Security expectations around data centres have changes, and it’s no longer enough to secure the perimeter or roll out a firewall policy. Today’s infrastructure relies on interconnected systems, from APIs and cloud endpoints to HVAC controls and building access tools, all of which can be targeted, misconfigured, or exploited.
So far this year, the industry has already seen record-breaking attack volumes, new vulnerabilities in physical systems, and disruption caused by oversights that could have been prevented. For business leaders managing digital infrastructure, understanding data centre security threads is essential to avoid costly consequences that extend far beyond the data hall.
So, here’s what to watch, and how to respond.
Table of Contents:
Attackers continue to leverage unpatched software, legacy firmware, and misconfigured APIs, often via automated scanning. These flaws aren’t brand new, but in 2025, they trigger disruptions faster and more widely due to scale and integration.
DDoS attacks remain a significant threat. In Q2 2025, Cloudflare mitigated 7.3 million attacks, bringing the year-to-date total to 27.8 million, already surpassing the entirety of 2024. Among these, over 6,500 were hyper-volumetric, exceeding 1 Tbps or millions of requests per second.
A severe global DDoS surge in June 2025, coordinated by hacktivist groups aligned with geopolitical motives, caused widespread service disruptions, targeting critical infrastructure, government services, and finance platforms.
This year’s hybrid and cloud environments have expanded the vulnerability landscape further. Public APIs, remote management tools, and SaaS integrations multiply attack vectors. A single misconfiguration in those tools can allow bad actors to pivot into core systems with minimal warning.
What’s the biggest physical security threat to a data centre? While there are several high-impact risks, unauthorised access remains the most serious. A physical breach can bypass all digital safeguards in seconds, leading to hardware theft, sabotage, or long-term compromise. That’s why the most secure facilities use layered defences: biometric authentication, mantraps, perimeter fencing, and 24/7 on-site security.
But it’s not the only concern. IP-connected Building management systems (BMS) now represent one of the most overlooked entry points. They control HVAC, fire suppression, power, access, and surveillance. If they’re left unpatched, poorly segmented, or misconfigured, they can expose the facility to unauthorised access or system failure.
In early 2025, Claroty researchers identified several operational BMS platforms still running outdated firmware, and some with default credentials left unchanged. One case involved a UK data centre where traffic from the BMS wasn’t segmented from the corporate network, creating a direct pathway into production systems. There was no breach, but the misconfiguration prompted a full internal review and system lockdown.
Across Pulsant’s 14 UK data centres, physical access is tightly controlled. Each facility features perimeter fencing, biometric entry systems, 24/7 on-site teams, and monitored CCTV, fully separated from client infrastructure.
Cyber protection is included as standard across all cloud and colocation services. That means managed firewalls, threat detection, and traffic filtering are always in place. For latency-sensitive or public-facing workloads, in-path DDoS mitigation is built into the core connectivity.
Our Edge Fabric backbone links every site via private interconnects, removing reliance on public internet routes. This architecture reduces exposure and ensures consistent performance under load.
Learn more about how Pulsant protects critical infrastructure through secure colocation and cloud platforms.