Why the inbox is becoming the weakest link in DC security

Author: Joe Peck

As AI accelerates demand for digital infrastructure, data centre operators are investing heavily in power, cooling, and resilience. Yet, while the industry focuses on physical infrastructure challenges, one of the most common and effective cyberattack methods remains far more familiar: email.

In this exclusive article for DCNN, Billy McDiarmid, VP Customer Engineering at Red Sift, argues that phishing, impersonation, and supply-chain email attacks are becoming an increasingly serious risk for operators managing high-value AI workloads and complex partner ecosystems:

Email security

The data centre industry is in the middle of an unprecedented expansion that is unleashing economic growth across the United Kingdom, creating more than 43,000 jobs, according to Datum.

Still, with AI workloads driving historic demand for power, cooling, and high-density computing, operators are racing to accommodate new capacity. As a result, the UK Government is fast tracking planning approvals, with entire regions repositioning themselves as AI infrastructure hubs through the UK’s AI Growth Zones. Yet, amid this rapid growth, the industry is overlooking a threat that is far more mundane than liquid cooling, grid constraints, or even expansion protests.

For all the advancements of modern data centre design, the most common entry point for attackers going after network security is still the inbox. Today, email remains the primary vector for things like phishing, impersonation, and invoice fraud. As AI accelerates both the value of data centre workloads and the sophistication of cyberattacks, the gap between physical resilience and basic things like email security is becoming a critical vulnerability.

Modern data centres are complex ecosystems of operators, contractors, equipment vendors, and service partners. Every one of these relationships is mediated through email, and when attackers impersonate a supplier, mimic an executive, or compromise a contractor’s mailbox, they gain a direct path into the operational heart of a facility. A single fraudulent email can trigger misconfigurations, grant unauthorised access, or divert critical payments. These are not hypothetical scenarios; they are the most common form of cyberattack across infrastructure-reliant industries, according to the NCSC. And the threat now extends beyond the inbox. Just last year, attackers created a domain impersonating a logistics platform used by UK freight brokers, causing significant operational disruption and financial losses, with estimates ranging from £40,000 to £160,000 per incident.

AI is increasing the sophistication of attacks

Now, with the cost of entry for bad actors at near zero, AI is only exacerbating the problem. Attackers can now generate highly convincing phishing messages tailored to specific individuals, roles, or organisations. They can scrape public data to mimic writing styles, automate reconnaissance, and craft messages that bypass traditional filters. Deepfake audio and video add another layer of credibility to fraudulent requests. The result is an environment where even experienced professionals struggle to distinguish legitimate communication from malicious intent.

At the same time, the value of what sits inside data centres has never been higher. AI models, training datasets, and proprietary algorithms represent some of the most valuable intellectual property in the world. A breach that once disrupted a handful of virtual machines can now compromise entire AI pipelines. This makes data centre operators and their supply chains irresistible targets. And because email is the easiest and cheapest attack vector to exploit, it is where attackers focus their efforts.

Email security must become baseline infrastructure protection

The industry has invested heavily in physical security, redundancy, and environmental resilience. Ironically, email security has not kept pace.

For the UK, this is not just a corporate hygiene issue; it is about network security and ensuring trust behind the country’s most iconic industries. Enforcing modern email authentication standards, such as email security across data centre operators and their supply chains, must be treated as a baseline security requirement, not an optional control left to individual organisations. Unfortunately, according to a recent analysis at Red Sift, over 39% of the top organisations in the UK are not enforcing DMARC.

With foreign threats on the rise, the status quo that viewed email security as ‘nice to have’ is no longer tenable. It is a real world infrastructure risk, just like locking the front door to the building. If an attacker can impersonate a trusted partner, they can influence operational decisions. If they can compromise a contractor’s account, they can gain access to sensitive systems.

And because data centre operations depend on a vast network of suppliers, these standards must extend across the entire ecosystem, not just within the operator’s perimeter.

Regulation is pushing security higher up the agenda

Recent regulations are starting to move in this direction. The UK Government, as well as those around Europe, are tightening requirements around identity verification, communication security, and supply-chain resilience. It is also pushing forward on the Cyber Security and Resilience bill, an important step in this direction. As AI becomes more central to national infrastructure, these expectations will only grow. Operators who invest early in robust email security will be better positioned to meet emerging compliance demands and to reassure customers that their most sensitive workloads are protected.

Enterprises choosing where to host their AI workloads want to know that partners are resilient not only in physical infrastructure but in digital channels as well. The future of data centre resilience depends on recognising that the inbox is not a theoretical risk; it is the front line, just as the security guard out front is.

As the AI era accelerates, the industry must build not only bigger and more efficient facilities, but safer and more trustworthy communication systems. Email may be one of the oldest technologies in the digital world, but securing it is one of the most urgent challenges facing the data centre sector today.