The prevention of cyber attacks throughout a device’s lifetime has been made easier today, as the Trusted Computing Group (TCG) released its specification: Cyber Resilient Module and Building Block Requirements.
With society becoming increasingly connected, technology must have the ability to protect itself, respond to attacks, and recover. Achieving this will result in huge savings of time, resources, and cost.
TCG’s new specification enables device manufacturers or designers to easily take steps to achieve cyber resilience by implementing a minimal set of capabilities. It also outlines the concept of a Cyber Resilient Module with the ability to recover multiple layers and components within a device while keeping them safeguarded.
“Manual intervention for device servicing, or recovery from compromise, is an expensive and sometimes even physically dangerous endeavour. The proliferation of internet connected devices we’re seeing today is only increasing this cost,” said Dennis Mattoon, Member of TCG’s Cyber Resilient (CyRes) Technologies Work Group. “Technology must be implemented to safeguard devices in the modern threat landscape. We often hear that resource constraints, such as the cost of the device, its form factor, or power needs, are challenges that are difficult to overcome, and security usually suffers. With this in mind, we have created a set of building blocks that allow for cyber resilient devices to be built with a more limited range of resources.”
The specification encourages the consideration of a cyber resilient architecture from the beginning of the design process, rather than it being left as an afterthought. With the implementation of CyRes building blocks, a device can be recovered even if it has been compromised and hacked.
This will have a dramatic impact on the security posture of today’s connected digital ecosystems. Devices with cyber resilience built-in will be safer against attacks from other systems connected to the network, and if compromised, can be recovered without manual intervention.
Mattoon added: “As the dependence on technology grows, cyber resilience will prove critical for the future security of all interconnected devices and systems. Adopting cyber resiliency principles for protection, detection, and recovery is an important first step if we want to stay ahead of increasingly sophisticated threats.”
To be successful, the implementation of proper definitions, architectures, and scenarios is key. Manufacturers and developers can follow the guidelines outlined by TCG in the draft specification, which is now out for public review.
More information is available at the TCG website, www.trustedcomputinggroup.org
Fachartikel
Studien
Studie Cloud-Strategien: Von kleinen Schäfchenwolken zum Cumulus
IDC-Studie: 82 Prozent der deutschen Unternehmen nutzen die Cloud – umfassende Automatisierung der Workloads ist aber noch Zukunftsmusik
Studie zeigt 193 Millionen Malware-Angriffe auf Mobilgeräte von Verbrauchern im EMEA-Raum
2023 State of the Cloud Report
Trotz angespannter Wirtschaftslage: die Security-Budgets steigen, doch der IT-Fachkräftemangel bleibt größte Hürde bei Erreichung von Security-Zielen
Whitepaper
WatchGuard Internet Security Report: Enormer Anstieg von Endpoint-Ransomware, dafür weniger Netzwerk-Malware
5 Tipps für die SAP- und OT-Sicherheit: So haben Hacker keine Chance
Neuer Forrester-Report: Varonis als führender Anbieter von Datensicherheits-Plattformen ausgezeichnet
Arctic Wolf Labs Threat Report: Deutlicher Anstieg der erfolgreichen Fälle von Business-E-Mail-Compromise
Aufkommende Trends in der externen Cyberabwehr
Unter4Ohren
Die aktuelle Bedrohungsentwicklung und warum XDR immer wichtiger wird
Optimierung der Cloud-Ressourcen und Kosteneinsparungen in AWS
DDoS – der stille Killer
Continuous Adaptive Trust – mehr Sicherheit und gleichzeitig weniger mühsame Interaktionen
