Data Centre Review H2 2025 by SJP Business Media

Think again Does the UK’s AI data centre vision need a rethink?

DATA CENTRE REV I EW

Resilient physical infrastructure: Key defence against data breaches

Companies that prioritise physical infrastructure today will not only defend against data breaches but also create a resilient platform for the AI-driven future

This issue

4 • Editor’s Comment

Should we fear the bubble bursting?

8 • Cooling

Ecolab’s Stephanie Buschmann highlights the importance of rethinking the way we cool data centres during the AI era.

14 • Data Centre Design & Operations

Steve Clifford, Director of Data Centres at EMCOR UK, says only integrated, in-house engineering and phased delivery can meet AI-era risk.

18 • Green IT & Sustainability

Germany’s Energy Efficiency Act sets the tone for Europe – and Cundall’s Alec Stewart thinks we should be paying close attention to it.

26 • Industry

Charlie Bruinvels from BCS calls for collaborative, region-first Energy Infrastructure Projects from Scotland to Leeds and Wales to make AI viable beyond west London.

29 • Security

People remain the biggest risk to data centre security, according to John Bekisz, Vice President of Data Centre & Critical Infrastructure Practice at Guidepost Solutions.

Editor’s Comment

Much ado about nothing

The AI boom looks like a bubble – a big one, and there are warning signs that it could be about to burst. Money is pouring into anything with ‘AI’ on the label, and most of it isn’t earning a penny in profit. Companies are buying shares in each other, renting each other’s data centres, and booking the income as if it were new money. It’s a merry-go-round of hype and accounting tricks.

But here’s the twist: the UK’s data centre market probably won’t collapse when the bubble bursts. It may seem like the industry is firing on all cylinders, but compared to the US, our data centre industry is growing much slower.

Now, don’t get me wrong, no one is saying that there won’t be an impact. If you listen to the UK Government or those within the industry, the AI hype train is very much alive and well on this side of the Atlantic, but the impact should be much more limited due to some very real roadblocks – there isn’t enough electricity, land, capital, or planning approval to build at the same wild pace as the US.

Those that will be impacted are developers who build massive ‘AI-ready’ campuses without firm tenants, or lenders who believe every AI sales pitch. There will also be some projects that will be shelved, likely from the tech giants who have committed to spending billions in the UK but may be impacted from the bubble bursting over in the US, and prices for new sites will cool.

But let’s not forget, the core business for data centres – keeping Britain’s digital infrastructure running – won’t vanish. Cloud services, gaming, fintech, and government systems will still need secure, reliable data space. And even if the AI bubble bursts, there’s no putting the AI genie back in the bottle.

So, what should the UK industry do? Be cautious. Don’t believe every forecast about endless AI demand. Build only when you have guaranteed power and committed customers. Charge realistic prices for energy, and don’t assume GPUs will fill every rack.

The coming correction will shake out the fantasy projects and remind everyone that data centres are industrial assets, not lottery tickets. And when the dust settles, the UK will still be standing – not because we were clever, but because we couldn’t grow fast enough to blow ourselves up. In the end, limited power might be the smartest defence we’ve got.

And remember – it’s not like we haven’t been here before. The dotcom bubble burst in 2000, and the internet hasn’t gone anywhere. In fact, some of the big name survivors from that era – notably Amazon – have gone on to further fuel the current bubble. So even if the bubble bursts, it’s really not the end of the world.

Jordan O’Brien, Managing Editor

MANAGING EDITOR

Jordan O’Brien

jordano@sjpbusinessmedia.com

DESIGN & DIGITAL PRODUCTION

Rob Castles

robc@sjpbusinessmedia.com

BUSINESS DEVELOPMENT MANAGER

Tom Bell

+44 (0)7741 911 317 tomp@sjpbusinessmedia.com

GROUP COMMERCIAL DIRECTOR

Fidi Neophytou

+44 (0) 7741 911302 fidin@sjpbusinessmedia.com

MARKETING MANAGER

Emily Szweda

emilys@sjpbusinessmedia.com

PUBLISHER

Wayne Darroch

PRINTING BY Buxton

Subscription enquiries:

Data Centre Review is a controlled circulation magazine available free to selected personnel at the publisher’s discretion. If you wish to apply for regular free copies then please contact: subscriptions@datacentrereview.com

Data Centre Review is published by

5250 kVA POWER BUILT TO

RELIABLE BACKUP POWER SOLUTIONS FOR DATA CENTRES

The 20M55 Generator Set boasts an industry-leading output of 5250 kVA, making it one of the highest-rated generator sets available worldwide. Engineered for optimal performance in demanding data centre environments.

PRE-APPROVED UPTIME INSTITUTE RATINGS

ISO 8523-5 LOAD ACCEPTANCE PERFORMANCE | BEST LEAD TIME

cabinet with custom configurations to meet your network needs.

Next-generation cabinet with custom configurations to meet your network needs.

Scalability

Configuration platform to create cabinet to meet your specification and requirements

Scalability

Ease of Use

Maximum Cooling 80% perforated doors for increasing power density in newer deployments

applications

Flexibility

Universal design for server or network applications

Flexibility

Universal design for server or network applications

Flexibility

Universal design for server or network applications

Configuration platform to create cabinet to meet your specification and requirements

Scalability

Configuration platform to create cabinet to meet your specification and requirements

Easy to adjust E-rails, PDU installation and accessories to reduce installation time

Ease of Use

Easy to adjust E-rails, PDU installation and accessories to reduce installation time

Easy to adjust E-rails, PDU installation and accessories to reduce

Integrated Intelligence Turnkey deployment with pre-configured PDU, access control and environmental monitoring

Intelligence Turnkey deployment with pre-configured PDU, access control and environmental monitoring

Integrated Intelligence Turnkey deployment with pre-configured PDU, access control and environmental monitoring

Robust

Solid construction with Best-in-Class load rating for secure installation

Robust

Solid construction with Best-in-Class load rating for secure installation

Robust

Solid construction with Best-in-Class load rating for secure installation

Security

Choice of key lock, 3-digit combo or HID electronic and/or keypad lock.

Security

Choice of key lock, 3-digit combo or HID electronic and/or keypad lock.

Security

Choice of key lock, 3-digit combo or HID electronic and/or keypad lock.

Enhanced Cable Management

Choice of key lock, 3-digit combo or HID electronic and/or keypad lock.

Enhanced Cable Management

Choice of tool-less fingers, vertical cable manager and front-to-back cable manager

Enhanced Cable Management

Choice of tool-less fingers, vertical cable manager and front-to-back cable manager

Choice of tool-less fingers, vertical cable manager and front-to-back cable manager www.panduit.com

Choice of tool-less fingers, vertical cable manager and front-to-back cable manager

Resilient physical infrastructure: Key defence against data breaches

Hans Obermillacher, Manager Business Development, Panduit EMEA

In today’s digitally accelerated economy, data is both an invaluable asset and a high-value target. With artificial intelligence (AI), high-performance computing (HPC), and smart building systems proliferating, the need for secure, high-capacity infrastructure has never been greater. Meanwhile, cyberattacks are growing more complex, targeting enterprises, public infrastructure, and data centres with unprecedented intensity.

Often overlooked, physical infrastructure has become a critical layer of data security. Without robust cabling, enclosures, access controls, and power systems, even the most advanced digital defences can be undermined. In this era of rapid AI adoption and regulatory scrutiny, securing the physical layer is essential to protecting both data and business continuity.

Building long-term, strategic alliances with industry leaders, such as Cisco and Dell, ensures engineered joint solutions to guarantee interoperability. Together, we supply seamless solutions to ensure infrastructure is secure and reliable meeting customers requirements.

Cyber threats are multiplying in scale and sophistication. Attackers exploit weaknesses not only in networks and software but also in the physical environment, through direct access to ports, devices, and cabling. The convergence of IT and operational technology (OT) in intelligent buildings has expanded the attack surface, creating multiple entry points that demand unified oversight.

Governments and regulators are responding. Frameworks such as the EU’s NIS2 Directive and ISO/IEC 27001:2022 standards explicitly require stronger physical safeguards in infrastructure, particularly across critical national infrastructure (CNI) sectors like energy, healthcare, transportation, finance, and large-scale data centres.

Cybersecurity is chiefly viewed through a digital lens: firewalls, intrusion detection, endpoint monitoring. However, physical vulnerabilities often underlie major breaches, from unsecured cabinets to unmanaged devices. Effective physical security strategy must include:

• Port blocking mechanisms to prevent unauthorized access

• Access control systems that log and monitor enclosure entry

• Environmental monitoring to detect tampering or movement

• Detailed asset documentation for accountability and traceability

These measures form a tangible first line of defence, reducing attack vectors and aligning operations with compliance mandates.

Urban hubs are being transformed by intelligent building systems that drive automation, analytics, and energy optimisation. Yet as environments grow smarter, they also become more vulnerable. Ethernet-based automation, surveillance networks, HVAC controls, and even lighting systems are now cyber targets.

Defending these spaces requires a unified network architecture that integrates IT and OT, backed by a secure physical backbone. Infrastructure must support high-speed data transmission, minimal interference, and reliable power, while protecting the pathways AI and automation depend on.

National regulations are also redefining the scope of secure enterprise. In the UK, for example, facilities above one megawatt (MW) are classified as critical national infrastructure and must comply with strict cybersecurity and resilience policies. Meeting these standards demands comprehensive control over both digital and physical infrastructure.

Compliance priorities for physical infrastructure include:

• Enterprise-wide asset inventories and documentation

• Auditable access control to network equipment

• Incident response readiness and forensic record-keeping

• Segregated, backup architectures to enable faster disaster recovery

These requirements are not box-ticking exercises; they are strategic safeguards to protect digital transformation investments.

Cybersecurity is no longer just about prevention, it’s about resilience. When attacks

occur, enterprises must rapidly isolate compromised systems and restore operations. Modern disaster recovery strategies increasingly rely on physically separate network segments and redundant systems to ensure continuity.

This demands proactive physical planning: duplicate switchgear, dedicated power circuits, alternate cabling routes, and properly documented backup systems. Though resourceintensive, such redundancy often determines whether organisations recover quickly or suffer prolonged outages.

Cybersecurity is impossible without visibility. In infrastructure, that means knowing where every device is, how it connects, and who has accessed it. Real-time asset inventories, paired with centralised monitoring and video surveillance, create a full picture of infrastructure activity. This visibility not only strengthens day-to-day defences but also supports audits, investigations, and compliance reporting.

Physical infrastructure integrity will dictate cybersecurity outcomes. From structured cabling to intelligent monitoring of enclosures, organisations that treat physical infrastructure as integral to their cybersecurity framework will be best positioned to:

• Meet regulatory requirements

• Minimise risks of breach or disruption

• Protect digital transformation investments

• Ensure long-term resilience and business continuity

Securing physical infrastructure is no longer optional. It must become the secure backbone of modern enterprises, the foundation on which digital defences, compliance, and operational resilience are built. Companies that prioritise physical infrastructure today will not only defend against data breaches but also create a resilient platform for the AI-driven future.

STOP cooling the room; START engineering the loop

WStephanie Buschmann

, Corporate Account Manager, Global

Data Centres at Ecolab, explains how water-centric, instrumented liquid cooling – from clean commissioning to chemistry control –can unlock density while improving PUE and WUE.

hen I began my career in industrial water systems, the heat we worried about typically came from boilers, turbines or heavy manufacturing lines. Today, I spend much of my time thinking about kilowatts per rack. The thermal challenge in data centres is no longer incidental; it is central to how operators plan capacity, protect assets, and meet sustainability commitments.

AI has changed the equation. Where a rack once might have drawn 5-10 kW, modern GPU-dense racks routinely operate an order of magnitude higher. That rising power density is driving both thermal constraints and tough choices about how to cool effectively and efficiently. The result is that the cooling strategy now sits alongside IT and facilities in conversations about business continuity and capital planning.

Why water matters and why it must be managed

Water is an excellent heat-transfer medium. Used intentionally via closed loops, high-efficiency heat exchangers and targeted rack-level cooling, it enables thermal density without the massive energy penalty of relying solely on over-air-cooling the room. But water also introduces complexity: fluid concentration, contamination, corrosion and microbiological growth are operational risks when coolant passes within millimetres of high-value AI chips.

Two industry facts frame the urgency. Today, US data centres already account for roughly 4% of national electricity usage, with authoritative forecasts pointing toward materially higher shares as AI workloads scale. And where energy grows, so can water demand – unless operators design systems to minimise consumptive loss and maximise reuse.

So, what does practical, engineering-led water stewardship look like in a modern data centre?

1) Treat the coolant loop like a process plant, from day one Too many projects treat loop cleanliness as a commissioning afterthought. In liquid-cooled deployments, cleanliness is foundational. Pre-commission flushing, particulate control and hydrotesting protocols reduce the very real risk of particulates lodging in sub-millimetre cold-plate channels.

Co-authored with Ecolab, the Open Compute Project’s recent guidance on thermal control system pre-commissioning details this approach including staged filtration, documented flush procedures and verification sampling (OCP TCS Pre-Commissioning Guide).

From an engineering perspective, insist on a documented ‘procedure water’ spec for all fills and acceptance tests, and require a sign-off on conductivity, turbidity and visible clarity before handing over to IT. It’s generally less expensive to trap and remove welding debris or minerals in a temporary flushing skid than to recover a clogged cold plate in a live rack.

2) Instrument early, instrument often

Real-time visibility will change the operational math. And temperature alone is not enough. The telemetry that matters for fluid health includes coolant concentration, pH, electrical conductivity, dissolved oxygen, flow, and turbidity. The good news is, continuous data helps operators detect slow drifts such as rising conductivity (which signals salt creep), or subtle turbidity spikes that can precede a clogged loop.

In the end, this is not about replacing lab analysis, but more about turning lab checks from occasional confirmations into continuous triggers for action. The vital combination of real-time edge sensors and periodic lab validation provides both speed and accuracy to support optimal performance.

3) Mind materials compatibility and the biology problem

There’s no getting around it: fluids interact with metallurgy, gaskets and coatings. That’s why it’s critical to specify materials that are proven compatible with your coolant chemistry and validate component compatibility in advance.

Similarly, microbes love warm, low-flow niches. A single ‘dead leg’ of piping can seed a biofilm that compromises heat transfer and corrodes components. Be sure to eliminate dead legs, maintain adequate flow velocities during commissioning, and ensure biocide strategies are documented and reversible where environmental discharge rules apply.

4) Think in systems, not silos: Integrate cooling with energy and operational planning

Liquid cooling changes the load profile of existing chillers, cooling towers, and heat rejection systems. Treat the rack-level loop and the facility-level loop as a single system (rather than two separate components) in capacity planning.

Ultimately, what you do at the chip affects pump sizing, bypass valves, and heat exchanger selection upstream. This holistic view also reveals opportunities to reuse heat or leverage free-cooling windows to lower both energy and water footprints.

Well-designed and maintained liquid cooling can help unlock higher rack density, reduce chiller capacity, extend equipment life, and improve PUE and WUE metrics

Cooling as a competitive advantage

For operators, the upside is clear and tangible. Well-designed and maintained liquid cooling can help unlock higher rack density, reduce chiller capacity, extend equipment life, and improve PUE and WUE metrics. That said, the technical bar is high: success depends on engineering disciplines that many data centre ops teams are still building including water chemistry, microbiology, filtration design and real-time instrumentation.

If cooling is a strategic lever, you have to treat it like one. Work with experienced vendor partners that offer appropriate levels of expertise, codify commissioning and monitoring practices, and measure water as precisely as you measure power. With these strategies in place, cooling will stop being a constraint and start delivering value.

Heat recovery

is the secret to decarbonising data centres

Simon Prichard, EMEA ITC

Business Leader at Mitsubishi Electric, makes the case for heat recovery strategies –simultaneous heat/cool chillers, water-source heat pumps and district networks – that slash emissions and supply hot water.

Data centres are the backbone of modern communication and the flow of information, and they power every aspect of our digital lives. The growing use of technology like AI is pushing the demand for the computing power, storage and infrastructure that data centres offer higher. In fact, the Government now recognises that data centres are a critical part of the long term plan to lead in AI.

However, the transmission of large amounts of data also requires a lot of energy, and data centres are responsible for 1% of global greenhouse gas emissions as a result. This means we must find ways of reducing how much energy these buildings use and strike a balance between the UK’s ambitions for digital transformation and current targets for net zero.

One way this can be achieved is through heat recovery, which means using the otherwise wasted heat from data centres to heat nearby buildings. A number of countries are already putting this into practice using technologies such as heat pumps and heat networks – and if rolled out in the UK, it could allow data centres to play a critical role in the UK’s transition towards low carbon heat.

Progress is already being made

Several countries are already introducing legislation designed to reduce

the energy consumption of data centres. For example, the European Union’s Energy Efficiency Directive requires owners with data centres of a minimum capacity of 500kW operating within the EU to disclose the energy performance of their buildings. The regulation also plans to introduce minimum sustainability performance standards for data centres later this year.

Germany has also established specific requirements for data centres operating in the country within its Energy Efficiency Act. This means operational data centres must achieve a power usage effectiveness of 1.5 or lower by 2027, and 1.3 or lower by 2030. The re-use of waste heat is also a requirement for business operations with an average annual energy consumption of more than 2.5GWh, with data centres having to achieve 10% heat re-use by 2028.

Closer to home, the UK’s Building Regulations require the owners and managers of commercial buildings – including data centres – to reduce the carbon emissions of these buildings by 27%. The Government has also introduced plans to create ‘AI Growth Zones’, which will include the establishment of an AI Energy Council to address the increased energy demands of these buildings.

So how can we build on this progress, and further reduce the impact data centres have on the environment?

Heat recovery can play a role

There has been a great deal of focus on selecting the right cooling technologies to reduce energy consumption, heat recovery can also help.

In simple terms, heat recovering involves using the otherwise wasted heat from data centres to heat nearby buildings using technologies such as heat pumps. The heat output of data centres is typically 30°C-35°C, and heat pumps use water at this temperature as a heat source and increase the temperature to 70°C or 80°C. While the heat output depends on whether the network is third- or fourth-generation, this heat energy can then be used to heat nearby homes, or to supply domestic hot water to commercial buildings such as shops or hotels to meet fluctuating demand.

Heat networks can also be used to distribute waste heat from data centres to homes in nearby towns and cities. These work by distributing heat and hot water from a central source to surrounding buildings via a large network of pipes, improving energy efficiency while supporting the transition to more renewable home heating.

It’s also important to consider the output, size and location of a data centre when choosing the best method for heat recovery, as this can affect the type of approach taken. For example, simultaneous heating and cooling chillers can be useful for data centres with coincidental heating and cooling loads. It is also possible to use a dedicated water source heat pump that uses condenser water or return chiller water from a data centre’s cooling system as its energy source.

Technology is vital to power the UK’s digital economy, but we must also find ways to reduce the amount of energy these buildings consume

Putting this into practice

A number of countries are already adopting heat recovery to reduce the energy consumption of data centres. For example, Tallaght in the Republic of Ireland is home to the country’s first low carbon district heating network. The scheme uses ejected heat from a data centre to power heating demand for nearby homes, and peak requests in winter are satisfied by dedicated heat pumps and a heat pump module. The network is estimated to reduce pollutant emissions in the South Dublin County region by nearly 1,500 tonnes per year.

Fortum, a Finnish energy company, is also putting this into practice. The company’s district heating scheme uses a heat pump to capture waste heat from a data centre to supply its heat network – and also provide cooling for the data centre. The data centre currently delivers 2,200GWh of heat annually and serves 7,000 customers across its network.

The UK’s data centre market is booming, driven by rising demand for computing power and the continued adoption of AI. Technology is vital to power the UK’s digital economy, but we must also find ways to reduce the amount of energy these buildings consume. Heat recovery can build on the progress that has already been made, while also supporting the transition to renewable heating in our homes and businesses. This will allow us to reduce the impact of data centres on the environment and ultimately reach net zero sooner.

In an industry which is fast paced and volatile, you need to be as agile as your customers, we know what data centre and mission critical facility operators demand. Centum™ Force Series, our game-changing series of containerised solutions have you covered with Cummins renowned robust power in the most flexible package possible.

• Stackable design – maximise space and increase power

• Accelerated startup – faster commissioning and cost saving

• Integrated systems – for faster repositioning or redeployment

• Global support – wherever you need power, we’ve got your back

Continuity, not capex, will decide who wins the AI build-out

TWith CNI status sharpening oversight, Steve Clifford, Director of Data Centres at EMCOR UK, says only integrated, in-house engineering and phased delivery can meet AI-era risk, compliance and uptime demands.

o many, building new data centres might seem like a new kind of arms race, as countries and organisations equip themselves with the infrastructure to support the rising demand for AI processing power. In the UK alone, the 484 existing data centres are forecast to grow by almost 100 by 2030.

With this surge in development, organisations will be keen to do the groundwork – but without in-depth planning, from development to ongoing strategic maintenance, companies might find themselves running before they learn to walk.

Initial thorough consultations with an end-to-end developer reduce reliance on an ongoing patchwork of suppliers, who can increase miscommunication and cause project delays across the supply chain. In an industry where 100% uptime is paramount, the consequences of hasty decision-making can be severe.

Prioritising end-to-end continuity through in-house engineering means that the same teams build, manage and maintain data centres for long-term operational excellence. Seeing continuity as a strategic tool is key – bespoke solutions for the data specialisms of a centre require careful orchestration from initial consultation to ongoing management.

Logistical foundations

The first stage to any project is outlining logistical challenges, mapping out development against compliance, and aligning these factors with the customer’s needs. This foundational phase demands meticulous attention to multiple constraints that can make or break a project before ground is broken.

Grid availability is limited, land is constrained, and planning approvals can take years. Addressing these in isolation can cause costly delays and suboptimal outcomes; it’s imperative to identify and plan strategically as early as possible.

Compliance needs are equally complex – builds must align with

ISO frameworks, local authority regulations, and critical national infrastructure (CNI) standards. In 2024, the Government classified data centres as CNI, akin to water and emergency service systems. This means data centres will have greater government support in recovering from and anticipating critical incidents, under a CNI data infrastructure team of senior Government officials and the National Cyber Security Centre.

This emphasis on data centres as national recovery systems means that, depending on the project, stricter governance might apply, including on physical security, advanced monitoring and detailed incident reporting.

Rather than rushing to develop a space, collaborators must consider this complex ecosystem of requirements. Contractors and consultants should be chosen with care, ensuring the delivery team can manage mobilisation and plan for long-term performance so the space remains fit for purpose throughout its life. The chosen team must be capable of reviewing all stakeholder needs across an organisational supply chain, ensuring alignment across the entire ecosystem.

Phased development for operational excellence

Once logistical needs are met and development is underway, in-depth planning is crucial. The building stage differs depending on whether an organisation wants to build greenfield or retrofit an existing site. Will it be built on a strict, singular timeline or in multiple phases?

A phased approach might be most appropriate if retrofitting a site as modernisation requires uptime for ongoing functionality.

An engineering-first approach identifies and mitigates risks at the design, manufacturing and installation phases. For example, over half of

the UK data centres currently in development are planned for London, and doing so in dense city spaces poses clear build challenges. In these tight spaces, 3D modelling techniques map out every millimetre and coordinate designs before action is taken onsite, and time-lapse visualisations can depict project progress in a digestible format.

Engineering providers demand strict maintenance scheduling and control, but trust and honesty are non-negotiable, too. Scheduling regular client meetings at the build stages maintains open risk communication and allows for collaborative decision making. Investment in consistent, knowledgeable teams will oversee data centres from initial development to long-term system reliability.

Continuous evolution: Optimising spaces for the future

When a greenfield or retrofitted space is up and running, the work has only just begun. Ongoing maintenance is key, of course, but a truly forward-thinking approach will recognise that data centre requirements are constantly evolving, particularly as new technologies emerge and mature.

AI and HPC workloads are pushing rack densities higher, creating new demands for thermal management, airflow and power draw. These evolving requirements necessitate a flexible infrastructure that can adapt to changing demands without requiring complete reconstruction.

Many operators are also embedding smart systems, from IoT sensors to predictive analytics tools, into designs. These platforms provide real-time visibility of energy use, asset performance and environmental conditions, enabling data-driven decision-making and continuous optimisation.

Operators may also upgrade spaces to higher-efficiency systems and smart cooling, which support better PUE outcomes and long-term energy savings. When paired with digital tools for energy monitoring and predictive maintenance, teams can deliver on smarter operations and provide measurable returns on investment. This technological evolution requires teams that understand both current capabilities and future possibilities.

In an industry where 100% uptime is paramount, the consequences of hasty decision-making can be severe

Consistency is key

End-to-end data centre consultation should never be generic. Bespoke design, builds, and ongoing maintenance provide the foundation for longterm operational success.

In the data centre industry, infrastructure uptime is a national imperative as well as a business requirement. Data breaches, power failures and overheating systems have a significant impact on the safety of sensitive data in the financial sector, healthcare and beyond.

Continuity is more than the standard; it’s a strategic imperative serving both business objectives and national interests.

Build the future of data centres. Build your career.

We’re building something different at Soben. With fast-paced growth and real investment in people, there’s never been a better time to join us.

From myths to meaning: How data centres are powering purposeful careers

By David Lymburn and Helena Mubiru, Soben, part of Accenture

The world runs on data. Every time we stream, connect, collaborate, or create, we rely on the unseen infrastructure of data centres. These spaces - once thought of as silent, faceless buildings - are now the beating heart of our digital world. And behind them are the people driving innovation, sustainability, and performance: people like you.

At Soben, we’re not just helping to build the data centres of tomorrow - we’re redefining what it means to build a career in this fastevolving sector.

A new era of data centre growth

Cloud adoption, AI innovation, and global connectivity are driving extraordinary demand. As this expansion continues, the focus is shifting from sheer scale to smarter, more sustainable growth - projects that balance efficiency, performance, and environmental responsibility.

That’s where Soben operates; at the intersection of cost, carbon and community. By combining deep sector expertise with data-driven insight, we help leading technology clients deliver future-ready facilities - and offer talented people the chance to grow their careers on some of the most exciting projects in the world.

Debunking the myths

Few industries attract as much curiosity - or misconception - as data centres. As demand grows, so too do the questions: Are they sustainable? Do they use too much water? What value do they bring to local communities?

In an industry evolving at pace, it’s easy for outdated perceptions to linger. The truth is far more dynamic. Today’s data centres are smarter,

greener and more socially connected than ever before - built with precision and designed to give back. Let’s separate fact from fiction and explore how the sector is adapting to meet the world’s digital - and environmental - demands.

Myth 1: Data centres are just about IT

Debunked: Data centres are about people, places and performance. They bring together engineers, cost consultants, designers, sustainability specialists, and planners to deliver critical infrastructure. Technology may be the driver, but human expertise is what turns digital ambition into reality.

Myth 2: Data centres waste too much water

Semi-debunked: The sector is making major strides in water efficiency, but it is not 100% there. Innovative cooling solutions, such as closed-loop systems, adiabatic controls and liquid immersion cooling, are drastically reducing consumption. Many operators now publish water usage effectiveness (WUE) data and adopt design standards tailored to local climates to ensure responsible resource management.

Myth 3: Data Centres don’t benefit local communities

Debunked: Far from being isolated “black boxes”, data centres are key economic contributors. They create thousands of skilled jobs, support local supply chains and stimulate investment in transport, utilities and training. Many projects now include community engagement programmes, apprenticeships, and long-term partnerships that deliver value well beyond the site boundary.

Myth 4: AI is making data centres less sustainable

Debunked: The rise of AI has led to a surge in compute-heavy workloads, raising valid concerns about sustainability. AI training models require more power than traditional workloads, and some fear that this boom could reverse progress made in green DC design.

But this overlooks a crucial shift: AI is not only consuming energy - it’s helping save it.

Google, for instance, uses AI to optimise its data centre operations, resulting in a 30% reduction in cooling energy. Microsoft and Meta are investing heavily in liquid immersion cooling, a breakthrough that uses far less energy and water than traditional air-cooling methods - and is particularly well-suited to high-density AI loads. Hyperscale operators are doubling down on renewable energy, with ambitious net-zero targets by 2030 or sooner. Sustainability is no longer optional - it’s the metric by which data centre developments are measured. From green procurement practices to grid decarbonisation partnerships, the sector is evolving to ensure that AI-led growth doesn’t come at the planet’s expense.

Why now?

This is one of the most exciting times to build a career in data centres. The sector is global, fast-moving, and mission-critical - blending engineering with environmental stewardship, innovation with impact.

At Soben, we believe people are at the heart of progress. That’s why we’re investing in talent, training, and opportunity - empowering our teams to deliver projects that matter.

Build the future of data centres.

Build your career: sobencc.com/careers

GETTING GERMANY RIGHT

The test case for net zero, AI-ready data centres

Germany’s Energy Efficiency Act sets the tone for Europe, but without policy evolution and investment in heat networks, Alec Stewart, Partner at Cundall, warns high-performance computing could be pushed elsewhere.

ermany has long been a leader in environmental policy. A position it continues to maintain with the release of its Energy Efficiency Act (EnEfG) in early 2024. It sets out clear targets for data centres to cut emissions and accelerate the shift toward renewables. But over a year into its rollout, whilst suited for traditional air-cooled facilities, it may be missing the mark for the new breed of AI data centres.

As other countries look to Germany for policy leadership, what happens there is likely to affect the rest of Europe. How well this legislation balances ambition with feasibility must be examined if we are to get it right elsewhere.

The targets are clear

The EnEfG outlines structured requirements on how data centres are to

be designed, built, and operated. Existing facilities (operational before July 1, 2026) must meet a PUE of 1.5 by July 2027 and 1.3 by 2030. New builds commencing after July 2026 must meet an annualised PUE of 1.2.

The Act also mandates heat reuse for facilities consuming over 2.5GWh annually. Those operational from July 1, 2026 must reach an energy reuse factor (ERF) of 10%, rising to 15% in 2027 and 20% in 2028. Exceptions are possible, like when local heat networks are unavailable or if municipalities commit to developing them within 10 years. However, operators are still required to install the necessary infrastructure.

While the policy reflects Germany’s ambition to be an environmental leader, it has shown it is willing to be flexible to acknowledge the constraints in achieving it. However, this flexibility doesn’t cover the new demands of high-performance computing, which are changing how data centres are designed and operated.

The pressure of AI

Since the large-scale use of generative AI emerged with ChatGPT in 2022, demand for AI-ready facilities has grown. The result is that data centres now need to accommodate higher compute density. We are seeing loads of 25kW as the new standard, with peaks reaching 75kW. Additionally, the halls themselves are scaling upwards, reaching 10MW capacity with configurations of 20x24 racks.

To manage this, liquid cooling is required. The challenge at present is that the hyperscale customers are not fully aligned with the technical water temperatures they require within their data halls. At the lower end, this is pushing facility chilled water temperatures down, which has an

impact on chiller performance. This impact means that PUE metrics are starting to rise again rather than go down, as the targets require.

With air-based systems unable to cool the high-computing servers, liquid cooling is the only option to ensure performance is maintained, but this goes against remaining compliant.

What about the waste heat?

The Act’s ERF targets are also concerning. Although reusing heat to warm ancillary spaces or maintain generator components is feasible, this is a small fraction of the overall thermal load, and not close to the 20% the Act requires in 2028.

Transferring heat to local networks is often seen as the scalable solution, and we’ve seen the success of that in the Nordics and Poland. It can be a sustainable and economically attractive solution for data centre operators, reusing their heat and saving money whilst doing it. However, in practice, it is much harder to achieve and can’t be done everywhere. It relies heavily on third-party investment and has the existing infrastructure in place.

Whilst the Act does highlight that exemptions exist, these rely on the decisions of third parties or future municipal development. For a data centre operator, this puts them in a difficult position when planning a new build data centre, as they can’t be sure if the heat reuse infrastructure will be in place by the time stated by the regulations.

Finding a balance

The industry shares the Act’s decarbonisation goals, and net zero carbon

If we are to succeed in reaching our net zero carbon targets, getting it right in Germany will be vital

data centres are still a target for many operators. However, given the pace of change, meeting the goals of the current framework is proving to be technically and financially challenging. Germany is positioned to be a hub for data centres in Europe. Still, the demands for lower PUEs and higher ERF requirements pose challenges to bringing high-performance computing to the area.

To stay on track, the legislation needs to evolve with current demands. In addition, investment needs to be committed to regional heat networks so that the infrastructure is in place for these facilities to take advantage of. It comes down to collaboration. Data centre operators, designers, governments, and technology providers will need to collaborate to find realistic pathways to decarbonisation.

Germany has set a bold example, and as is often the case, will be a space other countries look for direction. The sector is watching the country right now to see how the next few years play out, and so if we are to succeed in reaching our net zero carbon targets, getting it right in Germany will be vital.

In the modern digital economy, data centres must deliver almost perfect uptime while reducing energy consumption and carbon emissions. The DC power backbone, including power supplies, DC-UPS systems and redundancy modules, plays a critical role in achieving this balance. This article outlines how PULS 24 V technology helps operators improve efficiency, reliability and sustainability in demanding data centre environments.

The challenge: Efficiency, availability and space

Data centre operators face growing pressure to improve security and energy performance, comply with regulatory frameworks such as NIS2 and national energy efficiency requirements, and maintain consistent availability. Every second of downtime risks data loss and service disruption. At the same time, operators must maximise space in crowded racks and switchgear while keeping power usage effectiveness (PUE) as low as possible. The PUE is calculated by dividing a site’s total energy use by the energy drawn by the IT load. The closer the figure is to 1.0, the smaller the overhead.

To meet these requirements, the DC power chain must be compact, reliable and highly efficient. Traditional AC-DC systems or bulky UPS units often occupy valuable space and generate excessive heat. Modern 24 V DC power technology from PULS provides a smarter, lighter and more reliable alternative.

Compact, high-efficiency 24 V power supplies

PULS power supplies are designed for high efficiency and minimal self-consumption, reducing waste heat under all load conditions. This efficiency directly improves PUE and helps to lower cooling requirements. The units’ compact design makes them ideal for use in control cabinets or decentralised 24 V DC distribution systems, where every

Powering resilience: How advanced 24 V DC power solutions strengthen data centre reliability

Maximilian Hülsebusch, Global Product Marketing & Communications Manager, PULS

millimetre counts.

PULS also provides power supplies with an integrated decoupling function that eliminates the need for separate redundancy modules. This approach can save up to 45 % of cabinet space and simplify wiring, helping engineers reduce both component count and installation time.

Redundancy modules for reliable operation

PULS redundancy modules based on MOSFET technology ensure uninterrupted operation when a power supply unit fails. These modules allow seamless switching without voltage dips and balance the current evenly between parallel power supplies to minimise thermal stress.

The modules are compact and lightweight, which simplifies integration into spacerestricted environments such as power distribution panels.

By isolating faults and distributing loads, redundancy modules significantly extend system lifetime and ensure that critical IT and cooling systems remain continuously supplied.

DC-UPS systems for reliable bridging

Power interruptions during mains failure or generator changeover can be highly critical in a data centre. PULS DC-UPS systems provide

MEET PULS AT DATACENTRES IRELAND 2025

PULS will showcase its latest DC power innovations at DataCentres Ireland 2025 from November 19th to 20th. Visitors can experience our high-efficiency power supplies, redundancy modules and DC-UPS systems designed for modern data centre applications at booth 242. The exhibition offers an ideal opportunity to meet PULS experts and discuss how to enhance reliability, efficiency and sustainability in your own power infrastructure.

reliable bridging power that keeps control, monitoring and safety circuits operational during such events.

Depending on the application, operators can choose maintenance-free capacitor-based DCUPS units for short interruptions or batterybased systems for longer backup periods.

The PULS “1-Battery Concept” ensures each battery is charged and monitored individually, improving lifespan and avoiding the need for matched battery sets.

These solutions protect data integrity, prevent sudden shutdowns and allow time for controlled transitions to backup power sources.

The benefits of PULS 24 V DC solutions for data centre operators

Improved reliability

Redundancy modules and DC-UPS systems eliminate single points of failure and keep loads supplied during disruptions.

Higher efficiency

High-efficiency power supplies reduce power losses and heat generation, lowering the cooling effort required and allowing a tighter packing density.

Optimised space and simplicity

Compact components and integrated redundancy save space and reduce installation complexity.

Lower Total Cost of Ownership

Longer component life, less maintenance and lower energy costs contribute to reduced lifecycle expenses.

Support for sustainability goals

By improving energy efficiency and modularity, PULS technology helps operators meet environmental and regulatory targets.

THE SMART CHOICE FOR CRITICAL POWER

Power without compromise: introducing the Yuasa SWL+ series

In today’s always-on world, even a moment of power loss can have serious consequences. That’s why GS Yuasa has launched SWL+, a next-generation standby battery built for the demands of UPS systems, data centres, telecoms, and critical infrastructure.

Made in the UK, SWL+ builds on the proven performance of the SWL range with advanced materials and technologies that improve life span, discharge performance, and reliability - all in the same familiar format.

At its core is hybrid pure Lead technology, which combines ultra-pure Lead with a refined alloy to boost power density and resist corrosion. This ensures rapid, reliable discharge during outages - exactly when it’s needed most.

HT Element X Alloy™: The science behind SWL+ Longevity

Sustainability is also key. SWL+ is produced using ecofriendly processes in Yuasa’s UK factory and is up to 98% recyclable at end-of-life - supporting your environmental goals without compromising on performance. Best of all, SWL+ is a drop-in replacement for UK-manufactured SWL models. There’s no need for retrofits or additional infrastructure - just upgrade and go.

Manufactured in the UK at Yuasa’s Ebbw Vale facility, SWL+ retains everything operators value in the original SWL line while introducing a host of technical enhancements. This makes it ideal for critical digital infrastructure such as data centres, telecoms, hospitals, industrial systems, and emergency response facilities - anywhere that failure is not an option.

Built for power, designed to last

For decades, GS Yuasa’s SWL range has set the standard for standby power in the UK and across Europe. Known for its reliability, performance, and compatibility with a wide range of UPS systems, it has powered everything from high-rise buildings to vital infrastructure. Now, that legacy continues - and evolves - with the launch of SWL+, a high-performance, long-life sealed lead acid (SLA) battery designed for modern critical backup needs.

SWL+ is the smart choice for critical power. When reliability matters most, trust the battery that leads the way.

For over 40 years, Europe’s cities and infrastructure have trusted Yuasa for critical standby power. Now, the new SWL+ series builds on that legacy with more power, longer life, and zero compromise.

15 year design life (12 years @25°C) with enhanced highrate performance

15 year design life (12 years @25°C) with enhanced

Will water, not watts, decide how far AI can scale?

Rachel Bratt, Senior Consultant for Climate Risk at EcoAct (part of Schneider Electric), argues that hidden water stress is fast becoming the gating factor for digital infrastructure growth, as she explains

AI may be intangible, but its infrastructure is anything but.

Behind every AI-generated response or data insight lies a network of hyperscale data centres. These are massive physical assets that consume enormous amounts of electricity and water. As demand for AI skyrockets, so too does the strain on local water systems that sustain and cool these super machines.

Water risk, long the undercurrent in sustainability conversations, is moving to the forefront. This is especially apparent in companies scaling digital capabilities or reliant on always-on operations. From server rooms in drought-prone regions to co-location sites vulnerable to grid instability, the age of AI is also the age of water stress.

The cost of water hides its risk

One of the main factors that has obscured water risk is that it is often underpriced. Many corporate systems record it as a utility cost, not as a variable that could materially disrupt operations – a misclassification that renders water risk effectively invisible in most budgeting, procurement and risk management processes.

Most organisations measure what they use directly. However, very few consider how much water is required to power their servers, process their inputs, or keep their suppliers operating. Even fewer understand what happens if that water changes in quality: if it arrives hotter, more saline, or more contaminated. These shifts can impair equipment, force shutdowns and degrade processing environments, yet are not reflected in conventional risk models.

Nowhere is this blind spot more obvious than digital infrastructure. A single 1MW data centre can use over 25 million litres of water annually, and as AI adoption accelerates, global water withdrawal for AI workloads is expected to reach 1.7 trillion gallons per annum by 2027 – more than four times Denmark’s annual consumption. Yet despite this trajectory, water remains largely absent in boardroom agendas – a risk that could quickly undermine the very systems driving future growth.

Water risk, investment and profit

In some sectors, water stress is increasingly a gating factor in operational expansion. For example, data centre site selection increasingly accounts for water availability. Industrial planning must factor in drought risk and public opposition to water abstraction. Infrastructure approvals are tightening. Access to permits is becoming contingent on showing credible water management strategies. Investment decisions are being challenged by regulators and communities based on long-term water availability.

In high stakes digital environments, even a few hours of downtime due to water shortages or cooling disruptions can have enormous consequences – from data loss and productivity hits to customer complaints and contractual penalties.

The financial signals are flashing. Even if global temperature increases are limited to 1.5°C above pre-industrial levels, 31% of global GDP ($70 trillion) will be exposed to high water-stress. The business case for action is no longer hypothetical. It is a question of when water stress affects your operations, not if.

Even if water stress is not financially material to a business’ operations, there are reputational and regulatory risks associated with water stress. Disclosure expectations are shifting from general ESG statements to sitespecific, model-backed risk data. Frameworks such as TNFD and SBTN are accelerating uptake of watershed-level assessment. Mandates from CSRD and CDP are pushing companies to demonstrate scenario resilience and transparent risk governance. This shift is raising the bar from awareness to accountability.

The hidden water cost of energy and AI

Effective water risk assessment requires more than tracking consumption. It demands an understanding of two dimensions: physical exposure and operational vulnerability.

Exposure is shaped by geography and climate. It reflects where assets are located, how stressed those water systems are today, and how climate modelling suggests that will change over time. Vulnerability depends on the role water plays in an operation, whether a site can continue without it, how infrastructure is configured, and whether alternatives or mitigation options exist.

AI adoption adds new complexity. Most companies chasing digital transformation have not recalibrated for the water intensity of modern workloads. Without access to resilient water supply and effective wastewater strategies, high-performance computing becomes a liability.

Every watt consumed by an AI server must be generated, transmitted and cooled, often through water-intensive systems. And yet traditional water metrics barely register this dependency. A business may feel secure because it lacks physical production sites, but if its data centre sits atop a strained aquifer or relies on a fragile cooling loop, its exposure remains high.

Many metrics focus solely on volume, ignoring seasonality, contamination or the risk of infrastructure failure. New modelling tools including satellite imaging, sub-basin climate models, and catchment-level forecasting are offering more granular views of exposure. These tools offer a level of insight that has not previously been available, although uptake has been slow.

Where companies get it wrong and what CXOs can do now

Getting ahead of water risk means taking proactive, measurable steps before disruption hits. The gap between perception and reality is growing. The companies that catch up first will have more room to act. The ones that wait may have fewer options and higher costs.

For leaders seeking to strengthen organisational resilience, several steps can help translate awareness into action:

1. Map localised exposure across operations and supply chains

Focus on high-stress geographies and functions with elevated dependency, such as cooling, processing, and cleaning. Go beyond direct consumption, assess where your operations, particularly digital infrastructure, rely on water intensive services. Use water footprinting and catchment-level analysis to understand context and risk concentration

2. Integrate water into enterprise risk and investment planning

Embed water risk in ERM, business continuity and CapEx decisions. Model how stress could affect asset viability or sourcing flexibility.

3. Adopt risk-based performance KPIs

Track metrics like reuse ratios, withdrawal intensity in stressed areas, discharge quality, and adaptation costs – not just total usage.

4. Understand upstream and downstream exposure

Your vulnerability may sit with your suppliers, infrastructure hosts or logistics partners. Engage them early.

5. Collaborate at the watershed level

Water resilience requires collaboration. Companies can work with peers, local governments, and civil society to co-develop adaptive strategies and invest in basin-wide stewardship.

Water remains largely absent in boardroom agendas – a risk that could quickly undermine the very systems driving future growth

Reframing water: from compliance issue to strategic lever

Water sits at the intersection of environmental risk and financial exposure. It affects operational continuity, long-term asset value, and the ability to grow in a resource-constrained world. For AI-native businesses, it’s no longer just a climate consideration but a critical infrastructure dependency.

The cost of inaction is rising. In a world of constrained supply and rising expectations, leadership teams that embed water risk into core planning today will be far better positioned to navigate tomorrow’s shocks. In sustainability, we often talk about materiality. With water, the materiality is no longer in question.

The only question is whether business leaders will respond, not just in policy but in practice.

Does the UK’s AI data centre vision need a rethink?

Pointing to AIGZ thresholds that outstrip current locations, Charlie Bruinvels, Head of Land Intelligence at BCS, calls for collaborative, region-first Energy Infrastructure Projects from Scotland to Leeds and Wales to make AI viable beyond west London.

Earlier this year the UK Government announced a new initiative to boost AI infrastructure and innovation. This was a follow-up to the decision to class data centres as part of the Critical National Infrastructure alongside energy and water systems and saw the creation of AI Growth Zones (AIGZ).

AI Growth Zones are designated areas with enhanced access to resources like power and a more streamlined approach to planning. The UK Government says they will support the planning approach to attract investment, drive innovation and strengthen the UK’s position as a global leader in AI.

This all sounds great, but how will it work in practice?

Having reviewed the initiative ‘AI Growth Zones: Open for Applications’, in summary it sets out the parameters required for a particular location to be classified as an AIGZ. The parameters are split into categories for Technical Feasibility, Delivery Feasibility, Local Impact and the Level of Government Support Requested.

Taking a deep dive into the technical parameters, we can see the requirements for power, water and land are enormous. For example, the minimum power supply required is 500MW by 2030 per zone, which is significant when we consider that most data centres over the last decade have been up to 50MW. There are also requirements for access to water, a minimum plot size and to have consented planning by 2028.

So where are we going to find all these sites that can meet these requirements?

Well in simple terms we aren’t because they don’t exist and that is before you factor in the broader infrastructure context that is at play here too – as the data centre sector is not the only one that needs power. As a result, I believe that the ‘Data Centre Masterplan’ needs to be reconsidered.

A good starting point for this is to imagine that we are creating an Energy Infrastructure Project, of which the data centre is just a small part, and that way we can start to consider the scale of the project required. Key to this is the 500MW minimum set out in the initiative as approaching the National Grid for a dual 500MW connection is going to be challenging to say the least.

Firstly, we need to identify the power sources that can deliver to that level and also provide the same reliability we are used to with a traditional dual-fed grid connection. This means that opening the door to other sources is essential and there is a significant draw towards a direct connection to renewable sources of power, such as tidal, wind, solar and also through technology such as gas turbines.

We also need to consider the infrastructure onsite to manage the power load, which means there is a requirement for high-specification energy centres and switchgear.

Could Energy Infrastructure Projects be the answer?

The concept of the Energy Infrastructure Project can also meet the other requirements of the AIGZ initiative around Local Impact and Delivering Feasibility. The initiative calls for the site to enhance the surrounding regional innovation ecosystem and provide local benefits such as jobs, investment in local infrastructure, and the regeneration of brownfield land.

The scale of these sites is such that brownfield land becomes attractive and huge investment is required to develop the site. Furthermore, thousands of jobs will be generated across the UK not only for the construction phase, but also to operate these facilities.

Making it feasible

The final part of the initiative is ‘Delivering Feasibility’. The initiative states that sites in existing low grid congestion areas will be looked at favourably and this is critical for Energy Infrastructure Projects as they will also be generation facilities.

The initiative also sets out a requirement to demonstrate the initial proposals and delivery team and at BCS we are championing collaboration between the Local Authority, renewable technology businesses, contractors and data centre operators, as we believe that this is essential to get a project at this scale off the ground.

Driving regeneration

Thinking back across the last decade, data centres in the UK have been clustered in west London and Slough, and the AIGZ initiative calls for the industry to look elsewhere. This makes markets such as Scotland, Leeds and Wales particularly appealing when considering where to position an AIGZ – as they all tick several of the boxes and we may also see significant regeneration in these areas.

Data centres are just part of the solution

Moving forward, if the sector is going to maximise the opportunities for AI and support the UK Government’s plans which commit to building a ‘cutting-edge, secure, and sustainable AI infrastructure’ then we have to address the issue that power is most likely a limiting factor. By making the data centre part of the solution rather than the solution on its own, and focusing on developing Energy Infrastructure Projects, we can ensure that the UK is at the heart of the AI revolution.

By making the data centre part of the solution rather than the solution on its own, we can ensure that the UK is at the heart of the AI revolution

SAVETHEDATE

RDS, Dublin: 19-20 Nov 2025

Infrastructure • Services • Solutions

DataCentres Ireland combines a dedicated exhibition and multi-streamed conference to address every aspect of planning, designing and operating your Datacentre, Server/ Comms room and Digital storage solution – Whether internally, outsourced or in the Cloud.

DataCentres Ireland is the largest and most complete event in the country. It is where you will meet the key decision makers as well as those directly involved in the day to day operations.

Entry to ALL aspects of DataCentres Ireland is FREE

• Market Overview

• Power Sessions

• Connectivity

• Regional Developments

• Heat Networks and the Data Centre

60+ Speakers & Panellists

100+ Exhibitors

Networking Reception

• Renewable Energy

• Standby Generation

• Updating Legacy Data Centres

WHAT’S THE WEAKEST LINK in data centre defence? People.

John Bekisz, Vice President of Data Centre & Critical Infrastructure Practice at Guidepost

Solutions, contends

that only a layered security programme can shut

down insider threats.

Inside data centres, the greatest risk doesn’t always come from hackers outside the firewall, it often comes from the people within. Whether through deliberate sabotage or a simple mistake, insiders can expose sensitive data and disrupt operations. The infamous Office of Personnel Management (OPM) breach in the United States is a stark reminder of how devastating such vulnerabilities can be. To counter these threats, data centre operators are adopting new technologies to shrink their attack surface. But true resilience requires more than tools. It demands strategies that address the human element at the core of security.

The strategies implemented by data centres to support their security posture and provide more layers of defence revolve around the principle of a layered approach of overlapping operational, cyber, physical, and electronic countermeasures.

In my work, I’m finding that data centre providers and operators are still using on-premises solutions, such as video surveillance systems existing on an organisation’s corporate network. This allows users needing access to these systems the ability to manage them globally, without having to make use of or expose sensitive assets to someone else’s ‘cloud’.

On-premises control extends beyond just video surveillance. It has evolved from a simple ‘castle and moat’ philosophy to a sophisticated, multilayered integration of technologies.

Recent trends offer additional countermeasure choices along with evolving technologies and/or processes. This includes deploying biometrics (such as fingerprint or iris recognition) along with brass keys and traditional access control. Every entry point, from the perimeter fence to individual server cages, is monitored and logged, creating a detailed audit trail of all physical access.

Data centres are also implementing technologies such as mobile credentials and mobile visitor management systems that offer a secure and convenient way to manage physical credential distribution and permanence. Additionally, the use of QR codes and biometrics has become increasingly popular for visitor management to better verify user identities and add an extra layer of security.

Consistent auditing and integration between human resource databases, physical credential management systems, and logical credential management is critical to ensure that disgruntled employees don’t come back as visitors or gain access to assets.

Popular, yet practical, trends such as artificial intelligence and machine learning foster a more proactive approach to analyse and assess data in a more robust and real time manner, enabling security management and response professionals to be alerted of potential breaches and act accordingly. For example, advanced access control analytics provide realtime insights into access patterns and anomalies.

By continuously monitoring access control transactions, security management personnel can be alerted to unusual activities that may indicate potential security breaches or misuse of credentials. Access control analytics can flag anomalies and alert management immediately, enabling swift investigation and response, such as an employee who typically accesses the data centre during regular business hours begins accessing it late at night.

While data centres implement advanced security technologies, such as access control analytics and biometric authentication, the human element remains a critical weak point. The insufficient integration between security program management, vendor management, visitor management, and human resources creates a gap often leading to vulnerabilities that can spawn insider threats.

HR departments play a crucial role in the hiring process, but they may lack the necessary insights into security protocols and potential threats. Conversely, security teams might not have access to comprehensive employee data that HR manages. Organisations must bridge this gap by integrating security program management with HR functions.

I have been advising my data centre clients to place greater emphasis on personnel vetting and background check processes. Continuous evaluation and more stringent background checks ensure that individuals with access to critical systems are thoroughly vetted and monitored. Additionally, I strongly encourage security teams and HR to share relevant data, align policies, and conduct joint training sessions. By doing so, they can create a more cohesive approach to insider threat mitigation, ensuring that both technological and human factors are addressed comprehensively.

When it comes to security, modern data centres demand a layered and integrated approach. Advanced technologies like AI-driven analytics, biometrics, and mobile credentialing, in conjunction with a collaborative effort between security teams and HR, will better address the growing risk of insider threats and ensure a more effective security program.

SMART, SCALABLE, SUSTAINABLE POWER FOR YOUR DATA CENTRE

• True ultra-high online eﬃciency of up to 98.1%

• Smart Modular Architecture enables risk-free scalability

• Optimise upfront investment & lower overall TCO

• Reduce maintenance costs with long-life components