Panel Discussion: The Future of HSMs and New Technology for Hardware Based Security Solutions (A31a)
From securing satellite communications to underpinning our global financial systems, Hardware Security Modules (HSMs) form the backbone of many of the world’s encryption and security systems. These critical elements of our security infrastructure devices are now evolving to move further up the technology stack, offer higher levels of accessibility, conform to industry standards and offer greater scalability, but change in this conservative technology sector is often outpaced by the environments into which they are deployed. With the availability of new hardware-based security solutions such as Intel’s Software Guard Extensions (SGX) and ARM’s Trustzone, we need to take an honest and open look at all of these solutions and what they offer. Have these new waves of solutions addressed the common requirements or do HSMs still win out in terms of price, performance and security features? Are HSMs ripe for virtualization and consolidation? Are HSMs legacy dinosaur solutions or are the fundamentally solving a different problem to the new upstart built-in hardware assisted solutions?
As many enterprises move to the cloud, the security posture required must also be examined, especially when security of data, both in-flight and at rest, is considered. With these services offered in a virtual sense, what part do physical hardware solutions have to play and how will this evolve? Is the concept of a software-based HSM meaningful? In addition to raft of software based solutions, some cloud service providers offer access to hosted conventional HSMs however we must also be mindful of the benefits and risks offered by these solutions beyond simply compliance with arbitrary requirements.
Once we look beyond the cloud and virtualization use cases, we need to then consider how these hardware security technologies integrate within existing enterprises. Do they support common industry standards such as PKCS#11 and KMIP? Do they require proprietary software for specific use and administration? What level of effort and expense is required for deployment?
This session’s panel has many years of specialist experience which enables a wide variety of practical examples that can be explored in response to audience questions. The industry experts and veterans on this panel will take an honest and possibly irreverent look at the future of Hardware Security Modules (HSMs) and new technology for hardware based security solutions in the evolving threat landscape. The panel will review deployment into cloud, container and multi tenancy environments, the impact of the European GDPR as well as post-quantum cryptography impacts. This will also enable the panelists to compare and contrast these technologies in the context of our rapidly evolving threats and their mitigating security requirements.