Government to study ‘key vulnerabilities’ of cloud sector and estimate national cost of outages

Written by Sam Trendall on 26 October 2022 in News

Research will consider potential impact of system failure on the country’s finances and way of life

Credit: MasterTux/Pixabay

The government is to launch a research project that aims to better understand vulnerabilities across the cloud computing sector, and how outages could impact the country’s finances and way of life.

A supplier with a “good understanding of digital infrastructure” is being sought to deliver the project, on behalf of the Department for Digital, Culture, Media and Sport. Once work begins next month, the chosen firm will be asked to “research critical systems and dependencies of the UK data-processing and storage infrastructure sector and to inform estimates of the financial and commercial impact of outages”.

“DCMS is seeking to better understand the data infrastructure sector in terms of key vulnerabilities, and the impact of risks materialising,” the department said, in a contract notice. “We must understand dependencies between the interconnected systems that comprise the sector, any direct dependencies on other sectors, and the features on paper and in practice of dependency chains.”

Reaching an understanding of these systems will enable the department’s policymakers “to more accurately and clearly determine what should be [considered] critical national infrastructure, effectively plan how impacts and scenarios can be managed, and evidence whether [government] interventions would be value for money – by comparing the potential cost of a risk materialising against the cost of a proposed mitigation”.

The infrastructure to be examined will be that which is used to support “large-scale data storage and processing services” on behalf of external organisations, such as businesses and public bodies. This will include physical and virtual environments owned or run by datacentre operators or cloud services providers – such as Amazon Web Services, Google, and Microsoft. 

Related content

The research programme, which will last up to four months and is supported by a budget of up tp £120,000, will first aim to determine which systems can be considered to be of critical importance “in terms of significant impact on the UK economy, way of life, essential services, public safety and/or national security”.

The project will then consider where these depend on or otherwise interact with other systems and sectors, and how the network achieves redundancy – the process by which a network uses alternative connections or routes if one part of it goes down.

The final stages of the desk- and interview-based research will include attempts to provide a “high-level” estimate for the potential cost of outages, including both raw monetary cost and commercial impact. The supplier will also be tasked with informing DCMS of any instances where it is the information sought does not exist or cannot be found, or would need significantly more time to uncover.

The department intends that the project will “produce data and insight to inform national policy”. The findings will support the work of DCMS officials, as well as those at the GCHQ-based National Cyber Security Centre, and the Centre for the Protection of National Infrastructure, whose work is overseen by MI5.

The contract notice said that previous research on the UK’s data infrastructure landscape has failed to capture certain information and that “understanding of dependencies remains limited”.

Bids for the work are open until midnight on 4 November.

The project takes place against the backdrop of an investigation by Ofcom that aims to discover whether the ongoing dominance of the cloud market’s three major players is “working well for consumers and businesses”.

Between them, the trio account for more £4 in every £5 spent on public-cloud services in the UK, with AWS accounting for 41% of the market, ahead of Microsoft on 25% and Google on 16%.

This means that, in 2021, all other suppliers held a collective market share of just 19% – a figure which has fallen from 30% since 2018, according to data from Synergy Research Group cited by Ofcom.


About the author

Sam Trendall is editor of PublicTechnology. He can be reached on

Share this page




Please login to post a comment or register for a free account.

Related Articles

MoJ reprimanded by ICO after ‘bags of confidential documents’ exposed for over two weeks
25 May 2023

Sensitive data was left unsecured in prison holding area, according to data watchdog

‘Extremely concerned and disappointed’ – more councils caught up in Capita breach
24 May 2023

Authorities have complained about the lack of time taken to be notified by IT firm and wrongly being told personal data was not put at risk 

Interview: CDDO chief Lee Devlin on the ‘move from being disruptive to collaborative’
23 May 2023

In the first of a series of exclusive interviews, the head of government’s ‘Digital HQ’ talks to PublicTechnology about the Central Digital and Data Office’s work to unlock £8bn...

Rochford District Council pins data breach on Capita’s ‘unsafe storage’
17 May 2023

Authority claims it is taking ‘swift and decisive action’ in response to incident it claims affected several councils

Related Sponsored Articles

Proactive defence: A new take on cyber security
16 May 2023

The traditional reactive approach to cybersecurity, which involves responding to attacks after they have occurred, is no longer sufficient. Murielle Gonzalez reports on a webinar looking at...