20th e-Crime & Cybersecurity Congress Nordics (Copenhagen)

Yesterday's controls for tomorrow's attackers? 

20th October 2026 • Radisson Blu Scandinavia • Copenhagen, Denmark 

Are Nordic companies unusually secure, or are they just untested? And does Al change the answer?

 

The calm before the storm? 

The most dangerous moment in cybersecurity is not always the moment when incidents are visibly surging. Often, it is the period just before — when threat levels appear manageable, confidence remains high, and organisations mistake operational calm for strategic stability.

That is the risk now facing the Nordic cyber community.

Across Europe, the underlying cyber landscape is shifting. Digital identity, cloud concentration, Al-enabled attacks, third-party dependency, geopolitical pressure, and regulatory escalation are all converging at once. The result is not necessarily a sudden spike in reported incidents, but a more unstable operating environment beneath the surface — the cyber equivalent of pressure building behind an old dam. Nothing looks broken until the weak point gives way.

For the Nordics, this matters because the region's greatest strengths are also potential fault lines. High levels of trust, digital adoption, public-sector connectivity, financial sophistication, cross-border integration, and cloud-enabled efficiency have made Nordic economies among the most digitally mature in Europe. But the more integrated, automated, and trusted the digital environment becomes, the greater the systemic consequences when something fails. 

This is the tipping point: cyber risk is moving from a question of whether organisations can prevent more attacks to whether digitally advanced societies can sustain trust under conditions of permanent cyber pressure.

AI sharpens that challenge. It does not simply create a new category of threat; it accelerates the entire contest. Attackers can scale reconnaissance, social engineering, and phishing with greater speed and realism, while defenders are forced to modernise detection, response, and prioritisation just to keep pace. The gap between apparent stability and actual exposure may therefore widen quickly. 

Regulation is adding further urgency. NIS2, DORA and the wider European resilience agenda are raising expectations around governance, accountability, third-party risk, and operational continuity. But compliance is not the same as resilience. Nordic firms may be well positioned by European standards, yet the strategic question is no longer whether they are "more mature than peers". It is whether their current operating models are fit for the next phase of cyber risk. 

CISOs therefore face both an external challenge (the looming threatscape) and an internal problem: how to argue for preventive resourcing before attackers prove how damaging a breach can be. 

Their case for action is not that Nordic cybersecurity has already failed, but that the conditions for failure are becoming more complex, more interconnected, and harder to see through conventional metrics. Waiting for incident volumes to rise before changing strategy may be precisely the mistake. 

So, where Nordic cyber leaders see genuine resilience, where is confidence masking hidden concentration risk, and what practical steps organisations should take before the storm becomes visible. The central question is simple: if the Nordics are among Europe's most digitally advanced societies, are they also becoming one of its most exposed?

 

The e-Crime & Cybersecurity Congress Nordics will look at how at how security teams and the business must respond to a new era in cybersecurity. Join our real-life case studies and in-depth technical sessions from the most sophisticated teams in the market. 

 

Key Themes: AI and Quantum

Identity, authority, and control for non-human actors 
CISOs must rethink core identity and governance frameworks, including the adoption of robust agent identity models (spanning machine, service, and workload identities), and clearly defined delegation structures that determine what authority an agent holds and who grants it. What technologies can help them maintain visibility and control? 

Data protection and leakage risks 
What does "insider threat" mean when the actor is non-human? For CISOs, the focus shifts to monitoring the behaviour of agents as well as users, developing capabilities to detect anomalous machine activity, and establishing effective controls that balance guardrails, detection, and containment. Do you need Al defences to do that? 

Al anti-phishing and social engineering defences 
Al is shifting defence from static filtering to behavioural detection at scale, flagging anomalies that rules/ signatures miss. It can also enable pre-emptive defence against social engineering, identifying manipulation cues. The result is a move from reactive blocking to adaptive defence reducing both successful attacks and analyst workload. Can you help? 

Who needs to be quantum-ready? 
Anyone responsible for long-lived sensitive data or critical infrastructure has a quantum problem. That means banks, governments, telecoms, energy, healthcare whose datasets need to last decades. If your encryption protects value over time, you need crypto-agility and a migration path now, not when quantum arrives. How does this work in the real world? 

Integrity and the Al-enabled supply chain 
Al-native operating models imply dependence on a complex supply chain of foundation models, internal systems, and external APls and orchestration layers that collectively produce legal work. Imagine the consequences of hacking such a system. So how do CISOs stop that happening? 

Intelligent Threat Detection 
CISOs now must build a single coherent security program that simultaneously satisfies divergent regulatory demands; they must interpret vague legal standards into technical architectures, and they risk non-compliance if auditors, regulators, or courts interpret differently later; they face unrealistic expectations around incident reporting; and they face personal liability. Can RegTech help? 

 

Key Themes: Building Better Security

Making the best use of threat intelligence 
In a preemptive security model, timing is everything — success depends on detecting and neutralizing threats before they become active incidents. To do this, security operations can't just rely on internal telemetry (e.g., endpoint or network logs). They need external, real-time context about emerging threats — where do they get it? 

Security Posture Management 
Traditional vulnerability scanners don't handle cloud native architectures well. Today's cloud environments spin up thousands of ephemeral assets without a traditional OS, without an IP address for long. So how do you adapt to that dynamic, APl-driven reality? How can traditional tools connect the dots — not just generate tickets? 

Improving continuous attack surface discovery 
You need to know what attackers can see and what they can actually attack — and you need it on a continuous basis, not in some static inventory. Ideally you also need assets ranked by risk priority and put into the current threat and vulnerability context. Is this feasible and is it cost effective? 

The power of automation 
There's too much manual intervention in security. SOAR pulls data from SIEMs, EDRs, firewalls, cloud APls, ticketing systems threat intelligence feeds, and even email servers and coordinates actions across tools via APls and prebuilt integrations and intelligent playbooks. Well, that's the theory. How does it work in the real world? 

Adversary simulation and behavioural analysis 
Automated adversary simulation Identifies telemetry blind spots. They provide prioritized remediation guidance and control effectiveness metrics. They track progress trends and validate security RO is as welI as providing board and audit reporting. How well do they work in practice? 

Securing the Cloud: still a problem 
The cloud may be secure but misconfiguration, API proliferation, federated identity challenges, third­-party compromise and a misplaced trust in shared responsibility all make Cloud environments extremely complex to understand and secure. So is the answer CSPM/CIEM tooling? What about CNAPP/CWPP? How to push your controls into SaaS providers and MSSPs? Can vendors help? 

 

Key Themes: Best Practice Fundamentals

Achieving visibility across ecosystems 
From exposed initial access points such as warehouse management systems to complex machine control software, simply understanding your device and application landscape is a huge challenge. Can you help with asset tracking and endpoint visibility? And what about anomaly detection after that? 

Transitioning OT to the Cloud? 
OT traditionally was localized in particular sites and air-gapped from IT systems. But connectivity with broader corporate networks and the need to manage technology more centrally (especially during COVID) has seen companies looking at managed services in the Cloud for OT. Is this a way forward? Or does the Cloud just create more problems? 

Defending against the latest ransomware variants 
Ransomware evolution is forcing the hands of government and causing havoc in the insurance market. So firms must go back to basics (see below) but also invest in immutable back-ups and real resilience. Detecting early-stage infiltration is also critical. What else can CISOs do to better defend against ransomware? 

Securing the basics 
The endpoint and email are still a critical cybersecurity battleground. So, organisations still need EDR/XDR everywhere; they need advanced emaiI security; they need more aggressive patching of internet-facing anything. They need to move from awareness training to behavioural conditioning. What does that mean practically for CISOs? 

Why zero trust, isolation and segmentation are key 
There has been a shift in recent attacks away form the theft of data — now threat actors are concerned with interrupting all operation activity. It is now critical that business functions are separated, and that internet access to OT networks is limited. Can security teams still keep up with sophisticated foes? Should they upgrade their capabilities? 

Dealing with regulations 
CISOs now must simultaneously satisfy divergent regulatory demands; they must interpret often vague legal standards into technical architectures, and they risk non-compliance if auditors, regulators, or courts interpret those regulations differently later; they face unrealistic expectations around incident reporting; and they face personal liability. Can RegTech help? 


Who attends

Job titles

CISO
Developer
Information Security Analyst
Tech Lead
Security Engineer
IT System Administrator
Senior Security Professional
Risk Officer
IT Security Expert & Threat Hunter
Security Generalist
Compliance and Risk Manager
Chief Information Security Officer (CISO)
Information Security Control Manager, Swedish Banking
Information Technology Support Engineer
Cyber Security Compliance Expert
IT Security Specialist
Cyber Security Manager
ISO Information security Officer
Chief Security Officer (CSO)
Risk Officer
Senior IT Security Specialist
Trade and Transaction monitoring Officer - Financial Crime prevention
IT Security Specialist
Cyber security Expert
Senior IT Security Specialist
CIO
Reg Tech
Chief Security Officer (CSO)
Executive Director, Europe
Information Security Officer
Information Security Specialist
Information Security Manager
Director of Operation – R&D Product Management and Technology
Cybersecurity Manager
Data Protection Manager
Director of Information Security
FCP and Cybersecurity professional
Security Operations Manager
Security Advisor
Head of IT Governance
Enterprise Architect | Cybersecurity | Program management
Head of IT
Nordic Head of Cyber Underwriting
Cybersecurity Practice Lead
Group Data Privacy Business Partner
IT Admin
Senior Business Risk Manager
Senior Security Lead | Country Information Security Risk Manager-Sweden
Group CIO
Information Security Manager
IAM Specialist
Junior Information Security Specialist
Senior Advisor Security
CISO
Acting CIO
System Security Manager
IT Architect
CISO
FCP IT-Architect
Head of Information Security
Administrative Support
Head of Financial Crime and Cybersecurity
Data Protection Manager
CISO
IT-säkerhetsansvarig
Systems Engineer IT and Information Security - GRIPEN Divisions
Director - Operational Risk and Information Security
Cyber Incident Management - Nordics Lead
Global Compliance Manager Data Privacy
Information Security Officer
Security Architect
Service & Solution Manager
Information Security Manager for Large Corporates and Institutions
Global Head of Product Security
Information security expert
Head of IT & Infosec
Senior Business Developer
Senior Security Advisor
IT Security Operations Manager
Software Architect
Cyber Security Engineer
Security Specialist
Data Protection Officer
Senior IT Security Officer
Cloud Security Engineer
Vice President
CISO
Head of Information Security (CISO)
Head of Development Group IT
Information Security Officer
IT Security Specialist
Head of Security
Senior Model Risk Manager- Governance and Control
Senior Cloud Architect
Senior Project and Program Manager
Chief Information Security Officer
Cybersecurity Area Manager
Privacy Specialist
IT Development Service Manager
Cybersecurity Associate
Cyber Security Engineer
Cyber Crime
Head of Security & Compliance
Fraud Prevention Specialist
CISO
Project Manager IT
IT Internal Audit Senior Manager
Senior IT Architect
Head of Group Security /CISO
Risk Officer
Information Security Architect
Information Security Manager
Compliance Officer
CISO
IT
Security Product Manager • BNEW DNEW OP SC Security & Compliance
IT Solutions Manager
Chief Security Officer
Group Manager
Mobile App Developer

Companies

Entidade Reguladora dos Serviços Energéticos
Anyfin AB
LeoVegas Group
Swedbank
KRY
EasyPark Group
Telia Company
Bankgirot
PostNord Group AB
Ericsson
Ericsson
Medius
Swedbank
Anyfin AB
Scania
Skandia Banken
EY
Northmill Bank
Bankgirot
Bankgirot
Trygg
Guaranty Trust Bank
Swedish Pensions Agency
H&M
SVT
Entidade Reguladora dos Serviços Energéticos
AFRY Group
Transdev Sverige AB
Financial Services Information Sharing and Analysis Center (FS-ISAC)
PostNord Group AB
H&M
Swedbank
Vizrt Group
Unilabs
Nordic Entertainment Group (Viaplay Group)
OVO Group
Handelsbanken
Ericsson
Ericsson
Lendo Group
Länsförsäkringar AB
Kivra AB
Riskpoint Group
EY
Sandvik AB
Futuraskolan International School of Stockholm
Nordea
Hitachi Energy
Camfil AB
Kommune Kredit
Tele2 (Tele2 Sverige AB)
Trygg
Swedenergy
Max Mattheissen
Handelshögskolan i Stockholm The Stockholm School of Economics (SSE)
Ericsson
Securitas Sverige AB
Ahlsell Sverige
Handelsbanken
Tele2 (Tele2 Sverige AB)
WTW
Finanssiala ry - Finance Finland (FFI)
Nordic Entertainment Group (Viaplay Group)
Wasa Kredit AB
Socialstyrelsen
Swedish Defense Materiel Administration (FMV - Försvarets materielverk)
FCG
Marsh
Sandvik AB
Qliro AB
Swedbank
Bankgirot
Swedbank
Vizrt Group
Sveriges Riksbank
Hemnet
Nordea
Ericsson
Acne Studios
Skandia Banken
Hitachi Energy
Västra Götalandsregionen
ITB-MED AB
Swedish Pensions Agency
Hive Streaming
Stockholm Corporate Finance
Advokatfirman Vinge
Axfood AB
Swedbank
PostNord Group AB
Qliro AB
Starvito
Swedbank
Länsförsäkringar AB
ICA AB
TF Bank AB
H&M
Ericsson
Swedbank
EQT Partners/EQT AB
EQT Partners/EQT AB
Swedish Police Authority
Ericsson
Arelion Sweden AB
Olink Proteomics
Ericsson
Autoliv
Vattenfall
Folksam
Swedbank
ICA AB
Trygg
Saab Group
MedMera Bank AB
Voyado
Ericsson
Lunds Kommun
EVRY Sverige
Scania
Skandia Investment Group

Industries

Regulator
Banking
Casinos/Gaming
Banking
Healthcare Services
Transportation/Shipping
Telecommunications
Banking
Transportation/Shipping
Hardware
Hardware
Software
Banking
Banking
Transportation/Shipping
Banking
Accounting/Auditing
Banking
Banking
Banking
Insurance
Banking
Insurance
Retail
Media
Regulator
Industrial Engineering
Transportation/Shipping
Banking
Transportation/Shipping
Retail
Banking
Software
Pharmaceuticals
Media
Electricity
Banking
Hardware
Hardware
Banking
Insurance
Software
Insurance
Accounting/Auditing
Construction
Education
Banking
Electricity
Retail
Banking
Telecommunications
Insurance
Electricity
Insurance
Education
Hardware
Security Product Vendor
Retail
Banking
Telecommunications
Insurance
Banking
Media
Banking
Healthcare Services
Aerospace/Defence
Insurance
Insurance
Construction
Banking
Banking
Banking
Banking
Software
Banking
Real Estate
Banking
Hardware
Retail
Banking
Electricity
Healthcare Services
Healthcare Services
Insurance
Telecommunications
Banking
Legal
Retail
Banking
Transportation/Shipping
Banking
Software
Banking
Insurance
Retail
Banking
Retail
Hardware
Banking
Banking
Banking
Regional Law Enforcement
Hardware
Telecommunications
Biotechnology
Hardware
Automobiles/Parts
Electronic/Electrical Equipment
Insurance
Banking
Retail
Insurance
Aerospace/Defence
Banking
Software
Hardware
Regional Government
Software
Transportation/Shipping
Banking


Venue

Radisson Blu Scandinavia Hotel, Copenhagen

Radisson Blue Scandinavia Hotel

Location:

Radisson Blu Scandinavia Hotel

Amager Boulevard 70
Copenhagen
DK 2300
Denmark
 

Directions:

Please click here

 

Telephone:

+45 33 965 000