Security Intelligence

Close Protection in Scandinavia and the Nordic Region: Norway, Sweden, Denmark, Finland | CloseProtectionHire

Q: "Is Sweden's gang violence a genuine threat to business travellers?"

"Sweden's gang violence is a genuine and escalating security concern, but it affects business travellers primarily through indirect means -- location risk and wrong-place/wrong-time exposure -- rather than through direct targeting. The Swedish National Council for Crime Prevention (BRA/NCCP) recorded 390 shooting incidents in 2023, with 62 fatal victims. Gang violence is concentrated in specific suburbs of Stockholm, Gothenburg, and Malmö -- not in the central business districts. However, Sweden has experienced bombings in public spaces (Sweden recorded 90+ bombings in 2024 according to Swedish Police Authority data), and explosives have been used in gang conflicts in ways that do not require the perpetrators to be near the scene. Business visitors should exercise venue and location awareness in a way that is materially different from other Scandinavian countries."

Q: "What is the specific security risk from Russia for businesses operating in Finland?"

"Finland's NATO accession (April 2023) and its 1,340km border with Russia have materially elevated the strategic intelligence interest in Finland from Russian services. SUPO (Finnish Security Intelligence Service) specifically identifies Russian intelligence operations as a priority concern in its Annual Reviews. The risk for business visitors is primarily in the intelligence collection dimension: devices and communications at border crossings and in specific sectors (defence, dual-use technology, critical infrastructure, energy). Russian-origin cyber operations targeting Finnish companies, particularly in the defence and technology sectors, have been documented in the SUPO 2024 Annual Review. For business visits to Helsinki and Finnish industrial operations, device security protocols appropriate to a NATO-Russian border environment should be applied."

Q: "What threat led to the 2011 Norway attacks and is that threat still present?"

"The July 2011 attacks by Anders Behring Breivik (77 killed -- 8 in the Oslo government quarter bombing, 69 at the Utoya island youth camp) were carried out by a right-wing extremist lone actor. They remain the deadliest terrorist attack in Norwegian peacetime history. PST (Norwegian Police Security Service) identified RWE as an ongoing threat stream in Norway in its 2025 Annual Assessment, alongside the Islamist-motivated threat (the 2019 Baerum mosque attack -- lone actor, disrupted with minimal casualties by an unarmed community member -- is the most recent significant domestic incident). Norway also carries a specific elevated threat in the context of Russian intelligence operations targeting the energy sector and the Arctic (Svalbard). For standard business visits to Oslo and Bergen, the terrorism environment requires awareness rather than full close protection. The energy sector and strategic infrastructure have elevated threat from state actors."

Q: "What is the security environment in Denmark for business travel?"

"Denmark is generally a low-risk destination for business travel. Copenhagen has a low violent crime rate by European standards. The most significant terrorist incidents in recent years were the February 2015 attacks (2 killed -- targeting a free speech event and a synagogue, conducted by an individual inspired by the Paris Charlie Hebdo attacks). PET (the Danish Security and Intelligence Service) maintains an elevated terrorism threat assessment. Denmark also hosts US military facilities at Thule Air Base in Greenland, which has elevated Danish territory's profile in Russian threat planning. For standard corporate visits, the security environment in Copenhagen and Aarhus is manageable with standard travel security protocols."

Q: "Can close protection operatives carry firearms in Scandinavia?"

"Armed close protection is legally constrained across all Nordic countries. Norway: VPS (Vakt og Sikkerhet) industry standards reflect that commercial CP is predominantly unarmed. Sweden: armed CP is available through licensed operators but is not the default market offering. Denmark: police authorisation is required for firearms in CP work; commercial operators very rarely have this. Finland: firearms licensing for commercial security is controlled by the Police Act; armed CP is exceptional. Iceland: effectively no commercial armed CP market. In practice, all CP assignments in the Nordic region are conducted unarmed unless there is a specific police-authorised exception. The threat environment in the major cities -- with the partial exception of specific suburban areas in Sweden -- does not require armed CP for the vast majority of commercial assignments."

Close protection across Scandinavia and the Nordic region: Sweden's gang violence escalation, Norwegian energy sector security, Finnish-Russian border intelligence risk, and CP operational planning across Norway, Sweden, Denmark, Finland, and Iceland.

4 May 2026

Written by James Whitfield

Speak to the Team

The Nordic and Scandinavian countries are often grouped together as uniformly low-risk. For Norway, Denmark, Finland, and Iceland, this characterisation is broadly accurate for standard business visits. For Sweden, it requires revision. The escalation in gang violence, explosives use, and firearm incidents in Swedish cities from 2016 onward has created a security environment that is meaningfully different from its Nordic neighbours.

This guide covers the current threat environment and CP planning framework for Norway, Sweden, Denmark, Finland, and Iceland.

Sweden

Sweden presents the most complex security environment in the Nordic region, and the gap between official government travel advisories and documented threat data is wider here than anywhere else in Western Europe.

Gang violence: The Swedish National Council for Crime Prevention (BRA, known internationally as the NCCP) documented 390 shooting incidents in 2023, with 62 fatal victims. Bombing incidents – explosive devices used in gang conflicts, property attacks, and targeted intimidation – exceeded 90 in 2024 according to Swedish Police Authority data. This places Sweden among the highest per-capita bombing rates in Europe.

The geographic concentration matters for operational planning. The violence is primarily concentrated in specific suburbs of Stockholm (Rinkeby, Tensta, Husby, Botkyrka), Gothenburg (Biskopsgarden, Angered), and Malmö (Rosengard, Husie) – not in central business districts. However, the use of explosives that do not require perpetrators to be present at detonation means that the risk is not geographically contained to the high-crime suburbs.

For business visitors to Stockholm and Gothenburg, venue selection should include consideration of proximity to gang-conflict areas. Any CP operative with a Stockholm deployment should have current local intelligence on the active conflict geography.

Terrorism: SAPO (Swedish Security Service) assessed the terrorism threat for Sweden at ’elevated’ (4 of 5) following a period in which Sweden’s Quran-burning demonstrations generated threats from Islamist organisations and states. The 2023 Stockholm attack (a Swedish police officer killed near the Bohus region in a separate context) and Breivik-inspired threats from RWE actors are also tracked. SAPO’s latest annual assessment notes both Islamist and RWE streams.

Norway

Norway’s general security environment for business visitors to Oslo, Bergen, Stavanger, and Trondheim is low. The PST (Norwegian Police Security Service) annual assessment identifies the specific threat streams as: Islamic extremist attacks (lone actor, targeting crowded spaces); RWE (following the Breivik precedent); and Russian and Chinese intelligence operations.

Energy sector: Norway is Europe’s largest gas exporter and a major oil producer through Equinor (formerly Statoil). The 2022 Baltic Sea sabotage of the Nord Stream pipelines and drone surveillance incidents over Norwegian offshore installations (reported October 2022, leading to Norwegian military patrols and restrictions) demonstrated that critical energy infrastructure is a specific target for state-linked actors. NSM (Norway’s National Security Authority) has documented Russian intelligence targeting of Norwegian energy and defence sector information. Executives working in the Norwegian energy sector – particularly in Arctic operations, Svalbard, or LNG export – carry a threat profile that exceeds the general Norwegian environment.

Arctic operations: Svalbard presents a unique operational environment: Norwegian territory, governed by the Svalbard Treaty, with a Russian settlement (Barentsburg, approximately 400 residents) maintaining a presence under treaty provisions. Operations in the High Arctic require cold weather planning, MEDEVAC protocols specific to the extremely limited medical infrastructure, and awareness of the sensitive geopolitical environment.

Denmark

Copenhagen and Aarhus are low-risk business destinations. The most significant terrorist incidents in Denmark were the February 2015 attacks (2 killed, targeting a free speech event and the Great Synagogue). PET (Danish Security and Intelligence Service) maintains an elevated terrorism threat assessment but has not recorded a completed mass-casualty attack since 2015.

Danish Greenland carries separate strategic significance. US military presence at Pituffik Space Base (formerly Thule Air Base) and the strategic competition for Arctic resources have elevated Greenland’s profile in intelligence services’ planning.

Finland

Helsinki and the main Finnish cities are low-risk for standard business visits. The primary security differentiation for Finland is its 1,340km land border with Russia and its NATO accession in April 2023.

Russian intelligence targeting: SUPO (Finnish Security Intelligence Service) Annual Reviews from 2022 onward document sustained Russian intelligence operations targeting Finnish defence, technology, and energy sectors. SUPO’s 2024 review specifically identifies increased Russian intelligence activity following Finland’s NATO accession. For business visitors in defence, dual-use technology, and energy sectors, device security protocols appropriate to a NATO-Russia border environment are recommended.

For the CP and security environment directly east of Finland – the Russian market and the specific risk framework for operations there – see our close protection in Russia guide. For the broader Eastern European environment covering Poland and the Baltic states – which share the Russian intelligence overlay – see our close protection in Eastern Europe guide.

Sources

Swedish National Council for Crime Prevention (BRA/NCCP): Crime Statistics 2024. Swedish Police Authority: National Operational Department Annual Report 2024. SAPO: Annual Report 2025. PST Norway: Annual Threat Assessment 2025. NSM Norway: Cyber Security Report 2024. PET Denmark: Annual Threat Assessment 2025. SUPO Finland: Annual Review 2025. FCDO: Travel Advice Sweden, Norway, Denmark, Finland, Iceland – April 2026. OSAC Country Security Reports: Sweden, Norway, Denmark, Finland – 2024. Control Risks RiskMap 2025. ACLED: Nordic Political Violence Dataset 2025. Freedom House: Freedom in the World 2025 – Nordic Countries.

James Whitfield is a Senior Security Consultant with 20 years of experience in close protection and security risk management across European and high-risk environments globally.

Summary

Key takeaways

Sweden's gang violence has materially changed the risk calculation for Stockholm operations -- venue and location awareness is now a genuine operational requirement, not standard boilerplate

Government travel advisories for Sweden typically describe a low-risk environment that does not reflect the scale of gang violence documented in Swedish Police Authority and NCCP data. A CP provider with current Stockholm experience should be briefed on the specific high-risk areas and have a protocol for route selection that avoids them. The central business district is not in the affected areas, but many popular restaurant and entertainment districts require location awareness.

Finland's NATO accession has increased its strategic profile for Russian intelligence services -- device and communications security protocols for Helsinki visits should reflect this

SUPO's 2024 Annual Review documents Russian intelligence activity targeting Finnish defence, technology, and energy sectors. The practical implication for visiting executives is consistent with visits to other NATO eastern-flank countries: device security before the visit (full update, minimal data stored locally), communications protocol (E2EE messaging for sensitive content), awareness of social engineering targeting at industry events.

Norway's energy sector carries a specific elevated threat from state actors -- Russian intelligence interest in Equinor and Arctic infrastructure is documented

PST and Norway's National Security Authority (NSM) have both documented Russian intelligence interest in Norwegian energy infrastructure and Arctic assets. The 2022 Baltic Sea pipeline sabotage (Nord Stream) demonstrated that state actors are willing to conduct offshore infrastructure attacks. For executives working in the Norwegian energy sector -- particularly those with roles in Arctic exploration, Svalbard operations, or LNG export -- the threat profile is materially higher than the general Norwegian security environment.

The Nordic region's CP market is predominantly unarmed -- select operators based on surveillance detection and advance work capability rather than armed response capacity

In a low-violence environment where armed CP is legally constrained and operationally unnecessary for most assignments, the quality differentiators are surveillance detection, advance work methodology, and intelligence-led route planning. The CP provider with strong SDR capability and current local intelligence relationships is more valuable in Stockholm or Oslo than one whose primary capability is firearms.

Iceland is categorically different from the other Nordic markets -- the near-zero violent crime rate means CP is rarely warranted but natural hazard planning is always relevant

Iceland's homicide rate is among the world's lowest. The security requirements for standard business visits to Reykjavik are minimal. The operational planning requirement for Iceland is primarily natural hazard awareness: volcanic activity (the Fagradalsfjall and Svartsengi eruptions of 2023-2024 disrupted road and air access and required evacuations of residential areas), seismic events, and extreme weather conditions for any operations outside Reykjavik. MEDEVAC from rural Iceland requires specific planning.

FAQ

Frequently Asked Questions

Sweden’s gang violence is a genuine and escalating security concern, but it affects business travellers primarily through indirect means – location risk and wrong-place/wrong-time exposure – rather than through direct targeting. The Swedish National Council for Crime Prevention (BRA/NCCP) recorded 390 shooting incidents in 2023, with 62 fatal victims. Gang violence is concentrated in specific suburbs of Stockholm, Gothenburg, and Malmö – not in the central business districts. However, Sweden has experienced bombings in public spaces (Sweden recorded 90+ bombings in 2024 according to Swedish Police Authority data), and explosives have been used in gang conflicts in ways that do not require the perpetrators to be near the scene. Business visitors should exercise venue and location awareness in a way that is materially different from other Scandinavian countries.

Finland’s NATO accession (April 2023) and its 1,340km border with Russia have materially elevated the strategic intelligence interest in Finland from Russian services. SUPO (Finnish Security Intelligence Service) specifically identifies Russian intelligence operations as a priority concern in its Annual Reviews. The risk for business visitors is primarily in the intelligence collection dimension: devices and communications at border crossings and in specific sectors (defence, dual-use technology, critical infrastructure, energy). Russian-origin cyber operations targeting Finnish companies, particularly in the defence and technology sectors, have been documented in the SUPO 2024 Annual Review. For business visits to Helsinki and Finnish industrial operations, device security protocols appropriate to a NATO-Russian border environment should be applied.

The July 2011 attacks by Anders Behring Breivik (77 killed – 8 in the Oslo government quarter bombing, 69 at the Utoya island youth camp) were carried out by a right-wing extremist lone actor. They remain the deadliest terrorist attack in Norwegian peacetime history. PST (Norwegian Police Security Service) identified RWE as an ongoing threat stream in Norway in its 2025 Annual Assessment, alongside the Islamist-motivated threat (the 2019 Baerum mosque attack – lone actor, disrupted with minimal casualties by an unarmed community member – is the most recent significant domestic incident). Norway also carries a specific elevated threat in the context of Russian intelligence operations targeting the energy sector and the Arctic (Svalbard). For standard business visits to Oslo and Bergen, the terrorism environment requires awareness rather than full close protection. The energy sector and strategic infrastructure have elevated threat from state actors.

Denmark is generally a low-risk destination for business travel. Copenhagen has a low violent crime rate by European standards. The most significant terrorist incidents in recent years were the February 2015 attacks (2 killed – targeting a free speech event and a synagogue, conducted by an individual inspired by the Paris Charlie Hebdo attacks). PET (the Danish Security and Intelligence Service) maintains an elevated terrorism threat assessment. Denmark also hosts US military facilities at Thule Air Base in Greenland, which has elevated Danish territory’s profile in Russian threat planning. For standard corporate visits, the security environment in Copenhagen and Aarhus is manageable with standard travel security protocols.

Armed close protection is legally constrained across all Nordic countries. Norway: VPS (Vakt og Sikkerhet) industry standards reflect that commercial CP is predominantly unarmed. Sweden: armed CP is available through licensed operators but is not the default market offering. Denmark: police authorisation is required for firearms in CP work; commercial operators very rarely have this. Finland: firearms licensing for commercial security is controlled by the Police Act; armed CP is exceptional. Iceland: effectively no commercial armed CP market. In practice, all CP assignments in the Nordic region are conducted unarmed unless there is a specific police-authorised exception. The threat environment in the major cities – with the partial exception of specific suburban areas in Sweden – does not require armed CP for the vast majority of commercial assignments.

Get in Touch

Request a Consultation

Describe your security requirements below. All enquiries are confidential and handled by licensed consultants.