Member Article

The UK government has recently proposed new regulations to strengthen security measures for data centres operating in the UK. The new regulations aim to protect data centre facilities against potential disruption, including cyber-attacks, physical threats, and extreme weather events.

The government has launched a new consultation, ‘Protecting and enhancing the security and resilience of UK data infrastructure’ asking for views on the proposed measures from various stakeholders within the data centre industry, including operators, cloud platform providers and customers of data centre facilities.

The consultation sets out the government’s proposals to make minimum security and resilience requirements mandatory for data centre operators. The proposals also include a new statutory framework being implemented together with a regulator being appointed to ensure compliance of the proposed framework and enforcement against non-compliance.

The move is intended to protect businesses and services that rely on data centres against disruption, reducing the risk of significant incidents that would interrupt or compromise access to data they rely on, and encourage better transparency of information and cooperation across industry and the government. The government’s view is that the proposed changes will ultimately help safeguard UK national security, making it more attractive to potential tech investors.

The consultation will close on 22 February 2024.