WITHOUT AN AMBITIOUS CYBER POLICY, OUR GREATEST STRENGTH WILL BECOME OUR ACHILLES’ HEEL
Minister for Digitization Marie Bjerre (V)
As the minister for digitization, I keep a close eye on everything that threatens our digital systems. And unfortunately, there are plenty of threats. Hostile and criminal forces attempt to locate and exploit our weaknesses every day. Cybercriminals, in particular, are a threat to Danish companies. Comparing this to the level of security in Danish SMEs, where 44 per cent have too low a level of security about their risk profile, it is potentially a very serious situation.
It seems abstract. But it quickly becomes very concrete for the small company that suddenly loses access to customer and supplier information or where a cyber-attack halts the entire production. In these instances, the company is left with employees that can’t work, customers that don’t receive their products or a stock that the company no longer has control over. When the small business owner wakes up to this reality, it is no longer abstract, and, in the worst cases, a cyber-attack can force the company to turn the key. Most companies cannot afford to lose access to their digital systems, as they’ve used these same systems to become better companies. I find it pertinent to take further actions to help strengthen security in Danish SMEs. And as the new minister for digitization, I see this as one of my most important tasks.
An ambitious cyber policy
There is no single solution to cyber threats. But we should focus more on strengthening competencies – among employees and specialists. In addition, we must increase the awareness of cyber threats while emphasising the benefits of being on top of your security – for instance, by making the D-seal more widespread. We must continue to strengthen the collaboration between the public and private sectors. And we must provide even better guidance and support to ensure that companies have the necessary information and tools to improve their security. We’ve already mobilised close to DKK 50 million through SME: Digital, which has gone directly towards improving digital security in SMEs.
As part of our strengthened guidance efforts, we opened a new cyber hotline on March 1 to help citizens and companies get a handle on digital security. When calling this cyber hotline, companies can receive guidance on preparing themselves against digital threats such as ransomware, invoice fraud and phishing. They can also receive help and advice if they find themselves in the difficult situation of being a victim of a cyber-attack. The cyber hotline extends our already extensive guidance efforts at sikkerdigital.dk. And the hotline is a good tool to help even more companies and citizens with their digital security.
We’ll also be regulating the most critical parts of our digital systems. We’re currently negotiating the Cyber Resilience Act with the other member states of the EU, and the NIS2 Directive is about to be implemented in Danish legislation. The new rules will make Denmark and Danish companies safer. The task will vary across companies and be more challenging for some companies than others, as we see great variation in our business sector. So, when we implement the rules and provide guidance to companies, we must keep an eye on the companies’ differences. Good implementation and good guidance of the rules will be able to limit burdens and heighten security in the Danish business sector.
As mentioned, strengthening cybersecurity in the Danish business sector is one of my most important tasks. This task must be solved in close collaboration with the business sector, which plays the main part here. We need to collaborate with our partners in the private sector – it’s out there among companies that the day-to-day cyber defence will be tested. For this reason, we have a joint Cyber Security Pact, where both my ministry, the Centre for Cyber Security and many private organisations have committed to several shared objectives. These include creating new collaborations across sectors.
This example is the kind of collaboration necessary to solve the enormous challenges we face in cyber security. These are not challenges any of us can solve alone. And if we fail to address them, our digital strength becomes our weakness.