Businesses and society rely on critical infrastructure that is deeply interconnected - from energy and manufacturing to transport, finance, healthcare and communications. When one part of this system is disrupted, the ripple effects can impact us all.
DNV Cyber Threat Intelligence tracks alleged, suspected, and confirmed attacks and breaches. Some 21 cyber incidents were observed impacting Norwegian organizations in 2025, compared to 60 in Sweden, 44 in Finland, and 41 in Denmark.
For this reason, DNV Cyber undertook research to explore in greater depth the level of cyber resilience across each of the four Nordic countries.
DNV Cyber’s Nordic Cyber Resilience research explores the state of national cyber resilience in Norway, Sweden, Finland, and Denmark.– including providing recommendations to strengthen cyber resilience. It covers sentiment and priorities among key actors and the public, addresses the threat landscape, and evaluates the preparedness of critical infrastructure organizations to manage cyber risk.
Cyber attacks are having a major impact on the way businesses and individuals in Sweden think and operate. One in five Swedish citizens say their everyday life has been affected by cyber incidents.
The research draws on a survey of 200 critical infrastructure executives and 500 members of the Swedish public, as well interviews with The Swedish Cyber Command, Energi-CERT Sweden, Telia, SKF Automotive, Howden, the Swedish e-Health Agency, Axfood, and DNV Cyber.
The Government can set expectations, enforce accountability, share intelligence, encourage cooperation, and build public awareness, but they cannot directly secure infrastructure they do not own. Cyber resilience depends on how well businesses, the public, and authorities each understand and fulfil their role in an interconnected system. Among Norwegian executives working in sectors considered critical by the EU, over half (52%) say that leaders in their organization see resilience of critical infrastructure as someone else's responsibility. A third (32%) are not even clear on whether their organization is involved in critical infrastructure.
The research draws on a survey of 200 critical infrastructure executives and 500 members of the Norwegian public as well as interviews with the Norwegian National Security Authority (NSM), Norwegian Business and Industry Security Council (NSR), Sykehuspartner HF, Norwegian Ocean Industry Authority -Havtil and DNV Cyber.
The research draws on surveys of both the public and critical infrastructure professionals in Denmark and complements this with commentary from cyber and business leaders and analysis from DNV Cyber experts. Publication is scheduled for spring 2026. Be the first to receive a copy of the research.
The research draws on surveys of both the public and critical infrastructure professionals in Finland and complements this with commentary from cyber and business leaders and analysis from DNV Cyber experts. Publication is scheduled for spring 2026. Be the first to receive a copy of the research.
The research and publications for the Nordics builds on DNV Cyber’s influential Cyber Priority research reports exploring the state of cybersecurity in energy and maritime industries globally.