The new Cybersecurity Act increases the responsibility of company management for cybersecurity. The law introduces new obligations for companies, such as risk management, security measures, incident reporting, supply chain responsibility and cooperation with authorities. The obligations also apply to small and medium-sized enterprises, which often do not have the resources for expensive consultancy or assessments.
The RoboAI Cyberlab expert unit of Satakunta University of Applied Sciences has developed a solution to support the assessment and development of cybersecurity maturity levels based on Traficom's National Cybersecurity Centre's Cybermeter.
This article was originally published as a media release on April 8.
Cybersecurity is no longer optional — it is essential for ensuring business continuity. Demonstrating strong cybersecurity practices is a competitive advantage, reassuring customers that their data and operations are in safe hands. This principle extends across the supply chain, where security is only as strong as its weakest link. When every actor in the chain commits to common cybersecurity standards, it reinforces trust and positions the company as a reliable and secure partner.
According to the Kybersää report published by the National Cybersecurity Centre in February 2025, "The threat level of cybersecurity has continued to rise. With the intensified international security situation, preparedness for large-scale disruptions and ensuring the continuity of critical operations have been key focus areas in Finnish society over the past year."
Companies must understand the cybersecurity landscape they operate in — including their own strengths and weaknesses — to effectively respond to emerging threats. Equally important is the ability to recover swiftly from incidents and continuously improve operations in the long term.
New tool to support cybersecurity assessment
Many companies already struggle with the current cybersecurity requirements, and complex auditing tools can make compliance even more difficult. The RoboAI Research Centre's Cybersecurity for Satakunta Industry (Kytee) project has developed a self-assessment tool that helps companies identify vulnerabilities before attackers do.
The self-assessment tool is structured around the Cybermeter developed and maintained by the National Cybersecurity Centre. The project has developed a browser-based self-assessment tool, open to all industries, based on the template, in collaboration with the National Cybersecurity Centre.
Complying with the new Cybersecurity Act is more than a legal obligation — it’s a strategic investment in the future. Cybersecurity fosters trust, secures operational continuity, and enhances competitiveness. Systematic risk management keeps costs predictable, unlike unmanaged risks, which can lead to significant and unexpected losses and liabilities.