Intel at RSA 2018: Taking Security to the Silicon Level

By Charles King Pund-IT, Inc.  April 18, 2018

When it comes to digital security, the past year or so has delivered multiple lessons with a single conclusion: that whatever people, including individual consumers to business organizations to the IT vendors who serve them, have done or are doing regarding IT security, it isn’t enough.

Taken in total, the situation may appear hopeless, but it sets the scene for the new silicon-level security technologies and initiatives that Intel announced this week at the RSA 2018 conference.

The problem(s) with security

The problems dominating security are two-fold. First, computing endpoints, systems and networks have become so complex that the industry’s decades-long approach of building/promoting numerous individual specialty solutions is at the breaking point in terms of working properly and meeting clients’ needs.

Customers themselves bear at least part of the blame for these failures. Not only are most unwilling to learn or do what’s necessary to secure their devices against cybercriminals and exploits, but they also expect those products to work without any impact on performance and functionality. That can be a fatal combination, at least when it comes to protecting identity, financial and other assets.

The other problem is that the cyberthreat landscape is growing exponentially. The situation is no longer limited to the prototypical evil hackers long-beloved by the mainstream media and entertainment industries. End users also need to worry about having valuable digital information “mined” or otherwise ripped-off by a variety of well-organized and financed cybercriminals and gangs, state-sponsored espionage rings and corporate thieves.

And let’s not forget supposedly trustworthy organizations, like social media players that sell their users’ data with little care or oversight until they get caught. Facebook is currently sweating the spotlight, but it’s not like the company is any kind of “lone gunman” in this regard. Plus, there are bumblers like Equifax and other massive credit and finance companies whose efforts to secure consumer data are, to put it mildly, as deeply careless as they are dumbly clueless.

Intel’s approach

At RSA 2018, Intel posted a blog by Rick Echevarria, VP of the company’s Software and Services Group and GM of its Platforms Security Division that focused on Intel’s dedication to, “Driving security innovation from the silicon to applications and from the client device to the edge and to the cloud.” In that vein, Echevarria detailed three new cybersecurity efforts:

  1. Intel Threat Detection – Broadly leverages silicon-level telemetry and functions to improve cyberthreat and exploit detection. Highlighted were two initial capabilities and related efforts by Intel partners. The first is Accelerated Memory Scanning which hands-off virus and malware scanning to Intel’s integrated graphics processors, increasing efficiency and reducing impacts on system performance and power consumption. Microsoft announced that it will integrate Accelerated Memory Scanning into its Windows Defender antivirus solution later this month. The second is Intel Advanced Platform Telemetry which uses machine learning algorithms to enhance platform telemetry functions. with of the goal is to better detecti advanced threats and reduce false positives while also minimizing any impact on performance. Cisco said it will leverage the new solution in its Tetration platform to enhance data center security and cloud workload protection.
  2. Intel Security Essentials – Are designed to ensure consistent root-of-trust hardware security capabilities across Intel’s Core, Xeon and Atom Functions enhanced by these capabilities include secure boot, hardware-based protection for data, keys and other digital assets, accelerated cryptography processes and trusted execution enclaves to protect applications at runtime. According to Intel, Security Essentials aims to improve the security posture of computing, lower the cost of deploying security and minimize the impact of security on performance in products utilizing its silicon platforms.
  3. Perdue University partnership – Finally, Intel detailed an initiative with Perdue University to help close the growing cybersecurity talent gap. Perdue’s new “Design for Security” Badge Program will focus on training IT professionals for both production level positions – working with companies that produce cyber or cyber-physical systems and their components, and opportunities in education – working with universities that train the engineers and scientists who design the cyber or cyber-physical systems and processes. Perdue’s program will eventually offer four foundational courses covering security development, design, operations and applications, and ten electives ranging from core network and web security processes to blockchain and quantum computing.

Final analysis

So, what are we to make of these new technologies and initiatives? For one thing, it’s worth noting that these are hardly the first solutions Intel has offered for better securing IT products and online interactions. In fact, Echevarria noted that in the past year alone, the company has partnered to promote security-based workloads, like confidential computing and blockchain, introduced its own Secure Device Onboard for Internet of Things (IoT) devices and detailed the steps its taking to protect Intel-based hardware from side channel vulnerabilities.

How successful are these new solutions likely to be? First and foremost, they closely follow Intel’s vision of systemically-enabled, broadly deployed security functions integrated into and enhanced by the company’s Core, Xeon and Atom solutions. That has real implications for both Intel OEM’s and their customers, such as in how Accelerated Memory Scanning can improve virus and malware scanning while minimally impacting device performance. That’s a critical issue for man customers and end users.

The new solutions also reflect a longer-term Intel strategy—that is, increasing the underlying value of its products by defining, enabling and standardizing new functions and features. The company has followed this approach for years in efforts such as its Centrino wi-fi adapters, system-focused software investment and the integrated graphics technologies highlighted in this announcement. These investments have resulted in significant competitive advantages for Intel products and also forced competing silicon players to make similar investments or risk being left behind.

The partnership with Purdue University spotlights similarly long-term thinking by the company. The essential point is that the continuing growth in the number, sources and complexity of cyberthreats will only exacerbate the current shortages in security professionals. The new Design for Security Badge Program demonstrates Intel’s willingness to help address that situation. Plus, it seems likely that Purdue will be just the first partner the company enlists in this effort.

Overall, these new solutions and initiatives show Intel doing what it does best—putting its future-focused technical vision and substantial technology portfolio to work correcting existing problems and preparing for future threats. This is a game that Intel and its executive team have played for many years with customers and partners becoming eventual winners.

© 2018 Pund-IT, Inc. All rights reserved.