Security 6 min read

Why AI Changed Security Forever, And Why Confidential Computing Might Be the Only Real Solution

Traditional security worked like airport security. Then AI arrived, and suddenly we're trying to secure an airport where every passenger, every piece of luggage, and every threat all look identical.

OJ

Omar Jarkas

November 10, 2025

In This Article

  1. 1. What Changed
  2. 2. The New Risk
  3. 3. Why Software Alone Isn't Enough
  4. 4. The Only Real Solution: Starting Security in the Physical World
  5. 5. What This Means for Organizations Today
  6. 6. The Bottom Line

For decades, cybersecurity worked like airport security: check what's coming in, filter out the dangerous stuff, let the safe stuff through.

Then AI arrived, and suddenly we're trying to secure an airport where every passenger, every piece of luggage, and every potential threat all look identical.

That's not a harder problem. That's an impossible problem.

1. What Changed

Traditional security could work because inputs were predictable. Code looked like code. Malicious requests had patterns we could detect and block.

AI—specifically large language models—changed the game completely. They communicate in plain language, just like people do. Your customer service chatbot can't tell the difference between a genuine question and a carefully crafted attack, because both look like normal conversation.

You can't filter natural language without breaking the AI itself. And that creates a security problem we've never faced before.

2. The New Risk

Here's what can happen:

1

Someone sends your AI an innocent-looking message that tricks it into doing something dangerous.

2

If your AI can execute code or access systems (many can), that trick becomes real damage.

3

The attack can be sophisticated enough to hide itself—your security systems report everything is fine while your infrastructure is actually compromised.

The Uncomfortable Truth

When attacks can come in any form and be arbitrarily sophisticated, software-only defenses can't guarantee protection.

3. Why Software Alone Isn't Enough

It's like trying to build a wall where the attacker can potentially punch through any part of it. No matter how thick you make the wall, there's no guarantee it will hold.

Software Defenses

  • Firewalls can be bypassed
  • Antivirus can be evaded
  • Intrusion detection can be fooled
  • Kernel protection can be compromised

The Problem

Software defends against software, but sophisticated malware can always find a way through software defenses. A sufficiently sophisticated attack can compromise each layer.

This is where confidential computing becomes critical.

4. The Only Real Solution: Starting Security in the Physical World

Here's the fundamental problem: software-only solutions cannot protect against unbounded malware sophistication.

No matter how many layers of software security you add—firewalls, antivirus, intrusion detection, kernel protection—a sufficiently sophisticated attack can compromise each layer.

The Only True Mitigation

Anchor security in the physical world, where even the most sophisticated malware hits an impenetrable barrier.

This is exactly what confidential computing offers.

Confidential Computing establishes trust at the hardware level—in the physical chip itself. This means even if every piece of software is compromised, the hardware can still detect something is wrong.

The Laws of Physics

Malicious software can lie to other software. But it can't lie to hardware designed to detect tampering. The laws of physics prevent it.

5. What This Means for Organizations Today

Whether people realize it or not, the security landscape post-LLM has fundamentally changed forever. And the change is more dramatic than most understand.

Here's why this is unprecedented:

First

Unbounded inputs enable unbounded attacks

Because AI accepts any form of input—natural language, images, audio—the sophistication of potential attacks is literally unlimited.

Second

AI holds unprecedented power

Today's AI systems don't just answer questions—they execute code, control agentic workflows, and can take over entire browsers or computers.

Organizations must recognize the unprecedented trust we're placing in AI systems today and be cognizant of the risks.

6. The Bottom Line

We cannot prevent every AI security incident. The nature of how AI works makes that impossible.

But confidential computing provides something crucial: guaranteed containment when attacks happen.

It ensures that even if your AI is tricked:

The damage stays contained within secure boundaries
You can detect the compromise
Your critical systems remain protected

The security landscape has fundamentally changed.

Our defenses need to change with it.

Related Articles

Technical Deep Dive

GuardCloudIMA: Extending Hardware Root of Trust to Containers

How we built privacy-preserving integrity measurement for cloud-native workloads.

Technology

Hardware-Enforced Privacy with AMD SEV & NVIDIA H100

Deep dive into our confidential computing infrastructure.