Robert Herjavec & Atif Ghauri, Herjavec Group | Splunk .conf2016

>>Live from the Walt Disney World Swan and Dolphin Resort
in Orlando, Florida, it’s theCUBE, covering Splunk .conf2016. Brought to you by Splunk. Now, here are your hosts
John Furrier and John Walls.>>And welcome back here on theCUBE. The flagship broadcast of
SiliconANGLE TV where we extract a signal from the noise. We’re live at conf2016
here in Orlando, Florida on the show floor. A lot of activity, a lot of
excitement, a lot of buzz and a really good segment
coming up for you here. Along with John Furrier, I’m
John Walls and we’re joined by two gentlemen from the
Herjavec Group, Robert Herjavec. Good to see you, sir.>>Greetings. Thank you for having us.
>>The CEO, and Atif Ghauri is Senior VP at Herjavec. Good to see you, sir.>>Yes.>>First off, Robert, congratulations. Newly married, your defense
was down for a change. Congratulations on that. (laughter)>>Oh thank you. It was wonderful. It was a great wedding, lots of fun but casual
and just a big party.>>Yeah, it was. Looked like, pictures were great. (laughter) People obviously know you from Shark Tank. But the Herjavec Group has been, really, laser focused on cyber security
for more than a decade now. Tell us a little bit about, if you would, maybe just paint the broad
picture of the group, your focus, and why you
drilled down on cyber.>>Yeah, I’ve been in
the security business for about 30 years. I actually helped to bring
a product called CheckPoint to Canada firewalls, URL
filtering, and that kind of stuff. And we started this company 12 years ago, and our vision was to do managed services. That was our vision. No other customer’s
vision, but our vision. And we thought we’d do $5 million
in sales in our first year and we did $400000. The market just wasn’t there. SIEM technology, log aggregation
isn’t what it is today. I mean, I think at the
time, it was enVision. What was it called?>>Yeah, enVision.>>enVision. And then RSA bought them. That was really the
first go-to-market SIEM. Then you had ArcSight and Q1. So our initial business
became around log aggregation, security, writing parsers. And then over time it grew. It took us five years to
get to $6 million in sales, and we’ll do about $170 million this year. We went from a Canadian company
to really a global entity. We do a lot of business in
the States, UK, Australia, everywhere.>>But you’re certainly a celebrity. We love havin’ you on theCUBE, our little Shark Tank in and of itself. But you’re also an entrepreneur, right? And you know the business,
you’ve been in software, you’ve been in the tech business,
so you’re a tech athlete, as we say. This world’s changing right now. And I’m certain you get a lot of pitches as entertainment meets business. But the fact that the
entrepreneurial activity, certainly in the bay
area and San Francisco, the Silicon Valley, where I
live, and all around the world, is really active. Whether you call the programmer or culture or just the fact that the cloud is allowing people to start companies, you’re seeing a surge in
entrepreneurship in the enterprise. (laughs) Which is like, was boring
in the past, you know? You just mentioned
CheckPoint in the old days, but now it’s surging. Your thoughts on the
entrepreneurial climate?>>I dunno if the enterprise
entrepreneurship element is surging. By the way, I’m going to say intrepreneur, just the way I say it. Cuban always makes fun of me. (laughter) We don’t say it like that in America! I’m like, screw off! (laughter)>>That’s how you say it!>>I want to say it the
way I want to say it.>>Well, internal entrepreneurs, right? Is that what you mean by intrepreneurship?>>Well, no. I’m just, it’s just the way I say it.>>It’s a Canadian thing.>>But business to business enterprise, we’ve always been in
the enterprise business. So we’re seeing a lot
of growth in that area, a lot of VC money’s going into that area, because it’s more, you
know, you can measure that level of return and you can go and get those customers. But on our show, we’re a bubble. We don’t do a lot of tech
deals like we’re talking because it’s boring TV. Tech people love tech, consumers
love the benefit of tech. You know, no consumer opens
up their iPhone and says, oh my gosh, I love the
technology behind my iPhone. They just love their iPhone. And our show is really a
consumer platform that is–>>It’s on cable TV, so
it’s got a big audience. So you got to hit the wide swath–>>We’re one of the highest-rated shows on network television. Eight years, three Emmys. You know, it’s a big show now. And what we’ve all learned is, because Mark Cuban and I are tech guys, we used to look for stuff we know. We don’t invest in stuff we know any more. We invest in slippers,
ugly Christmas sweaters, food products, because if you can tap
into that consumer base, you’re good to go.>>So bottom line, has
it been fun for you? I mean, the show has been great. I mean, obviously the
awards have been great. Has it been fun for you? What’s it been like,
what’s the personal feeling on being on the Shark Tank.>>You know, filming is
fun, and hanging out is fun, and it’s fun to be a celebrity at first. Your head gets really big and you get really good
tables at restaurants. There’s no sporting venue–>>People recognize you.>>Yeah.>>You get to be on theCUBE. (laughter)>>I get be on theCUBE.
>>Doesn’t happen every day.>>You get to go everywhere. But after a while it gets pretty dry. But it really helps our brand. We compete, typically,
against IBM, Verizon, and you know, the CEO of IBM, you’re not going to see
him selling his security.>>Well I know they’re doin’ a lot, spending a lot of cash on Watson, trying to get that to work, but that’s a whole ‘nother story. But let’s get down and dirty on Splunk. You’re here because you’re doin’ a talk. Give a quick take on what
you’re talking about, why are you here at .conf for Splunk?>>Yeah, we’re doing a talk
on data transformation. The world today is about data. And the amount of data
points and access points and the internet of things,
it’s just exponential growth. The stat I always love, and
Atif’s heard it 1000 times is, there’s roughly three billion
people on the internet today, and there’s roughly six billion or seven billion IP addresses. By 2020, according to the IPV Committee, there’ll five, six
billion people connected. And hundreds of trillions of IP addresses.>>And the IoT is going
to add more surface area to security attacks. I mean, it used to be, the old days, in CheckPoint, the moat, the
firewall, backdoor, frontdoor.>>The idea of the perimeter is gone now. There is no such thing
as a perimeter any more, because everything you can access. So a lot of work in that area. And all of that comes to
data and log aggregation. And what we’ve seen for years
is that the SIEM vendors wanted to provide more analytics. But if you really think about it, the ultimate analytics engine is Splunk. And Splunk now, with their ESM module, is moving more into the security world and really taking away market share. So we’re very excited by, we have a great relationship
with the Splunk guys, we see nothing but future growth.>>And you’re using
Splunk and working with it with your customers?>>We do, we’ve been
using Splunk for a while. We have a private cloud. Tell us a little bit about that.>>Yeah, so we eat our own dog food. So not only do we sell Splunk,
but we also use it in-house. We’ve been usin’ it for over five years, and it powers our analytics platform, which is a fancy way to
say, reduces the noise from all the different
clutter from all the IoT, from all the different type
of alerts that are comin’ in. Companies need a way to
filter through all that noise. We use Splunk to solve that
problem for us internally, and then, of course, we sell it and we manage it for
Global 2000 customers, Fortune 100 companies all over the world.>>Tell us what about the role of data, ’cause data transformation
has been a big buzzword it’s a holistic message
around businesses digitizing and getting digital assets
in front of their customers. We have a big research division
that does all of this stuff. By the end of the day, you know, the digitization business means you’re going to have to
go digital all the way. And role of data is not the
old data warehousing days, where it’s fenced away, pull it in, now you need data moving around, you need organic sharing of data, data’s driving policies and new pattern recognitions for security. How do you guys see that evolving? How do you talk to your customers, because in a way, the old stuff can work if you use the data differently. We’re seeing a pattern, like, hey, that’s an algorithm
I used 10 years ago. But now, with new data,
that might be workable. What are some of the things
that you’re seeing now that customers are doing that you talk to that are leveraging data,
like Splunk, in a new way?>>Well, that’s really where
Splunk adds so much value, because a friend of
mine is the dean of USC. And he has a great saying, more data is not necessarily
more information. And so, the mistake that we
see customers making a lot is they’re collecting the data, but they’re not doing
the right things with it. And that’s really where Splunk
and that level of granularity can add tremendous value, not just from logging, but from analytics and going upstream with it.>>Yeah, and also, to that
point, it’s just automation. There’s too much data
>>That’s a great point.>>And it’s only going
to get bigger, right, based on that stat Robert rattled off. Now, we need some machine
learning analytics to move it further. And all points aside, machine learning isn’t where
it needs to be right now. Today in the market, it
still has a long way to go. I would call it a work in progress. But however, it’s the promise, because there’s too much data, and to secure it, to automate behavior, is really what what we’re looking for.>>The example I saw is the innovation strategy’s comin’ to take, and they’re growin’ with
mobility, growin’ with cloud, increase the surface area, IoT. But the supervised areas of the enterprise were the doors, right? Lock the doors. And perimeter is now dead. So now you have an
unsupervised environment and the enterprise at risk. Once the hackers get in,
they’re havin’ their way.>>The internet is, like,
a kindergarten playground where there are no rules and
the teacher went home at lunch. (laughter) That is the internet. And kids are throwin’ crap.
>>And high school. I think it would be high school. Kindergarten through high school!>>And you have
different-aged kids in there.>>It’s chaos, bedlam!>>Very well said. The internet is chaos, but by nature, that’s what we want the internet to be. We don’t want to control the chaos because we limit our
ability to communicate, and that’s really the
promise of the internet. It’s not the responsibility
of the internet to police itself, it’s the responsibility
of each enterprise.>>So what new things are happening? We’re seeing successes. Certainly, we’re reporting on companies that are being successful are the ones that are doing
reverse of what was once done, or said differently, new
ways of doing things. Throwin’ out kind of tryin’ to do a hybrid legacy approach to security, and seeing the new ways, new things, new better cat and mouse
games, better honeypots, intelligent fabrics. What do you guys recommend
to your customers and what do you see, in your talk, this digital transformation’s
definitely a real trend, and security is the catastrophic time bomb that’s ticking for all customers. So that’s, it dwarfs compliance,
risk management, current…>>Well, I dunno if
that’s necessarily true, that it’s a time bomb. You know, the number one
driver for security, still, is compliance. We sell stuff people
don’t really want to buy. Nobody wakes up and the morning and says, yeah, I want to go spend
another $5 million on security. They do it, frankly, because they have to. If none of their competitors were spending money on security, I don’t think most enterprises would. I mean, whenever you have to do something because it’s good to do, you have a limited up cycle. When you do something because there’s a
compliance reason to do it, or bad things happen to you, you’re really going to do it.>>So you think there’s
consumer pressure, then, to have to do this, otherwise–>>Interesting stat, the Wall Street Journal did a study and asked 1000 people on a
street corner in New York if, for a hamburger, they will give away their social insurance
number, their home number, and their name. 72% of people gave out
that information freely.>>Better be a good hamburger. (laughs)>>Back to your point,
though, I want to get a–>>So I think consumers have
an expectation of security, and how they police that is
they simply go to somebody else. So if you’re my retailer
and you get breached, you know what I’m going to do? I’m going to go next door. But I think that the average
consumer’s expectation is, security’s your responsibility, not mine.>>Okay, so on the B to
B side, let’s get that. I wanted to push you on something I thought I kind of disagreed with. If compliance, I agree,
compliance has been a big part of data governance and data management.>>Yeah, PCI has been the
biggest driver in security in the last five years.>>No doubt. However, companies are
now sharing data more with other companies. Financial institutions
are sharing core data with other financial institutions, which kind of teases out the trend of, I’ll give you some of my data to get, to fight the fraud detection market because it’s a $1 trillion problem. So as you start to see
points of growth where, okay, you start to see people go outside their comfort zone
on compliance to share data. So we’re tryin’ to rationalize that. Your thoughts? I mean, is that an indicator? Do you see that as a trend, or, I mean, obviously locking down
the data would be, you know.>>I think it’s challenging. I mean, we were at the president’s council on security last year at Stanford. And you know, President
Obama got up there, made some passionate
speech about sharing data. For the goodness of all of
us, we need to share more data and be more secure. I got to tell you, you heard
that speech and you’re like, yeah baby, I’m going to share my data, we’re all going to work together. Right after him, Tim Cook
got up there (laughter) and said, I will never share my data with anybody in the government! And you heard him, and you’re like, I am never sharing my data with anybody.>>Well there’s the tension there, right?>>Well, this is a natural–
>>Natural tension between government and enterprise.>>Well, I think there’s
also a natural tension between enterprises. There’s competitive issues,
competitor pressures.>>Apple certainly is a great case. They hoard their data. Well, this is the dilemma, right? You want to have good policy, but innovation comes from experimentation. So it’s a balancing act
between what do you kind of do? How do you balance–>>Yeah, it’s a great
time to be in our space. I mean, look at this floor. How many companies are here? Splunk is growing by 30%, the
show itself, 30% per year. They’re going to outgrow
this venue next year and they’re going to go,
probably, Vegas or somebody. I think that’s exciting. But these are all point products. The fastest-growing segment
in the computer business is managed services, because the complexity in
that world is overwhelming, and it’s extremely fragmented. There’s no interlinking.
>>Talk about your business in there right now. What are you guys currently selling, how many employees do you have, what’s the revenues like,
what’s the product mix?>>Yeah, so we are a global company. So we have 10 offices worldwide
and close to 300 employees. We’re one of the fastest-growing
companies in North America. We sell, our focus is
managed security services. We do consulting as well as
incident response remediation, but the day-to-day, we want your logs, we want to do monitoring,
we want to help with–>>So you guys come in and do
deployments and integration and then actually manage
security for customers?>>We do the sexy of gettin’ it in, and then we also do the unsexy
of managing it day-to-day.>>Atif, nothing unsexy about our work. (laughter)>>It’s all sexy, that’s
what theCUBE show’s about.>>It’s all sexy!>>That’s why theCUBE’s a household name. We have celebrities coming on now. Soon we’ll be on cable.>>That’s right! This will be a primetime show. (laughter)>>Before we know it!>>That’s funny, I got
approached by a network, I can’t tell you who, big network with a big producer
to do a cybersecurity show. And so, they approached me and they said, oh, we think it’s going to be so hot. It’s such a topical thing. So they spent a day with me and our team to watch what we do. There is no cybersecurity show! (laughter) They’re like, do you guys do anything besides sit on the computer?>>You have a meeting and
you look at the monitor. It’s not much of a show.
>>Does anybody have a gun?! (laughter)>>It’s not great for network TV, I think.>>Build a wall.
>>Someone has to die in the end. That has to be network TV. And yeah, but I mean, there’s a problem. There’s 1.4 million cyber
jobs open right now. And that’s not even including
any data science statistics. So you know, so we’re reporting that–>>I’m sure it’s the same
thing in data science.>>Same problem. How do you take a high skill that there’s not enough talent for, hopefully, computer science education, all that stuff happens, and automate it. So your point about automation. This is the number one problem. How do you guys advise clients
what the hell do they do?>>You know, automation’s tough. We just had this meeting
before we got on here, because in our managed
service, it’s people-driven. We want to automate it. But there’s only a certain
amount of automation you can do. You still need that human element. I mean, if you can automate it, somebody can buy a product
and they’re secure.>>Machine learning isn’t
where it’s supposed to be. Every vendor aside, machine learning’s not
where it needs to be, but we’re getting there. Having succinct automation helps solve the cybersecurity labor shortage problem, because the skill level that
you hire at can go lower. So you reduce the learning
curve of who you need to hire, and what they do.
>>That’s a great point. I think the unsupervised
machine learning algorithms are going to become so much
smarter with the Splunk data, because they are, that’s
a tough nut to crack because you need to have
some sort of knowledge around how to make that algorithm work. The data coming in from
Splunk is so awesome, that turns that into an asset. So this is a moving train. This is the bigtime. Okay, go step back for a
second, I want to change gears. Robert, I want to get your thoughts, because since you’re here and
you do a lot of, you know, picking the stocks, if
you will, on Shark Tank, in the tech world, our boring tech world that we love, by the way.>>We love it too.>>How do you, as someone
who’s got a lot of experience in cycles of innovation, look at the changing digital transformation vendor landscape, Splunk, companies like
Oracle tryin’ to transform, Dell bought EMC, IBM’s
pivoting, Amazon is booming. How do you look at the
new digital enterprise, and how do you look at that from, if you’re a customer, an investor, where’s the growth stocks,
where’s the growth companies, what’s the growth parameters,
what’s your thoughts?>>One of the reasons
a lot of our industry, why I got into tech was I had no money, my dad worked in a factory,
my mom was a receptionist. And the old adage is, to
make money, you need money. To get ahead, it’s not what
you know, it’s who you know. I didn’t know anybody. And the value of tech is tech
transforms every three years. We follow these cycles
where we eat our own young and we throw away stuff
that doesn’t add value. Tech is the great equalizer, ’cause if you don’t add
value, nobody cares. And you know, when I’m starting out as a guy with a small
company, I love that! We’re going to kick ass,
we’re going to add value. Now that we’re a little bigger–>>Well, when you’re a young company you can eat someone’s lunch, because if they’re not paying attention, you can come in and–>>For sure. It gets harder as you get bigger because now we’re the big guys that somebody in their
basement’s tryin’ to take out. But you know, we see tremendous
innovation in security. If you look back three years, who were the leaders in the SIEM space? ArcSight, Q1, Nitro to a
lesser degree, and enVision. Today, does RSA have a
strategy around a SIEM? They have Netwitness, you
know, security analytics, which is kind of a SIEM. Q1 is in the throes of the IBM machine, somewhere in their gut, nobody knows. ArcSight, who buys ArcSight anymore? It’s so complicated. Who’s the leader? Splunk!>>So back to the old classic team. Obviously, you have good
people on the management team. Product matters now, in tech, doesn’t it? More than ever. Obviously, balance sheet. Okay, let’s get back to
the data transformation. So you know, data is so critical now, and again, it’s more
from that data warehouse, which still is around, but to
real-time data having value, moving it into different applications. Question is, how do you value data? I mean, you can’t put
it on the balance sheet. I mean, people value factories. GE said, we have all this
investment in machines and assets. They worry about someone
getting their data and doing a judo move on them. So data is truly an asset that’s flying out of their network. How does companies value data? Can it ever be on the balance sheet? How do you look at that?>>I don’t think data, in
of itself, has any value. It’s the effect of the
data that has the value. And it’s a very singular,
it’s what somebody does to it. Whatever the data is worth to you, from a business perspective, it’s worth fundamentally
more to an outside bad party because they can package that data and sell it to a competitor,
a foreign government, all those kind of places. So it’s the collection of raw data and applying it to
something that has meaning to a third party.>>So it’s like thermodynamics, really. Until it’s in motion, it’s
really not worth anything. I mean, that’s what you’re saying. Data’s data until it’s put to work.>>Right, I don’t think
you’re ever going to see it on a balance sheet as a hard, core value, because it has to have
a transformative value. You have to do something with it. It’s the something.>>So pretend you’re in Shark
Tank and you’re a data guy, and you say, boss, I need
more budget to do security, I need more budget to expand our presence. And the guy says sorry, I need
to see some ROI on that data. Well, I just have a gut feeling that if we move the data around, it’s going to be worth something. Oh, I pass. You can’t justify the investment. So a lot of that, I mean,
I’m oversimplifying it, but that’s kind of like a dialogue
that we hear in customers. How do you get that–>>What I always tell CIOs and CCOs, it’s challenging to get
budget to do a good thing or the right thing. It’s easier to get budget
to do the necessary thing. And so, necessary is defined
by the nature of your business. So if you make widgets and you want to get more
budget to protect the widgets, no one cares. No one’s sitting around, and
like oh, are my widgets safe? They are, to certain degree, and they’ll have limited budget for that. But if you go to them and say, you know what, we have a risk that if somebody can attack our widgets, we’re going to be down for three days. And being down for three
days or three hours has a dollar cost of $5 million. I need an extra $2.5 million
to protect that from happening. As a business guy and a
CEO, I understand that.>>That’s great advice.>>And that’s the
biggest challenge, still, with security people is,
we’re technical people. We’re not used to
talking to business guys.>>It’s like house insurance,
in a way, or insurance. You invest this to recover that.>>It’s a great analogy. You know, I used to race cars, and I had a life insurance
premium for key man insurance. And my insurance agent
comes along and says, you should buy a bigger policy. I’m like, I don’t need a bigger policy. It’s so much money, we’re okay. And then he says to me, you
know, if you die in a racecar, I’m not sure you’re covered. (laughter) But if you pay me another
$10000 a year in coverage, you’re covered. Did I buy it? Absolutely. And it’s the same analogy.
>>That’s very necessary. Personal question for you. So if you’re, your dad had
a factory, you mentioned. I saw that you mentioned that earlier. If he had a factory today
in a modern era of IoT, and you were going to give
him a digital transformation consulting project, how
would you advise him? Because a lot of people are taking their analog business and
kind of digitizing it. Some already have sensors in there. So you see it in manufacturing, and certainly, the
industrial aspect of IoT has been a big deal. How would you advise your
dad building a factory today?>>Yeah, so I think
there’s two aspects to it. One is just, you know, everything
we’ve been talking about, data transformation, data
analytics, making things better, none of those things are possible unless you’re actually
collecting the data. It’s like, customers come to us and say, you know what, we don’t want
you to just manage our logs and tell us what’s going on,
we want higher-level value. And I’m like, no, I get that, but unless you’re actually
aggregating the logs, none of the upstream stuff matters. So first thing is, you
have collect the data. Whether that’s sensors, old devices, mechanical devices, and so on. The second part of it is, the minute you open up your factory and open up the mechanical devices and attach them to a PC or
anything that’s network-based, you’re open for risk. And so, we’re seeing
that now in utilities, we’re seeing that with gas
companies, oil companies. You know, up until a few years ago, you couldn’t physically change the flow of a pipeline, unless there was a physical connection, a mechanical on-off. It was very binary. Today, all those systems are
connected to the internet. And it saves companies a lot of money ’cause they can test them and stuff. But they’re also open to hackers.>>Bigtime.>>Well gentlemen, we appreciate the time.>>Thank you.>>And who says tech hasn’t
got a little pizazz, I mean– (laughter)>>Come on, I was on
Dancing with the Stars, that’s a lot of pizazz!>>It’s been great!>>You guys are exciting, but you are, no!>>Dancing with the Stars, of course!>>All right.>>Thank you very much.>>Well, thanks for bein’ in theCUBE Tank, we appreciate that.
>>Thank you.>>Don’t call us, we’ll call you. (laughter) Gentlemen, thank you very much.>>We’re booked, maybe we
can get you on next time.>>Okay, we’re out.>>.conf2016, CUBE coverage
continues live from Orlando. (electronic jingle)

Stephen Childs

Leave a Reply

Your email address will not be published. Required fields are marked *