Please welcome ServiceNow's vice president and general manager security business, Lou Fiorello and vice president and general manager, risk and ESG business, Vasant Balasubramanian. (upbeat music) - Hi everybody. I'm Lou Fiorello, the VP and general manager of the security products and Vasant, I don't know if you know this, but I just had my seven year anniversary at ServiceNow. - It's kind of niche. - And I will say this, I joined about a year and a half, after the security products group started. So, we've been working on security products at ServiceNow for about eight and a half years. And I'm proud of how far we've come from a product standpoint, from customers standpoint, right? The outcomes they've been able to drive. And I'm just really excited about the future where we're gonna go from here. - Hi folks. I'm Vasanant and we're all that's between you and a drink this evening. So, hope you're all excited. Thankfully for us, there was something in the green room. So, we're all set to go. So, we're here to talk about cyber risk and resilience and you always start with the bad news, 'cause there's plenty of it, right? There's huge, fines. Personal liability, look at it, right? Downtime, 300K every hour of downtime. But really there's two stories that are extremely important when I think about this. One, if you've heard about the Porsche story, about the Macan in EU being pulled, because of the new UNECE cyber regulations, the gas engine, Porsche Macan does not or could not be retrofitted to meet it. And so they can't sell it in the EU. They're planning not to sell it in the EU anymore. Business impact because of cyber risk. Second, children's hospital, the Northwestern Lurie Children's Hospital, got hit by a cyber attack and cyber attacks these days with hospitals, three to six weeks for recovery, full recovery, it is insane. Cyber attacks, these are testing us across the board. Resilience. How do we build resilience to this is extremely important. How do we do this? - Well, it's impossible to run a secure business when people and processes and data are siloed, right? Cyber risks affect everyone in an organization and everyone needs to participate in actioning and reducing that risk, right? Imagine a security team asking a business unit or an IT team to fix a vulnerability or a control on an asset and that team comes back and says, "I don't own this, right?" Now, who's wrong? It doesn't really matter. They're just not on the same page. There is a better way, right? Business application and technology teams can collaborate better with security and risk teams to drive security out outcomes, right? And ServiceNow can help. And we're gonna show you how. So, here's the world of the CISO, a little simplified, but CISOs have to manage cyber risk. They have to drive enterprise security operations. They have to understand their applications and their assets and they have to, absolutely have to collaborate with the rest of the organization. - So, as you're looking again at the world of CISO and you're thinking about, alright, let's start top down, let's start looking at risks holistically. Let's get proactive about this, right? So, as you take it down to the next level, you're thinking about maybe you're starting with your application related risk, you're looking at your infrastructure. If you're not just information security, you're looking at physical risks, you start looking at third parties. How many people worry about third parties today from a risk point of view? Yeah, see plenty of folks. It's real, third party risk, resilience, all extremely critical. And the tools available for you. You're looking at setting policies, you're doing continuous risk monitoring, control monitoring at scale, 'cause the landscape's getting larger and larger and you're documenting your issues. So, big broad risk landscape, how do you take it down to the next level beyond that? - Yeah, so let's talk security operations for a minute, right? So, as I mentioned, we've been in this space for over eight years. The current portfolio that we have really breaks up into two areas. There's kind of how do we help prevent bad things from happening that's on the left. And then there's when something bad happens, how can we help you respond quickly in action and have the right records and audibility that's on the right. So, on the attack surface management side on the left, right? We started with vulnerability management, right? So, how do we work with the tools and technologies you have today for vulnerability detection to drive prioritization, connect security and IT teams for remediation. But we didn't stop there. We've expanded that into controls, right? Security tool coverage, right? Do I have CrowdStrike where it's supposed to be? Do I have Tanium where it's supposed to be, right? We've done it from infrastructure to application vulnerability standpoint and we've done it across infrastructure types from cloud to operational technology and manufacturing and utility environments, right? And we're seeing customers, have the need to drive visibility across that entire stack. On the case management side, right? We started with incident management, security incident management; phishing, malware, ransomware, right? We started kind of in the SOC, but customers said, "Look, we want to drive, "so, ServiceNow is good at case management and workflow. "We want to drive that across our security organization "to all different security departments, threat teams, "DLP teams and all different case types "from regular incidents and events, "pre-incident to major security incident management "that requires all hands on deck, "like a ransomware activity." And let's talk about the platform layer at the bottom for a second. So, this enables security and risk teams to interact with the rest of the organization as well as each other. And I'll highlight two different ways that they can do that. First, there's the data foundations layer, right? If everybody's on the same page with assets and how those relate to critical applications and ownership, then we don't have the problem I talked about earlier, right? The second layer is the workflow layer. And security teams often have to interact with technology teams to drive actions, right? Whether that's fixing a vulnerability, applying a control or whatnot, right? That workflow layer when everybody's on the same page with the data foundations piece and then the S of what needs to be done by when is critical to driving security outcomes. - Now connected to the rest of the enterprise, security working with legal constantly, 'cause you're working with regulators, you're looking at what's the impact when something does hit you? You're working with enterprise risk teams, you're working with your procurement teams because of the third party risk side of the house. You're working with, your business continuity, your service owners, there's a lot of different teams across the board that as you start connecting the dots on ServiceNow, it provides the perfect basis and the platform to start connecting the enterprise teams to the world of the CISO. In addition to this guess what? The work that security teams do goes right to the board. Extremely critical, right? Your board is seeing this, there's a cybersecurity subcommittee on the board, they care about it. Every business stakeholder in their line of business, cares about it. And so from ServiceNow, all these different lenses and perspectives are enabled for you to take to you all your different stakeholders, 'cause it's a huge part of your organization, of your success and what you do. Now, when you do this, you're honestly just making better decisions. You're more prepared for risk, you're managing risk better, you're monitoring, you're optimizing, you're reducing the time you spend on all the different activities related to it. And honestly you're just running faster, because you have a better handle on your risk. That's why we do risk management, right? So, we can run faster. - Those are great outcomes Vasant. Lemme talk about a couple of security outcomes. So, the stats on the right, the 69% and the 53%, these are all telemetry based, across our customer base, right? So, we've looked at our entire customer base and said, "Hey, after 12 months, what progress have you driven?" So on the 69%, that's the average time, the average improvement in our customer base to drive meantime to contain on security incidents, after 12 months average time. 53% that that's the average time after 12 months to drive meantime to resolve vulnerabilities, right? And those are averages. I regularly talk to customers that are driving 90% plus on these types of metrics. In fact, I just talked to one on Monday that was actually in the high 90s for their critical vulnerabilities, right? So, these are great outcomes, super proud of them and the fact that we've helped our customers deliver these outcomes. All right and now we are gonna welcome to the stage from State Farm, Jeff Donovan and from Insurance Australia Group, Karsten Lehn. Can we get a big round of applause please? (audience applauding) Guys, welcome, welcome. Thank you for being here. Thank you. Yes, please. Okay. Alright. So guys, can you first do just a quick introduction of yourselves and your roles? Jeff let's start are with you. - Thank you Lou. And thank you everyone for coming. Hi, my name is Jeff Donovan, I work at State Farm Insurance. So, State Farm is the largest auto and property casualty insurer in America. We have about 120,000 associates. And at any given time we have about 1.5 million devices plugged into our network. And it's a very, very large diverse tech stack. And the way I like describing it is, we have a little bit of everything and a lot of some things. - Good afternoon everyone. Karsten Lehn is my name. I'm the executive manager of risk at Insurance Australia Group. IAG is the largest general insurer across Australia and New Zealand. Every year we underwrite about $15 billion worth of insurance premiums and have about $2 trillion of assets insured. Back in 2019, we embarked on a pretty major risk transformation journey where we replaced our legacy GRC solution and adopted the ServiceNow integrated risk management suite. And in that time we implemented a full risk profiling suite, risk event management, issues and actions management, business continuity management, third party risk management, compliance obligations management, hooked it all up to an obligations feed and generated some regulatory change management processes around that as well. And that was off the back of our existing ServiceNow footprint, which included ITSM, ITOM and SecOps. So, it's been quite a journey for us. - Cool. So, well thank you both for being here. So Jeff, can you share with us a little bit about your security and risk transformation journey overall and with ServiceNow, right? Like what drove it, where are you in that journey? What are some of the outcomes you've achieved? - Yeah, sure. Let's see, it's been about two years. We're about two years into the journey, within information security. We really started focusing in on vulnerability management and have made some wonderful progress. Within the next few weeks we're gonna be pivoting to security incident response and shifting resources and really going through and automating and changing and transforming how our SOC operates. So, some of the drivers, I'll focus in on the vulnerability response side. The main drivers are really around three things. One is asset management. We need to have solid asset management in order to assign the vulnerabilities to the people that can actually fix the vulnerabilities. And when we first started down this path, we were pretty low. I'm gonna say we were at about 60% success rate for finding and assigning the vulnerabilities to the appropriate asset owner. Since the CMDB, some of my peers from our enterprise technology department are here, they did a wonderful job enhancing the CMDB. And now after we start ingesting all of our vulnerabilities, we consistently get at about 98% success of having the vulnerabilities assigned to the right individuals that can fix them. Second is really around meantime for remediation. When our old system pseudo automated just a, it was ugly, it wasn't good, but we called it automated. When we would pull in all of our, scan data from our environment, it would take us literally 15 days to ingest it, do some data cleansing and get those tickets into the hands of a little over half of the people that can fix those. Now, since we've implemented vulnerability response, we do it in less than 24 hours from the time we hit our scanning databases to the time the tickets are in those individuals inboxes. And we could actually dial it down to every six hours. But we're happy with 24, that's such an improvement. And the last driver for us is really reducing the friction. Our ET partners, they decided to move to ServiceNow for service management and ITOM and operations management. And once they made that decision, it was really easy for security to say, "Yeah, we wanna go to the platform where our partners are, "where the people that can fix our vulnerabilities, "the people that would be working on our incidents "are actually doing their work." So, we moved everything over there and it's been a great success. - That's fantastic. Good to hear. Karsten. - Yeah, well our risk transformation journey, as I said, started in really in earnest in 2020, but it's continuing to this day. So, for now we're on another in a sense in that we have, as a major financial institution in Australia, we have a new Prudential standard from the Australian Government regulator that really compels us to harden our operational resilience posture. And that is now the driving force, if you like, of this next phase of our risk transformation. We're in the early days, so the early days in the early part of the transformation, we really established quite a robust risk management and risk profiling capability across the enterprise and down into the technology stack. What CPS 230 the operational resilience requirement now does is forces us to really understand what are our critical processes and our critical operations and what is the underlying technology that's supporting those and are there any vulnerabilities or issues in the underlying technology that could impact our critical operations and therefore impact customer service delivery. And that's really important, because if you think about that contextually, we're now at a point where we are being compelled to really join up this business operation risk or risks from our business operations and our business units into the technology stack and really start to develop this truly integrated view of risk through the enterprise and really bringing together, business operations, processes, technology, people, locations into a full suite of an operational resilience view that enables us to better respond to any issues that we might have. - I love that. How many people in the audience, have heard of operational resilience or are thinking about it? Show of hands. Alright, pay attention to what's happening in financial services, particularly outside the US. Extremely important and great way to think about it. Definitely go and read up about it or check it out. As we talk about working and as your journeys, right? So Karsten, maybe start with you, can you dig down a little bit on, okay, so how did you work with the enterprise teams in your journey and what does that translation look like? - Yeah, I guess, from my perspective, I work in line two and part of my role is to not only run the risk systems, but I also design and then execute our risk management system strategy. And so I do look at, technology really performing a line one function as are our cyber teams. And they're really doing a lot of the hard yards of understanding where the risks and vulnerabilities are in the technology stack. But in many respects, I look at that as a classic prevent, detect, respond, recover series of tasks that they do. And as just as applicable to business risks, it is to technology risks. So, I look at the, say our cyber operations, highly competent, very clever people who work extremely hard at keeping IAG's technology and information safe. But also we have risks for example in our policy lifecycle management process where we had an issue where obsolete definitions of pandemic were not adequately remediated, because no one ever thought it was a huge issue. And the end result of that was, of course after COVID-19, is that we suddenly found ourselves, potentially facing exposure to business operation, sorry, business interruption claims that ought to have been excluded from a policy. But we hadn't got onto the rewording the policies quick enough. Now that resulted in a $1 billion provisioning for claims, for business interruption claims that the organization had to make. And so the point of that being that, cyber risk is a thing, technology risk is a thing. So, is policy lifecycle management, so is actuarial observing and perils and whether or not our models and our reinsurance is sufficient to cover potential peril claims. So, from a risk management perspective, all of these are being managed in the system now in a way that from a line two perspective, we really begin to have this consolidated view of what are the absolute real immediate risks that we have facing the enterprise and do we have the right controls in place to mitigate or prevent them. - Yeah, Jeff, same question for you. Maybe on more on the technology side. How do you connect your technology teams? - Yeah, thank you. So I'm gonna, I'll talk specifically of how we're interacting with our technology department, the different business partners, specific to vulnerability management, 'cause that's where we've made the most progress and how we're approaching that is a bottom up and then a top down approach on how we're interacting with our different departments and our different technology owners. The bottom up I touched on that a little bit already and that's just reducing the friction, moving our vulnerability ticketing to the platform where our analysts are actually getting their regular work tasks, they're getting their incidents and requests and change records already on ServiceNow. So, we moved the security tasks to ServiceNow also. So, that's from the bottom up. Top down is really pretty interesting. We're working on that one right now. And so how it was previously is if we had an executive or a business area that wanted to know their entire vulnerability footprint, boy it was like a scavenger hunt. We were going to our pen team and getting some information, going to the scanners and downloading into Excel spreadsheets and then going to our bug bounty portal and grabbing information from there. And then reconciling the dates and basically consolidating the report and then coming up two weeks later, after everything has changed, giving a final report on what the full footprint looks like. - Sounds like you were making it up, Jeff. - We were winging it big time. We just hated those requests. So yeah, we were making it up. So, now that we have all of our vulnerability data in ServiceNow, I mean, this is the first time we've ever had all our vulnerability data in one place. - Wow. - And now we're like, what do we do with this? So, we've been leveraging performance analytics and making some really nice dashboards by, oh, we're slicing and dicing the data probably too much. Example, one of my analysts, he got into performance analytics and he created this overly complicated dashboard with like 28 widgets on it. It was as if he trying to tell every story possible. We're in the process of dialing that back and just picking like the top three stories we want to tell and it's been going extremely well. - Cool, good stuff, good stuff. So, next question I have is, what are your top for the audience, do this Monday recommendations? So, if they're just starting their security risk transformation journeys with ServiceNow, what would you tell them to do on Monday, next Monday? - Next Monday. All right, I'm gonna go back to something you told me probably two and a half, three years ago, and it was use the platform as out of the box as possible. The workflows that are built into it are very thought out. They operate well, they do the job you need to have done, might not be the exact way you're doing it now, but they can get you really close to where you need to be. If you have some strong developers, the tool is easy to customize, but you're gonna pay for that during upgrades. So, you'll be doing a lot more testing cycles and then deprecating that functionality that you've custom built when the next platform upgrade comes out. So yeah, use it out of the box. - Cool, same question for you, Karsten. - Yeah, I completely agree with that. I think as out of the box as possible. I would also probably say think ahead too, because once you have all this data in the system, around your technology and around your risks and so forth, there really is a lot of opportunity to really extend the use of the whole integrated risk management suite and the other components of the system to really start to drive some great value and insights. The other component I would say is, around controls going down the process level can absolutely cause a proliferation of controls. Invest in the capability, the people capability in automating controls where possible. Be careful about increasing the burden on your users in terms of things like control testing and where possible automate where you can. - All right. So, a ton more questions, but I think we're kind of running out of time. So, first I want to thank you both for your partnership and actually for being here with us today. It's huge. Karsten flew in from Australia, he's still dealing with jet lag, so thank you. - It's a pleasure. - Partnership means a lot for us. And so thank you gentlemen and looking forward to continuing the journey with you. - Yeah, thank you Jeff and Karsten for joining us. We really appreciate it. Thank you for sharing your stories. - Pleasure, thanks. Thank you Vasant. Alright, with that we move on to, okay, that sounds great. We've been talking about it. Let's go have a quick look at a demo and for that we bring on Shannon. Hello Shannon. - Hi Vasant. So, thanks for having me. I have some news and I don't want y'all to feel awkward, but I actually got offered a CISO role last night at one of the happy hours that I attended. It all started when I was talking to some executives from a bank and I was telling them about the power of the platform, how they can break down organizational silos and automate and accelerate their response to security threats and business risk exposure. I might have mentioned that I was doing this demo today and they said we will believe it when we see it. They're in the audience. So, what do you say? - Say no. - Y'all wanna help me get this role? - No. - Let's give it a shot. Being that I sit in product today, I know firsthand that the risk and security teams have working very, very hard on the new cybersecurity executive dashboard. It's the perfect place to start. It gives the CISO a holistic view into managing KPIs, setting targets for their team, making business decisions through data analytics and reporting to the board with confidence. I love that I'm prompted with insights right away, like improved scan coverage over the last month. But one of the most powerful views is being able to see all my business units, the security risk score, the business risk score, and the compliance percentage. Lou, did I miss anything there? - Well, what if I want to compare, across business unit Shannon. What if I wanna see who's doing a good job and who's doing a bad job within my organization? - Well you can always drill in and it's going to prompt you with exact data, around where prioritization needs to happen, where remediation needs to happen, but most importantly where collaboration needs to happen. - Now with the business units, I also really need to pay attention to my critical business services or the ability to get my products to my customers. Vasant, why is that so important? - Top down, at the end of the day, caution insurance, critical business service is underwriting. So, if you can't underwrite, you don't have a business. So, start from what's critical for your business and then break it down to how cyber risk is relevant for it. It's critical. - Alright, hold on. Speaking of critical, why is sales in red? I'm gonna scroll back up to understand what target might be off track. Okay, it looks like we have a major security incident. I really wanted this to be a perfect path demo, but I think we need to drill in to see what's going on. Ooh, ransomware disabling a business critical payment system. Sounds pretty bad. - I do not like the sound of that. Although I'm not an executive yet, let me understand what the current status is. I'm loving that major security incident, dynamically generates this executive status report for me, so I can understand what's been done today as well as what else needs to get done. As cool as that is, I'm not loving the potential to expose payment data to a hacker. Now, I'm calmed down a little bit knowing that security, operations, compliance, legal and public relations have already been engaged. I think I wanna understand, 'cause I'm gonna be a hands-on CISO, just what collaboration has taken place. Okay, very cool. I can see we're already creating a document repository and the team's communicating through a Teams channel, but I still have visibility through the platform. Woo, Lou, Vasant. We could start a conference call right here right now, out of the platform and get a real time update from the cross-functional teams. Should we? - I don't know, that sounds cool Shannon, but it feels like we're right here right now, so maybe we just keep the conversation going. - Fair. Alright, let's take a deeper dive into seeing the tasks that have been assigned and completed and what's still left to get done. I'm loving that the disaster recovery team has already been engaged and backups are restored. Threat intel assessment's been completed, forensic analysis has been completed. These teams are moving fast. There's a couple activities that catch my eye. First, it looks like a case has been sent over to the compliance team. Those folks mean business over there, but also it's looking like we're needing to patch vulnerabilities as well as implement endpoint protection. I wanna check out what asset exactly has caused this major security incident. Let's drill in. Now as a security analyst, the security posture control workspace is giving me the view I live for. I can see all my assets and very quickly understand any gaps in my security coverage. I need to stay focused here though. I wanna drill into any findings around what asset was missing endpoint protection and had a vulnerability. When I click in, I'm prompted with that configuration item or asset and it looks like it's a payment processing server. I really don't like the sound of that. Let me understand again what work has been done. Okay, Kevin and Alex are on it. That means we have IT and security working together. They're already awaiting the implementation and they're collaborating. I think being a CISO with all this insight might not be that bad. Alright, but do y'all remember the compliance team means business? I think knowing that this is a payment processing server, Vasant, you've always told me about a pretty strict regulation that really doesn't want any sort of credit card or debit card data exposed. Which one was that again? - You know, come on, don't make me say it. - Alrighty, let's go look over at the compliance workspace to get a better understanding on how that team's been engaged. So, the compliance team is equipped with the ability for anyone in the organization to feed them with situations or even requests, around making sure there are no regulatory non-compliances across the business. I'm able to very quickly see that a case has been sent to me and it's critical. I have to assume it's from the security team. There it is. Request for compliance review. Awesome. The team's already investigating this case to get a better understanding. I wanna look at the holistic view or the 360 view to really understand all the different elements that are being impacted from this major security incident and vulnerability and lack of endpoint protection on that payment server. First and foremost, let's check the regs. There you go Vasant, PCI. I do not wanna be out of compliance with that regulation but because of the ability to map controls to multiple regs, I have others at play here. Let me also understand, with the server being the impacted entity, what else might be affected? Okay, based on the relationship defined down in the CMDB, I'm prompted with the critical service that this payment processing server supports, access to cash. This is a biggie and now I really wanna understand what else might be going on to make sure we're proving resilience. Before I do so, let me double check on the work being done by the compliance team. Looking there, the continuous control monitoring, picked up the vulnerability and the lack of endpoint security on that server and the compliance team is working together with IT and security to make sure that we remediate that impactful incident. Now before we wrap, I mentioned I wanna make sure that there's nothing else, no other red flags that could take down this critical service. - By the way, before we navigate from here, that view customer walked by us on Monday and said this is something her chief risk officer looks at and loves as like, sweet full view. - I love it too. Alright, so here we go, operational resilience. As an operational resilience team member, my goal is to understand how I can be proactive and make sure there are no red flags that would impact the services I need to be able to get my customers the products. I'm prompted with all active services and any red flags coming from risk, controls, IT and even security. But we're not done. I really wanna check that access to cash service. Okay, have some issues, some failed controls. I can see what's going on in IT. I know the team's working collaboratively, but Lou look there, no downstream vulnerabilities on this service or any underlying infrastructure. No security issues, that's great. None at all. Although this wasn't my perfect path demo, I do think we proved the power of the platform. What do y'all think? Think I'm gonna get the gig. - Was it cool? Put it all together. - Shannon, I think you did a great job, but whoever's out there offering you the CISO role, she did a great job, but we'd like to keep her here. So, thank you for the great demo. - Thank y'all. - Alright, we are gonna talk about what's next. Where are we innovating, right? What's coming next? So, I'll talk about the left side of this, a security operations piece. There's three things I'm most excited about this year. The first two are already generally available. The third, the analysis for security is coming, the second half of this year. But let me just talk just a couple words about each. So, security posture control, this GA in February. This is really building on the service graph connector program and the asset information, device information we have in the CMDB. And effectively what it does is if you've got, if you've got CrowdStrike and Tenable and Tanium, right? Checking in security tools, checking in through service graph connectors, along with your IT information from SECM, ServiceNow Discovery, et cetera. This will tell you where you have coverage gaps, right? I'm supposed to have Tanium on this set of assets, but I don't. So, that's an issue. So we've got workflows on top that can help drive resolution, like we do with vulnerabilities and we can also leverage that context everywhere else in the SecOps and risk portfolio, right? Maybe it raises a vulnerability priority, maybe it lowers one, right? So, that's item number one. Item number two is threat intelligence security center. Think of this as threat intel platform capabilities, threat feed lifecycle management, sticks taxi feeds in right? We do the management. You can do case more threat cases, more threat hunting on that. And again, can leverage that across the rest of the security portfolio for incident response, for vulnerability management, et cetera. And last but not least, generative AI for security analysis, for security coming second half of this year, right? We're starting with use cases like case summarization, resolution notes generation, but we're quickly gonna move into more advanced use cases, like situational summarization. Tell me what happened over the last month. And then as we consume CMDB information into our large language models, we're gonna be able to provide security post insights, across the enterprise. Really excited about all three of these. - Thanks Lou. For me, the right insight, operational resilience, extremely important, 'cause stuff's gonna happen. How do we be strong? How do we set the thresholds and be resilient? So, check the capabilities at the booth. There's a lot of really strong things in there and continuing to innovate. Also, if you haven't heard about DORA, important, UK Operational Resilience Act, important, CPPS 230, important. Lot of resilience coming our way in regulations, but it's a good thing. Check it out. Second, if I didn't say Now Assist or GenAI, you would all be disappointed. Gotta say it. So yes, we're working on it. There's a ton of use cases, but we're starting with things that will create the most performance and optimization of your time. Third, AI governance, early days. We're all wild west of AI and some of us are ahead on than the others in thinking about this. So, stay tuned to this channel. There's a lot coming on the AI governance side. One more thing I want to call out is a lot of the school innovations on the risk side and the green side of the house. The man responsible for it, it's his birthday today. Stand up, Anish. Happy birthday Anish. Alright, thanks folks. Now to our last slide. And so what do we do after this, right? We, as you saw the innovations, we're here. We're innovating, we're partnering. This is a journey. Always remember, this is a journey. We're here working with you every day to make sure you're successful. There's a lot of ServiceNow risk, security operations on the floor. So, go talk to the people around you. Talk to the product managers, connect the dots. We're all connected across the enterprise. So, see the roadmap. See the roadmap session tomorrow. There's a risk roadmap session tomorrow. Ask the product managers and others how things are going. Visit the demo stations and go get a drink. Thank you for hanging out with us all day today and have a wonderful day. - Thank you everybody.