'%20fill-rule='evenodd'%20clip-rule='evenodd'%20d='M12.1794%201.3291C12.4304%201.46905%2012.5536%201.76216%2012.478%202.03944L10.8183%208.12499H16.875C17.1239%208.12499%2017.349%208.27264%2017.4482%208.5009C17.5474%208.72915%2017.5017%208.9945%2017.3319%209.17644L8.58192%2018.5514C8.38582%2018.7615%208.0717%2018.8108%207.82067%2018.6709C7.56964%2018.5309%207.44641%2018.2378%207.52204%2017.9605L9.18173%2011.875H3.12501C2.87614%2011.875%202.65098%2011.7273%202.5518%2011.4991C2.45261%2011.2708%202.49829%2011.0055%202.6681%2010.8235L11.4181%201.44854C11.6142%201.23843%2011.9283%201.18914%2012.1794%201.3291Z'%20fill='url(%23paint0_linear_10198_26999)'/%3e%3c/g%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_10198_26999'%20x1='10'%20y1='1.24997'%20x2='10'%20y2='18.75'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%238B5CF6'/%3e%3cstop%20offset='1'%20stop-color='%23A5D8FB'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e)
Private Sovereign AI in Practice: Confidential Computing for Secure Enterprise Agents
Introduction
Thank you again. My name is Dario Sabel. I'm representing NextG Cloud.
It's a small company, very ambitious. We try to help companies to secure their cloud and allow them to use AI, really for industrial cases, providing solutions of confidential computing at the edge.
you will see there is nothing magic a lot of work but I guess very important for many business sectors so actually yes as I said we are providing confidential computing and private sovereign AI these are the two key
pillars keep in mind please and also we provide entire end -to -end solutions hardware plus software and a series of managed cloud services and security
Why security and AI adoption are urgent now
service for the customers of course the problem let's start from the problem
Italy’s cyber exposure and the cost of breaches
maybe it's obvious for you for us but let's not forget security it's a huge problem for everybody in the planet especially here we need in Italy we are overexposed I have to say 10 % of the global attacks are happening here in
Italy while we contribute only to 0 .7 % of the world population and 1 .8 % of the global GDP. This is incredible and this is telling us that Italy is very much overexposed to cyber threats. Well, Germany and France are about 3 -4 % but we are worse.
Okay, so now thinking about an entrepreneur this is a challenge but also an opportunity we can only just improve the security of our companies okay and keep in mind also on average
this is not that Dario telling you it's the report of Clusit in the past year average cost for an SME of a breach an attack is 50 ,000 euro so this is also
AI opportunities—and new data risks and regulations
telling us something and now the big elephant in the room of course it's a big opportunity AI for everybody everybody of us is attracted some of us know already what we want to do with AI other less but in any case it's an opportunity and this is undebatable but coming with the risks which is regarding regarding the data, the data using the AI.
So we have a higher exposure of the data, and a lot of data in real time. 1We have new attack vectors, and then exposure to model extraction and data poisoning.
We have also shared environments, a lot of data coming here and there and different kind of shared environments in the cloud and user data.
So this is really something we have to consider regarding also the existing regulations and also future regulations. I'm talking about the AI Act but also Cyber Resilience Act and other further regulations.
We are following so much standardization and also this is very much important for compliance also because there is a risk to pay a fine. So if we don't use AI properly. So this is really a problem, can be a roadblock for the adoption of the AI.
We would like to help companies to let's say overcome these roadblocks.
The approach: confidential computing and private sovereign AI
So how?
Confidential computing explained: protecting data in use
Confidential computing it's a keyword maybe for those of you who knows already confidential computing it's really a technology that helps you to protect data in use.
What does it mean? It means that we put the application workload in a memory encrypted ciphered so that nobody can
see this memory neither the system administrator the hyperscaler the owner only the client so we give you the key of your apartment the key is yours the apartment is closed so the data is
protected usually traditionally we can protect data and the encryption so the storage right that at rest we protect that in transit HTTPS TLS but never we are using to protect that in use this is very much a critical point this is possible with
From silicon to cloud: an end-to-end stack for secure workloads
some modern processors which are commercial in the shelf we help you to
enable this kind of characteristic starting from the silicon the firmware the BIOS and the cloud software we build the entire software stack and provide to
to you, a hybrid cloud with protected virtual machines, protected containers, but also on bare metal, a native operating system. This is really something possible.
Again, don't trust Dario. Confidential computing is the third top trend technology set by Gartner in 2026, not 2030, this year. OK, we are talking something which is happening now.
It's commercially available, improving regulatory compliance for you.
Sovereignty, compliance, and secure collaboration
So, this is actually our system, we would like to protect data during processing, enable data privacy, of course, and also sovereignty, the possibility to be compliant with your system but also to not be exposed to other regulations like the US Cloud Act, okay?
This is really confidential computing enabling truly sovereignty and secure collaboration because when you have a work or the software you have your workload you work in a sort of chain with other partners inside you see the IP may be
protected by patents you are let's say and say you feel unsafe if this is encrypted you can work with the others and this is not actually exposed to the others so this is helping you collaboration with other partners in the ecosystem regulatory compliance is a set of course and then of course we would
Where it applies: sovereign AI agents by sector
like to provide some example of local sovereign ai agents for some selected market segments and provide these as a private ai for your enterprise preferably on premise in your company or if you prefer if you don't have spy space in your company it can be in our private cloud but in any case the
concept is that you we can put your cloud entities secure through confidential computing and in a sovereign cloud so examples the most resonating market segments are those who care about security because this is business critical for them and data sovereignty in privacy it's very important
Legal and enterprise legal departments
For example, law firms, think about they want to use secret data contracts, but also any legal departments inside the companies. And this is actually, think about you want to use an agent locally as an assistant lawyer. Maybe you feel scared about using a chat GPT or other kind of tools, cloud -based, which are, of course, not private under your control. So this is really critical.
Smart mobility, automotive, and defense
Other examples, we are running now here in Turin on this month a nice pilot for smart mobility.
And automotive and defense are the two most attacked sectors. You remember the Closet report, okay? So actually this is very critical. It's including private data and sensitive data in all the use cases, including automotive.
automotive.
Fintech and sensitive financial operations
And also fintech, yes of course, think about transactions and any kind, not just only banks, but also firms which are dealing with transactions or any kind of sensitive data regarding financial statements, any kind of merchant acquisition information or any
due diligence operations regarding different companies and then you have to take into account the security of the data and manage data for your customers you are liable for your clients
Healthcare: private AI with access controls and audit trails
and last but not the least i would love to show you a demo we are implementing also some use case for medical centers private but also public in principle so the point is here you have also
sensitive data for the patient you want to run an ei this is also under ai act this is also under the gdpr and other regulations especially for for healthcare and you want to use that so again this can help you a private ai agent also encrypted in an enclave in confidential computing
can help you and this is actually oh the problem is that i can i can i click the youtube video This is my backup plan, because I have live demo I can go with my PC, but really it's just a recording of what is being available in our laboratory, which is running there,
you can insert the data and there are different kind of access policies depending on the medical center, inside the medical center there is a hierarchical access policy for different medical doctors and everything is segregated.
You can have access to your data, oh sorry, okay you can access into your data when you start maybe it was was so fast but in any case when you start entering the data and this is actually populating the information for the input for the AI agent this is maybe also working only just for you in that moment and then the context is
refreshed and cleaned up also everything is with the trails log trails for audit for GDPR compliance for the normative regulations so for the medical centers and also this is actually ensuring you the privacy and also the performance a possibility to use your local agent sorry this was so fast but I can show
Conclusion: enabling AI without sacrificing sovereignty, security, or compliance
you the live demo with my pc thank you so much so maybe there was another slide just to finish or not thank you yes yes just the vision just wanted to give you a a a message uh we truly
believe that really we want to enable companies to use ai and cloud technologies without sacrificing in data, sovereignty, security, or compliance. You don't have to choose one of the three.
If you want all the three, you don't have to have any compromise. You choose everything, you choose NextG Cloud.
So, thank you so much.