For the past decade, software has been the primary constraint in most technology development. At the edge, hardware advances in processor speed, multi-threading and memory were incremental, while the real breakthroughs came from software innovation. Today, that dynamic has flipped. Hardware has quickly become the critical factor as multiple trends converge, including renewed focus on establishing a secure root of trust at the silicon level — and the timing couldn’t be more significant: AI models that promise to transform business require unprecedented compute power, and this shift coincides with a massive wave of pandemic-era personal computers now reaching end of life.

This new landscape was the focus of a recent conversation with two industry leaders in endpoint security: Rick Martinez, fellow and vice president in the Office of the Chief Technology Officer at Dell Technologies Inc., and JR Balaji, director of software product management at Advanced Micro Devices Inc. The discussion explored why this PC refresh cycle represents a fundamental shift, how the threat landscape is evolving alongside AI capabilities and why “what you would have bought five years ago is not going to work today.”

The central insight: Software-only approaches to endpoint security no longer provide adequate protection. Defending against AI-powered attacks requires security that’s built-in rather than bolted-on, extending from the silicon layer through the operating system to the software stack.

AI as a weapon: Understanding the evolved threat landscape

Martinez opened with a blunt assessment: “AI is a double-edged sword.” While defenders deploy AI for anomaly detection and threat hunting, “cybercriminals and nation-states alike are leveraging AI to scale and improve their attacks.”

This represents a current, active threat. Martinez cited recent Zscaler research documenting a “60% increase in AI-driven phishing attacks” powered by generative AI capabilities. Balaji observed that adversaries have emerged as “early and avid adopters of AI tools,” giving them “unprecedented scale” in their operations. The threat actors span a broad spectrum, from nation-states to e-crime syndicates and hacktivist groups.

Balaji outlined two primary categories within this evolved threat landscape:

1. Weaponizing existing attacks

AI enables traditional attack methods to operate faster and more effectively. This includes polymorphic malware that “mutate[s] much faster” to evade signature-based antivirus systems, AI-powered password prediction at scale, and weaponized CVE exploitation where AI can “scout all the CVEs available” to identify the most exploitable vulnerabilities.

2. Weaponizing AI systems directly

As organizations deploy their own AI models, these systems become high-value targets in their own right. This emerging attack class includes data poisoning to corrupt training datasets, AI model theft and prompt injection attacks.

For enterprises, this creates what Balaji describes as an “evolving risk” with significant implications. Not all AI workloads can be processed in the cloud — data center capacity constraints, power requirements and cost considerations mean that “some … of that valuable computing” must “shift to the endpoints” where processing is more efficient, secure and operates with a “smaller blast radius.” This hybrid AI approach demands evolved endpoint protection methods to safeguard sensitive data and models.

The endpoint security gap: Why software alone fails

The enterprise security playbook has long relied on layered software solutions. But as Martinez stated plainly, “Software does help, but it alone is not enough.” The reason is straightforward: “Sophisticated attackers can turn off legacy EDR software.”

This vulnerability exposes the fundamental weakness in traditional security models. Software-based protection runs on top of the operating system, making it vulnerable once an attacker gains sufficient privileges to turn it off. This has driven a concerning increase in what Martinez calls “below-the-operating system” attacks that target Basic Input/Output System and firmware layers often invisible to most endpoint detection and response solutions.

The approaching end of Windows 10 support amplifies this problem. Martinez explained that “many organizations are now exposed unless they make a shift and meet the hardware requirements for Windows 11.” This transition isn’t simply a hardware upgrade; it’s a security requirement that enables the hardware-based protections needed to counter “below-the-OS” threats.

This reality led Balaji to articulate the discussion’s most critical thesis: “Software protecting software is good, but hardware protecting software is even better. Hardware-based security offers fundamental advantages because it operates beneath the OS, creates isolation and establishes an immutable hardware root of trust.”

The solution: Layered defense with a hardware root of trust

This is where the Dell and AMD partnership becomes critical. It’s not about a single feature but rather a multi-layered security strategy that extends from the processor to the endpoint.

Martinez, whose role involves predicting both adversary tactics and emerging technology use cases, explained that Dell conducts high-level threat modeling based on this AI-driven landscape. This intelligence informs investments “above the hardware” in firmware, drivers and OS to create resilient defense-in-depth.

Layer 1: Building security into the silicon

The foundation begins at the silicon level, where AMD provides the secure base required for modern computing. To support emerging AI workloads, Balaji explained the rise of neural processing units, but emphasized that this compute power must be paired with “trusted execution environments” to protect the AI workloads themselves.

AMD’s secure silicon relies on several core technologies:

• Silicon root of trust and AMD Secure Processor: This establishes the foundation. The AMD Secure Processor is an isolated, dedicated security processor that creates the “silicon root of trust.” Working in partnership with Dell’s hardware root of trust, it ensures the entire boot process is “clean and secure” before the OS loads.
• AMD Memory Guard: This feature provides inline, transparent memory encryption that directly counters memory-based attacks by protecting “volatile information stored on the DRAM.”
• AMD Shadow Stack: A hardware-level protection that defends against common control-flow attacks like “return-oriented programming.”

Together, these technologies create the foundation for a trusted computing environment anchored at the silicon level.

Layer 2: Integrated endpoint defense

Dell builds upon this secure silicon foundation with comprehensive endpoint protection:

• Fortified supply chain security: Martinez emphasized that security starts “way earlier than you think.” Dell has fortified its supply chain to “mitigate the risk of product tampering and catch any suspicious activity” before devices reach customer environments.
• Hardware root of trust and BIOS-level detection: Dell builds on AMD’s foundation with its own hardware root of trust and “unique BIOS-level tamper detections.”
• PC telemetry, visibility and control: Martinez stressed a zero-trust mindset: “It’s impossible to prevent everything … we take a zero-trust approach and assume a breach is possible.” The goal becomes building “layers of visibility and control into our PCs for the worst-case scenario.” This comprehensive PC telemetry, which Balaji described as a “granular level of observability,” transforms the endpoint from a target into a security sensor, helping customers find the “needle in a haystack before it’s exploited.”

Analysis and recommendations for enterprise security leaders

The conversation with Martinez and Balaji reinforces a critical message for organizations navigating this era of AI-powered threats and widespread hardware refresh cycles: The traditional security playbook no longer provides adequate protection.

Based on this discussion, enterprise security leaders should consider the following strategic priorities:

• Make security a primary factor in purchasing decisions: The approach of buying budget PCs and layering EDR software on top has become obsolete. “Newer systems are going to be more secure,” Martinez stated, and security must drive purchasing decisions. This hardware refresh cycle represents the most significant security upgrade an organization will implement this decade.
• Identify your new assets: Martinez advised leaders to “identify your assets.” In the AI era, this extends beyond traditional data to include “models and the model pipeline” as equally critical assets that demand hardware-level security capabilities.
• Adopt a layered, zero-trust approach: “Prevent, yes. But also ensure you can detect and recover.” Accept that breaches remain possible and build defenses accordingly. This means investing in “PCs with security built-in” that deliver the telemetry and “granular level of observability” needed to detect and respond to threats that bypass preventative controls.
• Vet your suppliers: Security begins in the supply chain. Martinez urged leaders to “work with secure suppliers” and verify “they’re taking into account the new AI world into their threat models.”
• Embrace the hybrid AI future: Supply and demand dynamics in the current AI landscape suggest cloud-only approaches may become cost-prohibitive. This will accelerate the shift to hybrid computing, making endpoints “increasingly important” for processing sensitive AI workloads. Security leaders must plan for this transition now, as hardware purchased today will determine security posture for the next three to five years.

The AI era has arrived, bringing an unprecedented threat landscape. Meeting this challenge requires an equally sophisticated defense rooted in hardware-level security.

Image: SiliconANGLE/DALL-E