When Splunk's CTO Snehal Antani delivered his keynote at the company's seventh annual user conference in Orlando last week he called on the audience to "walk back in that office with a strut; I want you to walk into that office with a swagger".
The cost of cyber attack is one tenth to one hundredth the cost of defence today
Best known as a log file aggregation and analysis tool, Splunk is now stepping out as an enterprise-wide machine-generated data platform. With the addition of machine learning via packaged algorithms to its core products, Splunk can be used to make predictions to inform next best actions.
Antani, who walked out on stage to Queen's We Will Rock You (his choice), spoke to Computerworld Australia about the company's three big ideas for the next three years.
"We have disrupted IT and security," Antani, formerly a CIO at GE Capital, said. "We have well understood differentiation, and we know that those out there using transactional data technology for machine data problems – they're screwed."
"But I'm a commercial guy, I'm about revenue, generating business outcomes, business impact. That was my passion when I was a CIO, and that continues to be my passion. What I get really excited for is real-time business decision making to truly drive exponential business impact."
Cybernomics
Antani said the cost of cyber defence needs to be reduced by a factor of 1000.
"The cost of cyber attack is one tenth to one hundredth the cost of defence today. Because the security attack tools are highly automated and distributed, the compute they use is stolen through botnets, and the labour of the state sponsored actors, are in countries that have very low labour rates.
"We fundamentally have to change the economic imbalance between the cost of attack and the cost of defence. The only way to achieve that is to drive true collaboration between the public sector, academia and the private sector - a level of collaboration not seen since the space race.
"I call it 'cybernomics'. How do we change and disrupt the economic imbalance in cyber? We have to fix it."
Splunk's CTO, Snehal Antani
Data storytelling
Splunk will be doing further work in what Antani called the "last mile" of analytics, he said.
"We can derive really amazing interesting insights, but you have to tell stories of that data to the decision maker to inform the decision they make. That's really the last mile of analytics – through data journalism, data storytelling, events visualisation, natural language generation."
Antani shared an example of his mother's electricity bill, which gave her tips on how to reduce her usage. Earlier in the conference the company demonstrated how natural language searches (Splunk has its own search processing language) could be made on complex data and the responses delivered in natural language too.
"An incredibly complex analytics engine derived those insights, but it conveyed those insights in a way that the masses could consume. It told a story of the data that made the insight actionable. How do you create a data storytelling approach that aligns to the phases of interrogation a decision maker goes through?"
IoT as a data source for business analytics
Antani foresees data from IoT devices being not used only for industrial and SCADA systems but as source of data to drive business decisions.
"Business decisions are being made on transactional data and machine data. IoT is simply another machine data source for making a decision, and for being able to understand the physical interaction and the person and the business outcome."
Although the concepts were well understood, widespread adoption of IoT as a business analytics tool was some years away, Antani added.
"It's still pie in the sky and people need to see it in action. We can dream about it, people have for a long time. Executives are starting to go down that journey, understanding what data they're missing.
"As more start to actually do it, it shows people that this is real, not just a PowerPoint. We'll cross a chasm into the mainstream within three years."
The author travelled to Splunk .conf 16 as a guest of Splunk.