Blog
07.05.2025
min read

85% of CEOs: Cybersecurity is critical for business growth in 2025, but where to start?

An April 2025 survey by Gartner including 456 top executives globally reveals a clear shift in how cybersecurity is perceived at the executive level.
<span id="hs_cos_wrapper_name" class="hs_cos_wrapper hs_cos_wrapper_meta_field hs_cos_wrapper_type_text" style="" data-hs-cos-general-type="meta_field" data-hs-cos-type="text" >85% of CEOs: Cybersecurity is critical for business growth in 2025, but where to start?</span>

According to Gartner cybersecurity is not just about protection; it’s a critical driver for business growth.

Cybersecurity is key to growth and competitiveness

  • 85% consider cybersecurity critical for business growth

  • 61% express strong concern about cyber threats, particularly driven by the increasing use of artificial intelligence and unstable geopolitical conditions

  • 50% see a direct link between cybersecurity capabilities and their company’s competitiveness

A new digital reality

Gartner’s survey makes it clear that cybersecurity is high on the agenda—not just within IT, but also in boardrooms. For Norwegian companies, there is a new digital reality with increasingly automated processes, cloud usage, remote work, more complex value chains, and the use of AI. As a result we get new vulnerabilities that requires security to be considered as an integrated part of all new business projects and new procurements — preferably from the very beginning.

Where to start?

I previously worked as a technology leader in a Norwegian company, where we developed and delivered software used to process critical and sensitive data for large enterprises. The question I often asked myself regarding security—and which I believe Gartner does not always answer well enough—is where to start and what the appropriate level of security should be.

The reality for many companies today is even more complex. Attackers are highly resourced and more effective thanks to generative AI. Internally, Norwegian companies are just beginning to adopt AI, which can open new vulnerabilities. In addition, most work processes are digitalized, we use cloud and hybrid environments, and remote work is the norm. This requires a set of deep security competencies and a holistic understanding and not all companies have access to such expertise internally. Furthermore, the security budget is often smaller than desired.

Also read: Sicra hires Terje Vatle as Chief Innovation Officer >

NSM’s basic principles for ICT security

For many companies, the recommendations from NSM’s Basic Principles for IT security can be a good starting point. These principles provide concrete, prioritized recommendations based on feedback from public and private organizations in Norway and NSM’s own experience. The challenge is not reading the principles but rather implementing them in a cost-effective way that delivers real security impact.

Our method

At Sicra, we have skilled security advisors with extensive experience who can guide you through the implementation of NSM’s Basic Principles for IT security:

  1. Identify and map: Our advisors help you map infrastructure, access needs, and vulnerabilities, and align this with your company’s goals and strategy so you can assess what level of risk is acceptable. We can also help tailor your risk management processes.
  2. Protect and maintain: Security must be considered early and be integrated into all new projects and procurements. Our certified architects can help you work toward a modern security architecture and gain better control over key areas such as data flows, identities, access, email, and data at rest.
  3. Detect: We offer a cost-effective SOC (Security Operations Center) that provides 24/7 protection. We leverage Arctic Wolf’s leading SOC solution in Frankfurt. Unlike many other existing services, the response time is measured in minutes rather than hours. And a global pool of log data provides much better precision. Our certified experts assist with implementation and monitoring as an extended part of your security team. We also collaborate with River Security, allowing you to continuously test your company’s digital surface for vulnerabilities.
  4. Respond and recover: Our advisors can help set up tailored contingency plans for handling incidents and assist with implementing measures. We have skilled professionals who see the bigger picture and provide reassurance when an attack occurs.

Sources:
Gartner, CEO and Senior Business Executive Survey 2025
Gartner, 2025 CEO Survey — The Year of Dynamic Capacity

Want to know more?

We are happy to have a non-binding conversation?
Contact us
Cybersecurity is no longer just a protective mechanism; it is a critical growth driver.
CIO
Terje Vatle

Explore more

Cybersecurity that works
Blog

Cybersecurity that works

Tech blog
Cybersecurity
Sicra AS achieves prestigious ISO27001 certification
News

Sicra AS achieves prestigious ISO27001 certification

Sicra lands IT security agreement with 28 municipalities
News

Sicra lands IT security agreement with 28 municipalities

Sicra named cybersecurity partner of the quarter
News

Sicra named cybersecurity partner of the quarter

Tailored cybersecurity for institutions and enterprises that allows for innovation, growth, and fearless performance.

Get in touchCall us +47 648 08 488