GUEST ESSAY: The case for leveraging hardware to shore up security — via a co-processor

By Gopi Sirineni

Cybersecurity has never felt more porous. You are no doubt aware of the grim statistics:

•The average cost of a data breach rose year-over-year from $3.86 million to $4.24 million in 2021, according to IBM.

•The majority of cyberattacks result in damages of $500,000 or more, Cisco says.

•A sobering analysis by Cybersecurity Ventures forecasts that the global cost of ransomware attacks will reach $265 billion in 2031.

The FBI reports that 3,000-4,000 cyberattacks are counted each day.

That’s just a sample of what is obvious to anyone in the industry: we’re in a war with cybercriminals, and we can hardly say we’re winning.

The vulnerabilities of internet security, once mostly a nuisance, have become dangerous and costly. Data privacy breaches expose sensitive details about customers, staff, and company financials. Security software may have been a satisfactory product at the turn of the century, but despite massive levels of investment, many experts now realize that it is not adequate for dealing with contemporary threats.

We reached this point of friction because of the compound effect of two shortcomings. One, security was too often treated as an afterthought by the industry, taking a backseat to a device’s speed, functionality, and design. Security remains an added expense that isn’t easy to market, especially when third-party software solutions have been so widely adopted.

But those software choices have proven to be lacking in dependability and often require patches or upgrades that are costly to the end user. Second, the design of security solutions struggled to scale up properly or adapt to the technological changes in the industry, especially in disaggregated compute networks.

Sirineni

Meanwhile the attack surface keeps broadening with the increasing interconnectivity of services, product chains, and user interfaces. Seeing the flaws continue year after year, the industry began linking authentication of valid software components to the underlying hardware, or the “root of trust”.

This approach allows for compromised software to be identified during the authentication process. However, hackers have attacked unsecured hardware and compromised this root. Thus, secure implementations are critical.

Compounding issues is the nature of threat response: it’s reactive, searching for known threats, while cybercriminals regularly devise new, surreptitious methods to avoid detection. Too frequently, security upgrades occur only after successful attacks have taken place, and most fixes are not sufficient to stand up to a new type of attack.

The good news is, artificial intelligence is here and is showing great promise to deliver what the market needs, that is, pre-emptive and proactive threat detection. In fact, AI is on the verge of providing a remedy for problems that have seemed insurmountable. New AI-based applications are poised to be game-changers for cybersecurity.

Implementing security solutions, such as secure hardware root-of-trust and proactive AI in a piecemeal approach and through multiple compute processor vendors, creates complexity and increases the attack surface for cybercriminals. That can cause deficiencies because of varying implementation quality.

Ideally, these security measures can be offloaded to a dedicated security co-processor that would reside in the control and management plane, separated from the data plane of the main processors. Such a co-processor would be positioned to act as a security watchguard for the entire system and provide a pre-emptive measure to fight cybercrime.

At Axiado, we believe an AI-driven trusted control/compute unit, or TCU, provides the level of protection the data-communications industry is demanding. The TCU is designed as a stand-alone processor that will reside on a motherboard next to a CPU, GPU or other compute engine.

This security-by-design solution for the control and management plane is based on proprietary Axiado technology, including Secure Vault™ (a secure hardware root-of-trust, cryptography engine and secure key/certificate storage), Secure AI™ (a pre-emptive threat-detection hardware engine), and firewall advancements.

Hardware with a TCU included will allow companies to pre-emptively detect threats and minimize the endless and often inadequate number of security patches they have been forced to choose for years.

Cybercriminals are nimble, use updated software, and are often determined. With an unprecedented number of attacks inundating global databases, it is the time to end threats with an AI-assisted hardware solution that denies cybercriminals entry into networks and the precious data they store.

About the essayist. Gopi Sirineni is the CEO of Axiado, which supplies advanced technologies to secure the hardware root of trust.

Share on FacebookShare on Google+Tweet about this on TwitterShare on LinkedInEmail this to someone