Cybersecurity 3.0: How Confidential Computing Is Reinventing Cloud Trust

Cybersecurity 3.0: How Confidential Computing Is Reinventing Cloud Trust

With the rapid development of AI and cloud technologies, the data processed by enterprises on the cloud—ranging from customer information and business secrets to AI training data—has become a prime target for hackers and insider threats. Although most enterprises encrypt data at rest and in transit, a major security gap remains: insufficient protection when data is being processed.

This issue is particularly prominent in the European and American markets. According to IBM’s 2024 Data Breach Report, Europe—under the strict GDPR (General Data Protection Regulation) requirements for traceability and confidentiality in data processing—has seen an increase in privacy risks within cloud computing. In the U.S., regulations such as the Department of Defense’s CMMC (Cybersecurity Maturity Model Certification), HIPAA (Health Insurance Portability and Accountability Act) in healthcare, and various state-level data protection laws are forcing companies to face a tough question: Can we still trust the cloud to protect our data once it’s there?

Data is most vulnerable during processing—when it is decrypted. Traditional cybersecurity models mainly protect data at rest and in transit. However, once the data enters memory and is processed by the CPU for analysis, inference, or computation, it usually must be decrypted. In other words, during the most critical and valuable stage of computation, data is actually most exposed and prone to attack.

What is Confidential Computing and Why Is It Gaining Attention?

Confidential computing is a hardware-based data protection technology. Its core concept is to encapsulate both the computation process and the data being processed within an encrypted and isolated memory enclave. This area functions like a "digital safe"—even while the data is being used and processed, it remains inaccessible to any external programs, cloud platform operating systems, or even cloud administrators.

This eliminates the need to fully trust the cloud platform. Instead, enterprises can create verifiable boundaries of trust based on confidential computing. Technology giants such as NVIDIA, Intel, and AMD have all embraced this technology, and cloud service providers including Microsoft, Google, and Amazon have launched corresponding solutions. For instance, in April of this year, NVIDIA and Google collaborated to launch Google AI models for enterprise use on Google Cloud, protected by NVIDIA’s confidential computing technology.

Confidential Computing Offers Three Strategic Values:

1. Rebuild Cloud Trustworthiness: The cloud is no longer a source of risk, but a controllable resource. Data sovereignty remains with the enterprise, not the platform.
2. Enable Cross-Border Data Collaboration and Innovation: Different departments, organizations, and even countries can collaborate on AI training without disclosing raw data—fostering the data economy.
3. Meet Regulatory and Audit Requirements: Faced with legal risks such as GDPR and HIPAA, companies can provide verifiable evidence of secure data processing and pass compliance checks effectively.

From a crisis of trust to data autonomy, confidential computing marks a turning point—it is a technology that enables verifiable trust. It does not replace the cloud but makes the cloud trustworthy; it does not replace regulations, but enables them to be verified.

In the global wave of digital transformation, enterprises must gain control over the computing process in order to unlock the full value of their data. Mastering confidential computing is the key to actively building trust.

During the Cybersecurity 1.0 era, protection relied on mainframes; in Cybersecurity 2.0, the focus shifted to the cloud, with software-based defense mechanisms. Now, in the era of Cybersecurity 3.0, it is necessary to establish a hardware-based "Root of Trust", giving cloud platforms a technically verifiable foundation for trust.

For Taiwanese Enterprises:

Confidential computing empowers businesses to move beyond mere “data leakage prevention” toward “trusted data collaboration,” balancing operational flexibility and regulatory compliance. The earlier companies deploy this technology, the better positioned they will be to lead in the data economy, build commercial trust, forge data collaboration alliances, and secure a place in the global industrial value chain.

 

https://www.ctee.com.tw/news/20250619700122-439901