New national strategy to strengthen cyber security in Denmark

19-06-2018

The Danish government has presented a new national strategy for cyber and information security. With its 25 concrete initiatives, the strategy will strengthen government security, improve the competences of the population, and ensure far more coordinated efforts and initiatives.

""

Denmark is at the forefront in the use of digital solutions. However, cyber and information security does not look quite as good. Attacks by ICT criminals have increased in number and become more advanced, and this puts new demands on security management for the authorities, businesses and citizens.

A new national strategy for cyber and information security will rectify this situation. The strategy was presented at a press conference on Tuesday 15 May 2018 by the Minister for Public Sector Innovation, Ms. Sophie Løhde, the Minister for Defence, Mr. Claus Hjort Frederiksen, and the Minister for Economic and Business Affairs, Mr. Brian Mikkelsen.

Ensuring digital security for society is no easy task. We don’t only have to protect ourselves against various types of attack, we also have to protect ourselves against system breakdown, supplier errors, and unintentional security breaches by employees. This requires different initiatives to those we’ve been used to, and now we’ve got a really good strategy to help us.

Ms. Rikke Hougaard Zeberg, Director-General of the Agency for Digitisation, Ministry of Finance

Stronger security and more coordination

One of the most important focus areas in the strategy is better protection of IT systems and data operated by the government and by other critical sectors. These sectors are the telecommunications, financial, energy, healthcare, transport, and maritime sectors. For example, an attack targeting ICT systems at power stations or hospitals could paralyse large parts of society with major consequences for humanity.

Therefore, the strategy will increase focus on work in six critical sectors to prevent and manage serious cyberattack. Among other things, before the end of 2018, the sectors will each have established a dedicated cyber and information security unit. These units will help prepare sector-specific threat assessments and emergency preparedness exercises and drills.

The authorities must also be much better at managing and coordinating work so that everyone is geared to the current threat scenario, both with regard to prevention, and in the event of an actual attack.

Digital competencies through training and information

Another important focus area is to improve citizens’ digital competencies. Digital competencies and security will be incorporated throughout the educational system, from primary and lower secondary education to research at universities. This will ensure that children and young people develop digital judgment and that more employees are aware of cyber and information security.

It should also be easier for the individual citizen to obtain information about secure online behaviour and about what to do if things go wrong. Therefore, one common information portal will be set up for citizens, businesses, and authorities, with information about current threats, as well as tips on how to protect data. This is just one of the initiatives in which the Agency for Digitisation will be playing a pivotal role.

Read about the strategy

Facts about the strategy

The Danish Cyber and Information Security Strategy 2018-2021 brings together a series of initiatives to help improve the national level of cyber and information security. The strategy includes elements from the 2018-2023 Defence Agreements and from the Strategy for Denmark’s digital growth.

The strategy includes 25 initiatives and six targeted strategies addressing cyber and information security efforts by the most critical sectors. The strategy will enhance the technological resilience of digital infrastructure, improve citizens’, businesses’ and authorities’ knowledge and skills, and it will strengthen national coordination and cooperation in the area.