RSA Conference 2024 | theCUBE Insights, Day 2

Clips
News
More from RSA Conference 2024

Howie Xu

Chief AI & Innovation Officer

Gen

Dave Vellante

Co-Founder & Co-CEO

SiliconANGLE Media, Inc.

GPU glut and quantum shift: theCUBE talks tech insights from RSA Conference

The convergence of cutting-edge technology, strategic cybersecurity and other tech insights are top of mind for company striving to successfully navigate today’s evolving business ecosystem.Members of theCUBE Collective, including Howie Xu (pictured, center), AI executive and host of “Byte Into Future,” talked about some of the insightful discussions and innovative solutions brought forth at this week’s RSA Conference. Discussions included lively debates on tech dominance and reflections on RSA Security LLC’s role as a catalyst for innovation delving into the tech landscape’s most pressing questions

play_circle_outline The potential for a new inference architecture from NVIDIA

play_circle_outline Exploring the Vast Opportunities in Securing Critical Infrastructure Amidst AI and Cybersecurity Challenges

play_circle_outline The need for better solutions in protecting AI-generated content

Info

theCUBE Insights, Day 2

Howie Xu

Chief AI & Innovation Officer Gen

Dave Vellante

Co-Founder & Co-CEO SiliconANGLE Media, Inc.

HOST

search

>> Hey, welcome back to RSA 2024. Come on inside theCUBE. We're here at Broadcast Alley. These are my favorite segments with some of my favorite people, theCUBE Collective. Folks coming in, bringing in the independent perspectives. Howie Xu, who is the host of Byte Into Future, a new program that he's starting. Of course, a friend of theCUBE. Great to see you. Stanford lecturer, formerly Palo Alto, formerly Zscaler, AI visionary. Great to see you. Sarbjeet Johal, founder, CEO, principal analyst at Stackpane. Also, a member of theCUBE Collective. Guys, thanks so much for making some time at RSA. Okay, first question. Is NVIDIA... I'm laughing. Is NVIDIA Cisco or Google?

Sarbjeet Johal

>> More towards Google. A little bit of Cisco, more of Google. Which I actually hand-painted, that graphic.

>> The slider?

Sarbjeet Johal

>> Yes. And I tweeted that, right?

>> Yeah.

Sarbjeet Johal

>> So, that's how I think-

>> We did a funny little... I don't know if you saw it, my... What do you think?

>> Cisco, if... Most likely. However, if Jensen Huang is going to be healthy running the company for the next 15 years, they have a chance to be the Google.

>> Because... Okay. So it's a founder led-

>> It makes a huge difference.

>> So if this all happened 10, 15 years ago, you would be leaning more toward Google?

>> Yes.

>> Very interesting. That's a new perspective we hadn't heard. Crawford Del Prete, the CEO of IDC. He's actually president, but they just gave him the title.

Sarbjeet Johal

>> IDC. IDC. The President of IDC.

>> He's president, but they should make him CEO, don't you think?

Sarbjeet Johal

>> Yes.

>> Anyway, he functionally is.

Sarbjeet Johal

>> Oh, yeah.

>> Anyway, he weighed in and said that it's really like the "Wintel" duopoly.

Sarbjeet Johal

>> I know.

>> That that was, in his opinion, the best example. I said, "What about Apple?" He said, "No, Apple's a closed system." Wintel was such a de facto open. What you think about that?

Sarbjeet Johal

>> I think there's no direct analogy, to be honest with you. You know why?

>> Of course. Yeah.

Sarbjeet Johal

>> Because it's a new paradigm in computing. It's a shift. Yesterday, I was thinking hard about that sort of on those analogies and then I thought like, okay, we have this binary computing, zeros and ones, right? And we have, on the other side, we are waiting for quantum to happen. This thing is somewhere in between. You throw a computer at more zeros and ones, like a frantic dance of zeros and ones. That's what it is, right? So you are unleashing the compute on top of data, and then you're trying to find the probability... You unleash the probability marathon on that data and then get the results back. So it's a new paradigm shift, I think. You can't compare it to the existing stuff.

>> I think it's comparable. So in the 90s, we over-brewed the internet. Cisco bought all those optical stuff. And then not just Cisco, right? UUNET. By the time of the dot-com crash, the internet, the backbone utilization was very, very low. And I think because at the time towards the end of the 90s we thought, okay, not enough. Within two years we thought, okay, we over-brewed it. I think this is exactly happening, right? The last two years, we couldn't buy enough of the H100, A100. Now with the H200, with the next generation, I think in two years we are going to see we have GPU glut. Now the GPU glut not because we cannot find the application to consume that, there will be other bottlenecks, right? Space, cooling, energy.

>> Power, yeah.

>> So once we see that being the bottleneck, we'll see that we over-brewed GPU capacity.

>> An interesting take. If we don't have a glut in GPUs, this will be the first time in the history of semiconductors that we didn't have cyclicality. So one would expect that would be the case.

>> We will see that. I think history always repeats.

>> Yeah, it's very hard to predict exactly when, so. But you're right, the past is not prologue, but there's a pattern there.

Sarbjeet Johal

>> I want to qualify my statement, I want to defend against your objection.

>> Yeah, get into it.

Sarbjeet Johal

>> And that is, that is like... I'm saying that that form of computing will be prevalent. But NVIDIA, what role NVIDIA plays and if, what competitors come in and then they take the fair share, that still remains to be seen I think. Yeah. But as you said, if NVIDIA focuses on the software and the software stack, they will do much better.

>> So let's take really simplistic training and inference.

Sarbjeet Johal

>> Yeah.

>> In training, I feel like NVIDIA's got a moat that they'll be able to protect for a while.

Sarbjeet Johal

>> For a while.

>> I just don't see Intel or AMD really attacking that. They, I think, will enjoy a large market share. It'll go down from a hundred percent, but still. The inference is interesting. Apple's going to get into the space. One other thing, the hyperscalers. They're all going to have their alternatives to run cheaper workloads.

>> Yes. And plus, a different architecture may actually do the inferencing better, faster. Like you see Groq, right? It's a different architecture.

>> So this is what I want to get to, Howie. Word is NVIDIA's working on a new inference architecture. There's no reason they can't. They were early on in Arm. So they got some experience there. They're actually really good chip designers. Do you think they have the mentality to do inferences, or is it their DNA? And like you heard Jensen at GTC, "We need bigger chips, we need bigger GPUs." What do you think?

>> Look, inferencing... And I gave the example of Groq. Who knows? Groq may be a better architecture for lower latency, faster turnaround of all the ChatGPT stuff.

>> Yeah.

>> I think the jury's still out there, but I think other guys have a chance, at least to your point.

>> Yes.

>> I think the training for the next few years, they pretty are much not just better at hardware/software, they pretty much got their whole ecosystem locked in, right? I don't know how much you have heard about this HBM stuff, right?

>> Oh, yeah. It's true.

>> High bandwidth memory.

>> High bandwidth memory is like .

>> They literally got their entire ecosystem, the supply and the demand stuff all locked in. So even if AMD or the rest of the guys are able to do better technology, it's a little bit too late. But for the inferencing, I think that, yes, I see the potential.

>> Let's talk about RSA since we're at RSA. Trip Report, what have you seen? Have you been over to the show floor?

Sarbjeet Johal

>> Yeah, I made a quick round like two and a half hours.

>> It's packed, right?

Sarbjeet Johal

>> It's packed. Yeah, it's condensed and packed. And lots of new startups. As you did the analysis, your analysis a couple of weeks back, like how the vendor busyness is there, right? So it's crazy out there. But at the same time, the acquisitions are happening. So I saw Broadcom, Carbon Black, small logo, they're a big Broadcom. And then Cisco has Splunk. And all these big guys are coping anything which is decent and business-wise, right? They're buying the market share. So they're solidifying their market share. That's what I see.

>> I had predicted VMware was going to de-lever Carbon Black.

Sarbjeet Johal

>> Carbon, yeah.

>> And I don't don't know what happened. We talked about it on theCUBE pod. I don't know if they didn't get the price or they feel like they can maybe make some investments and get a better price. That surprised me. Because they got to de-lever. Hock Tan said, "We will de-lever." And they have been doing it, so.

Sarbjeet Johal

>> Yeah, they have Symantec on one side and then Carbon Black on the other.

>> Yeah.

Sarbjeet Johal

>> And there's no mention of VMware. I was sad to see that because I'm ex-VMware. I was like, where's VMware logo?

>> Yeah, you guys are both ex-VMware, right?

>> Yes. Yeah.

Sarbjeet Johal

>> Yes.

>> . Yeah. We've done so many Vmware, explorers in VMware. I feel like you're like, 'we're ex-VMware, we're still VMware though.' So hopefully, we'll be there this year. So what about the show for you? What have you seen? Any takeaways?

>> It's more or less the same, right? Lots of the vendors, it's hard to differentiate among them. It's funny that I brought in a friend who's not in the cybersecurity industry. He just said, "Hey, I saw so much news, can you bring me to the expo?" I said, "Sure." He got into the show for two hours and then came out, and he said, "They all look the same. They all say the same thing." So I think this is that. I think one of the interesting thing is how people are leveraging. Clearly, RSA is the biggest conference for cybersecurity, right?

>> Right.

>> But how people are leveraging this conference is, there is a lot of innovation. I just told you, a lot of companies, they may not have as big a presence, like Palo Alto Networks, in the show. But actually outside the show, around the show doing a lot of the things to maximize the return on investment. So RSA is still the center of the universe in terms of the customer come here every year. But how do you get the most out of it? There is a lot of innovation out of it.

>> Yeah. So I think part of the challenge here, as you guys will know, we all talk about just so many tools, so many different things. But you look at this survey that we did. Look at the priorities. Everything's a priority. What are your top priorities? We got 10. And there's probably another list of 15 that they could mention. So this is why CISOs don't sleep at night. They got 15 priorities. So they have none. Do you ever see that changing?

>> I think a lot of that is just the mentality, the culture of the CISO, right? The best of breed is still pretty much... Most of them have, right? Now of course, Palo Alto Network and then maybe some other companies started talking about platform strategy. But if you ask a CISO today, if you do a poll today, still majority of them are kind of like a best of breed camp.

>> Yeah, totally.

Sarbjeet Johal

>> Yeah. Think about this, what don't you need to protect? Everything, you need to protect everything. End user device, the user's mentality, users needed training, the password hygiene. Every touch point needs to be protected. Your system is as secure as the weakest link is. So that's why the sprawl is in increasing. The Target hack happened through the HVAC. They were fixing their AC and they will go through that system to go into their network and install all that data, right?

>> Yeah.

Sarbjeet Johal

>> So you have to be cohesive. And there's no shortage of connected things going forward. More and more -

>> Critical infrastructure.

Sarbjeet Johal

>> Yeah.

>> We've had a lot of conversations this week about critical infrastructure and how vulnerable it is.

>> Yeah. To be clear, there is a value for platform, right? Because you want all the data to be connected so that there's not too many silos. The fact that you have 50, 100 solutions, that itself is a problem. So I think Nikesh from Palo Alto now has been talking about platformization. I think there is a lot of the good intent, and I think that there's a value in that. But whether the industry is moving fast enough towards that direction, I think we'll see in the next six to 12 months.

Sarbjeet Johal

>> Yeah. Talking about the infrastructure, I stopped by the FBI's booth. And Homeland Security is next to them as well over there. So they have a project called InfraGard where they have created a consortium of private companies working with the FBI. The FBI leads that sort of initiative, InfraGard, to protect the critical infrastructure of the US. So they are grappling. Government entities are ... Those institutions are grappling the same way what private companies are grappling with the security staff.

>> It's a new beast though. The whole IT/OT schism and the cultures of engineering versus sort of ITOps, the connected infrastructure. Now you got AI coming in on top. So the other part of that question is, it smells like opportunity to me, Howie. It's like a lot of money to be made securing that critical infrastructure. How big do you think that market is? This would be a great David Floyer question. If you had the TAMs, you got the existing cyber security market, let's call it 150 billion. I don't know.

>> Close to 200 billion now.

>> Let's call it 200 billion then.

>> And then half is service and half is product, roughly speaking.

>> Yeah. Okay. So that's about right for any market. Service dominates. And then is securing critical infrastructure, but I know it's part of that 200 billion, but is the opportunity, the TAM... How much bigger is it? Is it double? Is it 10% bigger? Is it triple? How should we think about that?

>> Well, anytime we have a new technology, new platform, new vector, you need a new budget, a new technology, a new solution, right? I don't know it's going to... AI is going to double the security budget or security spend for the next few years, but it's going to be increasing. But the other thing is, you and I discussed that, we looked at some research, right? I think at this moment, people are still learning. We did a poll of hundreds of people, roughly 62% of people come to RSA to learn what's the implication. They're not ready to pull the trigger to buy anything yet. The budget or the spend, the implication may happen six months from now, or 12 months from now, or maybe even longer. But I think it's going to happen. But right now, people are still learning and watching.

>> Yeah. You say you've come to this show a lot, so you're sort of jaded. But the one difference that I've noticed between this year and last year's, last year was a lot of talk about GenAI. It was more GenAI, the attackers using GenAI to write better emails. Using GenAI to orchestrate things like... We hadn't seen Charlotte yet, but stuff like CrowdStrike. It's stuff like that. But we were talking about how it could change the SOC analyst experience. Today, this week, we're hearing much more about, 'well, AI creates new exposures, and we need security for AI.' And that's a different way to think about things. And so language is going to be secured differently.

Sarbjeet Johal

>> If you are using voice to enter a system or face, or... You can create fake identities of people like this with GenAI. So the social engineering part of the security, sort of hackers, they are, it gives them a lot of ammunition to throw out the good guys.

>> And then there's a reason that this year's first place of the innovation sandbox is a company that's a solution for that, right. Reality Defender. So for a faked image, a faked voice, it's going to be a bigger and a bigger problem.

Sarbjeet Johal

>> That will increase TAM. And I think your question was protecting critical infrastructure.

>> Yeah, yeah. .

Sarbjeet Johal

>> How much do we add which model? I think maybe 30 to 35%, easily, because we need to think a lot more about critical infrastructure now going forward. Yeah. China is our main adversary, and they're attacking us every day.

>> Government's going to do a lot of that spending.

Sarbjeet Johal

>> It's just national security. It goes into national security. Anything goes into that bucket. There's a sense of urgency. And when there's a sense of urgency, money flows there.

>> Yeah.

>> And it's a tough problem to solve. For instance, even at a show this morning, I saw a startup doing things like, hey, any person can ask a question, what is the company's revenue? But not everyone should get the answer, right? You need some access control. But today, a larger language model is not very good at it. So you need to do certain arts and then things. But the reality is, we don't have a sophisticated enough solution for that.

>> Yeah.

>> We can probably get it 80% right, 90% right. But the last 10, 20% is difficult.

>> So we got to wrap. But, so tell me about this Byte Into Future. What is that all about, your new program?

>> This is about learning new things. Silicon Valley has so many entrepreneurs. I wanted to talk to the entrepreneurs, some of the senior executives, some of them learned so much. I wanted to talk to them from technology point of view, from entrepreneurship point of view, so that we, using your word there right, open source the learning so that the community can benefit from that.

>> Awesome.

>> And a part of the reason I did this Bite Into Future was inspired by theCUBE, so.

>> Yeah. Fantastic. Good. Good. Well, we'd love to have more content that's open in the market. So congratulations on getting that off the ground. Sarbjeet, it's music to your ears, obviously. This is what you do.

Sarbjeet Johal

>> Yeah, that's what I do. Actually, our thinking sort of matches. That's why I am with you guys all the time.

>> Yeah. , aren't we?

Sarbjeet Johal

>> Wherever you go, I am there. So yeah, I think the narratives are important. In the security sort of space, we are never a hundred percent secure. The minute you leave home, somebody can hit you, a car can hit you. You are never a hundred percent secure. So it's more about the risk management. I think if you rename security as risk management, you'll spend it differently, you will plan differently. So that kind of... I think just taking a look at the problem from a different angle, that's very important. I think we can save a lot of money, and agony, and frustration in many different parts of the technology stacks if we look at the problem from economic angle, from practitioner economics angle versus the vendor economics. We talk about that, right?

>> Yeah, yeah.

Sarbjeet Johal

>> So yeah, I'm doing that. So thanks for giving me the platform always.

>> Yeah. Always, guys. .

>> And one last plug. Tomorrow, the Reality Defender Founder-CEO, the winner of the Sandbox contest would come to my show, Byte Into Future, at New York Stock Exchange, live.

>> Phenomenal.

Sarbjeet Johal

>> Nice.

>> I can't wait to see that on social. Guys, great conversation as always. You're always welcome here. I really appreciate your partnership. John and I really value that, the entire CUBE team does as well. So thank you. Okay. And thank you for watching. Keep it right there. We'll be back with Jay Chaudhry right after this break.

theCUBE Insights, Day 2

search

>> Hey, welcome back to RSA 2024. Come on inside theCUBE. We're here at Broadcast Alley. These are my favorite segments with some of my favorite people, theCUBE Collective. Folks coming in, bringing in the independent perspectives. Howie Xu, who is the host of Byte Into Future, a new program that he's starting. Of course, a friend of theCUBE. Great to see you. Stanford lecturer, formerly Palo Alto, formerly Zscaler, AI visionary. Great to see you. Sarbjeet Johal, founder, CEO, principal analyst at Stackpane. Also, a member of theCUBE Collective. Guys, thanks so much for making some time at RSA. Okay, first question. Is NVIDIA... I'm laughing. Is NVIDIA Cisco or Google?

Sarbjeet Johal

>> More towards Google. A little bit of Cisco, more of Google. Which I actually hand-painted, that graphic.

>> The slider?

Sarbjeet Johal

>> Yes. And I tweeted that, right?

>> Yeah.

Sarbjeet Johal

>> So, that's how I think-

>> We did a funny little... I don't know if you saw it, my... What do you think?

>> Cisco, if... Most likely. However, if Jensen Huang is going to be healthy running the company for the next 15 years, they have a chance to be the Google.

>> Because... Okay. So it's a founder led-

>> It makes a huge difference.

>> So if this all happened 10, 15 years ago, you would be leaning more toward Google?

>> Yes.

>> Very interesting. That's a new perspective we hadn't heard. Crawford Del Prete, the CEO of IDC. He's actually president, but they just gave him the title.

Sarbjeet Johal

>> IDC. IDC. The President of IDC.

>> He's president, but they should make him CEO, don't you think?

Sarbjeet Johal

>> Yes.

>> Anyway, he functionally is.

Sarbjeet Johal

>> Oh, yeah.

>> Anyway, he weighed in and said that it's really like the "Wintel" duopoly.

Sarbjeet Johal

>> I know.

>> That that was, in his opinion, the best example. I said, "What about Apple?" He said, "No, Apple's a closed system." Wintel was such a de facto open. What you think about that?

Sarbjeet Johal

>> I think there's no direct analogy, to be honest with you. You know why?

>> Of course. Yeah.

Sarbjeet Johal

>> Because it's a new paradigm in computing. It's a shift. Yesterday, I was thinking hard about that sort of on those analogies and then I thought like, okay, we have this binary computing, zeros and ones, right? And we have, on the other side, we are waiting for quantum to happen. This thing is somewhere in between. You throw a computer at more zeros and ones, like a frantic dance of zeros and ones. That's what it is, right? So you are unleashing the compute on top of data, and then you're trying to find the probability... You unleash the probability marathon on that data and then get the results back. So it's a new paradigm shift, I think. You can't compare it to the existing stuff.

>> I think it's comparable. So in the 90s, we over-brewed the internet. Cisco bought all those optical stuff. And then not just Cisco, right? UUNET. By the time of the dot-com crash, the internet, the backbone utilization was very, very low. And I think because at the time towards the end of the 90s we thought, okay, not enough. Within two years we thought, okay, we over-brewed it. I think this is exactly happening, right? The last two years, we couldn't buy enough of the H100, A100. Now with the H200, with the next generation, I think in two years we are going to see we have GPU glut. Now the GPU glut not because we cannot find the application to consume that, there will be other bottlenecks, right? Space, cooling, energy.

>> Power, yeah.

>> So once we see that being the bottleneck, we'll see that we over-brewed GPU capacity.

>> An interesting take. If we don't have a glut in GPUs, this will be the first time in the history of semiconductors that we didn't have cyclicality. So one would expect that would be the case.

>> We will see that. I think history always repeats.

>> Yeah, it's very hard to predict exactly when, so. But you're right, the past is not prologue, but there's a pattern there.

Sarbjeet Johal

>> I want to qualify my statement, I want to defend against your objection.

>> Yeah, get into it.

Sarbjeet Johal

>> And that is, that is like... I'm saying that that form of computing will be prevalent. But NVIDIA, what role NVIDIA plays and if, what competitors come in and then they take the fair share, that still remains to be seen I think. Yeah. But as you said, if NVIDIA focuses on the software and the software stack, they will do much better.

>> So let's take really simplistic training and inference.

Sarbjeet Johal

>> Yeah.

>> In training, I feel like NVIDIA's got a moat that they'll be able to protect for a while.

Sarbjeet Johal

>> For a while.

>> I just don't see Intel or AMD really attacking that. They, I think, will enjoy a large market share. It'll go down from a hundred percent, but still. The inference is interesting. Apple's going to get into the space. One other thing, the hyperscalers. They're all going to have their alternatives to run cheaper workloads.

>> Yes. And plus, a different architecture may actually do the inferencing better, faster. Like you see Groq, right? It's a different architecture.

>> So this is what I want to get to, Howie. Word is NVIDIA's working on a new inference architecture. There's no reason they can't. They were early on in Arm. So they got some experience there. They're actually really good chip designers. Do you think they have the mentality to do inferences, or is it their DNA? And like you heard Jensen at GTC, "We need bigger chips, we need bigger GPUs." What do you think?

>> Look, inferencing... And I gave the example of Groq. Who knows? Groq may be a better architecture for lower latency, faster turnaround of all the ChatGPT stuff.

>> Yeah.

>> I think the jury's still out there, but I think other guys have a chance, at least to your point.

>> Yes.

>> I think the training for the next few years, they pretty are much not just better at hardware/software, they pretty much got their whole ecosystem locked in, right? I don't know how much you have heard about this HBM stuff, right?

>> Oh, yeah. It's true.

>> High bandwidth memory.

>> High bandwidth memory is like .

>> They literally got their entire ecosystem, the supply and the demand stuff all locked in. So even if AMD or the rest of the guys are able to do better technology, it's a little bit too late. But for the inferencing, I think that, yes, I see the potential.

>> Let's talk about RSA since we're at RSA. Trip Report, what have you seen? Have you been over to the show floor?

Sarbjeet Johal

>> Yeah, I made a quick round like two and a half hours.

>> It's packed, right?

Sarbjeet Johal

>> It's packed. Yeah, it's condensed and packed. And lots of new startups. As you did the analysis, your analysis a couple of weeks back, like how the vendor busyness is there, right? So it's crazy out there. But at the same time, the acquisitions are happening. So I saw Broadcom, Carbon Black, small logo, they're a big Broadcom. And then Cisco has Splunk. And all these big guys are coping anything which is decent and business-wise, right? They're buying the market share. So they're solidifying their market share. That's what I see.

>> I had predicted VMware was going to de-lever Carbon Black.

Sarbjeet Johal

>> Carbon, yeah.

>> And I don't don't know what happened. We talked about it on theCUBE pod. I don't know if they didn't get the price or they feel like they can maybe make some investments and get a better price. That surprised me. Because they got to de-lever. Hock Tan said, "We will de-lever." And they have been doing it, so.

Sarbjeet Johal

>> Yeah, they have Symantec on one side and then Carbon Black on the other.

>> Yeah.

Sarbjeet Johal

>> And there's no mention of VMware. I was sad to see that because I'm ex-VMware. I was like, where's VMware logo?

>> Yeah, you guys are both ex-VMware, right?

>> Yes. Yeah.

Sarbjeet Johal

>> Yes.

>> . Yeah. We've done so many Vmware, explorers in VMware. I feel like you're like, 'we're ex-VMware, we're still VMware though.' So hopefully, we'll be there this year. So what about the show for you? What have you seen? Any takeaways?

>> It's more or less the same, right? Lots of the vendors, it's hard to differentiate among them. It's funny that I brought in a friend who's not in the cybersecurity industry. He just said, "Hey, I saw so much news, can you bring me to the expo?" I said, "Sure." He got into the show for two hours and then came out, and he said, "They all look the same. They all say the same thing." So I think this is that. I think one of the interesting thing is how people are leveraging. Clearly, RSA is the biggest conference for cybersecurity, right?

>> Right.

>> But how people are leveraging this conference is, there is a lot of innovation. I just told you, a lot of companies, they may not have as big a presence, like Palo Alto Networks, in the show. But actually outside the show, around the show doing a lot of the things to maximize the return on investment. So RSA is still the center of the universe in terms of the customer come here every year. But how do you get the most out of it? There is a lot of innovation out of it.

>> Yeah. So I think part of the challenge here, as you guys will know, we all talk about just so many tools, so many different things. But you look at this survey that we did. Look at the priorities. Everything's a priority. What are your top priorities? We got 10. And there's probably another list of 15 that they could mention. So this is why CISOs don't sleep at night. They got 15 priorities. So they have none. Do you ever see that changing?

>> I think a lot of that is just the mentality, the culture of the CISO, right? The best of breed is still pretty much... Most of them have, right? Now of course, Palo Alto Network and then maybe some other companies started talking about platform strategy. But if you ask a CISO today, if you do a poll today, still majority of them are kind of like a best of breed camp.

>> Yeah, totally.

Sarbjeet Johal

>> Yeah. Think about this, what don't you need to protect? Everything, you need to protect everything. End user device, the user's mentality, users needed training, the password hygiene. Every touch point needs to be protected. Your system is as secure as the weakest link is. So that's why the sprawl is in increasing. The Target hack happened through the HVAC. They were fixing their AC and they will go through that system to go into their network and install all that data, right?

>> Yeah.

Sarbjeet Johal

>> So you have to be cohesive. And there's no shortage of connected things going forward. More and more -

>> Critical infrastructure.

Sarbjeet Johal

>> Yeah.

>> We've had a lot of conversations this week about critical infrastructure and how vulnerable it is.

>> Yeah. To be clear, there is a value for platform, right? Because you want all the data to be connected so that there's not too many silos. The fact that you have 50, 100 solutions, that itself is a problem. So I think Nikesh from Palo Alto now has been talking about platformization. I think there is a lot of the good intent, and I think that there's a value in that. But whether the industry is moving fast enough towards that direction, I think we'll see in the next six to 12 months.

Sarbjeet Johal

>> Yeah. Talking about the infrastructure, I stopped by the FBI's booth. And Homeland Security is next to them as well over there. So they have a project called InfraGard where they have created a consortium of private companies working with the FBI. The FBI leads that sort of initiative, InfraGard, to protect the critical infrastructure of the US. So they are grappling. Government entities are ... Those institutions are grappling the same way what private companies are grappling with the security staff.

>> It's a new beast though. The whole IT/OT schism and the cultures of engineering versus sort of ITOps, the connected infrastructure. Now you got AI coming in on top. So the other part of that question is, it smells like opportunity to me, Howie. It's like a lot of money to be made securing that critical infrastructure. How big do you think that market is? This would be a great David Floyer question. If you had the TAMs, you got the existing cyber security market, let's call it 150 billion. I don't know.

>> Close to 200 billion now.

>> Let's call it 200 billion then.

>> And then half is service and half is product, roughly speaking.

>> Yeah. Okay. So that's about right for any market. Service dominates. And then is securing critical infrastructure, but I know it's part of that 200 billion, but is the opportunity, the TAM... How much bigger is it? Is it double? Is it 10% bigger? Is it triple? How should we think about that?

>> Well, anytime we have a new technology, new platform, new vector, you need a new budget, a new technology, a new solution, right? I don't know it's going to... AI is going to double the security budget or security spend for the next few years, but it's going to be increasing. But the other thing is, you and I discussed that, we looked at some research, right? I think at this moment, people are still learning. We did a poll of hundreds of people, roughly 62% of people come to RSA to learn what's the implication. They're not ready to pull the trigger to buy anything yet. The budget or the spend, the implication may happen six months from now, or 12 months from now, or maybe even longer. But I think it's going to happen. But right now, people are still learning and watching.

>> Yeah. You say you've come to this show a lot, so you're sort of jaded. But the one difference that I've noticed between this year and last year's, last year was a lot of talk about GenAI. It was more GenAI, the attackers using GenAI to write better emails. Using GenAI to orchestrate things like... We hadn't seen Charlotte yet, but stuff like CrowdStrike. It's stuff like that. But we were talking about how it could change the SOC analyst experience. Today, this week, we're hearing much more about, 'well, AI creates new exposures, and we need security for AI.' And that's a different way to think about things. And so language is going to be secured differently.

Sarbjeet Johal

>> If you are using voice to enter a system or face, or... You can create fake identities of people like this with GenAI. So the social engineering part of the security, sort of hackers, they are, it gives them a lot of ammunition to throw out the good guys.

>> And then there's a reason that this year's first place of the innovation sandbox is a company that's a solution for that, right. Reality Defender. So for a faked image, a faked voice, it's going to be a bigger and a bigger problem.

Sarbjeet Johal

>> That will increase TAM. And I think your question was protecting critical infrastructure.

>> Yeah, yeah. .

Sarbjeet Johal

>> How much do we add which model? I think maybe 30 to 35%, easily, because we need to think a lot more about critical infrastructure now going forward. Yeah. China is our main adversary, and they're attacking us every day.

>> Government's going to do a lot of that spending.

Sarbjeet Johal

>> It's just national security. It goes into national security. Anything goes into that bucket. There's a sense of urgency. And when there's a sense of urgency, money flows there.

>> Yeah.

>> And it's a tough problem to solve. For instance, even at a show this morning, I saw a startup doing things like, hey, any person can ask a question, what is the company's revenue? But not everyone should get the answer, right? You need some access control. But today, a larger language model is not very good at it. So you need to do certain arts and then things. But the reality is, we don't have a sophisticated enough solution for that.

>> Yeah.

>> We can probably get it 80% right, 90% right. But the last 10, 20% is difficult.

>> So we got to wrap. But, so tell me about this Byte Into Future. What is that all about, your new program?

>> This is about learning new things. Silicon Valley has so many entrepreneurs. I wanted to talk to the entrepreneurs, some of the senior executives, some of them learned so much. I wanted to talk to them from technology point of view, from entrepreneurship point of view, so that we, using your word there right, open source the learning so that the community can benefit from that.

>> Awesome.

>> And a part of the reason I did this Bite Into Future was inspired by theCUBE, so.

>> Yeah. Fantastic. Good. Good. Well, we'd love to have more content that's open in the market. So congratulations on getting that off the ground. Sarbjeet, it's music to your ears, obviously. This is what you do.

Sarbjeet Johal

>> Yeah, that's what I do. Actually, our thinking sort of matches. That's why I am with you guys all the time.

>> Yeah. , aren't we?

Sarbjeet Johal

>> Wherever you go, I am there. So yeah, I think the narratives are important. In the security sort of space, we are never a hundred percent secure. The minute you leave home, somebody can hit you, a car can hit you. You are never a hundred percent secure. So it's more about the risk management. I think if you rename security as risk management, you'll spend it differently, you will plan differently. So that kind of... I think just taking a look at the problem from a different angle, that's very important. I think we can save a lot of money, and agony, and frustration in many different parts of the technology stacks if we look at the problem from economic angle, from practitioner economics angle versus the vendor economics. We talk about that, right?

>> Yeah, yeah.

Sarbjeet Johal

>> So yeah, I'm doing that. So thanks for giving me the platform always.

>> Yeah. Always, guys. .

>> And one last plug. Tomorrow, the Reality Defender Founder-CEO, the winner of the Sandbox contest would come to my show, Byte Into Future, at New York Stock Exchange, live.

>> Phenomenal.

Sarbjeet Johal

>> Nice.

>> I can't wait to see that on social. Guys, great conversation as always. You're always welcome here. I really appreciate your partnership. John and I really value that, the entire CUBE team does as well. So thank you. Okay. And thank you for watching. Keep it right there. We'll be back with Jay Chaudhry right after this break.