Why the inbox is becoming the weakest link in DC security

As AI accelerates demand for digital infrastructure, data centre operators are investing heavily in power, cooling, and resilience. Yet, while the industry focuses on physical infrastructure challenges, one of the most common and effective cyberattack methods remains far more familiar: email. In this exclusive article for DCNN, Billy McDiarmid, VP Customer Engineering at Red Sift, argues that phishing, impersonation, and supply-chain email attacks are becoming an increasingly serious risk for operators managing high-value AI workloads and complex partner ecosystems: Email security The data centre industry is in the middle of an unprecedented expansion that is unleashing economic growth across the United Kingdom, creating more than 43,000 jobs, according to Datum. Still, with AI workloads driving historic demand for power, cooling, and high-density computing, operators are racing to accommodate new capacity. As a result, the UK Government is fast tracking planning approvals, with entire regions repositioning themselves as AI infrastructure hubs through the UK’s AI Growth Zones. Yet, amid this rapid growth, the industry is overlooking a threat that is far more mundane than liquid cooling, grid constraints, or even expansion protests. For all the advancements of modern data centre design, the most common entry point for attackers going after network security is still the inbox. Today, email remains the primary vector for things like phishing, impersonation, and invoice fraud. As AI accelerates both the value of data centre workloads and the sophistication of cyberattacks, the gap between physical resilience and basic things like email security is becoming a critical vulnerability. Modern data centres are complex ecosystems of operators, contractors, equipment vendors, and service partners. Every one of these relationships is mediated through email, and when attackers impersonate a supplier, mimic an executive, or compromise a contractor’s mailbox, they gain a direct path into the operational heart of a facility. A single fraudulent email can trigger misconfigurations, grant unauthorised access, or divert critical payments. These are not hypothetical scenarios; they are the most common form of cyberattack across infrastructure-reliant industries, according to the NCSC. And the threat now extends beyond the inbox. Just last year, attackers created a domain impersonating a logistics platform used by UK freight brokers, causing significant operational disruption and financial losses, with estimates ranging from £40,000 to £160,000 per incident. AI is increasing the sophistication of attacks Now, with the cost of entry for bad actors at near zero, AI is only exacerbating the problem. Attackers can now generate highly convincing phishing messages tailored to specific individuals, roles, or organisations. They can scrape public data to mimic writing styles, automate reconnaissance, and craft messages that bypass traditional filters. Deepfake audio and video add another layer of credibility to fraudulent requests. The result is an environment where even experienced professionals struggle to distinguish legitimate communication from malicious intent. At the same time, the value of what sits inside data centres has never been higher. AI models, training datasets, and proprietary algorithms represent some of the most valuable intellectual property in the world. A breach that once disrupted a handful of virtual machines can now compromise entire AI pipelines. This makes data centre operators and their supply chains irresistible targets. And because email is the easiest and cheapest attack vector to exploit, it is where attackers focus their efforts. Email security must become baseline infrastructure protection The industry has invested heavily in physical security, redundancy, and environmental resilience. Ironically, email security has not kept pace. For the UK, this is not just a corporate hygiene issue; it is about network security and ensuring trust behind the country’s most iconic industries. Enforcing modern email authentication standards, such as email security across data centre operators and their supply chains, must be treated as a baseline security requirement, not an optional control left to individual organisations. Unfortunately, according to a recent analysis at Red Sift, over 39% of the top organisations in the UK are not enforcing DMARC. With foreign threats on the rise, the status quo that viewed email security as 'nice to have' is no longer tenable. It is a real world infrastructure risk, just like locking the front door to the building. If an attacker can impersonate a trusted partner, they can influence operational decisions. If they can compromise a contractor’s account, they can gain access to sensitive systems. And because data centre operations depend on a vast network of suppliers, these standards must extend across the entire ecosystem, not just within the operator’s perimeter. Regulation is pushing security higher up the agenda Recent regulations are starting to move in this direction. The UK Government, as well as those around Europe, are tightening requirements around identity verification, communication security, and supply-chain resilience. It is also pushing forward on the Cyber Security and Resilience bill, an important step in this direction. As AI becomes more central to national infrastructure, these expectations will only grow. Operators who invest early in robust email security will be better positioned to meet emerging compliance demands and to reassure customers that their most sensitive workloads are protected. Enterprises choosing where to host their AI workloads want to know that partners are resilient not only in physical infrastructure but in digital channels as well. The future of data centre resilience depends on recognising that the inbox is not a theoretical risk; it is the front line, just as the security guard out front is. As the AI era accelerates, the industry must build not only bigger and more efficient facilities, but safer and more trustworthy communication systems. Email may be one of the oldest technologies in the digital world, but securing it is one of the most urgent challenges facing the data centre sector today.

HSCALE expands Milan hyperscale data centre plans

HSCALE, a London-based pan-European hyperscale data centre developer, has completed the acquisition of a second hyperscale data centre campus in northwest Milan, Italy, bringing its total planned power capacity in the region to 250MW. The company, which is backed by Bain Capital, says the combined investment across both Milan campuses will exceed €2 billion (£1.7 billion), with facilities expected to be ready for service in 2028. Both campuses are located in Settimo, northwest Milan, an area the company describes as one of the region’s most established hyperscale infrastructure locations. HSCALE says the sites are fully owned, with power capacity secured and pre-construction work already underway. According to the company, the projects are intended to support growing demand for hyperscale cloud and AI infrastructure across Southern Europe. Oliver Schiebel, CEO of HSCALE, explains, “We designed HSCALE's Milan campuses around a simple principle: the building should never be the bottleneck. "Our base design is liquid-cooled first, built for the most demanding hyperscale and AI workloads, and can pivot to air-cooled traditional deployments in the same physical structure. No redesign, no additional capex. "We design and build like this because we understand the long-term commitments our customers must make.” Flexible cooling designs target AI workloads HSCALE says the campuses have been designed to support multiple cooling approaches, including air cooling, direct liquid cooling, and hybrid configurations. The company states that this flexibility is intended to support both traditional cloud infrastructure and higher-density AI workloads without requiring major facility redesigns. Paul Berry-Selwood, CCO at HSCALE, says, “Milan is one of the strongest hyperscale markets in Europe and we are committing around €2 billion to this region because we understand what the market needs and are serious about its growth potential. "Our team closed the second site, secured the power, and is already progressing through pre-construction, ensuring we deliver real capacity as fast as possible.” The announcement also highlights Milan’s growing role as a connectivity hub, supported by the Milan Internet Exchange and increasing hyperscale investment outside traditional FLAP-D markets. Renewable energy and regional investment plans HSCALE says its Milan energy strategy currently targets an electricity mix with approximately 50% renewable generation, including solar, wind, and hydroelectric sources. The company also states that it is working with Aquila Clean Energy as part of a wider clean energy partnership. In addition to infrastructure investment, HSCALE says the developments are expected to create jobs across construction, engineering, IT, and data centre operations within the Milan region. The company is also supporting local initiatives including the Festival di Villa Arconati cultural event.

Bergen secures 500+ MW of orders from Liberty Energy

Bergen Engines, a Norwegian manufacturer of medium-speed gas and dual-fuel engines, has secured an order from Liberty Energy for more than 500MW of onsite power generation capacity to support AI data centre developments in the United States. The projects will use gas-powered generation systems capable of operating both independently from the grid and in parallel with utility infrastructure, supporting high-density AI computing environments. The developments are being delivered through Liberty Energy’s Liberty Power Innovations division, which focuses on distributed power infrastructure for AI-era data centres. Under the agreement, Bergen Engines will supply 45 gas generator sets, each rated at 11.2MWe, providing a combined installed capacity exceeding 500MW. The infrastructure combines Bergen Engines’ medium-speed engines with alternators from Marelli Motori and SHIELDX dynamic power stabilisation technology from Piller Power Systems. Power stability for AI workloads According to the companies, the SHIELDX platform is designed to manage rapid fluctuations in AI-related power demand by stabilising short-duration load variations. The flywheel-based system is intended to help maintain stable power delivery while reducing the need for oversized generation infrastructure. Ron Gusek, CEO of Liberty Energy, says, “AI data centres are fundamentally changing how power infrastructure can be designed and deployed, and this initial order with Bergen Engines reflects a shared commitment to providing reliable, high-efficiency power solutions to support critical data centre infrastructure growth. “Collaborating with Bergen Engines strengthens our power platform, serving as an important component of our broader integrated solution that includes LPI’s Forte modular power generation architecture and Tempo power quality system. "Together, we will be able to deliver essential power generation infrastructure to support the demanding requirements of next-generation computing.” Theo Lorentzos, Vice President Sales Americas at Bergen Engines, adds, “These environments require robust baseload generation and the ability to respond to rapid and significant load fluctuations. "By working in partnership with Liberty and integrating SHIELDX, we are delivering a solution that combines proven generation performance with the flexibility required for AI-driven demand profiles.” Dean Richards, CEO of Piller Power Systems, comments, “SHIELDX protects the generation assets from highly dynamic, sub-second load behaviour, enabling stable plant operation under extreme load fluctuations. This ensures optimal engine performance while delivering consistent, high-quality power to the data centre.” Deliveries for the projects are scheduled to begin during the second half of 2027.

EDGE Modular launches containerised data centres

EDGE Modular has launched globally, expanding its containerised data centre offering for edge computing, telecoms, and remote infrastructure deployments. The New Zealand-based company, a division of Edge Defence, designs and manufactures modular data centre systems intended for rapid deployment in locations where traditional construction may be impractical or time-consuming. According to EDGE Modular, the systems are aimed at organisations requiring scalable infrastructure for edge computing and localised data processing. The company says its modular approach allows systems to be manufactured, tested, and deployed more quickly than conventional brick-and-mortar facilities, while also supporting future expansion through scalable designs. John Gell, General Manager at EDGE Modular, explains, “Our mission is to provide innovative, containerised data centre solutions tailored to the unique needs of each client. "We ensure efficiency, quality, and flexibility for future growth in every project we undertake.” Modular infrastructure for edge computing EDGE Modular’s portfolio includes containerised data centres in 10ft, 20ft, and 40ft formats, alongside telecom exchange units, command and control rooms, battery storage systems, and specialist workshop environments. The company states that its infrastructure is designed for deployment in remote and challenging environments, with systems transportable via road, rail, or sea using standard shipping container logistics. EDGE Modular also says its systems are designed for concurrent maintainability, allowing maintenance work to be carried out without interrupting critical operations. In addition to manufacturing, the company provides infrastructure consultancy, system design services, and maintenance support for deployed installations.

Extreme weather prompts revision of cooling strategies

Following warnings from scientists that current climate conditions are brewing extreme weather in the months ahead, Aggreko, a British temporary power generation and temperature control company, says it is calling upon data centre managers to revise their cooling strategies ahead of time or face the consequences. Global sea temperatures of 21°C were reported last month - the second highest on record for the month of April - with scientists now pointing to another El Niño warming cycle that could significantly intensify extreme weather. These temperatures are marginally lower the 21.04°C recorded in April 2024 ahead of the last El Niño weather event, which ended up being the fourth warmest year on record for the UK. With a long, hot summer potentially in store, Chris Smith, Head of Temperature Control at Aggreko, says he is urging the data centre sector to review its cooling infrastructure before the heatwave arrives. He suggests, “We need only look back at 2024 to see what El Niño might have in store for us this year. Summer temperatures regularly exceeded 30°C, placing immense pressure on data centre cooling infrastructure and even leading to full-blown equipment failure in worst-case scenarios. “The reality is: current cooling strategies simply aren’t designed to deal with this kind of weather or to operate in these temperature ranges. For this reason, now is the time to start reviewing current cooling infrastructure to assess whether it’s still fit for purpose so the right measures can be brought in ahead of time. “The main thing to look out for is ageing assets, as these are at the greatest risk of lower efficiency, overheating, and failure. Engaging with a specialist temperature control partner can help implement temporary cooling and industrial HVAC solutions to bridge gaps during equipment failures, manage seasonal demand peaks, and provide N+1 redundancy for greater operational resilience.” Data centre cooling under pressure With rack densities on the rise, data centre cooling infrastructure is arguably under greater pressure than ever before, with the cost of outages reportedly becoming more expensive. In the Uptime Institute’s 2026 outage analysis, cooling accounted for 14% of all impactful outages - the second biggest contributor behind power - while one fifth of respondents stated that their most recent outage cost more than $1 million (£745,000). In the face of this challenge, Aggreko believes hybridised packages consisting of battery energy storage systems (BESS) and temporary chillers or cold storage units are becoming an increasingly popular option for the data centre industry. Here, the company notes, the chiller or cold storage unit can provide scalable, supplementary cooling capacity, with the BESS powering the package while enhancing efficiency, reducing costs, minimising environmental impact, and offering near-silent operation versus a standard generator. Chris continues, “While we’ll have to wait and see what the summer has planned for us, now is nonetheless a prime time to re-evaluate cooling strategies and identify where efficiency gains can be made. "Procuring temporary cooling from a third-party specialist not only allows access to the latest, high-efficiency technology, but also opens the door to a number of creative solutions, such a hybridisation, which just aren’t feasible in-house. “While cooling is just one of the challenges that data centre managers have to contend with at the moment, the gains this can deliver, alongside the resilience it provides against the threat of outages, mean that this is more than a worthwhile operational solution.” For more from Aggreko, click here.

Vultr launches Milan cloud data centre region

Vultr, a privately held cloud infrastructure company, has launched a new cloud data centre region in Milan, expanding its European footprint to nine locations. The Milan site becomes Vultr’s 33rd global cloud data centre region and was announced during AI Week 2026 at Fiera Milano Rho. The company is also participating in the event as a platinum sponsor and co-host of the AI Agent Olympics Hackathon. Vultr says the Milan region will provide access to its AI and cloud infrastructure portfolio, including its VX1 cloud compute platform, bare metal services, and GPU infrastructure based on technologies from NVIDIA and AMD. The company states that the new region is intended to support workloads including AI, SaaS platforms, databases, analytics, ERP applications, microservices, and APIs. Milan joins Vultr’s existing European regions in London, Amsterdam, Frankfurt, Manchester, Madrid, Paris, Stockholm, and Warsaw. Milan expansion targets AI and enterprise demand According to Vultr, the Milan region is designed to provide low-latency connectivity for European users while supporting increasing demand for AI and cloud infrastructure services. The company says its global network is positioned to reach 90% of the world’s population within 2–40 milliseconds. J.J. Kardwell, CEO of Vultr, comments, “Italy is one of Europe's fastest-growing cloud infrastructure markets, and Milan is at the heart of it. Vultr is here because the enterprises and developers driving that growth need high-performance cloud infrastructure without the cost and complexity of the traditional hyperscalers. "This is a long-term investment in Italy and in European AI innovation." Vultr has also connected its Autonomous System Number (ASN) to the Milan Internet Exchange (MIX) to support local traffic routing, lower latency, and increased regional bandwidth capacity. The company says its cloud compute platform supports configurations ranging from two to 192 vCPUs. For more from Vultr, click here.

Eastern Light expands Nordic fibre capacity

Eastern Light, a Stockholm-based independent operator building and owning long-haul dark fibre submarine cable routes, has started construction of the Nordic Corridor, a new subsea fibre cable system connecting Sweden and Finland. The project includes the SF-II subsea connection and represents an investment of approximately €30 million (£26 million). Combined with the company’s existing SF-I cable system, the Nordic Corridor is intended to increase digital communications capacity between the two countries. Eastern Light currently operates the SF-I subsea cable between Sweden and Finland, which contains 144 fibres. The new SF-II system will add a further 288 fibres through a combination of terrestrial and subsea infrastructure. According to the company, the expanded system is designed to meet increasing demand for digital capacity across the Nordic and Baltic regions, particularly as data centre development accelerates. Mikael Vesterlund, COO of Eastern Light, says, “We are seeing rapidly growing demand for digital capacity in the Baltic Sea region, driven primarily by investments in data centres across the Nordics. "Several of the existing cable systems are old and are beginning to reach full utilisation. That is why we need to expand digital capacity between the countries. The Nordic Corridor is an important step in meeting this development.” New cable route designed around resilience Eastern Light says the SF-II deployment will take place in several phases. The first stage, extending to Finnish territorial waters near the Åland archipelago, was completed in May. The company states that the cable route has been designed to remain within national waters, reducing risks associated with international routes and simplifying future repair work if required. Eastern Light also says the Nordic Corridor is owned and financed by Nordic stakeholders. Mikael continues, “The Nordic Corridor is a project of critical importance to society. In the event of security incidents, data must be able to take alternative routes. "That is why we are now strengthening the robustness of the system by building a new fibre connection between Sweden and Finland. More cables are needed.” The SF-II project will span approximately 480km and has an estimated operational lifespan of around 50 years. The subsea cable itself will weigh approximately 566 metric tonnes.

Techno Digital commissions Mumbai edge data centre

Indian data centre developer Techno Digital has announced the completion of its Mumbai Edge Data Center (EDC) in Mahalakshmi, South Mumbai, India. Developed in partnership with RailTel Corporation of India, the facility is built to Rated-3 infrastructure standards and is now fully operational. The site has been designed to support enterprise workloads through a smaller infrastructure footprint focused on low latency and connectivity. The Mumbai EDC is positioned to support businesses operating in Mumbai’s financial districts, providing a reported latency of less than 150 microseconds from the Bombay Stock Exchange in Nariman Point and less than 250 microseconds from the National Stock Exchange of India in Bandra Kurla Complex (BKC). The facility is located near business districts including BKC, Nariman Point, Worli, Lower Parel, Mahalakshmi, and Fort, allowing organisations to deploy infrastructure closer to operational sites. A focus on low-latency connectivity Key features of the facility include: • Low-latency connectivity across Mumbai business districts• Access to RailTel’s nationwide fibre network, spanning more than 63,000km• Infrastructure designed to support sovereign and compliance-focused workloads Its proximity to Mumbai’s cable landing stations is also intended to support international connectivity while maintaining low-latency domestic performance. The Mumbai facility forms part of Techno Digital’s wider edge data centre expansion strategy in partnership with RailTel. The company plans to launch five additional edge locations, with a longer-term target of expanding to 102 sites across India over the next three to four years. Ankit Saraiya, Director & CEO of Techno Digital, comments, “As India’s digital economy scales, infrastructure requirements are evolving beyond capacity to include proximity and performance. "The Mumbai EDC is designed to align infrastructure with demand centres, particularly in high-performance environments such as financial services and real-time platforms. "At Techno Digital, our mission is to build a leading distributed network of interconnected edge infrastructure that matches the concentration of economic and digital activity. The Mumbai facility represents a key milestone in that journey.” Amit Agrawal, President of Techno Digital, adds, “In a city like Mumbai, where milliseconds can impact outcomes, infrastructure placement becomes critical. "This facility combines low-latency architecture, strong connectivity, and sovereign infrastructure to support performance-critical workloads ranging from trading and fintech platforms to real-time AI inferencing and enterprise applications. "It is designed to deliver the reliability and responsiveness required in latency-sensitive environments.” For more from Techno Digital, click here.

'External threats a rising cause of outages for data centres'

External infrastructure failures and outages linked to fibre and connectivity issues are becoming more prominent for data centres, according to new research from the Uptime Institute, a US-based independent data centre standards and certification body. Despite that, on-site outages for data centres have declined for the fifth consecutive year, with approximately one in 10 noting that their last outages had a serious or severe impact. The cost of major outages continued to rise, with 57% stating that their most recent major outage cost over $100,000 (£74,800) and one in five reporting a cost of over $1 million (£748,000). Richard Petrie, CTO of the London Internet Exchange (LINX), comments, “Networking and connectivity continue to sit at the top of the most common causes of IT outages, reinforcing the importance of resilience in this area. "As organisations face growing pressure from network congestion, external threats, and increasing reliance on third-party providers, resilience across both network and data centre infrastructure is becoming critical. "While it’s encouraging to see on-site outages declining as infrastructure providers continue to prioritise resilience, the risks posed by external failures mean organisations still need robust redundancy policies in place for when outages do occur. "The backbone of a strong redundancy strategy is a secondary fabric that allows data to be rerouted during periods of disruption or risk, helping organisations remain operational even when the primary network is compromised. "By providing multiple options to route traffic, organisations can strengthen resilience and help networks stay online.” Power failures a contributing a factor The leading cause of impactful outages was power, with failures involving UPS systems, transfer switches, and generators remaining prominent. Worsening grid constraints and high-density workloads were also found to contribute to outages as a newer challenge. To adapt, the research outlined that operators are adapting investment strategies towards automation and control systems in order to manage complexity, despite acknowledging that more automation can cause different classes of problems. In line with the causes of outages, resilience assessments were found to focus more on internal systems than on external and systemic risks. Andy Lawrence, founding member and Executive Director of Uptime Intelligence, says, “Outages overall have slowed down and, overall, digital infrastructure is remarkably resilient. But further resiliency gains are becoming harder to achieve. “We believe that over time, failures will increasingly not be the result of a single point of failure, but instead be linked to complex interactions between systems, including software, networks, and external dependencies. "While site-based electrical and mechanical infrastructure remain a critical building block that needs to be resilient, digital infrastructure is becoming more distributed with outages originating outside the data centre, including those tied to power availability, network connectivity, or the reliance on external cloud services playing a larger role.”

Zayo Europe expands network into Genoa

Network infrastructure provider Zayo Europe has expanded its Southern European network with a new point of presence (PoP) in Genoa, Italy, strengthening connectivity between Mediterranean subsea cable systems and its terrestrial fibre network. The new point of presence is located within Quadrivium Digital’s QGEN01 facility and extends Zayo Europe’s existing Italian footprint alongside sites in Milan and Rome. According to the company, Genoa is becoming an increasingly important landing point for subsea cable systems connecting Europe with Asia (including the Middle East) and Africa. Zayo Europe says the expansion is intended to support growing traffic flows across the Mediterranean region while providing alternative connectivity routes into major European hubs including Frankfurt and Paris, as well as interconnection points in Barcelona and Lisbon. Subsea connectivity expanding network diversity The company states that the new route options are designed to provide additional network diversity and reduce reliance on traditional connectivity routes through Marseille. Quadrivium Digital says the deployment also gives customers within the QGEN01 facility direct access to Zayo Europe’s wider network and more than 600 connected data centres across Europe. Aditya Ayyagari, CEO of Quadrivium Digital, comments, “This partnership positions QGEN01 as a key interconnection hub in the Mediterranean ecosystem. “By combining direct access to new subsea systems with Zayo Europe’s diverse terrestrial routes, we are enabling customers to efficiently reach key traffic hubs like Barcelona and Lisbon, as well as the US, while achieving greater route diversity and lower latency across global networks.” Colman Deegan, CEO of Zayo Europe, adds, “The digital map of Europe is evolving and our expansion into Genoa is a direct response to our customers’ need for greater resilience and choice. “By connecting this important Mediterranean landing point to our 400G-enabled backbone, we are creating a seamless bridge between subsea systems and our terrestrial infrastructure. "Ultimately, this ensures our customers have access to the scalable, high-capacity connectivity required to support the next wave of cloud and AI-driven growth.” For more from Zayo Europe, click here.