Governing Body Spotlight

Governing Body Member of the Nordic CISO Community

Sebastian Mabillon


Nuuday (Formerly TDC)

Sebastian Mabillon is the Chief Security Officer for Nuuday, the market leader of Telco-companies in Denmark. Sebastian is specialised in driving a risk-based approach to information security and controls, focused on leading teams to support business strategy and processes.

Learn more about leaders in the Nordic CISO community here.

Give us a brief overview of the path that led to your current role.

Since I learned how easy it was to compromise computers at my old high school with RATs in the late 1990s, I have always had a strong interest in information security. After graduating in IT and Electronic Engineering, I started my career at IBM in 2006, and during my 7 years there, I moved more and more towards Security Management and Risk Management roles. In 2013, I switched to the customer side, working as IT Risk Manager in the financial sector before entering my first managerial role in 2015. Furthermore, I worked a couple of years as senior advisor in the pharma sector until I started as a CISO in 2020, which led to my current role as CSO for Nuuday.

What is one of your guiding leadership principles?

Lead your team members how you want to be led yourself, encourage your team to take ownership of the tasks they are working with, and set a good example of driving a culture which is honest and takes full responsibility for decisions taken, whether good or bad.

With disruption being a key theme of the past year, where do you see your role as a CISO going in the next 1-2 years?

I expect the CISO/CSO role over the coming years will continue towards being an integrated business enabling partner, rather than a limitation to innovation.

What advice would you give to someone just starting out in the role as a CISO?

Learn and understand the business you are in and the strategy set by executive management for the organisation. Create an external assessment of how the security posture and risk management maturity is when you start, in order to set a baseline. Identify the most significant risks and define your target. Link improvement initiatives and risk mitigating activities to strategic goals.

Tell us 3 fun facts about yourself.

  1. I like chili peppers to the extent that I grind dried piri-piri chilies into my morning coffee.
  2. I lived a year in Dublin, Ireland, but I prefer smoky Scotch whisky over the Irish whiskeys (and yes, it is spelled "whisky" in Scotland and "whiskey" in Ireland).
  3. I used to be a part-time ski-guide in Austria while I was studying.

What is the value of joining an Evanta community?

The Evanta Nordic CISO Community is a great platform for sharing knowledge. It offers new input from inspiring CISOs, as well as good discussions with experienced leaders on security and risk management related topics.


Evanta Governing Body members share their insights and leadership perspectives to shape the agendas and topics that address the top priorities impacting business leaders today.

by CISOs, for CISOs

Join the conversation with peers in your local CISO community.