As RSA Conference is growing bigger and noisier every year, it’s becoming harder to take a bird’s-eye view of the security space. Still, a few observations can be drawn.
The main themes over the last years - dead perimeters, emergent AI/ML, and rise of DevSecOps:
So where did the innovation go?
It appears that the only significant new technology introductions occur on the data encryption side of things.
With the introduction of new encryption technologies, encryption is able to be extended to new domains – encrypt applications as they run, perform analytics on encrypted data etc.
It’s not a surprise then, that the runners-up in the last two years at RSA Innovation Sandbox are next-gen encryption companies: Last year it was Fortanix, with its groundbreaking Intel® SGX-based Runtime Encryption® and this year the homomorphic encryption company Duality.
The next-gen encryption isn’t just helping encrypt data-at-rest or data-in-motion, but helps encrypt data-in-use, that is – encrypt the application and the data it’s processing, as it runs.
It’s intriguing to see how encryption has come full circle. For the first time, encryption can help secure the security applications and provide private and anonymous analytics on sensitive data.
The vital need is to assure that the analyzed sensitive data will never be exposed to any party. Only the analytics results are shared with the relevant parties.
This can only be achieved by running the application logic or ML model (or the entire analytics application) inside trusted execution environment such as Fortanix RTE.
For the first time, encryption is becoming an enabler of business, rather than the traditional restrictive “sealing” solution. These new types of encryption ARE becoming the new perimeter, only one that’s not porous and frail. They protect and tightly secure the application (e.g. a perimeter of sorts), only doing it deterministically, and without incurring any changes to these applications and infrastructures.
So – how do you bring the birds back to the cage? – Encrypt them!
If you want to learn more, please visit our Runtime Encryption® page.
Get our blog updates in your inbox: