Encryption, firewalls and zero-trust architectures are time-tested strategies for guarding delicate information. However there is a catch: within the period of cloud computing and deeply intertwined digital networks, it is more and more tough to know the place information resides — and who can view it — at any given second.
That is prompting CIOs to show to confidential computing. The know-how addresses a standard however typically missed safety hole: organizations typically use encryption for information at relaxation and in transit, but the second it is decrypted, it’s probably seen. This makes it susceptible to anybody or something that has entry to system reminiscence, together with a rogue course of, compromised hypervisor or unhealthy actor.
Confidential computing protects information in use by processing it inside a hardware-encrypted trusted execution surroundings (TEE) — a safe space inside a chip that isolates information from surrounding infrastructure, purposes, cloud suppliers and even privileged customers. Consider a TEE as a mailroom with no door or home windows: nobody can enter, however letters can go out and in by way of a protected slot.
“After we describe confidential computing and other people truly perceive it, the query is nearly all the time the identical: Why would not we use this?” mentioned Mark Bower, chief technique officer at Anjuna Safety and co-chair of the Cloud Safety Alliance Confidential Computing Working Group.
As threats worsen and dangers develop — together with geopolitical instability — confidential computing is within the highlight. A latest survey carried out by IDC Analysis discovered that 75% of 600 respondents are adopting confidential computing in some kind — with 18% already in manufacturing and 57% testing it. Equally vital, 88% of enterprise leaders say it improves information integrity, and 77% consider it dials up key technical assurances.Â
“As AI adoption grows, regulatory pressures improve and multi-party analytics positive factors traction, organizations need to shut safety gaps and future-proof resilience,” mentioned Philip Bues, a senior analysis supervisor at IDC. “It’s changing into a board-level crucial.”
Establishing belief in code, defending information in use
What makes confidential computing so engaging is that it introduces verifiable belief by way of hardware-rooted attestation. Workloads comprise a novel cryptographic id that proves code is working inside a confidential surroundings. “You keep away from injecting secrets and techniques into the CI/CD pipeline, which is precisely the place they get compromised,” Bower mentioned.
Usually, organizations energy up software program and companies with no assure that passwords, keys or secrets and techniques are intrinsically safe. “There’s a ‘first secret downside.’ How do I do know after I arrange entry management for a system that it’s truly reliable?” Bower mentioned. “Confidential computing solves this downside. It establishes belief earlier than it ever touches information.”
The know-how is already broadly used for chip playing cards and cost platforms, together with Apple Pay and Google Pay. It is also constructed into {hardware} safety modules that retailer and shield cryptographic keys. Now, as organizations look to wall off mental property, regulated analytics workloads, private and personal information, and knowledge that may run by way of generative AI fashions, confidential computing is increasing to cloud, hybrid and edge environments.
Confidential computing excels for “delicate workloads and the place information and operational sovereignty are excessive on the checklist of issues,” mentioned Bart Willemsen, an analyst at Gartner. This contains finance and banking, healthcare, AdTech and MarTech. There’s additionally rising curiosity round confidential AI and working smaller, fit-for-purpose open supply AI fashions inside a TEE. Actually, Gartner ranked confidential computing amongst its high three applied sciences to look at in 2026.
“Confidential computing offers the hardware-enforced boundary that software program controls alone can not,” Bower mentioned.
How CIOs can undertake confidential computing
Till lately, many CIOs considered confidential computing as an experimental know-how. Early variations required technical experience to deploy, handle and use techniques — and instruments typically did not combine effectively with current workflows. Consequently, builders and DevOps groups bristled, and adoption lagged.
What’s modified is that trendy software program stacks help confidential computing inside current runtime environments, together with digital machines and containers. Consequently, there is not any want to revamp purposes and reinvent safety protocols from the bottom up. TEEs additionally include controls that work alongside current encryption instruments reasonably than changing them, Willemsen mentioned.
A regulatory construction can be rising. NIST printed an preliminary public draft in December explicitly recommending confidential computing as a management for delicate workloads. The NSA — whose suggestions closely have an effect on authorities and enterprise safety planning — has added TEE to its most up-to-date zero-trust steerage. Different initiatives world wide, together with the EU’s Digital Operational Resilience Act and the Financial Authority of Singapore, are additionally selling the method.
IDC recommends beginning with essentially the most delicate workloads, spinning up focused pilot tasks, tapping third-party attestation options and open supply instruments to validate the integrity of an surroundings, and interesting with distributors that help open requirements and interoperability. It is vital to take part in trade initiatives and collaborate with key stakeholders and spend money on coaching and expertise improvement, Bues mentioned.
Confidential computing’s position within the safe enterprise
Confidential computing is not the one sport on the town. Different strategies, comparable to homomorphic encryption, safe multiparty computation and privacy-preserving federated studying, are additionally gaining traction. But every introduce efficiency penalties or implementation complexity. The attraction of confidential computing is that it already operates at scale with infrastructure organizations it owns.
Bower mentioned that as CIOs flip to confidential computing, it is vital to remain centered on a vital truth: ROI does not arrive within the type of laborious numbers; TEEs cut back danger publicity and enhance compliance. They assist organizations sidestep probably devastating — and costly — safety and regulatory breakdowns. He urged turning to trade sources, such because the Confidential Computing Consortium, to achieve perception into coaching, open supply instruments and different assets that may clean the transition to confidential workloads.
In accordance with Bues, confidential computing will probably converge with AI Safety Posture Administration (AI-SPM) and Knowledge Safety Posture Administration (DSPM) platforms. This might shut a vital hole: TEEs securing information in use, whereas DSPM and AI-SPM handle publicity and governance throughout the remainder of the lifecycle. He predicted that inside just a few years, a brand new commonplace might emerge for the way enterprises handle and shield delicate workloads. The consequence can be a framework that additional integrates safety and governance.
“The query is now not whether or not confidential computing belongs within the enterprise,” Bower mentioned. “It is how shortly CIOs could make it a part of the structure.”
