How Cyber resilient is Finland?
Strengthening the resilience of Finland's critical infrastructure and society
As cyber threats intensify across Europe, Finland stands out as one of the region’s most digitally advanced and prepared societies. Yet new research from DNV Cyber highlights a growing tension at the heart of this progress: as digital integration deepens – accelerated by the adoption of AI – cyber risk, complexity, and interdependence across critical infrastructure are increasing.
To better understand how Finland is managing these challenges, DNV Cyber conducted research to answer the question: How cyber resilient is Finland?
The report How Cyber Resilient is Finland? explores threats to Finland’s critical infrastructure, assesses national preparedness to manage cyber risk, and offers six recommendations for businesses and government to strengthen cyber resilience.
The research draws on a survey of 200 critical infrastructure executives and 500 members of the Finnish public, as well as in-depth interviews with Fortum, Wärtsilä, ABB, Finland’s National Cyber Security Centre (NCSC‑FI), the National Emergency Supply Agency (NESA), the Finnish Border Guard, and DNV Cyber.
The findings point to a society increasingly grappling with the trade‑offs between digital progress and resilience, and with the shared responsibility that cyber resilience entails.
- Six in ten (61%) Finns say they would accept limits on digital convenience – such as government access to personal data or restrictions on mobile connectivity – if this helped protect the country’s critical infrastructure.
- Almost half (47%) of Finnish critical infrastructure executives say they would support slowing aspects of digitalisation in essential systems if doing so reduced cyber risk.
- At the same time, one in three (33%) executives expect cyber incidents to cause widespread disruption to supply chains or public services in the coming years, highlighting the potential consequences of failure across highly interconnected systems.
- Finland’s Comprehensive Security Model provides a strong foundation for national preparedness. However, as digital integration deepens – reinforced by AI and tighter system interdependencies – roles and responsibilities are becoming less clear, increasing the risk that cyber resilience is seen as someone else’s problem.
Together, these insights reflect a clear tension: while there is growing willingness to question digital convenience in the name of resilience, digitalisation itself cannot simply be switched off. Strengthening cyber resilience therefore depends not on stopping digital progress, but on understanding the risks that come with it – and on ensuring clear ownership, coordination, and accountability across society.
“Compared with many other countries, Finland’s preparedness is deeply embedded across authorities, businesses, and society. But resilience cannot stand still. As threats evolve and digital dependencies grow, maintaining resilience depends on continuous cooperation, clarity of roles, and readiness to act when disruption occurs.”