Cybersecurity in Business: Insights from Industry Leaders

Introduction

Cybersecurity is no longer just an IT concern; it has become a fundamental business strategy. Companies that fail to prioritize security risk not only financial losses but also reputational damage and regulatory penalties.

In a panel discussion at Next Door Security Aarhus hosted by Stine Kjærsgaard, cybersecurity experts Peer Kristensen, CEO of Security Tech Space, and Michael Venø Bækgaard, Group CISO at Salling Group, shared their insights. They explored how cybersecurity impacts businesses, the challenges of implementation, and the future of cyber resilience.

Here’s a deep dive into the key takeaways from their discussion.

Key Takeaways

Cybersecurity as a Business Imperative

Cybersecurity is no longer an optional investment; it’s a business necessity. According to Michael Venø Bækgaard, some companies see security as a competitive edge, ensuring compliance and trust, while others still view it as an expense.

Currently, around 116.000 Danish businesses have yet to incorporate cybersecurity into their operations. This gap presents an opportunity for security firms to offer innovative, scalable solutions that align with business needs.

The Competitive Edge of Cybersecurity

Businesses that embed security into their core operations enjoy several advantages:

• Stronger partnerships: Many enterprises, including Salling Group, require their vendors to have robust cybersecurity frameworks.
• Regulatory compliance: Adhering to standards like NIS2 makes companies more attractive to investors and customers.
• Enhanced reputation: A security-first approach builds customer confidence and brand loyalty.

Michael Venø Bækgaard emphasized that while compliance is important, it’s not a dealbreaker when working with start-ups:

I don’t require start-ups to be fully compliant with major regulations, but they do need to be doing something about cybersecurity. More importantly, they must be able to argue for what they are doing.

This means that companies don’t necessarily need to have every certification in place—but they do need a well-thought-out cybersecurity strategy.

Barriers to Cybersecurity Implementation

Despite the clear benefits, many companies struggle with cybersecurity adoption. Peer Kristensen highlighted several common barriers:

1. Cost: SMEs often perceive security as a financial burden rather than an investment.
2. Lack of awareness: Many business leaders do not fully understand the risks of cyber threats.
3. Shortage of skilled professionals: Companies find it challenging to hire cybersecurity experts.

To overcome these barriers, businesses must adopt a proactive approach, leveraging partnerships and automation to optimize their security measures.

Talent Shortage and Workforce Challenges

One of the most pressing issues in the cybersecurity industry is the lack of qualified professionals. By 2030, Denmark will need an additional 22.000 cybersecurity specialists.

As Peer comments: 

One of the biggest challenges in cybersecurity today isn’t just technology—it’s people. We need more skilled professionals, and if we don’t address the talent shortage, companies will struggle to implement even the most basic security measures.

Bridging the Talent Gap

Companies like Salling Group address this challenge by:

• Upskilling existing employees: Training staff internally to develop security expertise.
• Graduate and internship programs: Bringing in young talent early and fostering a security-conscious culture.
• Decentralizing security responsibilities: Embedding security roles within different teams to reduce dependency on a central IT department.

The Role of Regulation in Cybersecurity

Regulations like the EU’s NIS2 directive are pushing companies to prioritize cybersecurity. While compliance can be burdensome, it also elevates industry standards.

Michael Venø Bækgaard emphasized that regulatory frameworks drive adoption, ensuring businesses take security seriously. However, he acknowledged that regulation alone is not the solution:

I don’t believe in just following a checklist of 120 security questions. What really matters is whether a company has integrated cybersecurity into its mindset and operations.

This underscores the importance of practical security implementation rather than just ticking compliance boxes.

Building a Cyber-First Business Strategy

For startups and growing businesses, cybersecurity should be integrated from day one. Large enterprises, like Salling Group, prefer working with vendors that prioritize security.

Key Considerations for Cybersecurity Startups

• Develop security-first products: Ensure security is built into the core of your solutions.
• Focus on integration: Large companies look for seamless integration with existing systems.
• Demonstrate compliance: Following recognized cybersecurity standards builds trust.
• Collaborate with industry players: Partnerships can open doors to new opportunities.

However, Michael Venø Bækgaard offered a crucial piece of advice for startups:

If you want to sell to me, don’t target me. Target my technical peers. If they love your solution, I will love it too.

This highlights the power of internal buy-in—a security solution is far more likely to be adopted if IT teams are excited about it.

Conclusion

Cybersecurity is no longer a niche concern – it’s a business necessity. Companies that integrate security into their operations gain a competitive edge, comply with regulations, and protect their assets from cyber threats.

For businesses looking to strengthen their security posture, the key is to adopt a proactive approach: invest in cybersecurity talent, embrace regulatory frameworks, and prioritize security from the ground up. Whether you’re a startup or an established enterprise, cybersecurity should be a cornerstone of your business strategy.

Our speakers: Cybersecurity in Business

FAQs