Division for Cyber and Information Security

The Division for Cyber and Information Security focuses on strengthening information security in the public sector and among citizens. The division also contributes to managing the security of the major public ICT services managed by the agency.

The responsibilities of the division stem from various strategies and initiatives that aim to set the framework for, and develop knowledge and awareness of cyber and information security on a national level.

Strategies for information security in the public sector

In collaboration with other ministries, the division leads the work on the Danish National Strategy for Cyber and Information Security, where one goal is to ensure that information security continuously develops with the overall digitisation and cyber risks in Denmark. Together with the Danish Center for Cyber Security, the division also functions as secretariat for the steering committee for the national strategy and for the national public-private Cyber Security Council.

The division is also responsible for implementing several of the initiatives in the strategy, including the preparation of technical minimum-security requirements for the national government authorities and the development and operation of the website sikkerdigital.dk. In addition, the division manages initiatives on information security in the Danish Digital Strategy concerned with ensuring a high level of knowledge of information security. The initiatives are implemented in close collaboration with Local Government Denmark, the Danish Regions, the Center for Cyber Security, and various other ministries.

One standard for information security: ISO/IEC 27001

A central part of the divisions work is to implement the ISO/IEC 27001 standard in the Danish national government. ISO 27001 sets the framework for a large part of the security work in national government authorities, and the Division for Cyber and Information Security ensures that experiences of working with the standard is shared amongst the information security coordinators, and other responsible employees, across ministries.

The division develops various types of guidance materials and tools, which covers various topics related to information security. Every year the division organises a series of workshops and meetings with ISO/IEC 27001, and other topics related to information security, on the agenda.

Finally, the division is responsible for monitoring compliance with ISO 27001 in the public sector, which is done through regular surveys.

Citizens and Danish authorities on sikkerdigital.dk

Large parts of the materials developed by the division are intended to help Danish authorities and residents to improve their information security. An important platform in this regard is sikkerdigital.dk, which is edited and developed by the division, in collaboration with the Danish Business Authority.

Visit sikkerdigital.dk (in Danish)

The division further hosts the National Identity Theft Hotline. The hotline assists citizens who suspect or have been victims of digital identity theft. The advice from the hotline aims to improve safety, provide an overview of what to do, and help those targeted to prevent future identity theft.

Learn more about the National Identity Theft Hotline at sikkerdigital.dk (in Danish)

Governance of information security in the Agency for Digital Government and the Minstry of Finance

The division is responsible for servicing the joint information security committee in the Ministry of Finance, which includes developing, maintaining and administrating the security paradigm of the ministry. The division has a similar role internally in the Agency for Digital Government, where it is also coordinating agency work on implementing ISO 27001, conducting risk assessments, managing incidents, ensuring compliance etc.