top of page

A Comprehensive Situational Picture

A comprehensive situational picture of cybersecurity is created with the help of the modular service developed by Cyberwatch Finland, for which the necessary data is collected using numerous different methods.

By analysing the operational environment from different perspectives, an overall insight is formed about the events, phenomena, and trends affecting the organisation.

Information collected from open sources complements the comprehensive picture.

With the help of internal cyber risk analysis, a comprehensive picture of the organisation’s insider threats, and other risk factors are formed.


The dark and deep web data is collected non-stop at 9 Gb per second, from servers located all around the world.

Kokonaisvaltainen tilannekuva EN.png

Cyberwatch's analysis team constantly monitors the cyber security operational environment by collecting and analyzing information about events, phenomena and changes in the cyber world. The situational picture is produced by regular situational reviews.

Weekly Review

  • Weekly reviews introduce the current events of the cyber world and are declarative in nature.

  • The focus of the weekly review is identifying phenomena and trends and placing them in a relevant framework.

  • The weekly reviews serve as the basis for the monthly and quarterly reviews and the annual forecasts that are based on this data.

  • With the help of the weekly reviews, it is possible to get an up-to-date understanding of the significant events in the cyber world to support decision-making.

  • The weekly reviews are published 52 times a year in Finnish and English.

Monthly Review

  • The monthly review sums up, expands, and puts into context the themes and phenomena discussed in the weekly reviews.

  • The monthly review describes of the development of phenomena, focusing on different perspectives of hybrid influencing.

  • With the help of the monthly review, it is possible to get a deeper insight into how the events of the cyber world affect society and the operational environment.

  • The monthly reviews are published 12 times a year in Finnish and English.

Cyberwatch Magazine

Cyberwatch magazine is a digital and printed publication, in which experts from both inside our organisation and from our professional network explain about the current events of the cyber world, the development of technology and legislation, and their impacts on society, organisations and individuals.

Special Reports

We produce reports and overviews on customised themes, for example from a specific industry or target market: assessments of the current state, threat assessments, analyses of the operational environments, and forecasts.


darkSOC® – the Dark and Deep Web Analysis


With darkSOC® -analysis, we examine and report your organisation’s profile and level of exposure in the dark and deep web. Data is collected non-stop at 9 Gb per second, from servers located all around the world. The analysis reveals organisation’s cyber security deficiencies, data breaches, and other potential vulnerabilities. With the help of analysis, you get an overview of what the organisation looks like from the cybercriminal’s perspective. 

We prepare a written report from the analysis, in which we highlight key findings to support management's decision-making. The report also includes a more detailed presentation of the findings. We also give recommendations on immediate corrective actions and strategic-level development targets.



Increases cyber intelligence capabilities
Anticipipates constantly changing cyberworld
Complements company's cybermaturity
Serves as a forensic investigation tool
Supports organisational strategic decision-making
Complements strategic cyber situational picture
Discovers vulnerabilities and weaknesses
Fasilitates cyber strategy process

The Surface Web Analysis

We form an external view of your level of cybersecurity in the surface network and compare your position with other organisations in the same industry. Our analysis is based on the platform of our global partner SecurityScorecard, whose data is based on a trusted, transparent classification method and data collected from millions of organisations. Based on our analysis, we make recommendations on corrective measures and draft a road map for their practical implementation in your organisation.

Powered by

Security Scorecard logo.png

The Open Source Analysis

We produce analyzes based on open sources on the topics you choose. We use advanced digital tools with which we search for information from public free and commercial sources as well as from various media and social media platforms. We refine the data into a form relevant to the goals of the analysis.

Internal Cyber Risk Analysis 

With the help of an internal cyber risk analysis, it is possible to form an overall picture of insider threats and other risk factors related to your organisation’s cybersecurity.

We analyse the up-to-dateness and comprehensiveness of your organisation’s cybersecurity policies, guidelines, instructions and other documentation. In addition, we interview the selected management members and other key personnel.

As a result of the analysis, you will have an image of the balance between your organisation’s operation and the internal guidelines and external regulations that guide it, as well as a road map for developing the operation.

NIS2 Gap analysis

The aim of the NIS2 Cybersecurity Directive is to improve the basic level of cybersecurity in the EU and to ensure the continuity of operations of critical entities

The directive entered into force on 17.1.2023, with member states having time to put things in order by 17.10.2024.

NIS2 cyber security directive concerns the following fields:

NIS2 sectors.png

The minimum requirements of the NIS2 Cybersecurity Directive are:

  1. Policies on risk analysis and information system security

  2. Incident management

  3. Business continuity, such as backup management and recovery, and crisis management

  4. Supply chain security, including security-related aspects concerning the relationships between each entity and its direct suppliers or service providers

  5. Security in network and information systems acquisition, development and maintenance, including vulnerability management and disclosure

  6. Policies and procedures to assess the effectiveness of cybersecurity risk-management measures

  7. Basic cyber hygiene practices and cybersecurity training

  8. Policies and procedures regarding the use of cryptography, and appropriate encryption means

  9. Human resources security, access control policies and asset management

  10. The use of multi-factor authentication or continuous authentication solutions, secured voice, video and text communications and secured emergency communication systems within the entity, where appropriate.

Preparing the equivalency of current state of your organisation with the minimum requirements should be started well in advance. Cyberwatch's NIS2 gap analysis is a risk-based approach to the minimum requirements, using not only the directive but also the ISO 27001 standard and related management measures as a framework. With the help of the analysis, the organisation can direct development activities to the right targets.

NIS2 gap.png
bottom of page