Norway (NO)

Current status:
Norway has officially adopted its national strategy in 2012.

The national strategy is built upon 4 main objectives:

Obj.1 - Better coordination and common situational understanding

Obj.2 - Robust and secure ICT infrastructure for everyone

Obj.3 - Good ability to handle adverse ICT events

Obj.4 - High level of competence and security awareness

In order to reach these objectives the national strategy also identifies seven priority actions:

  • Ensure a more comprehensive and systematic approach to information security
  • Improve ICT infrastructure
  • Ensure a common approach to information security in public administration
  • Safeguard society’s ability to detect, alert and handle serious ICT incidents
  • Safeguard society’s ability to prevent, detect and investigate cyber crime
  • Continuous efforts to raise awareness and competence
  • High quality national research and development in the field of information security

For each strategic priority a status update and a list of specific areas of focus is described.

National Cyber Security Strategy

Year of adoption Norway National Cyber Security Strategy 2012
Updates and revisions

No revision of the actual national strategy is currently available. However, a specific Action Plan (Norwegian language) describing in more detail specific aspects of the national strategy has been published by the norwegian Government in 2012.

Implementation and monitoring

The national strategy has been developed jointly by the Ministry of Government Administration, Reform and Church Affairs, the Ministry of Defence, the Ministry of Justice and Public Security and the Ministry of Transport and Communications.

The Ministry of Justice and Public Security is primarily responsible for following up the strategy.

Legal conditions The first Norwegian NCSS was published in June 2003 covering 2003-2006. A second version of guidelines was established for the period 2007-2010. The latest version of NCSS was published in December 2012.
Operational capacities The NCSS focuses on a broad set of stakeholders such as the  Government, Business Community and the Citizens pointing  out  that  it  is  the  business companies  that  have  the  specific  responsibilities  in normal  operations  (and  during  crises).  The  government must establish rules and regulations and ensure that the different sectors have satisfactory cyber security strategies.
Progress measures To assess the current status during follow-up of the strategy’s priority areas, the Government will regularly request a status update for sectoral implementations of action plan initiatives, in order to monitor developments in information security. The Ministry of Justice and Public Security is responsible for this work. An inter-ministerial group will be appointed to monitor the strategy continuously over the long-term. The group’s work will include following developments in security challenges and trends, and assessing whether those developments will trigger a need to revise all or part of the national strategy on an ongoing basis.


Current status: NIS Directive and national CERTs/CSIRTs

Computer security incident
response teams (CSIRTs)

NorCERT is the national computer emergency response team. The team operates under the National Cyber Security Centre (NSM).

HelseCERT is the joint information security competence center for the Norwegian health care sector.

UNINETT CERT is the computer emergency response team for the norwegian national research network.

UiO-CERT is the computer security incident response team for the University of Oslo.

FinansCERT is a dedicated industry CSIRT for the Norwegian financial sector, as represented by Finance Norway – FNO.

Report an incident

NorCERT - Team Email - Main Phone  +47 23 31 07 50

HelseCERT - Team Email  - Main Phone +47 73 56 57 56 - Public PGP Key

UNINETT CERT - Team Email - Main Phone +47 73 55 79 60 - Public PGP Key

UiO-CERT - Team Email - Main Phone +47 22 84 09 11

FinansCERT - Team Email - Public PGP Key

Languages Norwegian/English
Date of last WISER analysis October 2016


Contact us for more info