Slagelse Municipality: Strong grounds for decision-making

Slagelse Kommune is a municipality in Region Sjælland, Denmark. The municipality covers an area of 570,10 km2, and has a total population of 79.691. The municipality was created on January 1st 2007, in a merger of the former municipalities of Hashøj Kommune, Korsør Kommune, Skælskør Kommune and Slagelse Kommune.

Storebæltsbroen is a combined bridge and tunnel connection intended for train and motor traffic that crosses the Storebælt and connects Fyn and Sjælland. The bridge connection was opened June 14th 1998.

In the wake of a new IT security policy, Slagelse Municipality asked Dubex to prepare a 360-degree Security Analysis. The purpose of the analysis was to create a basis for optimal prioritisation of their security activities, operational stability and data security.

“We want to base our IT security on a real risk assessment of our systems, infrastructure, internal and external threats, etc. Dubex’s security analysis has given us an overview and recommendations as well as an optimal basis for prioritisation in relation to activating new initiatives.” Claus Ritter, CIO, Slagelse Municipality

We can prioritise security activities

Slagelse Municipality has an emergency contingency plan for security incidents in the organisation. But the ambition is to be able to act proactively and purposefully at all times in relation to current threats, without security becoming a barrier so the group can renew and develop with the help of digitisation. Dubex’s security analysis was to reveal whether the municipality’s systems work optimally and whether data is handled reliably. Claus Ritter says:

“With IT security, you are never 100% sure, but the analysis is a strong tool for management in relation to prioritising our activities. Risks have been made visible and we now have the opportunity to accept them, share them or take action on them. This knowledge changes the whole approach to our handling of IT security.”

Awareness works

The threat assessment is constantly changing. However, the security analysis supported Slagelse Municipality’s assumption that the biggest threat comes from within. The municipality therefore made various tools available to users, and uses the recommendations from the analysis to summarise an annual prioritisation plan for IT security.

“Dubex has done a professional job in connection with the analysis, where they have been out in the organisation and talked to the users to get a picture of their working day. Security is something we give each other through good ethics and behaviour on the municipality’s network. We have developed a portal where employees can briefly and accurately read what is expected of them before they gain access to the network. In addition, we use the portal proactively in relation to, e.g. system and data owners, managers and others with special responsibility for our IT security, so that we support and focus on IT security managers’ management supervision and awareness. The analysis showed that a very large part of our work to implement, stay focused, create awareness and be proactive in relation to our IT security aspect, actually works. That’s extremely important knowledge”, Claus Ritter points out.

“With IT security, you are never 100% sure, but the analysis is a powerful tool for management in relation to prioritising our activities.” Claus Ritter, CIO, Slagelse Municipality

Management gets a strong basis for decision

Dubex’s security analysis gives management in Slagelse Municipality a tool to prioritise their focus areas. The analysis was compared against best practice in IT security. With approximately 7,000 employees in the municipality, operational disruptions are particularly business-critical – and so is data leakage. Claus Ritter explains:

“Knowledge of best practice is important to us. We get crucial indicators for our operational stability and data security, which we also have to take into account because many thousands of employees handle sensitive personal information. IT security may not be the sexiest word when we talk about development focus in our group, but in fact we are deeply dependent on our IT systems functioning optimally and that our data and important information is being protected. Our task solution and servicing of citizens and companies is increasingly dependent on IT and data. It’s therefore important that our systems are reliable and that we can access the information when we need it. Our citizens expect us to take proper care of their information, just as we must safeguard our image as a professional workplace.”

We’ll do it again

“In Slagelse Municipality, we have decided to prepare a security analysis every year, because the threat assessment is constantly changing and because the group’s digital use is constantly changing. We will thus always have a forward-looking and active tool for continuous development and adjustment of the IT security parameters,” says Claus Ritter.

About Dubex Security Analysis

A Dubex Security Analysis gives your company an overview of the existing security level and threat assessment. Once the real level of security is clarified, you will have the opportunity to prioritise your activities in order to achieve the desired security. The analysis provides management with an overview of risks based on a thorough review of the technical, physical and organisational conditions. Dubex provides a report, with a number of recommendations for improvements that should be implemented to achieve the desired level of security. Read more

Questions?
Just reach out

Stine Gjering Frederiksen
Marketing Manager

sgf@dubex.dk

Rasmus D. Jensen
Chief Sales & Marketing Officer

rje@dubex.dk

Related

We are pleased to announce membership in FIRST and TF-CSIRT, which demonstrates the maturity of our Incident Response Team delivery.
Jacob Herbst’s appointment as chair in the Cybersecurity Council is in line with Dubex’s continued work to enhance digital security in Denmark.
5 criteria to select the right MDR partner for your business. The current threat landscape places almost impossible demands on IT security managers, and the way you organise security in your business:
Every year, we proudly open the doors for Dubex Summit, the largest and most influential cybersecurity conference in Denmark. Join us at this premier event to engage with industry leaders, explore cutting-edge technologies, and participate in discussions shaping the future of cybersecurity. Listen to interviews with the participants at our Summit event for valuable perspectives and insights.