In this episode of Infrastructure Matters, hosts Camberley Bates, Steven Dickens and Krista Macomber discuss the latest in Cybersecurity and AI with Microsoft Copilot for Security, as well as news from IBM, BMC and Liqid.
Key topics include:
- Insights from Microsoft Secure and the launch of Copilot for Security
- BMC office visit and discussion on artificial intelligence
- IBM’s updated FlashCore Module and Storage Defender offerings
- Liqid’s new CEO and collaboration with GPU and CPU vendors
You can watch the video of our conversation below, and be sure to visit our YouTube Channel and subscribe so you don’t miss an episode.
Listen to the audio here:
Or grab the audio on your favorite audio platform below:
Disclosure: The Futurum Group is a research and advisory firm that engages or has engaged in research, analysis, and advisory services with many technology companies, including those mentioned in this webcast. The author does not hold any equity positions with any company mentioned in this webcast.
Analysis and opinions expressed herein are specific to the analyst individually and data and other information that might have been provided for validation, not those of The Futurum Group as a whole.
Transcript:
Camberley Bates: Good morning, how is everybody doing today? And welcome to Infrastructure Matters, folks. I am here with my famous participants here, Steve Dickens in New York.
Steven Dickens: Hey, Camberley, welcome.
Camberley Bates: Krista Macomber in New Hampshire.
Krista Macomber: Good morning.
Steven Dickens: Do we have a round of applause for Krista after her performance at Microsoft this week? Newly minted star of the show?
Krista Macomber: Thank you.
Camberley Bates: Of course, I’m Camberley Bates here in snowy Boulder, Colorado. We have-
Steven Dickens: You even need an introduction?
Camberley Bates: We had the news with the snow. I can’t understand this, this is normal for us.
Steven Dickens: Do you even need an introduction, Camberley? If anybody doesn’t know who you are?
Camberley Bates: Personally, I walk in a room, somebody doesn’t know me, it’s embarrassing. Really embarrassing. Okay guys, let’s get serious here. So we’ve got a bunch of items to roll up. Unfortunately, this week, a lot of the briefings we were getting were all NDA because they’re announcing it next week either for NVIDIA is a big, huge monster show, or.
Steven Dickens: Oh, is there an NVIDIA show next week? I hadn’t realized.
Camberley Bates: Oh. Geez. I know.
Steven Dickens: Something like GTC, is it?
Camberley Bates: I don’t know.
Steven Dickens: I mean, that may or may not be a thing next week. I don’t know, maybe.
Camberley Bates: Maybe. So there’s GTC going on, and then the one that’s really important is the one that Steven and I are at, which is KubeCon in Paris.
Steven Dickens: Of course.
Camberley Bates: We’re going to be recording live from there. And then Krista this last week was working on something that was really cool. It was the Microsoft Security Copilot announcement, so I am going to turn it over to her, take it away gal, and let us know what that was all about because it sounds pretty cool. I just never-
Krista Macomber: Yeah. Thanks, Camberley. And it really was. Number one, it’s such a cool topic. As you mentioned, so what happened was Microsoft announced the general availability of Copilot for Security, and just for anyone who might not know, Copilot is Microsoft’s generative AI technology and they’re embedding it across a number of their tools. Over the last year or so, they’ve had Copilot for Security, which is really designed to streamline security operations and provide greater threat intelligence. We’ll get into more detail on that, but it’s been in preview for about the last year or so, and now it is going to be generally available starting next month, which will be April 2024.
Will Townsend, who is one of our counterparts for Moor Insights & Strategy on the security and networking side, he and I had the opportunity to go to New York last week to Microsoft’s Experience Center, and actually sit down and have a few interview sessions with three leaders within Microsoft Security business. We’ll link to those conversations all in the show notes because again, I think that there was really some great nuggets that came out of those conversations. We spoke with Vasu Jakkal, who is the Corporate Vice President for Microsoft Security business; Brandon Dixon, who is a Partner Group Product Manager for the tool, for Copilot for Security; and then also Sherrod DeGrippo, and she’s a Director of Threat Intelligence Strategy for Microsoft.
Camberley Bates: So I want to hear about, what is this?
Krista Macomber: Yeah.
Camberley Bates: Yeah.
Steven Dickens: Yeah, I’m excited too, what is-
Camberley Bates: So great to know who the people are, but what do I do with this stuff?
Krista Macomber: Yeah, for sure. So as I mentioned, it’s a generative AI technology. Really what it does is you can break it down into a few key functions. Microsoft is using it to do things like summarize the variety of security alerts that security operations analysts typically need to sift through on a daily basis. And as I mentioned, summarize those into some actionable insights that really the security operations analysts can then choose to go ahead and take some action on and again, help them sift through some of that noise that otherwise they might be very bogged down with trying to make heads or tails out of.
The second is that it can look at the environment and use Microsoft’s threat intelligence data to not only identify risks, but also analyze those risks and prioritize them. You can see there is that theme of helping to really make the job of the security operations analysts a little bit easier and a little bit more efficient on a daily basis because again, similar to that alert fatigue that I was just mentioning, they might also be inundated with this number of different risks that they have to deal with on a daily basis. And now they can go ahead and prioritize those risks that are the most critical.
And then another capability that I thought was really important was from an incident response perspective. When there is something like a data breach, helping to guide the security operations analysts in things like triaging the risk or the incident, helping to contain it and then guiding that remediation process. So it’s interesting because I do think that upfront it can help to really improve the security posture for the organization, but I also think it can really help to not only, again, we were talking about make the job of the security analyst more efficiently, but we were actually talking with Vasu about this idea of democratizing being a defender, which we told her, we were like, “You need to get that on a T-shirt,” or something like that. And really making this information and these insights more accessible to a broader range of security analysts and maybe even help to attract some new talent to the field. I thought that was a really interesting topic of conversation.
Camberley Bates: Well, I think what it also helps out with is the staffing problem that we have in this area.
Krista Macomber: Yes.
Camberley Bates: You can hire the new security people, but I think like in any major technology area, it’s those architects and those seniors, people that have had years and years and years of experience, they’ve seen it, they’ve done it. This is a way for giving maybe more junior people, maybe a speedier way of coming up to speed with what do in the environments possibly, so it’d be interesting to see how that pans out.
Krista Macomber: Absolutely. We talked about that in I think actually all of our conversations. But when we spoke with Sherrod, one thing that she painted this picture of that I thought was very interesting was even going a step beyond that and really looking at the skills gap, but also looking at where does the organization really need to prioritize? So almost mapping your security skillset to the threats that are evolving and emerging and which ones are most critical and helping to see, okay, maybe we do actually have some existing skills that can help in that area, or maybe these are a couple of areas that we really need to double click down on, whether it be through training and education, whether it be through hiring and things like that. That was something that I thought was really interesting as well.
Camberley Bates: I’m going to emphasize back again, I mean a lot of people keep asking about if this AI is a bubble, and this is an example of how fundamentally shifts how we do work, it changes the entire space of it. I’ve said this before, I’ll say it again, went through it in the ’80s when we went to transaction processing and what we were doing was providing the people that were having to make a decision, for instance like inventory levels and buying levels, et cetera. The computer was providing that information to them in a dynamic form so they could make decisions on a weekly and then on a daily basis. Now, we’re going to another place where we’re saying, okay, so if I take that example there, where we’re doing is the AI is going through and looking at all this historical kinds of things, and you can throw a lot of parameters in there and come up with some recommendations. For instance, the weather. We just got hit here in Colorado with feets of snow. Guess what? That changes inventory, that changes-
Steven Dickens: Might be in more demand this week.
Camberley Bates: Well, there’s a couple inventory. One, it changes the inventory levels at the grocery store as it goes down, and it changes the inventory level at the restaurant because they don’t have the customers. And it definitely changes the inventory level at the school system because they shut them all down. The kids are off today, so there we go.
Krista Macomber: It’s true.
Camberley Bates: Okay, let’s go to the next one, BMC. Steve, you were down in Houston where they’re headquartered. I was there one time, and they had their elevators coated with cow hide. Is that still there?
Steven Dickens: I didn’t notice that, no.
Camberley Bates: Okay. You would’ve noticed it because-
Steven Dickens: I would’ve noticed that, I think.
Camberley Bates: This was eons ago that I was down there. We walked in the BMC offices and they’ve got this cow hide doors or inside the, I just remember this as like-
Steven Dickens: It’s Texas, right? Everything’s normal in Texas.
Camberley Bates: Texas.
Steven Dickens: So yeah, I mean the reason I asked to go next on this is because I had a chance to sit down with Ram Chakravarti, who’s the CTO for BMC, and John McKenney, who’s the SVP who runs their mainframe business. I’m sitting there listening to Krista talk about her discussion with Microsoft. Exactly the same themes came up in my two discussions. So slightly different, more ops, ITSM focus, little bit less security focus, but exactly the same themes: alert, fatigue, operations teams being asked to do more, as platforms become more integrated, the connection points, the IT landscape becomes more and more diverse and connected, ops teams are just sitting there going, “How the hell do I manage all of this? We can’t add more people. We’ve got to add more smarts.” The whole sort of AI ops and those SRE teams and ops teams day two plus.
So this is now steady state management. How do you observe into those environments? How do you operate those environments? How do you do management monitoring, observability for day two plus the applications in the environment? Now you’ve got to manage it, it’s steady state. So really fantastic conversation with Ram. He’s got a wonderful perspective on where the industry’s going as a whole. You’ll see that come through in our conversation, it was hilarious. We’re 25 minutes in and I’m thinking, I’ve got to wrap this up because we’re meant to do a 25, 30 minute segment, but I could have sat chatting to him for hours about it. We had some time on camera. One of those conversations where you just zone in and you want to keep going.
So much going on with AI in that space, being able to look at an alert flow, being able to synthesize that alert flow, being then able to recommend actions ultimately as we go forward, automate remediation and automate some of those tasks. But just that flow and just AI, as you mentioned, Camberley, I don’t think this is a hype. I don’t think this is a bubble. I think the generative AI piece, and you were seeing it, Krista, with some of the Microsoft stuff. This is now coming into the hard tasks. This is leveling up SRE teams, CISO teams, ops teams, and it’s giving them a superpower that they were just overwhelmed. And those teams, if you can give them a 30%, 50% cheat code to just unlock productivity, why wouldn’t they take it?
Camberley Bates: Well, 30, 50%, oh my gosh. Even if it’s 20%.
Steven Dickens: Well, yeah, if it’s 10% better.
Camberley Bates: I mean, 10%. I mean, we’re talking some significant differences here in terms of how people operate and the fatigue that we have, screen fatigue that we have.
Steven Dickens: You talking about skills is the other one for me. Particularly in my conversation with John around the mainframe space, there’s some skills demographics there. We covered the Skills Council last week that IBM and a bunch of others announced. But you look at my conversation with John was simplified GUIs, making things easier, bringing generative AI to some of these platforms to enable people to do things faster, less skilled people, be able to add value as part of the team.
So you overlay the skills piece and you were talking about it in the security space that’s just as prevalent, maybe even more so with the demographics in the mainframe space. We’ve got to be enabling the two-year experienced IT professional to do more. Getting a 25-year-old veteran to do more is great, but if you can get that two-year professional who’s got two years worth of tenure on a platform to do more, that’s really valuable.
Krista Macomber: And one thing, Steven, that we talked about with Microsoft in the context of addressing the skillset and also using AI to transform what the workforce is doing, it’s a little bit of, I think number one, learning and education on what the AI platform can do. We talked about, okay, typically a user will start off with this one use case, and they’ll see it be successful and then they say, “Well, maybe it can do this and maybe it can do that.” And so it’s almost a little bit of trusting, I think the AI and the tool, but then also changing the mindset in terms of how to really embrace that.
I know Microsoft is offering with Copilot what they call prompt books. So basically it’s, okay, here’s a path that you could use to do X, Y, and Z. I didn’t know if with BMC, if you talked about anything along those lines as well because I think that isn’t going to be just relegated to the security space when we think about these use cases for gen AI. I think we’re going to see a similar curve if you will, really across the space.
Steven Dickens: Yeah, some good stuff coming from BMC. John took me through some NDA stuff that we’ll see later on in the year from those guys, so I can’t say too much, but that whole prompt driven interface is where I think that’s going to go. I think the interesting piece, and you maybe touched on it there as well, the next phase of all of this is automation, taking the human out of it. I think there’s still a little reluctance, especially in the mainframe space to allow the system to autoremediate, but it won’t be long before, “Hey, we’ve done this 15 times, the gen AI was right. Let’s put the automation task on the backend.” I think that’s the evolution we’re on. There’s some fascinating stuff coming from BMC. They took me through a whole bunch of demos and stuff that’s come in later on in the year. So can’t obviously say too much or I’ll get in trouble, but some good stuff coming.
Camberley Bates: Well, I think it gets to this training piece in AI. If it’s a human being makes a mistake, that’s one thing. We have a different tolerance level for us making mistakes than we do an AI piece of it as we’ve seen. I am not sure if it’s right or wrong in terms of how that works, but we don’t want, there’s a reason why we still have pilots and planes.
Steven Dickens: We’ve seen this with full self-driving, with cars.
Camberley Bates: Right, and the self-driving cars and that kind of stuff because there are still pieces there to say, “I need to be able to monitor what’s going on, I can’t completely trust it to make all the decisions itself.” And so if in a plane, the pilot sitting in that has to be sitting in the seat the entire time, even though the plane is fine, they don’t leave that and all go back and sleep in whatever, right?
Steven Dickens: Although I did see on the news that two pilots were asleep in the cockpit this week, but.
Camberley Bates: That’s a different-
Steven Dickens: I don’t know why that gets ballooned, but.
Camberley Bates: Not ballooned. It’s not a celebration. I’m sorry.
Krista Macomber: No.
Steven Dickens: Comment of the podcast award goes to that one obviously.
Camberley Bates: So the training piece of it, the amount of training that has to be done until we get to that point where it’s 99.998% of the time it’s right.
Steven Dickens: That’s what’s coming-
Camberley Bates: Is that correct enough? Is that close enough to be able to say I’m going to let the thing automate? And the mainframe guy or anybody else is going to go maybe not. Maybe not, so anyway.
Steven Dickens: That’s the evolution we’re on, I think. But I mean two separate meetings, two separate vendors, same week, same thread. That’s directionally interesting for me.
Camberley Bates: I’m going to go to another side here. Since we’ve been talking about security a bit, I’m going to flip over to IBM and on the announcement on the FlashCore Modules and their Storage Defender. So FlashCore Modules have to do with their FlashSystem, which is their main offering that they have in the market. They have a super high end one called the DS8800, is that it?8000 box, that’s up there, that competes with the PowerMax and those kinds of guys out there. But what they’re doing is bringing some of that capabilities that they had up there into the IBM. What they’ve done with the FlashCore Module, which is their solid state custom design work that they’ve done with Micron is built into that on the entire module, is the ability to detect and more accurately detect threats that are coming in.
Basically, this is the fourth generation of their capability that they have. They’re definitely using the AI capabilities they have. The AI powered sensors, et cetera, to look at the threats as they’re coming in. So every IO is being monitored in the FlashSystem, which really takes you out to the next level of using machine learning models to detect anomalies before it comes through. The question that I have that probably we need to go back to that is at what level is coming into the block level of granularity? It doesn’t impact the performance because it’s a capability that’s on the FlashCore Module. It’s not totally into the IO path, et cetera. So really, really great technology that they have. This is the kind of stuff that comes out of IBM research and love, the things that they work on. And Krista, you’re going to comment on the Storage Defender piece of what they did there.
Krista Macomber: Yep, yeah, so this is, as you mentioned, Camberley, the second part of this announcement from IBM focused on cyber resiliency. And so Storage Defender, what it is it’s a packaging of technologies including IBM Storage Protect, which is their data protection software, IBM Storage Protect for Cloud, which is their similar offering for protection of cloud environments, and a few other capabilities as well for cyber resiliency. They announced this last year, and what they’ve done is they’ve actually added some of these AI threat detection capabilities to IBM Storage Defender as well.
So part of the distinction here is that the use case we were just talking about with the FlashCore Modules would be more on the production side. So as you mentioned, to be able to detect attacks that are occurring on those production workloads. So on the Storage Defender side where this is more of a backup and recovery type use case, this would be to be able to detect data breaches and threats within that protection environment for those data copies that ultimately would be used for recovering from a cyber attack or something like that. So obviously pretty notable from that standpoint.
Steven Dickens: I’m listening to you guys again, same theme coming through. Down in the storage hardware, how can we embed AI to be able to improve the operational procedure and the threat posture of the platform? Same thread again, completely arguably lower down in the technology stack, closer to the hardware. Exactly the same thread. I think we’re seeing this across the industry, just every briefing is how do we embed the AI to add value?
Krista Macomber: I think, Steven, you hit on two important points that as I have more conversations more broadly across the cybersecurity industry, this year, a big theme really is that preventative and threat detection kind of story. And I think that is because we are recognizing that attackers, they’ve always been innovative, but now they have AI as well. So the sooner that we can-
Steven Dickens: You can’t fix it after the fact.
Krista Macomber: Right.
Steven Dickens: At times, you’ve got to get ahead of it. I mean, I always enjoy these conversations with you, but in your research notes, I think that’s the thread I pick up from your discussions, you’ve got to get ahead of it. You got to get out there with threat detection and be spotting it earlier. Once it’s hit and you’re trying to remediate after the fact, it’s too late.
Krista Macomber: Right, exactly. Yep, so I thought that was interesting. And then they also added what they call some inventory management capabilities for the various workloads and storage environment that would fall into this IBM Storage Defender peer view. And that’s along a similar vein of the threat detection. It’s really to identify if there are any blind spots that attackers might look to compromise, but also to establish various tiers of a plan for business continuity in the event of a cyber attack.
So on the briefing that we had with them, they talked about it from the lens of what does your organization’s minimum viable recovery look like? What are the most critical business services to get back up and running in data as well, following an attack? But then, so what’s your step one for your incident response there? And then what is the second step after you’ve been able to get those core services and data back online and recovered? I see that as well, and when we talk with practitioners, I mean, we’ve been advocating that for years now, just have that understanding, have those conversations with the business around what is most critical to prioritize those efforts so it’s good to see some of those capabilities being built in here.
Camberley Bates: Great. So I’m going to shift to just a real short snippet on a conversation I had this week, which was great to catch up with it because they’re a Colorado company, I have to call this out. And that’s with a company called Liqid, that’s L-I-Q-I-D. They have a new CEO, Edgar Masri. He’s coming in, he’s not replacing Sumit. Sumit is moving over towards really doing what he really does well, which is all those strategic relationships. For those of you had heard about them, they will be at the conference next week with NVIDIA. They’ve been on this road of what we call composable systems, probably one of the, I think they’re really the only real composable system that’s out there that you can compose memory, GPU, CPU, storage, whatever, dynamically changing it out without, it’s just really an incredible technology, especially in the HPC and now in this very, very, this big AI world.
And what they’ve done, and this was many years ago, they’ve got a custom PCI eswitch that enables them to do this dynamic capability with it. So they’re going to be rolling out some work with NVIDIA in some stacks that they’ll be offering into there. I think that having Edgar come in, in this time, he’s definitely a known entity in the market. He’s brought big companies out to market so we expect this company to keep on growing. They are now in a very sweet space. They’ve struggled a bit, they’ve done very well in the HBC market. They’ve struggled a bit because it just takes a bit to catch up and be in a big company.
But now with the AI and the demand to be able to dynamically utilize GPUs efficiently, they’ve got a great value proposition for the market. I’m looking at my notes here to see if there’s anything else here. They are going to be working with, other than NVIDIA, they work with other GPU kind of offerings that are out there, including AMD, what they’re doing with Intel, et cetera. So I will leave that one there. I think you also had a conversation with Solo.io. Is that Steve? Is that?
Steven Dickens: Yeah. So announcement from them this week on the Gloo Network for Cilium. I mean, this stuff’s deep in the technology space in open source for Kubernetes networking. There’s a bunch of acronyms, eBPF, this stuff gets pretty nerdy pretty fast, but there’s some announcements coming next week which I’d recommend people look out for around some stuff that Solo’s doing with one of the hyperscalers. I just spoke to the press, one of the journalists who is writing an article on this. I think with all of these open source companies that are on a trajectory to spin out and get escape velocity and ultimately become a public company, you look at people like Elastic, obviously we’ve seen Red Hat have a storied history making that escape velocity with Linux and then OpenShift.
I’m starting to get really excited about where Solo’s going. They’ve got past the spotty face teenager phase, and they’re starting to make some really good strategic moves. I think good announcement this week with the Gloo Network piece, that makes sense. Some of the stuff I’ve been pre-briefed on that’s coming out next week, we’re recording some videos with those guys at KubeCon. Really fascinating to start to see them become less of a point technology vendor and more of a platform vendor. That’s going to be directionally interesting, so lots of technical stuff to be aware of, probably too gorpy for this podcast. But I’m writing a research note as we speak on the Gloo Network piece. We’ll link to that in the show notes and that’s definitely something to, but look out for their announcement next week. I think directionally really interesting for this space.
Camberley Bates: Great. All right, well, that takes us to a 30-minute timeframe. So thank you very much for tuning in to us.
Steven Dickens: You’re a pro at this now, Camberley, look at you running the show.
Camberley Bates: There we go, and we will be talking to you from Paris next week.
Steven Dickens: Paris in the springtime with Camberley, this job has got some highlights, right?
Camberley Bates: There we go. All right guys, thank you very much, and don’t forget to click follow, all those good things. We appreciate your enthusiasm.
Other Insights from The Futurum Group:
Microsoft and the Future of Security – The Six Five On The Road – The Futurum Group
Microsoft Copilot for Security Increases the Efficacy of Security
The Intersection of AI and Threat Intelligence – The Six Five On the Road
Microsoft Copilot for Security – Protecting at the Scale and Speed of AI – The Six Five On the Road
Author Information
Camberley brings over 25 years of executive experience leading sales and marketing teams at Fortune 500 firms. Before joining The Futurum Group, she led the Evaluator Group, an information technology analyst firm as Managing Director.
Her career has spanned all elements of sales and marketing including a 360-degree view of addressing challenges and delivering solutions was achieved from crossing the boundary of sales and channel engagement with large enterprise vendors and her own 100-person IT services firm.
Camberley has provided Global 250 startups with go-to-market strategies, creating a new market category “MAID” as Vice President of Marketing at COPAN and led a worldwide marketing team including channels as a VP at VERITAS. At GE Access, a $2B distribution company, she served as VP of a new division and succeeded in growing the company from $14 to $500 million and built a successful 100-person IT services firm. Camberley began her career at IBM in sales and management.
She holds a Bachelor of Science in International Business from California State University – Long Beach and executive certificates from Wellesley and Wharton School of Business.
Regarded as a luminary at the intersection of technology and business transformation, Steven Dickens is the Vice President and Practice Leader for Hybrid Cloud, Infrastructure, and Operations at The Futurum Group. With a distinguished track record as a Forbes contributor and a ranking among the Top 10 Analysts by ARInsights, Steven's unique vantage point enables him to chart the nexus between emergent technologies and disruptive innovation, offering unparalleled insights for global enterprises.
Steven's expertise spans a broad spectrum of technologies that drive modern enterprises. Notable among these are open source, hybrid cloud, mission-critical infrastructure, cryptocurrencies, blockchain, and FinTech innovation. His work is foundational in aligning the strategic imperatives of C-suite executives with the practical needs of end users and technology practitioners, serving as a catalyst for optimizing the return on technology investments.
Over the years, Steven has been an integral part of industry behemoths including Broadcom, Hewlett Packard Enterprise (HPE), and IBM. His exceptional ability to pioneer multi-hundred-million-dollar products and to lead global sales teams with revenues in the same echelon has consistently demonstrated his capability for high-impact leadership.
Steven serves as a thought leader in various technology consortiums. He was a founding board member and former Chairperson of the Open Mainframe Project, under the aegis of the Linux Foundation. His role as a Board Advisor continues to shape the advocacy for open source implementations of mainframe technologies.
With a focus on data security, protection, and management, Krista has a particular focus on how these strategies play out in multi-cloud environments. She brings approximately a decade of experience providing research and advisory services and creating thought leadership content, with a focus on IT infrastructure and data management and protection. Her vantage point spans technology and vendor portfolio developments; customer buying behavior trends; and vendor ecosystems, go-to-market positioning, and business models. Her work has appeared in major publications including eWeek, TechTarget and The Register.
Prior to joining The Futurum Group, Krista led the data center practice for Evaluator Group and the data center practice of analyst firm Technology Business Research. She also created articles, product analyses, and blogs on all things storage and data protection and management for analyst firm Storage Switzerland and led market intelligence initiatives for media company TechTarget.
Krista holds a Bachelor of Arts in English Journalism with a minor in Business Administration from the University of New Hampshire.
