Norway’s insurance sector sits at a high-pressure intersection: regulated financial services, fraud exposure, and always-on digital customer journeys—while depending heavily on third parties (claims networks, partners, SaaS platforms, outsourced operations). The strongest security leaders in this space tend to pair operational reliability with governance and risk discipline, because “security” in insurance is as much about resilience, identity, and trust as it is about controls.
David Skog — Vice President Information Technology, Team Leader Information Technology Operations and Chief Information Security Officer, Skuld
David Skog represents the hybrid insurance security leader: deeply rooted in operations, with executive accountability for security. At Skuld, he holds a combined role spanning Vice President Information Technology, team leadership for Information Technology Operations, and Chief Information Security Officer responsibilities. That long tenure suggests an operator’s mindset—owning the day-to-day reality of availability and service delivery while making sure security is practical, embedded, and aligned with business needs. His earlier consulting and regional Information Technology leadership background rounds out a profile that’s comfortable translating between stakeholders, vendors, and the technical teams doing the work.
Steinar Lieungh — Chief Information Security Officer and Head of Information Security, Fremtind
Steinar Lieungh stands out for building security leadership through the insurance stack—progressing from specialist and advisory functions into a top security role. At Fremtind, he serves as Chief Information Security Officer while also leading Information Security, with prior internal progression through information security ownership roles. His background includes multi-year experience across SpareBank 1 insurance entities in operations and security, plus change management and advisory responsibilities. In an insurance environment, that blend matters: security programs succeed when they’re engineered into how changes happen, not bolted on after decisions are already made.
Elisabeth Strømsholm — Head of Risk Management and Chief Information Security Officer, SpareBank 1 Nordmøre
Elisabeth Strømsholm brings a risk-led lens that fits modern insurance governance—where security, capital discipline, and regulatory expectations increasingly connect. Her role explicitly combines leading risk management with Chief Information Security Officer responsibility at SpareBank 1 Nordmøre. That dual scope signals a leader who can tie cyber and information security priorities to enterprise risk language: capital planning, resilience expectations, and decision-making discipline. In insurance, this often translates into clearer risk ownership, better board reporting, and more actionable prioritization across security initiatives.
Tone K. Nygård — Chief Information Security Officer and Information Technology Security Manager and Business Advisor, Finans Norge Forsikringsdrift
Tone K. Nygård’s experience is anchored in long-running Information Technology leadership with a clear transition into security executive ownership. At Finans Norge Forsikringsdrift, she serves as Chief Information Security Officer and Information Technology Security Manager, with an explicit “business advisor” dimension—useful in an industry where security decisions must be tied to operational and commercial realities. Her earlier roles as Chief Information Officer / Head of Information Technology and Deputy Director of Information Technology highlight a leader who understands service management, planning, budgeting, and organizational execution—capabilities that often determine whether security programs actually get adopted.
Anders Hardangen — Executive Vice President, Chief Security Officer and Chief Information Security Officer, Director of Group Security, DNB
Anders Hardangen leads security at a scale that few organizations in Norway can match. As global Chief Security Officer and Chief Information Security Officer and Director of Group Security at DNB, he operates across a broad security portfolio that includes governance, physical security, personnel security, cyber security, business continuity, fraud, sanctions, and anti–money laundering. In financial services with insurance and pension products in the mix, that scope reflects an integrated security model—one where cyber risk is managed alongside fraud and resilience as part of a single executive security function.
Why Norway’s Insurance CISOs matter
Insurance is a trust business: customers hand over identity data, financial details, and deeply personal information tied to health, property, or life events. The leaders above stand out because they’re positioned where trust is won or lost—operations, risk governance, and enterprise-scale security execution. In Norway’s insurance ecosystem, that combination is what turns “security strategy” into measurable resilience.