in Security

NCSC and CPNI offer joint security strategy to data centre operators and users

Posted 7 March 2022 · Add Comment

The National Cyber Security Centre (NCSC) and the Centre for the Protection of National Infrastructure (CPNI) have jointly issued guidance to help UK’s data centres stay secure, so that for the first time data centre operators will have access to tailor-made advice on how to keep the UK’s online assets secure.

Image courtesy NCSC

The new guidance from the National Cyber Security Centre (NCSC) – a part of GCHQ – and the Centre for the Protection of National Infrastructure (CPNI) helps users and operators of data centres understand and mitigate potential security vulnerabilities.

Data is one of the UK’s most valuable assets, and it underpins almost all facets of modern life. However, this can make data centres an attractive target for threat actors, both physically and in cyberspace.

The new guidance sets out a holistic security strategy which encourages owners and users to consider how:

  • location and ownership of a data centre can affect who has access to sensitive information or affect strategic operating decisions
  • cyber threat actors continuously evolve their methodology to breach defences
  • strong physical security can mitigate covert and forceful entry to data assets
  • employees are critical to an effective security culture

NCSC Technical Director Dr Ian Levy said: “Operators and users of data centres have a clear responsibility to protect the data that they hold and process – failing to do this poses a massive financial, reputational and, in some cases, national security risk.

“Owning these responsibilities means understanding the array of methods that malicious actors could use to compromise a data centre both physically and digitally.

“I urge operators and users of data centres to consult this joint guidance and adopt the holistic security strategy it recommends.”

The Head of CPNI said: “Data centres and the data they hold are invaluable to the UK’s economy, security and prosperity. Threat actors constantly seek to evolve their methods to exploit any weaknesses in data infrastructure security, often concurrently.

“To minimise the risk of a breach it is critical that data centre security is viewed holistically with physical, people and cyber security risks considered with other factors such as where in the world infrastructure is located.

“By doing so, data centre owners and users can better safeguard their customer’s data, their business operations and keep the UK’s digital infrastructure running.

“In this period of stark geopolitical uncertainty, there is no better time than now for data centre operators and users to read the full guidance and make sure they’re best protected.”


For more information, users and operators of data centres should visit the CPNI website: www.cpni.gov.uk/data-centre-security

For broader advice on configuring, deploying and using cloud services securely, people can consult the NCSC’s existing cloud security guidance

 

 

 

 

 

* required field

Post a comment

Other Stories
Advertisement
Latest News

Serco acquires Sapienza

Serco Group plc has entered into an agreement to acquire Sapienza Group, from TP Group plc, to expand its offering to the European space sector.

Menzies Aviation renews Air Canada contract at Heathrow

Menzies Aviation today announced it has renewed a significant ground services contract with Air Canada at Heathrow Airport (LHR) and won new business at Copenhagen Airport (CPH).

Views sought to boost security of UK data centres and cloud services

Looking to strengthen security and resilience of UK’s data infrastructure to protect against outages and national security threats, the Government has announced it is seeking views on how to boost the security and resilience of

UK Government to host AFF22 onboard HMS Prince of Wales in New York

On 28th-29th September, the UK Government will host the Atlantic Future Forum (AFF22) on the aircraft carrier HMS Prince of Wales in New York, bringing together senior politicians, policymakers, military leaders, academia, business

Stay ahead of the airplane

Neil Ballinger, head of EMEA at EU Automation, looks at ways of stepping up to the challenges currently facing aerospace supply chains.

Airbus launches UK ZEDC

Airbus is strengthening its presence in the UK with the launch of a Zero Emission Development Centre (ZEDC) for hydrogen technologies, to be based in Filton, Bristol.

Future Armoured Vehicles Weapon Systems
See us at
DVD BT2704220922Future Armoured Vehicles Weapon Systems BTFuture Arm Vehicles Power Systems BTAdvanced Engin BT2504031122Future Arm Vehicles Active Protection Systems BT