- On September 12, UK Technology Secretary Peter Kyle announced that data centers will now be considered critical national infrastructure.
- A dedicated CNI team will also be set up to monitor for potential threats and provide priority access to security agencies if needed.
- This is to ensure that data centers are protected from cyberattacks, IT outages, and natural disasters, which in turn will minimize the disruption faced by the people.
The UK has decided to promote its data centers to the Critical National Infrastructure (CNI) status. This means it will now get special government support to minimize the economic impact caused by IT outages, cyberattacks, and natural disasters.
The decision was announced on September 12 by the UK Technology Secretary Peter Kyle. He also proposed a £3.75bn investment in a new data center in Hertfordshire, in the north of London.
‘Bringing data centers into the critical national infrastructure regime will allow better coordination and cooperation with the government against cybercriminals and unexpected events,’ – Peter Kyle
For starters, a dedicated CNI data infrastructure team will be set up. It will consist of senior government officials who will look out for potential threats and will also provide priority access to security agencies including the National Cyber Security Centre (NCSC) in case a crisis occurs.
Data centers are the 14th addition to the CNI list and the first addition in the last 10 years. The last addition was made in 2015. Other sectors on the CNI list include health, finance, water, transport, defense, etc.
Is This Move Really Effective in Deterring Cybercriminals?
One of the primary reasons for making data centers a CNI is to protect them from cyberattacks. Many government officials/departments have appreciated this initiative.
- For example, Felicity Oswald, CEO at the NCSC said she welcomes this move since data centers play a critical role in our economy and society and deserve special protection.
- The Department for Science, Innovation, and Technology (DSIT) said that adding data centers to the list of CNI will make hackers think twice about targeting them.
But is that really true?
From what we have seen in the recent trends, CNIs are often at a bigger risk of being targeted. That’s because the threat actors know that compromising a CNI will cause the most disruption and bring the authorities to their knees, making it easier to get their demands fulfilled.
Similarly, Toby Lewis, Global Head of Threat Analysis at global cybersecurity biz Darktrace, also reminded us that data storage is not restricted to one country. If the government truly wants to protect UK citizens, then its rules need to work cross-border so that UK data stored outside the country is just as protected.
About the £3.75bn Data Center Investment
As we mentioned earlier, the UK Technology Secretary Peter Kyle also announced a proposed £3.75bn investment in data centers in Hertfordshire.
Speaking about this proposal, he said that it’s a clear indication of how his determination is strengthening the UK’s technical industry which in turn is contributing to the economy.
What makes this decision so much more special is that before the UK’s Labour government won this general election, there were planning-related decisions that blocked the construction of these new data centers. As soon as they won, two planning decisions were recalled to make space for the data center projects.
The DSIT also feels that adding the CNI status to data centers will encourage more investments in the future.
For instance, just a few days ago, Amazon’s AWS unveiled a 5-year plan to invest £8 Billion in the UK. (we don’t know if their decision was motivated by data centers being designated as CNI but it’s certainly a possibility), Similarly, Google will also invest $1 billion in a new data center in the UK.