Why \u2018secure-by-design\u2019 systems are non-negotiable in the AI era | CyberScoop<\/title> <meta name=\"description\" content=\"As AI-driven data centers converge with the power grid and nuclear generation, "secure by design" is now a financial and operational mandate.\"> <link rel=\"canonical\" href=\"https:\/\/cyberscoop.com\/data-center-security-ai-infrastructure-investment-op-ed\/\"> <meta property=\"og:locale\" content=\"en_US\"> <meta property=\"og:type\" content=\"article\"> <meta property=\"og:title\" content=\"Why \u2018secure-by-design\u2019 systems are non-negotiable in the AI era\"> <meta property=\"og:description\" content=\"As AI-driven data centers converge with the power grid and nuclear generation, "secure by design" is now a financial and operational mandate.\"> <meta property=\"og:url\" content=\"https:\/\/cyberscoop.com\/data-center-security-ai-infrastructure-investment-op-ed\/\"> <meta property=\"og:site_name\" content=\"CyberScoop\"> <meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/cyberscoop\/\"> <meta property=\"article:published_time\" content=\"2026-02-17T11:00:00+00:00\"> <meta property=\"article:modified_time\" content=\"2026-02-17T11:00:13+00:00\"> <meta name=\"author\" content=\"Greg Otto\"> <meta name=\"twitter:card\" content=\"summary_large_image\"> <meta name=\"twitter:image\" content=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/02\/why-secure-by-design-systems-are-non-negotiable-in-the-ai-era-1.jpg\"> <meta name=\"twitter:creator\" content=\"@gregotto\"> <meta name=\"twitter:site\" content=\"@CyberScoopNews\">  <link rel=\"dns-prefetch\" href=\"\/\/securepubads.g.doubleclick.net\">\n<link rel=\"dns-prefetch\" href=\"\/\/use.typekit.net\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Feed\" href=\"https:\/\/cyberscoop.com\/feed\/\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Comments Feed\" href=\"https:\/\/cyberscoop.com\/comments\/feed\/\"> <link rel=\"stylesheet\" id=\"all-css-2\" href=\"https:\/\/cyberscoop.com\/wp-includes\/css\/dist\/block-library\/style.min.css?m=1770142553g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-6\" href=\"https:\/\/cyberscoop.com\/wp-content\/mu-plugins\/search\/elasticpress\/dist\/css\/related-posts-block-styles.min.css?m=1770755286g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-8\" href=\"https:\/\/cyberscoop.com\/wp-content\/themes\/scoopnewsgroup\/dist\/css\/frontend.css?m=1767808656g\" type=\"text\/css\" media=\"all\">\n<link rel=\"stylesheet\" id=\"typekit-css\" href=\"https:\/\/use.typekit.net\/itk2qbh.css?ver=13897d660a0ac2c9c7d1\" media=\"all\"> <link rel=\"https:\/\/api.w.org\/\" href=\"https:\/\/cyberscoop.com\/wp-json\/\"><link rel=\"alternate\" title=\"JSON\" type=\"application\/json\" href=\"https:\/\/cyberscoop.com\/wp-json\/wp\/v2\/posts\/87787\"><meta name=\"generator\" content=\"WordPress 6.8.3\">\n<link rel=\"shortlink\" href=\"https:\/\/cyberscoop.com\/?p=87787\">\n<link rel=\"alternate\" title=\"oEmbed (JSON)\" type=\"application\/json+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2Fdata-center-security-ai-infrastructure-investment-op-ed%2F\">\n<link rel=\"alternate\" title=\"oEmbed (XML)\" type=\"text\/xml+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2Fdata-center-security-ai-infrastructure-investment-op-ed%2F&format=xml\">   <link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=32\" sizes=\"32x32\">\n<link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=192\" sizes=\"192x192\">\n<link rel=\"apple-touch-icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=180\">\n<meta name=\"msapplication-TileImage\" content=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=270\"> <\/head><body class=\"wp-singular post-template-default single single-post postid-87787 single-format-standard wp-theme-scoopnewsgroup wp-child-theme-cyberscoop\" id=\"readabilityBody\"> <a href=\"https:\/\/cyberscoop.com\/data-center-security-ai-infrastructure-investment-op-ed\/#main\" class=\"skip-to-content-link visually-hidden-focusable\">Skip to main content<\/a> <\/p>\n<div class=\"ad ad--top ad--top-desktop\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p> <main id=\"main\" role=\"main\" tabindex=\"-1\"> <\/p>\n<div class=\"ad ad--top ad--top-mobile\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<section id=\"stickybar\" class=\"stickybar stickybar--newsletter js-stickybar\" readability=\"0.82\"> <button class=\"stickybar__close js-stickybar-close\" aria-controls=\"stickybar\"> <svg class=\"icon icon--close\" width=\"21\" height=\"22\" viewBox=\"0 0 21 22\" fill=\"none\"><path d=\"m.822.518-.805.805L9.695 11 .017 20.678l.805.805 9.678-9.678 9.677 9.678.806-.805L11.305 11l9.678-9.677-.806-.805-9.677 9.677L.822.518Z\" fill=\"currentColor\" \/><\/svg> <span class=\"visually-hidden\">Close<\/span> <\/button> <\/section>\n<article class=\"single-article content\">\n<div class=\"single-article__container js-single-article-content\">\n<header class=\"single-article__header \" readability=\"25.459083469722\">\n<div class=\"single-article__header-content\" readability=\"33.726315789474\">\n<ul class=\"single-article__eyebrow\">\n<li class=\"single-article__category\"> <a class=\"single-article__category-link\" href=\"https:\/\/cyberscoop.com\/data-center-security-ai-infrastructure-investment-op-ed\/\"> <span>Commentary<\/span> <\/a> <\/li>\n<\/ul>\n<p> Trillions in AI infrastructure face systemic failure unless security begins at the chip and ends with the grid. <\/p>\n<p>  <br \/>\n<audio id=\"audio-player\" src=\"https:\/\/wp-tts-cdn.api.scpnewsgrp.com\/cyberscoop\/87787\/english.openai.mp3\"><\/audio> <\/p>\n<div readability=\"11\">\n<div>\n<p>Listen to this article<\/p>\n<p>  <\/p>\n<p>0:00<\/p>\n<\/p><\/div>\n<p>  <\/p>\n<p> <span id=\"tts-tooltip\">Learn more.<\/span> <span> This feature uses an automated voice, which may result in occasional errors in pronunciation, tone, or sentiment. <\/span> <\/p>\n<\/div>\n<p>  <\/div>\n<div class=\"single-article__cover-wrap\">\n<figure class=\"single-article__cover\"> <img data-recalc-dims=\"1\" fetchpriority=\"high\" width=\"640\" height=\"431\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2026\/02\/why-secure-by-design-systems-are-non-negotiable-in-the-ai-era.jpg?resize=640%2C431&ssl=1\" class=\"single-article__cover-image wp-post-image\" alt decoding=\"async\" fetchpriority=\"high\" srcset=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/02\/why-secure-by-design-systems-are-non-negotiable-in-the-ai-era-1.jpg 7500w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/02\/why-secure-by-design-systems-are-non-negotiable-in-the-ai-era-1.jpg?resize=300,202 300w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/02\/why-secure-by-design-systems-are-non-negotiable-in-the-ai-era-1.jpg?resize=768,517 768w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/02\/why-secure-by-design-systems-are-non-negotiable-in-the-ai-era-1.jpg?resize=1024,690 1024w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/02\/why-secure-by-design-systems-are-non-negotiable-in-the-ai-era-1.jpg?resize=1536,1035 1536w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/02\/why-secure-by-design-systems-are-non-negotiable-in-the-ai-era-1.jpg?resize=2048,1380 2048w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/02\/why-secure-by-design-systems-are-non-negotiable-in-the-ai-era-1.jpg?resize=600,404 600w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/02\/why-secure-by-design-systems-are-non-negotiable-in-the-ai-era-1.jpg?resize=249,168 249w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/02\/why-secure-by-design-systems-are-non-negotiable-in-the-ai-era-1.jpg?resize=500,337 500w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/02\/why-secure-by-design-systems-are-non-negotiable-in-the-ai-era-1.jpg?resize=1002,675 1002w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/02\/why-secure-by-design-systems-are-non-negotiable-in-the-ai-era-1.jpg?resize=1251,843 1251w\" sizes=\"(max-width: 1002px) 100vw, 1002px\"><figcaption> Construction on an Oncor electricity power plant by the new Skybox Power Campus data colocation center in North Austin, Texas. Cybersecurity must be table stakes as the data center boom continues, this op-ed argues. (Getty Images) <\/figcaption><\/figure>\n<\/p><\/div>\n<\/header>\n<div class=\"single-article__content\">\n<div class=\"single-article__content-inner has-drop-cap\"> <html readability=\"138.38766321477\"><body readability=\"279.07948100381\"> <\/p>\n<p>Moody\u2019s recently <a href=\"https:\/\/www.datacenterdynamics.com\/en\/news\/moodys-predicts-3-trillion-global-data-center-investment-over-five-years\/\">reported<\/a> that global investment in data centers will surpass $3 trillion over the next five years, driven by AI capacity growth and hyperscaler demand. As big tech companies, banks, and institutional investors pour capital into these projects, data center developers and their financial sponsors must prioritze cybersecurity.<\/p>\n<p>Moody\u2019s said that data center investments made by the six largest U.S. cloud computing providers \u2014 Microsoft, Amazon, Alphabet, Oracle, Meta, and CoreWeave \u2014 approached $400 billion last year. The firm anticipates that annual global investment will grow by $200 billion over the next two years.<\/p>\n<p>Real estate firm Jones Lang LaSalle forecasted <a href=\"https:\/\/www.jll.com\/en-us\/insights\/market-outlook\/data-center-outlook\">similar<\/a> investment flows in a separate report published earlier this year, projecting that \u201cnearly 100 GW of new data centers will be added between 2026 and 2030, doubling global capacity.\u201d JLL said that this infrastructure investment \u201csupercycle,\u201d one of the largest in the modern era, will result in $1.2 trillion in real estate asset value creation and the need for roughly $870 billion of new debt financing.<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>In concert, these reports reflect a growing reality: Data centers are strategic, interconnected infrastructure supporting our manufacturing, national security, and communication systems. Cyber disruptions, whether through <a href=\"https:\/\/cyberscoop.com\/tag\/ransomware\/\">ransomware<\/a>, <a href=\"https:\/\/cyberscoop.com\/tag\/supply-chain\/\">supply-chain<\/a> compromise, or <a href=\"https:\/\/cyberscoop.com\/tag\/operational-technology\/\">operational technology<\/a> (OT) compromises, can cascade beyond a single facility, threatening grid stability, cloud services, economic activity, and public safety.<\/p>\n<p>Data centers are now critical hubs of energy demand and digital dependency. Their cybersecurity posture is directly tied to the resilience of the industrial and energy ecosystem that support them. For investors and stakeholders, cybersecurity should be fundamental to asset value and risk management. Strong cybersecurity directly affects uptime guarantees, regulatory exposure, insurance coverage, financing terms, and long-term valuation.<\/p>\n<p>The most significant cybersecurity risks now center on three critical areas: data center-grid convergence, supply-chain vulnerabilities, and secure-by-design considerations. Data center operators and their financial backers must address these interconnected threats to protect both individual facilities and the broader system they support. <\/p>\n<h4 class=\"wp-block-heading\" id=\"h-hardwired-for-risk\">Hardwired for risk<\/h4>\n<p>The cybersecurity challenge facing the data center supercycle stems from how these campuses are tightly coupled with both the public power grid and their own industrial control systems. As hyperscale and <a href=\"https:\/\/cyberscoop.com\/tag\/artificial-intelligence-ai\/\">AI<\/a>\u2011optimized facilities proliferate, their constant demand for high\u2011quality electricity shapes grid planning and reliability. These large campuses function less like traditional real estate and more like critical energy infrastructure nodes.<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>This shift comes as grid capacity tightens. The North American Electric Reliability Corporation (NERC) has <a href=\"https:\/\/thehill.com\/policy\/energy-environment\/5713838-electric-grid-ai-data-centers-nerc\/\">warned<\/a> that demand from new data centers will outpace energy supply growth in the coming years. A cyber incident that disrupts a major data center or degrades its industrial control systems can propagate into regional grid reliability issues, contract penalties, and broader economic disruption.<\/p>\n<p>At the same time, the OT running these sites \u2014 building management, systems, cooling controls, battery and generator management \u2014 create dense cyber\u2011physical exposure. Global insurer Marsh <a href=\"https:\/\/www.marsh.com\/en-gb\/industries\/real-estate\/insights\/invisible-threats-how-operational-technology-risks-can-physically-impact-data-centres.html\">notes<\/a> that events in these systems, whether from human error or cyberattack, can cause physical damage and significant business interruption. The 2021 OVHcloud data center fire in Strasbourg, France <a href=\"https:\/\/www.datacenterdynamics.com\/en\/analysis\/ovhcloud-fire-france-data-center\/\">destroyed an entire facility<\/a> and disrupted services for thousands of customers, showing how failures in fire protection and cooling systems rapidly escalate. into catastrophic loss. Those safety functions now run through interconnected, remote-access-enabled OT systems.<\/p>\n<p>Secure\u2011by\u2011design architectures for both grid\u2011side interfaces and on\u2011site OT are prerequisites for preventing this rapidly expanding energy\u2013data infrastructure from becoming a single, converged point of failure.<\/p>\n<h4 class=\"wp-block-heading\" id=\"h-supply-chain-integrity-first\">Supply-chain integrity first<\/h4>\n<p>AI\u2011optimized campuses depend on massive volumes of GPUs, high\u2011density servers, network appliances, OT controllers, and edge devices. Many of these components are designed, manufactured, or assembled in jurisdictions at the center of great\u2011power competition, particularly China. Reports warn that state-aligned actors could introduce backdoors, malicious firmware, or weaponize delivery timelines to create strategic outages.<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>Secure\u2011by\u2011design must start at procurement. Security-conscious procurement requires stringent vendor due diligence, diversification away from single\u2011country dependencies, hardware and firmware validation before deployment, and <a href=\"https:\/\/www.datacenterknowledge.com\/data-center-chips\/ai-chip-export-controls-a-new-challenge-for-data-center-operators\">alignment<\/a> with export controls and national\u2011security guidance on high\u2011risk equipment. The bill of materials (BoM) for a modern data center must be treated like a living threat surface, with traceability from chip manufacture through installation, including approved vendor lists, tamper\u2011evident logistics, and mandatory firmware attestation.<\/p>\n<p>Procurement teams need escalation paths for opaque supply chains, unexplained cost changes, or \u201cgray\u2011market\u201d alternatives, plus playbooks for rapidly substituting vendors when geopolitical shocks or sanctions make a product line unacceptable.<\/p>\n<p>Governance around supply\u2011chain risk must reach the same level as power, cooling, and uptime guarantees in contracts with hyperscalers and large tenants. Secure\u2011by\u2011design campuses will embed requirements for hardware provenance, firmware update hygiene, and ongoing vulnerability disclosure into master service agreements and construction\/operations contracts, with clear accountability when a supplier is implicated in espionage or sabotage.<\/p>\n<p>Data center sponsors who cannot prove supply\u2011chain integrity will face growing pressure from regulators, insurers, and investors who see hardware trust as a prerequisite for AI and cloud infrastructure resilience.<\/p>\n<h4 class=\"wp-block-heading\" id=\"h-securing-the-infrastructure-supply-chain-pipeline\">Securing the infrastructure supply chain pipeline <\/h4>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>Engineering secure-by-design campuses begins with assuming adversaries will target internet\u2011exposed and OT edge devices. Security architects must design environments that prevent any foothold at the edge from escalating into grid\u2011scale disruption or safety\u2011critical failure.<\/p>\n<p>Geopolitically motivated campaigns against energy infrastructure <a href=\"https:\/\/industrialcyber.co\/utilities-energy-power-water-waste\/energy-and-utilities-cyber-threats-escalate-as-ransomware-and-apt-activity-rise-cyfirma-reports\/\">are accelerating<\/a>. Recent Russia-nexus attacks on the Polish power system and Romania\u2019s national oil pipeline demonstrate that state\u2011linked and criminal groups see energy and digital infrastructure as leverage points. Last December, actors linked to Russia\u2019s Sandworm APT <a href=\"https:\/\/cert.pl\/en\/posts\/2026\/01\/incident-report-energy-sector-2025\/?utm_source=chatgpt.com\">compromised<\/a> remote terminal units (RTUs), firewalls, and communications gateways at Polish substations and distributed energy facilities.<\/p>\n<p><a href=\"https:\/\/cyberscoop.com\/cisa-warning-russian-cyberattack-poland-power-grid\/\">This precedent-setting cyberattack<\/a>\u2014the first to directly target distributed energy resources in a NATO member\u2019s power system\u2014is indicative of the current threat landscape. Sandworm\u2019s campaign underscores how fragile edge devices are and how vital it is to harden the gateways at the OT boundary. The first pillar of secure-by-design campuses is disciplined network segmentation that treats OT as a distinct, high\u2011consequence domain.<\/p>\n<p>OT networks should be carved into functional and geographic zones\u2014separating building management from generator controls, from battery systems, from grid\u2011interconnection protection\u2014with tightly controlled conduits between them, enforced by OT\u2011aware firewalls and protocol\u2011constrained paths.<\/p>\n<p>Hardware\u2011enforced unidirectional gateways and data diodes offer uniquely strong protection at key boundaries. Data diodes allow telemetry and process data to flow outward from OT to IT and monitoring systems while physically blocking any return path, sharply reducing the chances that a web-based intrusion can reach OT systems.<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>Data diodes should be placed at key demarcation points\u2014between the data center\u2019s OT and corporate IT, between on\u2011site generation controls and the broader campus, and at interfaces with utility systems\u2014so operators preserve visibility without exposing those domains to bidirectional network risk.<\/p>\n<p>A second foundational element of secure\u2011by\u2011design campuses is a clear, continuously maintained <a href=\"https:\/\/www.infrashield.com\/blog\/posts\/nsas-ot-asset-inventory-guide-is-a-critical-resource-for-industrial-operators\/\">OT asset inventory<\/a> capturing every PLC, RTU, relay, drive, building controller, gateway, sensor, and engineering workstation, along with its network location, firmware version, vendor, and criticality. Effective segmentation depends on knowing what you have and how it communicates.<\/p>\n<p>Operators cannot isolate critical power and cooling functions, or confidently place diodes and firewalls, without understanding which devices participate in those functions and which paths they rely on. This inventory must fully cover the same class of gateways and field devices abused in the Polish grid attack.<\/p>\n<p>When asset inventories are linked to configuration and <a href=\"https:\/\/www.infrashield.com\/vtraq.html\">vulnerability management<\/a>, operators can quickly identify exposed OT devices when they are approaching end of life or when new flaws are disclosed. A comprehensive OT asset inventory also enables security teams to quickly locate high\u2011risk remote access paths and prioritize segments for additional hardening.<\/p>\n<p>Secure\u2011by\u2011design engineering mandates the mitigation of accelerating cyber risks posed by remote access gateways and the mass-automation of industrial functions. Every orchestration platform, management API, and remote session is a potential high\u2011impact attack vector. This threat model requires consolidating OT access through hardened jump hosts with strong authentication and just\u2011in\u2011time privileges; sharply limiting what automation tools can change on OT networks, enforcing strict segregation between automation platforms and safety\u2011critical functions, continuously monitoring automated and remote actions, and hardening configuration\u2011management workflows.<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>Lastly, secure\u2011by\u2011design architecture demands OT\u2011aware visibility that can actually see and understand what is happening on control networks. This means instrumenting OT segments with monitoring tuned to industrial protocols and behaviors, correlating alerts with asset context, and wiring those insights into playbooks that can quickly isolate, triage, and physically replace compromised edge devices before an intrusion escalates.<\/p>\n<h4 class=\"wp-block-heading\" id=\"h-resilience-is-the-only-path-to-funding\">Resilience is the only path to funding<\/h4>\n<p>The threat modeling, procurement, and design best practices detailed here directly constrain the blast radius of geopolitically charged campaigns that threaten data center reliability and safety. Data center developers, operators, and investors need this systems\u2011level blueprint for building AI\u2011era campuses that remain resilient as the energy and threat landscape becomes more contested.<\/p>\n<p>Banks and institutional sponsors are deploying trillions of dollars in construction, fit\u2011out, and power capacity on the assumption that AI demand will translate into durable, high\u2011availability cash flows. Underinvesting in cybersecurity directly threatens covenants, refinancing options, insurance coverage, and asset valuation. Outages, safety incidents, or regulatory findings will capsize the investment thesis.<\/p>\n<p>The campuses that will secure the best financing over the next decade will be those that can point to their secure\u2011by\u2011design architectures, campus-wide OT governance, and defensible supply\u2011chain practices. In this intertwining infrastructure supercycle and macro OT threat environment, power usage efficiency (PUE) metrics and fast build schedules will matter less that proven security safeguards.<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>The stakes are escalating rapidly. Developers and utilities are pairing energy\u2011hungry data centers with small modular reactors (SMRs) and other non\u2011traditional power generation. These campuses will converge with the security and risk profile of nuclear and high\u2011hazard industrial facilities, bringing heightened regulations and adversary interest.<\/p>\n<p>SMR data centers fundamentally change the threat model. When nuclear systems sit alongside AI clusters, secure-by-design takes on a new dimension. Operators, investors, regulators, and security professionals must prepare for this convergence. The integration of compute and power generation creates a dynamic that demands the security rigor of both digital and infrastructure and nuclear facilities. The window to build these protections into design is closing.<\/p>\n<p><em>Jeffrey Knight is Director of Global Critical Infrastructure Services at <a href=\"https:\/\/www.infrashield.com\/\">InfraShield<\/a>. Jeff brings more than 35 years of experience in nuclear engineering and cybersecurity across the Department of Defense (DoD), SWIFT, the NRC, and the Department of Energy (DOE) National Laboratory complex.<\/em><\/p>\n<p><\/body> <\/p>\n<footer class=\"single-article__footer\" readability=\"2.9779735682819\">\n<div class=\"author-card\" readability=\"13\">\n<div class=\"author-card__avatar\">\n<figure class=\"author-card__image-wrap\"> <img data-recalc-dims=\"1\" decoding=\"async\" class=\"author-card__image\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2026\/02\/why-secure-by-design-systems-are-non-negotiable-in-the-ai-era.png?w=640&ssl=1\" alt=\"Jeffrey Knight\"> <\/figure>\n<\/p><\/div>\n<p><h4 class=\"author-card__name\">Written by Jeffrey Knight<\/h4>\n<p> Jeffrey Knight is Director of Global Critical Infrastructure Services at InfraShield. Jeff brings more than 35 years of experience in nuclear engineering and cybersecurity across the Department of Defense (DoD), SWIFT, the NRC, and the Department of Energy (DOE) National Laboratory complex. <\/p>\n<\/p><\/div>\n<div class=\"single-article__tags-container\">\n<h4 class=\"single-article__tags-title\">In This Story<\/h4>\n<\/p><\/div>\n<\/footer>\n<p> <\/html><\/div>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"single-article__ads js-single-article-sidebar\">\n<div class=\"ad ad--sidebar js-single-article-sidebar-5 ad--rightrail_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-4 ad--rightrail_2 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-3 ad--rightrail_3 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div><\/div>\n<\/article>\n<div class=\"popular-stories popular-stories--single-post\">\n<div class=\"popular-stories__container\">\n<h2 class=\"popular-stories__title\"> More Scoops <\/h2>\n<p>  <\/div>\n<p>\n<\/div>\n<p> <\/p>\n<section class=\"latest-podcasts\">\n<h2 class=\"latest-podcasts__title\"> Latest Podcasts\t<\/h2>\n<\/section>\n<div class=\"top-categories\">\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Government<\/h3>\n<\/p><\/div>\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Technology<\/h3>\n<\/p><\/div>\n<\/p><\/div>\n<p> <\/main> <\/p>\n<div class=\"ad ad--bottom \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div id=\"interstitial\" class=\"welcome__container\"> <button id=\"close-modal-1\" class=\"welcome__clickable_area\"><\/button> <\/p>\n<div class=\"welcome__ad_wrapper\">\n<p> <button id=\"close-modal-3\" class=\"welcome__continue-button\">Continue to CyberScoop<\/button> <\/p>\n<\/p><\/div>\n<\/p><\/div>\n<p>   <\/body> <a href=\"https:\/\/cyberscoop.com\/data-center-security-ai-infrastructure-investment-op-ed\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Why \u2018secure-by-design\u2019 systems are non-negotiable in the AI era |<\/p>\n","protected":false},"author":11,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[235,280,413,78,767,2807,874,1276,1768,1813],"tags":[236,284,415,86,769,2808,876,1278,1773,1814],"class_list":["post-8353","post","type-post","status-publish","format-standard","hentry","category-ai","category-commentary","category-critical-infrastructure","category-cybersecurity","category-data-centers","category-op-ed","category-operational-technology","category-secure-by-design","category-software-bill-of-materials","category-supply-chain","tag-ai","tag-commentary","tag-critical-infrastructure","tag-cybersecurity","tag-data-centers","tag-op-ed","tag-operational-technology","tag-secure-by-design","tag-software-bill-of-materials","tag-supply-chain"],"featured_image_urls":{"full":"","thumbnail":"","medium":"","medium_large":"","large":"","1536x1536":"","2048x2048":"","chromenews-featured":"","chromenews-large":"","chromenews-medium":""},"author_info":{"display_name":"Cyber Scoop","author_link":"https:\/\/ddi.mohflo.net\/index.php\/author\/cyberscoop\/"},"category_info":"<a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/ai\/\" rel=\"category tag\">AI<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/commentary\/\" rel=\"category tag\">Commentary<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/critical-infrastructure\/\" rel=\"category tag\">critical infrastructure<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/cybersecurity\/\" rel=\"category tag\">Cybersecurity<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/data-centers\/\" rel=\"category tag\">data centers<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/op-ed\/\" rel=\"category tag\">op-ed<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/operational-technology\/\" rel=\"category tag\">operational technology<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/secure-by-design\/\" rel=\"category tag\">secure-by-design<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/software-bill-of-materials\/\" rel=\"category tag\">software bill of materials<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/supply-chain\/\" rel=\"category tag\">supply chain<\/a>","tag_info":"supply chain","comment_count":"0","jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/8353","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/users\/11"}],"replies":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/comments?post=8353"}],"version-history":[{"count":0,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/8353\/revisions"}],"wp:attachment":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/media?parent=8353"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/categories?post=8353"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/tags?post=8353"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}

{"id":8353,"date":"2026-02-17T05:00:00","date_gmt":"2026-02-17T11:00:00","guid":{"rendered":"https:\/\/cyberscoop.com\/?p=87787"},"modified":"2026-02-17T05:00:00","modified_gmt":"2026-02-17T11:00:00","slug":"why-secure-by-design-systems-are-non-negotiable-in-the-ai-era","status":"publish","type":"post","link":"https:\/\/ddi.mohflo.net\/index.php\/2026\/02\/17\/why-secure-by-design-systems-are-non-negotiable-in-the-ai-era\/","title":{"rendered":"Why \u2018secure-by-design\u2019 systems are non-negotiable in the AI era"},"content":{"rendered":"