Commvault Boosts Quantum-Safe Encryption To Tackle Emerging Cyber Risks

Quantum computing will change everything we know about encryption and cyber defence, said Bill OConnell, Commvaults CSO. Our goal is to stay ahead of these shifts, giving customers the tools they need before threats materialize.
Commvault has expanded its quantum-safe encryption toolkit, becoming one of the first major cyber resilience vendors to support the Hamming Quasi-Cyclic (HQC) algorithm—part of its broader strategy to protect against next-generation threats enabled by quantum computing.
The company announced today that its Commvault Cloud platform now supports HQC, a NIST-recommended algorithm designed to address 'harvest now, decrypt later' risks. These involve adversaries capturing encrypted data today to decode it in the future, once quantum computing reaches sufficient maturity.
'Quantum computing will change everything we know about encryption and cyber defence,' said Bill O'Connell, Commvault's CSO. 'Our goal is to stay ahead of these shifts, giving customers the tools they need before threats materialize.'
Commvault's commitment to post-quantum cryptography dates back to August 2024, when it introduced a crypto-agility framework and support for standards like CRYSTALS-Kyber and SPHINCS+. With today's additions, the company continues to set the pace in an increasingly urgent race.
The update is especially relevant for sectors like healthcare and finance, where data must be protected for decades. Commvault's Risk Analysis tools help organizations pinpoint which data sets could benefit from quantum-safe encryption, making the transition easier through a simple checkbox interface.
'Quantum readiness has become a business imperative,' said IDC's Phil Goodwin. 'Commvault's leadership in this space positions it as a proactive player in data protection.'
The PQC features are immediately available for all Commvault Cloud users on version CPR 2024 (11.36) and above.

Try Our AI Features

Explore what Daily8 AI can do for you:

Learn with AIFact CheckingText to SpeechAI Summary

Related Articles

Techday NZ

2 days ago

• Techday NZ

Commvault & Kyndryl partner to boost cyber recovery services

Commvault and Kyndryl have announced a partnership to deliver incident recovery services for organisations aiming to enhance data security and meet regulatory requirements. The two companies will work in collaboration with Pure Storage to provide services intended to help organisations recover faster from cyber incidents, improve cyber resilience, and address complex regulatory demands. Kyndryl's cyber resiliency services portfolio includes Incident Recovery Services, Managed Backup Services, and Hybrid Platform Recovery. Through this new partnership, it will be supported by Commvault and Pure Storage to assist organisations in adhering to regulations such as the European Union's Digital Operational Resilience Act (DORA), NIS2 Directive, Payment Services Directive 2 (PSD2), New York Department of Financial Services (NYDFS) regulation NYCRR 500, and Australia's Prudential Regulation Authority (APRA) CPS 230 standard. Expanding cyber recovery services Under the collaboration, Commvault and Kyndryl plan to enhance support for enterprise customers facing persistent cyber threats and increasing data management complexity, particularly in multi-cloud environments. "Cyber preparedness is no longer regarded as optional for global organizations; it is mandatory," stated Allen Downs, Vice President of Security and Resiliency Services at Kyndryl. "Through this collaboration with Commvault and Pure Storage, we are further positioned to assist some of the world's most esteemed organizations in completely redefining their data protection strategies." The joint approach leverages Pure Storage technology alongside Commvault's cyber resilience and recovery solutions. This combined offering introduces a four-layer architecture designed to streamline compliance and speed up recovery for hybrid cloud customers. Technology and features The four-layered architecture includes the following components: Cyber Resilient Vault—an isolated, immutable data vault, based on zero-trust, to safeguard backup data from unauthorised access and tampering. Clean Recovery Zone—a controlled setting for forensic review and staged recovery using validated clean backups. Production Rapid Restore—capability for swift, reliable dataset restoration by using Pure Storage FlashBlade, with immutability features such as S3 Object Lock and SafeMode. Immutable Snapshot Recovery—enables quick, application-consistent restoration of key workloads through Commvault IntelliSnap and Pure Storage FlashArray. The services are developed to promote automated and ongoing cyber recovery testing. Support extends to Commvault Cleanroom Recovery within both public cloud and on-premises isolated environments overseen by Kyndryl. Organisations are enabled to validate their recovery processes to comply with DORA Chapter II (Risk Management), Chapter IV (Operational Resilience Testing), and related regulation. Meeting regulatory needs The collaboration is set against a backdrop of increasingly rigorous and complex regulatory landscapes. Organisations are now required to demonstrate not only the protection of their critical data, but also the capability to restore operations swiftly following a digital disruption. "Our partnership with Kyndryl is built to address the biggest challenges facing the enterprise today, such as the persistent threat of cyberattacks, including ransomware, and the increasing complexity of managing massive data growth across multi-cloud environments," said Alan Atkinson, Chief Partner Officer at Commvault. "When combined with the innovative Pure Storage platform, the three companies are together helping organizations stay resilient and prepared to act decisively in the face of disruption." As businesses face mounting pressures from both cyber threats and regulatory scrutiny, integrating compliance with resilience strategies is becoming increasingly necessary. "As regulatory frameworks like DORA set higher standards for operational resilience, organizations are implementing strategies that integrate regulatory compliance with the ability to recover swiftly from cyber disruption," said Maciej Kranz, General Manager, Enterprise at Pure Storage. "Together with Commvault and Kyndryl, we're delivering advanced security features and a scalable foundation of layered resilience that helps organizations meet these mandates and restore critical operations quickly and reliably." The services provided by the three companies are typically available across North America, Europe, and the Asia-Pacific region. Clients and partners will have opportunities to engage through existing partner programmes and access supporting resources aimed at enhancing cyber resilience and compliance capabilities. Follow us on: Share on:

Techday NZ

4 days ago

• Techday NZ

HPE launches Nonstop Compute NS5 X5 & NS9 X5 for high reliability

Hewlett Packard Enterprise has announced the addition of the HPE Nonstop Compute NS5 X5 and NS9 X5 to its portfolio of fault-tolerant computing solutions, targeting enterprises that require high reliability and performance for critical business operations. The new HPE Nonstop Compute models are designed to provide organisations with increased processing power, flexibility, and system availability. Both models, available immediately, introduce enhancements in hardware and networking, aiming to help businesses accelerate important processes and support modern workloads across various data centre environments. Performance enhancements The entry-level NS5 X5 uses Intel Xeon Bronze 3400 series processors, while the flagship NS9 X5 is equipped with Intel Xeon Gold 6400 series processors. According to the company, these upgrades allow for up to 15% greater performance capacity compared to prior models. Each platform combines compute, software, storage, networking, and associated services based on HPE's fault-tolerant architecture, aiming to ensure continuous operations for mission-critical activities such as payment processing, fraud detection, and smart manufacturing execution systems (MES). The new systems provide double the memory capacity of their predecessors, with up to 8 TB available. The NS9 X5 also offers 2.5 times greater networking bandwidth and improved fibre channel connectivity, which facilitates higher transaction throughput in financial services and supports multi-plant integration in manufacturing. "Our customers rely on HPE Nonstop solutions to power mission-critical workloads," said Casey Taylor, General Manager, HPE Nonstop at HPE. "In fact, one of our auto manufacturing customers has been using HPE's fault-tolerant systems for more than 35 years without any unplanned downtime. With the launch of HPE Nonstop Compute NS5 X5 and NS9 X5, we are reinforcing our commitment to deliver an architecture designed for fault-tolerance and high performance so that our customers can scale their businesses and innovate with confidence." Industry analyst IDC categorises HPE Nonstop solutions as AL4, with reported uptimes of 99.999% or 99.9999%. These attributes are seen as essential by organisations handling core transactions and sensitive data, particularly in sectors reliant on uninterrupted processing such as finance, healthcare, and retail. Regional outlook "Enterprises across Asia Pacific are rapidly digitalizing critical business operations in sectors such as financial services, telecommunications, retail, and healthcare, which is fueling unprecedented demand for resilient, high-performance infrastructure," said Rod Cortez, General Manager, HPE Nonstop at HPE APAC & India. "The new HPE Nonstop Compute solutions are engineered for this era, delivering enhanced processing power, memory, and networking performance to help organizations modernize workloads and future-proof their data centers. These solutions reflect HPE's commitment to supporting the region's digital transformation by enabling enterprises to accelerate business processes with confidence, agility, and unmatched reliability." HPE's update also brings operating system enhancements, adding support for multi-factor authentication (MFA). This capability is intended to help organisations meet regulatory compliance needs including the General Data Protection Regulation (GDPR), Payment Card Industry Data Security Standard (PCI-DSS), Health Insurance Portability and Accountability Act (HIPAA) and SOC 2 requirements. Industry adoption Many enterprises in industries with strict uptime requirements already rely on HPE Nonstop platforms. According to HPE, a car rental company uses the platform to handle 80,000 daily reservations, while six of the world's top ten full-service retail banks use HPE Nonstop to support card payments, ATM functionality, and core banking operations. NS9 X5 features backward compatibility, allowing customers to cluster the new system with the previous two generations of HPE Nonstop Compute. This capability ensures seamless expansion and migration for existing users without causing operational disruption. Both the NS5 X5 and NS9 X5 are available as standalone systems or through HPE GreenLake, offering an as-a-service consumption model. The systems are supported by HPE Nonstop Compute engineers experienced in migrating mission-critical workloads.

Techday NZ

12-06-2025

• Techday NZ

Thales launches real-time file activity monitoring with AI help

Thales has introduced a new File Activity Monitoring capability within its CipherTrust Data Security Platform that offers real-time oversight and control of unstructured data across on-premises, hybrid, and multicloud environments. File Activity Monitoring (FAM) is designed to help organisations monitor file activity as it happens, identify risks including unauthorised downloads and sharing, and streamline compliance processes related to standards such as GDPR, HIPAA, and PCI DSS. The capability incorporates a built-in Generative AI assistant to aid audit processes, reduce complexity, and improve response times within a single platform engineered to secure both structured and unstructured data. Unstructured data challenge According to IDC, unstructured data currently accounts for 90% of all worldwide data, making its management and protection a significant concern for businesses. FAM enables security teams to monitor the movement and activity of unstructured data, including files such as emails, chat logs, media files, and application logs, which can all house sensitive information. The platform delivers real-time alerts, analytics, and encryption tracking to support faster threat detection and protection for sensitive data. Thales stated that the new capability addresses a major blind spot in data security by delivering continuous data discovery, classification, and monitoring. This approach provides the necessary foundation for effective Data Security Posture Management, and also aids compliance and the identification of unauthorised activities that might lead to data exposure. The platform's centralised management is intended to streamline audit reporting and improve threat response, reducing operational complexity across the data lifecycle. Industry perspectives Leila Kuntar, Principal Information Security Engineer at Amadeus, commented on the launch: "Thales' innovative approach to File Activity Monitoring tackles key challenges like blind spots in hybrid environments, offering real-time visibility and smart anomaly detection — a potential game-changer for teams overwhelmed by false positives. By striking the right balance of depth and simplicity, FAM shows promise in helping us strengthen the SOC without added complexity. With tighter SIEM integration, it can sharpen response and let teams focus on what matters most. We're excited to see how FAM evolves and enhances our data security." Kuntar's remarks reflect the challenges security teams face in managing complex hybrid data environments, and the need for visibility without an increase in operational burden or false positives. Todd Moore, Vice President of Data Security Products at Thales, said: "As unstructured data grows rapidly across distributed environments, organizations need more integrated ways to track and safeguard their most sensitive information. With File Activity Monitoring, Thales reinforces its leadership in enterprise data security by delivering real-time insight, intelligent automation, and unified visibility through a single, powerful platform." Capability detail File Activity Monitoring strengthens Data Security Posture Management (DSPM) by allowing security teams to discover, classify, observe, and control sensitive data across all infrastructure types. It can pinpoint the location of sensitive data, identify who has access, and determine if it is secured in real time, supporting the detection of suspicious behaviours such as unauthorised copying or sharing. The tool can transform static data classification into dynamic risk intelligence by incorporating behavioural context, and supports remediation techniques including rapid incident reconstruction via audit logs and the application of strong encryption where needed. AI-powered assistance To assist with compliance and security workflows, FAM includes a Generative AI-powered Data Security Assistant. This chatbot provides capabilities to query audit information, generate custom reports, and facilitate compliance processes, lessening the administrative load on IT and security professionals while supporting regulatory obligations. Moore also addressed the need for adaptable security controls, stating: "As technology evolves rapidly, our controls must be flexible enough to keep pace without adding complexity. Automation and intelligence help overwhelmed security teams scale operations and focus on what matters most. With tools like our chatbot, they can ask natural language questions and get instant, actionable answers, accelerating response times and improving operational efficiency." Thales has previously focused on structured database activity protection and is now extending this experience to include unstructured data. The platform aims to offer similar oversight and operational experience for both data types, addressing growing organisational requirements for data control and security as data volumes increase and diversify.