HP Innovation Journal Special Edition: Security | Page 9
Looking Ahead: HP’s Approach to Security Research
If personal devices and 2D printers are the dominant end-
point devices today, it won’t be long before they are joined
by technologies that further fuse our physical and digital
worlds, like 3D printing, augmented reality, and sensors
that monitor everything from the weather to health data
and traffic patterns.
As devices sense, actuate, collect data from, and work
to change or configure the physical world, the security of
endpoints and their ecosystems will only become more
critical to any organization’s cybersecurity.
The threat landscape will get worse. Nation states
and criminal organizations with huge resources are
creating increasingly sophisticated attacks, and the
efficiencies of the internet and the underground econ-
omy means this sophistication is very quickly available
to a larger set of attackers with diverse motivations—it
is clearly a case of when—not if—you will be attacked.
In the future, cyber events could compromise millions,
or even billions of cyber-physical devices at once, whether to
manipulate their behavior or even disable them altogether.
As we consider this in the context of digital manufacturing
where products are manufactured on the 3D printer nearest
the end customer, in the context of computing for personalized
healthcare, or more broadly in the context of artificial intelli-
gence and machine learning being built into devices to support
autonomous behaviors, we believe that security innovation will
be key to address emerging threats and rise to the challenge of
assuring the safety of our cyber-physical future.
This is why, at HP, we are investing in long-term
research in cyber-security. We are pursuing, for example,
the security innovations needed to allow 3D printing tech-
nology to revolutionize manufacturing. These range from
cybersecurity research for our 3D printers themselves,
to researching the design of secure workflow capabilities
that ensure key security properties are retained in digital
designs until they become physically printed objects. This
will be key to ensuring that the physical and mechanical
properties of a 3D-printed part can be trusted within a
securely digitized distributed manufacturing ecosystem.
Moreover, security will be an enabler for other
cyber-physical scenarios such as collaboration in the office
of the future, or personalized healthcare. We need to make
interactions safe and seamless for users, and manageable
for corporations and administrators. A simple example is
authentication where we are working to move beyond pass-
words and allow for seamless but reliable authentication
user experiences, with appropriate levels of security and
assurance over privacy.
The trustworthiness of tomorrow’s infrastructure will
critically depend on the resilience of endpoint devices to
cyber attacks. After twenty years in device security research
leadership we continue to pursue security innovation to help
build-in further security assurances into hardware, creating
devices that can help detect and isolate breaches, and recover
from them, all at considerable scale, and with minimum
inconvenience to the user. Critically we pursue research into
improving operational security management techniques to
allow our customers to maintain control over an increasingly
large number of devices, data, and their interactions, at a rea-
sonable cost and with the best security assurances possible.
Importantly, we work hard to keep abreast of the
fast-evolving threat environment. We do this in multiple
ways, from engaging with other experts across academia,
governments, and industry, and with HP’s own Security
Advisory Board. But we also operate our own Attack and
Malware Lab, an isolated environment we use to investigate
the state of the art in malicious software and attack capabil-
ities. This allows our teams to experiment with malware in a
contained environment, better understand our adversaries,
and test our research approaches to detecting, mitigating, or
managing infrastructure recovery from real-world attacks.
At HP’s Security Lab we pursue long-term research,
working closely with HP businesses to ensure we can deliver
cybersecurity innovations into HP products, services, and
solutions, that will truly help improve security and mini-
mize the cost of operation and ease of use for individuals
and corporations alike. Our work takes us beyond HP into
global standards organizations and into collaborations
with industrial and academic partners, as well as leading
customers, with whom we must join forces to advance the
cybersecurity state of the art and move our industry forward
towards a safer, more resilient future.
1. 2016 Breach Level index, Gemalto 2. “Economic Impact of Cybercrime,” McAfee,
February 2018 3. CSIS Cybercrime Report, June 2014 4. Forecast Analysis Information
Security, Worldwide, 1Q17 Update, Gartner (Elizabeth Kim, Christian Canales, Ruggero
Contu, Sid Deshpande, Lawrence Pingree), June 2017
8