Data Centre Security: Protecting Infrastructure from Physical and Cyber Threats

Datadog partners with AWS to launch in Australia and NZ

Datadog, a monitoring and security platform for cloud applications, has just launched its full range of products and services on the Amazon Web Services’ (AWS) Asia-Pacific (Sydney) Region. The launch adds to existing locations in North America, Asia, and Europe. The new local availability zone enables Datadog, its customers, and its partners to store and process data locally, enabling in-region capacity to meet applicable Australian privacy, security, and data storage requirements. This, according to the company, is crucial for an increasing number of organisations - particularly those operating in regulated environments such as government, banking, healthcare, and higher education. “This milestone reinforces Datadog’s commitment to supporting the region’s advanced digital capabilities - especially the Australian government’s ambition to make the country a leading digital economy,” says Yanbing Li, Chief Product Officer at Datadog. “With strong momentum across public and private sectors, our investment enhances trust in Datadog’s unified and cloud-agnostic observability and security platform, and positions us to meet the evolving needs of agencies and enterprises alike.” Rob Thorne, Vice President for Asia-Pacific and Japan (APJ) at Datadog, adds, "Australian organisations are on track to spend nearly A$26.6 billion [£12.84 billion] on public cloud services alone in 2025. "For organisations in highly regulated industries, it isn’t just the cloud provider that needs to have local data storage capacity, it should be all layers of the tech stack. "This milestone reflects Datadog’s priority to support these investments. It’s the latest step in our expansion down under, and follows the continued addition of headcount to support our more than 1,100 A/NZ customers, as well as the recent appointments of Field CTO for APJ, Yadi Narayana, and Vice President of Commercial Sales for APJ, Adrian Towsey, to our leadership team.” For more from Datadog, click here.

Netscout expands cybersecurity systems

Netscout Systems, a provider of observability, AIOps, cybersecurity, and DDoS attack protection systems, has just announced Adaptive Threat Analytics, a new enhancement to its Omnis Cyber Intelligence Network Detection and Response (NDR) solution, designed to improve incident response and reduce risk. The aim with the offering is to "enable security teams to investigate, hunt, and respond to cyber threats more rapidly." Cybersecurity professionals face a challenge in the race against time to detect and respond appropriately to cyber threats before it's too late. Alert fatigue, increasing alert volume, fragmented visibility from siloed tools, and cunning AI-enabled adversaries create a compelling need for a faster and more effective response plan. McKinsey & Company noted last year that despite a decline in response time to cyber-related risks in recent years, organisations still take an average of 73 days to contain an incident. In the threat detection and incident response process, comprehensive north-south and east-west network visibility plays a critical role in all phases, but none more so than the ‘Analyse’ phase between ’Detection’ and ‘Response.’ Adaptive Threat Analytics utilises continuous network packet capture and local storage of metadata and packets independent of detections, built-in packet decodes, and an ad hoc querying language, seeking to enable more rapid threat investigation and proactive hunting. “Network environments continue to become more disparate and complex," says John Grady, Principal Analyst, Cybersecurity, Enterprise Strategy Group. "Bad actors exploit this broadened attack surface, making it difficult for security teams to respond quickly and accurately." "Due to this, continuous, unified, packet-based visibility into north-south and east-west traffic has become essential for effective and efficient threat detection and incident response.” “Security teams often lack the specific knowledge to understand exactly what happened to be able to choose the best response,” claims Jerry Mancini, Senior Director, Office of the CTO, Netscout. “Omnis Cyber Intelligence with Adaptive Threat Analytics provides ‘big picture’ data before, during, and after an event that helps teams and organisations move from triage uncertainty and tuning to specific knowledge essential for reducing the mean time to resolution.” For more from Netscout, click here.

DigiCert opens registration for World Quantum Readiness Day

DigiCert, a US-based digital security company, today announced open registration for its annual World Quantum Readiness Day virtual event, which takes place on Wednesday, 10 September 2025. The company is also accepting submissions for its Quantum Readiness Awards. Both initiatives intend to spotlight the critical need for current security infrastructures to adapt to the imminent reality of quantum computing. World Quantum Readiness Day is, according to DigiCert, a "catalyst for action, urging enterprises and governments worldwide to evaluate their preparedness for the emerging quantum era." It seeks to highlight the growing urgency to adopt post-quantum cryptography (PQC) standards and provide a "playbook" to help organisations defend against future quantum-enabled threats. “Quantum computing has the potential to unlock transformative advancements across industries, but it also requires a fundamental rethink of our cybersecurity foundations,” argues Deepika Chauhan, Chief Product Officer at DigiCert. “World Quantum Readiness Day isn’t just a date on the calendar, it’s a starting point for a global conversation about the urgent need for collective action to secure our quantum future.” The Quantum Readiness Awards were created to celebrate organisations that are leading the charge in quantum preparedness. Judges for the Quantum Readiness Awards include: · Bill Newhouse, Cybersecurity Engineer & Project Lead, National Cybersecurity Center of Excellence, NIST· Dr Ali El Kaafarani, CEO, PQShield· Alan Shimel, CEO, TechStrong Group· Blair Canavan, Director, Alliances PQC Portfolio, Thales· Tim Hollebeek, Industry Technology Strategist, DigiCert For more from DigiCert, click here.

Global data centres face rising climate risks, XDI report warns

Data centres are facing sharply rising risks from climate-change-driven extreme weather, according to a major new report released today by XDI (Cross Dependency Initiative), a company which is concerned with physical climate risk analysis. The company argues that without urgent investment in emissions reduction and physical adaptation, operators could face soaring insurance premiums, growing disruption to operations, and billions in damages. XDI’s 2025 Global Data Centre Physical Climate Risk and Adaptation Report offers a global picture of how extreme weather threatens the backbone of the digital economy. The report ranks leading data centre hubs by their exposure to eight climate hazards — flooding, tropical cyclones, forest fires, coastal inundation, and others — now and into the future and under different climate scenarios. It is based on analysis of nearly 9,000 operational and planned data centres worldwide. The report quantifies how targeted structural adaptations (changes to the physical design and construction of data centres) can dramatically improve resilience, reduce risk, and help curb escalating insurance costs. “Data centres are the silent engine of the global economy. But as extreme weather events become more frequent and severe, the physical structures underpinning our digital world are increasingly vulnerable,” says Karl Mallon, Founder of XDI (Cross Dependency Initiative). "When so much depends on this critical infrastructure and with the sector growing exponentially, operators, investors, and governments can’t afford to be flying blind. Our analysis helps them see the global picture, identify where resilience investments are most needed, and chart pathways to reduce risk." Key insights from the report include that: • Data centre hubs in New Jersey, Hamburg, Shanghai, Tokyo, Hong Kong, Moskva, Bangkok, and Hovestaden are all in the top 20 for climate risk by 2050, with 20-64% of data centres in these hubs projected to be at high risk of physical damage from climate change hazards by 2050. • APAC is the fastest growing region for data centre growth in the world, yet it also carries some of the greatest risk, with more than one in ten data centres already at high risk in 2025, becoming more than one in eight by 2050. • Insurance costs for data centres globally could triple or quadruple by 2050 without decisive mitigation and adaptation. • Targeted investments in resilience could save billions of dollars in damages annually. The report highlights that climate risk varies dramatically by location, even between data centres in the same country or region. This kind of like-for-like, jurisdiction-spanning analysis, XDI argues, is critical for guiding smarter investment decisions in new and existing data centres - helping asset owners, operators, and investors allocate capital where it will have the greatest impact on protecting long-term value. The report also reinforces that decarbonisation and adaptation must go hand in hand to safeguard the digital economy for the long term. Adaptation is essential, but the most resilient data centre is only as secure as the infrastructure it depends on — such as roads, water supply, and communications links — which are themselves vulnerable to climate hazards. Without ambitious and sustained investment in emissions reduction to limit the severity of climate change, no amount of structural hardening will fully protect these critical assets.

Invicti launches new Application Security Platform

Cybersecurity company Invicti today announced the launch of what it calls its "next-gen" Application Security Platform, featuring AI-powered scanning capabilities, enhanced dynamic application security testing (DAST) performance, and full-spectrum visibility into application risk. The platform seeks to enable organisations to detect and fix vulnerabilities faster and with greater accuracy. “Your applications are dynamic, shouldn’t your AppSec tools be too?” argues Neil Roseman, CEO of Invicti. “Attackers live in your runtime, but most security tools are stuck in static analysis. With Invicti, we’re cutting through the static with a DAST-first platform that continuously uncovers real risk in real time so security teams can take action with confidence.” DAST improvements with AI The latest release introduces enhancements to Invicti’s DAST engine, which, according to data provided by the company, include: • Being 8x faster than leading competitors.• Finding 40% more high and critical vulnerabilities.• Delivering 99.98% accuracy with proof-based scanning. Securing more of what matters The company says the Invicti platform now combines AI-driven features and integrated discovery to "expose more of the real attack surface and deliver broader, more accurate security coverage." The main features include: • LLM scanning — securing AI-generated code by identifying risks produced by large language models.• AI-powered DAST — revealing vulnerabilities that traditionally required manual penetration testing.• Integrated ASPM — bringing greater visibility into application posture, enabling teams to prioritise and manage risk across the SDLC.• Enhanced API detection — identifying and testing previously hidden or unmanaged APIs, now with native support for F5, NGINX, and Cloudflare. “A stronger DAST engine gives our customers more than better scan results, it gives them clarity,” claims Kevin Gallagher, President of Invicti. “They can see what truly matters, cut through the noise, and move faster to reduce risk. This launch continues our push to make security actionable, efficient, and focused on what’s real.” For more from Invicti, click here.

'7% of organisations tackle vulnerabilities only when necessary'

A recent joint survey conducted by VDC Research, a technology market intelligence and consulting firm, and Kaspersky, a Russian multinational cybersecurity company, has highlighted an alarming trend: 7% of industrial organisations tackle vulnerabilities only when necessary. This leaves them exposed to unplanned downtime, production losses, and the reputational and financial damages that can result from possible cyber breaches. The study, entitled Securing OT with Purpose-built Solutions, illuminates the shifting landscape of cybersecurity within the industrial sector. Focusing on key industries such as energy, utilities, manufacturing, and transportation, their research surveyed over 250 decision-makers to uncover trends and challenges faced in fortifying industrial environments against cyber threats. A strong cybersecurity strategy begins with complete visibility into an organisation’s assets, allowing leaders to understand what assets need protection and to assess the highest risk areas. In environments where IT and OT systems converge, this demands more than just a comprehensive asset inventory. Organisations must implement a risk assessment methodology that is aligned with their operational realities. By establishing a clear asset baseline, organisations can engage in meaningful risk assessments that address both corporate risk criteria and the potential physical and cyber consequences of vulnerabilities. Recent survey findings reveal a concerning trend: a significant number of organisations are not engaging in regular penetration testing or vulnerability assessments. Only 27.1% of respondents perform these critical evaluations on a monthly basis, while 48.4% conduct assessments every few months. Alarmingly, 16.7% do so only once or twice a year, and 7.4% address vulnerabilities solely as needed. This inconsistent approach could leave organisations vulnerable as they navigate an increasingly complex threat landscape. Every software platform is inherently vulnerable to bugs, insecure code, and other weaknesses that malicious actors can exploit to compromise IT environments. For industrial companies, effective patch management is therefore crucial to mitigate these risks. That being said, studies reveal that many organisations encounter significant challenges in this area, often struggling to allocate the necessary time to pause operations for critical updates. Unnervingly, many organisations patch their OT systems only every few months or even longer, significantly heightening their risk exposure. Specifically, 31.4% apply patches monthly, while 46.9% do so every few months and 12.4% update only once or twice a year. These challenges in maintaining effective patch management are exacerbated in OT environments, where limited device visibility, inconsistent vendor patch availability, specialised expertise requirements, and regulatory compliance add layers of complexity to the cybersecurity landscape. As IT and OT systems increasingly converge, there is a pressing need to harmonise these traditionally disparate systems which have often relied on proprietary technologies rather than open standards. The challenge is further intensified by the rapid proliferation of Internet of Things (IoT) devices — ranging from cameras and smart sensors for asset tracking and health monitoring to advanced climate control systems. This explosion of connected devices broadens the attack surface for industrial organisations, underscoring the urgent need for robust cybersecurity measures.

'More than a third of UK businesses unprepared for AI risks'

Despite recognising artificial intelligence (AI) as a major threat, with nearly a third (30%) of UK organisations surveyed naming it among their top three risks, many remain significantly unprepared to manage AI risk. Recent research from CyXcel, a global cyber security consultancy, highlights a concerning gap: nearly a third (29%) of UK businesses surveyed have only just implemented their first AI risk strategy - and 31% don’t have any AI governance policy in place. This critical gap exposes organisations to substantial risks including data breaches, regulatory fines, reputational harm, and critical operational disruptions, especially as AI threats continue to grow and rapidly evolve. CyXcel’s research shows that nearly a fifth (18%) of UK and US companies surveyed are still not prepared for AI data poisoning, a type of cyberattack that targets the training datasets of AI and machine learning (ML) models, or for a deepfake or cloning security incident (16%). Responding to these mounting threats and geopolitical challenges, CyXcel has launched its Digital Risk Management (DRM) platform, which aims to provide businesses with insight into evolving AI risks across major sectors, regardless of business size or jurisdiction. The DRM seeks to help organisations identify risk and implement the right policies and governance to mitigate them. Megha Kumar, Chief Product Officer and Head of Geopolitical Risk at CyXcel, comments, “Organisations want to use AI but are worried about risks – especially as many do not have a policy and governance process in place. The CyXcel DRM provides clients across all sectors, especially those that have limited technological resources in house, with a robust tool to proactively manage digital risk and harness AI confidently and safely.” Edward Lewis, CEO of CyXcel, adds, “The cybersecurity regulatory landscape is rapidly evolving and becoming more complex, especially for multinational organisations. Governments worldwide are enhancing protections for critical infrastructure and sensitive data through legislation like the EU’s Cyber Resilience Act, which mandates security measures such as automatic updates and incident reporting. Similarly, new laws are likely to arrive in the UK next year which introduce mandatory ransomware reporting and stronger regulatory powers. With new standards and controls continually emerging, staying current is essential.”

‘Businesses sleepwalking into cyber catastrophe’

Security leaders have warned that ‘businesses are sleepwalking into a cyber catastrophe’ due to the rapid adoption of AI tools, alongside lacking privacy and ethics controls, amid a wave of recent high-profile cyber-attacks and data leaks. Arkadiy Ukolov, Co-Founder and CEO of Ulla Technology, a global HR platform, cautioned that many businesses are putting their data at risk by rushing off to use third-party AI tools as the main system to streamline operations. The ongoing fallout from the M&S cyber-attack, alongside other major hits against Co-op, Dior, and Harrods, has highlighted the severity of data risks and how data is protected, forcing security teams to re-evaluate their protocols. Speaking from the Viva Technology event in Paris, Arkadiy says, “Data breaches and cyber threats are relentless so it’s vital that industries such as HR, law, government, and beyond are securing every aspect of their technology stack to protect their data. Unfortunately, the speed of AI adoption means that many businesses are sleepwalking into a cyber catastrophe, leaving critical gaps in their data protection processes and putting both sensitive internal and customer data at risk. “Even in an area such as meeting transcripts, there are sensitive conversations around company financials or workplace policy updates that cannot be exposed, requiring privacy-first collection and storage methods for data to protect against a breach. Understanding the risks and putting in place enterprise-grade security and data privacy can help businesses better guard against these risks, even with the added exposure from AI.” Viva Technology, hosted this year between 11 and 14 June in Paris, is Europe’s largest startups and technology event, attracting over 150,000 attendees and 11,000 startups each year. Key themes this year include the pace of AI innovation, regulation, the importance of human control, vertical industry applications for AI, and data security.

FFT chooses Keepit for data backup

Keepit, a global provider of a cloud backup and recovery platform, today announced that it has been selected by the French Tennis Federation (FFT) to independently backup its Microsoft 365, Microsoft Entra ID, and Power BI data. The FFT chose Keepit as a sovereign backup solution, independent of major global cloud providers. The company is Danish and controls its entire hosting chain by operating its own cloud and data centres across Europe, the UK, Canada, Australia, and the US. Keepit's architecture reportedly met the FFT's requirements of security, independence, and business continuity. "Until three years ago, we had no backup solution for our cloud environments. My objective was clear: to identify a European service provider guaranteeing maximum independence", says Franck Labat, Technical Director at FFT. “Beyond this initial requirement, Keepit was able to meet additional needs that we hadn't anticipated: centralised, traceable archiving of PST files, unified management of all our data via a single platform, and, more recently, seamless integration of our directory as part of our complete migration to Entra ID.” The FFT, headquartered at Roland-Garros stadium, organises, coordinates, and promotes tennis for over 8,000 clubs throughout France. The FFT's operations also involve the management of a large number of seasonal employees as part of its event-driven activities, generating significant data flows to be processed and restored. To ensure consistent monitoring, the company needs to be able to recover data from people who have left, sometimes after short assignments, in order to pass it on to managers. The collaboration began in 2022, alongside SCC France, a partner of the FFT for over 15 years, with the initial aim of safeguarding Microsoft 365 environments. Since then, the partnership has gradually expanded to include Power BI and Microsoft Entra ID. FFT now plans to integrate any new Microsoft solution it adopts into the Keepit ecosystem. “We are particularly proud to have led this project alongside our partner SCC, offering the FFT an independent cloud backup and recovery platform that is simple to deploy and administer,” says Cyril VanAgt, Vice President Channel EMEA at Keepit. “We remain fully committed to supporting the next steps in the evolution of its cloud and Microsoft environments.” For more from Keepit, click here.

House of Lords AI summit highlights cyber threats

Technology industry leaders gathered in the House of Lords yesterday for a high-profile debate on the transformative role artificial intelligence (AI) will play in the UK jobs market. The discussion, chaired by Steven George-Hilley of Centropy PR, brought together experts to address key industry challenges, including the digital skills shortage and AI’s potential to enhance compliance and accelerate digital transformation across key areas of the UK economy. The debate highlighted the growing role of AI in reshaping traditional job roles and powering a new wave of relentless cyber threats which could damage British businesses. Key speakers, including Richard Cuda of Kasha, discussed the role AI and digital technology can play in helping entrepreneurs launch their own business. Leigh Allen, Strategic Advisor, Cellebrite, says, "In a world where police forces are under increasing strain to combat crime and national security threats, AI technology represents a key enabler in unlocking digital evidence and significantly reducing investigation times. Cellebrite delivers secure, ethical access to digital evidence, using AI to accelerate investigations while closing the digital skills gap for modern law enforcement. We don’t just respond to digital threats—we equip agencies to lead with confidence in a complex, tech-driven world." Dr Janet Bastiman, Chief Data Scientist, Napier AI, comments, "Financial crime is one of the biggest threats facing the UK economy right now, and in AI we have the answer. AI-driven anti-money laundering solutions have the capacity to save UK financial institutions £2.2 billion each year, helping to bolster compliance processes, improve the accuracy of transaction screening, and monitor transaction behaviour to more effectively identify criminal networks." Linda Loader, Software Development Director, Resonate, suggests, "AI has the potential to significantly enhance operations in the rail industry by enabling faster and more efficient services. But this must be underpinned by quality data to drive innovative solutions that prioritise security and robust protection for our critical national infrastructure. By exploring smaller AI use cases now, we can build a solid foundation and understanding for more extensive, secure transport applications in future." Chris Davison, CEO, NavLive, mentions, "By using cutting edge AI and robotics technology to create automated 2D and 3D models of buildings in real time, we can make retrofits, brownfield developments more efficient and contribute to sustainable building practices. NavLive saves architects, engineers and construction professionals time and money, by providing accurate real time spatial data across the lifecycle of a building." Richard Bovey, Chief for Data, AND Digital, states, "The AI winners are the businesses that have invested the most in AI experimentation, underpinned by years of strong data foundations, meanwhile, SMEs are quickly watching a widening AI gap. But all isn’t lost, investing in data and modern tooling can stop the slide, helping businesses to keep pace and preventing a significant competitive disadvantage from taking over." Arkadiy Ukolov, Co-Founder and CEO, Ulla Technology, says, "As AI adoption continues to skyrocket, we must ensure that privacy and data security remain a critical component of development. Most of the popular AI tools send data to third-party AI providers, which may use client data to train models. This is unacceptable for sensitive meeting discussions and confidential documents, as it opens them up to data leaks. Placing safety and ethics at the centre of the discussion is the only route that we can take forward as AI evolves." For more on cyber security, click here.