WEBVTT - Cohesity CEO on Defending Against Hacks Around the World

0:00:00.120 --> 0:00:03.960
<v Speaker 1>This is Bloomberg Business Week with Carol Messer and Tim

0:00:04.000 --> 0:00:06.280
<v Speaker 1>Stenebek on Bloomberg Radio.

0:00:06.559 --> 0:00:09.200
<v Speaker 2>All right, we'll get this. Global cybercrime costs are set

0:00:09.240 --> 0:00:11.959
<v Speaker 2>to reach ten point five trillion, that's right, trillion with

0:00:12.000 --> 0:00:14.720
<v Speaker 2>the T trillion dollars each year by twenty twenty five.

0:00:14.800 --> 0:00:17.919
<v Speaker 2>So that's up from three trillion in twenty fifteen. And

0:00:17.960 --> 0:00:20.360
<v Speaker 2>that's according to data from Cybersecurity Ventures and that was

0:00:20.400 --> 0:00:22.520
<v Speaker 2>cited in a report out from EY last year.

0:00:22.760 --> 0:00:24.840
<v Speaker 3>Just think about that recent computer hack that shut down

0:00:24.960 --> 0:00:28.560
<v Speaker 3>many services at MGM's casino hotels. The company said that

0:00:28.560 --> 0:00:31.040
<v Speaker 3>that hack alone, Carol, is going to reduce third quarter

0:00:31.040 --> 0:00:34.080
<v Speaker 3>profit by about one hundred million dollars. So that's real money.

0:00:33.840 --> 0:00:36.880
<v Speaker 2>Here, absolutely, So cybercrime and protecting data in the cloud

0:00:36.920 --> 0:00:39.479
<v Speaker 2>is something our next guest knows a lot about. Sanjay

0:00:39.479 --> 0:00:42.159
<v Speaker 2>Punin is the CEO at Cohesiity. It's the data security

0:00:42.159 --> 0:00:44.640
<v Speaker 2>and data management platform. He's also the former CEO at

0:00:44.640 --> 0:00:49.000
<v Speaker 2>the cloud computing and visualization or virtualization tech company VMware.

0:00:49.120 --> 0:00:52.280
<v Speaker 2>He joins us here in our Bloomberg Interactive Broker Studio. Welcome, Welcome,

0:00:52.520 --> 0:00:53.000
<v Speaker 2>how are you?

0:00:53.120 --> 0:00:54.960
<v Speaker 1>Thank you Tim and Carol for having me on.

0:00:55.080 --> 0:00:58.280
<v Speaker 2>Hey, listen before we get into kind of security, cybercrime,

0:00:58.400 --> 0:01:02.200
<v Speaker 2>all that good stuff. It's interesting times for anybody who's

0:01:02.280 --> 0:01:05.399
<v Speaker 2>running a company, whether it's the focus on geopolitical and

0:01:05.440 --> 0:01:09.320
<v Speaker 2>the unrest and the concerns obviously first and foremost the

0:01:09.360 --> 0:01:13.039
<v Speaker 2>impact on lives, but also the uncertainty that also creates

0:01:13.080 --> 0:01:16.080
<v Speaker 2>about kind of the global outlook. There's also concerns about,

0:01:16.120 --> 0:01:19.160
<v Speaker 2>certainly here in the US, about the rate, environment, the economy.

0:01:20.400 --> 0:01:23.319
<v Speaker 2>From your vantage point, how would you describe the global

0:01:23.360 --> 0:01:24.160
<v Speaker 2>outlook right now?

0:01:24.360 --> 0:01:27.160
<v Speaker 1>I think it's a tremendous opportion for leadership. I think

0:01:27.200 --> 0:01:30.039
<v Speaker 1>as a CEO and I was COO of VMware, we

0:01:30.040 --> 0:01:33.920
<v Speaker 1>had thirty five thousand employees. As president SAP one thousand employees.

0:01:33.959 --> 0:01:36.240
<v Speaker 1>Both were global companies. My company here is smaller, two

0:01:36.240 --> 0:01:40.360
<v Speaker 1>thousand employees. But in important companies cybersecurity, it's a time

0:01:40.400 --> 0:01:43.520
<v Speaker 1>for leaders to lead with empathy. I have employees who

0:01:44.000 --> 0:01:49.160
<v Speaker 1>have who are Israeli friends who have in Israel, and

0:01:49.800 --> 0:01:53.120
<v Speaker 1>I think in Israel everybody knows somebody who knows somebody

0:01:53.920 --> 0:01:57.840
<v Speaker 1>who's affected a greed, either who's a hostage or diet

0:01:57.880 --> 0:02:01.080
<v Speaker 1>or somebody infected. And the other side of the debates

0:02:01.080 --> 0:02:03.200
<v Speaker 1>also being effected now on gods if you look what's happening.

0:02:03.240 --> 0:02:05.840
<v Speaker 1>So this is a time where we get to lead,

0:02:05.960 --> 0:02:09.960
<v Speaker 1>first off, condemning terrorism, but also leading with empathy. It's

0:02:09.960 --> 0:02:13.040
<v Speaker 1>a tremendous opportunity for us to be as leaders empathetic,

0:02:13.160 --> 0:02:15.639
<v Speaker 1>listening to our employees. And I've always believe the great

0:02:16.000 --> 0:02:17.519
<v Speaker 1>greatest companies are the ones who take care of the

0:02:17.520 --> 0:02:19.120
<v Speaker 1>employees and take care of their customers, and that's what

0:02:19.160 --> 0:02:20.040
<v Speaker 1>I seek to do a CEO.

0:02:20.520 --> 0:02:22.840
<v Speaker 3>It's also a business story, and we're Bloomberg, so we

0:02:22.840 --> 0:02:24.160
<v Speaker 3>got to talk about the business side of this. But

0:02:24.480 --> 0:02:27.120
<v Speaker 3>we spent a lot of last week talking about Israel

0:02:27.160 --> 0:02:29.560
<v Speaker 3>being a hub for cybersecurity. They made a lot of

0:02:29.600 --> 0:02:32.160
<v Speaker 3>advances there and there are a lot of tech companies

0:02:32.680 --> 0:02:34.960
<v Speaker 3>in Israel. There's prominent ones that have been bought by

0:02:35.040 --> 0:02:38.120
<v Speaker 3>US companies. Do you have any exposure to Israel? Do

0:02:38.160 --> 0:02:39.680
<v Speaker 3>you work with any Israeli companies right now?

0:02:39.800 --> 0:02:39.920
<v Speaker 2>Well?

0:02:39.960 --> 0:02:42.640
<v Speaker 1>Absolutely, we work with a lot of In fact, a

0:02:42.639 --> 0:02:46.720
<v Speaker 1>big part of our cybersecurity strategy is partnership with many

0:02:46.880 --> 0:02:50.640
<v Speaker 1>Israeli companies Big ID, dig Sira, CenTra, folks in the

0:02:50.680 --> 0:02:54.919
<v Speaker 1>cybersecurity of data security. There companies who are physically located there.

0:02:55.120 --> 0:02:57.720
<v Speaker 1>Whiz I talked to them, I talked about the CEOs.

0:02:57.720 --> 0:02:59.920
<v Speaker 1>I've sent them messages, checked to see how they're doing

0:03:01.000 --> 0:03:03.000
<v Speaker 1>the heart of innovation of security. It's not a very

0:03:03.000 --> 0:03:05.280
<v Speaker 1>big country in terms of population, a few million people,

0:03:05.600 --> 0:03:08.200
<v Speaker 1>but they have an intense program by which people who've

0:03:08.240 --> 0:03:10.880
<v Speaker 1>served in the Israeli defensive forces are often focused on

0:03:10.919 --> 0:03:13.839
<v Speaker 1>security then start companies. So we're working very closely with them,

0:03:14.120 --> 0:03:15.840
<v Speaker 1>every one of them. This is a tough time for

0:03:15.919 --> 0:03:18.800
<v Speaker 1>them and their attentions first to their families, but I

0:03:18.840 --> 0:03:22.720
<v Speaker 1>do believe Israel be resilient. The innovation will continue to grow,

0:03:23.160 --> 0:03:25.520
<v Speaker 1>and you know the many of them do business with

0:03:26.080 --> 0:03:28.639
<v Speaker 1>companies like us. We partner with them, so I expect

0:03:28.680 --> 0:03:30.840
<v Speaker 1>it to be something that will be resilient over time.

0:03:30.960 --> 0:03:34.360
<v Speaker 2>Sanjai, I mean they are used to, you know, instability

0:03:34.360 --> 0:03:36.000
<v Speaker 2>in the region, no doubt about it. This takes it

0:03:36.000 --> 0:03:38.040
<v Speaker 2>to a whole other level and another scale, and that's

0:03:38.080 --> 0:03:40.440
<v Speaker 2>certainly what we've heard the feedback in terms of this

0:03:40.520 --> 0:03:43.960
<v Speaker 2>latest conflict between Israel and Hamas. Having said that, when

0:03:44.000 --> 0:03:48.000
<v Speaker 2>you had those conversations, we're leaders there saying we expect this,

0:03:48.000 --> 0:03:50.080
<v Speaker 2>this is something different. This is going to be a

0:03:50.200 --> 0:03:54.119
<v Speaker 2>longer period of instability or what are they saying.

0:03:53.960 --> 0:03:56.280
<v Speaker 1>It's a nine to eleven time moment. It's not anything

0:03:56.320 --> 0:03:59.240
<v Speaker 1>close to, you know, anything they expected, so whether it

0:03:59.240 --> 0:04:01.720
<v Speaker 1>was the first and the feather and so on. But

0:04:01.800 --> 0:04:04.200
<v Speaker 1>I think listen, you know, if you think about the

0:04:04.240 --> 0:04:09.000
<v Speaker 1>threat cybersecurity threat, it's different from you know, some of

0:04:09.000 --> 0:04:10.960
<v Speaker 1>the ways in which we're seeing nation state actors. I

0:04:11.000 --> 0:04:13.840
<v Speaker 1>think this is a focus on physical security. So if

0:04:13.840 --> 0:04:15.320
<v Speaker 1>we come back to kind of some of the stats

0:04:15.400 --> 0:04:18.120
<v Speaker 1>you led the show off with, that will continue. I

0:04:18.160 --> 0:04:20.880
<v Speaker 1>don't see cyber criminals the nation state actors from which

0:04:20.880 --> 0:04:22.880
<v Speaker 1>were which which are by the way, from a different

0:04:22.880 --> 0:04:25.760
<v Speaker 1>set of countries. This isn't Hamas, it's it's Russia, it's China,

0:04:25.800 --> 0:04:28.400
<v Speaker 1>it's North Korea. The past, we don't see that, which

0:04:28.560 --> 0:04:30.440
<v Speaker 1>I mean the nation state actors are the biggest threat

0:04:30.480 --> 0:04:33.440
<v Speaker 1>to cybersecurity. So the biggest Yeah, those countries are the

0:04:33.440 --> 0:04:35.599
<v Speaker 1>ones are the ones, mostly Russia at fact in the past.

0:04:35.680 --> 0:04:39.840
<v Speaker 1>But and much of we haven't seen an uptick in

0:04:39.880 --> 0:04:42.880
<v Speaker 1>that signal of those just because of the Hamas. Ramas

0:04:42.960 --> 0:04:44.280
<v Speaker 1>is much more of a low. It's not like Habas

0:04:44.320 --> 0:04:47.200
<v Speaker 1>is doing cybersecurity threats against the US. They're focusing much

0:04:47.240 --> 0:04:49.800
<v Speaker 1>more low tech, you know, sort of missiles and things

0:04:49.800 --> 0:04:51.800
<v Speaker 1>of that kind. But I think we have to always

0:04:51.800 --> 0:04:53.840
<v Speaker 1>stay vigilant because the bad guys are going to look

0:04:53.880 --> 0:04:57.440
<v Speaker 1>for any moment first. They just have to be successful once.

0:04:57.520 --> 0:05:00.000
<v Speaker 1>I'm talking about cybercrime. Now, we have to be successfu

0:05:00.240 --> 0:05:02.279
<v Speaker 1>all the time. You look at you talked about.

0:05:02.200 --> 0:05:04.839
<v Speaker 3>Yeah, you hear that hotel over again from cybersecurity experts.

0:05:04.839 --> 0:05:06.839
<v Speaker 3>I mean they're talking about how you always have to

0:05:06.839 --> 0:05:09.000
<v Speaker 3>be vigilant because they only have to be successful once.

0:05:09.560 --> 0:05:12.280
<v Speaker 3>Switching geographies a little bit to talk about Russia, Ukraine.

0:05:13.200 --> 0:05:15.920
<v Speaker 3>Russia the source of much cybercrime. What do you see

0:05:15.920 --> 0:05:18.520
<v Speaker 3>on your platform from attempts at hacking from Russia?

0:05:18.600 --> 0:05:21.960
<v Speaker 1>Yeah, there's twenty ransomware attempts every second. You talked about

0:05:21.960 --> 0:05:24.280
<v Speaker 1>a few of the hotel chains that have been affected recently.

0:05:24.440 --> 0:05:28.359
<v Speaker 1>I think every organization needs to build a prevention and

0:05:28.400 --> 0:05:31.720
<v Speaker 1>detection mechanism and a recovering mechanism. I give an exampley.

0:05:31.720 --> 0:05:34.720
<v Speaker 1>There's a lot of analogies between fighting cybercrime and fighting disease.

0:05:35.279 --> 0:05:38.400
<v Speaker 1>If someone told you Tim, I'll never get a cold,

0:05:38.480 --> 0:05:40.479
<v Speaker 1>You'll be like, well, give me some of your DNA,

0:05:40.600 --> 0:05:43.000
<v Speaker 1>the more important question is how quickly can you recover

0:05:43.160 --> 0:05:45.560
<v Speaker 1>from a cold? So what we advise our clients is

0:05:45.600 --> 0:05:47.920
<v Speaker 1>to ensure that you have the best detection prevention that's

0:05:47.960 --> 0:05:50.640
<v Speaker 1>basically detecting do you have a cold. But then in

0:05:50.680 --> 0:05:52.560
<v Speaker 1>our case, if you are one of those hotels that

0:05:52.640 --> 0:05:56.839
<v Speaker 1>got affected, you want to recover really quickly because then

0:05:57.040 --> 0:05:59.480
<v Speaker 1>if you get affected, you've got all your data ready.

0:05:59.480 --> 0:06:02.320
<v Speaker 1>And that's what we focus on cyber recovery and cyber resilience.

0:06:02.640 --> 0:06:04.920
<v Speaker 1>So while a lot of the prevention and detection technologies

0:06:04.920 --> 0:06:06.360
<v Speaker 1>will be helpful and continue to be the ones that

0:06:06.360 --> 0:06:08.640
<v Speaker 1>put OUCT defenses up, you also want to be in

0:06:08.640 --> 0:06:10.440
<v Speaker 1>place where if you do get hit, and it may

0:06:10.520 --> 0:06:13.159
<v Speaker 1>sometimes not be a matter of if, but when you

0:06:13.240 --> 0:06:15.840
<v Speaker 1>have a very fast recovery and that's what we so

0:06:15.960 --> 0:06:19.080
<v Speaker 1>assume you're going to get hit, how would you recover quickly.

0:06:19.360 --> 0:06:21.760
<v Speaker 1>That's the big part of what we help our clients with.

0:06:21.960 --> 0:06:23.400
<v Speaker 2>So who are your typical clients.

0:06:23.600 --> 0:06:26.040
<v Speaker 1>We have four thousand customers, some of the biggest Fortune

0:06:26.120 --> 0:06:29.880
<v Speaker 1>one hundred customers, But these are companies like Nationwide, like Broadcom,

0:06:30.720 --> 0:06:35.200
<v Speaker 1>like Nvidia, like Salesforce. Many of the largest customers and

0:06:35.240 --> 0:06:38.200
<v Speaker 1>financial services have been extremely successful for US, and these

0:06:38.200 --> 0:06:41.160
<v Speaker 1>are all companies who do invest in security. Cybersecurity is

0:06:41.160 --> 0:06:44.080
<v Speaker 1>often a top priority of spending, so we fit in

0:06:44.160 --> 0:06:46.520
<v Speaker 1>that mode of sort of, you know, protecting the world's data.

0:06:46.560 --> 0:06:49.440
<v Speaker 1>Our mission is to protect the world's data from cyber criminals.

0:06:49.480 --> 0:06:53.279
<v Speaker 2>One thing I wonder Sanjay, two things artificial intelligence and

0:06:53.320 --> 0:06:56.080
<v Speaker 2>have you seen an uptick as a result of that

0:06:56.320 --> 0:06:59.000
<v Speaker 2>and kind of creeping into our narrative and conversation in

0:06:59.040 --> 0:07:02.520
<v Speaker 2>a big way this year? And then secondly, since the

0:07:02.520 --> 0:07:05.640
<v Speaker 2>Hamas Israel conflict, have you seen an uptick in people

0:07:05.680 --> 0:07:08.240
<v Speaker 2>calling you or upping some of what they some of

0:07:08.240 --> 0:07:09.200
<v Speaker 2>the work that they do with you.

0:07:09.640 --> 0:07:12.160
<v Speaker 1>Any world crisis is a moment where I think our

0:07:12.240 --> 0:07:15.000
<v Speaker 1>vigilance needs to be higher. And we've not seen an

0:07:15.040 --> 0:07:18.160
<v Speaker 1>exact correlation because of amster nations state crime, but I

0:07:18.200 --> 0:07:20.360
<v Speaker 1>believe our vigilant should be higher. The last thing we

0:07:20.400 --> 0:07:22.480
<v Speaker 1>want to do is let our guard down. That's absolutely

0:07:22.520 --> 0:07:24.680
<v Speaker 1>the case. So my advice to people is, I mean,

0:07:24.720 --> 0:07:26.360
<v Speaker 1>it's not just because of a Hamas but look at

0:07:26.400 --> 0:07:28.880
<v Speaker 1>what happened with the Las Vegas Strip hotels.

0:07:29.040 --> 0:07:31.200
<v Speaker 2>Just keep your vigilance high so when you see something

0:07:31.240 --> 0:07:32.920
<v Speaker 2>like that in the headlines. Do you get an uptick

0:07:33.000 --> 0:07:35.320
<v Speaker 2>or the I'm just curious if you see it directed.

0:07:35.480 --> 0:07:37.920
<v Speaker 1>We haven't seen a signific of just in the last man.

0:07:38.000 --> 0:07:39.720
<v Speaker 1>Remember it's last Saturday or two Saturays go when this

0:07:39.760 --> 0:07:41.480
<v Speaker 1>all start. We haven't seen a signatte but we are

0:07:41.480 --> 0:07:43.720
<v Speaker 1>all vigilant. One of our board members is a gentleman

0:07:43.800 --> 0:07:46.000
<v Speaker 1>named Kevin Mandiir who's one of the biggest cyber fighters

0:07:46.040 --> 0:07:48.920
<v Speaker 1>in the world. His company, called Mandian, sees a lot

0:07:48.960 --> 0:07:51.800
<v Speaker 1>when something gets hit Congress, the government usually calls him,

0:07:52.120 --> 0:07:53.960
<v Speaker 1>so he's not bored. I called him, talked to him.

0:07:54.240 --> 0:07:57.920
<v Speaker 1>We keep pretty close eye on it, and my perspective

0:07:57.960 --> 0:08:00.000
<v Speaker 1>is stay vigilant because it could go up and go down.

0:08:00.240 --> 0:08:02.200
<v Speaker 1>The point is that, I think on the other part

0:08:02.240 --> 0:08:04.360
<v Speaker 1>of your question late to AI, I think it's a

0:08:04.400 --> 0:08:07.640
<v Speaker 1>tremendous opportunity for us to harness the best out of

0:08:07.640 --> 0:08:11.040
<v Speaker 1>our artificial intelligence, especially Jenner of AI, and treat it

0:08:11.080 --> 0:08:13.200
<v Speaker 1>a little bit like that age old question about a matchtick.

0:08:13.720 --> 0:08:16.840
<v Speaker 1>Is fire a blessing or a curse? Okay, a pyromatics?

0:08:16.920 --> 0:08:19.360
<v Speaker 1>You could turn the house and fire, but it's going

0:08:19.400 --> 0:08:22.360
<v Speaker 1>to keep us warm. We've got as the tech leaders

0:08:22.360 --> 0:08:24.680
<v Speaker 1>in the industry, we've got to find the ways to

0:08:24.800 --> 0:08:28.600
<v Speaker 1>put guardrails around this. We call it responsible AI. Put

0:08:28.600 --> 0:08:31.520
<v Speaker 1>guardrails around it so that people can't do irresponsible things

0:08:31.520 --> 0:08:34.600
<v Speaker 1>with it, but still harness its potential, which I think

0:08:34.800 --> 0:08:37.959
<v Speaker 1>this is generali is the most fundamental invation I've seen

0:08:38.000 --> 0:08:38.960
<v Speaker 1>in twenty thirty years.

0:08:39.160 --> 0:08:41.360
<v Speaker 2>I'm curious what a guardrail means. We're running out of

0:08:41.400 --> 0:08:43.319
<v Speaker 2>time twenty seconds, twenty five seconds? What is a guard

0:08:43.400 --> 0:08:44.160
<v Speaker 2>rail like?

0:08:44.559 --> 0:08:47.079
<v Speaker 1>What keeps the train on tracks? Right? That's what a guardrail.

0:08:47.120 --> 0:08:49.400
<v Speaker 1>It's a set of rails that ensures that the technology

0:08:49.440 --> 0:08:50.120
<v Speaker 1>can't be abused.

0:08:50.160 --> 0:08:53.839
<v Speaker 2>So you can have a guardrail but still tap into potential.

0:08:54.160 --> 0:08:57.480
<v Speaker 1>That's exactly what good responsible tech companies like US and

0:08:57.559 --> 0:09:00.000
<v Speaker 1>Microsoft and Google and others are doing. And that's where

0:09:00.040 --> 0:09:02.320
<v Speaker 1>focus on. Our gender of AI technologies is far ahead

0:09:02.320 --> 0:09:04.960
<v Speaker 1>of everybody else industry, but we're guardrailing it with what

0:09:05.040 --> 0:09:06.840
<v Speaker 1>we call a responsible AI framework.

0:09:07.000 --> 0:09:09.200
<v Speaker 2>Interesting stuff come back soon, Thank you very We would

0:09:09.240 --> 0:09:13.200
<v Speaker 2>love Sandra. Yeah, really interesting conversation. Sandrei Punin, he's the

0:09:13.240 --> 0:09:14.239
<v Speaker 2>CEO at Cohesity