It’s scary how so many municipalities have such a low maturity and readiness to cope with cyber threats.
The Swedish IT Security Index 2.0 was published in the last few days, a report that provides some scary insights on information security and the lack of knowledge about the subject. But the report also offers important inputs for future action plans for change.
A summary of Swedish IT Security Index 2.0 shows some scary insights that can be of major importance for the security of our society and our ability to resist cyber threats. The report doesn’t just include an analysis of the current situation, it offers recommendations for action.
”In the wake of all news about information security shortages in the past year, it’s time to actively try to change the situation. It is encouraging to see the good work done in finance and insurance but really scary that many municipalities have such low maturity and readiness to handle what is clearly one of the biggest threats to our society right now, the cyber threat. In the wave of digitalisation now being rolled out, we must have much more readiness and implemented solutions that handle this. Information security is about people, processes and technology, all of which are equally important for our success”, commented Jonas Dellenvall, CTO, Advenica AB.
Some observations from the report
- A security strategy is adopted by the board in only 35 % of our organisations.
- IT security work is not even considered by 25 % of boards.
- The security strategy is updated less than once a year in 55 % of organisations.
- Internet of Things is rarely covered by a security strategy.
- 90 % have relevant skills in place.
- One third have not identified which assets should be protected.
- In more than 50 % of cases, serious incidents occur annually or more often.
- Municipalities show low maturity but have a risk profile that is higher than Finance and Insurance.
Recommendations found in the report
- Ensure that your IT strategy is linked to your information security strategy.
- Make continuous information classifications to optimise investments in the area.
There is a lot to gain by making improvements based on evaluating information.
The Swedish IT Security Index is a web-based tool (https://radareco.se/radar-sakerhetsindex) to help you conduct an independent review of your business’s information security. The tool consists of several questions that assess operational and strategic maturity as well as risk level. The report is a collaboration between Advenica, Dataföreningen, Sig Security, Christer Magnusson, Lecturer at Stockholm University and Radar.
Link: https://advenica.com/sv/svenskt-it-sakerhetsindex
For further information, please contact: Jonas Dellenvall, CTO Advenica, +46 703 93 83 43, jonas.dellenvall@advenica.com
