Finland’s energy and mining environments are where cybersecurity becomes physical: OT networks, plant availability, safety, and regulatory compliance (including NIS2) all converge. The leaders below stand out because they’ve done the hard part—turning security into a reliable operating capability across critical infrastructure, industrial environments, and complex supplier ecosystems.
Perttu Suonsyrjä — IT Service Manager & Chief Information Security Officer, Oomi Energia
Perttu Suonsyrjä is the IT Service Manager and CISO at Oomi Energia (since April 2025), bringing more than two decades of experience across digital transformation, infrastructure integration, and identity-driven modernization. Before Oomi, he was CIO at Enersense International Oyj and earlier led ICT functions there, after a long run at DNA Oyj where he headed integration and IAM and led online services ICT. That combination—identity, integration, and operational leadership—fits energy environments where acquisitions, shared platforms, vendor dependencies, and access control are constant realities.
Petri Koivisto — Chief Information Security Officer, Outokumpu
Petri Koivisto is the Chief Information Security Officer at Outokumpu (since August 2022) and is known for spanning “strategy down to requirements,” blending security leadership with service delivery and program execution. He previously served as Director of Information Security at Wärtsilä, owning a wide portfolio that included governance and ISO 27001, identity and access governance, security architecture, application and cloud security, vulnerability management, and OT network and asset security—exactly the mix you’d expect in heavy industry. He also has a consulting background at Tieto and is active externally as a speaker and advisory council member, which often signals a leader comfortable translating industrial cyber risk into executive-level decisions.
Markus Salmi — Chief Information Security Officer, Sandvik Mining
Markus Salmi is the Chief Information Security Officer at Sandvik (Mining) in Tampere (since June 2020), after serving as IT Risk and Information Security Manager there. Prior to Sandvik, he spent many years at ABB in information security transformation and risk roles across regions, including leading global programs and building security capabilities. That background maps well to mining: complex industrial environments, global operations, risk-driven security prioritization, and the need to coordinate across sites, functions, and governance layers.
Antti Hiidenoja — Corporate Security Manager & Chief Information Security Officer, Tampereen Energia
Antti Hiidenoja is Corporate Security Manager and CISO at Tampereen Energia (since May 2023) and previously served as CISO there. His background is deeply energy-rooted: he worked as an IT Security Architect at Teollisuuden Voima Oyj and held information security operations responsibilities also tied to Pohjolan Voima, alongside a longer tenure across IT network services, infrastructure, and architecture roles. He’s also a long-standing member of the Finnish Cyber Security co-operation group. The pattern here is an operator’s security leadership—strong on practical controls, architecture, and security operations in environments where uptime and safety matter.
Janne Ala-Kihniä — Head of Information Technology / Chief Information Security Officer, Nevel
Janne Ala-Kihniä is Head of Information Technology and CISO at Nevel (since December 2022), responsible for IT services across Finland, Sweden, and Estonia while also owning information security solutions, processes, training, and NIS2 compliance. His earlier roles at Nevel and Arek included service management with responsibility areas like IAM, information security, testing services, office infrastructure, and license management—experience that translates directly to distributed energy services where vendor governance, identity, and consistent operating practices across countries are non-negotiable.
Markus Lalla — Head of Information Security & Group Chief Information Security Officer, SSAB
Markus Lalla is Head of Information Security and Group CISO at SSAB (since December 2025), accountable for enterprise-wide cybersecurity across IT and OT and the broader industrial ecosystem. His focus includes advising executive management on regulatory exposure and digital risk, and leading governance, strategy, and cyber resilience to support safe and compliant operations. With a background spanning governance, risk, compliance, privacy, continuity, and third-party risk management, he fits the profile of a group-level industrial CISO who has to make cybersecurity executable across production, suppliers, and operations—not just corporate IT.
Cybersecurity Where Safety and Continuity Are the Product
In energy and mining, cybersecurity success is measured in continuity, safety, and resilience—not dashboards. The strongest leaders in this space can work across IT and OT, make vendor ecosystems accountable, and translate technical risk into operational and executive decisions that protect production and public trust.