Cybersecurity Competence for Organisations in Inner Scandinavia

TL;DR

The paper investigates cybersecurity competence and readiness of organisations in Värmland, Inner Scandinavia, in response to rising threats and a dense regulatory landscape. It combines an online survey (N=19) and six semi-structured interviews (N=6) to map current security practices, education needs, and barriers to competence development across private and public sectors. The findings highlight a split between large firms seeking advanced expert training and SMEs/public sector prioritising risk management and basic awareness, with embedded-system and product-security education identified as gaps. The study concludes with recommendations for continuous training, cross-organisation networks, and cross-border cooperation to strengthen cybersecurity competence in Inner Scandinavia, with potential applicability beyond the region.

Abstract

A rapidly growing number of cybersecurity threats and incidents demands that Swedish organisations increase their efforts to improve their cybersecurity capacities. This paper presents results from interviews and a prior survey with key representatives from enterprises and public sector organisations in the Swedish region of Värmland in Inner Scandinavia, examining their cybersecurity readiness and needs for education and competence development. We discuss the generalizability of our findings and the extent to which they may be specific to Sweden and Värmland, and we conclude by proposing efforts to strengthen cybersecurity competences in Inner Scandinavia.