Pim Tuyls, Founder & CEO |
Holidays are now in the rear-view mirror, and at Intrinsic ID we’ve hit the ground running for 2020. It’s the time of year when most of us look back on the year just concluded, and ahead to the possibilities the new year holds. A few things come to mind regarding both.
What Happened in 2019. And What Didn’t.
It’s difficult to look at a news website without seeing forecasts and predictions for the next year. I’m often curious to look back at how accurate those predictions proved to be. Just a few predictions I remember were made for 2019, and how they turned out:
- Fewer, better adversaries: One security company was of the opinion in January that we’d see fewer, but smarter and stronger, adversaries. It’s hard to compile data on this one – I’m unaware of any phonebook of hackers, but it’s hard to imagine we’ll ever have fewer of them (sad to say). So I’ll say they were at least half right.
- Not nearly enough cybersecurity pros: This lament is not new, so I’m not sure how far out on a limb they went with this prediction. But I’ll say they got it right, as the shortfall for security experts has only grown during 2019. And this will continue to be a challenge for the industry.
- Attackers focusing on the cloud, and security teams should: Similar comment, that this one would be hard to get wrong, since usually the cloud is where the data is aggregated. But again, I’d say they got it right.
Intrinsic ID’s 2019
We continued to make progress as a company in 2019. Early in the year we announced an update to our Citadel product. Scalability will be key to IoT success, and our Citadel Infrastructure Tools are designed to scale security of IoT device shipments to trillions of devices. It enables automation of the deployment of a hardware-based root of trust in less-than-trustworthy supply chains. This will be critical to enabling mass-market deployment.
In terms of market footprint we added or expanded relationships with customers such as NXP, IDT and GOWIN Semiconductor. We also grew our presence in the MCU space. Geographically, we engaged with new customers in China.
As for new technology applications, we entered into our first AI chip, and expanded our presence in data center chips. With our new Monark product we have delivered PUF security for FPGAs, such as the Xilinx Virtex 7, Kintex 7 and Zynq 7000.
With regard to award recognition, we were pleased to receive the IoT Breakthrough Award for BroadKey, and the Cyber Defense Magazine Groundbreaking Company in IoT Security Award.
It was a year for accomplishments via collaboration. With our initiative with the EU’s INSTET Horizon 2020 program, we made strides in proving how to easily and robustly secure medical wearable devices with SRAM PUF. And we are proud of our joint work with Guardtime on a blockchain-based security architecture for a renewable energy trading system in support of the city of Rotterdam’s “Digital Twin” initiative.
And an event I always look forward to is our security summit, which we moved to San Jose’s Tech Interactive this year. This might have been our most diverse array of speakers ever, a group of security ecosystem solution providers advising on cradle-to-grave security lifecycle best practices.
So 2019 had some notable moments for security generally, and Intrinsic ID in particular. But now let’s look forward.
What’s Ahead for 2020
I’ve found that when you work in security, looking ahead usually conjures potential threats which are more frightening than the last. In our business that is easy to understand, as we continually see new technologies and devices that help us use data in new ways, and which tend to result in broader attack surfaces. And so it is with IoT and the cloud. Where is this likely? A few thoughts:
- IIoT will continue its expansion of IIoT devices as more products are designed for specific use cases.
- Voice-assisted devices have access to highly sensitive data in our homes. It seems only a matter of when, not if, we see a catastrophic breach of private data via such a device.
- Medical devices will continue to be a growing concern, as the benefits of connected devices such as monitors and pacemakers increases. The risk to privacy and life itself makes securing these devices a priority.
Risks that I’ve described are not just theoretical. Just a couple weeks ago these threats were made real when reports surfaced of significant breaches involving Ring doorbells. In one such instance hackers broke into a camera in an 8-year-old’s bedroom, and they watched and spoke to the child. Ring said it “will continue to introduce additional security features to keep our customer’s Ring accounts and devices secure.” They haven’t said what those steps will include, and suggested that the family’s passwords were weak. But weak account passwords will happen. Breaches such as these will continue, and the burden is on manufacturers to do more to prevent such hacks.
In 2019 governments around the world continued efforts to take responsibility for privacy and security. In California, for instance, important legislation came into play for IoT security, which the world would do well to heed. The CCPA, which became effective January 1, brings much-needed attention to how collectors of our data must take responsibility for handling it securely.
It’s no accident that the cases I just mentioned above, and many others, can all be addressed starting with security based on unclonable devices. You can bet Intrinsic ID is engaged in combatting all of the above, consistent with our goal to Authenticate Everything, so as to create an IoT that can be trusted.
The risks continue to grow, but so will our efforts to prevent them. A bittersweet combination perhaps, but a challenge we at Intrinsic ID look forward to in 2020. See you in the new year.
Pim Tuyls, CEO of Intrinsic ID, founded the company in 2008 as a spinout from Philips Research. It was at Philips, where he was Principal Scientist and managed the cryptography cluster, that he initiated the original work on Physical Unclonable Functions (PUFs) that forms the basis of Intrinsic ID’s core technology. With more than 20 years experience in semiconductors and security, Pim is widely recognized for his work in the field of SRAM PUF and security for embedded applications. He speaks regularly at technical conferences and has written significantly in the field of security. He co-wrote the book Security with Noisy Data, which examines new technologies in the field of security based on noisy data and describes applications in the fields of biometrics, secure key storage and anti-counterfeiting. Pim holds a Ph.D. in mathematical physics from Leuven University and has more than 50 patents.