The National Security Authority (NSM) is an intelligence directorate within the Norwegian Intelligence Community (EOS). It is responsible for cyber intelligence and information security. Additionally, the National Security Authority (NSM) coordinates and oversees cross-sectoral cyber and infosec responsibilities. This is between the foreign-focused Norwegian Intelligence Service (NIS) and the domestic Police Security Service (PST).
NSM’s other mission areas include issuing security clearances to government employers and ensuring that private sector businesses fulfil their obligations in digital security. More specialised missions like critical infrastructure protection and cyber threat detection are handled by the National Cyber Security Centre (NCSC-NOR), a former independent agency transformed into an internal department of the NSM.
1 Institutional Symbols
1.1 Logo and Coat of Arms
Since its foundation, the security service has used a modernised version of the Norwegian coat of arms in white and yellow. Following the Modernisation Act, the intelligence agency made slight changes to its institutional logo by erasing the royal crown and changing the orientation of the yellow and white frames. Currently, the logo maintains the original frames but does not have a shield or roundel like the previous versions. [source, source]
2 Service History
2.1 Armed Forces Cypher Service
The Norwegian Armed Forces High Command II (FO II), established in London at the beginning of World War Two, is the backbone of the actual Norway Intelligence Community (EOS). The Security Authority’s origins are embedded in the Cypher Service, a signals unit within the command. During the conflict, the service was in charge of intercepting communications and producing intelligence on behalf of the armed forces. [source]
The Armed Forces’ intelligence department, including the mentioned signals unit, took over the internal security functions that had previously been under the Intelligence Office of the Ministry of Defence as the war came to an end. The Cypher Service was transferred from London to Oslo and went back and forth from 1945 to 1970 between the management of the Armed Forces and the command of the Ministry of Defence. [source, source]
2.2 The Skauge Committee and the Lund Report
The Skauge Committee of the Norwegian Parliament concluded during the nineties that the national intelligence -the military command and the surveillance police- needed better operational coordination and information security. Taking this into account, the Lund Report of the Norwegian Government proposed the creation of a national authority that could coordinate and oversee the execution of preventive security operations [source]
The National Authority was established on 1 January 2003 as a result of the reorganisation of the Supreme Command of the Armed Forces. Although the legal framework describes the intelligence service as a civilian institution, the organisation was placed under the command of the Ministry of Defence and the Chief of Defence. Furthermore, the majority of its manpower came from the Security Staff of the Armed Forces. [source]
2.3 Joint Centres and Unit Growth
From 2017 to 2024, the agency was enhanced by the addition of several departments that increased its capabilities in emergency response and threat detection. The National Cyber Security Centre (NCSC-NOR) was established in 2018 as a premier department within the service for preventing serious digital attacks and operating the national alert system for critical digital infrastructure. [source]
The Norwegian Computer Emergency Response Team (NorCERT) was also included in the service structure in 2019, while the Norwegian Centre for Information Security (NorSIS), was transferred in 2024 to the organisation. These departments coordinate with the foreign intelligence agency and the domestic surveillance service from the Joint Cyber Coordination Centre. [source]
3 Organisation
3.1 Place in Government
The Security Authority directs and assists the Norwegian Government as a preventive agency tasked with the protection of digital information and critical infrastructure. The Security Act also delegates to the agency cross-sectoral responsibility on security research, communications security, crypto security, security management and control activities. Additional tasks include cooperation with the Directorate for Civil Protection and Emergency Planning in prevention of loss of life in national catastrophes. [source]
3.2 Command Structure
The Ministry of Justice and the Ministry of Defence have authority over the Security Authority. While the first manages the service in the administrative structure of the civilian government, the second exercises command in intelligence environments that could be deemed as a threat to homeland defence. Arne Christian Haugstøyl is the Director General of the service, with Vigdis Grønhaug as Deputy Director and Martin Albert-Hoff as Head of Norwegian National Cyber Security Centre. [source]
Other leadership figures include Defence against Advanced Digital Threats Head Geir Arild Engh-Hellesvik, Fundamental National Functions Head Kristin Wis, and Acting Head of Governance and Development Ingunn Skaaden. Øyvind Hageland and Berit Bergslid are also reflected on the agency website as Acting Directors of unspecified departments. These leadership positions are normally held for a four-year term.[source]
3.3 Departments and Divisions
3.3.1 NorCERT and NorSIS
The Norwegian National Cyber Security Centre (NCSC) is the principal department within the National Security Authority and serves as a national body for preventing digital attacks and operating the national alert system for digital infrastructure. It is followed by the Norwegian Computer Emergency Response Team (NorCERT). Like its name indicates, is a rapid response team that handles serious incidents regarding cybersecurity and critical infrastructure. [source]
The Norwegian Centre for Information Security (NorSIS) is another key unit within the intelligence service. With an origin similar to National Cybersecurity, Information Security acted as an independent department until 2024, when it was placed under the command of the National Authority to protect classified information protocols and provide guidance to individual citizens and medium-sized enterprises on security information and privacy tradecraft. [source]
3.3.2 Additional Departments
The Department for the Protection of Essential National Functions provides advice and training to private operators of physical security. Said division also operates the national security course centre, which holds both physical and digital certificates on a number of topics within the security profession. Top Secret Security Clearances (TSC) for the personnel of the Norwegian Intelligence Community are handled by a review board of the same department. [source, source]
The Department of Control is in charge of approving the security systems of private businesses in compliance with the Security Act requirements. Other responsibilities include enforcing aerial photography restrictions in sensitive locations as well as vetting civilian drone operations. Lastly, there is the Department for Defence Against Advanced Digital Threats, specialised in crypto development and data encryption in domestic settings. [source, source]
4 Tactical-Operational Information
4.1 Operations
The National Authority is mainly concerned with intelligence duties that do not involve boots on the ground or field operations. However, the preventive service may deploy personnel in overt capacities when worksite inspections or regulatory oversight are required within national borders. For example, if a foreign aircraft flies over a sensitive location like a military base, the agency may require the airframe to land in order to control the information collected by its airborne sensor systems. [source]
4.2 Core Purpose
Despite having authority over government security clearances and physical security management, the intelligence service’s core purpose is to act as the country’s main shield against digital threats by using a combination of intelligence-driven cyber defence, regulatory oversight, cross-sector cooperation, and public guidance. Another principal purpose is to act as the main coordination centre for other government agencies involved in cybersecurity. [source]
5 Conclusion
The National Security Authority stands as a crucial pillar in Norway’s intelligence community, embodying the country’s preventive approach to homeland security and domestic surveillance. Emerging from wartime signals intelligence roots and evolving through successive reforms and reorganisations, the cyber agency has grown into a sophisticated entity with multiple responsibilities. Including sensitive information security and critical infrastructure protection, as well as security vetting and regulatory oversight of both government entities and private enterprises.
Under a comprehensive mandate -spanning from granting security clearances and enforcing protective regulations to leading public awareness efforts —the agency positions itself as a central body in national defence and civil security. NorCER and NorSIS integration into the service also indicates the position of the NSM as a command and coordination entity within the EOS departments tasked with cyber matters. Through its dual oversight by the Ministry of Justice and the Ministry of Defence, as well as its cross-sectoral cooperation with domestic and foreign intelligence services, the NSM effectively bridges civilian and military spheres of the EOS.