By Abdul Khader Aslam, Senior Manager, Information Security Compliance, Risk & Governance, Equinix
It’s important for data center operators, to plan for operational threats such as extreme weather conditions and unstable power grids. But it’s also important to consider human factors – the new security threats caused due to malicious attackers and geopolitical conflicts.
Why are data centers such a target?
Data centers are targeted by threat actors for many reasons. Some are motivated by a nation-state, political ideology or personal financial gain. It begs the questions: They could achieve these same goals by targeting other facilities and institutions. So why do so many of them target data centers?
It is said that a bank robber was once asked why he robbed the banks. He replied, “Because there’s money there.” This story is likely apocryphal but speaks to a deeper truth. Sometimes the obvious answer is correct. Data is the currency in the digital world. Cybercriminals today are similar to the bank robbers from the past, as they target data centers in order to steal data. Data center operators manage and collect an asset of tremendous value. We must be prepared to protect it.
In recent years we’ve seen an increase in cyber-attacks on the data center industry. These attacks target not only the data centres themselves, but also our supply chain partners such as control systems and energy companies that we work with. These attacks are highly sophisticated and follow patterns which suggest a high degree of planning and coordination.
How can operators, regulators and other stakeholders work together to address this issue?
The attacks on data centers have become so common that even government agencies are taking note. Data centers are viewed by regulators as critical infrastructure. This is a fair assessment: taking them offline could damage the economy, disrupt communication, and put citizens in danger. Regulators often intervene to ensure that data centers receive the protection they require.
Data center operators are in a unique situation: Not only do we have to implement the necessary controls to protect our data centers, but we also need to be able demonstrate these controls to government regulators and to our customers and business partners.
It’s a complicated undertaking, but it comes with being the global platform that connects digital businesses and aggregates data. We know that as business data grows, both in terms of volume and value, the threats to data centers will also grow. We look forward in working with government agencies to combat these threats.
AI and ecosystem collaboration to combat new threats
The sophistication and frequency of attacks on data centers is increasing, but our security tools to protect ourselves and customers are also improving. We’re focusing on how we can implement AI security capabilities to thwart threats and keep our customers systems and hosted data safe.
Infosec models are no different. AI models are only good as the data that you feed them. We need a variety of threat intelligence data sources in order to identify and protect ourselves against the diverse and constantly changing threats we face. We’ve created threat intelligence exchanges to get the data we require. These exchanges enable our partners in government and industry to share their threat information. Collaboration with an ecosystem will allow us to gain greater visibility of threat indicators, and we can then respond appropriately to mitigate these threats. We must consider all possible points of vulnerability because threats can spread quickly and start small. Any security threat that is successful against one of our suppliers may end up affecting our customers.
We work to ensure our suppliers and partners practice good cyber hygiene. We would prefer that they avoid an incident, but if they do, we will work with them to minimize the impact. We know that when an incident occurs, our customers will have many questions and concerns. We want our partners’ help to show customers that we are doing everything possible to keep their data secure.
Become a trusted advisor for security to customers
We also realize that our customers themselves are a potential conduit for our systems. We want to help our customers identify any security gaps. We contact customers to help them resolve an issue when we identify it.
It could be as simple as addressing the issue of password hygiene or implementing multifactor authentication for our customer portals. Even small steps like these can help protect our customers and ourselves.
We want to make sure that our customers are aware of all the ways we work to protect their data. We maintain a number of industry and regulatory certifications that demonstrate our commitment to industry best practices in cybersecurity. Our self-service portal provides a complete report of all certifications. Customers can obtain the artifacts that they need to comply with their own risk management or compliance programs, without having to ask for them.