Why the UK is Listing Data Centres as Critical Cyber Assets

Share
The potential impact of a successful attack on a data centre could be devastating
Being Western Europe's leader in number of Data Centres, the UK has decided to take steps to ensure they receive adequate protection from cyber threats

Data centres have taken centre stage of the UK government’s cyber strategy as they announce plans to designate them as Critical National Infrastructure (CNI).

“Data centres are the engines of modern life, they power the digital economy and keep our most personal information safe,” said UK Technology Secretary Peter Kyle. “Bringing data centres into the Critical National Infrastructure regime will allow better coordination and cooperation with the government against cyber criminals and unexpected events.”

The UK is currently home to the highest number of data centres in Western Europe, with the UK Chancellor yesterday announcing an additional £8bn (US$$10.4bn) investment from AWS in the country’s data centre market.

“AWS’s plans follow similar announcements in Germany, Spain, Italy, and France, highlighting the UK’s growing appeal as a hub for global tech investment,” says Libero Raspa, Managing Director of adesso UK.

This CNI designation, the first since 2015, reflects not only the growing role that data centres play in modern economies, but also the increasingly dangerous cyber threat landscape the world finds itself in.

A new era for data centre protection

The designation of data centres as CNI will see the establishment of a dedicated data infrastructure team of senior government officials. 

This team will be tasked with monitoring and anticipating potential threats, providing prioritised access to security agencies such as the National Cyber Security Centre, and coordinating access to emergency services in the event of an incident.

Equally, CNI coverage will include both the physical data centres and the cloud operators that use them to supply ordinary services like iCloud on your iPhone, and including companies such as Microsoft, Amazon and Google.

Google has plans for a US$1bn investment in a new UK data centre

 “Threats such as cyber attacks or extreme weather conditions are a case of when, not if, so it’s vital to have redundancies in place to not only protect data centres, but ensure networks stay online,” Jennifer Holmes, CCO at LINX says of the announcement.

This added level of support can aid to improve the cyber security posture of such data centres, and also aid in the recovery of them should an incident cause them to go down.

This will work in tandem with the proposed Cyber Security and Resilience Bill to strengthen the UK’s cyber defences.

The threats facing data centres

The move comes at a critical juncture, as recent reports have revealed an alarming increase in DDoS attacks. 

These attacks, which aim to overwhelm servers and networks with a flood of traffic, have more than doubled in frequency over the past year. 

The surge in DDoS attacks is particularly concerning for data centres, which are prime targets due to their critical role in storing and processing vast amounts of sensitive information. 

Youtube Placeholder

The potential impact of a successful attack on a data centre could be devastating. They are crucial for sectors ranging from healthcare and finance to manufacturing and professional services.

 “We welcome today’s announcement by the government which recognises the critical nature of data centres and digital infrastructure to the economy and society,” explains Bruce Owen, UK Managing Director of digital infrastructure provider Equinix.  

It is for reasons like this that the Biden administration over the pond has also taken similar efforts to securing key infrastructure from cyber threats.

A recent incident highlighting this vulnerability was the Crowd Strike attack earlier this summer. Although not a data centre issue, it highlighted how widespread issues involving the technology can be, as 60% of GP practices in the UK were affected because of it.

Securing the engines of the future

As data centres gain this new protected status, they face both challenges and opportunities. The industry must grapple with issues of energy consumption and environmental impact while continuing to innovate and support emerging technologies like AI.

Yet if this CNI designation does one thing, it at least helps them tackle the very real and growing cyber threat levied against them.

As cyber threats continue to evolve and intensify, the UK’s recognition of the key not only the key role data centres play, but the threat landscape the world finds itself in, will ensure that the vital infrastructure underpinning our modern, technology-driven society receives the protection and support it needs.

******

Make sure you check out the latest edition of Cyber Magazine and also sign up to our global conference series - Tech & AI LIVE 2024

******

Cyber Magazine is a BizClik brand

Share

Featured Articles

Fortinet's Mission to Bridge the Cybersecurity Skills Gap

Fortinet is halfway through its five-year mission its mission to train one million individuals in cybersecurity

Gigamon’s Mark Coates on What’s Wrong with UK Cybersecurity

Gigamon’s Mark Coates explains that the UK has several cybersecurity shortcomings, and explains how to address them

Cloudflare and the Push for E2E Encryption of Messaging Apps

Cloudflare has partnered with Whatsapp to deliver E2EE and Key Transparency for millions of users

Why Biden Was Proved Right on Push to Secure Water Utilities

Cyber Security

AI-Native Edge: Juniper Networks Vision of Networking

Network Security

DNV & CyberOwl Join to Give Shipping Huge Cyber Offering

Operational Security