The eternal cat-and-mouse game pitting IT security improvements against evolving attacker exploits is usually framed as an arms race of rising software sophistication.
Security teams implement firewall software, antivirus protection, data encryption, multifactor authentication, access controls, intrusion detection and mitigation tools, and data backup systems to better neutralize and recover from ransomware lockdowns.
Those limited parameters miss a fast-arriving hardware security revolution.
Emerging technologies in the hardware security space - namely, advanced instruction set architecture extensions - are positioned to make game-changing contributions to the IT security repertoire.
Security safeguards imposed at the hardware level, the foundation upon which all malware and software-based security operates, have the unique power to pull the rug out from under attack strategies, denying nefarious applications access to exploits or even the ability to run in the first place.
ISAs Are Fundamental to IT Security Before discussing specific new developments in hardware-based security, here's a brief history lesson.
While less discussed, security protections on the hardware side of the ledger are commonplace and have long been foundational to IT security.
Security experts are certainly familiar with hardware-based encryption methods that prevent unauthorized access to hard drives and network data.
Trusted Platform Module is a well-established hardware security standard that safeguards against tampering and compromise at bootup, as is Secure Boot.
These security measures may currently protect the hardware you're using.
The x86 ISA is a powerful ally for security teams securing Intel-based machines.
Arm, offering the most-used family of ISAs globally, has provided ISA security features in their low-overhead processors that have made it the leader in ISAs protecting phones, tablets, and other mobile devices.
The ISA Future Is Promising Emerging new ISA extensions leveraging open source technologies show exciting potential to revolutionize IT security practices and enable game-changing security strategies for developer teams.
One example is Capability Hardware Enhanced RISC Instructions, a hardware-based security research project developing ISAs that include CHERI Arm and CHERI RISC-V. Led by the University of Cambridge and SRI International, CHERI-enhanced ISAs take the unique approach of controlling memory access via hardware-enforced bounds and permissions while retaining compatibility with existing software.
The project also offers CheriBSD, which adapts the open source operating system FreeBSD to support CHERI ISA security features, including software compartmentalization and memory safeguards.
The high-performance compartmentalization provided by emerging ISAs also grants security teams a powerful tool for securing access to sensitive data and protecting it from attackers.
Open Source Drives IT Security Forward The increasing complexity and sophistication of modern attack techniques all but demands a revolution in IT security capabilities.
Emerging technologies offer that opportunity in the form of new security strategies that wield comprehensive, balanced software and hardware protections.
The collaborative power of open source is an essential engine behind this revolution, accelerating progress on projects through contributions from across the IT and security community.
Going forward, organizations that reinforce their security postures with a thoughtful assembly of advanced ISA hardware-based security and compatible software-based security tools will achieve the best outcomes.
This Cyber News was published on www.darkreading.com. Publication date: Thu, 21 Dec 2023 01:20:20 +0000