Protective Security Act
Much has happened since the Protective Security Act (1996:627) was introduced in Sweden more than 20 years ago. Physical assets have largely become digital, which has created a whole new set of threats. In order to strengthen Swedish protection and adapt it to today's challenges, the new Protective Security Act was introduced in April 2019.
The new security protection legislation applies if the activity is of importance to national security or has a special protection requirement related to terrorism. In addition to public authorities, which in many cases handle sensitive information, the rules may also apply to limited liability companies, commercial companies, foundations and associations over which the state, municipalities or county councils have a statutory controlling influence. The same applies to individuals who carry out activities that may be important for national security.
Purpose
CHANGES
More actors are covered by the new Protective Security Act. For example, IT systems that are are key importance for our society, such as healthcare, energy supply and transport systems, are affected.
Begreppet “hemliga uppgifter” ersätts med säkerhetsklassificerade uppgifter i de fyra informationsklasserna; “kvalificerat hemlig”, “hemlig”, “konfidentiell” samt “begränsat hemlig” inom ramen för Offentlighets- och sekretesslagen.
Clearer guidelines on the inventory and classification of IT systems and information.Affected businesses shall also clarify whether they are also subject to other legislation, such as the NIS Directive.
I de fall organisationen har IT-system eller informIn cases where the organisation has IT systems or information assets that are security-sensitive, the organisation needs to conduct a security protection analysis, and then develop a plan for the future of security protection.
Solutions
One of the main challenges of the new Protective Security Act is the requirement for a high level of information security. Our security experts can help you with everything from finding out if and how your organisation is affected by the law, to carrying out activities and implementing solutions to help you comply over time.
To comply with the Protective Security Act, you must ensure that sensitive information and related information systems are protected from threats. Acting as real attackers, our RedTeam identifies vulnerabilities in your digital and physical environments, and then makes recommendations on how best to fix them.
An effective way to reduce the risk of data breaches and ensure compliance with legal requirements is to have your systems and networks monitored. In our BlueSOC, security analysts work around the clock to detect and respond to cyber threats in real time, using a combination of market-leading technology, threat intelligence and experience.
We offer several contact routes and provide feedback as soon as possible. If you have sensitive information, we ask you to use the encrypted method.
+46 8 545 333 00
We answer 24/7
info@sentorsecurity.com
For general inquiries
soc@sentorsecurity.com
Use our PGP-key
