Home › blog › 2026 › January › 19th › nipping cyberattacks in the bud
Nipping cyber-attacks in the bud
19th of January 2026 Article by Lotte Printz
ECJ’s Lotte Printz speaks to the owner of the first cleaning company in Denmark to obtain a D-label for digital responsibility and data security.
The drone incursions over several Danish airports that disrupted the country’s airspace in October ahead of a European summit did not cause any harm or damage except for, perhaps, some embarrassment as they exposed the country’s infrastructure as vulnerable to attack.
In the wake of the incidents, the general public seemed to be on high alert, sighting drones everywhere. And for some companies it may have come as yet another wake-up call, prompting them to take a serious look at how they can operate, were a cyber-attack really to get through.
At Rengøringspartner.dk, a fairly small Sealand-based cleaning company, they were certainly astonished, but there was no real panic. In early summer, Rengøringspartner.dk became the first company in Denmark to obtain the D-label, a Danish labelling scheme for digital responsibility and data security.
“Of course, it caught our attention when we heard about the incident over Kastrup (Copenhagen Airport). When Covid-19 broke out, I thought it would pass in two weeks, but I’ve since realised that we live in a world and at a time when unforeseen occurrences happen, something you have never tried before. So you must stay ahead of things to nip them in the bud,” Peter Mortensen, owner and head of Rengøringspartner.dk, says speaking to ECJ.
At Rengøringspartner.dk they now have contingency plans. If Covid returns in two weeks, they know what to do and anticipate – and the same applies if, for instance, hackers take their mail system down, causing the firm to lose vital information.
With companies in charge of wastewater plants in its customer portfolio, it is crucial to Rengøringspartner.dk to be able to prove the company is on top of things. That nothing would harm the customer in the event of an attack on Rengøringspartner.dk’s computer system, for instance. Obtaining the D-label, a scheme jointly administered by the Danish Consumer Council and Danish Chamber of Commerce, among others, was an investment to that effect.
Preparations took about a year, and an external data security consultant was brought in for the job. At the same time, the D-label administrator pinpointed any shortcomings and provided explicit guidelines relating to spam filters, cookies and the like. In addition, key partners such as CleanManager and e-conomic needed to be “cleared” and data processing agreements signed.
International standards
The D-label is based on international standards and even though data security is a common obligation, as D-label puts it, it requires individual efforts and must be tailormade for individual businesses. In the FM and cleaning sector in Denmark, not many had heard about the D-label beforehand, though.
“It’s a little bit funny that we were the first in Denmark to obtain the D-label. Not ISS or another big player on the market”, Peter Mortensen willingly admits. Safeguarding data has top priority, but investing time and money in the protection process is also about gaining a competitive advantage.
“Roughly speaking, there are 95 per cent black sheep in this industry that we compete with every day. The rest of us try to ’behave’ and do business properly. And I would like to think we stand out having entered into collective agreements, published ESG reporting as early as 2021 and now being able to produce documentation that we are digitally responsible and have our data security under control.”
It is no longer a case of “if” cyber incidents happen, but when!
RSS