We regularly receive examples of authentic-looking scam e-mails, in which Danish citizens are encouraged to send their confidential NemID details (NemID is the Danish public sector digital signature solution). Fortunately, the vast majority of Danes know they should not reply to these mails, but simply delete them.
It is crucial for continued public confidence that we in the public sector safeguard people’s data and ensure that the information is not misused. With this in mind, the Danish Government launched a national strategy for cyber and information security in December, which we at the Agency for Digitisation will have a significant role to play in implementing. With the Strategy for Cyber and Information Security, the Government’s aim is to maintain and strengthen public and corporate confidence in Denmark remaining a country where it is safe and secure to use digital services.
Our contribution is to professionalise central government efforts to enhance risk management and information security. For example, we are currently developing a new supervisory concept for the public sector that will provide government ministries with a better overview of their ICT supervision and thus prevent critical incidents where, for example, the data of citizens become exposed. Within this framework, the ministries will receive instructions on how to improve their supervision of ICT use and information security by means of the internationally recognised security standard ISO27001, protective measures against cyber threats, etc. These are just some of our initiatives designed to enhance the ability of public authorities to safeguard the data of Danish citizens.
Information security will naturally also be an important focus area in the next public sector digitisation strategy, which we have now begun work on preparing. This work will also focus on information security in regions and municipalities. Already this year we will start preparing an information campaign aimed at raising security awareness among citizens and businesses. The initiatives comprise, among other things, a campaign to increase knowledge about cyber and information security in Danish primary and lower secondary schools in order to make Danish citizens aware at an early age that they also have a responsibility to safeguard themselves and their data.
We cannot possibly deliver this difficult agenda on our own, and therefore we collaborate broadly across the public sector and with important private actors, such as banks. This collaboration will be strengthened in the years ahead.