""

Cybersecurity in industry: A necessity for safety and security

17 October 2025

In today’s digitised society, where physical and electronic systems are increasingly integrated, cybersecurity has become one of the most critical factors for industry. This applies in particular to so-called cyber-physical systems, where physical processes and components are directly connected to networks and software. Strengthening the security of these systems is not only crucial to prevent data breaches, it is also important for ensuring safe work environments.

– For SSG, industrial customers are of course very important, and we need to be a supplier that our clients can trust. As control and requirements regarding cyber security increase for our clients, it is important that SSG is a supplier that not only understands its clients’ challenges, but also delivers safe and secure solutions,” says Marcus Holmberg, Chief Information Security Officer at SSG.

Marcus Holmberg, Chief Information Security Officer at SSG.

The threat of major consequences

The industry relies heavily on digital technology to streamline and automate its processes. But this also means that systems become vulnerable to cyberattacks, where both human and technical factors can be exploited by attackers. A successful attack can lead to downtime, financial losses and damage to both people and infrastructure.

To protect these systems, it is important that the industry works proactively with security measures. This includes identifying and eliminating vulnerabilities in both software and hardware, implementing robust security protocols and monitoring systems for signs of intrusion. Another important aspect is to ensure that staff have the necessary knowledge to understand and deal with cyberthreats. Regular training and incident management exercises can be crucial to respond quickly to an attack.

Cybersecurity in constant development

– The solution is to incorporate security as early as possible in the development process. In the past, a product would be developed and then it would be discovered that there were security flaws in the code or its components. It is no longer a sustainable option. The development teams themselves must take responsibility for security. Having the right competence, routines and tools to avoid building known flaws into the code and create better control over the content. This is an important part of the safety culture at SSG and one that we are constantly striving to improve,” says Marcus Holmberg.

In a world where digitalisation is one of the cornerstones of success and efficiency, the importance of cybersecurity cannot be underestimated. It is an ever-changing area that requires continuous work to stay up-to-date and relevant – but working proactively with cybersecurity can also create new business opportunities and strengthen a company’s competitiveness.

New EU directive NIS2 and new Swedish legislation 2025

An EU directive aimed at achieving a high common level of cybersecurity throughout the EU. Replaces the previous 2018 NIS directive and covers significantly more sectors. Sets clearer requirements for risk analyses, security measures and management participation in cyber security work. Expected to be implemented in Sweden through a new law to come into force in the summer of 2025 at the earliest. 

Read more on the Swedish Civil Contingencies Agency’s website