Norway’s information technology sector runs on trust: software companies, platforms, and digital service providers are expected to be secure by default, resilient under pressure, and compliant across multiple jurisdictions. Security leadership in this industry is less about “protecting an internal network” and more about building durable security into products, cloud infrastructure, supply chains, and customer-facing operations—while enabling speed. The leaders below stand out for blending governance with practicality, and for treating security as a business enabler rather than a brake.
Vidar Utne — Chief Information Security Officer, SuperOffice
Vidar Utne represents the “security leader who knows the product” profile: decades of executive technology leadership, followed by a shift into dedicated security ownership at the same company. With a long tenure as Chief Technology Officer, the perspective is deeply grounded in how software is built, scaled, and supported, which is a major advantage for shaping secure-by-design practices, prioritizing risk, and making security work in the reality of engineering tradeoffs and customer expectations.
Mads Tansø — Chief Information Security Officer, Tietoevry
Mads Tansø brings long-cycle, standards-driven security leadership with deep operational credibility, spanning development, enterprise operations, and compliance-heavy environments. The profile emphasizes practical execution of management systems and assurance frameworks—such as ISO 27001, ISO 27701, ISO 22301, and payment security standards—alongside modern regulatory readiness. The combination of infrastructure optimization, process improvement, and “no-nonsense” governance aligns well with large, multi-unit service organizations where consistency and auditability matter as much as technical controls.
Joachim S. Sneen — Chief Information Security Officer, Entur AS
Joachim S. Sneen leads security in an ecosystem context, where digital trust must extend beyond one organization into national-scale value chains. The focus on governance, risk, and compliance in complex supplier networks—paired with the ability to translate security into measurable decision support—signals a leadership style that fits critical digital infrastructure. Strengthening third-party risk management and aligning security programs to regulatory expectations is especially relevant where uptime, integrity, and public trust are non-negotiable.
Henrik Berge Hansen — Chief Information Security Officer, Kezzler
Henrik Berge Hansen brings a blended security-and-quality perspective, with leadership experience spanning technology companies and regulated financial environments. Holding responsibility for both information security and quality management suggests a strong emphasis on disciplined operating models: clear controls, continuous improvement, and credible assurance for customers. This is particularly valuable for technology providers that must demonstrate security maturity to enterprise clients while sustaining product delivery pace.
Henrik Støle — Chief Information Security Officer, Veni
Henrik Støle reflects an execution-forward security leadership style anchored in cloud infrastructure and incident response. Experience leading cloud infrastructure and an incident response team, combined with responsibility for security and compliance in operational roles, points to a hands-on approach that prioritizes detection, response readiness, and pragmatic hardening. This kind of leadership is especially effective in fast-moving IT environments where security outcomes depend heavily on operational excellence and speed of containment.
Olav Espedal — Chief Information Security Officer, EMP Secure
Olav Espedal brings investigative rigor and advisory breadth, combining law enforcement cybercrime experience with enterprise security leadership across information security, privacy, and risk management. The profile signals strength in building policies and governance that stand up under scrutiny, while also understanding attacker behavior and incident realities. Leading security services that include around-the-clock security operations and offensive security aligns with a security posture shaped by both prevention and tested response capability.
Emerson Kastrati — Chief Information Security Officer, Omny
Emerson Kastrati brings a security leadership path shaped by long service in the armed forces, followed by advisory work and a transition into executive security ownership. This blend often translates into strengths in structured risk thinking, leadership under pressure, and operational discipline—useful traits for technology organizations building reliable and trusted services. The move into a Chief Information Security Officer role alongside broader leadership responsibilities suggests an ability to align security priorities with wider organizational execution.
Cecilie Lorentzen — Chief Information Security Officer, Sonette AS
Cecilie Lorentzen emphasizes security culture and pragmatic implementation, with experience establishing an ISO 27001-based management system and building security champions across an organization. That combination—formal governance plus internal enablement—fits product-centric IT companies where distributed ownership is essential. Additional experience as a Data Protection Officer and with medical device regulation readiness indicates strong capability in translating complex requirements into operational practice without losing momentum.
Steve Kawandami — Chief Information Security Officer, Computas
Steve Kawandami brings a modern security leadership style grounded in risk management and incident response, with a clear emphasis on aligning security strategy to business growth. The focus on enabling innovation—rather than blocking it—signals a consultative, outcome-driven approach suited to an IT services and consulting environment. Building strategies that help organizations move faster safely is particularly valuable in a sector where security must scale across diverse clients, technologies, and regulatory contexts.
From Product Security to Ecosystem Trust in Norwegian Technology
Norway’s IT industry is increasingly judged on the security it delivers outward—through products, services, integrations, and supply chains—not just what it protects internally. The leaders featured here reflect that shift: balancing formal governance with operational response capability, embedding security into engineering and delivery, and treating trust as a measurable business asset. In a market where customers expect proof, not promises, these are the security leaders shaping how Norwegian technology earns—and keeps—confidence.