August 12, 2022
Photo: Tom Krazit/Protocol
Hello, and welcome to Protocol Enterprise! Today: AWS CISO CJ Moses lays out the company’s approach to cybersecurity, the FTC is taking a closer look at AI and what former Cisco and Nicira executive Steve Mullaney is working on at Aviatrix.
If Amazon EC2 has a security issue, it’s the AWS leader in charge of the service that’s ultimately responsible, according to AWS CISO CJ Moses.
That’s because AWS’s internal security model is based on parent company Amazon’s single-threaded ownership culture – leaders have end-to-end responsibility for their team’s products, and that includes those products’ security.
Moses became AWS’s CISO in January, succeeding Stephen Schmidt, who’s now Amazon’s CISO. He initially joined AWS in 2007 after leading the technical analysis of computer and network intrusion efforts for the FBI’s cyber division and serving as a computer crime investigator for the Air Force Office of Special Investigations.
Read Protocol’s full interview with Moses here.— Donna Goodison (email | twitter)
Chip shortage could undermine national security: The global shortage of semiconductors has impeded the production of everything from pickup trucks to PlayStations. But there are graver implications than a scarcity of consumer goods. If the U.S. does not ensure continued domestic access to leading-edge semiconductor manufacturing, experts say our national security could suffer.
Think the Federal Trade Commission’s proposed rules on commercial surveillance and data security are only for advertisers or social media companies? Think again.
Any company using algorithmic or automated systems to make decisions that affect people — tech often categorized loosely as AI — could come under the potential rules, particularly if they harm or discriminate against protected groups in housing, employment or health care decisions.
But there are no new rules yet. For now, the agency wants businesses and other stakeholders to comment on possible restrictions on data use for automated systems. So, it’s seeking public comment on nearly 100 questions.
What might FTC rules related to AI look like? Here are some clues:
Want to comment? A link to submit comments to the Federal Register will be posted here “as soon as it is available.” Meanwhile, the FTC will hold a public forum about the proposed rules on Sept. 8. There’s more information on how to file comments here.
Steve Mullaney describes himself as an “old-time networking guy from 37 years ago,” with stints at Cisco, Force10 Networks and Palo Alto Networks, among other companies. He was the CEO of Nicira, a network virtualization and software-defined networking company, when VMware acquired it for $1.26 billion in 2012.
“I stayed at VMware for a few years and then said, ‘That's it, I'm done, had a great career, and I'm just going to retire and travel around the world and be on boards and have a great life,’” Mullaney told Protocol. “And then this thing called cloud happened.”
Mullaney was on the board of Aviatrix — then a networking tool company helping to plug holes in networking for AWS — and had been retired for five years when he became its CEO in 2019.
“If you had asked an enterprise eight years ago or more, ‘Are you going to move to the cloud,’ they would say, ‘No, it's too expensive, it’s not secure enough,’” Mullaney said. “It was just DevOps people swiping a credit card and spinning up workloads, and it wasn't enterprise IT that was part of it. All of a sudden, the conversation changed overnight.”
Mullaney knew immediately that enterprises would opt for multicloud strategies, and he saw room for a company to become the equivalent of what Cisco Systems was for on-premises networking. It wasn’t going to be Cisco, Arista Networks or Juniper Networks, he said, “because when you have a transformation that happens where, on Monday, nobody's doing something and then Tuesday, everybody is, incumbents can't handle that.”
“I said why not Aviatrix?” Mullaney said. “At that time, we had about 100 customers. We were completely born in the cloud.”
Today Aviatrix is a cloud networking and networking security company expecting to hit $100 million in ARR this fiscal year, up from $3.5 million when Mullaney became its leader. It landed another $200 million in funding last September, which put its valuation at $2 billion, and expects an IPO within 18 months.
“It's a whole other level of intelligence that we integrate into the network,” Mullaney said. “People are going to get rid of their MPLS [multi-protocol label switching]. They're going to leverage the backbones of AWS and Azure and Google, and they need a control plane to basically be the overall route control plane on top of that. That's going to be us.”— Donna Goodison (email | twitter)
South Korea’s SK Hynix is looking for a site in the U.S. for a proposed chipmaking factory, and construction could start as early as next year, according to Reuters.Huawei’s cloud business jumped 28% in the first half of the year, helping it offset an overall decline in revenue and gain ground on rivals Alibaba and Tencent.
Chip shortage could undermine national security: To ensure American security, prosperity and technological leadership, industry leaders say the U.S. must encourage domestic manufacturing of chips in order to reduce our reliance on East Asia producers for crucial electronics components.
Thanks for reading — see you Monday!