Seven fallacies of data center cybersecurity

Many enterprises and data center operators believe their organizations have battle-hardened security capable of withstanding modern cyberattacks. However, that confidence may be misplaced. The convergence of IT, operational technology (OT) and Internet of Things (IoT) networks has created a highly connected environment, both inside and outside the data center. And the attack surface has expanded. Cybercriminals now target the IT, software and hardware systems provided by critical third-party vendors. Meanwhile, state-sponsored attackers and environmental and political activists now commonly target utility networks and power grids.

KEY POINTS

• OT should not be seen as bulletproof against modern cyberattacks. Legacy systems, unpatched devices and converged IT, OT and IoT networks have already exposed many operators to increased risk.
• Cyberattacks are becoming more sophisticated, exploiting known and unknown system vulnerabilities through social engineering, malware and ransomware.
• Cybercriminals recognize that data centers hold valuable information that may be commercially sensitive or critical to national security. The rise of AI data centers and giant campuses further increases their attractiveness as targets.