Data minister Julia Lopez (pictured) asked for comments in the next eight weeks, setting a deadline of Sunday 24 July.
“Data centres and cloud platforms are a core part of our national infrastructure,” she said. “They power the technology which makes our everyday lives easier and delivers essential services like banking and energy.”
The consultation does not cover telecoms networks, which the UK has already covered in last year’s Telecommunications (Security) Act, which allows it to exclude certain vendors.
In particular operators are not allowed to use Huawei equipment to carry more than 35% of 5G traffic after 31 July 2023.
Lopez said: “We legislated to better protect our telecoms networks and the internet-connected devices in our homes from cyber attacks and we are now looking at new ways to boost the security of our data infrastructure to prevent sensitive data ending up in the wrong hands.”
The UK government has said it welcomes “all forms of insight from any kind of stakeholder”.
The survey covers “physical buildings housing large computer systems, which store and process huge volumes of data, as well as cloud platforms which provide remote, shareable computing services via the internet”.
The Department for Digital, Culture, Media and Sport (DCMS) will then decide whether any additional government support or management is needed to minimise the risks that data storage and processing infrastructure face.
Julian David, CEO of the TechUK trade association, said: “One particular focus will be how these proposals will align with wider efforts to strengthen resilience across sectors as well as the wider ambitions outlined in the UK’s National Cyber Strategy – which is a continuation of UK government’s longstanding leadership in cyber security.”