At the beginning of August, the Center for Cyber Security published an updated list of 20 requirements that all government authorities must follow from 1 January 2023.
The list is a revised version of the requirements that have been in force for the past few years. The requirements are intended to protect government agencies from malicious cyber and information security incidents, such as hacker attacks and the spread of malware.
Security on domains
In relation to domains, public authorities must ensure that all domains belonging to the authority have DNSSEC enabled, and the DMARC REJECT policy must also be implemented on all domains.
DK Hostmaster offers courses every six months on exactly how to implement the two security standards on domain names:
- On November 3, Tim Draegen holds the course "DMARC for technicians", where he reviews the technical implementation of DMARC.
- On 11 November, Jakob Schlyter will hold the course "Protect your domain name with DNSSEC", where it will be reviewed how the signing method DNSSEC is connected to a domain name.
It is free to participate in both courses. Send an email to firstname.lastname@example.org if you wish to participate.
Test your domain
Not sure about what security standards is linked to your domain name? You can check it here: https://en.sikkerpånettet.dk/.
Sikker på nettet is a tool that scans your domain to see how secure it is.