SSAB makes its information security awareness as strong as steel

We chose DNV Cyber for several reasons. DNV Cyber has deep expertise in our training platform and partners with its supplier. We also recognized DNV Cyber’s strong reputation in cyber security expertise and appreciated their service-minded approach and excellent communication competence, which were crucial for this project.

  • Jukka Vuori
  • CISO
  • SSAB

From the outset, the collaboration has aimed to enhance SSAB’s information security culture and mitigate risks associated with human behaviour. The program addresses SSAB’s information security training needs, also considering the challenge of engaging steel mill employees who use IT systems less frequently.

 

Notable results with versatile training methods 

The Information Security Awareness Program guides SSAB on its journey towards an improved information security culture. The comprehensive program, conducted in collaboration with DNV Cyber, aims to increase employees’ engagement and encourage them to consider security aspects in daily duties. 

“DNV Cyber has created a concept that skilfully combines shorter communication formats with standard training while considering the organisation's unique requirements. Together, we plan for the full year and think about the framework, topics, and means of training and communication. We also organize one massive training campaign each year on themes that we agree on in advance. Especially within the last couple of years, we have made information security more visible during Cyber Security Awareness Month,” says Vuori. 

In addition to planning, building and implementing the program, DNV Cyber’s consultants also measure and report on the progress of SSAB’s workforce based on the statistics they receive. The results have shown significant improvement in the employees’ vigilance.  

“SSAB collects annual feedback on the training. Our employees appreciate that the training is relaxed and that the scenarios are related to their work, highlighting what can happen in practice,” Vuori comments. 

“If you look at DNV Cyber’s operating model and the service package, you can see that DNV Cyber’s experts utilize the experience accumulated from various customer projects to deepen their knowledge so that it can also be implemented into other projects – thus benefitting all of DNV Cyber’s awareness customers.” 

 

Cyber security without boundaries: effective awareness practices extend to employees and their loved ones 

Vuori believes the collaboration with DNV Cyber will continue to bear fruit as also new projects have started alongside the awareness program. He sees this as a sign of SSAB’s confidence in expanding the partnership.  

“Working with professionals who know how to make our lives easy has given us peace of mind and allowed me to focus on managing the bigger picture. As some say, change in information security is constant; therefore, you shouldn’t rock a boat that sails smoothly.”  

Hanna Raitanen, who leads DNV Cyber’s Cyber Security Awareness Team, shares the same sentiment: “We are grateful for our long-term partnership and productive collaboration, sharing a mutual commitment to a robust and healthy security culture. We look forward to continuing our journey together, exploring new ways of engaging employees to embrace information security.”  

Lastly, Vuori highlights that good security practices are valuable both at work and at home. “Cybersecurity knows no boundaries. The knowledge we share with our employees can easily be passed on to their families and loved ones. We all have a social responsibility to spread awareness about cyber threats and other challenges.”

Prepare & Prevent

Put security controls in place to protect your data and assets and strengthen your cybersecurity posture.

This project was delivered by Applied Risk, a DNV company. DNV, Applied Risk, and Nixu joined forces to form DNV Cyber in 2024, creating one of Europe’s fastest growing cybersecurity services businesses.