In a changed geopolitical situation and rapidly evolving digital landscape, security suddenly tops the agenda in many companies, and safeguarding our digital infrastructure and data centers is more crucial than ever.
In June last year, the UK was hit by a serious ransomware attack on a system that operates in several of the nation’s hospitals. The consequences were far-reaching: over 1700 planned operations had to be postponed and many thousands of outpatient treatments had to be postponed or canceled. The vulnerability of our digital society was suddenly exposed with potentially fatal consequences.
This was the backdrop for the spring networking meetup of the Danish Data Center Industry, which for the first time centered around a single theme: protection of digital infrastructure.
Without data, our modern society cannot function
Minister for resilience and preparedness, Torsten Schack Pedersen, was the opening speaker of the event, on a day where the sunshine and spring weather could have been a competitor to the bleak topic at hand. Despite the sunshine, 60+ DDI members showed up to hear more about protection of digital infrastructure.
"Without data, our modern society cannot function. We are one of the most digitized countries in the world, and according to the Managing Director of Danish Data Center Industry, Danes interact with a data center an estimated 30-40 times a day. For many of us, it's not something we think about in our daily lives, because it just works."
The minister went on to discuss how recent breakdowns at TDC and BaneDanmark in November 2024 highlighted our vulnerabilities, showing that an incident in one area quickly affects many other areas. "However, I don't think it would have attracted so much attention if it hadn't happened so close to the incident of the cable breakdown in the Baltic Sea."
UDSYN 2024 is an intelligence threat assessment that was updated at the end of 2024, showing that the threat landscape is more serious than it has been in many years. And n februry 2024, The Danish Defense Intelligence Service (FE) updated that Russia sees itself as being in a conflict with the West and is preparing for war with NATO. However, the minister emphasizes that this does not mean that the decision has been made, just that the threat is real and omnipresent. "We are fundamentally a safe country – but it means that we need to be better prepared than we are – both locally and nationally."
An important step forward came in January, with a broad political agreement involving most political parties. It is a top priority for the minister that the agreement is implemented and not just words on paper. "We have probably taken our security too lightly. The latest National vulnerability Assessment is from 2004, and we were looking into a completely different reality then. We can of course talk about why nothing has been done since, but that won't get us anywhere – we need to act."
Referring to the recent state visit to Finland, the minister noted that Finland and Sweden are operating on another level, in part because they have not been members of NATO, and that he looks with great inspiration to the other Nordic countries.
"None of us can solve the threats to our society alone; it requires coordination across borders. There is no doubt that we in the Nordic countries have a special obligation to each other."
A joint emergency plan from the EU will be presented at the end of March, which will also be a significant focus during Denmark's EU presidency in the second half of 2025. "Will we, as a society, spend more money on security going forward? I have no doubt about it."
As for advice to the industry? The minister noted: "Continue doing what you’re doing and share your knowledge. You have a lot of experience and knowledge. If you guys don’t have it under control, things will really go wrong."
"As a society, we are enormously dependent on you. The average Dane does not necessarily think of data centers during their daily lives, as there are so few incidents that affect them. It is very telling, that this industry works with security by design and being prepared for critical scenarios.,” the minister concludes.
“We are a society based on trust and expect things to run smoothly. So, he who lives quietly lives well. Data centers are a good example of this."
Protection of infrastructure and current threat assessment for Denmark
The second speaker was Mark Fiedel, Vice President in the Agency for Civil Protection (Styrelsen for Samfundssikkerhed), a newly established agency under the Ministry for Resilience and Preparedness.
Mark gave an overview of the current geopolitical situation and the different categories and types of cyberthreats. "Not surprisingly, Russia plays a significant role. But China also shapes our perspective on the geopolitical and security agenda."
Cyber espionage, i.e., state and hacker groups operating on behalf of states, poses a serious threat. Cybercrime, meaning attacks that exploit vulnerabilities to enrich themselves economically, such as ransomware, BEC fraud, and extortion, is also a serious threat broadly speaking. But as Mark said with a twinkle in his eye: 'One good thing about criminals is that they don't discriminate. This also means that anyone can be affected.'"
At the same time, the threat level for destructive cyberattacks was raised in June 2024. The purpose of this type of attack is not to bring Denmark down, but to create uncertainty, insecurity, and fear among the population and at the political level, so it can affect our support for, for example, the war in Ukraine.
Another important point: quantum computing is coming. When it comes, the algorithms we currently see as unbreakable will be broken immediately. Smart people say it’s happening within 10-15 years).
So, what can we do about these threats? One piece of advice has to do with culture and leadership: “A zero-error culture is extremely toxic in the security policy landscape. Leaders must foster a culture where employees feel safe to ask questions, be curious, and admit mistakes. It doesn't matter if you have control over the technical aspects if you don't have control over physical and human security.”
Since a lot of critical infrastructure is in the hands of private actors, it was also encouraged to focus on having a strong collaboration and a 360 degree perspective on safety and risk assessments.
The current security situation – a perspective and potential mitigations
Rounding out the day was Rasmus Knappe, PhD and CTO at Microsoft Denmark to give an update on the current security situation based on Microsoft’s intelligence picture.
With 78 trillion security signals every day and 600 million daily attempted attacks on azure, Microsoft has solid data to show where the activity is coming from. The main message: “The activity is becoming much, much more sophisticated than it has been.”
Based on this data, however, it is possible for Microsoft to advise and mitigate on future threats and decide how much and where to automate security, since human behavior is one of the largest risk factors. “We can set policy for a lot of the human behavior and then we can choose to focus our security work on the areas with the largest risk.”
Rasmus covered a variety of activities, including ransomware, fraud, phishing and DDOS. When it comes to ransomware, the biggest threat when it comes to ransomware is unmanaged devices. As for identity attacks, more than 99% are password attacks. As Rasmus said, to amusement from the audience: “We as a civilization are not great with passwords. We all know it’s important, but it’s cumbersome.”
The audience was also given a brief introduction to AI for defense, Microsoft’s investment in AI aimed at cybersecurity, popularly known as “copilot for defense.”
A piece of advice from Rasmus when it comes to automating security and taking the human factor into account: “The more unique we feel we are, the more similar we are. Take that as a guiding point, for how easy it is to manipulate us.”
Plenty to look forward to in 2025
Henrik Hansens concluded the event with a few final remarks from the Danish Data Center Industry.
He was able to share the good news that sponsorships are sold out for DDI Awards and Data centers Denmark, and interest in the events is greater than ever. He also announced the development of an impact report being developed this spring as well as an expanded presence at Folkemødet on 12 June.
“We have a lot of exciting events coming up and we are experienced increased attention from a political level. We invite you all to join us at our upcoming events and meetups.”
Contact us
Merima Dzanic
Head of Strategy & Operations
Kurt Henriksen
Advisor, Communications and Public Relations
Christine Kjær Jacobsen
Marketing & Communication Manager