An Interview with Intel on the Future of Cybersecurity
Today we are sharing a fun interview with a special guest from Intel, who is one of our sponsors for Ringzer0 2020. We had the chance to interview Abhilasha, who will be sharing with us the cool things that she's doing at Intel, the industry trends that she's observing as well as new and emerging technologies that we should be aware of. We also cover how they're tackling technical challenges and how Intel is helping to develop the next generation of engineers.
Let's dive right in!
Can you tell us more about who you are and your role with Intel?
Sure! I'm Abhilasha, I'm a principal engineer at Intel and I focus on hardware-based security architecture. I'm part of the Intel Business Client group, which focuses on commercial PC clients. We work closely with customers and partners to understand their business needs and their new usage models.
We aim to provide platforms that are truly built for business. We are constantly innovating around enterprise usages and looking at it holistically, including performance, stability, security, manageability - our four key pillars. We also think 5, 10 years out - so that we can meet the needs immediately. We are on the cutting edge of computing.
Additionally, we do a lot of skills-based community service. My cybersecurity work extends to activities related to diversity and inclusion, women in technology, and the underrepresented. I volunteer for cybersecurity education activities like Echelon Catapult. I'm fortunate to do this as part of Intel. It's an integral part of our culture, working with the community, and having this sense of responsibility.
What industry trends are you observing right now and how are they influencing the research and development that your team conducts?
We've been following and influencing industry trends for many years. These last few months with COVID-19 has been a game-changer. Many of us have suddenly become remote workers dealing with many daily challenges like business resources not being available, not getting the latest system upgrades, or network connectivity issues. Businesses are doing whatever it takes to achieve business continuity, providing all services to their workforce, even if they had to lower security measures. This has resulted in companies being more vulnerable to cyber-attacks. Attackers haven't slowed down, and the number of malware attacks continues to increase.
There's also this need to deliver quicker software solutions, which is great for DevOps and Agile computing, but sometimes security gets overlooked because there's this need for speed. Immediate delivery often results in more rework and patching. It's a challenge for the security community to stay ahead when more vulnerabilities and larger attack surfaces are introduced.
There are several innovations and analyses that we are conducting to get the right solutions and the right computer environment in place so that businesses can continue to operate. Our solutions empower users and enterprise IT to remain productive without compromising security.
Do we need to rethink the way that we're doing things or do we need to approach these security challenges in a different way?
We do need to rethink how we do things, especially when it comes to security. It's not about an incremental change by adding another patch on top of a problem. You have to take a step back and look at the bigger picture. There is a sense of urgency now to ask more than ever, how do you make this security built-in? How do you build a computing platform that is secure by design? For example, we worked quite a bit over the last several years to define privilege levels and escalation of privileges.
We are also rethinking client virtualization. Take the many ways that malware can potentially get access to a system. A lot of investment has gone into client virtualization, which is similar to our real world COVID scenario, where we want to prevent the virus from spreading. We ask everyone to stay home, stay quarantined, and isolate themselves. In a very similar fashion, we are isolating workloads using client virtualization. When you do that, it reduces the spread and persistence of malware. We are addressing entire classes of attacks to make it harder for attackers to obtain and maintain access to your system. Client virtualization is, therefore, providing better security in many ways.
What is your team's vision when it comes to developing new and emerging technologies?
Our Intel vPro® platform is built for business. How we use computers in our consumer world is different from commercial usage, where there are additional considerations. We understand the needs of the user and the business, so we take a user-centric approach when we develop our business platforms. Intel vPro provides the best PC platform for business, helps the end-users be productive at the highest level, and is easy for IT teams to maintain and maximize the efficiency for companies as a whole.
Overall, it's all about productivity and working together as a team to protect enterprise assets. This is what we are achieving with Intel vPro. We always aim to be ahead of the changing market. We're looking at the ecosystem, working with our partners, and leading it to develop the next commercial computer. We are developing Intel vPro platforms to be future proof, so that they stay ahead of the trends and are able to solve today's problems. We want our solutions to stand the test of time, giving users the freedom to explore without fearing compromises or cyber-attacks.
What technical challenges do you anticipate or need to overcome when designing new innovative solutions?
This is something that is really great at Intel. Andy Grove, the former CEO of Intel, said that "The lesson is, we all need to expose ourselves to the winds of change." We are continuously looking at how to innovate and address the changes happening around us. Attackers adapt fast when you harden a system. We focus on designing robust solutions that address the immediate attacks, but also anticipate and mitigate future attacks. It's very much a chess game.
We also need to be pragmatic. It takes time for some of these technologies to get deployed at scale given the challenges. We need to continue supporting legacy solutions while we develop new hardware and security capabilities so that users remain protected.
How does Intel or your team partner with the government, academia, and other industry partners to achieve these innovative goals?
Intel has really great partnerships with the ecosystem. That's one of the key things I love about providing the computing platform for the world. I personally, as part of the team, really like to work with our OEM partners, our operating system vendors, the software vendors, and the entire ecosystem because it takes all of us to achieve our vision successfully.
We also work together with research communities across the board, including researchers that are well-recognized in IEEE, USENIX, and other organizations. They help to provide ideas that are good to consider when we're designing new technologies. We also work with end customers across many sectors, including healthcare, government, and academia to increase awareness of what we are trying to achieve so that we can get the most up-to-date feedback and work together towards developing next-generation technology.
How is your team helping to grow the next generation of engineers?
This question is a personal favorite. I'm a mom with two young kids. I'll share a recent experience because it does relate to how we develop our next-gen engineers, given the current circumstances with COVID and teleworking. We've seen their classes transition online. My kids recently finished their online cybersecurity course, which is taught with high school volunteers. My daughter, Heidi, said, "You're in the hands of the next generation" - I can't agree more!
And this is not for kids only. The volunteers who are helping out are also rethinking and saying, "Hey, I love my area, but cybersecurity looks very interesting too." This applies to adults as well. Cybersecurity is for “K through gray”. Every adult in different fields can consider careers in cybersecurity. We were talking about the talent gap with our kids. My son, Arnold, who's a second-grader, says, "It looks like we have a lot more hackers now and all you need is more cyber defenders." We have so much to learn from the next generation of engineers, and I enjoy that experience as we give back to the community and create a pipeline for cyber talent.
Speaking of giving back to the InfoSec community, we very much appreciate Ringzer0's mission. You all are so well-versed with your respective areas in cybersecurity. Your mission to empower through education aligns with a core part of our culture at Intel. It is reflected in Intel’s Security First pledge. We've talked about our commitment to security, and it's one of our most important priorities to get to the right level of security across the board.
Where can people go to get more information about Intel, the Intel vPro platform, and what you shared with us?
You can go to intel.com/vpro for more information about our platform. You can also check out our Intel Business YouTube channel. Feel free to reach out to me over LinkedIn or email. We really do appreciate the opportunity to serve as a sponsor and as a partner in the InfoSec community. We'd love to continue this conversation with Ringzer0 and the community to see what we can do together in the near future.
Now It’s Your Turn
We hope you enjoyed our interview with Abhilasha from Intel! Make sure to go to ringzer0.training for more information on the Ringzer0 2020 training events that we're offering throughout August. They will be offered online as an interactive remote training rather than in-person in Las Vegas due to COVID-19. Once again, check out our website for more details and we look forward to teaching you online!
Abhilasha Bhargav-Spantzel is a Principal Engineer at Intel, focusing on hardware-based security product architecture. She has 15+ years of experience in security and privacy. She completed her doctorate from Purdue University, which focused on identity and privacy protection using cryptography and biometrics. Abhilasha drives thought leadership and the future evolution of cybersecurity platforms through innovation, architecture, and education. She has given numerous talks at conferences and universities as part of distinguished lecture series and workshops. She has written 5 book chapters and 30+ ACM and IEEE articles and has 25+ patents. Abhilasha leads multiple D&I and actively drives the retention and development of women in technology. She is passionate about STEM K-12 cybersecurity education initiatives, as well as co-organizes regular camps and workshops for the same.