Advancing UK Aerospace, Defence, Security & Space Solutions Worldwide
  • Home
  • /
  • Security
  • /
  • NCSC and CPNI offer joint security strategy to data centre operators and users

Security

NCSC and CPNI offer joint security strategy to data centre operators and users

The National Cyber Security Centre (NCSC) and the Centre for the Protection of National Infrastructure (CPNI) have jointly issued guidance to help UK’s data centres stay secure, so that for the first time data centre operators will have access to tailor-made advice on how to keep the UK’s online assets secure.

Image courtesy NCSC

The new guidance from the National Cyber Security Centre (NCSC) – a part of GCHQ – and the Centre for the Protection of National Infrastructure (CPNI) helps users and operators of data centres understand and mitigate potential security vulnerabilities.

Data is one of the UK’s most valuable assets, and it underpins almost all facets of modern life. However, this can make data centres an attractive target for threat actors, both physically and in cyberspace.

Advertisement
Teledyne

The new guidance sets out a holistic security strategy which encourages owners and users to consider how:

  • location and ownership of a data centre can affect who has access to sensitive information or affect strategic operating decisions
  • cyber threat actors continuously evolve their methodology to breach defences
  • strong physical security can mitigate covert and forceful entry to data assets
  • employees are critical to an effective security culture

NCSC Technical Director Dr Ian Levy said: “Operators and users of data centres have a clear responsibility to protect the data that they hold and process – failing to do this poses a massive financial, reputational and, in some cases, national security risk.

“Owning these responsibilities means understanding the array of methods that malicious actors could use to compromise a data centre both physically and digitally.

“I urge operators and users of data centres to consult this joint guidance and adopt the holistic security strategy it recommends.”

The Head of CPNI said: “Data centres and the data they hold are invaluable to the UK’s economy, security and prosperity. Threat actors constantly seek to evolve their methods to exploit any weaknesses in data infrastructure security, often concurrently.

“To minimise the risk of a breach it is critical that data centre security is viewed holistically with physical, people and cyber security risks considered with other factors such as where in the world infrastructure is located.

“By doing so, data centre owners and users can better safeguard their customer’s data, their business operations and keep the UK’s digital infrastructure running.

“In this period of stark geopolitical uncertainty, there is no better time than now for data centre operators and users to read the full guidance and make sure they’re best protected.”

For more information, users and operators of data centres should visit the CPNI website: www.cpni.gov.uk/data-centre-security

Advertisement
Gulfstream RT

For broader advice on configuring, deploying and using cloud services securely, people can consult the NCSC’s existing cloud security guidance

 

 

 

 

 

Advertisement
Cranfield University
QinetiQ US achieves DoD

Security

QinetiQ US achieves DoD's CMMC Level 2 Cybersecurity Certification

16 July 2025

Advanced certification has positioned QinetiQ US among early achievers in a select group of companies meeting the US Department of Defense's enhanced cybersecurity standards, having earned Level 2 certification under the DoD Cybersecurity Maturity Model Certification (CMMC) programme with zero findings.

SkyShark takes flight

Defence Security

SkyShark takes flight

16 July 2025

MGI Engineering, a company forged in the fast-paced world of Formula 1, has officially unveiled SkyShark, a next-generation military drone platform designed to transform battlefield operations with speed, precision and UK-built sovereignty.

Chief Superintendent Fiona Gaffney joins NPAS as COO

Security

Chief Superintendent Fiona Gaffney joins NPAS as COO

15 July 2025

The National Police Air Service (NPAS) has welcomed Chief Superintendent Fiona Gaffney as its new Chief Operating Officer (COO), following the retirement of Chief Superintendent Vicki White after 30 years of service to policing.

Lane Electronics to showcase connectivity solutions at DSEI 2025

Defence Security Events

Lane Electronics to showcase connectivity solutions at DSEI 2025

15 July 2025

Franchised distributor of electrical, electronic and optical connectors, Lane Electronics, will be exhibiting at DSEI 2025 (9th–12th September 2025, Excel London) will have the opportunity to explore the company’s latest connector technologies and its UK-based assembly and services.

Advertisement
DSEI 2025
UK and France agree scheme to address illegal Channel crossings

Security

UK and France agree scheme to address illegal Channel crossings

11 July 2025

The Prime Minister Keir Starmer and French President Emmanuel Macron, have agreed a scheme to address illegal Channel crossings and dismantle the people smuggling networks.

IFS appoints Kriti Sharma as CEO of Nexus Black

Aerospace Security

IFS appoints Kriti Sharma as CEO of Nexus Black

11 July 2025

IFS has appointed Kriti Sharma as CEO of IFS Nexus Black. This strategic move reinforces IFS’s commitment to industrial AI and fast-tracks the development of agentic AI systems designed for the asset- and service-intensive industries it serves.

Advertisement
DSEI 2025