Datacentres are to be classed as ‘critical national infrastructure’ and given more support to recover from cyberattacks, IT outages and environmental events.
The UK Government announced today that the facilities will come under the CNI regime, alongside the energy sector, water systems and emergency services.
The enhanced status will protect data housed and processed in UK datacentres such as photos taken on smartphones to patients’ NHS records and sensitive financial information.
It is the first critical national infrastructure designation in almost a decade, since the space and defence sectors gained the same status in 2015.
Datacentre operators can now expect greater government support in recovering from and anticipating critical incidents, giving the industry greater reassurance in their UK operations.
Technology Secretary Peter Kyle said: “Datacentres are the engines of modern life, they power the digital economy and keep our most personal information safe.
“Bringing datacentres into the critical national infrastructure regime will allow better coordination and cooperation with the government against cybercriminals and unexpected events.”
It comes as the government today welcomes a proposed £3.75 billion investment in Europe’s largest datacentre. Plans were submitted to Hertsmere Borough Council for construction in Hertfordshire by data company DC01UK, which will directly create over 700 local jobs and support 13,740 data and tech jobs across the country.
A dedicated CNI data infrastructure team of senior government officials will be setup to monitor and anticipate potential threats, provide prioritised access to security agencies including the National Cyber Security Centre, and coordinate access to emergency services should an incident occur.
It’s hoped the new status will deter cyber criminals from targeting datacentres that may house vital health and financial data, minimising disruption to people’s lives, the NHS and the economy.
In the event of an attack on a datacentre hosting critical NHS patients’ data, for example, the government would intervene to ensure contingencies are in place to mitigate the risk of damage or to essential services, including on patients’ appointments or operations.
Currently, the UK is home to the highest number of datacentres in Western Europe. Datacentres in Scotland include DataVita’s DV1 facility in Lanarkshire, Brightsolid in Dundee, three Pulsant facilities in Edinburgh and iomart Glasgow.
Scottish Futures Trust-funded research by TechRe in 2021 put forward plans for 12 brownfield sites across Scotland to be redeveloped into ‘green datacentres’, powered by renewables, following concerns over the carbon intensity of the industry, and also to improve connectivity across the country.
Earlier this year, DataVita announced plans to invest in new infrastructure and capabilities in response to growing demand for AI services.
The firm also said the higher proportion of renewable sources in Scotland’s energy mix meant there is a much lower carbon footprint associated with hosting datacentres in the country compared to the rest of the UK and other nations.