Nordlo develops cybersecurity framework in MSB-funded project

Mattias Christensson, CEO of Nordlo Syd.

On 15 October, Sweden's national coordination centre for research and innovation in cybersecurity, NCC-SE, granted support to 25 different projects, one of which will be run by Nordlo in Skåne. The project involves developing tools, methodologies, training and pilot activities for coordinated change and continuity management. The aim is to strengthen organisations' ability to maintain secure and continuous operations in accordance with NIS2 and DORA requirements.

 “Most incidents that occur in an IT environment are due to changes, accounting for almost 90 percent. Errors that occur during change can often be due to inadequate documentation or someone missing an important step in the change process.”

Nordlo's project will develop tools, methodologies, training and pilot activities that will enable changes to be managed in a more controlled and coordinated manner. The focus is particularly on small and medium-sized enterprises.

"Our goal, and that of MSB, is to increase organisations' resistance to unexpected attacks. This is something that strengthens the resilience of companies and Sweden as a whole.”

Focus on small and medium-sized enterprises

Small and medium-sized enterprises in particular have historically been less mature in terms of continuity and change management. According to Mattias, this is largely a question of cost, as the models that exist are adapted to large organisations.

“Management and boards are increasingly prioritising IT security and beginning to understand the importance of a continuity plan in case something happens. We clearly see that companies are experiencing an increased threat level. Everyone is at risk, not just those who hold sensitive information.”

The project will start in November 2025 and run until February 2026. It is being run by Nordlo's Skåne unit, with offices in Ängelholm, Malmö and Helsingborg. The result will be a newly developed module in Nordlo's Security Governance service, which identifies risks, monitors security levels and ensures compliance.

“When we are done, our customers will be able to oversee their entire IT landscape, even parts that are beyond our direct control. By strengthening our customers' resilience, we also strengthen their competitiveness,” says Mattias Christensson, CEO of Nordlo Syd.

About NCC-SE
Sweden's national coordination centre for research and innovation in cybersecurity (NCC-SE) was established by MSB and promotes collaboration between research institutes, companies and authorities. Through financial support to third parties, small and medium-sized companies are given the opportunity to run projects that strengthen cybersecurity capabilities and stimulate innovation.

NIS2 and DORA
The NIS2 Directive aims to achieve a high common level of cybersecurity throughout the EU.

DORA (Digital Operational Resilience Act) is a common EU regulatory framework aimed at financial actors, with the aim of managing digital risks.

For more information, contact:
Mattias Christensson, CEO of Nordlo Syd, +46 709 51 81 11, mattias.christensson@nordlo.com