ARQQW Arqit Quantum Inc

Arqit Quantum Inc. (Nasdaq: ARQQ, ARQQW) (Arqit), a leader in quantum-safe encryption, BT Group (LSE: BT.A), and Fortinet (Nasdaq: FTNT) today announced the launch of a commercially available, integrated product for quantum-safe virtual private network (VPN) communications using Symmetric Key Agreement. This announcement follows the successful trial of quantum-safe tunnels between three BT sites in London, Exeter, and Adastral Park in Suffolk.

The "store-now, decrypt-later" approach employed by nation-states and cyber adversaries – stockpiling encrypted data to crack it open with the advent of quantum computing – presents a significant risk to today's data and communications infrastructures. As cyberthreats evolve and become increasingly sophisticated, organisations worldwide need to ensure they can defend their data and communications against both existing and upcoming threats.

With the new joint quantum-safe VPN solution, BT customers will be able to benefit from the integration of Fortinet FortiGate Next-Generation Firewalls (NGFWs), powered with Arqit's NetworkSecure™ Fortinet adaptors and Arqit’s Symmetric Key Agreement Platform, a breakthrough in cyber defence designed to protect against the looming threats posed by quantum computers.

The solution provides quantum-safe symmetric keys that can be created and rotated on-demand to encrypt and protect sensitive data between point-to-point VPN links. In addition to providing protection against future quantum threats, it also delivers enhanced security against today’s man-in-the-middle attacks. General availability for this joint solution is initially for customers in the UK and EU regions.

David Williams, Arqit Founder, Chairman and CEO said:

“The urgent need for institutions globally to fortify their encryption against public key infrastructure weaknesses and the looming quantum threat to long-term data security is beyond dispute. By integrating our cloud-based software into Fortinet firewalls, combined with a BT managed service, we've made this an easy step for organisations already using Fortinet solutions. We are thrilled that our long-term partner BT is set to offer this business advantage to its customer base. Arqit is committed to enabling customers to stay ahead in this rapidly evolving threat landscape.”

Tris Morgan, Managing Director, Security at BT Group, said:

“BT continues to be at the forefront of developing technologies to protect against quantum threats. Following the joint trial of quantum-safe tunnels in the U.K., we’re pleased to be able to integrate Arqit's enhanced Fortinet products into our Managed Security portfolio. We are confident this solution will help our customers as they look to upgrade their security and networks to be quantum-safe.”

John Maddison, Chief Marketing Officer and EVP, Product Strategy at Fortinet said:

“As a global leader driving the evolution of cybersecurity, Fortinet’s focus is to continually deliver top-tier innovative security solutions that address customer needs and protect them against sophisticated cyberthreats. The integration with Fortinet Fabric-Ready technology alliance partner Arqit presents a unique advantage to our joint customers, and we're pleased to extend our collaboration with BT to bring this product to their users.”

Notes to Editors

Arqit's NetworkSecure™ Fortinet Adaptor: In December 2022, Arqit announced it had joined the Fortinet Fabric-Ready Partner Program as a Technology Alliance Partner and completed its first integration between Arqit QuantumCloud™ and Fortinet’s FortiGate Next Generation Firewalls (Arqit, Arqit Joins Fortinet Fabric-Ready Partner Program, Completes Integration to Enable Quantum-Safe Encryption, 14 December 2022, link).

“Store-now, decrypt-later” is a known threat and concerning for data with a long-time value: 

• UK National Cyber Security Centre (NCSC): “The threat to key agreement is that an adversary collecting encrypted data today would be able to decrypt it in future, should they have access to a CRQC [Cryptographically Relevant Quantum Computer]” (NCSC, Preparing for Quantum-Safe Cryptography whitepaper, 11 November 2020, link). 

• US Congress: “The rapid progress of quantum computing suggests the potential for adversaries of the United States to steal sensitive encrypted data today using classical computers and wait until sufficiently powerful quantum systems are available to decrypt it” (Congress, Quantum Computing Cybersecurity Preparedness Act, 21 December 2022, link). 

• GSM Association (GSMA): “The quantum threat presents multiple high-impact risks for the telecom industry and its users. Prior to the availability of a Cryptographically Relevant Quantum Computer (CRQC), motivated bad actors may harvest data and store it to decrypt it once quantum computing capabilities become available. This attack undermines data security with long-lived confidentiality needs, such as corporate IP, state secrets or individual bio-data. It is widely believed that some actors are already engaging in this type of attack” (GSMA, Post Quantum Telco Network Impact Assessment Whitepaper, 17 February 2023, link). 

Symmetric cryptography is a solution that can be implemented right now and can be used for both encryption and key exchange: 

• UK National Cyber Security Centre (NCSC): “In contrast with PKC [public-key cryptography], the security of symmetric cryptography is not significantly impacted by quantum computers, and existing symmetric algorithms with at least 128-bit keys (such as AES) can continue to be used” (NCSC, Next steps in preparing for post-quantum cryptography, 3 November 2023, link). 
• US National Security Agency (NSA): “NSA considers using pre-shared symmetric keys in a standards-compliant fashion a better near-term post-quantum solution than implementing experimental post-quantum asymmetric algorithms” (NSA, The Commercial National Security Algorithm Suite 2.0 and Quantum Computing, 7 September 2022, link).

The US Government has already directed their agencies to implement symmetric-key protections for National Security Systems (NSS): 

• The White House: “By December 31, 2023, agencies maintaining NSS shall implement symmetric-key protections (e.g., High Assurance Internet Protocol Encryptor (HAIPE) exclusion keys or VPN symmetric key solutions) to provide additional protection for quantum-vulnerable key exchanges” (The White House, National Security Memorandum on Promoting United States Leadership in Quantum Computing While Mitigating Risks to Vulnerable Cryptographic Systems, 4 May 2022, link).

About Arqit

Arqit Quantum Inc. (Nasdaq: ARQQ, ARQQW) (“Arqit”), a leader in quantum-safe encryption, supplies a unique Symmetric Key Agreement Platform-as-a-Service which makes the communications links of any networked device, cloud machine or data at rest secure against both current and future forms of attack on encryption – even from a quantum computer. Arqit’s Symmetric Key Agreement Platform delivers a lightweight software agent that allows devices to create encryption keys locally in partnership with any number of other devices. The keys are computationally secure and operate over zero trust networks. It can create limitless volumes of keys with any group size and refresh rate and can regulate the secure entrance and exit of a device in a group. The agent is lightweight and will thus run on the smallest of end point devices. The Product sits within a growing portfolio of granted patents but also works in a standards compliant manner which does not oblige customers to make a disruptive rip and replace of their technology. Arqit was recently awarded the Innovation in Cyber award at the UK National Cyber Awards and Cyber Security Software Company of the Year Award at the UK Cyber Security Awards. www.arqit.uk

Media relations enquiries:Arqit: pr@arqit.uk Gateway: arqit@gateway-grp.com

Investor relations enquiries:Arqit: investorrelations@arqit.uk    Gateway: arqit@gateway-grp.com

About BT

BT Group is the UK’s leading provider of fixed and mobile telecommunications and related secure digital products, solutions and services. We also provide managed telecommunications, security and network and IT infrastructure services to customers across 180 countries. BT Group consists of three customer-facing units: Consumer serves individuals and families in the UK; Business covers companies and public services in the UK and internationally; Openreach is an independently governed, wholly owned subsidiary wholesaling fixed access infrastructure services to its customers - over 650 communications providers across the UK. British Telecommunications plc is a wholly owned subsidiary of BT Group plc and encompasses virtually all businesses and assets of the BT Group. BT Group plc is listed on the London Stock Exchange. For more information, visit www.bt.com/about

About Fortinet

Fortinet (NASDAQ: FTNT) is a driving force in the evolution of cybersecurity and the convergence of networking and security. Our mission is to secure people, devices, and data everywhere, and today we deliver cybersecurity everywhere you need it with the largest integrated portfolio of over 50 enterprise-grade products. Well over half a million customers trust Fortinet's solutions, which are among the most deployed, most patented, and most validated in the industry. The Fortinet Training Institute, one of the largest and broadest training programs in the industry, is dedicated to making cybersecurity training and new career opportunities available to everyone. FortiGuard Labs, Fortinet’s elite threat intelligence and research organization, develops and utilizes leading-edge machine learning and AI technologies to provide customers with timely and consistently top-rated protection and actionable threat intelligence. Learn more at https://www.fortinet.com, the Fortinet Blog, and FortiGuard Labs. 

pr@fortinet.com

Caution About Forward-Looking Statements

This communication includes forward-looking statements within the meaning of the Private Securities Litigation Reform Act of 1995. All statements, other than statements of historical facts, may be forward-looking statements. These forward-looking statements are based on Arqit’s expectations and beliefs concerning future events and involve risks and uncertainties that may cause actual results to differ materially from current expectations. These factors are difficult to predict accurately and may be beyond Arqit’s control. Forward-looking statements in this communication or elsewhere speak only as of the date made. New uncertainties and risks arise from time to time, and it is impossible for Arqit to predict these events or how they may affect it. Except as required by law, Arqit does not have any duty to, and does not intend to, update or revise the forward-looking statements in this communication or elsewhere after the date this communication is issued. In light of these risks and uncertainties, investors should keep in mind that results, events or developments discussed in any forward-looking statement made in this communication may not occur. Uncertainties and risk factors that could affect Arqit’s future performance and cause results to differ from the forward-looking statements in this release include, but are not limited to: (i) the outcome of any legal proceedings that may be instituted against the Arqit, (ii) the ability to maintain the listing of Arqit’s securities on a national securities exchange, (iii) changes in the competitive and regulated industries in which Arqit operates, variations in operating performance across competitors and changes in laws and regulations affecting Arqit’s business, (iv) the ability to implement business plans, forecasts, and other expectations, and identify and realise additional opportunities, (v) the potential inability of Arqit to successfully deliver its operational technology, (vi) the risk of interruption or failure of Arqit’s information technology and communications system, (vii) the enforceability of Arqit’s intellectual property, and (viii) other risks and uncertainties set forth in the sections entitled “Risk Factors” and “Cautionary Note Regarding Forward-Looking Statements” in Arqit’s annual report on Form 20-F (the “Form 20-F”), filed with the U.S. Securities and Exchange Commission (the “SEC”) on 21 November 2023 and in subsequent filings with the SEC. While the list of factors discussed above and in the Form 20-F and other SEC filings are considered representative, no such list should be considered to be a complete statement of all potential risks and uncertainties. Unlisted factors may present significant additional obstacles to the realisation of forward-looking statements.