MSB tasked with offering more efficient information security work to the business sector

The government announces on its website that it is assigning the Swedish Civil Contingencies Agency, MSB, the task of expanding its structure for monitoring systematic information security work, Infosäkkollen, to the private sector. The agency will also offer private sector actors a structure for monitoring IT security.

– The number of IT attacks has doubled in Sweden over the past year, and cybersecurity is a core mission in civil defence. MSB is now tasked with expanding the monitoring of Infosäkkollen to be offered on a voluntary basis to the private sector, so that the private sector can also be more effectively prepared. All actors must do their homework in the field of cybersecurity, and the state should contribute to simplifying and enabling this work, says the Minister for Civil Defence, Carl-Oskar Bohlin, in the announcement on the government's website.

The need to develop society's information and cybersecurity is significant, and there is a demand from the civil sector for quantified information about cybersecurity work in Sweden.

The government therefore assigns MSB the task of expanding its structure for monitoring systematic information security work within the public sector, Infosäkkollen, so that from 2023 it can also be used by the private sector.

The government states that Infosäkkollen is a completely voluntary tool aimed at offering a structure for monitoring to improve actors' ability to work with information and cybersecurity, thereby strengthening total defence. Through the monitoring, actors should be able to see the level of their information and cybersecurity and receive support on what can be done to improve security. The actors participating in Infosäkkollen will also be offered a structure for monitoring IT security, IT-säkerhetskollen.

Infosäkkollen should primarily be offered to those actors covered by the law on information security for essential and digital services and the recently adopted NIS 2 directive. Additionally, from the year 2025, the agency will begin offering the actors who have chosen to participate in Infosäkkollen a structure for monitoring IT security, IT-säkerhetskollen.