Cog’s tech is now embedded in Qualcomm’s chips

Today is a big day for Cog Systems as we can finally announce a great leap forward our vision to make foundational security in IoT the norm, rather than best practice.

Our team is on a mission to secure the world’s IoT devices, and enable compelling virtualisation use cases. Our partnership with Qualcomm means our technology will be easily available for a very large segment of IoT device makers.

Qualcomm has embedded Cog’s D4 Secure technology in their Snapdragon chips, including the recently released 855 chip. This means any device maker using a Snapdragon chip need only get in touch with Qualcomm or our team to turn on our defence-grade security.

What is exciting about this is that by having great foundational security we take care of limitations that prevented OEMs from creating new and innovative products using technology like AI and machine learning for biometrics, real-time (which robots and autonomous vehicle need).  This is particularly important where they seek to combine different technologies together but leverage our security to keep them separate from one another.

It’s a result of many months of careful due diligence with Qualcomm and years of engineering. I’m incredibly proud of the Cog team.

This partnership is a really important step for IoT because while there has been excellent innovation in IoT security over the recent years, most of the work has been focused on solving specific problems. This is needed but most of the solutions have been for symptoms, rather than the root problem. Because no product is truly secure without foundational security.

A good example of this is some of the great encrypted and secure messaging apps. These are important, but if the device itself is compromised or vulnerable, their security benefits are minimal.

Securing the core of a device is must-have for IoT, not a nice-to-have. The major risk to our current IoT environment is how vulnerable it is to attacks, bad actors and bugs. This insecurity is holding the industry back from truly life-changing innovations, such as autonomous cars and entirely automated smart medical devices.

There have been hacks and attacks, and there will be many more if device makers don’t secure the core of their products. We know from the computers and smartphones that hacks, bugs and viruses can and will cause huge issues in the IoT industry. The good news is we also know from these previous technologies that foundational security, such as the virtualisation of the cloud, is possible.

Our vision for Cog is to achieve for IoT what VMWare achieved for cloud computing. Thanks to their success, no one think it’s remotely risky to have fiercely competitive products hosted on the same cloud infrastructure. The fact we can have both Coke and Pepsi on Amazon Web Services is evidence of security and virtualisation done right. They do this through having separate virtualised machines, which is part of the approach Cog uses also.

Virtualisation is a building block for great security. The complication with mobile and IoT is the software needs to be lean and light so it doesn’t impede performance so much it stops people from using it. A lot of these existing virtualisation solutions are very big in their code size and software, which not only impacts performance but also has a higher chance of both threat vectors and bugs.

Security has been an afterthought for virtualisation companies so far, but for Cog it’s our core business – it’s embedded because you need both security and performance.

We are only in the very early stages of our hyper-connected future. In less than two decades we’ve gone desktop-only computing to extraordinarily powerful smartphones in our pockets, to having an average of 75 connected devices in our homes (according to Gartner).

The risk is significant, urgent and impossible to entirely contain. The emergence of Cog, with its Qualcomm validated technology, as the first truly foundational security solution for the IoT. We’re preventing millions of attacks, so our direct customers as well as anyone with a Qualcomm Snapdragon chip that activates their Cog tech can focus on accelerating the rate of innovation in the IoT, enabling products we haven’t been able to imagine yet as the security issues have been so significant.

Three Takeaways from SINET Melbourne

I recently had the honor of being a panelist at SINET Melbourne.

SINET is dedicated to building a cohesive, worldwide Cybersecurity community with the goal of accelerating innovation through collaboration. The organization’s global series of events act as a catalyst that connects senior level private and government security professionals with solution providers, buyers, researchers and investors.

In Melbourne, I had a front row seat, and here were my three most important takeaways.

Cybersecurity awareness has gone mainstream.

As someone who has kept a keen eye on the evolution of cybersecurity in the last decade, I’m very encouraged to see that we no longer have to convince organizations to care about security. The conference presented in-depth information on how we deal with cyberthreats, as well as how we can remediate and manage attacks. That being said …

We’re missing a big piece of the puzzle.

An area where I’d obviously love to see more of a focus is on the move toward modular device design. The modular approach starts with the fundamentals of good security, including redundancy and defense-in-depth system implementation. Systems must move from an old-school monolithic approach to a modular approach. And this isn’t just a security play. …

That piece of the puzzle will change everything.

Modular device design is like constructing a solid building foundation – no one wants to talk about it. Everyone notices the sweeping architecture of a building or the latest technology that allows for a virtualized concierge, but no one stands around oohing and ahhing at the foundation. But a foundation created on the fundamentals of good security enables you to build something innovative on top. That is how I view the importance of modular design. Yes, it’s a security play, but it goes so much further than that.

I’m excited to see the awareness that cybersecurity now has, but my hope is that as we move forward, we can engage stakeholders – particularly the younger generation of cyber professionals – to embrace modularity and enable the next wave of innovation.


Our Master Plan – The Inflection Point (Part 2)

Continuing from The Past is Prologue (Part 1).

Since our founding days, our company’s purpose is to expedite the move to new technology and approaches that enables and encourages OEMs (the people who make devices) to construct more secure devices, while also enriching their functionality, and thereby enabling further innovation.  This would in turn would provide integrators with richer products and tools to build an entire connected, and secure ecosystem.  It would enable enterprises and users to reclaim lost productivity in scenarios where security became a burden or inhibiting (eg. Enterprise mobile users are often constrained by the applications with which they can run).  The cool thing about this technology and approach is that it has very broad applicability to how we build systems (more on that another time).

The time is now.  Continue reading “Our Master Plan – The Inflection Point (Part 2)”