Steve Kenniston, Dell | Securing the AI Factory

Added: 2026-05-12

[00:00:01][music] >> We're entering a new phase of enterprise computing, what we call the AI factory.

[00:00:11]These are not traditional data centers, rather they're systems that are designed to produce intelligence at scale.

[00:00:17]Energy, compute, and data goes in and intelligence comes out the other end in the form of tokens. And we believe this changes everything because now you're not just protecting infrastructure, you're protecting data pipelines, models, supply chains, and the integrity of that very intelligence itself.

[00:00:37]Not only are organizations focused on making sure the AI is secure, they're also looking to partner with the technology industry and particular vendors to architect security into these systems from day one versus, of course, bolting it on after the fact. Welcome to securing the AI factory, made possible by Dell and Intel. And joining us to break this down is Steve Kenniston from Dell. Steve, good to see you again. Hey Dave. Great to be back.

[00:01:00]>> Thanks for coming in to the studio. It's uh it's always a pleasure to have you here face-to-face. Let's start with AI.

[00:01:06]I mean, how does it change the attack surface? And what what's different, Steve, from just securing everyday applications? Yeah, that's a great question, Dave. I think that um you know, in prior years, right, you had folks who were highly focused when you built an application, you thought about the security of that application, that maybe that application had maybe one road in or one data data um data lake that you were securing to make sure it was secure.

[00:01:34]AI changes the whole game, right?

[00:01:36]There's the model inferencing, there's the training model training data, there are the systems where people can do things like prompt injection, there's um identity management that needs to be uh thought about. And these things are changing so fast. Uh for example, now we're we have a genetic AI that's working its way into the model and how do you make sure that the models that you're building in the genetic capabilities don't all take over what's happening? So, there's there's a whole group of things that actually change from an attack surface standpoint that you want to make sure you have locked down as you're building out this brand new application, right? Every new application has a new attack surface.

[00:02:18]You know, you mentioned genetic. I want to come back to that cuz I want to ask you about the human side and then the non-human side. But >> [clears throat] >> But before I do, explain in a little bit more detail. So, if I'm securing an app like a CRM app or a service management app, what did you know, what do you have to do and and how is that different in AI?

[00:02:39]So, it it's really a function of the app, right? But I mean, who has access to the app and are they allowed to have access? And a lot a lot of times it was uh for example, a CRM application.

[00:02:51]The sales team had access to it. Maybe marketing didn't cuz they didn't want to have anything being done with the data, so you kept those people out. So, you had a great um identity management like who's who has access. You would make sure that the data was protected, so it's resilient and and can be brought back if something happens to it. And you would just make sure that uh there really wasn't any resultant information, right? Oh, um sales reps would might go in, they might put in some information, they might ask it, they might um uh put in what happened at the meeting, right? But it's a it's a data repository, right? AI's a bit different because you're asking it questions.

[00:03:26]There's going to be results from those questions. You're going to make um uh decisions and you're going to do things based on those results. Those results come from how that model was trained. There was the training data, there's the other data that go that goes into that from the from the big data lake. There's all kinds of inputs into a an an AI model or an AI factory that you might not have your with your traditional application.

[00:03:49]>> Got it. Okay, so let's go back to this human element and you mentioned identities and agents. You know, one of the big themes at RSA see this year actually the theme of the conference was the power of community and ironically all the discussion was around securing agents. So, who you know, what's the identity of an agent? So, what's the human side of the equation? How does that change the way we should think about I'm really glad you brought that up cuz I'm pretty passionate about the human side of of security in general, right?

[00:04:20]Um I think that folks that go through the process of recovering from a cyber attack are infinitely valuable, right?

[00:04:31]Not only have they rec- helped the business recover from that attack, but that going through that process, seeing how the attack behaved, knowing what to do, knowing what technology would have helped that what what they had, how it how it did help and uh getting getting through that whole process really makes makes a difference.

[00:04:50]It become It makes you infinitely valuable. Not only to the company that you're in, but also maybe as far as being poached from that company, right?

[00:04:57]And I don't think that enough organizations take enough time to think about things like that, the human side of what happens when these things go on because you think about recovering from a cyber attack, you hear about these businesses that it takes months to recover. Yeah, that's getting the data back, but just getting the business operations up and running maybe it's 24 or 36 hours to just get those applications back online.

[00:05:20]Are uh security specialists focused on solving that problem for those those that full 24 or 36 hours? Are they sleeping? Are they sleep deprived? Are they making mistakes, right? You got to make sure as as a company you're paying attention to what's going on. Do you have um good backup teams and I don't mean backup as in backing up the data, but good teams backing these people up. Do you have enough people? Um are you giving these guys the right kinds of breaks that they might need in an event?

[00:05:50]Um, there's having external vendors that might help you. Dell has a great um, incident response and recovery program that can help you, right, when something happens and and and get your information back. So, there's a there's a whole aspect to the human side of things that makes a difference. So, this is again, we we can't say it enough. This is a significant change in the way folks need to think about security. About a little more than 10 years ago, I interviewed Robert Gates, who was the former director of the CIA. He sits on a lot of boards of of directors. And at the time it was very clear that security had become a board level topic.

[00:06:29]Does this change the way in which boards need to be thinking about security?

[00:06:34]I think it might from the standpoint of I mean, at the end of the day, I always say from a security standpoint, AI is just a workload, right? And if you have good cyber hygiene in your environment in your business, and you're using those good best practices to secure that, you're already far ahead of the game.

[00:06:52]Now, there's a lot of nuance to an AI environment that that may change. But as for example, there's no special MFA specifically for AI, right? Um, there might be specific places where you put MFA that might not be the same as traditional applications, right?

[00:07:11]However, um, as you start looking at agentic and start looking at additional things that can happen, there might be some call outs that you might need to make to regulatory boards to make sure that you're staying compliant. So, there are some things that that the board needs to pay attention to when they're putting in a new application like this. What's the data exposure? Are we at risk? That sort of thing.

[00:07:34]So, that's interesting. I mean, MFA with an agent. The agent has an authenticator. I remember I remember I remember you used to walk around with one of those, you know, the the RSA, right, it would uh auto generate new right, a new code every whatever every 30 seconds. So, yeah, our agent's going to be doing every every nanosecond that gives you a new code.

[00:07:53]All right, the Dell AI factory, it's an integrated stack. So, you got from a security standpoint, you've got compute, you've got networking, you've got storage, of course data, you're you're securing models and and you're orchestrating that whole thing.

[00:08:06]So, so how should we think about that?

[00:08:09]How does Dell think about that from a security standpoint?

[00:08:13]I think the right question to ask is not only does how Dell think about it, but how should customers think about it also, right? So, I think 10 years ago Dave and I'd be interested in your thoughts, you didn't think about your server as a security product. But today you kind of have to, right? If if you're not you're you're you might be missing the boat. At Dell we integrate security into everything that we do, right from the supply chain through the chips, right to the device that gets delivered to you, right? And and the Dell AI factory even more is an integrated set of solutions where we've done some rigorous testing not only on the devices themselves to make sure that they're secure, but as far as the integration of the whole stack, what does it look like and is it secure? I like to talk think about most systems, right? You from any vendor, right? Are fairly secure, right?

[00:09:04]Where security breaks down in an in a system like this is is where security falls between the cracks. They might you might think about it. By having an integrated system that's been tested where telemetry is consistently the same through all the devices and you can kind of rely on that and you know about what's going on, it makes it a little bit easier and right now complexity is one of the hard things for customers to deal with, especially when you've got a lot of moving parts in like an AI workload. Well, and you asked me what I think about it. I mean the supply chains are just um exploding with complexity.

[00:09:39]Um you've got new fabs that are being built in Arizona. Um and that's definitely the catalyst of that was to have a secure more secure supply chain, for instance, in the United States.

[00:09:53]You've got all this discussion about rare earths. Um you've got, you know, software. You've got these, you know, high NA EUV machines coming out of, you know, ASML that are $380 million a piece. Um so, very, very complicated uh supply chains. AI demand has increased uh the the supply chain risks.

[00:10:19]So, how should customers be thinking about that piece of the equation? Should Should Should they be worried? Should they be concerned? How does that affect which partner they work with? What are your thoughts on that? I do a lot of briefings with customers specifically, and I would say over the last 24 months, I probably had let's say 300 briefings, right? And maybe 10 or 15 of those folks would ask about a supply chain.

[00:10:46]I'm getting that question almost in every single briefing now. Customers really want to know about the supply chain, and I think that's really solid because I don't think enough folks thought about what that supply chain looked like to make sure there was security built in right from the start before they even got their device, right? And I think, as you said, uh the demand has changed so significantly that, for example, the chip shortage, right? Is causing a lot of challenges when it comes to um acquiring technologies to make sure that you have a good AI environment, right?

[00:11:19]And so, in some of those cases, um you might think, "Well, I'll just go out and get chips where I can, right?" That instantly sends puts risk into your environment, right? One of the things that Dell pays attention to and and has has worked hard at is making sure that from end to end, not only do we have the inventory, but we can also make sure that that inventory is a part of that secure component that you're buying and without injecting that additional risk.

[00:11:47]Well, and of course memory supply is a huge issue right now and and you know with Dell's you know breadth and and depth, you would think that you're in a better position than many firms in terms of securing things like NAND supply and and other memories.

[00:12:03]Um, I want to ask you about you you you know the the the narrative around security has always been no longer you know the perimeter has has vaporized. There is no perimeter. Is is traditional perimeter security even relevant in this AI factory ever era?

[00:12:19]I would say it's it's not irrelevant.

[00:12:22]Um, however, I think the perimeter has changed much like the attack surface has grown and and changed. And this is a great uh place to talk up that that buzzword bingo zero trust that everybody like to talk about in in years past. Um, zero trust is very relevant from the standpoint of the fact that it it it makes you think deeply about identity management, about where my risks are coming from, how to identify those risks, right? And those types of things are are infinitely more important today in an AI world than they were before.

[00:12:58]Um, such that you're you're keeping it keeping your environment secure.

[00:13:03]Okay, so so if I infer correctly, zero trust is you don't really look at it as a buzzword. It's actually something that's real that that while people might struggle to operationalize it, it certainly NIST has frameworks and if you apply those, I guess it's a journey, you know, I mean that's kind of a bromide, but but still it it's something that security practitioners really need to pay attention to. It's gone from sort of buzzword to pretty much a fundamental component of a security strategy. Yeah, I think that you start thinking about what does zero trust actually mean? And when you boil it down to these things like around identity management, for example, you start to think about more than just the firewall and keeping the the arrows from coming through and and and keeping them out. You're thinking about themselves and who has access. Not only who, when did the does that person have access? From what locations do they have access? These tools are getting much much smarter at about uh keeping your organization safe, right?

[00:14:09]Whereas it used to be hey, I might travel some place and I might log in. I might have permission to do so. Well, maybe maybe someone else does that, but they're maybe they log in from a from another country who might not have access to to this information.

[00:14:22]Now you're starting to take that depth of security that to that next level.

[00:14:27]My last question is the industry still treating AI as a as an add-on instead of a fundamental design principle?

[00:14:39]I think that um I'm hearing more and more from our services organization that when they start to go into um a customer environment and they start talking about AI and and implementing AI, about 85% or 90% of those get stopped because the security team hadn't been involved up until that point.

[00:15:03]And what it's what it's saying is that it is still being bolted on. And I think the important message to customers is to think about security as a as a functional part of this new system, this new workload that they're deploying.

[00:15:19]Because the last thing you want to do is get, you know, to the 5-yard line and have someone from security go, "Stop, stop, stop. We have We haven't We haven't vetted this. We haven't looked through this. We don't understand what's going on." You want to make sure that that's that that's a part of it. The nice thing about the AI factory is it's built with security built in, right? So, that that's a good step. And so, if you get asked by the security teams, you know, tell me a little bit about it, you can talk about our supply Dell supply chain. You can talk about what we do from from the factory to build in all these things. You can talk about our secure BIOS, our hardware root of trust. And that's integrated into all of our systems, right? But But un- unless you're talking to somebody about those, they're going to say, "Hey, wait. Let's Let's talk about this first."

[00:16:03]Well, you know, during the cloud era, the cloud was the first line of defense.

[00:16:07]Now, the AI factory is the first line of defense. So, thank you, Steve, for sharing us with us, you know, some of your thoughts. And thanks for the good work that you guys are doing at Dell.

[00:16:16]Appreciate it.

[00:16:16]>> My pleasure. Thanks for having me, Dave.

[00:16:18]You're welcome. All right, you're watching Securing the AI Factory made possible by Dell and Intel. We're going deep into the infrastructure stack, you know, all the way up through. And then we've got a special conversation from RSAC.

[00:16:31]Keep it right there. I'm Dave Vellante.

[00:16:32]Thanks for watching.