Embracing Hardsec for security

Dr Simon Wiseman at Everfox argues that a 360 degree security strategy cannot rely on software alone

 

An onslaught of attempted cyber-attacks targeting high-value organisations in the UK and the US is leading to a revaluation of conventional security wisdom. The recent Everfox CYBER360 Report found that 74% of IT security directors in the polled organisations view detection-based technologies as outdated and inadequate. Many call out how detection technologies fall short of preventing cyber-attacks and only detect threats after the damage has typically been done.

 

It is remarkable that these sentiments are widely held, given the continued prevalence of software defences to detect and block malicious data inputs. In the shift towards preventative security, many regulated organisations are looking for alternatives to such software. Our report showed that 33% of regulated organisations confirmed plans to implement Hardsec to secure data from external threat actors in the future.

 

Born out of the intelligence community, Hardsec is a growing trend for highly effective security. What makes Hardsec unique, and what is its appeal?

 

Introducing Hardsec

Hardsec is a technological approach that uses hardware logic, not software, to implement security-critical defences.

 

Software is highly adaptable. That’s its great strength. But it’s complex and this means it generally has vulnerabilities which are hard to detect and hard to avoid. So, any security mechanisms implemented in software might fail to work or be hacked and disabled.

 

The infamous 2020 SolarWinds hack impacting the U.S. federal government and the more recent attack against ByBit’s crypto wallet authentication functions illustrate the point.

 

Security solutions rooted in hardware logic, on the other hand, are simpler by design, much easier to show they work and protects against attacks. Also, the hardware logic can’t be changed by the data it handles, making it “too stubborn” to hack.

 

Given its attributes, Hardsec has a growing appeal beyond the walls of sensitive intelligence community buildings. Increasingly, sophisticated threats are driving interest from a wider set of regulated organisations.

 

Countering the known and unknown

Employee connections to the Internet amount to a massive attack surface. Email attachments, web downloads, and API calls can all lead to malicious data being brought into network environments and threat actors breaking in. Once in, they can unleash malware to bring an organisation to its knees or they could lie dormant and slowly steal sensitive data. Whatever the scenario – weaknesses in software can be exploited and there’s a risk that detection-based security solutions miss the initial attack and are too slow to react to the subsequent disruption.

 

Hardsec doesn’t replace software security, but can enhance it. Hardsec provides strong protection for data transfers and access, but it’s not flexible enough to enforce complex policy constraints such as those that depend on external factors. Software is a better solution for issues like that, but software generally needs additional protection and Hardsec can facilitate that protection.

 

The need for such assurance is growing with the complexity of threats. The CYBER360 Report found that 62% of regulated organisations believe AI and emerging malicious actor trends, such as polymorphic malware and hacking-as-a-service, are increasing attack sophistication. We also see this in the use of large language models (LLMs) to improve, personalise and scale phishing campaigns. Hardsec is a powerful tool because this rise in sophistication makes little to no difference regarding the ability of the hardware logic to protect against harmful traffic.

 

Is Hardsec is the right fit?

A Hardsec approach has clear benefits, but establishing whether or not it’s the right fit for an organisation requires careful consideration. In many cases, such organisations will use a staple security vendor with a portfolio of services and functions that cover almost everything they need. Applying Hardsec indiscriminately could easily result in putting in place more security than necessary.

 

Having a strategic approach is generally the best way to determine an organisation’s needs. Organisations can scope out the key facts – it could be use cases, groups or individuals – that need extra protection. It could be a payments team in a bank with access to the SWIFT network or system admins working in a nuclear power plant or cover for a CEO being hit with increasingly hard-to-spot phishing attempts. In its nascent intelligence community use cases, Hardsec was used to protect secrets, but today its ability to protect high-value data more broadly is clear.

 

For commercial organisations making active efforts to move away from the Cloud, racking and stacking new hardware could be seen as a disadvantage of Hardsec. These organisations could benefit from a Hardsec-as-a-service offering to deploy Hardsec in a zero-trust cloud-as-a-service architecture without setting up and running any bespoke hardware themselves.

 

A step towards preventative security

In conclusion, Hardsec is a powerful component of comprehensive cyber-security strategies that helps safeguard critical systems and data. Countless high-profile security breaches in recent years have shown how software’s vulnerabilities and complexities can be compromised by cyber-criminals. The comparatively simplistic nature of Hardsec is a fallback that may bring much-needed assurance.

 

For regulated organisations in the crosshairs of Advanced Persistent Threat (APT) actors with sensitive data to guard closely, implementing Hardsec can be a practical method to shift towards a more preventative and resilient security architecture. The emphasis is now on CEOs and boards to prioritise this shift and ensure the next major data breach to hit headlines doesn’t involve them.

 

---

 

Dr Simon Wiseman is Field CTO, Hardsec Transfer at Everfox

 

Main image courtesy of iStockPhoto.com and BlackJack3D