Indonesian Political, Business & Finance News

End-to-End Protection for Data Centre Cyber Resilience

| Source: CNBC Translated from Indonesian | Infrastructure
End-to-End Protection for Data Centre Cyber Resilience
Image: CNBC

Cyber resilience in data centres can no longer be defined solely by physical or operational redundancies.

The architecture of modern data centres has transformed. Data centres are no longer merely mechanical and electrical environments supported by Information Technology (IT); they are digitally orchestrated operational ecosystems.

Data centres now encompass IT, OT, IoT, remote access, vendor tooling, identity services, and facility controls that interact in real time. Cooling, power, access control, CCTV, BMS, EPMS, DCIM, AI-powered analytics platforms, and monitoring are now within a single converged operational environment.

This convergence not only creates efficiency but also erodes traditional security perimeters.

What was once considered an IT security issue has become a physical cyber resilience problem. A vulnerability in one layer can now infiltrate others. Through a compromised laptop, building management platforms can be breached. Poorly managed remote access can serve as an entry point to operational systems. A hacked corporate IT identity can be used to control critical facility functions.

In this environment, resilience and cyber security are no longer parallel; they mutually influence each other.

This renders traditional security assurances insufficient. ISO-based certifications may evidence good management systems. However, they do not guarantee that OT and IoT logs correlate with IT telemetry in a common SIEM data lake.

Such certifications do not demonstrate that critical and administrative accounts are protected with strong two-factor authentication or that vendor access is monitored and time-bound. They do not validate that logical and physical separation between corporate and control environments can be maintained. ISO also does not ensure that backups are isolated from production and recoverable during a cyber attack.

Expectations for data centre management accountability are also rising.

For operators serving regulated operations, resilience now carries legal, commercial, and oversight consequences.

Comprehensive cyber assurances covering the physical systems, IT, OT, and IoT operating the data centre are a prerequisite for Uptime to fulfil its commitments.

The role of independent, specific Whitebox data centre assessments conducted by organisations with decades of experience in digital infrastructure and cyber security expertise is vital.

The Data Centre Certified Associate (DCCA) is essential as it evaluates the overall cyber-physical operational ecosystem. DCCA also uncovers control gaps as they exist across physical systems, IT, OT, IoT, identity, remote access, third-party pathways, logging, recovery, and governance.

This shifts the conversation beyond general compliance towards maturity driven by improvements, evidence-based assurances, and practical risk reduction.

Every data centre operator must now be able to answer five questions:

  1. Are IT, OT, IoT, BMS, EPMS, DCIM, CCTV, and access control logs centrally correlated in SIEM data storage to detect cross-domain anomalies?

  2. Is MFA and privileged access control enforced on all critical systems, remote pathways, and administrative accounts without exception?

  3. Is segmentation between corporate IT, OT, vendor access, and recovery states tested and maintainable, rather than merely described in diagrams?

  4. Are backups isolated from production, protected against ransomware propagation, and regularly tested for recovery of IT and operational systems?

  5. Do we have complete visibility over third-party access, inherited supply chain exposures, and cyber implications of every digital dependency in the facility?

If the answers are incomplete, what is needed is not an additional ISO label.

The absolute requirement is an integrated infrastructure assessment that provides the capability for holistic risk visibility in priority order. Along with detailed recommendations that inform cyber maturity supported by a prioritised remediation roadmap.

Uptime Cyber provides an integrated data centre cyber security assessment. DCCA gives data centre operators independent visibility into physical, IT, OT, IoT, identity, and third-party activities.

View JSON | Print