Network Security

“A privacy-first engineering approach is critical to the cyber resiliency of organizations”

“A privacy-first engineering approach is critical to the cyber resiliency of organizations”
Written by ga_dahmani
“A privacy-first engineering approach is critical to the cyber resiliency of organizations”

Many companies have begun to realize the benefits of embracing confidential computing in today’s distributed work environment. In an interaction with Express Computer, Ivar Wiersma, Chief of the Conclave, R3 describes how organizations can leverage confidential computing to securely aggregate their data sets to solve shared business problems for their customers and across markets.

What are the current cybersecurity challenges, especially in the post-pandemic new normal?

The new normal definitely poses new challenges for cybersecurity as many businesses have found ways to operate virtually. There has been a 17% increase in the number of data breaches now compared to 2020, underscoring the importance of ensuring the security of user data for many businesses today.

Coupled with the projection that 75% of the world’s population will have their personal data online by 2023, user data security will not only become a corporate responsibility, but a priority for companies that want to thrive in a post-pandemic world. To meet the demands of a growing digital citizenry, companies have increased their partnerships with other companies to collaborate digitally in a distributed environment.

In doing so, there is a need to ensure that shared data is kept secure, confidential, and tamper-proof. To prevent any tampering with sensitive data, many companies simply do not share their sensitive data with partners. This is a key challenge for businesses in the post-pandemic world. Information sharing offers great opportunities for businesses where customer data can provide actionable insights, improve the customer experience, and build a more resilient and pandemic-proof organization. However, many companies are still hesitant to share their data, as the space remains technologically difficult to control once the data is available.

In light of these challenges, what are the changes cybersecurity professionals need to embrace?

A possible solution for companies that want to improve the security of their complex business structure could be to adopt confidential computing. With this type of privacy-preserving technology that encrypts data while it is still in its processing stage, companies will be able to securely aggregate their data sets to solve shared business problems for their customers and across markets, without disclose the raw business data to anyone.

In addition, these innovative solutions effectively protect the data processed and consolidated from multiple databases, as well as the knowledge generated from them, preventing access from any party and minimizing the risk of data manipulation. These advancements in the data processing space protect policymakers and relevant stakeholders from data breaches and leaks, as the raw data is not distributed or made available to third parties.

In fact, many companies are beginning to realize the benefits of embracing confidential computing in today’s distributed work environment. A report published by the Everest Group predicted that the confidential computing market could grow to $54 billion by 2026. This means greater recognition of its importance in the enterprise security space.

What are the common causes of / errors in the company (at the individual and organizational level) due to the cyber breach occurring?

Some common causes of cyber breaches include using applications that are riddled with vulnerabilities. These weaknesses threaten the integrity and security of classified information owned by companies. To prevent such threats, it’s in your business’s best interest to adopt programs that protect your classified data while it’s at rest, in motion, and in use. To do so, it’s important for companies to implement a security-by-design approach, whereby apps and services are designed to protect privacy first. This will minimize the attack surface and ensure that data is not exposed when it is processed.

The application of confidential computing can correct the problem of architectural weaknesses by ensuring the highest level of security for sensitive data owned by companies. With encryption from the processing stage to the time companies make their classified data available to third parties, this data is protected by a Trusted Execution Environment (TEE). TEEs, also known as enclaves, are completely isolated from the rest of the computer, such as the kernel, hypervisor, and operating system. This means that companies that share their data with their partners can rest assured that the raw data will not and cannot be tampered with.

Role of emerging technologies in managing cyber security challenges?

In essence, the main challenge we face today is the inability to technologically enforce what and how third parties are using data once it is available in the public domain. I think using confidential computing like R3’s Conclave platform can certainly address these challenges. As more data is added online, protecting sensitive data has become a top priority for businesses. Encryption has been a widely used solution to protect data both at rest and in transit, but most data must be decrypted while it is being processed. Confidential computing addresses the risks associated with data processing by encrypting data while it is still in its processing phase within a secure environment that protects code and data from modification.

How can companies drive a risk-based approach to cybersecurity to transform their organizations into cyber-resilient?

A privacy-first engineering approach is critical to the cyber resiliency of organizations. By developing privacy-first applications and leveraging new technologies like R3 Conclave, organizations have a better chance of minimizing the attack surface and ensuring data breaches do not occur. Conclave’s integration is seamless and easy, and this is critical for companies to be open to adopting such innovations.

A sensitive computing application, Conclave requires that data be encrypted, stored, and processed in Trusted Execution Environments (TEE), also known as an enclave. This approach, through TEEs, provides assurance to companies that their data maintains integrity, confidentiality, and code integrity. In other words, TEEs ensure that data can be processed by external parties without them having access to the raw data.

The result of this is a tamper-proof service, where enclaves will be protected and separated from the rest of the system, resulting in users not being able to modify or influence data; this means that users cannot make the enclave do what it is supposed to do. it wasn’t coded to do. In R3, Conclave leverages Intel Software Guard Extensions (Intel SGX) to create a hardware-based secure enclave that resides on a CPU, enabling the key TEE capabilities described above.

As a result, companies can be sure that their data will be encrypted and protected by a specific algorithm, making their data totally inviolable. This improves the data security of companies, completely protecting them from leaks and data leaks, since the company, its employees or data center operatives will not be able to alter the codes of the enclaves.

How can companies take a ‘zero trust’ approach to protecting a hybrid cloud environment? What are some practical challenges of ‘zero trust’ architecture? How can business organizations leverage their existing investment?

The “zero trust” approach requires transactions to be verified in order to be successful and prevent security breaches. This implies that all transactions made, even if they are made within the network, must be verified. With the rise of remote work and a hybrid cloud environment, traditional networks are increasingly unable to keep up with the growing security needs of businesses.

The global zero trust security market has been projected to grow from $19.6 billion in 2020 to $51.6 billion by 2026, with the driving forces behind this exponential growth being attributed to rising cyber attacks and the increased regulations for data protection and information security. However, a ‘zero trust’ architecture challenge includes the stringent requirements of a ‘zero trust’ network and its implementation.

Some of these requirements include ensuring network security, infrastructure security, and identity security. But we can hope that this will be made easier by emerging technologies that keep up with today’s demand for enhanced security. More companies are leveraging their existing investment to improve data security by adopting confidential computing, for example, as the technology can easily support the implementation of a ‘zero trust’ network, in accordance with their stringent requirements. In response to the growing trend around hybrid and remote working, R3’s Conclave is keeping up with organizational requirements with the launch of Conclave Cloud, which enables businesses to access Conclave Cloud’s secure services from anywhere, regardless of location. of the cloud service they are working on. .

What are the best practices to limit sensitive data exposure in light of remote workforce and targeted attacks and new cybercrime scams?

Although restrictions on returning to the workplace have been eased, many companies are still allowing their employees to work remotely. This has increased the demands and requirements on cloud data storage, data security and privacy concerns. With remote work becoming a new norm, online data sharing has become the primary mode of work. Confidential computing has the potential to help companies maintain the confidentiality and integrity of their highly classified data sets.

Additionally, as businesses continue to grow and become more distributed and collaborative, there is a growing need to protect data while it is in the process of processing. Existing R3 customers have used Conclave to perform fraud detection, market data aggregation, private order matching, and data analysis, all with teams operating remotely. This has helped them limit exposure and prevent leaks of their sensitive data.



About the author


Leave a Comment