Data Center Hyper Growth Is Outpacing Security Execution, ISC West Panel Says

Planning security for the growing wave of data centers is about much more than fortified openings, guard forces and video surveillance. While one might think the greatest risks to data centers were posed by criminals and terrorists, that is not the case. Keeping the bad guys out might be the easier part of the data center security equation.

At ISC West 2026,  the Security Industry Association’s (SIA) Data Center Advisory Board  (launched in January) sponsored a panel discussion about the security challenges facing today’s data centers and how data center leaders are leveraging technology solutions to safeguard their facilities and information.

This was not a nuts-and-bolts discussion on hardening openings; it was focused on the importance of developing and integrating a security plan before and during the construction process.

Moderated by Hannah Behnke, senior director of data center physical security, Microsoft, the panel included:

• Terry Browne, WMEA managing director, Northland Controls
• David Fortune, director of data center practice, Plugout
• Chris Hobbs, director, national accounts, ASSA ABLOY Opening Solutions U.S.
• Andrew Jimenez, data center technical sales, Wesco
• Glenn Lemke, data center and infrastructure security solutions, Pavion
• James Marcella, director, industry associations, Axis Communications

The speed and large scale of data center proliferation bring with it some serious challenges, noted Fortune. “The challenge is how we make sure security standards are upheld consistently in real-world conditions.”

Land, power and connectivity

Data centers need three things: land, power and connectivity. Panelists noted that two-thirds of data centers are going being built in remote locations where larger portions of land are available. In those locations, the challenge is quickly meeting security standards in real-world conditions.

Panelists answered some interesting questions in a roundtable discussion.

What breaks first when rapidly scaling: people, processes or technology?

Fortune noted that people break first, due to talent gaps in some areas, insufficient training and the lack of solid processes and guidelines to follow.

“Humans are the weakest link and humans are unfortunately the cause of most of the breaches,” Jimenez added. They agreed that the best defense against these human errors is implementing and maintaining solid processes and solid training procedures. Finding highly skilled workers can be especially difficult in these remote areas. 

What are the top risks that data center security professionals should be concerned about today?

 “I don’t see it as one big event that’s causing the risk. It can be made up of a lot of little things,” Lemke said, citing several smaller events.

First, supply chain breakdowns can cause problems in getting the products and equipment needed during the right stage of construction.

Second, gaps between the design and what is actually happening in the field can snowball. “You might do one thing wrong once, but guess what, that technician or subcontractor is now doing it wrong 60-70 times.” So installation errors can multiply throughout the project.

Third are operational risks, such as not enough available guards or badges being left in the system when someone involved in the build has finished their work.

In addition, the nature of the phased build-out of giant data centers creates some unique security challenges. Within the data center space, there are live, operational zones where data is running. Right next door, there are thousands of contractors trying to deliver the next phase. Half of the facility is live and half of it is under construction, so you are securing both the data center and its staff and outside contractors.  This makes coordination much more difficult.

“Some of these sites are like small cities. You’ve got 5 to 7,000 workers on these sites and you’ve got people traveling in from all over the country. A really big risk, especially on the integrator side, is workplace safety on the site,” said Lemke.

Establishment and management of the security system’s installation throughout pre-construction, construction and post-construction amounts to managing “the intersection between people, processes and technology” and is vital to the system’s success, added Hobbes.

Where does AI fit — and doesn’t — in data center security?

Ironically, While AI is the driving force behind the proliferation of data centers, it is not yet a major component of data center security. A great audience question was “Where do you see AI going as far as how we are designing the security for data centers?”

“I think it’s a very interesting dichotomy that you’ve got thousands of cameras being deployed along a fence line for example, protecting customer data that’s running all these workloads for tons of AI, but I haven’t seen much actual AI be deployed in protecting the data centers that are running the AI applications,” Fortune replied. “A key question is 'what AI applications are actually scalable that save time for the guard force, save time for responding to an alarm, responding to an event that’s happening?' I’m still not sold.”

Getting started  

Another question came from a smaller Midwestern integrator who asked for tips on getting into this lucrative vertical market. The advice started with follow the money. There’s a lot of private equity investment. Be aware of potential sites in your area with sufficient land and power.

“Coming from a small integrator that got bigger, we took the crawl-walk-run approach. Get in on small projects; a lot of times it’s break-fix work," Lemke advised. "Prove that you can do things consistently and then the opportunities become bigger and bigger. Going from zero to a full build – I would not recommend that to even my enemies. It’s really about showing consistency and what you can do and learning all you can about it.”