Munish Khetrapal, Palo Alto Networks | Google Cloud Next ’24
[Rebecca Knight]
Introduction
I’m Rebecca Knight. I’ve got two fabulous co-hosts and slash analysts with me, John Furrier, and of course, Rob Stretchay. As we were talking about in the keynote analysis, there has been a head spinning number of announcements, product updates.
Partnership Announcement
One of the biggest updates was an announcement with Palo Alto Networks. And that was the announcement that we had And that’s who our next guest is. It is Munish Ketrapal. He is the Vice President, Google Cloud at Palo Alto Network. Thank you so much for coming on our show.
[John Furrier]
Yeah, cool. Hi, great to see you.
[Rebecca Knight]
So as I just intro’d there, you have a major update to your partnership with Google Cloud. Why don’t you tell our viewers a little bit about what was announced on the main stage this morning?
[Munish Khetrapal]
AI as a Game Changer
So Rebecca, if you think about AI, it’s a game changer. I don’t see AI as a new technology. It’s really a new business model that’s emerged.
[00:01:01]
I was doing some analysis over the weekend, and what’s interesting is the productivity increase the world is going to see in the next one year because of AI. Industrial Revolution, we saw it in 25 years. And Industrial Revolution was the biggest economic event in the history of mankind. So AI is bigger than that. And there are lots of new business models that are created. And if you think about AI, one of the biggest challenges on why people want to adopt AI is trust and security. And that’s what we do. We platformize security. We want to protect our customers so that as they go and transition to AI, we can create a whole lot of value. So our Google Cloud announcement, along with Palo Alto, is how do we revolutionize this? And it’s a multi-billion dollar announcement that we have made. It’s real dollars and money that we’ll be spending with each other, along with each other, and helping our customers start up AI.
[John Furrier]
AI-Powered Security
Manish, before we get into the zero trust and the world-class security stuff you guys are doing with Google, let’s get into the AI-powered security conversation.
[00:02:02]
This is like the hottest conversation in the industry right now because is AI powering security? Has security got AI in it? So as you look at the holy grail of real-time security, where you have AI identifying things, maybe even remediating it, how do we get to an AI world? Because clearly they get the security cloud up front and center at this event. We have security for AI, and then we have AI for security. So talk about the dynamic between how AI plays in the future of security, how it’s enabled. What’s your perspective?
[Munish Khetrapal]
Securing AI
Excellent point, and this is a common conversation we have with our customers every day. Our focus is really about securing AI. And by the way, we are going to use AI to create better security. So it’s a combination of both put together. We think AI is one of the biggest use cases for AI, is going to be applying it to cybersecurity. Because number of threats, if you think about the number of threats that come today across the world, with half the population of the world going for elections and cyber criminals, there’s about $9 trillion of spending that’s negative economy that’s being created by cybersecurity.
[00:03:07]
How do you protect that? We are on an average tracking 750 million events, new events every day. Eight billion new incidents that we are blocking every day. That means we are blocking one incident per person across the planet Earth, and not everybody connects to the internet in the same way. So it’s a massive thing. It’s only AI that can help us to improve and create security problems.
[John Furrier]
SecOps Aspect
Can you talk about the SecOps aspect too? Because I get that piece. Now you got the operational, we were talking about productivity earlier in our opening segment around how AI is helping the productivity. But the SecOps teams, there’s a ton of opportunities there.
[Munish Khetrapal]
Where do you see the value there? So that’s very interesting, because that’s really where we announced the Autonomous AI product, which in fact we are partnering with Google. We’re using a lot of the Google Cloud infrastructure, the BigQuery infrastructure, the Vertex AI platforms.
[00:04:01]
We’ve been doing AI for about 10 years, if you take machine learning as part of something we are doing. We collect on an average 5.1 petabytes of data. That’s the cornerstone of creating great AI. You have good data, you have good models, and then you can deliver great security. And that’s what we do. In our SecOps platform, what we are trying to do is, we’re trying to bring in information from all types of sources. There are 1,000 sources native out of the box, 5.1 petabytes of data. And we process that through our machine learning models. So what it takes an industry average of six days to resolve, we resolve in a minute. And that’s dramatically different. And there’s a lot of autonomous capability we have built in that resolution.
[Rob Stretchay]
Sovereignty and Privacy
And it would seem like that, again, part of it in some of the other announcements was around sovereignty and keeping things really private. And I would assume that that’s really where one of your focuses is as well.
[Munish Khetrapal]
Absolutely. In fact, today we had another announcement with Google.
[00:05:00]
They announced what they call the GDCH infrastructure. It’s primarily for disconnected networks, defense networks, sovereign cloud infrastructure, where we embedded our next generation security platform, the zero trust platform, into the whole capability that customers can deploy AI on. So that’s revolutionary. So now you can get AI, you don’t necessarily need connections to cloud and the internet to develop AI capability. You can develop it in a disconnected manner, in a sovereign manner. Was that the next gen firewall? Is that, that was definitely the- That’s the next generation firewall. That’s a zero trust network platform that we have created.
[Rebecca Knight]
Co-engineered Integrations
I’d like to get into the real nuts and bolts of this partnership, because one of the most striking things is that you have 50 co-engineered integrations. Can you talk a little bit about getting on the same page with your teams, making sure that everyone is pulling together and how that really works? Because I think that that is one of the big questions that hangs over all of this, is making sure everyone is together.
[Munish Khetrapal]
Absolutely.
[00:06:00]
It takes a village, probably a country to get this done. But if you take a little bit of a step back on why those 50 integrations are important, the way all of us define products and design products, whether it’s Google, whether it’s Palo Alto Networks or various companies, what we do is we create business units and these business units drive their own capability. We have a Prisma access and SASE capability. It’s AI driven capability that secures people logging into applications. Then we have the whole next generation firewall capability and that’s meant to protect infrastructure. Then we have a code to cloud security platform that’s meant to, how do we ensure that cloud security is maintained? So there are various platforms we create. Question is the user does not think about it as a silo. The user is developing an application, users are accessing it. So that’s one of the reasons we have platformized security. We are bringing this cohesive capability and building integrations into Google. So as customers enter the Google Cloud infrastructure, access applications, exit into different SaaS applications, or exit into their on-prem applications, we create a comprehensive security platform that allows to connect this end-to-end.
[00:07:06]
[John Furrier]
Gemini and BigQuery Role
Mish, I want to ask you, you’re in charge of the relationship at Palo Alto Networks for Google Cloud. So you’re the interface between the companies. I know you’ve got a lot of joint engineering, a lot of cool things going on. I want to ask about the role that Gemini and BigQuery are playing in the advanced AI services that you have. And because we’re hearing a lot about the BigQuery. It’s got BigQuery, it’s got more stuff to it. And Gemini obviously is what they’re doing with the whole AI piece. How is that helping you guys get to your goal, which is full real-time security, because you’ve got the SOC professionals, you’ve got all that threat challenge. I mean, it’s a tsunami every day. It’s like the mail keeps coming, as they say. What is the role of Google in the relationship? Can you unpack that a little bit, BigQuery and Gemini’s role?
[Munish Khetrapal]
Sure, so I’ll take XIM as an example. We collect, we’re probably the largest real-time threat intelligence database in the world today. And we have all of the database on BigQuery.
[00:08:02]
We need large-scale capability. We are among, probably, the top five customers for BigQuery in the world, if not the number one. Depends on the time of day. They pick up your call when you call. We get a lot of that happening. A lot of joint engineering happening there. But so once you bring in the data, you bring in high-quality data, we bring in real-time data, because what we’re really good at is doing things in line. You cannot wait for four hours for a threat to come. You cannot wait, it’s just too late. You have lost everything you had to lose. So we bring in that data, and then we use models, our own machine learning models. We use Gemini to help improve the quality of analysis. So think about a SOC analyst. We automate all of these things. We talked about one second MTTR, mean time to repair. Now, what happens after that? There are five or six threats that go to the SOC analyst, and he wants to understand, tell me who logged in, where was the phishing attack, what happened? He can look at 50 threats and try to thread that there, or he could use Gemini to help him translate that into simple language, so he can quickly get to the root cause of the problem.
[00:09:06]
And that’s where we’re working with Gemini, and that’s a work in progress right now. We have launched a beta product with these capabilities.
[John Furrier]
AI-Automated Tasks
Yeah, and we’re going to take a look at that later. I want to ask you, okay, we were talking about earlier about how Gemini does automated tasks, and a lot of toil, a lot of grunt work, a lot of stuff that nobody wants to do. Oh, it accelerates value. Every year, it’s like, that’s table stakes in security. What’s the new, if this continues to go forward, these advanced AI capabilities become table stakes.
Vision for the Future
What happens next? What’s your vision for what happens after that, because it’s more creative? I mean, security is always under pressure. So, if you take your current advance and make that table stakes with Gemini and BigQuery, what’s next?
[Munish Khetrapal]
So, if you take today’s landscape, the last 18 months, the number of new threat vectors on a daily basis that have come up, we have to probably have a Gemini to even create terminology for these threat vectors, and that’s the level of threats that are coming in. And we are going to see a lot more happening, and it’s just the way the industry’s going to work.
[00:10:00]
If we think we are using AI to protect people, people are using AI to find areas of problems and challenges. So, more forensic work, data analysis, kind of solving some more human capital and algorithmic potential. Exactly where it goes, because now humans will be focused on insights, outcomes, making decisions based on the security threats and trying to understand, this is not really an important issue. This is a very important issue. We need to resolve this and escalate it. At 4 a.m. in the morning, a SOC analyst gets a call on a daily basis. If we can make that five times a year, versus on a daily basis, I think we have done our job.
[John Furrier]
Highlights of the Relationship
All right, so final question from me, and then I’ll let these guys get in. What’s the biggest thing that people might not know about the relationship between Palo Alto and Google? Obviously, both doing a lot of security work. They got Mandy, they got all that big iron back end stuff, horsepower for you guys. What’s the relationship of you guys? What should people know about the Palo Alto? What are the highlights of the relationship between Palo Alto Networks and Google Cloud?
[Munish Khetrapal]
So, I think the highlights of our relationship is we have a very joint engineering team that builds solutions for the outcomes that our customer wants.
[00:11:07]
That’s the first step of that. Now we are trying to communicate that relationship on a consistent and scalable basis. And next phase is where it’s more important. It’s how customers adopt platforms and how they adopt these joint integrations we talked about and make sure that we’re delivering end-to-end outcomes. So, today as a marketplace partner, you can buy products from Palo Alto through Google Marketplace, and we are their number one marketplace partner. In fact, we just got an award for being the largest security marketplace partner for Google. So, we’re enjoying a whole end-to-end relationship. The next thing is how do we make it pervasive? How do we, Google today addresses between 10 and 15% of the market. How do we connect to 100% of the market? Because the market, everybody needs this.
[Rob Stretchay]
Marketplace Momentum
I was going to say, you actually won three awards with them, which is pretty impressive because when you start to look at it around that, all that co-engineering that is going on and it’s paying off.
[00:12:04]
And have you seen good momentum within the marketplace? I mean, obviously you’re the leading seller in security. How has that been? Because everybody has a marketplace now. I mean, it’s like, you have to be there. Have you done a lot of co-engineering in that to make it seamless for your customers as well?
[Munish Khetrapal]
We do, we do a lot of. We have over 25 products that are listed on the marketplace today. You can buy any product barring hardware from Palo Alto because most of our products run on Google Cloud infrastructure, so we can transact from there. What’s the commercial transaction, getting the benefits, single bills, ease of procurement, all of that is great ROI. Industries aren’t that. We have been growing 100% year on year, every year. I think the testimony for us is not the fact that we are growing 100%, not that we have 25 products, is that customers deploying on Google Cloud infrastructure will like to secure themselves.
[00:13:01]
And this is what I say on a daily basis. You don’t get up in the morning saying, I’m going to buy a great firewall. You get up in the morning to say, I want to deploy a new application that reduces a CEO gets up in the morning. I want to deploy a new application, improves my supply chain, and if I can improve my supply chain efficiency by 2%, that’s 2% in bottom line. Now if you have to do that, you’ve got to go through a whole lot of principles of deployment, but you’ve got to secure it. And that’s why we become naturally connected to that. Who says they can sleep?
Business Challenges
They’re not supposed to have any sleep.
[Rebecca Knight]
They’re getting called at four in the morning. So I need to get back to the businesses struggling to keep up with these cyber threats because what you just described is a landscape that is downright terrifying. And as John was saying, if sort of the detecting the threats and reducing the toil is the table stakes, then we need the humans in the loop who are making sense of the patterns, who are bringing insights to bear about what is a significant threat versus one that is not ignorable, but maybe less potentially damaging.
[00:14:04]
Human Skills Gap
My question is about the humans. Do we have enough humans who can do this kind of work? We had talked about earlier a massive skills gap here when it comes to cybersecurity. So what are you observing in the marketplace right now and what are some of the potential solutions that you see about making sure we have graduates who can do this kind of work?
[Munish Khetrapal]
Rebecca, that’s a great question. That’s really the crux of a lot of thinking. About four million jobs are unfilled today in cybersecurity globally. We’ve just got a big gap and the threat actors are innovative. But for the first time, I think, in the history, I can say that due to AI, we can secure a lot of the infrastructure. That’s because we have embedded AI over the last 10 years. You’ve got a whole lot of data. It makes the job of the human easier. Now, if you start thinking, we are announcing these co-pilots where we’re going into beta, you can start bringing in new security analysts and they don’t have to be quantum physics engineers to figure out the code and how these things integrate because you’ve got automation, you’ve got autonomy, that the solutions are there in front of you.
[00:15:11]
You’re starting to make business decisions in security, which kind of increases the population and home you serve. And I think that’s really the solution. For the first time, I can say quite comfortably, the scale is tipping towards the saviors versus the attackers.
[Rebecca Knight]
Job Dislocation
And what about the potential for jobs dislocation too? Because then there’s that issue too. You said four million jobs are unfilled right now. AI is going to help the humans do the work and maybe even make it so that we need fewer humans to do the work. What do you have to say about that?
[Munish Khetrapal]
I think it’s all about productivity and higher-payer jobs because it doesn’t mean you don’t need to understand AI or security. You need to understand, hey, there’s a phishing attack that got into an application and somebody poisoned the data and because of that, my Tesla car crashed because the stop sign had a sticker on it that showed it is 25 miles, but it was a stop sign.
[00:16:01]
You’ve got to interpret that and you’ve got to act on it. I think the humans will move to a higher-value job from a security standpoint and we’ll have lesser number of unfilled jobs. There is no, there aren’t people there. So I think the security-experienced engineers will still be very, very valued. It’s just that they’ll become more effective. And the mundane jobs, an average job of a security engineer is like a, think about an airport command and control center. People don’t survive more than two months. They need to take a month off if they’re sitting in an airport command and control center. Same thing with security. If you’re getting hundreds and thousands of threats every day, all you’re doing is reacting. You can’t think. Now people can think.
[Rebecca Knight]
The high-burnout field, yeah.
[John Furrier]
Skills for Next-Gen Security
Finally, the skills gap. I have to get one more question in. So AI is going to replace some jobs, the mundane jobs that nobody wants, which we love, but it’s going to create more jobs. We had this bank teller analogy 10 years ago. Remember the old big data days, Rob? You know, bank tellers, ATMs are going to put branches out of business. There’s more branch offices now than ever before.
[00:17:00]
So I don’t buy the whole job’s gone away, especially in security. What is the skillset needed for this next-generation security job? Because if the table stakes become more programmable with AI assist in accelerating the value, is the job pushing buttons, being more of a data scientist? Is it more holistic thinker? Is it critical thinking? Is it systems thinking? What’s the skillset? Because it’s certainly changing. You get some security degrees today or certifications, but it’s a moving train relative to what being leveled up, and what’s the opportunity for people that may not have a computer science degree? What do you see there for that ideal multi-tool player that could come in and have an impact over security organizations?
[Munish Khetrapal]
Skillset for the Future
So that’s a great question. By the way, this question applies to all fields. It’s not security. It’s probably amplified in security. I think the first skill is to ask the right question, because you can have AI answer the right, if you have the right data, you have the right models, it can give you the right answers, but if you don’t have the right prompts, and you don’t have the right insights to ask, you’re not going to be able to ask the questions.
[00:18:04]
So critical thinking, trying to understand what outcomes you’re focused on. I think college education, and in fact, primary education should start having prompt engineering as part of their core curriculum, because we have to train people to ask questions. And when you ask the right questions, you can start looking at the right answers. That doesn’t mean you’re getting all the right answers all the time. Then you should be able to interpret and analyze and say, you know, this answer doesn’t make sense. Tell me more, give me more information. So I think really it’s moving from being a reactive person who’s only supporting some specific transactions to being more a thinker, more job satisfaction, and that comes with the skills that you generate.
[John Furrier]
Hiring Beyond Security Degrees
It’s interesting, a lot of our friends in security say, sometimes the best people we hire don’t have security degrees. They come from some field, but they just have that natural knack of identifying, curiosity. So there’s no real kind of boilerplate job.
[Munish Khetrapal]
Yeah, I have a personal story to share.
[00:19:01]
So my daughter, who’s a computational linguistic major in University of Southern California, so she went into an interview with NVIDIA, and I didn’t know where she was going. She didn’t know it was computational linguistic, LLM, and she walked into the interview. The interviewer was the head of cybersecurity, or was leading cybersecurity practice there. So she says, I don’t know anything about cybersecurity. He said, we don’t need you to know anything. We need you to know computational linguistics. That’s what we need. And she got the internship. She just, she’s now going for that internship. So it’s just a reflection of how talent is being hired and how people are thinking about it.
[John Furrier]
AI Impact on Systems
Also how AI is changing kind of how the systems are built. Exactly. That changed the personnel makeup of organizations. Exactly right. And IT is going to be, I mean, we’ve been saying platform engineering is cool.
[Rob Stretchay]
Cognitive Overload
Platform engineering, yeah.
[John Furrier]
But you might not need platform engineering if you have a level one IT guy who’s now has AI assistance.
[Rob Stretchay]
But I think it’s also the cognitive overload that could be the key, and to your point, with all of those job openings, four million, I think that getting that cognitive load down for the security analyst so they don’t have to be FAA, taking a month off every other month kind of thing, definitely has to come through.
[00:20:15]
Absolutely.
Conclusion
That’s for sure.
[Rebecca Knight]
Excellent. Manish, this was a fascinating interview, and congrats to your daughter. That’s a great internship.
[(Unidentified)]
Yes, thank you.
[Rebecca Knight]
I’m Rebecca Knight for John Furrier and Rob Strachey. Stay tuned for more of theCUBE’s live coverage of Google Cloud Next. You are watching theCUBE, the leading source of enterprise news.