Strengthening information and cyber security

Businesses, the public sector and citizens must feel secure, including in the digital world. A high level of information and cyber security is a prerequisite for such security and thus for us to be able to take full advantage of the opportunities offered by digitization. Trust and confidence in digital development risk being damaged if security breaches and cyberattacks cannot be managed. This applies to day-to-day operations, to threats from criminals and in a deteriorating security situation for Sweden. The business community is currently taking great responsibility and working to increase information and cyber security. There is a great need to cooperate on these issues to increase security for businesses and other organizations. No single actor can solve the information and cyber security problems on its own, and strengthening security requires greater awareness of the threats, more collaboration, more expertise and a better ability to combat cybercrime.

15. raising awareness of information and cyber security threats Awareness of information and cyber security has increased - as more serious incidents and threats have occurred. Nevertheless, awareness needs to be raised at all levels of society. IT and security companies are training, advising and contributing to their customers' security. The National Cyber Security Center has been tasked with coordinating efforts to prevent, detect and respond to cyber attacks and other cyber incidents. The center will also provide advice and support on threats, vulnerabilities and risks. The Center, MSB, and other authorities responsible for important security issues must contribute to effective ways of raising awareness of information and cybersecurity threats by conducting long-term and effective information work. This applies to many types of threats in normal operations, but also to issues of crisis preparedness and total defense.

16. Increase trust and cooperation between authorities and businesses. The ways in which the authorities and private companies and organisations cooperate and share information about security threats need to be developed. At present, the public sector demands information and imposes security requirements on the business sector - without the companies receiving information or the results of the authorities' work on information and cyber security. In many cases, the business sector has information and knowledge that would increase the security of more actors if the right conditions were put in place to share this information in a secure manner. Efforts therefore need to be made to develop functions aimed at strengthening cooperation, including more two-way information, to support businesses and organizations regarding information and cyber security.

17. strengthen the supply of skills in information security.
To reduce the risk and consequences of cyber attacks, skills are needed at all levels. TechSverige's surveys show that security issues are among the most important, both as a driver of skills needs and in demand growth. If there were more people with information security skills, more companies, the public sector and other organizations would be able to get support from security companies. The demand for information and cyber security skills needs to be better reflected in the education system and the labor market.

18. develop the skills, capacity and resources of police, prosecutors and courts to address cybercrime and cybersecurity threats. Businesses and citizens are increasingly exposed to online crime. The main cyber threat to medium and large businesses is ransomware, malware used for extortion. The rise of ransomware is due to the automation of attacks and the ability of criminal networks to continue their activities. Several actors in the justice system and support authorities need to improve their ability to prevent, investigate and prosecute online crimes. Appropriate legislation and resources are needed to keep up with rapid technological and criminal developments. It also places great demands on international cooperation, both in terms of standard setting and law enforcement.