FEATURE
Regulatory drivers
Hosting decisions for data and applications are increasingly shaped by data sovereignty and resilience laws, which influence both location and interconnection design. For financial services, the Digital Operational Resilience Act, applicable from January 2025, marks a pivotal regulatory milestone for the EU and the European Economic Area.
It requires regulated financial entities and their technology partners, such as data centres, to demonstrate their ability to withstand ICT disruption and report major incidents swiftly.
This points to a broader direction of travel. By 2030, international standards are likely to provide the backbone for simpler cross-border compliance without unnecessary duplication.
ISO standards provide recognized benchmarks for security, continuity and sustainability. They establish a unified control framework that spans multiple regimes through a single, coherent set of control.
In practice, certifications such as ISO / IEC 27001 and ISO / IEC 27701 are frequently requested and often mapped to NIS2 and DORA requirements in the EU and EEA. Meanwhile, NIST’ s updated Cybersecurity Framework reinforces this consistency, giving stakeholders a shared model for risk management as digital operations scale across borders.
For data centres, these frameworks chart a clearer path to evidencing resilience and sustainability at a time when AI, increasing power density and new cooling methods are reshaping operations.
Ultimately, ISO and NIST provide common ground for aligning national rules, supporting the global spread of AI and cloud while keeping within diverse legal boundaries. www. intelligentcio. com
INTELLIGENT CIO APAC
37