Finland’s government administration runs on digital trust: defence and border systems, civil registries, procurement, national mobility and communications oversight, parliament, and city services that affect millions of residents. Public-sector security leaders operate under exceptional accountability—security choices must stand up to scrutiny, regulation, and operational reality, while still enabling modernization in complex, multi-stakeholder environments.
Below are the CISOs who stand out for building security programs that are durable, measurable, and mission-aligned in Finnish government contexts.
Harri Mäntylä — Chief Information Security Officer, Finnish Ministry of Defence
Harri Mäntylä brings long-term national security experience that spans research, commercial network security, and military information management. As Chief Information Security Officer at the Finnish Ministry of Defence since April 2014, he operates in an environment where confidentiality, integrity, and resilience are foundational to state capability. Before this, he served as Chief of information management at the Finnish Defence Forces for over nine years, and earlier built deep technical grounding as a network security specialist at Stonesoft. This progression reflects a CISO who understands both operational defence realities and the technical mechanisms behind secure networks and mission systems.
Tuomas Ketonen — Chief Information Security Officer, City of Helsinki
Tuomas Ketonen’s experience reflects large-scale service leadership and modernization expertise applied to a municipal critical-services environment. As Chief Information Security Officer at the City of Helsinki since September 2025, he brings prior experience leading complex, business-critical programs across enterprise content management, identity and access management, digital workplace services, and log management at OP Financial Group. His background includes leading large teams across internal staff, external partners, and service providers, plus running major transformation programs designed to reduce legacy risk while improving compliance and security maturity. In a city context—where the attack surface spans services, residents, and third parties—this blend of transformation delivery and governance is a strong fit.
Ramadhan Ndegeya — Chief Information Security Officer, Lapin hyvinvointialue
Ramadhan Ndegeya leads information security at Lapin hyvinvointialue, with responsibilities centered on governance, compliance, and operational security in a regional public-sector environment. His profile highlights strengths relevant to regulated public services—general data protection regulation alignment, information management, security information and event management familiarity, ISO 27001, and cybersecurity incident management. In public administration settings where resources can be constrained but expectations remain high, this mix points to a leader focused on practical controls, risk prioritization, and incident readiness.
Aki Tauriainen — Chief Information Security Officer, Traficom
Aki Tauriainen’s experience combines national-level regulatory and cyber oversight with operational leadership. As Chief Information Security Officer at Traficom since March 2022, he operates in the transport and communications domain—an area closely tied to critical infrastructure and national resilience. He previously led units within the National Cyber Security Centre Finland and held leadership roles inside Traficom spanning inspection and unit management. This trajectory signals a CISO who understands the intersection of regulation, national cyber posture, and practical implementation inside government institutions.
Tomi Moilanen — Chief Information Security Officer, Hansel Oy
Tomi Moilanen brings over 25 years of information security and IT experience across Finnish government organizations, including the Parliament of Finland, the Police of Finland, Senate Properties, and the Finnish Patent and Registration Office. As Chief Information Security Officer at Hansel Oy since January 2025, he sits in a role where procurement, frameworks, and shared government capabilities can create security leverage across the public sector. His career shows repeated CISO-level responsibility across multiple agencies—suggesting strengths in governance, operating model design, and sustaining security programs through audits, regulatory demands, and institutional change.
Pekka Ristimäki — Chief Information Security Officer, Digi- ja väestötietovirasto
Pekka Ristimäki has held Chief Information Security Officer responsibilities at Digi- ja väestötietovirasto since January 2020, following earlier CISO leadership at the Population Register Centre and multiple government security specialist roles. His profile highlights governance depth—Certified in Risk and Information Systems Control, Certified Information Security Manager, and Lead ISO 27001 auditor—paired with long experience spanning Valtori, the State Treasury, and senior security consulting. In a digital agency context where identity, population data, and foundational registries underpin society-wide trust, this is the kind of background that supports durable assurance and structured control systems.
Sami Nikkilä — Chief Information Security Officer, Sampel Oy
Sami Nikkilä serves as Chief Information Security Officer at Sampel Oy, alongside public-sector technology experience that includes a role at the Government ICT Centre Valtori. His background also includes long-term ICT management work, indicating practical exposure to operational environments where security needs to align with service delivery realities. In government-adjacent contexts, that combination can be especially valuable—balancing governance expectations with the “how” of making controls work day to day.
Tapio Heinäaro — Chief Information Security Officer, City of Vantaa
Tapio Heinäaro brings deep experience in critical infrastructure and industrial control environments into municipal cybersecurity leadership. As Chief Information Security Officer at the City of Vantaa since November 2019, he draws on extensive prior leadership at Helen (Helsingin Energia), including responsibility for supervisory control and data acquisition systems, high-security process networks, and broader information security leadership. His earlier experience includes ICT production responsibility at HUS ICT and work at the Ministry for Foreign Affairs of Finland. This arc reflects a leader who understands operational continuity and the security realities of systems that cannot fail.
Outi Juntura — Chief Information Security Officer, Parliament of Finland
Outi Juntura has served as Chief Information Security Officer at the Parliament of Finland since November 2017, bringing long-term institutional knowledge and continuity. Her career includes earlier security specialist roles at the Government ICT Centre Valtori and the Population Register Centre, alongside long experience within parliament as a planner focused on ICT security, networks, and enterprise architecture responsibilities. In a parliamentary environment where confidentiality, integrity, and operational resilience are essential—and where the threat profile can be politically motivated—this depth of institutional and architectural experience is a strong foundation.
Governing Securely at National and Municipal Scale
Government administration security is not only about protecting systems—it is about sustaining trust in how society functions. These leaders stand out for building programs that can withstand audits, incidents, scrutiny, and organizational change, while still enabling modernization. In public-sector environments where impact is immediate and broad, their work underpins the reliability of national services, city operations, and core democratic institutions.