Op-Ed: Securing a new home for critical infrastructure amid the office exodus

As large corporates question how much space they need, traditional office spaces face an exodus, and major cities are experiencing soaring commercial vacancy rates. More than 14 per cent of Sydney CBD offices are vacant, and 16.2 per cent in Melbourne, according to research from real estate firm JLL. However, amid this trend, there is a remarkable paradox: critical infrastructure organisations are doubling down on the importance of security by seeking secure office spaces.

When we think about critical infrastructure organisations, we are thinking about those in highly regulated sectors like energy, finance, and technology, where there is no space to compromise on security. Organisations in these sectors are downsizing as a result of hybrid work, but they still need an option for their critical infrastructure and the people running them. As a result, they are relinquishing extensive CBD real estate and long-term leases in favour of more accessible, right-sized office locations that bring people and technology closer together.

As corporate Australia faces the great office exodus, let’s take a look at three reasons why security requirements mean we’re seeing the inverse happening with critical infrastructure organisations.

1. Legislative changes

The recent amendment of the Security of Critical Infrastructure Act 2018 has meant the criteria for determining which companies in Australia are deemed critical has shifted, and so, too, has the need for robust cyber security. These companies are bringing teams closer, while many others are spreading out as a result of hybrid work. Many smaller companies that have not encountered international security regulations are now required to invest millions to comply with global best practices for securing data. Due to the highly sensitive nature of the information they possess, they have become prime targets for cyber attacks and data breaches.

The inclusion of financial institutions, food and grocery providers, and technology retailers within the critical infrastructure purview reflects the recognition of their essential role in ensuring the nation’s wellbeing and continuity.

The security risks are especially true for smaller companies that were previously exempt from international security regulations.

Many of these smaller entities now find themselves grappling with the daunting task of adhering to global best practices for securing data. The financial burden of investing millions to achieve compliance can be overwhelming, especially for organisations that were previously focused on their day-to-day operations rather than sophisticated cyber security protocols.

VIEW ALL

Enter, secure workspaces. These managed spaces allow organisations to offload some of the complexities associated with cyber security, offering a level of protection and resilience that is often beyond the reach of individual organisations. Organisations can, in turn, focus on their core functions while benefiting from the collective expertise of dedicated security teams.

2. A (physical) safety blanket

Critical infrastructure security extends beyond legislative requirements. While it’s pleasing to see businesses update their cyber security protocols and firewalls, we need to remember that physical penetration is also a risk for companies dealing with sensitive data.

Cyber threats often exploit vulnerabilities in the physical realm to gain access to digital systems. A 2021 Verizon report indicated that 85 per cent of cyber security breaches in the previous 12 months had included a human or physical element. Unsecured office spaces could be gateways for malevolent actors seeking to compromise critical digital infrastructure. Therefore, a comprehensive approach that combines robust digital and physical security measures is imperative to safeguarding vital assets.

Managed secure office spaces offer a compelling solution to bridge the gap between remote work and the need for physical security. With 24/7 onsite security and access control all year round, a secure space safeguards a company’s digital infrastructure. With round-the-clock onsite support, any issues that arise are dealt with quickly and efficiently, without the need for lengthy back and forth with a remote support desk.

3. Keeping the lights on

Cyber criminals and nation-states are targeting critical infrastructure, including power grids and communications systems, according to the Office of the Auditor General. This is why it’s important to recognise the role of resilient power infrastructure in ensuring the security of critical business operations.

Businesses that rely on continuous power supply and zero latency when accessing their data, such as control centres, financial institutions, operations centres, lab environments and manufacturing facilities, are particularly vulnerable to power outages. These outages can result in significant financial losses, operational disruptions, and even threats to public safety. Having a resilient power infrastructure that can withstand power interruptions and quickly recover from them is essential for these businesses to operate smoothly and effectively.

Secure space offices are set up with safe, reliable and zero-latency access to high-power compute, while the UPS-to-the-desk system ensures that no matter what, a customer can not only access their data but also continue operating without interruption. This level of power resilience provides customers peace of mind knowing that they are inoculated against power or security incidents that would otherwise disrupt their operations.

What’s next?

Now is the time to acknowledge that securing our critical digital infrastructure begins with securing the physical foundations upon which it stands. The decision to opt for managed secure office spaces is not merely an effort to reduce capital expenditures; rather, it stems from a realisation that security is a paramount concern. These bespoke workspaces are a viable long-term solution for organisations that operate mission-critical infrastructure with sensitive information to protect.

Lizzi Long is the general manager of data centres and business continuity at Interactive.

David Hollingworth

David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.