This week, the Norwegian secret services – the Norwegian Intelligence Service, the Police Security Service, and the National Security Authority – published their annual assessments of threats and risks against Norway. The tone of voice was clear: things are getting serious, it is time to act. Arne Christian Haugstøyl, head of NSM, commented that “Norwegian companies are naïve and do not seem to grasp the changes we have seen the last years.”

Key findings

The reports are comprehensive and contain considerable nuance. Below is a summary of some key findings.

1. The Norwegian Intelligence Service

The Norwegian Intelligence Service outlines a shifting global security environment driven by power struggles between Russia, China, and Western nations. Russia continues to pursue aggressive foreign policies, leveraging energy dependency, digital vulnerabilities, and receptiveness to disinformation of European democracies. The report highlights the growing risk of Russian attacks targeting critical infrastructure, financial institutions, and supply chain networks.

China’s approach is characterized by strategic investments, espionage, and digital intrusions. The report emphasizes China’s increasing control over key global supply chains, particularly in rare earth minerals, semiconductors, and strategic infrastructure. The Arctic region is another focal point of competition, as both Russia and China seek to expand their military and economic presence. Military modernization efforts, including space-based capabilities, pose additional concerns regarding global stability and the risk of escalation.

2. The Police Security Service (PST)

PST highlights Norway’s growing vulnerability to foreign intelligence operations, cyber espionage, and domestic extremism. Russian intelligence services are actively targeting Norwegian political institutions, infrastructure, and business leaders to manipulate decision-making processes and steal sensitive information. China continues to employ industrial espionage to acquire advanced technology and intellectual property from Norwegian businesses. Iran and North Korea also remain engaged in cyber operations aimed at financial theft and system disruption.

The report identifies evolving terrorism threats, particularly from Islamist extremists and -righ t-wing movements. The Middle East conflict has fueled radicalization, with extremist networks attempting to recruit individuals in Europe. Meanwhile, right-wing extremist groups are leveraging digital platforms to spread ideological narratives, recruit followers, and inspire attacks. AI-driven misinformation campaigns and deepfake technology further complicate security efforts, as they are increasingly being used to manipulate political and corporate reputations.

3. The National Security Authority (NSM)

NSM provides a detailed assessment of sabotage, insider threats, and cybersecurity vulnerabilities affecting Norwegian businesses and critical infrastructure. Russian intelligence operations have demonstrated an increased willingness to engage in sabotage activities, including cyber and physical attacks on European energy networks, transportation systems, and telecommunications infrastructure.

Insider threats are a growing concern, with foreign intelligence agencies actively recruiting individuals with access to sensitive corporate and governmental data. Cyberattacks utilizing artificial intelligence are evolving rapidly, making detection and mitigation increasingly difficult. Businesses tightly integrated with high-tech solutions, critical logistics, and energy resources are particularly at risk. Additionally, the report highlights China’s expanding economic footprint in Norway, particularly in infrastructure projects and digital ecosystems, raising concerns over long-term strategic dependencies and national security risks.

What does this mean for you?

The secret services’ mandate is such that they assess the threat and risk against Norway’s interests on a national level. These public reports do not assess the threat or risk faced by individual organizations and companies. It is the responsibility of each organization and company to assess how the national threat picture affects them, and what they should do in response.

For most organizations, only parts of what was presented today is directly relevant, but to identify those parts and what the implications is no easy task!

This is the primary value that OpenHorizon brings to the table. We manage an updated gallery of hundreds of threat actors. These threat actors have high-resolution profiles that include their intentions, capabilities, geographical operating areas and preferred courses of action.

By creating detailed profiles of our clients and the industries within they operate, we are able to filter out the noise. This means that we isolate the threat actors that have a high probability of targeting the client and are able to inflict serious damage, and the scenarios that they are likely to initiate. We remove the rest from the equati on. Our clients are then left with the parts of the threat landscape relevant to them. This allows our clients to make more informed decisions about how to best secure their operations. After all, you need to understand who is a threat to you and how that threat is likely to manifest before you can spend your resources on the right security measures.

This is all part of sound risk management, accounting for both digital and kinetic threats. To echo the message from the secret services, “too many Norwegian organizations are wide open”, and it is more important than ever that immediate and proactive steps are taken to understand and address the risks they are facing.