Background to the security rules

[211014]

In the most recent meeting, the steering group decided that the following security rules now apply to the operations of the node.

One of the primary goals in the node is to create a prosperous innovation environment for the Swedish cybersecurity industry, and thereby strengthen the Swedish competitiveness and export within cybersecurity in the long term. 

  1. The goal will be achieved by enabling four different ways of working, namely, four different categories of working groups. 
    • One open and transparent category where various types of participants can participate.
    • Three secure categories in a Swedish context. 
  2. The secure categories will ensure that when it is required, information regarding new Swedish ideas and strategies within cybersecurity will remain within Sweden. A prerequisite for this is that organisations and people that participate in the secure parts of the node, do not prioritise another country’s security and development. 
  3. To ensure the right level of security complies, clear security rules will apply, especially in the secure categories. All participants must be well aware of the security rules for the category in which they participate. 

The rules are built on the above three principles. A few other prerequisites for the rules: 

  • Swedish companies and organisations should be able to feel confident that the node and its working groups work following established security rules.
  • The node has a responsibility for how the security work in the working groups is designed. An exception is when a group (or parts of a group) together create a consortium to apply for EU funding (e.g., Horizon Europe). 
  • A regular security dialog is held with relevant authorities regarding the current threat situation. When needed, the node can seek consultation from these authorities before a decision is made. 

The rules bring up the following aspects. 

  • Security rules for participation in the node’s activities 
    • Basic requirements regarding an organisation’s membership in the node. 
    • Three different types of activities in the node’s operation
    • Four categories of working groups 
    • Requirements on people wanting to participate in the node’s activities. 

Read more about the security rules here:

Security rules