From tax scams to root of trust: Cybersecurity awareness is on the rise

Cybersecurity is a complex concern of every organization and now that tax season is upon Americans, the warning signs of online scams are everywhere. 

Social Catfish, a reverse search company, just ranked California, Kansas, Florida, New York and Massachusetts as the top five most impacted by government impersonation scam losses in March, based on FBI data and trends from millions of users on its website. In 2023, the company found government impersonation scams reached $394 million in the US, up from $241 million the prior year.

Social Catfish offered a number of tips for consumers on how to avoid the impact of online spoofing exploits, including reaching out the IRS directly for verifications.

Aside from asking consumers to thwart spoofs, there are multiple global efforts underway to bolster security at a system level usually via encryption. (That effort doesn’t mean spoofing will go away anytime soon, of course.) Fierce Electronics caught up with Dominic Rizzo, CEO of ZeroRISC, for insights on its platform which offers all-in-one, drop-in silicon alongside software and services for cloud-based security below the operating system.

ZeroRISC came out of stealth last year with $5 million in seed funding to deliver the silicon, software and services platform based on Google’s OpenTitan open-source silicon root of trust project. The tapeout of the silicon happened last year, and the silicon is going through commercial production in very limited quantities, Rizzo said. The company, with 15 workers, is engaged with storage vendors and companies that make larger SoCs and chiplets to incorporate the platform.

“The chip is just a foundation but we have a full suite of software and management services with infrastructure SaaS to manage platforms in the wild,” he said.  The platform can serve cloud providers and consumers products alike. The secure element is proprietary and functions as a trusted platform module and platform for root of trust that manages all the firmware and upper-level software.

Rizzo has seen the message of cybersecurity grow in recent years, as more companies face devastating losses from stolen or corrupted data.   The recognition of the risk appears to be greatest in Europe with recent regulatory reforms, but also in Taiwan, he said. The ZeroRISC hardware is also ready to secure and support post quantum post quantum systems.  “It’s clear the quantum support is an important feature for some folks,” he said.

Fundraising has not been as difficult as he imagined it might be, based on his earlier conceptions about security awareness.  “It turns out securing critical infrastructure is something people care about. There’s a lot of room for hope,” he said.

Looking back over his 20 years in the security industry segment, he said it was previously harder to get organizations to think about cybersecurity from the start of a system design. “There’s been a positive change with regulations and corporations liable for security breaches,” including with greater authority in the US government executive branch, such as the FDA, to enforce lapses.

“I’m seeing people take security seriously and that hasn’t happened before. Ideally, root of trust bakes things in.”