Nordic Privacy Arena 2025 – key insights and discussion topics
Nordic Privacy Arena (NPA) is the most significant Nordic conference focusing on data protection and privacy. It is held annually
Customer Story: Information Security Is Continuous Work – Keitele Group’s Story of Staff Training
Keitele Group is a family-owned company that has grown to become one of Finland’s largest operators in mechanical wood processing and the country’s largest manufacturer of wood products. In a large, internationally operating company, information security is taken seriously. The Group’s IT Manager, Veli Matti Häkkinen, explains that the importance of information security has increased further with digitalization and today’s interconnected world. Managing information security has become increasingly demanding, requiring constant effort.
Information Security as a Support for Modern Business
The interconnectedness of the world has brought new threats that are no longer dependent on physical location. “The number of risks has increased, and the situation has steadily worsened,” Häkkinen notes, highlighting especially the impact of artificial intelligence. Fraud has become more convincing and harder to detect.
To respond to these growing threats, Keitele Group relies on technical solutions such as strict access control, as well as regular training. Häkkinen welcomes the requirements set by legislation on companies regarding information security: “Nowadays, laws related to information security also place demands on companies – and that is a good thing,” Häkkinen states.
Staff Training in a Key Role
Keitele Group invests in the information security and data protection competence of its staff through training programs. In 2024, around 200 employees participated in training, and the company is already planning further sessions for 2025.
The training has proven highly useful, successfully raising awareness of the importance of information security particularly among basic users: “That is exactly what we aimed to achieve with the training,” Häkkinen explains. The training has been effective especially thanks to its flexibility – each employee can complete it at a time that suits them.
Raising Awareness Through Training
The level of difficulty in the training has been perceived as especially successful. “Feedback has shown that the training is pitched at exactly the right level: not too simple and not too complex,” the IT Manager says. Although overall participation was strong, Häkkinen points to an interesting observation. “While the activity level in training was good, there remains a small group of individuals who were not interested. It raises the question of how much they care about information security at all.”
The training has proven to be an effective way to raise staff awareness, even if measuring the exact benefits is challenging. At Keitele Group, training will continue in the future as part of the company’s ongoing development of information security: “Training will be continued in the future as well,” Häkkinen confirms.
Staying Alert for the Future
Keitele Group continues to invest in information security and is already planning further training sessions for 2025. “We actively monitor the development of security threats and are ready to react if necessary,” Häkkinen emphasizes.
When asked for his advice to other IT managers who have not yet invested in data protection or security, Häkkinen’s view is clear: information security requires continuous effort. According to him, those responsible for information security are well aware of its importance and the growing threats. Information security is not a one-time project but a continuous process requiring regular attention and resources. Training has proven to be an effective way to strengthen Keitele Group’s information security and data protection expertise. “I recommend this kind of training,” Häkkinen concludes.
Learn more about Keitele Group here: https://www.keitelegroup.fi/
Explore GDPR Tech’s training offering here: https://gdprtech.com/en/gdpr-training/
What's new?
In the blog you will find current information, interesting articles and a lot of detailed information related to data protection.
Read these also
Execute and Maintain the Target | Part 4/4
Data Governance in Action – Implementation and Maintenance Designing a data governance strategy is only the beginning. To truly manage
Design the Target Level | Part 3/4
Unstructured data is growing rapidly, and without a clear governance strategy, organisations risk being overwhelmed by outdated, unmanaged, and potentially