2023 Confidential Computing Trends from a UC Berkeley PhD
This is part of Solutions Review’s Premium Content Series, a collection of contributed columns written by industry experts in maturing software categories. In this submission, Opaque Systems Co-Founder and CEO Rishabh Poddar offers his 2023 confidential computing trends which lead to the need for secure data analytics.
Organizations are facing increasing pressure to address the inherent conflicts and tradeoffs surrounding data security, data privacy, and data analytics. With the cost of data breaches continuing to climb, organizations need better data protection. For example, a single data breach could cost an organization in the U.S. an average of $9M. Over the last several years, hundreds of new Federal, State, and cross-border policies and regulations have emerged that introduce more compliance scrutiny and potential penalties. The ability to protect data and secure personal information is increasingly difficult given the large volumes of personal and confidential data shared via mobile devices and apps, SaaS applications, and online commerce.
However, greater data protection through encryption techniques alone is not the answer. The more critical need is enabling multiple parties within and across organizations to safely share confidential data and perform analytics and AI – deriving time-critical insights while not violating regulatory policies or data privacy. Examples of business cases where multiple parties need to collaborate on confidential data are financial fraud, money laundering, drug research, or ad targeting and monetization. 2023 will be the year when we see major technology advancements that eliminate these inherent challenges and conflicts associated with multi-party AI and analytics on confidential data. Organizations will realize that:
Confidential Computing Trends for 2023
Traditional Data Encryption Techniques no Longer Suffice
As organizations look to protect data throughout its lifecycle
With increasing data breaches, hackers, and regulatory policies it’s become necessary to protect sensitive data throughout its lifecycle – from data at rest to data in use and during analysis. Traditional encryption techniques are now rendered insufficient as they only protect data at rest and in transit. To protect sensitive data throughout its entire lifecycle, data must be processed in an environment where it can be secure and protected.
In 2023, we’ll see organizations shift away from traditional encryption techniques and accelerate their adoption of solutions that provide end-to-end confidentiality. Solutions that provide advanced AI and analytics along with ease of use and scalability to support the broad set of use cases will show the fastest adoption rates.
Faster Adoption of Trusted Execution Environments (TEEs)
For confidential data enables programmatic trust versus solely relying on institutional trust
Today, data is everywhere and it is growing exponentially. Nearly all organizations are adopting the cloud to accelerate their digital transformation initiatives and process more cloud-based data. As cloud data grows, cloud infrastructure alone remains insufficient to secure and protect sensitive data. To account for this, organizations will move from “institutional trust” where exposure includes internal bad actors, to “programmatic trust” via solutions that provide complete end-to-end protection. This, in essence, is the adoption of confidential computing and
in particular TEEs which provide programmatic trust by encrypting and protecting data in use. In 2023 we’ll see the majority of large organizations make use of TEEs for sensitive workloads and with that, confidential computing will gain faster traction reaching a $54B market opportunity by 2026.
Organizations Will Shift to Confidential Computing Analytic Platforms
That do not compromise data security
The optimal way to perform analytics and machine learning on sensitive data is to enable analytics on encrypted data so all confidential data is protected end-to-end; at rest, in transit, and encrypted during analytics and processing. The massive organizational need to protect data throughout its lifecycle will lead to the rapid adoption of confidential AI and analytics platforms that enable data analysts and machine learning practitioners to securely analyze data without ever having to expose it unencrypted during processing. The adoption will be driven by the rise of business use cases that mandate confidential analytics on sensitive data and the hefty costs associated with a data breach or failure to meet data privacy regulations and compliance policies.
The Rise of Confidential AI and Analytics
Will focus on multi-party data sharing and collaborative analytics
Organizations are quickly realizing that some of the most important use cases for confidential computing require multi-party collaborative analytics and AI. Multi-party confidential AI and analytics platforms make confidential data usable by enabling secure and scalable analytics and machine learning directly on encrypted data within enclaves.
Organizations will adopt these solutions to help accelerate the transition of sensitive workloads to enclaves in confidential computing cloud environments, and analyze the encrypted data while ensuring it’s never exposed unencrypted during computation. Multiple data teams within and across organizations will adopt these platforms to perform collaborative analytics or machine learning on their collective data while ensuring that each party is only privy to the data and insights that they are authorized to see.