HomeDanish PoliticsDanish state institutions criticized for inadequate cyber security measures

Danish state institutions criticized for inadequate cyber security measures

Key societal institutions once again criticized for lacking IT security

The State Auditors once again direct sharp criticism towards four governmental institutions for not addressing significant deficiencies in their IT security, despite warnings six years ago. The institutions in question – Banedanmark (The Danish Transport Authority), Beredskabsstyrelsen (The Danish Emergency Management Agency), Sundhedsdatastyrelsen (The Danish Health Data Authority), and Udenrigsministeriet (The Danish Ministry of Foreign Affairs) – continue to have major gaps in their cyber defenses. Since 2018, the institutions’ cybersecurity has been reviewed multiple times, most recently in 2021, but no significant improvements have been made. The State Auditors strongly urge the implementation of necessary protection measures to withstand ransomware attacks.

The issues have been highlighted by both the National Audit Office and several experts, who criticize the institutions’ lack of action. According to a report from the National Audit Office, neither The Danish Ministry of Foreign Affairs, Banedanmark, nor The Danish Emergency Management Agency have implemented measures that can ensure normal operations following a potential cyberattack. Jan Lemnitzer, a cybersecurity lecturer at CBS (Copenhagen Business School), believes that IT security is not prioritized adequately by the leadership of these four institutions. He emphasizes that the threat of cyberattacks is increasing, but security measures are still lagging behind.

Lemnitzer stated to the online media Version2 that there have been several attacks from “Russian state actors” targeting NATO and foreign ministries of various countries in the past. A central part of the criticism is that The Danish Health Data Authority and Banedanmark have not conducted comprehensive risk assessments. Without these assessments, the institutions cannot properly determine where and how to improve their security infrastructure. Lemnitzer points out that without satisfactory risk assessments, the cyber defense does not meet standard requirements.

The State Auditors have now requested a statement from Minister for Digitization Marie Bjerre (V) regarding the situation.

Read the danish version here

Latest articles

Trump refuses to rule out use of military force to take Greenland

At a recent press conference, incoming U.S. President Donald Trump stated that he is...

Danish Minister Calls for Meeting on Proposed Parental Responsibility Law Changes

Social and Housing Minister Sophie Hæstorp Andersen has invited political parties in the Danish...

“Denmark announces new environmental initiatives to combat pollution and promote sustainability”

Please provide the Danish article you would like me to translate, and I'll be...

“Denmark Imposes Stricter Immigration Controls Amid Rising COVID-19 Concerns”

Please provide me with the Danish article you would like translated into English, and...

More News

Trump refuses to rule out use of military force to take Greenland

At a recent press conference, incoming U.S. President Donald Trump stated that he is...

Danish Minister Calls for Meeting on Proposed Parental Responsibility Law Changes

Social and Housing Minister Sophie Hæstorp Andersen has invited political parties in the Danish...

“Denmark announces new environmental initiatives to combat pollution and promote sustainability”

Please provide the Danish article you would like me to translate, and I'll be...