Commvault, a leading provider of cyber resilience and data protection solutions for the hybrid cloud and one of the first cyber resilience vendors to support post-quantum cryptography (PQC), is unveiling new advancements in its PQC capabilities designed to enable enterprises to protect their data against the next generation of quantum-powered cyberthreats.
While quantum computing poses many exciting possibilities for data and complex problem solving, like any new technology, it has potential to be utilized by threat actors. Threat actors can use quantum computing to decipher and unlock traditional encryption methods, according to Commvault, and enterprises must be prepared for this inevitable—and yet, somewhat unknown—future of cyberattacks.
As one of the first companies to acknowledge and incorporate the threats of post-quantum computing, Commvault’s latest advancements build on its previous support initiatives—including support for quantum-resistant encryption standards, such as CRYSTALS-Kyber, CRYSTALS-Dilithium, SPHINCS+, and FALCON, and its cryptographic agility (crypto-agility) framework for providing support without complete reorchestration of enterprise systems.
Today, Commvault is adding support for Hamming Quasi-Cyclic (HQC), a new error correcting, code-based algorithm that defends against “harvest now, decrypt later” threats. These threats intercept encrypted network traffic and store it for later—where “later” is the time when quantum computing becomes powerful enough to decrypt it.
“The quantum threat isn’t theoretical,” said Bill O’Connell, chief security officer at Commvault. “We were among the first cyber resilience vendors to address post-quantum computing, and by integrating new algorithms like HQC and advancing our crypto-agility framework, we are providing our customers with the tools to navigate this complex landscape with confidence. Our goal is simple and clear: as quantum computing threats emerge, we intend to help our customers keep their data protected.”
Support for HQC is particularly geared toward enterprises that require long-term data storage, such as finance and healthcare. These capabilities bolster organizations’ defenses against quantum-based attacks, pairing well with Commvault’s Risk Analysis functionality, which helps customers determine where Commvault’s cryptographic features are most helpful.
“Quantum readiness has become a business imperative, particularly for industries which handle data that remains sensitive for decades. The time when currently encrypted data can be decrypted using quantum technology is closer than many people think,” said Phil Goodwin, research VP, IDC. “Commvault’s early adoption of quantum-resistant cryptography and commitment to crypto-agility positions it at the forefront among data protection software vendors in proactively addressing quantum threats. Organizations with sensitive, long-term data need to prepare now for a quantum world.”
“Commvault has been an invaluable partner in our journey to enhance cyber resilience. Their leadership in adopting post-quantum cryptography, combined with their crypto-agility framework, is exactly what we need to meet stringent government security mandates and protect highly sensitive information from emerging quantum threats,” said Jeff Day, deputy chief information security officer, Nevada Department of Transportation.
To learn more about Commvault, please visit https://www.commvault.com/.