Intel's next CEO will inherit fallout from Meltdown and Spectre
- Intel has been trying to provide a range of fixes for so-called speculative execution vulnerabilities known as Spectre and Meltdown since they were unveiled in January.
- Krzanich has played a central role in the response, authoring a set of corporate principles known as the "Security-First Pledge."
- He said in March the company would ship new, more secure chips in the second half of 2018.
Brian Krzanich's replacement at Intel will be faced with some unfinished business as it pertains to cybersecurity.
Krzanich, who was forced out on Thursday after disclosure of a "consensual relationship with an Intel employee," spent the past six months dealing with the fallout from so-called speculative execution vulnerabilities in Intel microchips, most commonly known as Meltdown and Spectre.
The vulnerabilities, revealed by researchers at Google's Project Zero security unit in January, can allow hackers to gain deeper, hardware-level access below the typical computer attack surface. Traditional security software, which typically protects the higher-level application layer, can't help.
Still, the flaws are only "speculative," and attacks using these gaps have so far only been replicated by professionals in a lab. Intel has been racing to provide as many fixes as possible for the problem in order to stay ahead of possible damaging attacks from outsiders.
Since the vulnerabilities were exposed, Krzanich has been launching initiatives by Intel meant to keep an open dialogue with customers about the issue. He initially responded by publishing the company's "Security-First Pledge" in January, which promised "customer-first urgency," "transparent and timely communications" and "ongoing security assurance." He personally announced fixes for the bugs in a blog post in March.
When those early fixes caused many corporate clients to complain about slowdowns in computing speed, Krzanich and other Intel executives announced changes meant to improve balance performance, including what the company called "silicon-level security technology." At this year's RSA Conference in April, Krzanich said the company would release revamped microchips later in 2018 meant to fully address the speculative execution vulnerabilities.
The new processors, some of which were code-named Cascade Lake, were scheduled to ship in the second half of this year, Krzanich wrote in March.
"Our work is not done," he said. "This is not a singular event; it is a long-term commitment."