The UK's essential national infrastructure (CNI) is moving into a merged threat period—where digital, physical, and airborne dangers are combining as attack areas that target the same key assets. Additionally, data centers have officially been recognized as CNI, increasing their strategic significance and vulnerability to attacks.
In the past, entities in charge of essential assets have handled security within separate areas, perhaps like isolated compartments.CybersecurityTeams safeguard networks and data, while physical security teams handle access control and perimeter protection, including airspace, which for the most part has remained largely unregulated - until the last decade or so.
However, the structure and approach of threats have changed somewhat. As reported by the UK's National Cyber Security Centre (NCSC), the nation is currently experiencing approximately four major cyber incidents each week, with many connected to hostile state actions. Meanwhile, geopolitical conflicts are increasingly manifesting through disruptions to infrastructure—both physical and digital.
We are currently in the era of converged threats, where attackers are no longer limited by separate organizational divisions. Instead, they are actively taking advantage of the weaknesses between them. Hybrid threats—whether supported by a state or carried out by criminals—are merging various elements to reach their goals.
Hybrid threats in practice
A common campaign could start with cyber intelligence gathering, pinpointing weaknesses inIT infrastructureor operational technology (OT) settings. This could be followed by physical monitoring, possibly carried out using drones, to identify entry points, movement trends, or vulnerabilities in security.
Incidents involving drones near critical UK locations have more than doubled compared to the previous year, highlighting how affordable and easy-to-use technology can now easily circumvent conventional security barriers. Additionally, the physical systems supporting the digital economy are still at risk, as 95% of global data traffic relies on undersea cables that are susceptible to interference.
Securing distributed, high-value infrastructure
For environments with CNI, which are typically understaffed and located in remote or difficult-to-access areas, thesecuritychallenges have become more intense. Data centers serve as a key example. Although they support the digital economy, many function with very few people on site, depending on remote oversight and automated systems.
There are currently approximately 11 to 12,000 data centers worldwide, facilitating a wide range of services including financial operations andcloud computingFor AI workloads and essential government systems. In the UK, the industry contributes approximately £4.7 billion in yearly gross value added (GVA) and provides employment for over 43,000 people, with estimates indicating it could create an additional £44 billion in economic benefits by 2035. Nevertheless, this has also made them more appealing targets.
Recent events emphasize this increasing danger. During 2024 and 2025, multiple notable cyberattacks focused on data center operators and cloud service providers, causing service interruptions and revealing weaknesses in networked systems.
Numerous contemporary facilities are constructed to operate through remote surveillance,automationand centralized control systems. Although this offers efficiency, it also leads to situations where threats may remain unnoticed for extended durations. This is similar to other aspects of Critical National Infrastructure (CNI), such as energy infrastructure, transportation networks, and logistics hubs, where remote assets and decreased human presence all contribute to increasing risks.
State-sponsored groups are increasingly using intermediaries, like criminal organizations, to hide their participation while still reaching their goals. Similarly, those with solely criminal intentions are now employing methods typically linked to countries, making the boundaries more unclear.
In response, we are witnessing how organizations address emerging threats that are well-coordinated, flexible, and aimed at taking advantage of both technical weaknesses and areas within the organization that may not be fully aware of risks.
Even with this change, numerous security approaches remain disjointed, and traditional security systems frequently function separate from cyber defense platforms.Access controlInformation is not consistently combined with broader threat intelligence, and air surveillance, when it is in place, is seldom linked to land-based systems beyond official and military channels.
In integrated threat scenarios, this poses a risk, as a standalone access control system might recognize unauthorized entry, yet without being part of a larger monitoring structure, it lacks the necessary context. Additionally, a cybersecurity solution could spot abnormal network behavior, but without insight into physical access points, it might overlook a vital connection in the sequence.
The same principle holds true for drone activity; merely detecting it is not enough if it isn't linked to incident response procedures or broader security frameworks.
A multi-layered, intelligence-led model
We have quickly progressed in addressing this issue, and security is transforming into a multi-layered, intelligence-driven approach, mirroring the nature of hybrid threats and integrated risks.
At street level, this currently appears as strong boundary protection and smart access management. Contemporary systems extend past simple entry oversight, including real-time information, identity confirmation, and connecting with broader security systems. The objective is a comprehensive perspective of controlled access, ensuring we have a complete grasp of who is present, their reasons for being there, and whether their actions match expected behaviors.
The CNI community and security vendors are also taking proactive steps to tackle the expanding airspace gap. Counter-UAS (unmanned aerial systems) technologies, such as drone detection and neutralization, are increasingly vital for CNI protection.
Equally significant is the digital aspect, with ongoingnetwork monitoringmonitoring IT and OT environments to gain insight into network operations, system efficiency, and possible breaches. In industries like energy, transportation, and data centers, where operational systems are becoming more interconnected, this visibility is crucial for ensuring security and reliability.
This allows organizations to attain real-time situational awareness, where information from various sources is gathered and examined to offer a full understanding of potential risks. An access control incident can be connected to network behavior, and drone detection can initiate automatic actions across both physical and digital systems — and in the end, trends can be recognized.
This method is becoming more in line with the policy and regulatory trends observed among governments and global organizations. This encompasses NATO and the EU, which are now focusing more on safeguarding critical national infrastructure due to its significant economic and political value.
Border security by itself is no longer enough, nor is a strategy that focuses solely on cyber aspects. Instead, companies will keep implementing a multi-layered approach that acknowledges the complex relationship between current, mixed threats, and systems.
Safeguard yourself using top-tier firewall software.
This piece was created as part ofPro Perspectives, our channel showcases the top innovators and leaders in the technology sector today.
The opinions shared here belong to the author and may not reflect the views of Pro or Future plc. If you would like to contribute, click here for more information:https://www./pro/perspectives-how-to-submit
Liked this article? To discover more stories like this, follow us on MSN by clicking the +Follow button located at the top of this page.
No comments:
Post a Comment