Skip to main content
Cybercampus Sverige logga

From coordination to collective action

Cybercampus gathered Sweden to strengthen the protection of critical infrastructure

Co-Creation event at Cybercampus.
Co-Creation event at Cybercampus. På bild: Mehran Ghasemi (FMV), David Olgart (Cybercampus), Senja Nordström (Cybercampus), Tomas Wallin (Försvarsmakten)
Published Jun 12, 2026

Over three intensive days in June 2026, 50 representatives from industry, the public sector, academia and Sweden's total defence gathered at Cybercampus Sverige. The aim was to jointly create the conditions for concrete solutions that provide more robust protection and defence of civilian critical infrastructure against cyber threats and future risks in the cyber domain.

The Co-Creation Event on Critical Infrastructure and Cyber Defence was organised by Cybercampus Sverige in collaboration with the Swedish Cyber Defence. This was not a conventional seminar but three days of group work, scenario exercises and sharp discussion on questions that go to the heart of society's collective ability to withstand cyberattacks.

Broad representation

Participants included representatives from the finance, energy and telecoms sectors, government agencies, the research community and the defence forces. Organisations such as Swedbank, Telenor, Tele2, Microsoft, Ericsson, Sectra, AFRY and Freja eID shared the room with the Swedish Armed Forces, SAPO (the Swedish Security Service), the Swedish Transport Administration, Svenska kraftnat, the Swedish Financial Supervisory Authority and the City of Stockholm. Academia was represented by KTH, Blekinge Institute of Technology, Lulea University of Technology, Stockholm School of Economics, Linkoping University and the Swedish Defence University.

Three focus areas structured the work: coordination, governance and leadership, and technology, including the implications of AI development for cyber defence and critical infrastructure.

The group work was built around three scenarios:

  • Hybrid disruptions and digital trust friction
  • Host nation support under cyber and EMS pressure
  • Cyber, EMS, drones and recapture

     

Key takeaways: trust, accountability and the ability to act

Two days of intensive group work and panel discussions crystallised a number of central insights:

  • Coordination is not enough, we need to act jointly. Relationships and trust must be built in everyday operations to function when a crisis occurs.
  • Communication and information sharing must be in place before an incident. A joint, coordinated information structure is essential for prioritisation and rapid response.
  • Preparedness plans must be living documents. Regular exercises and clear mandates, from local to national level, are prerequisites.
  • Siloed structures create vulnerability. The greatest risks lie at the boundaries between sectors and organisations where responsibilities and processes are not harmonised.
  • Information sharing must become more actionable. Barriers related to secrecy and regulation must be addressed to get the right information to the right actor at the right time.
  • Trust and informal networks play a critical role. Established contacts enable faster decisions and more effective coordination when time is critical.
  • Resilience is built over time. Competence development, joint exercises and increased mobility between sectors strengthen collective capability.

The expert panel

The final day featured a panel discussion bringing together four perspectives: the finance sector's logic of protection and trust, the energy sector's operational resilience, the telecoms sector's role as enabler of almost all other vital societal functions, and the defence sector's need for collaboration to protect and defend critical infrastructure.

  • Petra Klein, Chief Security Officer, Swedbank
  • Lasse Larsson, CEO, Energi-CERT
  • Ove Landberg, Strategist, Swedish Post and Telecom Authority (PTS)
  • Representative from the Swedish Armed Forces

The panel's key messages: create a hub for information sharing, build redundancy and plan for your own capabilities. Act jointly and collaborate, not just coordinate. The panel also raised the issue of media literacy, noting that reporting on cyberattacks shapes public perception of the capabilities of society and government agencies.

Voices from the event

"It is important to emphasise that cyber defence is a systemic and cross-sectoral capability. When we succeed in bringing together state actors, private actors and academia, it gives us the ability to look at the problem from a completely different angle."
 Tomas Wallin, Commander, 4th Cyber Defence Regiment

"It has been incredibly interesting three days. The fact that we can reach consensus on quite difficult questions, how we respond in crisis situations, is what I take away. It is important that we meet and bring together different competencies."
 Ingrid Ivars, Stiftelsen Compare

"I notice that people work very much in their own bubble, their own silo, their own network, their own sector. But this opens up perspectives. You see in a completely different way how sectors depend on each other and how we ensure the whole system functions."
 Oskar Ehrnstrom, Vivicta

"We will look at creating conditions for not just coordination but more collaboration, to together manage this type of cybersecurity crisis."
 Alica Selmanovic Monokrousos, FOI

The road ahead

The capability exists. Sweden demonstrated this during the pandemic. Now it is about translating that experience into structures, ways of working and collaboration that also function for the cyber threats of the future.

When academia, government agencies and the private sector come together, the conditions are created to strengthen our collective cybersecurity. Acting together is not just important, it is essential.

Articles