Governing Body Spotlight

Johannes Eriksson is the CISO & Chief Security Officer at Lantmännen with over 18 years of experience in the organization. He is passionate about security and enjoys creating structure and clarity in complex environments.

A fun fact about Johannes, three weeks into his summer vacation, he found himself leading a rapid-response task force during a major cyber incident.

Learn more about the Nordic CISO community here.
 

Give us a brief overview of the path that led to your current role.

My career journey has taken me from IT operations into the world of information security, driven by a deep interest in security, foreign affairs, and defense policy. 

With my foundation in the CISO role, I was subsequently entrusted with a dual responsibility, serving as both CISO and CSO.
 

What is one of your guiding leadership principles?

One of my core leadership principles is leading by example. I believe that integrity, clarity, and action-oriented leadership foster trust and drive results. You gotta "walk the talk."
 

What is the greatest challenge CISOs face today, and how are you addressing it?

One of the greater challenges today is managing the complexity of modern cyber threats across a diverse and decentralized organization. Threat actors are becoming more sophisticated, with AI and threat actors more competent in the OT domain, and the attack surface is constantly evolving. We address this by establishing processes and governance that works across the organization, ensuring that security is embedded into business processes — not just IT.
 

What is the key to success for someone just starting out as a CISO?

For someone stepping into a CISO role, one key to success is building trust across the organization. You need to understand both the technical and business landscapes, communicate clearly with stakeholders, and translate risk into actionable decisions. Listening, learning, and aligning security with business goals are essential.

Resources are never unlimited, and it's your responsibility to ensure they are prioritized effectively.

You want as little security as possible — but not too little.
 

How do you measure success as a leader?

As leaders in the cybersecurity profession, I'd say that we measure success by the effectiveness of our security controls and the trust placed in our security function. If we stay knowledgeable about the developments in our field, prevent incidents, respond effectively when they occur, and maintain strong relationships across the business — then we’re succeeding.
 

What is the value of being a member of Gartner C-level Communities?

I believe Gartner C-level Communities offer immense value through peer discussions across all sectors. It's a great forum for making new connections and exchanging ideas on how to tackle the challenges we all face to some extent.
 

Gartner C-level Communities Governing Body members share their insights and leadership perspectives to shape the agendas and topics that address the top priorities impacting business leaders today.