The Confidential Computing Consortium (CCC) is pleased to welcome Modelyo as a new Start-up Member of the community.
About Modelyo
Modelyo is a confidential computing platform built for government and regulated industries, where strong security guarantees and data sovereignty are essential. The platform uses OpenStack together with Intel SGX and Intel TDX to enable organizations to run sensitive workloads with hardware-level protection, while maintaining full control over their infrastructure and data.
Modelyo’s work focuses on bridging strict security and compliance requirements with the flexibility of modern cloud infrastructure. This approach is particularly relevant for organizations that cannot compromise on sovereignty, regulatory alignment, or trust in how their systems handle sensitive data.
Why Modelyo Joined CCC
Modelyo brings direct, hands-on experience deploying confidential computing technologies in government environments. Their team has worked extensively with trusted execution environments (TEEs) in private cloud deployments and has built attestation workflows designed to meet real regulatory requirements, not just theoretical models.
Joining CCC is a natural next step in that work. Through participation in the consortium, Modelyo aims to contribute practical deployment experience to the broader community, helping accelerate adoption and improve operational understanding of confidential computing in regulated contexts.
What Modelyo Hopes to Contribute and Gain
Modelyo is particularly interested in collaborating on interoperability standards and contributing to efforts that make confidential computing easier to deploy, integrate, and trust across diverse environments. They are also looking forward to engaging with the wider CCC ecosystem, including hardware vendors, cloud providers, and system integrators who are shaping the future of this technology.
Modelyo is currently evaluating several CCC-hosted projects for potential integration and looks forward to contributing more actively as their involvement in the community deepens.
Member Perspective
“Confidential computing is moving from an emerging technology to essential infrastructure, especially for government organizations that need strong guarantees around data protection. We joined CCC to contribute what we’ve learned deploying these solutions in the field and to help shape the standards that will make confidential computing more accessible and trustworthy across the industry.” — :Artem Barger, VP of R&D, Modelyo
The CCC community is excited to welcome Modelyo as the newest Start-up Member of CCC and look forward to the perspective and practical experience they bring to the community.
The Confidential Computing Consortium (CCC) is pleased to welcome Invary as a new General Member of the community!
About Invary
Invary is a cybersecurity company focused on continuous Runtime Integrity attestation, enabling organizations to verify that systems remain in a trusted state throughout execution, not just at boot. This capability is increasingly critical for confidential computing environments, where trust must persist across the full workload lifecycle.
Invary leverages technology exclusively licensed from the NSA’s Laboratory for Advanced Cybersecurity Research to continuously verify kernel integrity, eBPF programs, and trusted execution environment (TEE) operations. These protections span physical hosts, virtual machines, confidential VMs, containers, and processing units, providing cryptographic proof of integrity from launch through termination.
Runtime Integrity is available as a SaaS offering or for on-premises deployment and integrates with existing SIEM and SOC workflows. By delivering verifiable trust signals, Invary’s technology complements hardware-based isolation controls across hybrid cloud, containerized, and multi-tenant environments.
Why Invary Joined CCC
As confidential computing adoption grows, ensuring trust during runtime has become a foundational requirement rather than an optional enhancement. Invary’s work addresses a critical gap by extending integrity verification beyond initial attestation and into continuous execution.
Joining the Confidential Computing Consortium allows Invary to collaborate with industry leaders who are shaping the future of trusted execution. Through CCC participation, Invary aims to help advance industry understanding of runtime integrity and contribute to standards that support verifiable trust throughout the workload lifecycle.
What Invary Hopes to Contribute and Gain
Invary is particularly interested in collaborating on runtime attestation standards and interoperability efforts that strengthen confidential computing deployments in real-world environments. The company brings hands-on experience securing complex infrastructure across diverse execution models and looks forward to sharing practical insights with the CCC community.
Through engagement with CCC members across hardware, cloud, and security domains, Invary aims to help accelerate adoption of confidential computing by making continuous verification more accessible, operational, and trustworthy.
Hear from Invary
“Runtime Integrity attestation provides continuous verification that systems remain in a known-good state throughout execution,” said Jason Rogers, CEO of Invary. “For confidential computing to deliver on its security promise, continuous verification is essential.”
The CCC community is excited to welcome Invary as a General Member and looks forward to the expertise and perspective they bring to advancing confidential computing.
2026 momentum is real. CCC kicks off the year with new leadership for the Regulators & Standards SIG, expanding member activity, and a clear shift from awareness to real-world confidential computing deployments.
Stronger outreach, sharper storytelling. The Outreach Committee aligns on a more strategic, full-stack approach to technical thought leadership, events, and member-driven content for 2026.
More practical technical guidance ahead. The TAC is focused on delivering adoption-focused technical guidance and kicked off the year with a deep dive on browser-based remote attestation.
Industry validation continues. New NVIDIA coverage underscores accelerating confidential computing adoption across CPUs, GPUs, and interconnects, matching what CCC research is already showing.
Get involved. Upcoming events, open blog submissions, a growing job board, and multiple ways for members to contribute and amplify CCC work.
From the Executive Director
Hello Community Member,
Welcome to the New Year (that’s if you follow the Gregorian calendar, of course). I can’t remember a more busy January for the Confidential Computing Consortium. We already have three articles on our blog – do have a look. We’ve also elected a Chair (Solomon Cates, Google Cloud) and Vice Chair (Michael Guzman, JPMC) to our newly-created Regulators and Standards Special Interest Group. I’m hearing from multiple members that they expect this year to be an important and busy one around Confidential Computing, and we want to ensure that the Consortium is the place for everyone to learn about, grow and improve the ecosystem. Our Outreach and Technical Advisory Committee have new initiatives as we move from a phase of people discovering Confidential Computing to planning and rolling out deployments.
You’ll read in the article Protecting Agentic AI Workloads with Confidential Computing how important Confidential Computing is for Agentic AI, and you can expect more articles around both technical issues related to CC and applicability to particular use cases and sectors. If you’re a member of the CCC, we welcome articles, particularly around use cases or technical issues: please contact the Outreach Committee, who manage our blog and content schedules.
On a final note, the New Year is a time when lots of people are looking for new roles, and we have a job board of Confidential Computing related jobs. Again, if you’re a member, you (or your HR department!) can post roles there for free. This benefits the entire ecosystem, giving you a chance to expose interesting roles within your company while acting as a single aggregation point for job seekers.
Outreach
The Outreach Committee began 2026 by aligning on a more integrated and strategic approach to marketing and member engagement, led by the new Outreach Chair Laura Martinez and Vice Chair Rachel Wan, together with active participation from committee members. The committee is prioritizing full-stack Confidential Computing, and Secure and Sovereign AI awareness through sharing our expertise across the engagement spectrum. Specific focus will be around technical thought leadership, coordinated storytelling across tied to strategic events, and stronger activation of content brought in from member expertise. Technical blogs continue to be the highest-performing channel, and work is underway to develop a structured 2026 content calendar spanning blogs, newsletters, and event amplification.
Key updates this month include early planning for annual Outreach OKRs with mid-year reviews, progress on a unified outreach and events calendar, and continued promotion of the IDC white paper as a core thought-leadership asset.
Looking ahead, the Outreach Committee will deepen coordination with other CCC committees to surface technical content earlier, expand member participation in blogs and newsletters, and align outreach efforts with major industry milestones. Members are encouraged to submit technical blog ideas, company updates, job postings, and event announcements, and to continue amplifying CCC content across their networks.
The TAC is kicking off 2026 focusing on a mission from the Board to deliver more technical guidance docs to help people adopt Confidential Computing. If you’d like to help shape the document, join us at one of our meetings on alternating Thursdays at 7 am pacific time. You can look up the meeting in your own timezone using the CCC Calendar.
We also had our first TAC Tech Talk of the year. Rüdiger Kapitza and Luca Preibsch gave a detailed presentation on the topic “Browser-based Remote Attestation”.They also discussed their follow-up work on runtime attestation and the possibility of using site certificates for attestation. You can watch this and previous talks on our Tech Talk Playlist.
Mike Bursell, Executive Director of the Confidential Computing Consortium, shares the CCC’s outlook for the year ahead and why momentum is accelerating across the ecosystem.
From growing regulator interest and AI security needs, to digital sovereignty, attestation, and a clear shift toward demand-side adoption, this post outlines where Confidential Computing is heading and how the CCC is focusing its work in 2026.
Congratulations to Mike Bursell, Executive Director of the Confidential Computing Consortium, on being named to the OpenUK New Year Honours List for 2026.This recognition celebrates his long-standing contributions to open source and his leadership in advancing confidential computing as a foundation for security, privacy, and trustworthy systems. Read the announcement.
As AI systems become more autonomous, protecting agent identity and data becomes critical. This new blog from Mike Bursell explores a growing gap in AI security: Agentic AI systems can be tampered with unless their identity, workloads, and data are protected. It explains how Confidential Computing provides hardware-based isolation and attestation to help make autonomous agents more trustworthy and verifiable. Read the blog.
New coverage on NVIDIA’s Rubin NVL72 highlights a major shift: confidential computing is extending across CPU, GPU, and interconnects, enabling organizations to verify trust cryptographically rather than rely on contractual assurances. This momentum reflects what our ecosystem is already seeing. CCC and IDC research shows that 75% of organizations are adopting confidential computing, with production deployments accelerating across regulated and high-risk environments.
By Mike Bursell, Executive Director, Confidential Computing Consortium
TL;DR
Agentic AI, unprotected, allows unauthorised and malicious people and systems with access to the machines on which Agents run to tamper with the Agents, their execution and their data. Confidential Computing isolates workloads such as Agents, protecting them. It also provides other capabilities that can underpin Agentic AI security
Introduction
The growth in generative AI has recently led to sufficient capabilities for a new set of AI applications: Agentic AI. One way to characterise generative AI is by its ability to generate and information – video, audio, text, numeric – in response to a query by one or more human actors. Agentic AI, on the other hand, is designed to operate (semi-)autonomously, performing multiple tasks, including possibly branching and creating new Agents, in order to fulfil a request. Agentic AI instances may query other systems, including humans, non-AI applications, generative AI and other Agentic AI entities.
Confidential Computing is defined by the Confidential Computing Consortium (CCC) as “protection of data in use by performing computation in a hardware-based, attested Trusted Execution Environment”.
This article considers some of the key security requirements for Agentic AI and how Confidential Computing may be used to meet them. It is intended to encourage interest in the subject and prompt technical conversations between practitioners in these and related fields.
The security problem
Agentic AI entities (“Agents”) will often be operating in environments that are not owned or operated by the owner of the Agent itself. Even where the environment is owned by the company owning the Agent (such as a private cloud or data centre), the people who run the infrastructure are likely to have different responsibilities and authorisations to those associated with or delegated to the Agent. A system admin is not likely to have the same authority as the CFO and therefore the CFO’s Agent, for example. The problem here is that when you run any application – including an Agent – on a machine which you do not completely control, then that application is at risk from people and applications with sufficient permissions, who can read or change data within the application, or even the application itself. This is just a function of how standard computing works, including cloud computing and virtualisation, whether with containers or virtual machines: with standard computing, if you have control over the infrastructure, then you have control over everything running on it. In this model, every Agent with any significant capabilities or access to sensitive data would need to run on separate servers, owned, controlled and operated by the Agent’s owner.
This causes a significant problem for agents. Most agents, by their very nature, need two specific things: an identity, and a way to authorise or approve actions. This latter may well be associated with the identity, but may not be. The standard way to provide an identity within computing is with a unique identifier such as a UUID, and the standard way to provide capabilities for authorisation is with a public-private cryptographic key, where the public part is published and the private part is kept confidential. Both of these are at risk and fundamentally insecure for Agents running on standard computing infrastructure.
In a world where you can have no assurance that the Agent you think you are talking to is actually the correct one – because someone may have changed its ID – you can have no trust in that Agent. Equally, what if somebody steals the private key from your Agent? In this case, the thief will have all the capabilities you delegated to your agent, which could include anything from access to private files to the ability to charge unlimited transactions to your or your company’s credit card.
Isolation requirements
In order to operate safely and as expected, Agents need to be isolated from the infrastructure on which they are running, breaking the standard model of computing where whoever controls the infrastructure controls the workloads. This isolation needs to be enforced in at least two ways: their identities need to be integrity protected, and their capabilities must be confidentiality protected. In fact, there are typically other assurances required: protection of the integrity of the Agent itself (to stop someone changing the “mission” of the Agent) and protection of the confidentiality and integrity protection of most, if not all, of the data held by the Agent (if I have used the Agent to book flights, for example, I want to know that the itinerary that it returns to me is correct and that no unauthorised parties can see it).
These requirements are actually very similar to those for standard applications in highly-regulated industries where data privacy is a concern, such as healthcare, finance, telecommunications, pharmaceutical research and government. In these contexts, protecting both the integrity and the confidentiality of data is a key requirement, often enforced by regulations. Where Agentic AI overlaps with these sectors, we can expect to see these regulations being applied directly. It is also likely that specific legislation and regulations will be created to apply to Agents specifically, simply due to the fact that they are going to be looking after and manipulating sensitive personal and business data.
Confidential Computing to protect Agentic AI
Confidential Computing is a set of chip-based technologies – whether on CPUs, GPUs or beyond – that are widely available both in the cloud and in server-grade technology available to organisations wishing to build private clouds and data centres or even to individual consumers. It provides exactly the protections required – integrity and confidentiality of data and applications – using hardware-based isolation, rooted in silicon.
Workloads, including Agents, are protected in-use – while they are executing – when run using Confidential Computing: the memory they are using is protected from tampering and viewing by all other entities with access to the machine, including administrators, the kernel and hypervisor. Additionally, Confidential Computing allows attestation measurements of applications and data can be verified by third parties to verify that these protections are in place and that the workloads are as expected. It also provides the underpinning technologies required to allow identity to be created and managed.
This is a perfect fit for Agentic AI, providing solutions to the problems explained above with protections that are available now, allowing owners to trust their Agents and for those interacting with them to be sure that they have not been compromised or their data exfiltrated. There are also opportunities for commercial providers of Agentic AI environments to build and sell services that owners of Agents can prove are safe for their Agents, because they do not need to trust these commercial providers, but the Confidential Computing infrastructure instead.
Conclusion
Confidential Computing allows Agentic AI to flourish without requiring infrastructure that is itself trusted: Agents from multiple owners can execute and interact on the same infrastructure. Confidential Computing’s remote attestation also allows identity to be established and proved both to owners of Agents and to other Agents and systems.
The Confidential Computing Consortium
The Confidential Computing Consortium is part of the Linux Foundation and the industry body dedicated to defining and accelerating the adoption of confidential computing. Members include businesses, research organisations and not-for-profits across the ecosystem who work on technical and outreach projects to further the Consortium’s goals.
This month, Mike Bursell, Executive Director of the Confidential Computing Consortium (CCC), was named in the OpenUK New Year Honours List for 2026. The list, compiled by OpenUK, “the UK organization for the business of Open Technology”, celebrates individuals supporting the UK’s leadership in Open Technology. The annual Honours List, now in its 6th year, recognises the commitment of individuals who contribute to the open technology ecosystem above and beyond the call of duty or the demands of their day job.
“I’m delighted and honoured to be selected for this award,” Mike said, “and aware that the open source community only flourishes because many people behind the scenes are working in all aspects of what we do. Though my work in open source, including with the CCC, has spanned many countries, the UK remains a great place to be involved with and promote open source and open collaboration and I’m proud to be part of a flourishing community here.”
The Confidential Computing Consortium is part of the Linux Foundation and represents organizations across the Confidential Computing ecosystem, promoting the adoption of Confidential Computing technologies and providing a home for related open source projects. The growth in availability of hardware supporting Confidential Computing has aligned with concerns around digital sovereignty, privacy of data and protection of AI models, leading Gartner to select it as one of its top 10 strategic technologies for 2026. The CCC takes a lead in technical work around open protocols employing Confidential Computing, providing mentoring opportunities, a job board and fostering open source underpinnings and frameworks using the technologies.
The Consortium also provides an important safe place for organizations to collaborate with other members of the ecosystem to create value for the wider community while minimizing anti-trust concerns. Mike’s role as Executive Director ranges across outreach activities such as speaking and membership activities through writing technical materials, engagement in technical discussions and nurturing open source projects.
A recent CCC report by IDC, Unlocking the Future of Data Security: Confidential Computing as a Strategic Imperative, found that adoption of Confidential Computing is accelerating as awareness of the technology hits critical mass and that the UK has one of the highest rates of awareness globally. Mike noted that while open source is important in all jurisdictions and across all sectors, it is particularly vital for security-related applications: “Confidential Computing has the super-power of allowing you to prove to yourself and others that your application is the one you expect: allowing collaboration in new ways across new sectors like healthcare, finance, pharmaceuticals, Adtech and telecommunications. But, in addition, you need to be able to be sure that the code you’re running is doing what it’s advertised to be doing, and the only way to ensure that is if you’re using open source.”
Mike, who is a UK national and based near Cambridge, has been involved in open source communities for over 25 years and has led the CCC since April 2023. He was involved in the setting up of the Consortium in 2019, serving as the Red Hat representative for several years and formerly holding the position of Treasurer. He was also a co-founder of the Enarx project, the first open source project donated to the CCC on its foundation, is the author of Trust in Computer Systems and the Cloud (Wiley, 2021) and is a graduate of both the University of Cambridge and the Open University.
In this issue, we mark a major milestone for Confidential Computing with the release of the CCC-commissioned IDC report and Gartner naming it a top strategic technology trend for 2026. As adoption grows across AI, finance, healthcare, and Web3, we are deepening regulatory engagement through a new SIG, advancing discussions on digital sovereignty, and building strong ecosystem momentum heading into 2026. Read this month’s newsletter to learn more.
This focus on regulatory compliance has led the Governing Board to create a new Special Interest Group (SIG) focused on engaging with Regulatory and Standards bodies. This SIG is different to most of our others in that it is not driven first and foremost by technical requirements but is aiming to work at the regulatory level, pushing inclusion of Confidential Computing as a key technology within relevant standards worldwide. We already have engagement from several experts – if you are interested, please get in touch.
The final event of the year was Open Source Summit Japan in Tokyo, where I spoke on another topic that has been gaining traction – Digital Sovereignty. With nations worldwide concerned to maintain the safety and security of their government’s, businesses’ and citizens’ data and processes, Confidential Computing has emerged as a technology that can have significant impact. Expect to see more discussion of this in the coming months.
For those of you celebrating, have a great holiday period: I will be enjoying a Christmas and New Year with family and friends – keep safe and I look forward to a busy and productive 2026.
Outreach
In December, the Outreach committee delivered and published the research project in collaboration with IDC, “Unlocking the Future of Data Security: Confidential Computing as a Strategic Imperative.” Following publication, Outreach executed a coordinated amplification effort including a press release and a multi-channel social campaign across LinkedIn and X. Early results show strong engagement, with thousands of social impressions and double digit downloads within the first few weeks of release.
Additionally, Outreach further developed and aligned on a comprehensive digital marketing strategy, introducing paid media and always-on promotion as a new core initiative for 2026. This digital marketing initiative will expand Outreach’s impact and reach by moving beyond one-off, reactive promotions toward a more predictable and sustained engagement model that supports awareness, consideration, and conversion throughout the year.
The proposed approach leverages a coordinated, multi-channel mix (including but not limited to search, display, video, and professional social platforms), each playing a distinct role across the engagement funnel. Importantly, this initiative also introduces a more structured operating model for Outreach, emphasizing recurring campaigns, performance tracking, and a member-driven content pipeline featuring industry projects and insights. By pairing a streamlined event portfolio with sustained digital engagement, Outreach expects to significantly magnify the reach and longevity of its content, improve consistency of market presence, and create a scalable foundation for growth and adoption.
TAC Update
Our last meeting of the year, December 11th, we heard from colleagues in the CNCF CoCo community aboutTrustee. This attestation project might address key issues identified in the IDC report released last month.
If you’d like to watch the presentation you can see it in our CCC TAC Youtube Channel here: https://youtu.be/v5bzB9EMP1I?t=859 The slides will also be publicly available in our meeting minutes or directly here.
Recent News
1.OPPO, with Intel & Alibaba, Demonstrates New Confidential Model as a Service Offering
CCC members OPPO and Intel, in partnership with Alibaba, announced their jointly-developed Confidential Model as a Service (MaaS) architecture at Alibaba’s Yunqi Conference in Hangzhou, China. OPPO is among the largest makers of advanced mobile devices and smartphones in China, and provides software and technology to support mobile services. Using Intel TDX–based Confidential Computing, OPPO showcased their confidential LLM assistant running on OPPO smartphone and disclosed that their Global Private Compute Cloud (PCC) has already been deployed across five global regions. The whitepaper describing the Confidential MaaS solution is here (Chinese): https://developer.aliyun.com/ebook/8461.
2. Oracle has announced support for GPU Confidential Computing on Oracle Linux 9, extending confidential computing protections beyond CPUs to GPU accelerated workloads. The update explains how organizations can securely run sensitive AI, analytics, and high-performance workloads by isolating GPUs inside trusted execution environments, protecting data not only at rest and in transit, but also in use.
The approach combines CPU based trusted execution (using Intel TDX) with NVIDIA GPUs running in Confidential Compute mode, so GPU memory contents are encrypted and inaccessible to the host, hypervisor, or other software outside the trusted boundary. Importantly, Oracle emphasizes that existing applications can benefit from these protections without code changes, helping customers meet regulatory and compliance requirements for sensitive data such as financial, healthcare, or proprietary IP.
Research commissioned by the Confidential Computing Consortium highlights accelerating adoption driven by AI innovation, compliance standards, and data sovereignty
Summary
The Confidential Computing Consortium (CCC), a project community at the Linux Foundation, announced new IDC research, “Unlocking the Future of Data Security: Confidential Computing as a Strategic Imperative.”
The global survey of 600+ IT leaders across 15 industries finds that 75% of organizations are adopting Confidential Computing, signaling its shift from niche to mainstream.
By adding protection of data in-use, Confidential Computing is emerging as a core enabler of secure, data-centric innovation, delivering measurable gains in data integrity, confidentiality and compliance.
Despite strong momentum, skills gaps, validation challenges and interoperability barriers persist, highlighting the need for open standards and industry collaboration led by the CCC.
SAN FRANCISCO, Dec 3, 2025 – The Confidential Computing Consortium (CCC), a project community at the Linux Foundation dedicated to defining and accelerating the adoption of Confidential Computing, today announced findings from a new survey conducted by IDC. Based on insights from more than 600 global IT leaders across 15 industries, the study, “Unlocking the Future of Data Security: Confidential Computing as a Strategic Imperative,” reveals that Confidential Computing has become a foundational enabler of modern data-centric innovation, but implementation complexities are hindering widespread adoption.
“Confidential Computing has grown from a niche concept into a vital strategy for data security and trusted AI innovation,” said Nelly Porter, governing board chair, Confidential Computing Consortium. “As international security and compliance regulations tighten, organizations must invest in education and interoperability to meet heightened data confidentiality, integrity and availability standards – and enable secure AI adoption across sensitive environments.”
Major benefits push Confidential Computing into the mainstream
Awareness and adoption of Confidential Computing continue to grow, expanding its footprint into more industries and applications. According to IDC, “this momentum reflects a broader shift toward securing data in use, driven by the need to mitigate urgent threats and enable secure collaboration in environments where sensitive data is routinely handled.” The study finds:
75% of organizations are adopting Confidential Computing; 57% have started piloting/testing, joining the 18% of organizations already in production
88% of respondents report improved data integrity as the primary benefit of Confidential Computing, followed by confidentiality with proven technical assurances (73%) and better regulatory compliance (68%)
Confidential Computing enables top business outcomes, including accelerated innovation, enhanced regulatory compliance, increased cost efficiency and more. Confidential Computing combined with AI-driven analytics accelerates innovation by enabling secure model training, inference and AI agents on sensitive data.
Confidential Computing stands out as a practical and scalable alternative especially when compared with more complex or resource-intensive methods. It is also applicable for standard computing workloads, without requiring rewriting of applications or algorithms.
Adoption drivers shift gears
As security, compliance, and innovation imperatives converge, Confidential Computing adoption is being fueled as a response to external regulations and an enabler for internal business transformation goals. The study finds:
Regulatory frameworks like the Digital Operational Resilience Act (DORA) are driving adoption as 77% of organizations are more likely to consider Confidential Computing due to DORA’s specific requirement to protect data in-use.
Workload security/external threats (56%), Personally Identifiable Information (PII) protection (51%), and compliance (50%) are the top drivers for adoption, but new use cases – especially in AI and cloud – are expanding relevance, with organizations leveraging Confidential Computing to train AI models, run inference, and deploy AI agents on regulated datasets without compromising privacy
Public cloud users are the most likely to implement Confidential Computing technology (71%), followed by hybrid/distributed cloud users (45%), with the acceleration in these environments, driven by the need for scalable security and compliance with evolving regulatory requirements.
Geographic and industry differences highlight early leaders and emerging priorities in Confidential Computing
Canada and the United States reported the highest percent of Confidential Computing services in full production, at 26% and 24%, respectively, followed by China and the United Kingdom, both at 20%
Greater protection from outside attackers is the highest priority use case in the United States and Britain, whereas Canada, France, Germany and China prioritized protection of personally identifiable information, reflecting more stringent privacy regulations
The financial services industry has the highest number percent of full production deployments (37%), followed by healthcare (29%) and government (21%)
Healthcare respondents place a significantly higher priority on privacy-preserving data collaborations with multiple parties (78%) than financial services (61%) or government (26%), reflecting medical’s need to safeguard highly regulated data, and enable AI-powered diagnostics through privacy-preserving collaborations.
Addressing barriers and accelerating readiness
Despite strong momentum, the IDC study identifies several adoption challenges, including attestation validation (84%), misconception of Confidential Computing as niche technology (77%), and a skills gap (75%), which must be addressed through industry collaboration, education and standardization.
To address these challenges and realize the full benefits of Confidential Computing, IDC recommends that organizations:
Start with pilot initiatives to demonstrate measurable value
Adopt open standards and vendor-agnostic frameworks
Invest in third-party attestation and interoperability testing
Engage in industry-led initiatives such as those led by the CCC to align on technical assurance and trust frameworks
The next era of Confidential Computing unlocks new possibilities in identity, AI, multi-party collaboration and privacy-preserving analytics that were previously out of reach. For more information, read the full white paper here.
About Confidential Computing Consortium
The Confidential Computing Consortium (CCC) is a community focused on projects securing data in use and accelerating the adoption of Confidential Computing through open collaboration. CCC brings together hardware vendors, cloud providers, and software developers to accelerate the adoption of Trusted Execution Environment (TEE) technologies and standards. Learn more at www.confidentialcomputing.io.
This month’s issue highlights several significant year-end milestones across the Consortium — from finalizing the 2026 budget to electing our next slate of Governing Board, TAC, and Outreach committee officers. November is always a pivotal planning period, and this year brings meaningful progress on strategic direction, resource allocation, and community-facing initiatives. We’re also closing out major projects, including our IDC research study, while preparing for a strong and globally connected 2026.
From the Executive Director
November brings two important sets of decisions for the Consortium each year: what our budget should look like and who should serve as officers of the Governing Board and our committees.
Over the past couple of years, the GB made the decision to run down our surplus (accrued mainly due to reduced activities during the Covid era), but this course of action is of course unsustainable and was always planned as a short-term measure. The Board has therefore spent much time over the past two months considering the various options available to the Consortium, supported with options (and many, many numbers!) from the supporting staff of the Linux Foundation, who, as ever, have been extraordinarily helpful.
By the time this newsletter reaches you, the final shape of the budget for 2026 should be complete and agreed, leaving us in a secure financial position not just for next year, but for the coming years after that.
Alongside the budget discussions, we’ve been running votes for the Chair and Vice-Chair positions of the Governing Board, TAC and Outreach committees. I’d like to welcome the following folks:
Governing Board Vice-Chair: Michael O’Connor (Nvidia)
Governing Board General Member Representatives:
Jens Albers (Fr0ntierX)
Samuel Ortiz (Rivos Inc) – returning
Manu Fontaine (Hushmesh) – returning
TAC Chair: Dan Middleton (Nvidia) – returning
TAC Vice-Chair: Ijlal Loutfi (Canonical)
Outreach Chair: Laura Martinez (Nvidia)
We will hold an election for Outreach Vice-Chair to fill this final position. I’d like to thank not only the returning officers, but also outgoing officers: Emily Fox, Mike Ferron-Jones and Yash Mankad for their hard work over the past twelve months.
Outreach
In November, the Outreach committee focused on finalizing our research project with IDC and determining our optimal strategy for 2026. The IDC project titled, “Unlocking the Future of Data Security: Confidential Computing as a Strategic Imperative,” compiles results from 600 respondents in multiple countries. It reveals growing awareness of Confidential Computing, tested the attractiveness of over a dozen usages, and showed impediments that need to be addressed to support wider adoption. We are putting the finishing touches on it now, and plan to make it public in early December.
In 2026, Outreach plans to increase our global reach by optimizing event portfolio and investing new resources in online content marketing and promotion. Our events strategy will be designed to maintain strong relationships with our ecosystem members, but also grow new adopters via events affiliated with security and privacy technologies, and fertile various industry segments.
From the TAC
We initiated the 2026 strategic direction, prioritizing the creation and dissemination of technical blueprints, best practices, and reference architectures, aligning with the Governing Board’s direction. A key theme arising from this is the immediate need for improved documentation and “how to get started” guides. Separately, the TAC received the annual review for the Islet project. Islet is unique in our portfolio in supporting mobile devices.
We also discussed recent publications assessing Confidential Computing. Our documents may not reflect the shared responsibility model, where the Cloud Service Provider remains part of the TCB for physical security. The TAC will look at revising existing documents or adding new ones to make this aspect more clear.
Finally we decided on 2026 allocations for two projects: Veraison (Program Management), SPDM (Security Audit). The Governing Board subsequently approved a smaller budget and so we may need to revisit our plans here.
Please join us at our last meeting of the year, December 11th, where we will hear from colleagues in the CNCF CoCo community talk about Trustee. This attestation project might become a key enabler to help adopters use the variety of attestation services emerging in the ecosystem.
Recent News
The Confidential Computing Consortium welcomes Confident Security as our newest Start-Up Member: Their work to make AI truly private, including OpenPCC, ohttp, bhttp, go-nvtrust, and more, directly supports our mission to advance open standards and adoption of Confidential Computing. Read the full announcement.
Microsoft Announces Preview of Newest Confidential VMs: This month at Ignite, Microsoft announced the latest addition to the Azure Confidential Computing portfolio with the preview of Azure Confidential VMs powered by Intel® TDX on 5th Gen Xeon processors. These new Confidential VMs come equipped with AI acceleration built into the CPU with Intel® AMX technology. For confidential storage and other workloads that need a balance of SSD capacity, compute, and memory, these new VMs can be provisioned with high-performance NVMe drives, achieving nearly 5X more throughput while reducing latency by about 16% compared to the previous SCSI generation. Overall, Microsoft reports lower IO latency by ~27 microseconds across block size and thread count. These Confidential VMs are also the first to use the open-source paravisor, OpenHCL. General availability is expected in select North American and European regions in Q1 2026. Bosch, Thales, TDC Erhverv, and Arqit announced partnerships and endorsements as part of the reveal at Ignite. Read the full announcement.
CanaryBit Selected for Regulatory Sandbox with Ericsson and Volvo Group: CanaryBit, Ericsson and Volvo Group are collaborating to increase road safety, and the Swedish Authority for Privacy and Protection (IMY) is investigating the business use-case in a regulatory sandbox. CanaryBit Confidential Cloud suite enables secure, real-time vehicle-to-infrastructure data without compromising individual privacy. The sandbox project will examine whether Trusted Execution Environments (TEEs) can process road-infrastructure traffic data whilst preserving privacy. The outcome will refine regulations and accelerate privacy-first mobility innovations, a key step to unlocking the full potential of connected vehicles to create safer roads for everyone. This is a landmark moment, as it’s the first time a privacy authority has formally assessed TEEs as a Privacy Enhancing Technology.
Best regards,
The Confidential Computing Consortium
Let’s grow our community! Share this with your network.
The Confidential Computing Consortium (CCC) is pleased to welcome Confident Security as a new Start-Up Member.
Confident Security is dedicated to making AI truly private, developing technologies and practices that protect data and models in use without compromising performance or accessibility. The company’s mission closely aligns with the CCC’s goal of fostering open collaboration and standards to enable secure computation across industries.
Advancing Confidential AI Through Open Collaboration
By joining the CCC, Confident Security aims to help shape and accelerate the development of Confidential AI standards, ensuring privacy, integrity, and trust in next-generation machine learning systems. The company is particularly focused on frameworks that safeguard sensitive data used in AI training and inference while maintaining openness and interoperability.
In parallel, Confident Security has been expanding its open source contributions, sharing tools that support secure, privacy-preserving communication and computation. Recent releases include:
go-nvtrust: Go bindings for NVIDIA Trust extensions
twoway: bidirectional secure communication library
Most recently, Confident Security launched its largest open source project to date – OpenPCC, an open framework for privacy-preserving encryption and AI data security. This release was accompanied by an Axios feature and a comprehensive whitepaper outlining the architecture and technical foundations behind the project. OpenPCC represents a major milestone in the company’s vision to make secure, confidential computation accessible to all.
These projects demonstrate Confident Security’s commitment to advancing open, secure innovation and complement the CCC’s mission to drive adoption of confidential computing technologies.
Strengthening a Shared Mission
“It’s our mission to make AI truly private and part of making that happen are standards and education,” said a spokesperson from Confident Security. “For that reason, we’re very excited to join CCC and to contribute and collaborate with all the members to increase adoption and use of Confidential Computing technologies.”
As a recent addition to the CCC, Confident Security aligns itself with a global collective of technology pioneers, researchers, and innovators who are collaboratively striving to establish data protection and trusted execution as fundamental pillars for confidential computing.
This month’s issue highlights key strategic developments within the CCC, including updates from the Executive Director on the Consortium’s evolving vision and upcoming 2026 priorities. You’ll also find coverage of recent outreach activities, from a successful workshop in San Francisco to our presence at the Open Source in Finance Forum in New York, along with the latest technical updates from the TAC. Finally, we share recent industry recognition from Gartner and welcome several new members advancing the mission to make Confidential Computing the foundation of secure and trusted computing worldwide.
From the Executive Director
October has been busy for the CCC. With two events (see below), new members, the creation of a research fund, new open source projects being considered for acceptance into the Consortium, the Governing Board has also been working to consider what the Consortium’s strategy for the next part of our lifecycle should look like, now that we’ve been around for six years. We considered a variety of options, with the following goal just coming out in front:
“Transform the CCC into the acknowledged leader in creating and disseminating technical excellence for CC, promoting design best practice, use cases and reference architectures. Focus: best practice technical blueprints to service CC demand.”
Close behind was a vision to engage more closely with regulators and standards bodies and system integrators to build demand for CC, and the members of the GB also expressed a clear commitment to finding ways to increase engagement of all members in the work of the CCC, in alignment with the priorities of the individual members and their strategic prioririties. I expect the work of the Executive Director over the next year and beyond closely to reflect these aspirations. In our November meeting, we plan to agree a budget for 2026 to support these goals, but in the meantime, please feel free to get in touch with me to discuss how you and your organization can make the most of these changes in how you work with and develop Confidential Computing opportunities.
Outreach
The Outreach Committee staged a successful customer workshop in San Francisco on October 20, featuring ten speakers and 30 attendees from industries ranging from pharmaceuticals to finance. Engagement was very high as attendees explored a wide range of use cases and the benefits of several active Confidential Computing deployments. The versatility, security, and compliance advantages of Confidential Computing were on full display, especially as the computing world ramps up AI. See the full report on the CCC Blog here.
The CCC was one of the Lead Sponsors for this month’s Open Source in Finance Forum in New York, with a keynote (“How to Trust a Banker”) and a track dedicated to Confidential Computing on Wednesday, the second day. Finance provides myriad use cases for Confidential Computing, and sessions in the track covered material ranging from a technical introduction to Confidential Computing to hands-on examples, use of CC to demonstrate compliance, and presentations from Google, Fr0ntierX, Super Protocol and Symphony. Conversations in the “Hallway track” also revealed that many organizations are already trialling, testing and deploying Confidential Computing in a variety of situations, and how relevant our work is to various parts of the finance sector.
From the TAC
We are always looking for new ways to assist our open source projects. CCC projects already receive a number of [benefits]. As we budget for 2026 we are proposing to create a larger benefit for a couple of projects. We want to make a material amount of funding available to help solve one problem for a project. What that problem is will vary from project to project. For example, a 3rd party security audit, by definition cannot be conducted by the project’s own maintainers. In order to keep the amount significant we will only be able to support 2 projects in this way (versus spreading a smaller amount to all projects).
Another area of continuous improvement is our own efficiency on the TAC. We have traditionally met for 2 hour sessions fortnightly. This month we compressed the meeting down to 1 hour on the same fortnightly cadence. If you were used to joining us at 7am Pacific time on alternating Thursdays, you would now join us at 8am Pacific time. To keep the same velocity of work, we are shifting some prep work to the mail list and github issues. That way our scheduled time together will be more productive.
Recent News
Gartner identifies Confidential Computing as one of the top strategy technology trends for 2026. By 2029, Gartner predicts more than 75% of operations processed in untrusted infrastructure will be secured in-use by confidential computing. Read the article.
New Member Announcement
We’re pleased to welcome Acompany Co., Ltd. as the newest General Member of the Confidential Computing Consortium. By joining the CCC, Acompany reinforces our shared goal: to make Confidential Computing the default for secure data processing and trusted AI just as HTTPS became the default for the web. Read the announcement.
We’re pleased to welcome FuriosaAI as Confidential Computing Consortium’s newest startup member! By joining CCC, FuriosaAI hopes to contribute its expertise in hardware-accelerated inference while learning from the community’s efforts to standardize and advance confidential computing practices. Read the announcement.
We are excited to welcome Phala Network as the newest General Member of the Confidential Computing Consortium! Phala is a secure cloud platform enabling developers to run AI workloads inside hardware-protected Trusted Execution Environments (TEEs). They are also contributing directly to CCC-hosted projects, with their open-source project, dstack, now part of the Linux Foundation under the CCC. Read the announcement
Best regards,
The Confidential Computing Consortium
Let’s grow our community! Share this with your network.
