The government has launched a call for views on data storage and processing infrastructure security and resilience to assist in strengthening the security and resilience of the United Kingdom's data infrastructure to protect against outages and national security threats.

Views are being sought on tools currently used in other regulated sectors, such as having an incident management plan in place, notifying a regulator when an incident impacts services, and a requirement for a person, board or committee to be held accountable for security and resilience.

The United Kingdom's data storage and processing infrastructure includes physical buildings housing large computer systems, which store and process huge volumes of data, as well as cloud platforms, which provide remote, shareable computing services via the Internet. New protections would build on existing safeguards for data infrastructure, including the Networks and Information Systems Regulations 2018, which cover cloud computing services.

The government says that its plans will give greater confidence to the millions of people who rely on these digital services every day. The proposals will also help small businesses that use cloud platforms as a cheaper and more efficient way to access essential IT services. As the United Kingdom's reliance on digital services grows, shielding this infrastructure against disruption will protect the economy, the government says.

Views are sought from data centre operators, cloud platform providers, data centre customers, security and equipment suppliers and cybersecurity experts to understand the risks that data storage and processing services face.

The government wants to know what steps are already being taking to address security and resilience vulnerabilities. The call for views also asks organisations that run, purchase or rent any element of a data centre to provide details of the types of customers they serve.

Based on the evidence, the government will decide whether any additional government support or management is needed to minimise the risks that data storage and processing infrastructure face.

The call for views closes on 24 July 2022.

For further information on this topic please contact Alexander Ross at Wiggin by telephone (+44 1242 224 114) or email ([email protected]). The Wiggin website can be accessed at