Over the past decade, Nordic banks have rapidly expanded their digital ecosystems. Instant payments, cloud platforms, and open banking have enabled new services but also introduced new exposure. In the middle of this shift is Joakim Nilsson, Senior Consultant and Partner at 421, who helps banks strengthen their resilience against cyber threats and operational disruptions.
Right now, the real challenge isn’t building more technology. It’s building capability, and the ability to keep critical services running even when something unexpected happens, says Joakim.
Joakim points out trust as the foundation of the banking system. If critical services like payments fail, confidence can plummet. In recent years, the conversation around cyber risk has moved beyond IT and into executive management. According to Joakim, this shift is driven by a more volatile geopolitical landscape and increasingly aggressive cyber operations.
We are seeing state actors, particularly from Russia, actively targeting the Nordic financial infrastructure. The goal is to disrupt, test readiness, and, ultimately, challenge our confidence. For banks, this is no longer a technical security issue, it’s about financial stability and public trust.
A transformation that spans the entire bank
Joakim’s background is not the stereotype within cybersecurity. He has spent many years in transformation roles, leading complex projects from start to finish. One of the main challenges has always been to bridge the silos between IT and business. And when it comes to cybersecurity, resilience is often viewed as an IT-only responsibility.
You need clear sponsorship. Otherwise, resilience gets stuck as a technical initiative instead of a strategic capability. It requires coordination between tech and business, and that’s where I believe my transformation experience is crucial. Meaningful cultural change must start from the top and align every part of the organization.
New regulation sets the standard, but the goal is capability
The EU’s new Digital Operational Resilience Act (DORA) is pushing the sector toward clearer standards for continuity, incident reporting, and supplier oversight. But Joakim is quick to highlight that DORA shouldn’t be treated as a compliance checklist. It’s only an entry point. The real objective is to build the capability to respond, recover, and maintain trust.
Resilience isn’t something you just have. It’s something you constantly build, test, and improve. In the current climate, it may be one of the most valuable assets a bank can invest in, and DORA is a great starting point, but we must do more.
Joakim explains how there is also a growing emphasis on supplier resilience. Large providers like Microsoft and Oracle often meet the requirements, but smaller fintechs may struggle, even though they are the ones driving innovation forward.
Innovation in banking increasingly comes from smaller tech companies. But becoming a critical supplier to a regulated bank is a very high bar. That’s going to reshape parts of the ecosystem. We need all stakeholders to come together to ensure that society can function even when under stress.
How is your organization working with resilience in cybersecurity? Contact us and let’s find the best way ahead.
Share:
