Government to study ‘key vulnerabilities’ of cloud sector and estimate national cost of outages

Written by Sam Trendall on 26 October 2022 in News
News

Research will consider potential impact of system failure on the country’s finances and way of life

Credit: MasterTux/Pixabay

The government is to launch a research project that aims to better understand vulnerabilities across the cloud computing sector, and how outages could impact the country’s finances and way of life.

A supplier with a “good understanding of digital infrastructure” is being sought to deliver the project, on behalf of the Department for Digital, Culture, Media and Sport. Once work begins next month, the chosen firm will be asked to “research critical systems and dependencies of the UK data-processing and storage infrastructure sector and to inform estimates of the financial and commercial impact of outages”.

“DCMS is seeking to better understand the data infrastructure sector in terms of key vulnerabilities, and the impact of risks materialising,” the department said, in a contract notice. “We must understand dependencies between the interconnected systems that comprise the sector, any direct dependencies on other sectors, and the features on paper and in practice of dependency chains.”

Reaching an understanding of these systems will enable the department’s policymakers “to more accurately and clearly determine what should be [considered] critical national infrastructure, effectively plan how impacts and scenarios can be managed, and evidence whether [government] interventions would be value for money – by comparing the potential cost of a risk materialising against the cost of a proposed mitigation”.

The infrastructure to be examined will be that which is used to support “large-scale data storage and processing services” on behalf of external organisations, such as businesses and public bodies. This will include physical and virtual environments owned or run by datacentre operators or cloud services providers – such as Amazon Web Services, Google, and Microsoft. 


Related content


The research programme, which will last up to four months and is supported by a budget of up tp £120,000, will first aim to determine which systems can be considered to be of critical importance “in terms of significant impact on the UK economy, way of life, essential services, public safety and/or national security”.

The project will then consider where these depend on or otherwise interact with other systems and sectors, and how the network achieves redundancy – the process by which a network uses alternative connections or routes if one part of it goes down.

The final stages of the desk- and interview-based research will include attempts to provide a “high-level” estimate for the potential cost of outages, including both raw monetary cost and commercial impact. The supplier will also be tasked with informing DCMS of any instances where it is the information sought does not exist or cannot be found, or would need significantly more time to uncover.

The department intends that the project will “produce data and insight to inform national policy”. The findings will support the work of DCMS officials, as well as those at the GCHQ-based National Cyber Security Centre, and the Centre for the Protection of National Infrastructure, whose work is overseen by MI5.

The contract notice said that previous research on the UK’s data infrastructure landscape has failed to capture certain information and that “understanding of dependencies remains limited”.

Bids for the work are open until midnight on 4 November.

The project takes place against the backdrop of an investigation by Ofcom that aims to discover whether the ongoing dominance of the cloud market’s three major players is “working well for consumers and businesses”.

Between them, the trio account for more £4 in every £5 spent on public-cloud services in the UK, with AWS accounting for 41% of the market, ahead of Microsoft on 25% and Google on 16%.

This means that, in 2021, all other suppliers held a collective market share of just 19% – a figure which has fallen from 30% since 2018, according to data from Synergy Research Group cited by Ofcom.

 

About the author

Sam Trendall is editor of PublicTechnology. He can be reached on sam.trendall@dodsgroup.com.

Share this page

Tags

Categories

CONTRIBUTIONS FROM READERS

Please login to post a comment or register for a free account.

Related Articles

Home Office and BEIS first departments under the microscope in pilots of new independent cyber audits
16 January 2023

External supplier brought in to run the rule over government systems as rollout begins of ‘GovAssure’ programme

Government vetting processes hampered by ‘old and unstable’ technology
20 January 2023

NAO report finds ageing IT is a major contributor to the performance issues at UKSV

Companies House recruits for digital and data leadership duo
19 January 2023

Senior positions offer potential six-figure salaries

Cabinet Office migrates data as Covid fraud hotline is wound down
18 January 2023

Dedicated reporting tools for coronavirus-related scams are being shuttered and case information transferred to law-enforcement entity