Hundreds of new high-value sites are being stood up in remote locations with thin local security. The threat profile has already arrived.
The race to power generative AI has put the data centre industry into a build cycle that nobody planned for.
Goldman Sachs forecasts that data centre power demand will grow by around 160 percent by 2030, driven almost entirely by AI workloads. The International Energy Agency expects global data centre electricity consumption to roughly double between 2022 and 2026. McKinsey lands in similar territory, with global capacity demand projected to grow at around 22 percent a year through to the end of the decade.
What those numbers translate to on the ground is something the security industry has been grappling to catch up with. To stand up the gigawatts of new capacity these forecasts imply, operators are pushing into locations they would not have considered five years ago. Rural counties with surplus grid capacity. Former industrial sites with cheap land. Remote regions where the climate keeps cooling costs down. The footprint per site has grown alongside the count, often to hundreds of acres of fenced perimeter sitting on the edge of communities that have no comparable history of protecting critical infrastructure at that scale.
This is the softer target problem. Each new site is high value by any reasonable measure, with irreplaceable processing capacity, customer-facing service-level agreements, and growing designation under national critical-infrastructure frameworks. The security profile that ought to come with that designation has often not caught up. Local police forces are smaller, private security capacity in rural markets is thinner, and the supporting infrastructure that an urban data centre takes for granted, from rapid response times to integrated CCTV networks across neighbouring sites, sits much further from the fence line.
The threats at a modern AI data centre site look different to the ones most legacy security systems were specified against. Four categories are now appearing consistently in operator risk registers.
Attacks on the substations, fibre routes, cooling plants, and fuel storage that sit around a data centre have increased over the past two years. Coordinated incidents across multiple sites have already taken facilities offline by hitting utilities, fibre routes and substations alone. The perimeter and assets that matters now includes every utility easement, cable run, and generator yard the site depends on.
AI data centres host model weights, training data, and proprietary infrastructure that strategic adversaries are actively targeting. Physical access to a fibre route or maintenance corridor is a credible vector, and one that perimeter monitoring is expected to detect long before anyone reaches a rack.
With copper prices elevated and a forecast supply deficit of up to 10 million metric tons by 2040, the economics of stripping cabling, busbars, and earthing systems out of remote construction sites have become more attractive to organised crime. Substations and backup power infrastructure connected to data centres are the most frequently hit assets. Remote locations make the calculus easier still, with fewer witnesses, fewer passing vehicles, and longer response times.
Grassroots resistance to data centre development is now reshaping site planning for new AI builds. February 2026 saw Malaysia's first protest at a construction site. Spain's Aragon region, Finland, France, Chile, and the Netherlands have all seen sustained opposition campaigns this year, with examples of activists blocking access roads, occupying sites, and damaging equipment. Most of this activity remains peaceful, although it can still halt construction schedules, breach perimeters, and create safety incidents that operators are then accountable for.
For the on-site security, the perimeter is being asked to identify the nature of every approach. Is it a contractor on a permit, a protester chained to a gate, a copper-theft crew with cutting equipment, or someone quietly burying something next to the perimeter cable run? And the perimeter is being asked to do it across an asset that often runs to several kilometres of fence line, in environments where local response capacity is limited.
Two technologies have done most of the perimeter security work at data centre sites historically, and both show their age in this environment.
CCTV-led perimeter strategies depend on operator attention. At hyperscale, with kilometres of fence line and dozens or hundreds of cameras, the operator can only watch a fraction of the feed at any moment. The model relies on motion analytics or operator scanning, which works at smaller footprints and degrades quickly as the perimeter grows. In a rural setting, response times at the other end of any alert are also longer, which compounds the cost of every delay in detection.
Traditional fence-mounted sensors carry a different problem. They detect movement on the fabric of the fence, which sounds straightforward until the fence is sitting in open terrain where wind, wildlife, weather, and passing vehicles generate near-constant signal. The result is one of the oldest problems in perimeter security: nuisance alarms. The operator either responds to everything, exhausts the team, and loses trust in the system, or filters aggressively, and risks missing the event that mattered. Neither outcome is acceptable on a site designated critical infrastructure by its government and its customers.
The thing both technologies share is that they react to motion without understanding what kind of motion they have seen. That gap is what AI-driven fibre optic detection was built to close.
A distributed acoustic sensing (DAS) platform turns the fibre optic cable itself into the sensor. The cable runs the length of the fence line, or covertly buried alongside it, and the system analyses the signature of every event along its length. The interrogator sits at the end of the run, doing the work that point detectors and field electronics would otherwise be doing in dozens of places along the perimeter.
Aura Ai-X applies deep-learning classification to that signature. The system is trained to recognise the specific patterns of climbing, cutting, digging, vehicle approach, and pedestrian movement, and to filter the ambient signals that dominate an open-terrain perimeter. A bird on the fence is classified and dismissed. A weather event is classified and dismissed. A crew approaching the fence with cutting equipment is classified, located along the cable to within metres, and reported to the security operations centre with the event type and the exact position on the perimeter.
There is a second use case worth naming, because it is increasingly relevant to data centre sites with large, irregular footprints. Some operators install the fibre underground, away from the fence line, specifically to monitor activity inside the secure boundary or across approaches the fence does not cover. Ground disturbance, vehicle movement on access tracks, and unauthorised digging near buried infrastructure all generate distinctive signatures that the system can pick up. The same technology that secures the perimeter can monitor the site behind it.
On a hyperscale site, that has security design consequences. A single interrogator covers up to 80 kilometres of fenced perimeter on one fibre run, which means the system scales with the site rather than against it. Integration with the video management system means the closest camera is automatically cued to the location, so the operator responds to a confirmed, located, classified event rather than scanning a wall of feeds looking for the source of an alarm.
For a site in a remote location with limited local response capacity, that distinction carries the entire value of the system. The decision to dispatch, escalate, or stand down is being made on better information, which is the single most important determinant of whether a perimeter holds when it has to.
The AI build cycle is not slowing. The forecasts above point to at least another half-decade of accelerating capacity demand, with the geography of new sites continuing to push into locations that do not have the security infrastructure of established hubs. The cost of getting perimeter security right at that geography is a small fraction of the cost of getting it wrong.
For operators specifying new sites, and for integrators advising them, the choice is whether to keep relying on technologies designed for a previous generation of asset, or to specify a perimeter security and monitoring model engineered for the scale and ambient noise these environments actually present.
Aura Ai-X is deployed across critical infrastructure sites globally, including data centre operators, transport authorities, corrections agencies, and energy companies. For a technical briefing or to discuss a specific site, visit fftsecurity.com or contact the FFT team directly.