot about this last couple of days is AI. Yeah that's it. I'd be remiss if I passed up an opportunity to mention AI in the context of uh of data management. So I think what we're sort of seeing there is a real um trend around you know customers wanting to make their data available to be consumed by AI models uh and just to see you know what they can leverage from that what insights uh are they able to derive from it and you know while we're still really early in the hype cycle on that and a lot of it is fairly unknown I think it's really exciting to see you know customers experimenting uh with those things. Yeah. things. Yeah. things. Yeah. >> Um I've got one last question for you just uh just on managed services. I run managed services for NetApp. So part of my strategy or part of our strategy as an organization uh is to ensure that we are really focused on giving outcomes that benefit your business, right? Uh instead of pure IT sort of operational outcomes, the NetApp managed services team that works for you, are they bringing that to the table? Absolutely.So I think you know and it's across the entire NetApp engagement just not just the managed services engagement. So, it's a true partnership. Um, and I think that's thething that I really look for. Like, so someone who's going to, you know, work with me. You know, I think of NetApp as an extension to my team. Uh, you know, both the managed services guys, but also, you know, my account team, my SE, uh, and they really sort of sit down and want to, you know, understand my business and help me solve problems rather than just, you know, selling at me or, you know, transactionally resolving a ticket orsomething like that. So you know managed services uh guys gives us a lot of insight into our large environment and really sort of help us you know with our currency uh and staying on top of you know complexity. Um but I think the thing that I like best about theNetApp partnership is it's a shared risk shared reward type engagement. So you know how do we sort of sit down and work together uh so that we both win uh and we both manage our risk inan appropriate way. Uh so I think it's no one thing on its own but it's a sum of all those things thatreally adds value to me in terms of the partnership. Thanks very much Reesh. You think you told me uh while we were waiting for the session to start it took you 28 hours to get here right um so we when we talk about state Bank of India and we talk about large scale there's a starting market 28 hours to get here. you shared some data before uh aroundthe bank, you know, 480 million customers. I we've had a couple of conversations about, you know, prepping for this session and I still can't quite get my head around that. I think you've got more customers than the total footprint ofpopulation inAmerica, right? Um you've got nearly 250,000 employees, as you mentioned, over 22,000 branches, right? that toservice your customers thattype of scale is enormous. Um and when you look at managing that size customer base, right? Um what are your biggest challenges withthose with that type of scale? So [clears throat] the biggest challenge with us is uh the volume uh that at which we play. Whatever we do becomes so mammoth so big that uhmeans technology uh means we have to optimize the technology whatever we get the mean the default settings that we get with the technology doesn't work for us. We have to look for the innovative solutions uh optimization of the technology which is working elsewhere with the you can say uh the native settings we have to think out of the box to make technology work at such a large scale. So uh [clears throat] in uh in the IT sector or in the BFSI sector in India people say that if something is working in state bank of India that means it will work anywhere on the planet. Uh just to give you an example uhwe are running uh you there is a payment service called UPI. Uh so UPI uh the transaction has to happen within a second end to end transaction means the uh if as soon as customer is uhscanning the barcode QR code at the merchant site and then the uhmoney has to be debited from his account credited to merchants's account within a secondwith within a second so at that scale if uhthat application runs out of the cloud that I am handling so The latency of the storage has to be in milliseconds. Ithas to be in two or less than 2 millisecond. So we have to optimize to uh process around we are daily we are doing 200 million transactions. Uh and when it goes to peak uhevening time is the peak time from uh 6:00 to 8:00 that time the TPS goes around 8,000 to 10,000 transactions per second. So at that scale having that sub millisecond latency delivering end to end uh payment in within a second. So uh mean technology has to you can say come up to our scale todeliver. Uh so that is the key challenge for us that whatever we do uh that volume of uhwe can say the size of things makes uh things difficult for us. So and if we come to data management part same applies here we have a plethora of data pabytes of data and that data is very sensitive data it is customers data uh we are sitting on banks have mean more data than whatever is required in fact and the KYC is happening every uh 2 years interval uh lot of documentation for all uh processes so that um makes uh so mean mind-boggling data that managing that data, processing that data, analyzing that uhtaking decisions out of that data uh accuracy of that data. So many challenges related to uh because of the size because of the type kind of uh data we have andyou mentioned you built that private cloud environment MIGDU right um what what's the purpose of that is that for all of your internal is that forcustomers is that from the internal part of your business uh that is the internal part of the business uh um we are selling cloud to our internal IT departments uh as a service as like a service provider we are selling cloud to them so that they can host their applications on this cloud and so far uh we have done an amazing job uh almost 95% of the application of the bank runs out of this cloud>> is that a competitive environment you know can the business units go outside if>> sobusiness units have got an option they can run uh the their application on their own like they can have their own hardware own set of hardware they can manage from hardware to the application till the application layer everything they will manage uhso we sell them that if you come to cloud at least that hardware and the uh OS part everything infrastructure part of the IT we take care you just focus on the application part uh and you deliver value out of that so leave the infra to us so that way we have been selling it and uh now we are because of the value we are delivering internally uh management has come with a policy that is called cloud first policy. So before anyone can go out for any uh upgrade of the tech their infrastructure or new infrastructure first they have to come and uh take an approval from the cloud team that we cannot host it and we don't give that so uh another thing is that the kind of value cloud is delivering is humongous. uh I will say that with the 5% of the footprints in data center we are hosting around um half of the workloads of the bank so if you compare it with the cost that uh we would have invested in the physical hardware the ROI is around somewhere around 400%. around 400%. around 400%. And that's reachable because of the scale that you have right. >> Yeah.So the scale we have and uh NetApp is the partner for MDU cloud. >> Uh we are having pabytes around 25 pabytes of storage so far. How many? Sorry.>> Uh 25. Netup is like an uh extension of our team. uh whatever issues we have weuhyou can say solve it out as a team and uh as because we are serving the multitude of uh volumes. So that requires some special attention some strategies to of data placement for best performance. Uh we need to have a proper backup resiliency uh DR capabilities. So all that uhNetApp is there to help us and all that and uh we are thankful to them for all the services and we are doing good as a team so far. Thank you. So I'm guessing it was complex when you built the cloud. Um excuse me. What kind of uh really key data management considerations went into building Megd? Uh so the key considerations are that uh because it is a late adoption of the technology comparatively uh SBI is a 200 year old bank and uh technology you can say the computerization started in 1990s. So from there if you see the cloud has come in the last decade only. So it is a fairly uh you can say new baby in the within the IT of the bank. So we had a uh you can say uh time that we can set the policies and processes right with this new initiative. So accordingly we uh the very first thing that we did was uh we should have a proper data uh governance framework in place. Proper clear-cut policies uh clearcut data ownership uhthat who is going to own that data, how we are going to process that data and um uh what kind of analytics we are going to run on that what kind of infrastructure required for running analytics on that. So all these considerations we took while building WGDU>> uh and so far uh our data management practices have been working for us. Uh and now thelatest thing is that now AI is coming up. So we are also you can say testing the waters of AI that how it can help us. uh the one interesting aspect of uh AI is that now we are in a dilemma that how to ethically use the AI because the kind of uh insights it gives sometimes it looks like that whether you should use this information it will be ethical to use this information uh or not right you get a lot of uh I'm going to do it again you get a lot of insight into your customer data that perhaps yousay you perhaps see too much Yeah.>> Right. >> Right. >> Right. >> So likewe know where the customer is spending the money. So thatitself is a great insight. >> Yeah. Where you are going, where you are spending uh andso it kind of leads into the next question, right? So obviously for a financial services industry or you know bank, a bank in your case, there's a lot of regulatory oversight, there's a lot of compliance. Uma and then I guess as you're building out and you're looking at AI uh do you have a lot of additional challenges in that space because you're a bank how do you cope with that? >> Yes we are you can say highly regulated uh industry and regulators uh nowadays I will say are going over the top government is bringing uh you can say new rules related to privacy. Similarly the banking regulators are coming up almost on you can say quarterly basis they are coming up with new policies new uh instructions circulars regarding the privacy and safety of customers data. So that puts a lot of stress on us to uh cope up with that and uhmanage the data according to the set of policies coming up. To handle that uh we have set up a data management office uh particularly for uh handling the regulatory part of the uh requirements and thedata management office uh takes out the means sets the processes the ownership the uh the compliance part of it and theytake care of this initiative but this itis a you can say quite hectic task andyou're using uh another shameless plug here. You're using that at managed services as well, right? Um how well do they assist you on this journey, good or bad, right? Um a and what expectations do you have of us in that sort of uh pre or post sale environment with regards to your business? So uh our expectation from uhNetApp is thatdata should be uh you can say first and foremost is that it has to be stored safe and securely. Uh it has to be uh you can say tiered properly and the data should be uh you can say properly backed up. It should be uh having proper resiliency. It has to serve 24x7 accordingly. the it should have not should have it must have the uh DR capabilities and the safety security and the another thing that nowadays is coming up regarding the security of data at a storage level uh ransom especially related to ransomware attacks. So uh we reached out to them and uh thankfully NetApp has a solution for protection against uh ransomware. So we are evaluating that and mean in the process of implementing that. >> That's great. Thank you very much man. I'm going to move to Mr. Philip Krenshaw next. Um next. Um and Philip you know based on your history or I guess your experience as both a service provider and a customer. Umso a different type of question. How do you perceive the role ofservices in enhancing risk management? Right. I think it's relevant towhat Ben and Reesh were talking to as well. Uh but in the context of data management and security, how do you perceive the role of services in enhancing risk management?>> Yeah, thanks Mike. Um one thing that uh I failed to mention when I was doing my intro was the level of partnership that we actually have. I mean I just wanted to point to something as well. probably the reason why I have the NetApp socks on but um we're actually a partner in many aspects. Um we actually have joint offerings together in the managed services space. We're a subscriber to Keystone. We actually resell Keystone. Um we do implementations, installations, we do migration, automation, consulting. So we're sort of a 360 degree kind of partner uh and uh customer all at the same time. But toanswer your question in terms of services and the importance of you know risk management, data management um I feel ne was sitting here next to my neighbor talking about all the size and scale I just wanted to point out one customer uh in particular without mentioning their name of course but we've done managed services at scale for you know applications that push a trillion dollars in US dollars around the world on a nightly basis. Um, but that's the closest I can come in any kind of scale conversation with you. But,anyway, so we take data management, risk, security, privacy. We take that very seriously. Um, I'm going to break it down in terms of how CGI views our own services portfolio and how we go to market. Um, we break our services down into business and IT sort of strategic consulting around IT consulting, um, intellectual property and then managed services. So from a business uh strategy and you know consulting standpoint, we have an offering where we go in and work with our clients to help them sort of the tip of the spear with a digital riskmanagement advisory service. And as part of that, you know, wecome up with an integrated risk management plan that you know provides a view of the security risks along with, you know, the current maturity um and a path to get to a higher level of maturity. Um we come away with privacy and compliance assessment as well and in addition um a cyber security crisis preparedness plan too so that the customer can use templates that we have response actions and things like that to address issues as they arise because there's always going to be something that's going to pop uh um you know at any uh any given time that is not caught. from an IT consulting more strategic IT consulting standpoint wanted to point out in terms of our partnership with our friends um at NetApp we leverage cloud insights which is one of the platforms that NetApp has that comes uh that they bring tooffer that um really helps us in terms of working with customers to analyze their infrastructure environment um find a lot of insights in terms of the data we can employ you know end toend encryption we can you know employ secure access things like that and also support you know even you know ransomware um issues as well and you heard some good news on where some things around ransomware are going in the last couple of days also even around Keystone there's embedded security and data privacy um elements to Keystone that comes out of the box as well and we're happy to be a part um or a partner around Keystone as well. So, one thing that I'd also like to point out, and we've got some of our folks in here that actually manage this uh sort of ourcloud practice is our PACE solution, which is our portfolio assessment cafe. And when you're talking data, it's hard not to talk applications and of course the supporting data underneath, but the application itself is really data that's running onNetApp. Um, oftentimes and one of the things that we come to market withthese solutions, it's sort of a mix of different platforms as well. Some are IP and some are partner IP. But what we can do is actually um measure and guard against um secure coding practices by uh you know developers that are working on a client um project, working on our internal projects, things like that. Um we can proactively guard against open- source vulnerabilities as well, which is something that's impacted some of our lar one of our large particular credit um bureaus in the states in the past too. Um and also one of the things that Gan um Jen Easterly brought up um you know the director of CISA as part of the Keystone on the first day that we were here um she was talking about an executive order that happened back in 2021 and part of that executive order was a directive that anyone doing work with the federal government in the US at least has to provide an SSBOM. Um and maybe you guys know what a an SBOM is but effectively it's a software bill of materials. So you have to provide insights into what all is included in that application, what all you're actually providing back to the federal government. Um, companies are now employing this approach as well. And we have a way that automates the process of grabbing, you know, that information and providing that sbomb back to the customer. And it helps guard against, you know, licensing issues with um various um parts of the application and source code, but also particularly in the area of open-source vulnerabilities as well. Um and that um the full um inventory of the third party components comes out with that as well as you know um another aspect of what we can do too in the way we actually analyze the applications in terms of risk management against security issues is taking into account um the top seven OASP issues that are impacting applications and impacting data. Um, and it's the more the seven uh top ones that are out there that um actually um include, you know, cross-sight scripting and s SQL or SQL injection as well. And um we can demonstrate this and I'm looking over at one of my partners here at NetApp. We can actually demonstrate, you know, the cloud insights, you know, approach that we take and the benefits thereof along with pace andwhat we bring to the table with some of our platforms in terms of an advisory workshop. So that sort of goes in the tip of the spear, you know, sort of business strategic IT consulting element. Uh the next piece and I'll be brief for the last two elements of our services, Mike. But um the second piece is our intellectual property. So CGI is effectively a software um you know customerf facing software company inside of a large SI. So about 20% of our global 12 billion in revenue is derived from products applications that we actually sell to industry. And we take the same approach as far as you know watching for security, watching for um you know um privacy associated with those applications. We have SAS platforms as well. So we're constantly um drinking our own champagne so to speak as far as what we go to market with around our pace platform and some of those platforms. We're constantly monitoring our 400 global IPs that we actually go to market with and ensuring uh you know that they're secure and uh and how we're doing that. Um the last piece is around managed IT and I think the key thing here is more managed security services is one of the offerings too and whether it's a CGI that youactually turn to or another SI it actually can benefit you know companies a great deal leveraging a company or an SI that actually has resources in a group that focus on nothing else but you know keeps them up every single day as far as security data privacy uh those kind of needs cyber security and that's what we have in you know multiple you know strategic business units around the globe for CGI and we see a lot of benefit in working with our customers around you know outsourcing that function for a lot of the tactical especially the tactical needs the day-to-day needs and uh it allows the customers to focus more so on their strategy and how they go to market. I want to go back to just abig sorry I want to go back to the beginning part ofthe first part of your three-part answer right um anybody remember what that was um butyou were talking about you know a sort of a I guess a systematic or a systemized oran automated risk management system question for Ben andReesh as well is in your respective organizations when you talk about risk management I've seen organizations do it and sort of vast spreadsheets that they've accumulated sort of data points or question points or inspection points over time. Uh other organizations turn to external sort of packaged applications. Without I guess sharing too much um Ben andRees in that order, how do you approach risk management? Is it a sort of a deeply manual sort of book of knowledge built over time process? Yeah, I think like forus at the moment and where we are on our level of maturity in terms of risk management. Um, you know, it is manual but it is uh improving as in we're implementing a proper GRC system this year. Um we have essentially a distributed risk management framework where you have I guess a sort of organizational level risks uh but also you know getting down into the different parts of the business andbusiness units that have their own sort of risk registers uh and um their own sort of uh I guess governance forums to make sure that we're staying on top of that risk. Where does data management fall within that? Is it sort of the application within a BU? They're responsible for identifying risks there or is it you know horizontally owned by theapplications team or the infrastructure team?>> Yeah, I guess itsort of varies frompart of the business to the part of the business. Uh but essentially, you know, whether it's data risk, technology risk orum you know, reputational risk, it's all risk, right? And we all manage that and think about that, I guess, in a consistent way. And we've got a framework through which we I guess classify andscore that and yeah okay reesh any anything to so be being a bank uh we have to have a uh proper risk management framework and accordingly uh bank is having a vertical specializing in risk management. that vertical further bifurcates into business risk management and IT risk management and then IT risk management division uh have further subdivisions for managing different kind of uh risk associated with IT. So it is a quite elaborate lengthy uh mix of uh automated and manual processes wherein uh we assess the risk, we uh register the risk, we convey the risk and then uh either mitigate the risk or accept the risk. So we have quite uh elaborate risk management framework in the bank uh because uh of the uh the kind of data we have. So itis a you can a very uh lengthy and elaborate process in the bank and rich and rewarding as well. >> Yeah.>> So Philip sorry to hijack your point but it was interesting as you were talking about that uh because you were talking about risk management, data management and then up into applications. I just it was useful. >> Yeah.One thing too I just wanted to note on that same topic. We actually have systems now at CGI where any deal in the company of any magnitude that we're doing for a customer has to go through a data uh what is it? Data security gosh I just lost it. DPSC data protection and security assessment. So there we go. Thanks a lot. Appreciate the help from the audience there. Um but yeah, everysingle deal of any magnitude has to go through that process and then it's monitored by our engagement assessment services on a monthly basis monitoring ifanything goes ary. So that's where that comes in. >> [clears throat] >> So Philip fill it back to your questions. You might have answered part of this, but I was looking for just to share with the audience uh online and in the room examples or experiences we're leveraging, you know, services cuz we talk about our, you know, our services partnership. Where's it resulted in improved uh risk mitigation or improved or strengthened security? Anything you can kind of point at? Yeah, absolutely. Yeah, absolutely. Yeah, absolutely. So ifany of you have sat through a CGI overview presentation of any kind or know anything about our company, our bible so to speak or our main point of reference for the company in terms of best practices andhow we go to business or how we go to market is called our management foundation. And so as part of our management foundation, we have enterprise risk associated with that. We have security policies and these are constantly evolving based upon what we learn in the marketplace andwhat we take back from our client base as well. Um wehave a lot of things to point to over time as far as wins with customers as far as seeing where we've uh you know made improvements for those customers in terms of theirsecurity posture. But um I'll give just one quick example as far as a large pharmaceutical company that we were working with or that we worked with in the past uh in North America. Um they were having security issues had a sort of weak security posture. Um obviously I'm not mentioning the name but uh they asked us to come in and wedid we went in with our some of our security professionals andhelp them in terms of identifying um the risk and the gaps and a lot of that usually boils down to governance um you know as far as alignment, responsibilities, alignment, responsibilities, alignment, responsibilities, accountability and so um really helped them create that governance framework in addition to you know just better understanding risks and things like that. um came up with detailed policies. And the detailed policies aregood in terms of working with um aconsulting partner because they're probably going to have a lot to leverage from lessons learned from prior engagements and then developing that risk management framework um you know andcompliance assurance that goes along with that. Um and then for this particular customer, we did do a managed um security services for them and um continuing that today, but it's really helped position them better posture-wise. Thank you. Now I'm conscious of the fact that uh this session is between us and everybody going to lunch, right? So I've got what one more question. I thought I said something wrong. M [laughter] I got one more question for you andthen we'll have some uh Q&A time ifwe need. So this is foryou as a customer, right? Where have you seen datadriven insights? George, you know, spoke a lot about that, right? Where have you seen datadriven insights influence decision making and outcomes inyour organization? Got it. So, this one's an interesting one because it's an area where we've partnered again with uh with our friends at NetApp as far as putting together a more closely coupled advisory workshop or an advisory service forcustomers. And what we tried to do is take a top down bottoms up approach leveraging the best of both companies. uh NetApp has IP that really helps us in terms of analyzing infrastructure, analyzing the data, making decisions around security, securization of that data, categorization of the data, SLAs's around the data. Whereas CGI comes in also we have tools around infrastructure but also we bring in tools on the application and the data side as well as far as analyzing the things that I was talking about earlier with our pace tool that we have and um uh you know doing things like uh partnering with customers around their cloud strategy. Um and it helps to have both views sort of that top down andbottoms up kind of understanding. One of the tools we actually have uh it can help our customers um complete an automated five R segmentation. So rehosting, refactoring um whatever the other three Rs in terms of the way that um applications areselected in terms of what you're going to do with them next as far as the next steps. Um that is actually an automated uh thing that we can do with some of the tools that we bring to the table. Also we can analyze applications in terms of the you know the data of the cloud readiness with the source code things that can help you get there things that are going to be a hindrance to getting you to the cloud as well and also do a double check on um you know where you are in your cloud journey as well. Okay thank you mate thank you that that'sall the questions I have. I did want to leave uh some time for any Q&A from the audience. Ifanybody has any questions forany of the panel or myself and unless I get three questions, I'm going to pick two people. I'm just kidding. Um all right. Well, if we don't have any questions, uh Ben Rees, Phillip, thank you very much for coming to Insight. I hope you've enjoyed it. Thank you very much for being on the panel and sharing some of your experiences. Much appreciated. Thanks for having us, Mark. Thank you.