One in three Danish companies was hit by a cyber attack last year
It is not a question of whether your company will be attacked – but when. 32% of Danish companies experienced a security incident in the past year according to PwC's Cybercrime Survey 2025. CFCS rates the cyber crime threat against Denmark as "VERY HIGH" – the highest category.
The number of ransomware attacks against Danish companies hit a record in 2024, and the trend continues. TDC Erhverv blocked over 5.5 million attacks from malicious domains in Q2 2025 alone.
What hits Danish companies hardest?
PwC's survey of 405 Danish business leaders and IT specialists paints a clear picture:
- Phishing: 62% of all incidents start with phishing – and it is spreading to SMS and messaging services
- Vulnerability exploitation: 56% of attacks begin via software vulnerabilities
- DDoS attacks: 28% of affected companies experience system overload
- AI-powered attacks: 11% have experienced attacks where hackers used AI – more than doubling from 2024
It costs more than you think
A cyber attack costs Danish companies at least DKK 200,000 per day in downtime. With an average handling time of 300 days, the total loss can reach up to DKK 60 million for a single incident.
The average ransomware payout has risen to USD 2 million globally – a 500% increase from 2023. And although 63% of victims refuse to pay, the indirect costs – lost revenue, system recovery, legal costs, reputational damage – are often far higher than the ransom itself.
Your employees are the weakest link – and the strongest defence
Over 90% of all security breaches start with a human error. An employee clicks a link, shares a password or opens an attachment. CyberPilot, with data from over 1,000 Danish companies, documents that employees "act on autopilot" – and that Danish trust culture makes us particularly vulnerable to social engineering.
Only 20% of Danish companies have a crisis plan ready. 41% have not strengthened their IT security in the past two years. 40% of Danish SMEs have a digital security level that does not match the threat landscape.
The 5 most important things you can do today
- Awareness training for all employees – not a once-a-year PowerPoint, but ongoing simulated phishing tests and short training modules. It is the most effective prevention
- Multi-factor authentication (MFA) – on all accounts, especially email and admin access. It stops the vast majority of account takeovers
- Patch management – 56% of attacks exploit known vulnerabilities. Automatic software updates close the gap
- Immutable backup – daily backups that cannot be altered by ransomware. Regularly test that you can actually restore
- Incident response plan – who do you call at 3 AM? Who decides what? Practice the plan at least once a year
When prevention is not enough
Even with the best prevention, an attack can get through. That is why we always recommend cyber insurance as a supplement. The insurance provides:
- 24/7 access to IT forensics, lawyers and PR experts
- Coverage of business interruption during downtime
- System recovery and data reconstruction
- Compensation claims from customers and partners
The threat is not going away – but you can prepare
CFCS calls the cyber threat a "fundamental condition" for Danish companies. That means you cannot wait. Every day without MFA, without awareness training, without a crisis plan is a day you are playing Russian roulette with your company's future.
Need help assessing your security level and insurance needs? Contact Kim Theilgaard at kt@fairside.dk or call +45 26 16 96 16 for a no-obligation conversation.
