TechTarget and Informa Tech’s Digital Business Combine. Dark Reading Resource Library Black Hat News Omdia Cybersecurity Advertise NEWSLETTER SIGN-UP Cybersecurity Topics World The Edge DR Technology Events DR20 Resources CYBERSECURITY ANALYTICS CYBERSECURITY OPERATIONS CYBERSECURITY CAREERS CYBER RISK NEWS Breaking cybersecurity news, news analysis, commentary, and other content from around the world, with an initial focus on the Middle East & Africa and the Asia Pacific Nordic CISOs Handle Rising Cyber Threats Remarkably Well Artificial intelligence notwithstanding, the vast majority of CISOs in northern Europe say they're facing no more serious cyberattacks than they did two years ago. Nate Nelson,Contributing Writer May 28, 2026 4 Min Read SOURCE: ERIC D RICOCHET69 VIA ALAMY STOCK PHOTO Around the planet, cyber threats are both rising in volume and growing more potent. Yet organizations in northern Europe don't seem to be feeling the brunt of it; chief information security officers (CISOs) in the region report unexpectedly high levels of preparedness. This week, Stockholm-based Truesec released its biennial report based on interviews with CISOs located in Nordic countries. Compared to the data it collected two years ago, one trend stood out far beyond the rest: Security leaders are not reporting any increase in severe cybersecurity incidents affecting their organizations. The overwhelming majority of CISOs report facing no more serious issues than they were dealing with two years ago, when artificial intelligence threats were still mostly theoretical. The report's authors call this "a remarkable feat," especially because a stable number of incidents "in these accelerated times, would equal a net reduction" in the relative percentage of attacks that manage to cause real problems. They attribute the feat to improved cybersecurity defenses, despite few meaningful changes to the power or resources afforded to CISOs. Related:Do Ceasefires Slow Cyberattacks? History Suggests Not Nordic CISOs Unphased by Rising Threats In their interviews, Nordic CISOs reported the same trend everyone else in cybersecurity has been seeing: more threat activity than ever before, more aggressive tactics, more persistent attacks. As just one case in point: In 2024, the average time it took for attackers to exploit targeted organizations was 53 days, according to survey respondents. In 2026, that number is down to 2.4 days, largely thanks to AI. One would expect, then, that from 2024 to 2026, CISOs would report a greater number of severe cybersecurity incidents affecting their organizations. Not so. A whopping 91% of respondents reported stable, consistent levels. In 2024, only 29% of respondents reported stability, with 53% reporting an increase. "There are probably many explanations for it," says Gabriel Winnberg, senior security adviser at Truesec. In general, Winnberg and his colleagues attribute the improvement to better organizational cybersecurity. "One example is increased outsourcing to mature managed detection and response (MDR) service providers, providing the capability to identify and manage incidents before they become severe. Another example is better attack surface management." Heightened risks balanced by better defenses "is something I'm seeing in the US and other geographies, too," adds Noma Security CISO Diana Kelley. "The report's data showing severe incidents stabilizing while lower-severity incidents rise suggests security teams are getting better at detection and containment, but they're doing it under greater time pressure." Related:More Than 40% of South Africans Were Scammed in 2025 It may also be that, cyber defenses aside, AI has mostly helped hackers with lower- and medium-severity attacks less likely to cause severe outcomes. And while AI has been growing, ransomware — once the scourge of organizations everywhere — has been declining. That helps. A less optimistic possibility is that these figures are merely a fluke owed to the limitations of the study. Surveys conducted without large enough sample sizes can yield dodgy results. Truesec did not report the number of CISOs who participated in its study, but indicated that they took part in "in-depth" interviews, suggesting a smaller, more targeted group. As a consequence, some figures appear distant from reality. For instance, in 2022, no CISOs told the surveyors that they were experiencing a decrease in severe cybersecurity incidents. That figure rose to 18% in 2024, then fell to zero again in 2026. CISO Power Stagnates CISOs also reported stability when it came to their relationships to their larger organizations. In recent years, CISOs have been known to lobby for a "seat at the table" in the boardroom with other major executives. They're still one degree of Kevin Bacon away, though, as most still report to technology (CTO, CIO) or finance (CFO) leaders ahead of them in the pecking order. Related:Retail, Services Industries Under Fire in Oceania Security budgets have also stabilized. An almost identical number of respondents reported that their budgets either increased or decreased in 2026 (68% increase, 9% decrease) compared to 2024 (66% versus 9%). The way those budgets are being distributed seems to vary based on the organization. While some smaller number of CISOs report their budgets consolidating under the banner of cybersecurity, Winnberg notes that "on the other hand, all report that some security investments are being 'shifted left' into IT (e.g. licensing), so it's no longer part of the CISO's budget." Despite few material improvements in their standing, the report noted, "In 2026, the CISOs interviewed perceived having moved up further in the food chain, not necessarily organizationally, but rather communicationally, where their voices matter more." The authors speculated that "proximity to executives makes CISOs business-driven. Along with this move comes a shift in objectives, from protecting critical systems to protecting key business processes." "[That's] another aspect I'm also seeing here in the US," Kelley says. "The emphasis on translating cyber exposure into business-process risk is exactly where CISO focus and executive alignment need to go, moving forward on a global basis." Read more about: Europe About the Author Nate Nelson Contributing Writer Nate Nelson is a journalist and award-winning scriptwriter. In addition to Dark Reading he writes for Darknet Diaries, the most popular show in cybersecurity across all media. He began his career as a freelancer, ghostwriting Forbes and CNBC op-eds for executives in tech and finance. Then he transitioned to journalism at Threatpost, where he covered cybersecurity news and trends. Throughout those years he co-created a cybersecurity podcast, Malicious Life, which in its day climbed into the Top 20 technology podcasts charts on Apple Podcasts and Spotify. He holds degrees from New York University and Bard College. As a born and bred New Yorker, he enjoys a superiority complex, but is polite enough to keep it to himself. Want more Dark Reading stories in your Google search results? ADD US NOW More Insights Industry Reports How Organizations Are Managing Incident Response How Enterprises Are Developing Secure Applications Inside RSAC 2026: security leaders reveal the risks redefining your defense strategy Essential News & Insights from Black Hat USA 2025 How Enterprises Are Harnessing Emerging Technologies in Cybersecurity Access More Research Webinars The Frontier AI Era: Why Cybersecurity Must Move at Machine Speed Build vs. Buy: The Hidden Cost of Building Your Own AI Security Stack Defending in the Shadow Era: When the CVE Feed Goes Dark Building SecOps That Make the Most of Every Dollar AI-Powered Cybersecurity for Resource-Constrained Organizations More Webinars You May Also Like CYBERSECURITY ANALYTICS In Cybersecurity, Claude Leaves Other LLMs in the Dust by Nate Nelson, Contributing Writer DEC 17, 2025 CYBERSECURITY ANALYTICS How Agentic AI Can Boost Cyber Defense by Jeffrey Schwartz DEC 04, 2025 CYBERSECURITY ANALYTICS Mideast, African Hackers Target Gov'ts, Banks, Small Retailers by Nate Nelson, Contributing Writer OCT 23, 2025 CYBERSECURITY ANALYTICS Commentary Section Launches New, More Opinionated Era by Becky Bracken OCT 10, 2025 Editor's Choice CYBERSECURITY OPERATIONS 20 Leaders Who Built the CISO Era: 2 Decades of Change byDark Reading Editorial Team MAY 12, 2026 41 MIN READ APPLICATION SECURITY It's Patch Tuesday for Microsoft & Not a Zero-Day In Sight byJai Vijayan MAY 12, 2026 5 MIN READ CYBERATTACKS & DATA BREACHES Instructure Breach Exposes Schools' Vendor Dependence byAlexander Culafi MAY 6, 2026 4 MIN READ Want more Dark Reading stories in your Google search results? Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox. SUBSCRIBE Webinars The Frontier AI Era: Why Cybersecurity Must Move at Machine Speed TUESDAY, JUNE 23, 2026 1:00 PM EDT Build vs. Buy: The Hidden Cost of Building Your Own AI Security Stack THURS, JUNE 25, 2026, AT 1PM EST Defending in the Shadow Era: When the CVE Feed Goes Dark TUES, JUNE 16, 2026 AT 1PM EST Building SecOps That Make the Most of Every Dollar THURS, JULY 9, 2026 AT 1PM EST AI-Powered Cybersecurity for Resource-Constrained Organizations THURS, JUNE 18, 2026, AT 1PM EST More Webinars BLACK HAT USA | MANDALAY BAY, LAS VEGAS The premier cybersecurity event of the year returns to Mandalay Bay with a re‑engineered, six‑day program built to ignite innovation, push boundaries, and bring the global security community together like never before. Use code: DARKREADING to save $200 on a Briefings pass or $100 on a Business pass. GET YOUR PASS Discover More Black Hat Omdia Working With Us About Us Advertise Reprints Join Us NEWSLETTER SIGN-UP Follow Us Copyright © 2026 TechTarget, Inc. d/b/a Informa TechTarget. This website