Under-fire Facebook joins Arm-powered cyber defence force
Arm has joined forces with other global technology power players – many with a Cambridge UK presence – to form an unprecedented cyber security defence league.
The Cybersecurity Tech Accord has been founded by the superchip architect along with Microsoft, Oracle, Cisco and other tech giants – including the under-fire Facebook – in a trade bloc of more than 30 innovators.
Under the four-point accord, the signatories agree to do their utmost to defend customers everywhere from malicious cyber attacks by cyber criminal enterprises and nation states.
Carolyn Herzog, general counsel at Arm, explained: “In the next four years, economic losses from cyber attacks on businesses, organisations and individuals could total a staggering $8 trillion.
“Along this long trail of lost currency will be human stories of people having their identities stolen, bank accounts emptied; and businesses losing revenue and suffering damage to their reputation.
“At Arm, we believe in the enormous benefit that a more securely connected world will bring. In fact, our company has a long history of security innovation informed by the belief that effective security solutions require an expanding portfolio of secure IP, software and a collaborative ecosystem fortifying devices across a common platform.”
The quadruple cyber defence fortress will be built on:-
• Stronger defence: The companies pledge to protect all customers globally regardless of the motivation for attacks online.
• No offence: The companies will oppose cyber attacks on innocent citizens and enterprises from anywhere.
• Capacity building: The companies will do more to empower developers and the people and businesses using their technology – helping them improve their capacity for protecting themselves.
• Collective action: The companies will establish formal and informal partnerships with industry, civil society and security researchers to improve technical collaboration, coordinate vulnerability disclosures, share threats and minimise malicious code being introduced into cyberspace.
Herzog added: “At Arm, as we have built a successful global business in semiconductor IP and software, security has long been a primary design consideration. This includes introducing leading solutions such as Trustzone and the Platform Security Architecture (PSA).
“In October 2017, Arm’s Security Manifesto gave a more prominent voice to security innovation, exploring the nature of our industry’s responsibility as guardians of the Information Revolution and the Digital Social Contract for Security that Arm believes all technology providers must rally behind. These principles stand behind our engagement with the Cybersecurity Tech Accord.
“All signatories to the Tech Accord are united in the belief that we must continually do more to stay ahead of the cyber criminals and other malicious actors.
“Just recently, government services in Atlanta were paralysed by a ransomware attack. In 2017 the UK’s National Health Service, the world’s biggest healthcare provider, was targeted by a WannaCry cryptoworm attack. It led to 7,000 cancelled appointments and some hospitals being forced to disconnect from the internet.
“Now, as we look forward to a trillion connected devices being deployed over the next 20 years we must stand shoulder to shoulder in our commitment to protect cyberspace.
“Staying ahead of threats is a constant battle and the pledge the industry is making in the Cybersecurity Tech Accord will continue to strengthen security and help to ensure the benefits of a data-driven world are fully-realised for all.”
In a separate and significant collaboration with Microsoft and others, Arm has unveiled a new IoT solution to accelerate the development of secure chips.
Paul Williamson, VP and general manager, IoT Device IP Line of Business at Arm, said the new SDK-700 System Design Kit was a comprehensive SoC system framework for designing secure chips for rich IoT nodes, gateways, and embedded applications.
“This solution enables partners to build secure devices within a common software development environment, while enabling the diversity and differentiation for their business to thrive in new IoT applications,” he said.
The SDK-700 supplies a secure SoC framework foundation for Microsoft Azure Sphere, announced at RSA in San Francisco.
Williamson added: “The flexibility of the solution enabled us to collaborate closely with Microsoft to ensure it meets the security requirements designated by Azure Sphere.
“This allows SoC designers to use SDK-700 to bring Azure Sphere SoCs to market quickly, leaving them to focus on differentiation because they can be confident that their design meets Microsoft guidelines.
“Devices must be born secure. Connecting a trillion connected devices will require all parts of the value chain to embrace the guiding principle that security can no longer be optional or an afterthought when designing IoT SoCs and systems.
“But to do this, the industry needs to move faster and foster more trust. SDK-700 is one more way for the industry to move faster with a proven and validated approach for embedded systems design.”