There are many trends worth keeping an eye on in the cloud space, but the ones that are undoubtedly the most topical today involve the intersection of artificial intelligence, cloud and security.

When customers are considering multicloud complexity — with AI, multicloud security, cross-cloud security and multicloud economics making things more complicated — they need to decide where to place their workloads. That change in pattern came as a reaction to a very simple thing — that customers’ budgets were blown up and utilization was higher than anticipated, according to John Roese (pictured), global chief technology officer of products and operations at Dell Technologies Inc.

“About a year ago, we started to see, at least big companies, get much more deliberate about the decision of where they would run their workload,” Roese said. “It used to be it was very much ‘keep the developers happy, keep the line of business happy. If they want to do it, let them do it and then try to clean up the mess.’ And then they realized the mess actually can blow up your economics of your company.”

Roese spoke with theCUBE industry analysts John Furrier and Dave Vellante at the Supercloud 3: Security, AI and the Supercloud event, during an exclusive broadcast on theCUBE, SiliconANGLE Media’s livestreaming studio. They discussed a more deliberate use of cloud and what’s next for zero trust.

Deliberate uses of cloud

While Roese doesn’t advocate for any one cloud or another, he believes that it’s important for companies to put the workload in the best place economically and technologically. But it turns out that up until recently, a lot of people didn’t do that level of analysis, simply putting things out there and then assuming they’d figure out how to afford it or make it work.

“To be candid, it hasn’t really slowed down innovation at all. And companies that are doing that at least have a more predictable cloud experience,” Roese said. “As they go into, again, this AI era, where the bills for building AI systems are quite large compared to what they were doing before, they at least have a mindset of ‘I have to contemplate affordability. I have to contemplate best economics. I have to contemplate things like regulatory and compliance.’”

While not everyone is at that stage yet, three years ago the belief for some was to blindly put things wherever and deal with it later, something that isn’t the tone today, according to Roese.

Zero trust considered a key technology

Often, when use cases for AI are brought up these days, they follow a familiar track — ChatGPT being used to write code or marketing copy, or being used for summarization and ideation. But when it relates to things such as zero trust, how might AI come into play?

Left behind in the dialogue are some very important areas such as security. As an example, one of the most interesting ones is that generative AI systems are really good at automating content creation, according to Roese.

“If you actually look at the behavior inside of a security operations center, and you look at somebody who’s doing security as an analyst, a big portion of their time is generating reports and content about events that happen,” he said. “They publish what they do effectively. So, one of the things that we’re excited about … is generative AI co-pilots to automate the content production that documents the security event, that does all this rudimentary work.”

That might actually bend the curve in freeing up time to solve some of the human capacity issues that companies have in finding people to operate security environments, according to Roese. When it comes to the multicloud dialogue and zero trust, one of the decisions that customers need to make is what pieces of architecture are not inseparably bound to a particular cloud.

“Multicloud is not just a collection of clouds, it’s a collection of clouds and then things that turn them into a system,” Roese said. “This is a debate we’ve been having; we have a strong opinion. We think certain storage layers ought to be horizontal. We definitely think edge ought to be a common platform. We think things like cyber recovery ought to be horizontal, but an interesting one is zero-trust security.”

If one wants to do multicloud right to be able to automate and control it as a machine, they can’t have a collection of security control planes in each cloud, according to Roese. That means that for three important functions — identity management, policy management and threat management and detection — there needs to be an independent authoritative control plane over any infrastructure used. That needs to happen whether it’s a hybrid environment, a single cloud going to the edge or a complex multicloud system if one wants to do zero trust.

“We’ve been building a full-on zero trust implementation that nobody’s ever built before, called Project Fort Zero,” Roese said. “But if you want to ever get there, one of the things we tell people right now is, you’ve got to get your control plane in order.”

Here’s the complete video interview with John Roese, part of SiliconANGLE’s and theCUBE’s coverage of the Supercloud 3: Security, AI and the Supercloud event:

Photo: SiliconANGLE