The 2021 Arm Security Manifesto


11-08-2021
stylised blue electronic fingerprint_ Arm Security Manifesto

Arm has published its third Security Manifesto, which surveys the current threat landscape and its evolution but also details the tremendous strides the industry has made in the past four years.

Arm writes:

We’re all painfully aware that cybercrime incidents have soared in recent years, targeting individuals, governmental organisations, hospitals and utilities. The good news is that our industry has accelerated its efforts to combat cybercriminals to ensure a more secure, trusted digital world.  

But there’s still work to do. As Arm CEO Simon Segars has said, technologists have a particular duty of care to not rely on how we dealt with past threats but to relentlessly prepare to deal with the next ones. 

Four years ago, we published our first Arm Security Manifesto in this spirit. It detailed some of the key vulnerabilities that security experts were grappling with and mapped out a vision of how the industry was responding ­– from security compartmentalisation techniques at the IP and chip levels to the need to design in functionality that takes into consideration the human factor. Our second manifesto, published in 2018, included lessons technologists had learned from the Spectre and Meltdown attacks to a new device “health system” for scale deployments that would act as a digital immune system.

2021 Arm Security Manifesto

Today, we’ve published our third Arm Security Manifesto, which surveys the threat landscape today and its recent evolution but also details the tremendous strides the industry has made in the past four years. In it, you’ll find:

  • A futurist’s view of the security threats that might lie ahead as cybercriminals try to stay one step ahead of improving security schemes.

  • New architectural and chip-level innovations involving compartmentalisation and memory tagging that aim to prevent or minimize damage from device-level cyberhacks.

  • Expanding certification and attestation efforts, such as PSA Certified, that solidify trust in hardware and software.

  • A fascinating overview of how the insurance industry is working with technologists to better quantify risk so it can offer sustainable insurance and keep premiums manageable. 

  • A call to action for technologists and policy makers to work more closely together to develop strategies that will enable us to leap ahead of cybercriminals.  

  • A look into the future of post-quantum cryptography, a prime example of visionary work being done today to prepare for tomorrow.

In addition to its call to arms around multidisciplinary cooperation, the 2021 Arm Security Manifesto was written in the spirit of Segars’ call to action: How do we deal with threats we might not even be able to imagine today? For instance, robo-hackers that can probe your company’s defences and engineer and evolve their own exploits millions of times faster than any human hacker could or autonomous polymorphic malware that could dynamically wreak havoc?

When Arm unveiled its inaugural security manifesto in 2017, the widely respected technology analyst Patrick Moorhead had this to say: “It is about time for this shift in perspective (on security) if you ask me. We have seen many high-profile data breaches this past year—it is clear the current strategy is not working.  I applaud Arm’s thought leadership in security and hope others will take the pledge to support this.”

Today, we can point to the success of bank and government eID cards with virtually impenetrable security defences all the way to multi-factor authentication and device-level compartmentalization as stepped-up industry efforts in the fight against cybercrime.

Visit Arm Blueprint to find out more, or download the 2021 Arm Security Manifesto directly here.

To read more information, click here.

ARM is at the heart of the world’s most advanced digital products. Our technology enables the creation of new markets and transformation of industries and society.

Arm Ltd