Keeping Our Data Safe: Why Cybersecurity Is Necessary
The threat landscape for data centres remains increasingly complex and dangerous. A data hack, or ransomware attack, could leave operators, customers and investors compromised, with threat actors having complex powers to extort or breach sensitive information or withhold services.
It is no secret that these attacks continue to evolve. Hackers across the world are targeting backups and using more sophisticated tactics such as double extortion — an example of which being the Indonesian data centre hack, which threatened to extort US$8m as a ransom.
As a result, businesses and governments are currently working to improve this bleak outlook by giving data centres greater protections that safeguard vital information, which could include healthcare, financial details or personal smartphone data.
In an age where data is dispersed across different endpoints, given hybrid working patterns, there is now a much greater need to prioritise data security.
"The principles for protecting your organisation are the same regardless of what sector your organisation operates in or what service it provides,” Jaimen Hoopes, Vice President & Product Management at Forcepoint, explains. “For data centre providers, the stakes are especially high given the breadth of sensitive data housed across industries and government agencies — and the cascading impact that a breach could create.”
We examine some of the leading security threats that data centres have to wrestle with and how businesses can better protect themselves.
Confronting unique data centre security challenges
One of the most significant challenges threatening data centres today is ransomware. As this method of attack has continued to evolve, it has now become much more accessible to cybercriminals.
This method of attack operates by encrypting critical data and halting operations until a ransom sum is paid. Often, backups are impacted which makes recovery near-impossible. Such a significant incident can result in severe, or even catastrophic, losses for businesses in addition to a lengthy spell of downtime, or even reputational damage.
“What makes ransomware particularly insidious is its adaptability,” says Harshul Asnani, President and Head - Europe Business at Tech Mahindra “Attackers target vulnerabilities in outdated software, weak password policies or misconfigured systems to gain entry.
“Data centres, which house vast amounts of sensitive data and power critical infrastructure, are prime targets for these attacks. The fast growth of cloud adoption and the increasing complexity of hybrid environments create additional entry points, further amplifying the risk.”
Notably, firmware — which is vital for hardware setup — can cause cybersecurity issues if it has not been updated. More sophisticated attacks on essential components of a data centre will often impact the supply chain, which compromises vendors and allows hackers to gain access to multiple targets.
“If organisations don’t know or understand when new updates are available or when to apply patches, they can fall behind and become vulnerable to cyberattacks,” comments Kevin Brown, Senior Vice President, EcoStruxure Solutions, Secure Power Division at Schneider Electric. “The result can be expensive and range from downtime and lost business to data corruption and potential damage to your company’s reputation.
“The data is clear that most OT devices in the market are not running the latest firmware. Many enterprise customers manage their critical power and cooling infrastructure with their own in-house management tools, third-party network management tools, or building management systems. It may be surprising, but these systems don’t know when the firmware at your connected endpoints is out-of-date.”
In order to combat such advanced threats, data centre operators are encouraged to be proactive. Ensuring that all devices are compliant with security policies is necessary in order to avoid security issues before they arise.
“To combat these threats, data centres need a multi-layered security approach with continuous monitoring, regular vulnerability assessments and robust incident response plans,” adds Bernard Montel, Technical Director EMEA and Security Strategist at Tenable. “It's crucial to have visibility across on-premises, cloud and hybrid environments to quickly expose and close cyber risk.”
Tech Mahindra’s Harshul Asnani also highlights: “With regular system patching to close vulnerabilities and robust backup strategies that allow quick recovery without paying a ransom, businesses can stay resilient and minimise the impact of ransomware attacks.”
How data centre businesses can mitigate attack surfaces
Such stringent strategies to avoid overwhelming cyberattacks require the sector to ensure their workforce is knowledgeable enough about all types of risk. Businesses must act now to invest in talent and skills development to combat threats, which prioritises technical expertise.
“One of the most impactful strategies is creating comprehensive training programmes that keep pace with the cyber threat landscape,” Harshul notes. “Cybersecurity is not static — providing ongoing education and hands-on training ensures employees are equipped to tackle these changes head-on.”
Continuous updating of skills, coupled with advancing technology, is an essential strategy that will build a stronger and more resilient workforce. Likewise, businesses will benefit from hiring more diverse teams with a range of different abilities and skill sets, as this is invaluable when it comes to solving mission-critical problems.
“This involves not only recruiting and retaining skilled professionals through competitive compensation and growth opportunities but also providing ongoing training and encouraging participation in industry events,” Bernard explains. “Implementing mentorship programmes, fostering a culture of continuous learning and partnering with academic institutions can help develop talent pipelines. Investing in automation and AI can augment human capabilities, allowing staff to focus on high-value tasks.”
AI: Help or hindrance?
Perhaps most significantly in recent years, the dramatic growth of artificial intelligence (AI) has irreversibly impacted the data centre industry. Its influence has been inevitable, with countless technology companies eager to invest in the technology, which has led to concerns over sustainability, energy efficiency and the impact on security.
Infrastructure inside a facility is now more complex on account of AI, which is bolstering workloads. This is something data centres can benefit from as far as AI-powered automation and data analytics is concerned. However, such complexities could ultimately lead to greater cybersecurity threats.
“This complexity combined with the almost total dependence we have on IT in our daily lives has created a significant challenge,” Kevin says. “We don’t know yet where AI will impact the hybrid IT environment. Many argue that inference servers will be deployed at the edge of the network and it is unclear, assuming this happens, what the impact on the hybrid IT environment will be.
“AI will be a marathon not a sprint and we are at the beginning stages. Regardless of how the market evolves, the fundamentals won’t change. Our focus is on making it easier for the organisation to effectively manage these devices while they absorb the new complexity that trends like AI will create.”
Organisations are already facing significant AI-related security challenges, with teams having to confront compliance concerns, vulnerability detection and remediation, containing data leakages and putting a stop to unauthorised AI use.
With this in mind, some organisations are reimagining cybersecurity as a global force to eradicate business risk, instead helping organisations reduce their cyber exposure. This approach aims to unify security visibility and insight across the entire attack surface to protect critical infrastructure.
“As AI technologies rapidly evolve, organisations must find a way to keep track of AI software, libraries and browser plugins in their environment, which can threaten data security and compliance efforts,” Bernard comments. “By addressing these challenges proactively, organisations can harness the benefits of edge computing and AI while maintaining a strong security posture.”
In this vein, data centre businesses use AI to their own advantage. Tech Mahindra is already doing this, as Harshul highlights, adopting next-generation technologies like AI to identify and address risks faster and more effectively.
“With advanced Security Information and Event Management (SIEM) systems in place, we now have real-time, centralised visibility across our entire threat landscape, enabling us to mitigate risks before they escalate proactively,” he says.
Tenable also employs AI to tackle rising cybersecurity risks. In this way, the technology can be a positive for data centres, analysing vast amounts of data and therefore being able to identify complex patterns for businesses seeking greater security insights.
“As cyber threats evolve, AI-powered security solutions continuously learn and adapt, ensuring they can detect new and emerging threats and prevent breaches before they occur,” he says.
“There's no one-size-fits-all when it comes to cybersecurity, but ensuring a robust strategy that focuses on protecting data wherever it resides is a great place to start regardless of industry. Implementing a strong data security posture that accounts for the changing landscape and can defend against new and previously unknown attacks is key.”
To read the full story in the magazine, click HERE.
Explore the latest edition of Data Centre Magazine and be part of the conversation at our global conference series, Tech & AI LIVE and Data Centre LIVE.
Discover all our upcoming events and secure your tickets today.
Data Centre Magazine is a BizClik brand
- Re:Invent 2024: How AWS & Nvidia are Powering Ahead With AITechnology & AI
- DE-CIX: AI Will Continue to Transform 2025 Tech LandscapeNetworking
- How AWS Plans to Boost Sustainability with Orbital MaterialsTechnology & AI
- Schneider Electric's AI Data Centre Solutions: ExplainedTechnology & AI