Nordic Cyber Healthcare Forum builds cyber resilience

Cybersecurity attacks in healthcare are on the rise

DNV established the Nordic Cyber Healthcare Forum as a collaborative and trusted platform for discussion, strategic alignment, and the exchange of cybersecurity best practices in healthcare across the Nordics.

Cyberattacks on healthcare are no longer hypothetical risks. In 2024, a ransomware attack on Guy’s and St Thomas’ NHS Foundation Trust and King’s College Hospital Foundation Trust – two of London’s largest healthcare providers – forced the cancellation of more than 800 planned operations and 700 outpatient appointments in the first week alone. The incident underscored a hard truth: modern hospitals are increasingly exposed to cyber threats that can directly affect clinical operations and patient care. As healthcare systems become more digitally interconnected and threat actors become more sophisticated and active, the risk of cyber attacks is growing.

To address this shared and growing challenge, DNV established the Nordic Cyber Healthcare Forum as a collaborative and trusted platform for discussion, strategic alignment, and the exchange of best practices across the region.

 

Digitalization increases both opportunity and risk, as healthcare comes under attack

Accelerating digitalization holds significant potential to improve efficiency, quality of care, and hospital management. At the same time, it has expanded the healthcare attack surface through electronic health records, connected medical devices, cloud services, and increasingly complex supplier ecosystems. Many hospitals also continue to rely on legacy systems that are difficult to patch or replace, creating structural vulnerabilities that can be exploited.

These technological challenges are often compounded by inconsistent planning for cyber incidents, a shortage of specialized cybersecurity expertise within healthcare organizations, and persistently constrained IT budgets. Together, these factors make it difficult for individual organizations to keep pace with both technological change and an evolving threat landscape.

“Healthcare organizations operate critical infrastructure and face a growing number of cyberattacks, driven by financial gain, technical vulnerabilities, organizational challenges, and today’s geopolitical tensions. At the same time, they must navigate a rapidly expanding regulatory landscape, new technologies such as AI and quantum computing, and growing demands for secure data sharing across borders. Today’s cyber‑risk picture affects every part of a healthcare organization, and there is an urgent need to build skills and strengthen cross‑country collaboration,” says Morten Thorkildsen, Project Manager for the Nordic Cyber Healthcare Forum.  

Critical healthcare systems form the backbone of public trust and societal resilience. If criminal organisations succeed in shutting them down or taking over the technical systems that control our health services, it destroys trust in digital systems. This is no longer just an IT issue; it is a strategic and national security issue.

  • Morten Thorkildsen
  • Project Manager
  • Nordic Cyber Healthcare Forum

A Nordic forum for collaboration and resilience

The Nordic Cyber Healthcare Forum brings together healthcare leaders, CISOs, risk managers, regulators, and technology experts with a shared focus on strengthening cyber resilience in systems that are highly digital, deeply interconnected, and central to societal safety and trust.

Our goal is to increase the cyber preparedness of Nordic healthcare through better knowledge sharing and by bringing a broader set of participants around the table – from cybersecurity professionals and preparedness experts to clinicians and executive management.

  • Arve Johan Kalleklev
  • Operations Director
  • DNV Cyber

From dialogue to practical cooperation

The Nordic Cyber Healthcare Forum is founded on recognition that no single hospital or organization can manage cyber risk in isolation. Threat actors operate across borders and exploit shared technologies, suppliers, and systemic weaknesses. Effective defence therefore depends on cross-border collaboration, shared learning, and a common understanding of risk, particularly in areas such as supply chain security, incident response, operational continuity, and regulatory readiness.

DNV facilitates the Forum by coordinating physical and virtual meetings, while topics for the agenda are defined by the participants themselves. The first meeting was held at DNV’s headquarters in Norway on 29 August 2024 and brought together representatives from 11 organisations. “During the initial discussions, it quickly became clear that cybersecurity is an area where the Nordic countries have much to gain through experience sharing and concrete cooperation,” says Thorkildsen.

Subsequent meetings have since been hosted at Rigshospitalet University Hospital in Copenhagen, Karolinska University Hospital in Stockholm, and Helsinki University Hospital. The Forum aims to convene approximately two to three times a year.

Over time, the Forum has evolved from primarily sharing information to enabling more practical collaboration including an expert-led working group on Medical Device Security. Experience based case sharing allows participants to learn from real incidents, anticipate emerging threats, and translate cybersecurity strategy into operational preparedness.

EU funding application

As a result of this work, DNV Cyber and the Nordic Cyber Healthcare Forum are now participating in a healthcare consortium applying for EU funding under the Digital Europe Programme, with the aim of developing next generation cybersecurity solutions for healthcare.

“By bringing organizations together and building trust, the Nordic Cyber Healthcare Forum helps healthcare move beyond simply reacting to cyber incidents and toward long-term, proactive resilience. At a time when digital trust has never been more important, that shift is crucial for maintaining confidence in healthcare systems,” Kalleklev concludes.

Further reading