Report by Radar & Truesec

Public Sector Report

The report, which is based on data from real cyber breaches, is the first of its kind in Sweden and will give decision-makers a better basis for decision-making in the work of creating resilience to cyber threats.

current threat landscape

Perceived Threat Situation - Public Sector

Overall, Swedish organizations perceive there to be an increased threat risk in nearly all categories, except in the categories of industrial espionage and employees within the organization, both of which decreased somewhat when it came to the high and moderate risk levels. It is difficult to identify one single factor that explains the fluctuating trend and reasons behind the variations in organizations’ threat assessments. However, the reporting of incidents, vulnerabilities and geopolitical uncertainty in the media naturally plays a significant role in what is perceived as a threat. Our responders’ answers are in line with the report on cybersecurity in Sweden.​

It is notable that, within the public sector, the threat of organized crime is not at all perceived in the same way, namely that it poses an overall lower risk. The reverse applies to the perceived threat situation linked to politically motivated actors and employees within the organization. The former may seem obvious given the fact that we are much closer to “the Swedish state” within the public sector, but it is still worth highlighting this type of motivation and driver.​

However, what is very noticeable is the perceived threat and risk stemming from inside the organization and our own employees.​

The public sector

Priorities and Challenges

The Swedish public sector is taking security seriously, which is shown in the section Priorities and Challenges in this report.

IT budgets are giving extra room for cyber and information security, yet the investments have slightly shifted to align with the shifted priorities from organizations within the sector. Earlier, so-called “soft initiatives” like strategy, training, and awareness have been prioritized, but lately, technological security has been given more attention. The prioritized areas are also the biggest challenges within the public sector.

Read more about the challenges and priorities within this sector to get an idea of what areas to keep track of during next year.

Download the Public Sector Report

The information is based on enriched data from analysts having done an individual assessment of each case and concluded that the IT attacks, had they not been stopped, could have led to serious consequences for the affected company. Check out this month's example to learn how these types of incidents can develop if they're not detected and disarmed quickly.