IT-Security beyond borders

April 6, 2006

A working-group on “IT-security Beyond Borders”, under the auspices of the Danish Board of Technology (DBT), has identified a number of solutions to cross-border IT security problems. They were made public on January 24th 2007 on a conference for Danish politicians and stakeholders. The report is written in Danish. 

It has been shown that the digitalisation of society has created ever greater IT-security problems. Global communication on the internet is achieved through the uses of common communication standards, and similarly, there is a tendency to standardize the use of relatively few software products. Both issues imply the risk that i.e., a computer virus can spread at the speed of light, infecting a great number of PCs, just as hackers obtain easier access to IT systems. The global internet also challenges security as an increasing number of societal functions are integrated online.

National dependency on the internet increases the need for international cooperation regarding the solution of IT-security problems. Therefore, the task of the working group has been to identify the IT-security sectors where Denmark is most vulnerable, but where this vulnerability is best reduced through international cooperation. The working group holds that enhanced international cooperation and cross-border solutions are essential in order to deal with it-security and concludes that it is high time to take concrete and well-aimed steps in the form of, among other things, lawmaking, certification, and labeling programs, that go significantly farther than previous efforts in the arena of IT-security. Thus the working group has sought to develop and present internationally focused and realizable recommendations for the cross-border IT-security problem areas considered to be among the most problematic now and in the near future.

The working group has met at the Danish Board of Technology for a series of meetings and has, among other things, collected knowledge from an international workshop and a minor hearing for national stakeholders, before the report containing the group’s conclusions and recommendations was made public on January 24th 2007.

The members of the working group are:

  • Preben Andersen, DK-CERT
  • Christian Wernberg-Tougaard, Member of ENISA’s advisory panel on “Awareness Raising”. Director for Unisys
  • Brian Birkvald, leader of IBM’s security group in Denmark
  • Morten Storm Petersen, Signaturgruppen A/S
  • Carsten Stenstrøm, Director of Technology Security, DR
  • Lars Neupart, Neupart A/S

At the year-end of 2005, the IT-security Council was closed, opening the way for a new construction involving the newly established IT-Security Panel and the DBT. Through this construction, the IT-Security Panel will advise the Ministry of Science, while the DBT is responsible for holding activities to encourage debate and learning. DBT has earlier been engaged in IT-security projects (see i.e. “IT-infrastructure’s vulnerability”), but following this new arrangement, IT-security becomes a permanent part of the Board’s annual programme. The first project was a workshop, held on the 19th of April, to identify IT security-related problems and to develop a number of recommendations. This project is the second activity in the series.