Hardware-assisted security poised for growth, says Intel

Only 36% use it now, but an additional 47% plan to adopt HAS in the next year

An Intel study finds that businesses are eager for cybersecurity and are keen to see how security can be baked into devices.

Hardware-assisted security (HAS) uses hardware extensions and components to support the security of higher-level machine layers, from the BIOS up through desktop applications. 

As a practice, HAS can speed up security-related processing, protects memory bounds, secures random number generation, isolates app execution and enables trusted computing through hardware components like trusted platform modules (TPMs). 

Intel says security approaches like this are increasingly relevant as threats emerge faster and more of the world's businesses and information migrates from the physical to the digital.

The study found that 64 percent of the 1,406 IT leaders Intel surveyed were more likely to purchase security solutions from vendors they consider to be "leading edge," which is unsurprising given another finding: 71 percent said technology providers "need to be able to adapt to the changing threat landscape. That means offering elements of HAS like TPMs and an open ecosystem, two-thirds of respondents said. 

It's all for naught if you don't have visibility

The point Intel drives home is that all the security solutions in the world are useless without network visibility. Without knowing which systems are where, and what they do, they can remain hidden on networks while hosting critical vulnerabilities.

"Fewer than half of organizations (48 percent) have visibility into newly-disclosed vulnerabilities and patches/updates, and mainly prioritize security updates for the latest product generation (42 percent of respondents) when there are still many legacy devices in use around the world," Intel said.

Hardware and firmware security solutions make it easier to manage vulnerabilities, said 69 percent of respondents. Of those, 58 percent said they had "good or significant visibility into whether their hardware and firmware are operating in a known good state."

For those respondents, 48 percent said their security teams spend an average of 17 hours per week mapping known IoT device vulnerabilities. 

So, what are organizations leading in hardware-assisted security doing differently?

Intel's findings suggest it's all about how the mindset behind HAS forces organizations changes. Of those who said they're using hardware-assisted security, 85 percent said it was a top priority, and 64 percent said their organisations are taking steps to advance hardware-level security.

A third automate their BIOS and firmware updates, and quite a few have also integrated zero trust strategies with hardware-assisted security solutions. ®

Similar topics

Broader topics

Other stories you might like

  • Intel withholds Ohio fab ceremony over US chip subsidies inaction
    $20b factory construction start date unchanged – but the x86 giant is not happy

    Intel has found a new way to voice its displeasure over Congress' inability to pass $52 billion in subsidies to expand US semiconductor manufacturing: withholding a planned groundbreaking ceremony for its $20 billion fab mega-site in Ohio that stands to benefit from the federal funding.

    The Wall Street Journal reported that Intel was tentatively scheduled to hold a groundbreaking ceremony for the Ohio manufacturing site with state and federal bigwigs on July 22. But, in an email seen by the newspaper, the x86 giant told officials Wednesday it was indefinitely delaying the festivities "due in part to uncertainty around" the stalled Creating Helpful Incentives to Produce Semiconductors (CHIPS) for America Act.

    That proposed law authorizes the aforementioned subsidies for Intel and others, and so its delay is holding back funding for the chipmakers.

    Continue reading
  • Intel demands $625m in interest from Europe on overturned antitrust fine
    Chip giant still salty

    Having successfully appealed Europe's €1.06bn ($1.2bn) antitrust fine, Intel now wants €593m ($623.5m) in interest charges.

    In January, after years of contesting the fine, the x86 chip giant finally overturned the penalty, and was told it didn't have to pay up after all. The US tech titan isn't stopping there, however, and now says it is effectively seeking damages for being screwed around by Brussels.

    According to official documents [PDF] published on Monday, Intel has gone to the EU General Court for “payment of compensation and consequential interest for the damage sustained because of the European Commissions refusal to pay Intel default interest."

    Continue reading
  • Azure issues not adequately fixed for months, complain bug hunters
    Redmond kicks off Patch Tuesday with a months-old flaw fix

    Updated Two security vendors – Orca Security and Tenable – have accused Microsoft of unnecessarily putting customers' data and cloud environments at risk by taking far too long to fix critical vulnerabilities in Azure.

    In a blog published today, Orca Security researcher Tzah Pahima claimed it took Microsoft several months to fully resolve a security flaw in Azure's Synapse Analytics that he discovered in January. 

    And in a separate blog published on Monday, Tenable CEO Amit Yoran called out Redmond for its lack of response to – and transparency around – two other vulnerabilities that could be exploited by anyone using Azure Synapse. 

    Continue reading
  • How Intel and AMD hope to win the cloud security game
    Team Xeon reveals 'Trust-as-a-Service' while Google Cloud details deeper ties with Team Zen

    Analysis As cloud service providers increasingly look to x86 architecture alternatives, Intel and AMD are trying to find ways to gain or hold favor in the market – and this includes baking in security features and forming services and partnerships.

    Both semiconductor giants announced cloud security initiatives this week. At the Intel Vision event on Wednesday, Intel revealed its Project Amber remote verification service for cloud providers, among other things. A day before, Google Cloud detailed a collaboration with AMD to harden the security of the chip designer's Epyc processors.

    The dueling efforts both revolve around confidential computing, which aims to protect sensitive data by encrypting it in memory using hardware-based so-called trusted execution environments, also known as secure enclaves, which are provided by the latest server chips from Intel and AMD. This technology is backed by industry players, including Arm, which too has confidential computing in its architecture.

    Continue reading

Biting the hand that feeds IT © 1998–2022