Talking Data, AI, the Role of the CDO, and Security Industry Changes – Infrastructure Matters Episode 11

Talking Data, AI, the Role of the CDO, and Security Industry Changes - Infrastructure Matters Episode 11

In this episode of Infrastructure Matters, hosts Steven Dickens, Camberley Bates, and Krista Macomber discuss all around data highlighting the growing importance of data management and governance, especially in the context of AI, with a focus on the role of Chief Data Officers. They also get into the changes with the cybersecurity tech industry, particularly in regard to layoffs, investments and CIO actions in rationalizing investments while balancing the need for robust security measures. The hosts explore infrastructure changes in the context of AI including aspects such as compute, especially GPUs, storage and mention why private enterprise AI is gaining attention.

Topics include:

  • What is the role of the Chief Data Officer and AI implications?
  • Why are we seeing layoffs in the Cyber Security industry?
  • How IT is taking actions and approaching Generative AI projects and changes to on-premises technology adoption
  • Plus highlights on Google for Kubernetes at Scale, NetApp demo with Vertex

You can watch the video of our conversation below, and be sure to visit our YouTube Channel and subscribe so you don’t miss an episode.

Listen to the audio here:

Or grab the audio on your streaming platform of choice here:


Disclosure: The Futurum Group is a research and advisory firm that engages or has engaged in research, analysis, and advisory services with many technology companies, including those mentioned in this webcast. The author does not hold any equity positions with any company mentioned in this webcast.

Analysis and opinions expressed herein are specific to the analyst individually and data and other information that might have been provided for validation, not those of The Futurum Group as a whole.


Steven Dickens: Hello, and welcome to another episode of Infrastructure Matters. I’m your host, Steven Dickens, and I’m joined as always by Camberley Bates and Krista Macomber. Hey, ladies, welcome to the show.

Camberley Bates: Good day.

Krista Macomber: Hi, Steven.

Steven Dickens: So we’ve got a packed episode for you today. We’ve got three or four news topics and then we’re going to go deep on the infrastructure of AI. Lots going on in that space. So maybe Camberley, let’s go to you first. I think you’ve got a really interesting news topic this week.

Camberley Bates: I’m not sure, it’s not news news, but it’s something that came across my desk that I think is really worth the discussion. One of the people that I follow and I have talked to is Martha Heller, and she is a big CIO recruiter. If you don’t know her, we’ll put the information up there because her newsletter is awesome. And she recently released a job description for chief data officer and kind of pulled that down and took a look at it to see, we’ve seen that CDO show up. But I think what was significant about this is that when we looked at the key responsibilities that she’s listing, what was second in line in terms of skills is being able to manage risk and risk management and the governance piece of it. The CDO typically reports to the CIO, they’re responsible for the data strategy.

And given that we’re going to talk about AI, I mean this is becoming, it’s popped up. It was important before, there’s a lot of companies that said data is the new oil and that kind of stuff. I think that was said five years ago. But now that we’re in the middle of AI and it’s so top of mind, I mean it’s front page and the Wall Street Journal, it’s top of mind and CNBC, it’s top of mind in all these publications they’re talking about it. And this concern about governance, risk, privacy, et cetera, and IP has just blown up the top. So I think that’s pretty cool. What I also love is the definition. I’m going to read a couple of them, pardon me as I read this through, define the new, this is interesting, the new enterprise data and analytics mandate for the company.

So what you’re looking at is saying, “Okay, so we’ve had this data infrastructure for a long time. Now we’re going to this next level. How are we going to do this long-term?” And obviously it’s going to be a multi-year strategic thing. They are going to have some dotted line responsibility probably to the chief privacy officer because of the governance, et cetera. And this is where I said a deep experience in risk management as well as the other areas that you would expect is process optimization, visualization and all that kind of stuff. So that to me was really interesting, especially as we look at how this thing is expanding and going to be entering into our entire life and everything that we do, everything we do, so much for Siri. We’ve just exploded what we’re doing on the data side.

Steven Dickens: So Camberley, was there a focus there for AI specifically? I mean, the-

Camberley Bates: It was not called out specifically, but it’s within there. It’s with an understanding about what we’re doing and especially since we’re building out. And Randy Kerns and I were talking this morning about the work that he’s doing in the data platform and the data storage side of it. He said, “We’re not going to see as much on the data storage side explode until probably another 12 months from now.” But you are seeing this data management or data strategy I think is the term we want to talk about– AI in your Data Strategy kind of thing, coming up to the surface to say, “Okay, so how are we going to manage this? How are we going to…” Whether it’s IP privacy, the governance geographies, et cetera. It’s big, it all has to be addressed. And usually most of these companies are using some cross-functional organization that’s coming together to address these kinds of things. And then somebody has to be putting in that architecture that’s going to help manage the data long term.

Steven Dickens: Krista, any thoughts? I know your topic is in the same sort of vein around HR and resources and that type of stuff. So maybe do you want to comment on Camberley and then we’ll go into your topic?

Krista Macomber: Yeah, yeah, that sounds good. I think just a couple of general comments. I mean, I think describing this as a sort of risk management is very appropriate. And it’s a very broad umbrella that so many different facets cover. I mean, Camberley, you already mentioned a couple. So governance, especially when we start to think about risk pertaining to cybersecurity and cyber attacks, we are seeing these executive orders come down, for example, here in the US from President Biden around, “Okay, looking down the pike here are X, Y, and Z.” From an IT infrastructure perspective, we’re going to have to be able to test and validate, improve.

And of course, we’re seeing that these attackers are continuously changing and innovating with their approaches while data is just sprawling more than ever before, across a variety of applications and infrastructure. So not only keeping pace with the regulatory requirement side of things from a security standpoint, but also just how the threat landscape for any given organization is continuously evolving. It’s not a small task. So I’m not surprised that we’re starting to see some of these titles and specific responsibilities begin to be delegated to address that.

Camberley Bates: Well, that goes into the other report that came out recently, and I think it was by Morgan Stanley that had done a… looking at the top 100, Fortune 100 companies. And of the top 100, 10 of the CEOs had bonus structures tied to cybersecurity. It wasn’t 10, it was actually nine. So it was nine, let me get the correction. It was nine nine that was, and it’s like, “Whoa.” Now that’s totally understandable because if you’re Experian or if you’re a big bank or something along those… or a big healthcare institute, very, very understandable that it’s going. But the question is that that’s at that level that this is at. And so that’s why and as I look at this job, the CDO, you’re like, “Okay, so this is how important this is, chief privacy officer, those kinds of things. Wow.”

Krista Macomber: One hundred percent.

Steven Dickens: I know your next topic up, Krista, it’s interesting you sort of take that focus and then you sort of counterpoint it with what we were talking about off camera, which is around some of the layoffs and of the things you’re seeing. Those two don’t jive for me, so maybe just give a perspective here.

Krista Macomber: Yeah, yeah, sure, Steven. So I’ll give a little bit of background. So I was approached by a reporter a couple of days ago that kind of said, “Hey, I’m seeing a lot of these announcements regarding companies that play within the cybersecurity space.” So whether that be kind of managed security and response, whether that be vulnerability assessments, there was an ethical hacking company that was referenced as well in this article. And just regarding that, there were a number of these companies that had to make some layoffs recently. And so this reporter, kind of what you’re alluding to, Steven, approached me and said, “Listen, we’re hearing that there’s all this buzz and focus on cybersecurity, but then on the other hand, we’re seeing that these layoffs are happening. So can we talk a little bit about what’s happening?” So we had an interesting conversation that I thought would be interesting to recap here, which was around a few different factors.

So I think number one, the state of the macro economy I think certainly needs to be considered, right? So I think especially if we think about some of these companies maybe being on a smaller scale, so needing to take some steps to really make sure that they’re operating as profitably as possible. Really preserve themselves a little bit in the face of some of these headwinds, for lack of a better way to describe it, from an economic standpoint. So that’s certainly one factor that is not just impacting the space, but I think we’ve seen that really unfortunately to a degree over the last couple of quarters across the technology space in general. And then the second big factor that we talked about was thinking about these deals, right. So we have seen over the last year, and we have some research that I’ll link to regarding the intersection of cybersecurity teams with your traditional IT operations teams. And how some of your security leaders are having a seat at the table.

When we think about, for example, determining requirements for data protection from a technology standpoint, in many instances, they’re either contributing to the budget or they’re having some direct influence over how the budget is being spent. So that on one hand it’s good, because it keeps these requirements very top of mind. At the C-suite, we are seeing that there’s a budget being allocated in these areas. At the same time, I wouldn’t be surprised if that’s starting to extend some of the lead times from a sales perspective, right? If there’s new collaboration that needs to happen that hasn’t necessarily happened before between security and IT operations, for example, and if just more individuals at the table, then that’s going to have an impact on some of these deals. So those were a couple of things that we really talked about.

So, my takeaway was, it’s not that we’re not seeing spend on cybersecurity, not that we’re not going to continue to see spend, it’s just there’s these couple other factors at play. And in fact, I think when we look ahead, definitely it’s a little early to tell, but I think at least I’m optimistic that we’ll at least see some stabilization there as opposed to further layoffs. And the other factor as well, when we think about coming out of the pandemic, all of that pent-up demand, it is possible that there was a little bit of over hiring that may have occurred in the 2021, 2022 timeframe. And maybe we’re seeing a little bit of correction as we start to dig out from that.

Camberley Bates: The other factor that goes into this would be that when we look at some of the initiatives around security, they’re all thinking they’ve got way too many tools. And so they’re auditing what kind of tools they have, are they using those tools, et cetera. And that goes back to the smaller companies or consolidation or whatever they’re doing. But I don’t think anything’s going to ever settle down, but we haven’t had any new kinds of attacks. It’s just an increased amount of attacks that we’re having. So maybe we’re settling down into a place now that they know what they’re doing or they know what the execution needs to be, although there is still the process, they’re still evaluating what they’re doing in terms of all the protections and the securities, et cetera.

Steven Dickens: Yeah, it’s interesting. The news topic I brought to the show kind of fits in this context. It was a Red Hat and AWS announcement. But the one thing that stood out for me, and I’m going to read it here so I get the numbers right, “According to the United States Computer Emergency Readiness team,” that’s a mouthful, “Federal agencies reported 32,511 security incidents in fiscal year 2021 alone.” So that was an announcement that came out as part of Red Hat OpenShift being available in AWS for the intelligence community. So that was an announcement. So nothing really new from a technology perspective. You’ve been able to run Red Hat OpenShift on AWS, the Rock Service and various things for a while. So that’s kind of not new news. The new news was that it’s been available with all the sort of ticky box exercise done for the intelligence community. And I think it kind of speaks to the point you were making, Camberley as we were talking, I think we’re now starting to see some of these tools become part of the tech stack.

People have, instead of the mad scramble that I saw and the rest of us saw in ’21, ’22, of I’ve just got to buy a tool for this, I’m just going to get… the default answer is just buy whatever is being recommended because I don’t want to be the person who didn’t sign off on that security spend. Because then we got hacked because we didn’t have that tool. I think we’re past that as a stage now where something like this Red Hat OpenShift for the intelligence communities, just a sort of indicator of people have through some of the roles that you’ve talked about, it’s now a tier one discussion at a C-suite level. People are starting to pause and think and go, “What is our strategy?” My strategy’s not to buy anything from any vendor. It’s a bit more strategic and holistic. “I’m going to buy four or five vendors, I’m going to lean into their tools and then I’m going to deploy from there.” I mean, would you agree? Is that what you are seeing?

Krista Macomber: I would agree. Yeah, no, I would certainly agree. I think maybe a little bit of rationalization to your point, Steven, just given the variety of tools that are in place, I think that’s certainly a possibility as well.

Steven Dickens: Yeah. So the only other sort of thing on the news is still digesting the Google Next announcements. I mean, those guys from an announcement engine point of view, Dave Raffo and I talked about in one of our research notes, and we’ll put that in the show notes below, was some of the stuff that Google’s done from a Kubernetes perspective. That one stood out for me. Obviously Google’s got a rich history with Kubernetes and led the open sourcing of that technology back in the day. But I think for me, an interesting piece is the enterprise focus of that. I think it’s an acknowledgement by Google that people are starting to deploy Kubernetes at scale in the enterprise. We’re going to talk about platform engineering in a few weeks time, ahead of KubeCon, but I think there’s some really key pieces there. As I say, we’ll put a link to that in the show notes. I know, Camberley, you follow the Kubernetes space pretty carefully, so maybe go to you for some thoughts there as well.

Camberley Bates: Yeah, I mean, I saw the announcement on… some of it was security, some of it was the multi cluster scale out environment and managing that. I think this is the trend that we’re going towards in terms of delivering resiliency in that area, delivering security in that area. We’re still getting pounded on the open source concern and exposure. So anything that they’re doing to tighten those areas up that’s what’s being addressed. And again, as Steve mentioned, we’re going to talk about platform engineering a little bit later, not today, but in another session. But that will be the big theme that we’re expecting to be the biggest theme coming into KubeCon, which is out in Chicago.

Steven Dickens: So that’s our new section of the show. Now we’ll drop into our deeper dive topic, the infrastructure of AI. Lots obviously going on in the market about large language models and ChatGPT and Bard, and some of the consumer interface layer. Obviously we’re all experts in the infrastructure side. We sit on a lot of briefings from obviously the public hyperscale providers, the AWS, the Googles Azures, the Microsofts, the Oracle cloud infrastructure guys and IBM in this space. But we’re also hearing a lot from the Dells, the Lenovos, the HPs. I mean, Camberley maybe go to you first as we kick this round as a topic. You sit on a lot of the same briefings that I do, maybe give us a storage perspective first. You’re getting a lot of these briefings from the storage vendors. What are you hearing from the classic storage guys around AI?

Camberley Bates: Well, I’m not going to start there. I’m going to start with the server piece of it. And the reason being is the storage is not yet the big uptick. The uptick right now is really on what the data platform is and the server. The private AI piece that is rapidly getting deployed as availability of equipment comes through. And the reason why the storage is not the huge uptick yet is because of the size of the overall models. You have the large language models that potentially I’m going to use, but then I’m going to train it with, in my data, most of my data that I’m training on is all text. Now, long-term, we’ll see the video imagery and that kind of thing come into your language models, just by term it’s large language models. It’s not large video models, and that quantity of data is very easily compressible, et cetera.

Or voice as well, so I’m looking at the customer service operations. I’m looking at code, I’m looking at use case that have to do with documentation kind of stuff. So that’s what we’re originally training on. We’ll see that uptick over time. Maybe 12 months from now is when that big hit will start, we’ll start seeing it coming from that piece of it. But as I said, the next big thing that they’re going to be looking at in terms of data is what does their data platform look like? And that’s going to be looking at some software capability in order to build these data lakes that they’re going to need over the long haul.

Steven Dickens: Yeah, it was interesting. I saw a demo at Google Cloud Next from NetApp, representing for you, and spent some time with the NetApp team. I thought it was interesting the sort of demo they did with putting Vertex, which is Google’s AI model on top of NetApp data, so that you could do that enterprise AI piece. I thought it was a fascinating demo of you’ve got all this corpus of data within your enterprise, and they did a side by side, that was the demo. So you asked the same prompt to a public facing large language model, and then you did the same prompt to your data sitting on NetApp filers. And the data was very generic, very high level on the public, large language model, very specific, very detailed, very company centric when pointed against the corpus of data that was on the NetApp environment. So I think we’re going to see more of that. But as you say, Camberley, it’s really early days.

Camberley Bates: Right, it’s early days, and what they’re bringing into is their work that they already have. Now, that may be different for some of the other industries, I haven’t dived into maybe media entertainment, I just published something on what NetApp was doing with Dreamworks. But they’re already into the computer generated graphics kind of space. So they’re probably going to use the language models within there, but I haven’t dived into it, so I can’t speak to that directly.

Steven Dickens: So Krista, from an infrastructure point of view, what are you seeing? I know you’ve got more sort of a data protection and security lens. What are you seeing from AI driving in an infrastructure way?

Krista Macomber: Yeah, yeah. So I think looking from an infrastructure perspective, I think as you mentioned with my coverage area, I think the big question is going to be how do we train these models in a way that’s secure and ethical is probably the best way to describe it. So making sure that we’re doing this in a way that any sensitive data is not kind of getting out into the public sphere or into the hands of a malicious actor. A great example is our company, The Futurum Group. Oftentimes we’re briefed under NDA by our clients, so we can’t just go ahead and take those notes or a transcript from that call and just plug it into a public facing AI model. So I think from my perspective, that’s going to be really kind of the two big areas, is really how do we establish those swim lanes, if you will, for the data that’s actually being fed into these data platforms, these large language models, things of that nature.

As you both have mentioned, it’s very early days, but I think it’s something that while oftentimes thinking about data security and protection, unfortunately we play catch up. And so okay, maybe we’re going to go ahead and maybe migrate to an infrastructure, a new infrastructure I should say. And then think about after the fact, think about how are we going to protect it. I’m not so sure that that’s going to work in this case because there could be some potentially very negative consequences there. So those would be really a couple of my key thoughts, I’d say.

Steven Dickens: Yeah, makes sense. I mean, from my perspective, I’m kind of focused on the custom silicon, the compute. It’s a race to just get access to, I mean, Jensen is probably clocking up more air miles than he’s ever clocked up being on main stages. He was on the main stage for VMware when you were there. He was on the main stage for Google Cloud Next. I think the big thing is access to GPU horsepower, getting briefed, every compute vendor has kind of got all their orders in, the Nvidia stock sort of position is crazy right now. But I think we’re also starting to see the custom silicon, Google were talking about their TPUs, their Tensor flow processor units. We had AWS on one of our podcast episodes talking about what they’re doing with inferentia and trainium.

I think that there is a period of time where Nvidia’s going to be the only game in town, or largely the only game in town. I don’t see that maybe surviving beyond three or four quarters just because of the market opportunities. I mean, that’s probably the best two quarterly earnings calls I remember any vendor having ever the last two from Nvidia, everybody’s listening to those, everybody knows. So from a compute point of view, I’m seeing a lot of the Dells, HPs, Lenovos, starting to think about how they do what I’m calling GPU as a service. It’s more than that, it’s put into a HPC cluster, it’s into APEX, a true scaler, a GreenLake environment.

But when you strip it away, its customers need access to GPUs. How do they get that as a service? And I think that’s where I see a lot of the focus. I think we’re going to see custom silicon from some of the cloud providers. I’m kind of surprised Microsoft’s not doing its own custom silicon. Maybe that’s strategic at the top that they’re not deciding they’re not going to do it. But I mean, everything I hear from AWS and Google is that those platforms are going gangbusters and lots of people are looking at them as an alternative to some of the GPU, mainly because price and access I think is going to be hard. So I mean that’s what I’m hearing from an infrastructure point of view.

Camberley Bates: Yeah, I mean the backlogs are there in terms of the GPUs and getting a hold of them. So it may be that what gets stood up in the cloud and those environments will drive the initial demand. The only concern there, not only concern, but the big concern there is IP. And so you still have… When you have a significant amount of the major data still sitting on premise and you don’t want any of that leaking out because back to what Krista is saying, there’s a real hesitancy to use those environments and having to prove that they’re walled off. I mean, if you look at what HPE is doing with their GreenLake, you have a walled off cluster that’s not multi-tenant. It’s a walled off cluster that you’re actually using. And that same thing has to happen with Microsoft software that they’re going to bring out with Nvidia because of all those concerns.

Steven Dickens: Yeah, I mean I think that’s the big tension point I see exactly as you are mentioning here, Camberley. There may be some fantastic innovation going out on the public cloud. What Google’s doing with Vertex, what Microsoft is doing with its OpenAI, chat… All of that stuff’s going out. And from a consumer point of view happening kind of out on the public web, I think you’re right. A lot of these enterprises are going, “Do I want to be doing that out on the public?” Go back to what you were saying, Krista, around data linkage concerns. It’s interesting for me, the more I hear about watsonx from IBM, the more I see it playing into that space of you’re going to want to do this private. You’re not going to maybe want to do as much of it on the public cloud. That’s where IBM’s going to play its role with watsonx.

Camberley Bates: And that gets you back to… you were talking about the demo that you saw from the NetApp guys at Google and the two sides. A, why you have to train, B, your own data and manage it from there. So yeah.

Steven Dickens: Private enterprise AI, maybe that’s the term we’re going to coin here.

Camberley Bates: Yeah, absolutely, absolutely.

Steven Dickens: Well, fantastic discussion as always. We’re starting to wrap up here. Thanks very much for joining us on the show. Please do all those YouTube things and click and subscribe and give us all the likes and hit all that. And we’ll see you next week for another episode of Infrastructure Matters. Thanks very much.

Camberley Bates: Great, thanks guys.

Krista Macomber: Thank you.

Other Insights from The Futurum Group:

Google Enhances GKE With Advanced Security, “Cluster Fleet” Management

DreamWorks Animation and NetApp Extend Their Strategic Partnership

KubeCon North America 2023

Author Information

Regarded as a luminary at the intersection of technology and business transformation, Steven Dickens is the Vice President and Practice Leader for Hybrid Cloud, Infrastructure, and Operations at The Futurum Group. With a distinguished track record as a Forbes contributor and a ranking among the Top 10 Analysts by ARInsights, Steven's unique vantage point enables him to chart the nexus between emergent technologies and disruptive innovation, offering unparalleled insights for global enterprises.

Steven's expertise spans a broad spectrum of technologies that drive modern enterprises. Notable among these are open source, hybrid cloud, mission-critical infrastructure, cryptocurrencies, blockchain, and FinTech innovation. His work is foundational in aligning the strategic imperatives of C-suite executives with the practical needs of end users and technology practitioners, serving as a catalyst for optimizing the return on technology investments.

Over the years, Steven has been an integral part of industry behemoths including Broadcom, Hewlett Packard Enterprise (HPE), and IBM. His exceptional ability to pioneer multi-hundred-million-dollar products and to lead global sales teams with revenues in the same echelon has consistently demonstrated his capability for high-impact leadership.

Steven serves as a thought leader in various technology consortiums. He was a founding board member and former Chairperson of the Open Mainframe Project, under the aegis of the Linux Foundation. His role as a Board Advisor continues to shape the advocacy for open source implementations of mainframe technologies.

Camberley brings over 25 years of executive experience leading sales and marketing teams at Fortune 500 firms. Before joining The Futurum Group, she led the Evaluator Group, an information technology analyst firm as Managing Director.

Her career has spanned all elements of sales and marketing including a 360-degree view of addressing challenges and delivering solutions was achieved from crossing the boundary of sales and channel engagement with large enterprise vendors and her own 100-person IT services firm.

Camberley has provided Global 250 startups with go-to-market strategies, creating a new market category “MAID” as Vice President of Marketing at COPAN and led a worldwide marketing team including channels as a VP at VERITAS. At GE Access, a $2B distribution company, she served as VP of a new division and succeeded in growing the company from $14 to $500 million and built a successful 100-person IT services firm. Camberley began her career at IBM in sales and management.

She holds a Bachelor of Science in International Business from California State University – Long Beach and executive certificates from Wellesley and Wharton School of Business.

With a focus on data security, protection, and management, Krista has a particular focus on how these strategies play out in multi-cloud environments. She brings approximately a decade of experience providing research and advisory services and creating thought leadership content, with a focus on IT infrastructure and data management and protection. Her vantage point spans technology and vendor portfolio developments; customer buying behavior trends; and vendor ecosystems, go-to-market positioning, and business models. Her work has appeared in major publications including eWeek, TechTarget and The Register.

Prior to joining The Futurum Group, Krista led the data center practice for Evaluator Group and the data center practice of analyst firm Technology Business Research. She also created articles, product analyses, and blogs on all things storage and data protection and management for analyst firm Storage Switzerland and led market intelligence initiatives for media company TechTarget.

Krista holds a Bachelor of Arts in English Journalism with a minor in Business Administration from the University of New Hampshire.


Latest Insights:

Six Five's Diana Blass heads to Dell Tech World, for a journey inside The Dell AI Factory, where AI-innovation has transformed nearly every industry vertical.
Company’s Strength Across Clouds Delivers Record Quarterly Revenue
Keith Kirkpatrick and Daniel Newman with The Futurum Group, cover Adobe’s Q2 FY2024 earnings, and the products, segments, and approaches that have propelled the company to a record quarterly revenue figure.
Steven Dickens, VP and Practice Leader, discusses Broadcom's Q2 2024 performance, driven by strategic investments in AI and the successful integration of VMware.
Oracle, Microsoft, and OpenAI Collaborate to Extend Microsoft Azure AI Platform to OCI to Ensure OpenAI Can Scale Fast-growing Massive LLM Training Demands
The Futurum Group’s Ron Westfall and Steven Dickens explore why the collaboration with OpenAI to extend the Microsoft Azure AI platform to OCI validates that Oracle Gen2 AI infrastructure, underscored by RDMA-fueled innovation, can support and scale the most demanding LLM/GenAI workloads with immediacy.