Denmark (DK)

Current status: National Cyber Security Strategy

The Danish government published its second national cybersecurity strategy (Danish Cyber and Information Security Strategy) in May 2018 alongside an investment of DKK 1.5 billion investment plan for the period 2018-2021. The strategy ties together various national efforts, such as the 2018-2023 Defence Agreement, with significantly reinforced measures to protect national IT assets and infrastructure against cyber threats. 

The government has launched 25 initiatives and 6 targeted strategies aimed at the most critical sectors’ cyber and information security efforts to enhance the technological resilience of IT infrastructure, improve the knowledge and skills of authorities, businesses and citizens and strengthen coordination and cooperation. 

The strategy covers 11 out of the 15 strategic goals in the ENISA self-assessment classification. These goals are: Cybercrime; citizen's awareness; critical Information Infrastructure Protection; national cyber contingency plans; international cooperation; incident response capability; baseline security requirements; incident reporting mechanisms; R&D; cyber security exercises; training and educational programmes. 

 

 

EDUCATION AND TRAINING IN THE NATIONAL STRATEGY

Government or Sector Reports 

The Danish Centre for Cyber Security has published several reports on threats to Danish authorities and private companies with recommendations on how to counter them, such as making targeted efforts to improve processes, technology and behaviour, including regular risk analyses, prioritising requires protection and understanding the potential consequences of a data breach. From a technology viewpoint, actions include improving knowledge of in-house IT infrastructure and processes and regular identification and patching of system vulnerabilities. Behavioural measures should be aimed at raising user awareness of the cyber threat and establishing staff training programmes that teach employees safe cyberspace behaviour. In addition, companies and public authorities should implement cyber attack contingency plans.

In December 2020, the Centre published a report on the increased threats emerging during the COVID-19 pandemic, primarily coming from criminal hacker groups upgrading their cyber tools and renewing their collaborative relationships and activities. This updated threat assessment is aimed at informing decision-makers in private companies and public authorities of changes to hacking activities over the past year to ensure they increase their alertness to an evolving cyber risk landscape. 
Report: Cyber criminals rearm in the shadow of the pandemic.

 

Cybersecurity education in the national strategy

Filling the skills gap: The national strategy highlights a serious lack of employees with digital and technological skills in Danish businesses with a growing demand for engineers, computer scientists, biostatisticians and other personnel with digital skills. The Danish government has made a technology pact to increase the number of young people taking an interest in technology and digital skills and wishing to train in these fields. The government target is to ensure that 20% more young people complete a vocational or higher education programme over a 10-year period in STEM disciplines (technology, ICT, natural sciences and mathematics).

Strategic goals for cybersecurity education:
Acquisition of digital judgement and competences through the educational system: Joint efforts to raise awareness of security challenges for children, young people and teachers.

Development of continuing and further education and training programmes, as well as teaching material and awareness drives on cyber and information security for teachers, pupils and students. 
 

Cybersecurity Research in the National Strategy Government-allocated funding for technological research, including funds for the RESEARCH2025-team (FORSK2021) project under the Ministry of Higher Education and Science (New technological possibilities under the Innovation Fund Denmark). The focus is on generating knowledge about new models and tools to assess threats, knowledge to bolster the infrastructure against attacks, knowledge to help improve the ability of authorities and businesses to find attackers. 
 
Higher Education Courses on Cybersecurity
  • Technical University of Denmark – Master Degree in Cyber Security Year established: 2020. Student intake: 60. European Credit Transfer System (ECTS): 60. Focus: System security, network security, component security, SW security. 
  • Aalborg University – Master Degree in Cyber Security. Year established: 2020.  Student intake: 60. European Credit Transfer System (ECTS): 120. Focus: System security, network security, component security, SW security. 

Public Private Partnership

The national strategy sets out plans for a corporate partnership aimed at increasing ICT security within the Danish business community and making it one of Denmark’s strengths through public-private collaboration and the exchange of knowledge between key players. A Business Advisory Board, Virksomhedsrådet for It-sikkerhed, is tasked with making regular recommendations to the government and business community on strengthening the framework for businesses’ ICT security and responsible data handling.

Industry organised (i.e. business or industry cybersecurity councils):

  • The Council for Digital Security is a security and privacy advocacy group comprised of 20 private sector and academic organisations.
  • Dansk IT is a representative body for information technology professionals in Denmark, cyber security being one of the areas covered. 

Cross-country co-operation of cyber security clusters

  • Denmark is among the countries that joined the Dutch security cluster: The Hague Security Delta in June 2016 as part of an effort to encourage co-operation with other European regions bringing together public and private parties, academia and R&D organisations to stimulate innovation and economic growth. In Denmark, Karup and CenSec are the participating clusters joining others from the Netherlands, France, Finland, and Germany.
BrainsBusiness is a unique platform for ICT innovation in North Denmark through the interaction of industry and university and the link to public authoritie
IT/Cyber Clusters

 

DigitalLead is Denmark's cluster organisation for digital technologies, acting as a gathering point for digital innovation for companies developing digital solutions and for other sectors and industries that need to adopt innovative solutions. The cluster supports innovation and growth through the interaction between business and industry, research and education, public authorities and private citizens.

Finance and IT cluster in Denmark: Fintech and ICT-intensive financial services is an important sector in Denmark. The Danish vision is to form a strong finance IT cluster and develop financial IT infrastructure that will drive innovation and growth. Combining this dense finance ICT cluster with the advanced levels of education in financing and banking, Copenhagen is a hot spot for development and implementation of modern finance IT. Source: Copenhagen Fintech Innovation and Research

Professional Cyber Registers

 

The CYBERWISER.eu CyPR is all about boosting opportunities in the cybersecurity marketplace. 

This European Cybersecurity Professional Register is the place where professionals of any age can promote their specific skill sets and experiences in cybersecurity, courses taken and qualifications.
Organisations of any size or sector (from SMEs to large companies and public institutions can find and contact the right skills and experiences they need to improve their IT security posture.

Latest update

and disclaimer

January 2021

The information contained here is the result of desk research, including the ENISA interactive maps on national strategies and educational courses on cybersecurity. 

 

 

CYBERSECURITY RESPONSE TEAMS: GDPR and NIS Directive Compliance and Notification

National Computer Security Information Response Team (CSIRT)
Computer Emergency Response Team (CERT)

Notification obligations in the event of a data breach
NIS Directive (operators of essential services and digital service providers): actual, adverse and significant impact on the continuity of essential services. Actual, adverse and substantial impact on the provision of enumerated digital services.
GDPR (any organisation dealing with the data of EU citizens): accidental or unlawful destruction, loss, altercation, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed.

National contacts

Center for Cyber ​​Security

DKCERT

TDC Security Operations Center

CSIS.DK

CSIRT.DK

Languages Danish. Only the NCSS is in English. @Danish_GovCERT
Latest Update & Disclaimer

January 2021

The information contained here is the result of desk research.

 

Contact us for more info

 

Denmark (DK) | CYBERWISER.eu

CYBERWISER.eu Cyber Range & Capacity Building in Cybersecurity

Error

The website encountered an unexpected error. Please try again later.