- One of the best pool-cleaning robots I've tested is $450 off for Prime Day
- Apple's M2 MacBook Air is on sale for $749 for Black Friday
- I replaced my desktop with this MSI laptop for a week, and it surpassed my expectations
- AI networking a focus of HPE’s Juniper deal as Justice Department concerns swirl
- 3 reasons why you need noise-canceling earbuds ahead of the holidays (and which models to buy)
Data centers are now critical national infrastructure, says UK government
It said the additional protections resulting from the CNI designation will mean data stored in the UK is less likely to be compromised during outages, cyberattacks, and adverse weather events. But while it might indeed discourage cyberattacks on low-value targets, if a data center has data of interest to state actors or even high-value information for phishing or ransomware attacks, it’s unlikely to make a major difference.
Eric O’Neill, a founding partner of cybersecurity consulting firm The Georgetown Group and a former FBI agent, said that it is unlikely that the UK designation and its supporting services would reduce the number of cyberattacks, and “it is not likely to reduce the likelihood of attacks. Designation doesn’t do anything to discourage an attack.”
Indeed, O’Neill argued that it is just as likely to have the opposite impact by all but daring the attackers to attack. Attackers are sometimes “about how awesome they are and are thumbing their nose at the west and making a splash with all of their friends online. They have pride,” O’Neill said.
Brian Levine, a former government attorney who today serves as a managing director at Ernst & Young, said that he thought the UK declaration was a good thing, but “the devil is in the details” because the UK government didn’t specify the particulars of the support they will be delivering.
Overused term
“The term ‘critical infrastructure’ is often overused by governments. The definition of critical infrastructure is usually somewhat vague. In this case, including data centers is not unreasonable and may make sense, but it depends on what the government will actually be doing,” Levine said.
The US, for example, lists a wide range of critical infrastructure sectors but doesn’t specify data centers. But it doesspecify various sectors — including information technology, healthcare, and financial services — that would absolutely impact almost every major cloud environment.