Confidential Computing Trailblazes A New Style Of Cybersecurity

In cybersecurity, we are accustomed to seeing clichés like “the next big thing” or “game-changer” attributed to nearly every technology that splashes onto the scene. The truth is, the ubiquity of these laudatory labels downplays their conceptual depth and makes you take the merits of emerging protection services (even the most worthwhile ones) with a grain of salt. When it comes to sifting out the hype, a zoom into successful real-world versus POC applications and the ways the tech fits the context of the contemporary threat landscape is key.

From this perspective, the logic behind confidential computing undoubtedly lives up to the status of a breakthrough, and for good reason. Unlike traditional security mechanisms that safeguard data at rest and in transit, this dynamically evolving hardware-based technique leverages what’s called “enclaves” to prevent adversaries from exploiting data when it’s being processed, something that hadn’t been the case before the technology debuted.

Backed by real-time encryption in memory, this method creates a tamper-proof trusted execution environment (TEE) within a CPU that doesn’t expose sensitive data and code to unauthorized third parties while maintaining its accessibility for processing tasks. The ability to use data without “seeing” it in the clear seems like a paradox, but confidential computing offers viable solutions to put it into practice. This is now a fully-fledged technique that strikes a balance between seamless app-to-app interoperability and data proprietorship.

Above and beyond the wow effect

Let’s look at this technology through the prism of what’s happening on the corporate security front. The rapidly advancing digital transformation, fueled by pandemic-driven remote work and the growing use of cloud services across enterprise ecosystems, is a catalyst for a steady increase of the attack surface.

As more internet-facing organizational assets are susceptible to compromise, businesses are sailing into the perfect storm of data breaches that are gaining extra momentum. According to Statista, about 15 million data records were exposed in such raids during Q3 2022 alone, a 37% increase from the previous quarter. Given that not all breaches gain publicity, these are probably conservative estimates.

With these staggering stats in mind, the need to protect greater volumes of business-critical records in new ways comes to the fore, and confidential computing appears to fill the void. Due to the unmatched capability to keep data protected with cryptographic keys while in use, it is shaping up to be an indispensable instrument for industries that heavily exchange and interact with customers’ personally identifiable information (PII) and are subject to rigid regulation, such as healthcare, telecom, and fintech.

Confidential computing can also shore up the security of blockchain-based decentralized finance (DeFi) services like cryptocurrency exchanges that use potentially vulnerable online hot wallets for transactions. The notorious Mt. Gox incident from 2014 demonstrated that the exploitation of hot wallets could entail tremendous financial losses, and keeping them safe is a priority.

Other areas where confidential computing shows a lot of promise security-wise include CI/CD, containerization, machine learning models, and the industrial internet of things (IIoT). It facilitates the implementation of the zero-trust principle, where all users, devices, and services are considered to be threats by default unless specified otherwise.

Inner workings of the industry

The hardware model at the core of confidential computing is a double-edged sword. On the one hand, it makes data usage extremely secure through end-to-end encryption in memory, effectively eliminating the factor of remote attacks from the security equation. On the other hand, the industry requires unique innovative technology development in order to deal with some core challenges such as limitations in the processing capacities of today’s silicon and CPUs which impose certain speed restrictions on these workflows.

Uzi Moskowitz, the CEO of HUB Security, an Israeli company specializing in confidential computing services since 2017, said in an interview that a boost in hardware performance is a prerequisite for a successful evolution of these tools. “The future of confidential computing is as an inherent part of the hardware, providing complete application and data isolation. Our vision seeks to enable high-frequency processing capacities based on this approach, which we think is critical, especially given emerging industries such as IoT and others which will require high-speed workflow capacities,” he notes.

Founded by veterans of Israeli intelligence elite units, HUB Security has been driving innovation in the sector of confidential computing and extended its reach to more than 30 countries, providing appliances for data protection along with a broad spectrum of turnkey cybersecurity services. Their flagship Secure Compute Platform stands out from the crowd as it combines AI, the metaverse, quantum computing, and 5G to keep sensitive in-use records intact without sacrificing performance.

I can’t emphasize enough that bright ideas and innovation-first ideology underlie success stories in cyber, especially in niches as compelling as confidential computing. HUB Security is the epitome of this narrative. It is currently in the process of listing on the NASDAQ at a $1.28 billion valuation, quite an achievement for a company that was an ambitious startup only five years ago. This showcases institutional investors’ high interest in the field.

One more roadblock the industry faces is that the adoption of this approach on-premises requires profound technological skills not every IT team can boast. To address the skills gap, it’s best to choose a provider for which confidential computing is a primary focus rather than an offshoot of a larger operational whole so that the solution is tailor-made to fit the organization’s infrastructure in a frictionless fashion.

What does the future hold for confidential computing?

Whereas this is a nascent industry at this point, it has already given rise to mature security instruments and shows a significant growth potential. According to global research firm Everest Group, the market for confidential computing is projected to reach $54 billion by 2026. Tech giants such as IBM, Google, Microsoft, Intel, Amazon, and Nvidia have added confidential computing platforms to their portfolios, and we should expect more players to step in going forward.

“We see confidential computing as the missing piece of the cyber industry’s value proposition. Without it, cyber protection is not fully functional. As such, it will increasingly become a core requirement for enterprise-grade cyber security. Our products and approach are built to enable this comprehensive protection, and our vision seeks to implement this disruptive approach, while addressing the challenges that face the industry,” says HUB Security CEO Uzi Moskowitz.

From where I stand, the biggest paradigm shift that will define the role of confidential computing in the years to come is that it will finally give businesses peace of mind with sharing data and migrating workloads to the cloud. As this happens, it is also worth anticipating deeper standardization in this sector of cybersecurity. Launched in 2019, the Confidential Computing Consortium (CCC) gave initial impetus to this process.

Overall, cybersecurity is evidently going into hyperdrive with confidential computing in its arsenal. By baking defenses into hardware, this technology complements the conventional data protection chain with the missing link, and most importantly, offers practical implementations of this philosophy.