The AI revolution has triggered a global rush to build new data centers. With power demands expected to double by 2030, meeting this surge will require an additional 945 terawatt-hours of capacity, roughly equal to Japan’s electricity use today.1 This unprecedented demand is fueling what could be a $1 trillion-a-year infrastructure boom before the decade is out, and investors are rushing to stake their claim.
The opportunity is undeniable. Data centers have become the backbone of the digital economy, supporting everything from cloud storage to AI training. In prime markets, data center vacancy rates are below 2%, and wholesale rents have climbed more than 50% since 2021.2,3 But the same pressures driving this growth, infrastructure constraints and technical complexities, both of which are compounded by the race to scale, also magnify the risks.
Investors face five-to-seven-year timelines to realize returns, yet securing adequate power connections can take three years and construction another 18 to 24 months before the first switch is flipped. In that compressed timeframe, a single disruption,whether from a power shortage, cybersecurity incident, or supply chain delay, can derail the investment case.
This is the first article in a series on the major risks facing large-scale data center developments. Power constraints, supply chain pressures, and shortages of skilled workers all merit attention. But one threat, sometimes underestimated until it’s too late, cuts across all the others: the threat of cyber attacks.
Cybersecurity as the New Reliability
In the data center sector, reliability has always been viewed as an engineering issue, solved through redundant power feeds, backup generators, and cooling systems. But as operational technology becomes increasingly network-connected, reliability depends as much on cybersecurity as on mechanical design. The difference between delivering the 99.9995% uptime that customers demand from Tier 4 centers and suffering a catastrophic outage may come down to how well a facility defends the systems that keep it running.
The stakes are even higher for AI workloads, which require 100% uptime. The chipsets, or GPUs, that drive AI’s massive calculations can overheat and fail within seconds if cooling is interrupted. A cyber attack on supervisory controls could trigger such a failure in an instant, overriding safety protocols, cutting generators, or manipulating chiller setpoints to induce overheating. In healthcare, the result could be surgeries disrupted mid-procedure by the loss of real-time imaging; in finance, trades frozen mid-session; in defense, mission-critical communications disabled.
The complexity that enables uptime can also be its weak point. Liquid cooling, essential in dense AI clusters because air systems can’t dissipate the heat of tightly packed GPUs, solves the thermal problem but introduces new risks. AI-driven facility management can improve efficiency but, if corrupted, could be turned against the very systems it oversees. In the end, automation is a double-edged sword that can deliver reliability, or weaponize it.
For investors, their due diligence must now consider cyber resilience as part of reliability. It’s no longer enough to verify Tier 4 certification or inspect redundancy diagrams. Assessments must examine whether, and how, control systems are separated from outside networks, how often they are tested against modern attack scenarios, and how quickly operators can detect and respond to an incident.
The best-run facilities are moving from annual, compliance-focused security testing to continuous, adaptive stress testing, often using multiple independent providers to prevent threat actors from spotting predictable patterns. These facilities integrate operating teams and IT security teams so a breach in one domain cannot cascade into the other. They design human-machine workbenches that give operators real-time insight into both operating status and cybersecurity posture. These facilities don’t just promise more uptime, they build resilience against the full spectrum of threats that can take a modern data center down.
Go to the rest of this Article >>
