Software-Defined Cryptography: A Four-Stage Approach to Realizing the Value
Gluing the terms software-defined and cryptography together in one phrase may seem counter-intuitive at first. Just like the realm of networking where the software-defined trend first gained momentum, cryptography has firm roots in hardware. To be more specific, purpose-built hardware has been the basis for cryptographic key management and protection, maintaining keys’ confidentiality—a basic tenet in cryptography. Given that cryptography is one of the foundational elements of cybersecurity—used to protect organizations’ most sensitive data, systems and software—it’s no surprise that security-minded companies have been relying on certified and field proven hardware in their cryptography implementations. But the digital transformation is challenging traditions in many realms of IT, leading organizations to adopt software-defined architectures that enable faster, more scalable, more automated operations. No less so in cryptography. Which raises the question: can cryptography be software defined? Content platform SDxCentral defines software defined everything, or SDx, as “any physical item or function that can be performed as or automated by software.” In the context of cryptography, this means moving away from hardware key protection and processing to pure-software mechanisms, and building in automation and intelligence, as a start. But, here’s the rub: in the path to software-defined cryptography, we cannot deviate from the tradition of meticulous attention to security when designing a cryptography architecture. This is especially important when it comes to protecting sensitive data and applications, which would be at high risk without a stable security foundation in an increasingly challenging cybersecurity landscape. In our blog post: Is Crypto Being Left Out of the “Software-Defined” Movement? we described past hurdles to market adoption of pure-software cryptography solutions. In this blog post, we take a forward look at what a software-defined cryptography architecture looks like, the stages of evolution toward achieving a fully software-defined architecture, and practical steps that organizations can take today to start reaping the benefits.