Certes Unveils v7 of Its Data Protection and Risk Mitigation Platform to Combat Quantum Cryptography Threats
Certes, a leading name in cybersecurity solutions, has officially announced the launch of version 7 of its Data Protection and Risk Mitigation (DPRM) platform. This latest iteration extends its post-quantum cryptography (PQC) safeguards to edge environments, marking a significant step in the industry’s response to the looming "harvest now, decrypt later" threats increasingly faced by enterprise security teams.
As quantum computing technology advances, a growing concern among cybersecurity experts is the potential for nation-state actors and advanced persistent threats to engage in bulk exfiltration of data that is currently safeguarded by traditional encryption. This tactic, which many in the cybersecurity community are now referring to as the approach of “harvesting” encrypted data for future decryption when quantum capabilities become commercially viable, commonly highlighted as "Q-Day," poses a grave risk. Certes emphasizes that organizations failing to adopt quantum-resistant encryption protocols may be amassing what they term "cryptographic debt," a situation that could lead to disastrous consequences when quantum computing progresses past a certain point.
Paul German, the CEO of Certes, pointedly remarked on the traditional emphasis in cybersecurity, stating, “For too long, cybersecurity has focused on protecting infrastructure and identities, yet attackers continue to bypass those controls. The reality is that organisations must now assume breaches will occur and focus on protecting the data itself.” His statement underscores the paradigm shift that many organizations must undergo to strengthen their cybersecurity postures.
With the v7 update, Certes introduces per-flow quantum-safe encryption and cryptographic segmentation that is applicable across various environments, including on-premises setups, hybrid clouds, and edge networks. The company asserts that customers can implement the platform in mere days, rather than the months often required for traditional upgrades. This expedited deployment comes without the need for extensive application refactoring—an appealing proposition given that legacy application modernization frequently hampers the adoption of advanced cryptographic standards, a concern often raised by Chief Information Security Officers (CISOs).
One of the standout features of the v7 update is its commitment to maintaining customer-owned post-quantum encryption keys, which are never exposed to major cloud service providers, such as AWS, Microsoft Azure, Google Cloud Platform (GCP), or Oracle. Certes presents this feature as essential for compliance with data sovereignty regulations that are becoming increasingly strict across sectors such as financial services, healthcare, and critical national infrastructure.
CTO Simon Pamplin elaborated on the core architectural elements of this new release, indicating a pivotal shift from traditional network perimeter defenses to endpoint-level encryption and segmentation. Pamplin explained that this transformation aims to ensure that even if a breach occurs, the data that attackers manage to exfiltrate remains inaccessible, as they lack the necessary decryption capabilities.
Moreover, the platform’s enhancements extend to protecting artificial intelligence (AI) workloads, safeguarding critical training data, prompts, and model interactions as these elements navigate hybrid cloud settings. This development is particularly timely, given the rapid integration of third-party AI infrastructure into sensitive operational workflows.
From an operational perspective, Certes contends that v7 effectively minimizes the "blast radius" of any data breach through cryptographic micro-segmentation. This approach not only restricts lateral movement within compromised systems but also mitigates the regulatory repercussions that often follow data exfiltration incidents, especially under stringent compliance frameworks like the General Data Protection Regulation (GDPR) and the NIS2 directive.
The updated version of the DPRM platform is now available, enabling organizations to proactively fortify their defenses against the multifaceted threats presented by evolving quantum technologies. By addressing both the immediate security needs and the future challenges posed by quantum computing, Certes positions v7 as a timely and necessary upgrade for modern enterprises.