2022 has been an interesting and challenging year for storage security. The cyber threat landscape has witnessed large numbers of attacks impacting data and increased nation state activities directed at critical infrastructure. The regulatory landscape is undergoing change as well (e.g., EU Directive 2009/125/EC also known as LOT 9) and potentially imposing requirements that necessitate adjustments to security capabilities, controls, and practices to reflect new realities. By the end of 2022 there will be significant changes to security standards and specifications relevant to storage. New technologies could increase the storage security options. Lastly, new practices and deployment strategies could add further data protections. This session concentrates on the new and emerging storage security elements and issues rather than covering storage security from a general perspective. In addition, the session homes in on those aspects that are potentially relevant to developers and architects.
Storage Security Update for Developers
- Understand key threat and regulatory landscape issues that could affect storage development
- Identify important security standards and specifications that should be considered in the development of storage products
- Recognize the implications and challenges associated with new practices and deployment strategies
---
Ransomware attack mitigation has been a high profile problem and is getting more visibility in recent years due to the high payback from victims to have their data released.
The Key Per IO (KPIO) project is a joint initiative between NVM Express® and the Trusted Computing Group (TCG) Storage Work Group to define a new KPIO Security Subsystem Class (SSC) under TCG Opal
- Festus HategekimanaSolidigm Technology
Almost everyone understands that systems and data both have lifecycles that typically include a disposal phase (i.e., what you do when you do not need something anymore).
- John GeldmanKioxia
A nation-state attack on the SolarWinds network management system in December 2020 compromised the supply chains of over 18,000 organizations, including the Pentagon and the Department of Homeland
Zero Trust is a collection of security methodologies that work together to enforce access, with the view that your network has already been compromised, and using contextual information from identi
About 80% of enterprises have experienced at least one firmware attack in the last two years* What is firmware resilience, how does it apply to SSDs to address these threats? - Not a new concept.
- Winson YungSolidigm
The Quantum computing paradigm shift has changed the way we look at data security these days, especially the long-term security of data.
- Dr. Amin RezaeiCalifornia State University Long Beach
- Dr. Ava HedayatipourCalifornia State University Long Beach
SNIA Developer Conference
September 15-17, 2025
SDC 2025 is brought to you by SNIA. SNIA is an industry association committed to its mission of worldwide leadership developing and promoting architectures, standards, education and vendor-neutral collaboration.
