Capitalizing on the cyber threat - a quarter of a billion in IT protection

^{This article was first published at Dagens Industri October 7, 2025.}

The deteriorating security situation and the emergence of AI have led to a rapidly growing market for cybersecurity. IT company Basalt has more than tripled its turnover in five years, from SEK 84 to 250 million. 

Di followed us into the classified factory where the systems that protect Sweden's most sensitive information take shape. 

_{Basalt CEO Nicklas Haglund. Photo: Jack Mikrut (Di).} 

The anonymous tin building is located in an industrial area outside Enköping and is surrounded by high barbed wire fences. The company Basalt describes itself as Sweden's most secure IT company.

The building is classified as a protected object. Before the visit, we must declare our citizenship, cell phones must be locked in lockers and photo restrictions are strict. 

This is where IT systems are developed and installed to protect society's most sensitive information from cyberattacks. Secret maps with defense plans, documents with information on drinking water supply, drawings of energy companies' operating centers - information that would endanger the country's security if it fell into the wrong hands. 

_{The cybersecurity market is expected to grow rapidly and the CEO believes that Basalt's turnover could increase tenfold within ten years. Photo: Jack Mikrut} 

And the threat that can come from within. 

"We are working to protect businesses against an adversary that is highly skilled, persistent, highly motivated, well-resourced and an authorized user in the system," says Basalt CEO Nicklas Haglund. 

That is, the company assumes that the threat is an employee of theirs or of their customers, with different loyalties. 

Cybersecurity has emerged as an increasingly important issue due to the deteriorating security situation and rapid technological developments. Globally, the cybersecurity market is estimated to have been worth the equivalent of around SEK 2,300 billion in 2024. By 2030, it is expected to have doubled. This is according to the analyst firm Grand View Research. 

Cyber security is also being invested in at home. The Swedish market is estimated to be worth SEK 16 billion this year according to the IT analysis company Radar.

In it, the government has The Swedish government has proposed cybersecurity investments of SEK 1 billion over three years. In addition, the new EU directive on cybersecurity, Nis-2, will come into force in Sweden next year. This will tighten the requirements for the IT systems of essential activities, and more activities will be covered. 

The increase in demand has not escaped Basalt, which was founded in a much more relaxed 2009.

"We could not have imagined this when we started. Over the past five years, the increase has been explosive," says Nicklas Haglund. 

The tense security situation is reflected in the cash books, with the company's turnover increasing from around SEK 84 million in 2019/2020 to almost a quarter of a billion in 2024. Last year alone, turnover increased by more than 50 percent.

To meet demand the factory has been expanded and this spring the extension was completed. Today, the building is 4,000 square meters in size. 

_{"We invest a lot in each employee, so it's important to find people who want to stay for a long time," says CEO Nicklas Haglund. Photo: Jack Mikrut} 

Our tour starts in Basalt's goods reception area, where boxes of laptops are stacked on top of each other. This is where customers' hardware arrives - computers, servers and cell phones. 

The work of Basalt involves first checking the hardware, for example by inspecting the computers' circuit boards and ensuring that nothing has been tampered with. Then, proprietary IT systems and software are installed to ensure they are impenetrable, before the equipment is delivered to the customer. 

"IT systems are most vulnerable at the production stage. Someone can plant vulnerabilities in the system then without being noticed and then exploit them five years later. That's why security is particularly important at this stage. Once the systems are in operation, it is easier to spot if something happens", says Nicklas Haglund.

The attacks that Basalt is primarily working to prevent are not those that come via the traditional route over the internet. Instead, it is about preventing someone with physical access from manipulating the systems. For example, someone may insert a USB stick with malicious code and through it gain higher authorization and access information they should not have access to. 

A THREAT THAT IS DIFFICULT TO QUANTIFY
It is difficult to provide a figure on the number of cyber attacks or attempted cyber attacks that occur in Sweden. This is because attacks and attempted attacks happen all the time. This is according to John Ahlmark, Communications Officer at FRA, the Swedish Defense Radio Establishment. "As soon as you connect your newly purchased computer to the internet for the first time, it is exposed to some type of intrusion attempt. Often the attempts are very simple, but it happens to everyone all the time. The more serious attacks can go on for many years without being noticed. That's why it's difficult to quantify it all," he says. 
National Cyber Security Center, NCSC, assesses that threats are increasing, attack methods are becoming more sophisticated and many organizations have weaknesses in their security systems. 
The threat actors are, according to NCSC mainly by criminal groups with financial incentives, state actors and 

At Basalt, the starting point is that you are constantly under threat. Since it is assumed that the threat may come from an employee, security in the factory is taken very seriously.

Employees undergo safety checks, all operations are monitored by four eyes, and the cables in the building are visible so that it is easy to see if they are tampered with. In addition, all operations are logged so that the customer can see what has been done and by whom.

After the hardware has been checked and the systems installed, it is transported to the customer by specially trusted freight companies. Basically, the transportation is accompanied by an escort vehicle to ensure that the cargo does not make any unexpected stops.

"We have a high burden of proof. The whole chain must be unbroken for us to have full control," says Nicklas Haglund. 

The fact that Basalt describes itself as Sweden's most secure IT factory is not just about the systems it builds, but just as much about how the company works.

_{The company Basalt describes itself as Sweden's most secure IT company. Photo: Jack Mikrut} 

"All IT companies do some of this. The difference between them and us is that we do everything. We have lit all the lights on the Christmas tree", says Nicklas Haglund. 

Do you take any responsibility in case your customers are exposed to a cyber attack?

"The customer always owns the operational responsibility. Security is affected by how the system is used - whether it's five people in a rock room or 3,000 people spread across the country. But we can guarantee that we have done exactly what we promised and assist the customer through our management and support responsibilities," he says. 

Although the factory has recently been expanded, Nicklas Haglund does not believe that the premises will last much longer. "It's already starting to feel a bit cramped," he says. 

Now the company is looking to expand its current 140 employees to 240. But recruitment is not easy. "There are few courses on how to build IT systems at the level of security that Basalt does," says Nicklas Haglund. Therefore, the employees must be trained on site. 

"We already have the customers. The challenge is to find employees with the right skills and the right mindset. We invest a lot in each employee, so it's important to find people who want to stay for a long time."

Nicklas Haglund sees no flattening of the need for cybersecurity. The threat continues to increase and the company is growing like crazy. In ten years' time, he believes that Basalt will be a much larger company. 

"I wouldn't be surprised if the turnover is ten times as big," he says.