Is your business ready to cope with the new Protective Security Act?

The new Protective Security Act will enter into force in April of next year. Accordingly, more organisations than in the past will need to review their procedures and implement security protection measures in order to make sure that they live up to the requirements, especially in the areas of information security and cybersecurity.

The current Protective Security Act came into force in 1996. Given the digitalisation of society, the time has come to pass an updated act that places higher demands on organisations’ protective security. The new Protective Security Act places clear demands on both the public and the private sector. The focus of the new act is still Sweden’s National security, meaning the aspects that are most worthy of protection in order for Sweden to function as a nation. The legislation addresses security-sensitive operations and security-classified information found in the armed forces, government agencies and municipalities – but also at private operators in the energy and telecom sectors, for example. In order to ensure that the new requirements are met, companies and organisations should start by performing an analysis to identify their protection assets before starting to plan for improved security protection measures.

Most organisations’ greatest asset today is their information, meaning that information security and cybersecurity have come to play a key role. It is important to prevent unauthorised persons from gaining access to information that is worthy of protection, and to rapidly detect network breaches. Companies and organisations are often unaware that the usernames and passwords of their staff members are bought and sold on the Internet. Not only that, but currently an intrusion in a computer network is not detected, on average, until 100 days after the fact.

Make sure that your business is ready to cope with the new Security Protection Act by taking the following steps:
1. Perform a protective security analysis
2. Develop a plan for your protective security
3. Implement protective security measures

Martin Waern, Head of Protective Security at SRS
Mattias Wallén, Head of Cyber at SRS