Cyber Security Benefits from Government Grant
Data and cyber security are becoming, more than ever, a pressing concern in the UK. A recently announced government grant amounting to £700k worth of new investment is set to boost the growth of the country’s cyber security sector. This money, granted to UK Cyber Cluster Collaboration (UKC3) – a network of 20 regional clusters of cyber entities that collaborate to boost the country’s cyber security sector – is to be spent in a range of ways, from developing new skills among the employees of cyber firms to boosting employment into the sector. As information technology has advanced, so security has become more of an issue as ever-increasing amounts of vital data are stored in the various data centres used by everyone from mobile phone companies to internet service providers. Seen in this light then, the announcement marks yet another avenue to help keep pace with increased security risks on the ever-increasing data stored by such digital services.
Provided by the Department for Digital, Culture, Media and Sport (the DCMS), it remains to be seen what proportion of this funding will make it into the data centre sphere. Undoubtedly, this is one of the areas that can expect to benefit though, given its overwhelming importance to the nation – an importance that only increases with time. What, then, are the biggest issues when it comes to data centre security and what changes can we expect?
Data Centre Security
Despite having a ‘physical’ location, data centres can also be thought of as a virtual safe of valuable data and a critical part of any entities’ virtual infrastructure. Cyber security, therefore, is of paramount importance to data centres. Data centres are constantly under assault from a range of digital threats that have the potential to steal, corrupt or destroy the vital data contained there. Safety standards for data centres can be thought of in the context of an ever-evolving battle, which ensures that the facilities are at the forefront when it comes to safety against any sort of cyber-threat. Cyber-security (of all kinds, not just for data centres) is by its very nature an evolving discipline and technology. As the threats develop, so too must the security.
The level of data centre security required in any given case is something that not only varies to match the threat posed, but also develops with time. That said, some essential security measures have changed very little over the last couple of decades. Unsurprisingly, many of these revolve around the actual physical security of data centres. Sceptics of this particular form of data centre security should recall the case of Anthony Lewandowski, the Google employee who stole trade secrets and shared them with Uber. The data breach was essentially a case of Lewandowski physically accessing the site to steal the data.
But of course, cyber security is the most important element of data centre security. Any advancements made in this department naturally begin with an analysis of a data centre’s level of cyber security. This can be achieved using a security information and event management (SIEM) tool, which offers a real-time view of a data centre’s security position. The security information gained using a SIEM is often invaluable in detecting weak points in a data centre’s software security. Things that can be checked with a SIEM include buffer overflows, code vulnerabilities and disguised malware.
After diagnosis with a SIEM, security can be layered onto a data centre by creating secure zones, which can range from flexible test areas to a production area with the most stringent software security. With the recent increased funding for the cyber security sector, we expect SIEM analysis and the resultant secure zone implementation to be among the areas most heavily funded in order to bolster the security of data centres.