staff , 2025-12-15 19:36:00
By Lance Smith, CEO and Cofounder, Cy4Data Labs
Security has always been a burden to HPC and AI deployments. Adding layers of encryption and decryption architecturally slows systems down, which is an unacceptable trade-off in the high-performance computing world.
Yet the modern threat landscape, combined with tightening data privacy laws, makes it clear: Traditional IT, AI and HPC environments must rethink how they protect data. The coming Q-Day, when quantum computers gain the ability to break today’s public key encryption, will massively expand the attack surface.
This leaves HPC and AI providers a dual challenge and an opportunity. They must reimagine how to secure sensitive data without disrupting performance. They can now leverage new forms of encryption that protect sensitive data while in use without creating friction or lower performance. More on this later.
The Gap in Traditional Encryption
Traditional encryption approaches only guard data at-rest and in-transit. The problem is that sensitive, valuable, and regulated data reaches its highest vulnerability while in use, where it is in the clear and actively accessed by applications, loaded into memory, handled or viewed by privileged users, decrypted at each stop or transition point along the data path.
In these moments, data is normally decrypted beforehand as it is read from storage or a file for the application to make use. This opens the door to memory scraping, unauthorized access, insider misuse, credential compromise, and advanced malware that bypasses network or storage-layer defenses entirely.
The same applies to data in HPC environments, which are also burdened with additional performance needs. HPC data must be decrypted to operate in the clear, which leaves the data vulnerable to attack at every stage, with many more data stops given the high-speed processing taking place.
Columnar encryption solutions for HPC do work, but whole columns of data must first be decrypted to perform queries or analytics, rendering the architecture too slow. In these scenarios, conducting HPC workloads on clear data naturally wins out every time.
Regulators acknowledge this blind spot. Examples include recent guidance from the National Institute of Standards and Technology (NIST), the European Union’s 2025 Digital Operational Resilience Act, and less stringent proposals from Health and Human Services (HHS) aimed at strengthening security for protected health information. These emerging regulatory frameworks now consider data-in-use protection as the essential third pillar of a complete security architecture, requiring that organizations take steps to address this last major gap in end-to-end encryption.
AI-Driven Threats Multiply as Q-Day Approaches
AI, increasingly the most feared inside attacker, has dramatically increased the sophistication and scale of cyberattacks, accelerating phishing, enabling deep-fake-based social engineering, and automating malware that adapts in real time. Meanwhile, insider threats, both intentional and accidental, continue to be the most persistent cause of breaches, especially when involving sensitive IP or regulated personal data.
Credential loss further fuels unauthorized access, giving attackers a frictionless path to move laterally through enterprise systems. And looming above all of this is the “harvest now, decrypt later” strategy: Adversaries are collecting public key encrypted data today in anticipation of breaking it with quantum computing tomorrow.
Without migrating to data-in-use protection with post-quantum cryptography, both traditional enterprises and HPC operators risk silent compromise and long-term exposure, well before quantum machines achieve public-scale decryption.
A New Approach: Atomic-Level Encryption
A new approach is emerging that addresses these vulnerabilities: field-level, algorithm-based or at
omic-level, information-theoretic encryption. Rather than encrypting whole files or columns/tables within databases, individual data elements are encrypted. Each data element is protected with its own unique key, dramatically raising the cost and difficulty of unauthorized access, even for insiders or attackers using stolen credentials.
This model represents a fundamental shift in how organizations secure and govern sensitive information. Enhanced with diversified key management, field-level and atomic-level encryption combine separate controlling keys with millions of one-time-use keys to protect data down to a single word allowing owners overarching access controls. Even if data is stolen, it remains encrypted, fragmented, and cryptographically unusable, turning exfiltrated information into worthless gibberish.
The supporting key management architecture also enables capabilities that strengthen data governance even with shared sensitive data, including:
- Policy-Based Decryption: Access is tied to granular roles, contextual signals, and purpose, not just user credentials.
- Audit-Ready Telemetry: Every access attempt is captured with cryptographic integrity, enabling precise forensic investigation and regulatory reporting.
- Internal System Hardening: Encryption extends beyond customer-facing applications to internal tools and databases, reducing insider and credential-based risks throughout the environment.
Conclusion: Field-level and Atomic-Level Encryption Ensures Trust
Field-level and atomic-level encryption helps organizations maintain uncompromised confidentiality, integrity, and compliance across classical, HPC, and future quantum environments. As AI-driven attacks accelerate and Q-Day nears, data-in-use protection can no longer be viewed as optional, it is foundational.
By deploying field-level encryption with diversified key management and quantum-resistant cryptography, organizations can close the last major security gap.
The choice is stark: Adopt comprehensive data-in-use protection now, or face catastrophic exposure when adversaries inevitably decrypt the sensitive data they’re harvesting today. Organizations that take proactive steps toward field-level and atomic-level encryption will be positioned to safeguard their most valuable assets and build long-term trust, resilience, and competitive advantage in an increasingly hostile digital world.
Lance Smith is CEO and Cofounder, Cy4Data Labs, whose flagship product, Cy4Secure, protects structured and unstructured data across cloud, on-prem, hybrid, and SaaS environments.