Study: Finnish companies need to improve their preparedness for cyber threats

According to the survey, as many as 87% of Finnish business leaders are very or fairly confident in their organisation's ability to detect and respond to cyber-attacks. However, only 33% of companies have a contingency plan for cyber threats. There are also gaps in basic security solutions: up to a quarter of respondents do not have a firewall (25%) or antivirus protection (24%) in place.

"Today's society is highly dependent on various cloud services and information networks, and their continuity is ensured by contingency and recovery plans. The least companies need to do to protect themselves and their customers is to ensure they have appropriate firewall solutions, anti-malware protection, and regular backups of critical data. This creates the basis for increasing cyber resilience," says Anna-Mari Ylihurula, Senior Vice President, Corporate Business at DNA.

Artificial intelligence is accelerating cybercrime, and cybersecurity solutions using AI-powered automation are needed to combat new threats. They continuously look for anomalies and unusual phenomena and react proactively to potential threats. The survey shows that only 16% of Finnish decision-makers trust AI to strengthen online security. On the other hand, 32% of respondents believe that AI weakens security.

"Artificial intelligence plays a major role in modern cybersecurity, as it can combat completely new threats more efficiently. Cybercriminals' toolbox is rapidly evolving, so companies need to remain vigilant to stay ahead," says Ylihurula.

According to the study, the main obstacles to enhancing cyber capabilities are the staff's lack of security awareness (25%) and cybersecurity expertise (27%). Haste and distractions expose people to human errors, which cybercriminals exploit, for instance, through email and phone attacks.

"Effective cybersecurity is like an onion. Even if an attacker gets through the first layer, the next one is already in place. Enhancing the expertise across the entire supply chain and creating a calm and stress-free culture to prevent threats caused by lapses in attention are essential cybersecurity actions. Education and gamification are good ways to raise cybersecurity awareness."

Businesses play a crucial role in society's cyber resilience – trust in the public sector is at the forefront within the Nordics

The public sector bears significant responsibility for national security, but businesses are also instrumental in securing functions vital to society and critical digital infrastructure. Public transportation, banking, grocery stores, and telecommunications must operate seamlessly in all circumstances.

"For overall national defense, cyber resilience must be in shape throughout the supply chain. Small businesses may think they are not attractive targets, but they could serve as a gateway for criminals to larger companies or government agencies. Preparedness and security of supply are concerns for everyone, as a digitised society cannot function for long without critical infrastructure and services," says Tero Solante, Chief Digital Officer of the Finnish Defence Forces, who talked at DNA’s Cyber Resilience Secures Business event.

In a Nordic comparison, Finnish consumers are significantly more confident than the respondents in other countries in the ability of public administration to prevent cyber attacks, with only 24% of respondents being sceptical. The gap is particularly large compared to Sweden (50%) and Norway (43%), with Denmark being closer to Finland at 33%.

There seems to be rational justification to the trust, as significantly more public sector decision-makers (59%) express concerns about cyberattacks compared to private sector’s respondents (34%). Moreover, 61% of public sector organisations have contingency plans for cyber threats.

"With NATO membership, we are no longer alone in military defense, and we don't have to be alone in cybersecurity either. Both authorities and businesses should exchange information and expertise, practice, learn from each other, and share best practices as much as possible,” Solante continues.

More about the study: Commissioned by the Telenor Group, Norstat conducted a study in October 2023 to investigate the views of leaders in Finnish, Norwegian, Swedish, and Danish companies and organizations on topics related to cybersecurity and cyber resilience. The total number of respondents was 2,134, of which 518 were from Finland. The error margin for the study is 1.9–4.5 percentage points.

In another consumer survey commissioned by the Telenor Group and conducted in October 2023 by Norstat, the total number of respondents regarding cybersecurity was 4,062, with 1,018 from Finland. The error margin for the study is 1.4–3.2 percentage points.

More information:

Attachment: survey summary 

Anna-Mari Ylihurula, Senior Vice President, Corporate Business, DNA Plc.
tel. +358 (0)44 044 7755
anna-mari.ylihurula@dna.fi