Podcast
CXO Edition: Bold Ambitions of an
Adventurous CTO
Q&A With Danny Allan, CTO & SVP of Product Strategy at Veeam
By Insight Editor / 16 Dec 2021
By Insight Editor / 16 Dec 2021
This special CXO edition of TechTalk is an interview with self-proclaimed idealist at heart, Danny Allan, CTO & SVP of Product Strategy at Veeam. Danny shares his ambitious goals for security, why he believes containers will be the next big shift in IT, and how he was able to find a lost sunken ship the navy couldn’t.
You can also read a printed version of Danny’s interview, as well as many other CXO interviews, in the Tech Journal CXO Corner.
To experience this week’s episode, listen on the player above, watch the conversation below, or scroll down to read a complete transcript. You can also subscribe to Insight TechTalk on Apple Podcasts, Pandora, and Spotify.
Audio transcript:
Jillian
Hello. Thanks for joining another "Insight TechTalk." This is a special CXO edition. I'm Jillian Viner, and I'm joined today by Danny Allen, the Chief Technology Officer and SVP of Product Strategy for Veeam. Danny, welcome to the pod.
Danny
Thank you, Jillian. Delighted to be here and excited to have the conversation.
Jillian
Awesome. So Veeam's the is a pretty well-known name. You guys have experienced explosive growth recently, but just for the benefit of our audience, go ahead and tell us who is Veeam, what do you do?
Danny
So the easy way to describe it from my friends, my parents, would be, we do backup. And we've been doing backup really, really well for the last 15 years. We just had our 15th birthday party. We started out doing backup for the virtual space, and then over the last 15 years, we've expanded that. So we do virtual of course, but we also do physical systems. We do cloud systems, we do Kubernetes. We do lots of different types of backup, but at the end of the day, what we do is help companies, organizations protect their data.
Jillian
I imagine you have a lot of grateful customers.
We do, especially in an era where they're being faced with malware and ransomware and hardware outages and disasters. A lot of really great stories and it gets you up in the morning. It makes you excited to help customers in this way.
Jillian
Yeah, that's great. And it's going to be a passion about the kind of work, and you've had a really interesting kind of career paths or have a fast track career path. I'm curious, we're really into this theme of ambition at Insight right now, it's really taken over our company. It's where we're headed for 2022. What's the most ambitious thing that you've done either in your career or your personal life?
Danny
Well, everything that I do, (chuckles) I'm an idealist at heart. So I want to change the world. I've always wanted to change the world. So at every company I go to, I have this big hairy audacious goal, personally, to change markets. And so if you look for example, my first company was a security company and we are going to secure every application that exists in the whole world. That's what we're going to do. And I was very delighted by working at that company. It was very exciting. We had an excellent run. We were acquired by IBM. It was a very successful endeavor for me. And then I moved on and it was okay, we've secured the applications. Now I'm going to secure all of the desktops. 'Cause one of the interesting things after IBM acquired us was that I learned people, individuals often do things that they could have done a better job at securing things. And I thought, "well, if you took every desktop and you put it in the cloud, then you could enable the controls that even if they did something by mistake, that they were protected." And so we started a whole new category of desktops as a service and secure desktops from the cloud. And again, it was an ambitious audacious goal, but it was very exciting. We changed the market and ultimately excellent successful thing. We were acquired by VMware. That was very exciting. And in some ways I'm doing the same thing that I did at the start of my career, securing data, securing desktops. Now I'm securing data for organizations. So these organizations, they depend on the data that they have to enable their operations and be successful. And that is what Veeam does. So every organization that I've joined, I've looked at it and thought, "how can we change the world?" And that's what I'm still doing today.
Jillian
Love it. With our CEO and excuse me, our President incoming CEO has that same sort of philosophy of being ambitious about changing the world, and has this really strong belief that technology, tech for good really can make those ambitious goals happen. So it's one project, one company at a time, right?
Danny
Yes. I don't take these things lightly. You asked outside of my career. I read a book once back in 2009, about a shipwreck that was lost and the Navy had looked for it for several years. The author of the book had look for it for several years. And actually probably the most audacious goal I've ever taken was I'm going to go find that shipwreck. The Navy couldn't find it. This author couldn't find it. I'm going to go out on the ocean and find that shipwreck. And actually we did, it took us more than five.
Jillian
You did.
Danny
Yes, myself and three friends. I'm a scuba diver, a technical scuba diver. We find shipwrecks in my free time. Anyway, we ended up it was data that helped us find the wreck. We had side scan sonar data. We have proton magnetometer data. We did a lot of analysis, but ultimately, it is a technology story. We probably don't have time to get into it, but it took five years. We found that shipwreck and it changed lives. The sailors on that ship, it was the last U.S. Navy warship sunk in the Atlantic Ocean during World War II. Two weeks before the end of the war, it was April 23rd and there was 13 survivors, four of them said, "they saw German U-boat," and the Navy said, "no way, there's no U-boats operating off the coast of the U.S. a few weeks before the end of the war." And so talk about ambitious, we were going to go find that wreck and we were going to answer the question of, was it torpedo by a German U-boat or did the boilers explode, which is what the Navy claimed. And ultimately, we did. We found the ship. We determined that it was not the boilers and it changed lives, the lives of the families, both of the victims and of the survivors. So very, very proud of that. I'm ambitious. (chuckles) I read the book-
Jillian
That's Amazing.
Danny
And I thought, "I'm going to go find the ship." (laughs)
Jillian
That is ambitious and incredible. I mean, nice little side hobby that turns this kind of life-changing five-year adventure. That's incredible.
Danny
Yeah. They actually did a Smithsonian documentary on it. So I'm very proud of that, but I'm very proud in everything that I do. I think, "how can we change the world?" "How can we do things better than they've been done historically?"
Jillian
So scuba diver, shipwreck finder, (chuckles) you also have, as I mentioned the top is this title of CTO and you became the Veeam CTO in December of 2019. What was the scope of your role when you started and how has that changed? 'Cause I imagine it probably changed dramatically after 2019.
Danny
It did. So in 2019 when I became CTO, really, I was focused on three things, which was thought leadership for the company. Secondly, very much driving the product direction of Veeam Software. And then lastly, engaging in the communities. And almost immediately, about three months after I became CTO, we were acquired by Insight partners. And that was fantastic, but it definitely changed the role because now I'm working within a portfolio of companies that Insight owns. And so it changed dramatically how we were operating. I was given access to so much more information, so many more collaborative partners while here at Veeam software. And then of course, if you go forward another year and being hit by the pandemic, all of a sudden we were very used to doing things physically, in person. And all of a sudden we were doing everything virtually and remote. Again, it's been another shift in what we've done, but ultimately we've been very successful here at Veeam Software and I've been very proud of the team, and it really is a team effort. So it's gone well.
Jillian
Looking back on it in hindsight, was there something that you feel really good about the decision that you made, and then counterly, was there something that you wish you'd done differently?
Danny
Well, when the pandemic hit, what we didn't do, a decision we made is we wouldn't just pick up the events that we've been doing in person and move them into the virtual format. We would tailor it for the virtual format. So an example of this is we would give keynotes on stage. And that was very much a one-direction communication of what we were doing. When we switched to virtual, we said, "okay, let's moderate all of the sessions and let's interact live with the audience." And so I was very thankful that worked out very well. We've pivoted very successfully. The things that I look back, and regrets' probably too strong, a word; I wish I had realized earlier on how much impact it had at a human-level. I mean, the pandemic-
Jillian
Mm-hmm.
Danny
has impacted everyone individually in very different ways. And I don't think I realized at the beginning how much mental wellness and ensuring that not just teams but individuals were doing well. I wish I had focused a bit more on that early on, but of course, now we're very focused on that. In fact, we just gave everyone at the company at Veeam a day off earlier this week for mental wellness. But certainly interesting times, but fantastic when you have a team like the team here at Veeam Software during these types of circumstances.
Jillian
Yeah. That's terrific. It's funny. Doesn't seem like something that companies would normally have to think about, right? Is the mental wellness of employees are always kind of was that separation. And obviously the lines have been blurred a lot, not only have the lines been blurred, but particularly in an IT area, the responsibilities and the expectations and demands of IT have just blown out of the water, right? Insight just did our annual report. It's our intelligent technology report. We do this report every year. This year we did it in partnership with IDG. We surveyed about 400 IT decision makers to kind of find out how did the year go, where's their technology investments going, where they're struggling, and the findings were, they're always illuminating. But this year in particular, it was very telling about kind of the impact of everything. And what I want to call-out just a couple of those findings to you, 40% said that security and or data privacy deficiencies is one of the top inhibitors for IT modernization. Now 45% also ranked upgrading security technology and processing as a top priority for 2022 to support their business goals. That's a lot. So you're probably in a great position for this over at Veeam. So how are you guys working to help customers with those securities data and modernization challenges for even yourselves and for your clients?
Danny
Yeah, and it is for both, that's an important point Julian, because we had an unfair advantage. First of all I'll start off by saying, because internally, one of the things that we've been doing even before the pandemic was to secure our systems. We went through the process even though we're not offering direct services ourselves, getting an ISO 27001 certification, for example. And we were in the process of launching something known as Veeam Government Services, which required a lot of security certifications. And on a software level, if you look at what we're building, we were doing things like making sure the components that we use were FIPS 140-2 compliant and going through all of these security certifications and process validation internally at Veeam. So we were in a very good position, but one of the things I'm most proud of is what we've done for our customer base of 400,000 customers, because at the same time as COVID-19 hit and the world changed, all of a sudden malware, but specifically ransomware started attacking the market. And what does Veeam do? We protect the data. In fact, you could argue that backup is your last and best line of defense if you can do secure backups. And so our software is being used around the globe, like I said, 400,000 customers. And we really are focused on making sure that our customers have their data protected. And one of the things that we did even most recently, because sometimes customers don't always do things or configure things correctly. One of the things that we're doing now is we're putting the reporting right in our product that says, "hey, you should be making this data immutable. So if you do get ransomware, they can't come in and delete your backups or encrypt your backups themselves." And so we actually are putting the reporting and analysis within our product that help our customers have better outcomes and be more intelligent about their own business. And so we're just in a very good spot. I do expect that the threat that we face will continue to increase, but Veeam is in a very strong position to help the industry.
Jillian
I would agree. It's definitely been... I don't think anybody could say that the spike in cyberware was maybe unexpected, but perhaps the velocity of it, or just the expansion of it and the sophistication.
Danny
Yeah, the sophistication is people overlook how much it is evolved in the last decade. I remember, I spent a decade in the Security Industry. That was my first company. And I remember looking at the code of the Stuxnet, I don't know if you remember that, it was a malware that would accelerate. Well, it doesn't matter. (laughs) (laughs) Siemens step seven controllers, and it would cause meltdowns and nuclear reactors. And I remember looking at the code to get access to the code base that and thinking, "wow, very sophisticated code." But I look now at the underlying infrastructure, if you want to call it that, or the code behind the ransomware that we're seeing, and it is very, very, well-written, extremely sophisticated. It doesn't just get in and try and encrypt your data. It gets in and it tries to understand your environment and the context and all of your systems. I was speaking with a customer just recently where the ransomware came in and it sat dormant for a period of time. And then it would slowly increase its activity because of course, it didn't want to be detected. And as soon as they detected it, they had the intelligence built into the platform to know that they'd been found out. And then all of a sudden it went crazy and tried to do as much damage in a shorter time as possible. That level of sophistication tells you that the enemy that we face is stepping up their game and we need to do the same on the defense side.
Jillian
Well said. And there's a lot to unpack there and that's even just the behind the scenes, but I think you made a comment earlier about the vulnerability in just in how we use our devices, right? We've had conversations with other partners about developing security, just to protect people that are just going about their business that accidentally click an email that looks like it's a proper email. It's very easy to fall victim and fall trap. It's hard to be on guard, right? And you don't want security to be in the way of people doing their jobs or going about their days, but it's just a lot harder to be on defense these days.
Danny
Yeah, when people ask me where they should put their investments, I always say, the first line of defense, which is user education and awareness and training. And we do that here ourselves at Veeam, everyone goes through certification and regular updating and training. But then also the last line of defense to protect your data, because it's not a question if, it's a question of when. And when ultimately they do find a vulnerability in your protective solutions, you want to be able to recover as quickly as possible. And again, that's very much what we're focused on at Veeam Software.
Jillian
Yeah, absolutely. I don't want to throw you a curveball here, but do you have an example that you could share with us that a client that either wasn't set up and had a difficult time, or maybe was set up and how easy it was for them to kind of get back up and running?
Danny
As you might imagine, the ones that are most impactful and significant, they don't want to talk about... I won't name the healthcare facility, but there was a circumstance where a customer, they had a child who is flying inbound on a helicopter and at the same time, forced some life-saving surgery. And at the same time that that child was flying inbound on a helicopter, their systems had gone offline because of malware. And so they were frantically trying to get the systems up and running again, so when this child landed they could do operation. An operation or whatever medical procedure it was on them. And so that's the type of activity that really makes you stop and think about the human impact of these types of things. The stories that we can tell that are, put a name behind them are often much less impactful than that, but no less impactful to the organization themselves.
Jillian
Sure.
Danny
The steel company in Michigan that was part of our recent conference, and they were speaking about an event where someone had misconfigured something and malware got in, and it started deleting their entire database of all of their employees over a weekend. And they had Veeam Software, and thankfully on Monday, they were able to get it back. But those are the types of stories you wake up and you feel very good that you are part of the solution to what is a very significant problem in the industry.
Jillian
If CTO's are having a hard time sleeping at night, you guys are there to help them (laughs) go to bed a little bit easier.
Danny
Exactly. (laughs)
Jillian
I'm glad you actually brought up a healthcare example. Obviously, that's an industry that was immensely impacted by everything and will continue to be, we're seeing them pivot over to more of a remote patient care through FaceTime, et cetera. That's just one example of an impressive innovative shift that we've seen from industries. I'm curious, we've seen a lot of ambition from companies, even our own clients have done amazing things in response to be more innovative, more digital; is there something that you've seen that's really caught your eye? That you just think is, "gosh, that company is really being ambitious and it's paying off."
Danny
Well, if you look at an industry-level, I do think the healthcare industry is a fantastic example of difficulties driving success, because I think telehealth is an amazing thing. Wouldn't it be incredible if you could get up every morning and with someone in front of you doing analysis to say, am I at risk of transmission? And the person can help you right on the spot to determine whether you should be going out or not going out, or educations' other one, one of the things that pandemic has done is changed the education industry to enable much more remote education. So I love these stories of optimism that emerge in difficult times. But you asked for a specific example, I guess maybe I'd say Leidos. Leidos is a "Fortune 500" information technology company. They play in the defense, the intelligence, the civil healthcare space as well, very large provider. They were delivering services kind of the traditional way where it took months to create a service. And just recently in the last few years, they picked up 130 of their services. They moved it into the cloud, in their case, it was AWS GovCloud. And they completely reworked how they develop applications using something known as portable DevSecOps. Essentially, it's a way using continuous integration, continuous development, where they could deliver services in hours; not days, not weeks, not months, but literally could deploy services within hours and still be fully compliant and secure in doing all of the things that they needed to. And I was very impressed with their story. They essentially completely reworked to transform their business, and Veeam was a part of that. Kasten K10 was what did the data protection and data recovery for their new solution framework. And those are the kinds of stories that again, are very exciting, because it's companies that are disrupting themselves and delivering solutions more quickly and more securely (chuckles) than they ever had in the past.
Jillian
That was great. DevOps is a big piece of something that our own teammates and experts have been talking about and trying to get companies to embrace and understand a little bit more. I love that you called-out that it's taking those challenges and really flipping them on their head and turning them into those opportunities. That's such a critical mindset for companies right now. Is there... Not to take us down a negative path, but maybe there are organizations that aren't seeing that opportunity. Do you think that there's places where organizations are not being necessarily ambitious enough? Either in what they're doing
Danny
Maybe.
Jillian
as a business or their IT?
Danny
Yeah. Maybe in data privacy, I would highlight as an area. I really believe that the big challenges that face society today. So you think healthcare, climate change, sustainability, whatever it happens to be clean drinking water, education. A lot of these things can be solved if as an industry, we were more willing to share our data with one another.
Jillian
Mm-hmm.
Danny
But of course, the challenge with sharing our data with one another is that we're sharing our data with one another. (laughs) Users have a right to privacy to their own data. And 40 years ago, right after the RSA encryption technology came out, there was a thesis put out, a theory put out around something known as homomorphic encryption. The idea was that you could manipulate data without decrypting the data. As soon as you encrypted it, you would have the ability to still use it, think of it within a database, but without decrypting it so you couldn't see. And I think we're missing an opportunity as an industry to find ways to share data, but to do it in a secure way that is fully compliant. For homomorphic encryption by the way, we we've come a long way in the last 40 years. And in fact, just last year was kind of the first, I'll say practical use of sharing data without decrypting data. But I think we could be more ambitious as an industry. And I think we need to, I think we need to share data to solve some of these big problems. You can imagine for a moment we're so concerned about healthcare and the spreading of coronavirus. You can imagine if the transportation companies, the airlines could securely share data with the healthcare companies that are sharing data with the people that are doing not just hospitalized healthcare, but the sequencing of the coronavirus as it changes. If you could share those data sets, you could unlock a lot more intelligence of the context of the problems in which we find ourselves. But I just think we're not ambitious enough. I think these are things that can be done. And we should be doing more. We could be doing more.
Jillian
Yeah. Just a lot of trepidation around data sharing. I mean, you nailed it. If you summarize that, well, there's a benefit, but man, that's kind of of scary and we're all very protective of it.
Danny
Yes.
Jillian
We talked about some of the digital acceleration that's happened from COVID-19. A lot of companies we know have had to quickly modernize their IT, maybe are still trying to modernize their IT to support more of a hybrid workforce. Obviously, shifting to the cloud was a huge ambition for 2020. What do you see as the next big digital trend in transformation?
Danny
I really think it's containers, containers and Kubernetes specifically for orchestration of containers. Everyone said, "the biggest shift in the industry was from physical to virtual to cloud." I actually think the better way of looking at it is the big shift is from physical to virtual to containers, because the cloud was really virtualization on someone else's hardware. It was a go-to-market model. And I'm not discounting that in any way, it's a massive benefit to having a go-to-market model where you can pay in a consumption basis. But I think containers do something that is unique and extremely valuable for the organization. One is it makes our workloads completely portable. It's the promise that was made with Java or (chuckles) whatever, pick your technology 20 years ago. It means you can build a workload and you can run it on premises using Red Hat OpenShift. You can go to Amazon with EKS or SREs, oh, sorry, EKS or ECS, or to Azure with their EKS, or Google with GKE, but you can make the workload completely portable, and there's a lot of benefits and reasons why you would want to do that. Not the least of which is you can take advantage of elasticity. I would argue, the cloud is not a charity. They are going to layer in margin, whatever that margin is going to be. And you might want to run to your low watermark within your own data center, because you have the control. You have the capacity. Why would you not leverage it? But you might not want to build your high watermark. If you're talking to a university or college, and all of the students are logging in and using their systems on Thursday night, you probably don't want to build to that high watermark. You probably want to build your low watermark but then leverage the portability, but the elasticity of cloud and consumption models for those bursts of demand. So I think the next generation, the next big wave is going to be containers and Kubernetes. I don't think we're quite there yet, to be honest. It's still complex. We still have to cross the chasm, but I believe we will. There's enough very smart people that are looking at this, that I have no doubt that we will cross that chasm.
Jillian
It's an ambitious call for the future.
Danny
Yes. (laughs)
Jillian
Well, speaking of crossing the chasm, it sounds like we need more skills in that area, more learning, more discovering. Again, the role of IT has really expanded. The list of priorities has grown exponentially. At the same time, there is a talent shortage. IT supply chains are lagging. What is someone like you do? What advice do you have for other IT decision makers that are facing such ambitious plans amidst so many challenges?
Danny
It's probably not groundbreaking what I'm going to say, but it would be prioritization. Prioritize, prioritize, prioritize. There are more things to distract us than ever before. Inflation, pandemics, cloud, Kubernetes, security, malware, talent shortage, talent drain right now, "The Great Resignation;" people are realizing, "you know what? Family matters. I don't know if I really want to work." We should be figuring out how to not lose that talent, but still give them what they need to be mentally well. So I'm not going to say what I believe is the priority, 'cause frankly, I think it's different for every organization. But as a leader, as an IT leader, one of the things I challenged myself with every day is what are the top three things that I care about? And I'll focus on those. And you don't ignore the other things, you delegate them. You delegate them to other people within the organization, but for the things that you really care about, you need to keep an eye on and keep your finger on the pulse of them continuously. So it's the prioritization, and that's not different than it's been for the last 30 years, but that's probably a good thing. We know what we need to do.
Jillian
And I would assume that prioritization list probably has a mix of those business priorities and those personal priorities to keep that mental health and the need to be with family and take a break. It sounds like that's probably part of your rationale.
Danny
It is. I get outside every single day and enjoy the outside. I need it for my mental health. I love technology by the way. Of course I do. And finding shipwrecks and being out on the water, actually, one of the things that I like most about scuba diving is I can't get email, I can't get texts. No one can get a hold (laughs) of me when I'm 200 feet under water. (laughs)
Jillian
Brilliant.
Danny
But yeah, so everyday I'm out hiking in the woods behind my home, or on the weekends, out in the water to take a break, to give my mind a disconnection from the stresses that are for pushing against it every single day.
Jillian
Mm-hmm. I love that. I too, I'm in Phoenix, Arizona. The weather is beautiful right now, and the hiking trails are just calling my name. So Danny, I'm curious, before we close out today, I know that we just talked about setting your priorities. So I'd like to know how are you, or how is Veeam going to be ambitious in 2022?
Danny
So one of the things that we're very focused on is data protection and protecting the data within the cloud. We have done very well, or we're very well aware of the fact that if I have a data center, I need to protect the data within it. Now I would argue that maybe 80 to 90% of the data within the data center, we have a good plan for data protection, or we should have a good plan for data protection. (laughs) That is not true in the cloud, and I'm grouping a whole lot of things in cloud. Certainly the hyperscale public cloud, but also SAS Cloud services. If you look at Office 365 or Salesforce or Workday or ServiceNow, or these different infrastructures. Right now, less than 10% of cloud hosted workflows are being protected. And I look at that and think, "we need to protect the data." So my ambitious goal, it's not necessarily for Veeam to win that business, although, clearly I would like that. We would like that. (laughs) We want to. But I just want the awareness within the industry. And if we can get to 25% of the data in cloud being protected by the end of 2025, that would be a win. For next year, I would say, even if we can get the 15%, that would be a win. 15% of the data, which is not very much, but that's my goal. Make the industry drive the awareness of the need to protect the data, not just in your data center, but when it's out in the public cloud as well.
Jillian
That's great words of advice, good wisdom, and sounds like a really smart goal. Danny, thank you so much for joining us in the virtual studio today. It was great to hear your insights and a little bit about what you're discovering underwater and what Veeam is up to.
Danny
Well, thank you, Jillian. I always enjoy meeting others and sharing the stories of what we're doing at Veeam with other organizations.
Jillian
And for our listeners, you can catch more of Danny in the winter issue of the "Tech Journal." It's going to be our "Be Ambitious" issue. We're featuring a lot more client stories to hear, how clients have managed to be ambitious amongst so much disruption. It's a great place to get inspiration, find some guidance, and again, more insights to help you in your own IT strategy. So you can find that issue at insight.com/techjournal. Thanks again for listening. We'll catch you next time.