Cybersecurity Operations and AI Carry Hidden Climate Costs
As cyber threats increase, the energy used to defend against them also rises, creating a significant environmental impact. In Q2 2024 alone, cyberattacks surged by 30%, reaching 1,636 weekly incidents. This growing demand for cybersecurity defenses strains global energy use and adds to the carbon footprint of organizations worldwide.
Hidden Environmental Cost of Digital Defense
Data centers are often seen as the main culprits in energy consumption, using between 240 and 340 terawatt-hours annually—about 1% to 1.3% of global electricity. But the environmental cost of cybersecurity goes beyond this. Security-specific infrastructure and processes add further strain.
In Australia, data center energy demand is expected to rise sharply, potentially reaching 15% of national electricity generation by 2030. This increase could result in Scope 2 emissions hitting 8 million tons, roughly 2% of Australia's total emissions. Globally, data centers emitted 105 million metric tons of CO2 in 2024, a 300% jump since 2018. This trend could lead to 2.5 billion metric tons of CO2-equivalent emissions by 2030.
SIEM: The Carbon-Intensive Guardian
Security Information and Event Management (SIEM) systems are a major contributor to cybersecurity’s carbon footprint. Around 75% of their costs are operational, largely due to the computational power needed for continuous log analysis and monitoring. SIEM platforms handle huge volumes of data non-stop, driving up energy use.
Retail and software industries represent 27% of SIEM demand, further magnifying energy consumption. A research initiative from Wavestone and Campus Cyber developed a method to assess greenhouse gas emissions from security controls by asking:
- Does this control use many endpoints?
- Does it require numerous servers?
- Does it depend on large amounts of network equipment and bandwidth?
Continuous Monitoring: The 'Always-On' Carbon Problem
Continuous monitoring and real-time threat detection require cybersecurity tools to run non-stop. Unlike many business applications, these systems cannot scale down during low demand. They rely on redundant infrastructure and distributed monitoring centers, all consuming energy around the clock.
With the rise of electric vehicles, distributed energy resources, and connected devices, potential cyberattacks on electricity systems become more concerning. This pushes organizations to adopt even more comprehensive monitoring, creating a cycle of increasing energy use.
The Cryptocurrency Malware Paradox
Energy consumption linked to cryptocurrency mining malware protection is particularly ironic. Bitcoin mining alone consumed 173.42 terawatt-hours in 2020–2021, producing roughly 85.89 million metric tons of CO2-equivalent emissions. Organizations deploy advanced anti-malware and network monitoring to block unauthorized crypto mining, but these defenses also consume significant energy.
In 2022, crypto mining and data centers together accounted for 2% of global electricity demand, with forecasts suggesting this could rise to 3.5% within three years. This creates a double environmental burden as both legitimate mining and its defense require massive energy.
Environmental Cost of Security
High-availability security setups demand redundancy, which multiplies energy use. Security operations centers maintain primary and disaster recovery sites with real-time data replication. Backup power systems, such as diesel generators and uninterruptible power supplies, add to emissions. Cooling infrastructure also contributes significantly.
While cloud-based security solutions tend to be more energy-efficient than on-premises setups, their environmental impact is often overlooked. Gains in energy efficiency can be overshadowed by the scale of deployments. AI can reduce energy use in data centers, but the rapid adoption of AI technologies, including AI-powered security tools, may increase overall energy demand.
The Australian Regulatory Response
Australia is taking steps to address the environmental impact of cybersecurity and data centers. The National Greenhouse and Energy Reporting (NGER) Act 2007 and the Treasury Laws Amendment Act of 2024 require large corporations to report greenhouse gas emissions and energy consumption starting in 2025.
The Digital Transformation Agency enforces these regulations within data centers, increasing compliance obligations for organizations with significant cybersecurity infrastructure.
Toward Carbon-Conscious Cybersecurity
Cybersecurity teams must integrate environmental impact into their risk assessments. Practical steps include migrating to cloud-based security solutions, which can be up to 98% more energy-efficient than on-premises alternatives. Organizations should adopt energy-efficient protocols and partner with vendors committed to sustainability.
Mapping security controls by their greenhouse gas emissions and risk coverage helps prioritize reductions. Workshops can identify ways to lower emissions without compromising security.
Data lifecycle management offers immediate gains. Security platforms, especially SIEMs, generate and store vast amounts of data. Using eco-friendly storage classes for data that doesn’t require fast access reduces costs and carbon emissions.
The Path Forward
Aligning cybersecurity with environmental sustainability addresses key development goals like sustainable cities, innovation, and clean energy. Operations leaders must recognize that sustainability is now a core aspect of cybersecurity strategy.
Meeting this challenge requires both technology innovation and strategic changes. Measuring the ecological footprint of cybersecurity activities is the first step, followed by action plans that include:
- Using renewable energy sources
- Optimizing data retention policies
- Implementing energy-efficient security architectures
- Choosing vendors with strong environmental credentials
For those interested in expanding their knowledge on AI and cybersecurity technologies, exploring courses that focus on sustainable AI practices can be valuable. Visit Complete AI Training to find resources on the latest AI tools and strategies.
Your membership also unlocks:
