Nvidia’s latest innovation, the Vera Rubin NVL72, was unveiled at CES 2026. This groundbreaking platform encrypts every bus across 72 GPUs, 36 CPUs, and the entire NVLink fabric, making it the first rack-scale solution to provide confidential computing across CPU, GPU, and NVLink domains.
This development marks a significant shift for security leaders, as it eliminates the need to rely solely on contractual trust with cloud providers to secure complex hybrid cloud configurations. Instead, organizations can now verify the security of their infrastructure cryptographically, a crucial distinction given the rise of targeted cyberattacks by nation-state adversaries.
The rise in frontier training costs, as highlighted by Epoch AI research, underscores the importance of securing high-value AI models. With training costs increasing annually, organizations face the challenge of protecting their investments with inadequate security measures. IBM’s 2025 Cost of Data Breach Report revealed that a significant number of organizations have experienced breaches of AI models or applications due to insufficient access controls.
The emergence of autonomous cyberattacks, exemplified by the GTG-1002 incident disclosed by Anthropic, highlights the evolving threat landscape. Adversaries can now execute large-scale intrusions with minimal human intervention, utilizing AI to probe vulnerabilities and exploit weaknesses at machine speed.
A comparison between Nvidia’s Vera Rubin NVL72 and AMD’s alternative, the Helios rack, reveals the different approaches taken by these tech giants. While Nvidia focuses on integrating confidential computing into every component, AMD prioritizes open standards and flexibility through consortiums like the Ultra Accelerator Link and Ultra Ethernet.
The momentum in the industry towards adopting confidential computing, as evidenced by research from the Confidential Computing Consortium and IDC, indicates a growing recognition of the importance of data security and trusted AI innovation. Security leaders are now faced with a choice between Nvidia’s integrated approach and AMD’s open-standards flexibility, each offering unique tradeoffs for securing sensitive workloads.
In conclusion, the implementation of hardware-level confidentiality by Nvidia and AMD presents a new paradigm for security leaders. By enabling cryptographic verification of trust, organizations can enhance their security posture and protect high-value AI investments. The question now facing CISOs is not whether attested infrastructure is worth it, but whether organizations can afford to operate without it in an increasingly hostile digital landscape.