# FM CyberSecurity > Norwegian cybersecurity consultancy based in Oslo, with senior specialists across identity, exposure, compliance, AI security, MDR, and application security. FM CyberSecurity is a consultants-first firm founded in 2025, headquartered at Henrik Ibsens gate 36 in central Oslo. Norwegian content is canonical at the unprefixed root; English content lives under `/en/`. Both locales are exposed below. Every URL below points at the Markdown twin of the page (`.md`); append `.md` to any human URL on the site to fetch its Markdown body directly. ## Homepage - [FM CyberSecurity](https://fmcybersecurity.com/en/index.md): FM CyberSecurity — leading specialists in identity, exposure, compliance, AI security and pentesting. Your security, our priority. - [FM CyberSecurity](https://fmcybersecurity.com/index.md): FM CyberSecurity — ledende fagspesialister innen identitet, eksponering, compliance, AI-sikkerhet og pentest. Din sikkerhet, vår prioritet. ## About and contact - [Who is FM CyberSecurity?](https://fmcybersecurity.com/en/about.md): FM CyberSecurity is a Norwegian cybersecurity firm based in Oslo. Senior specialists operating at principal level across identity, exposure, compliance, AI security, MDR and application security. - [Hvem er FM CyberSecurity?](https://fmcybersecurity.com/about.md): FM CyberSecurity er en norsk cybersikkerhetsvirksomhet i Oslo. Senior fagspesialister på principal-nivå innen identitet, eksponering, compliance, AI-sikkerhet, MDR og applikasjonssikkerhet. - [Contact](https://fmcybersecurity.com/en/contact.md): Talk directly to a named specialist at FM CyberSecurity. Pick a consultant by topic — MDR, compliance, identity, AI security — or send a general message. We respond within one business day. - [Kontakt](https://fmcybersecurity.com/contact.md): Snakk direkte med en navngitt fagspesialist hos FM CyberSecurity. Velg konsulent etter tema — MDR, compliance, identitet, AI-sikkerhet — eller send en generell henvendelse. Vi svarer innen én virkedag. ## Services (English) - [CISO-for-hire](https://fmcybersecurity.com/en/services/ciso.md): Fractional and interim CISO leadership; principal-level strategy without a full-time hire. - [Subject Matter Experts](https://fmcybersecurity.com/en/services/subject-matter-experts.md): Senior advisory across security architecture, governance, and programme delivery. - [ServiceNow Advisor](https://fmcybersecurity.com/en/services/servicenow.md): ServiceNow security and GRC architecture for regulated environments. - [Project Leader](https://fmcybersecurity.com/en/services/project-leader.md): Architect-level project leadership for security and platform initiatives. - [CrowdStrike](https://fmcybersecurity.com/en/services/crowdstrike.md): Falcon Complete Next-Gen MDR delivered through CrowdStrike; the 24/7 bridge is operated by CrowdStrike. - [Incident Response](https://fmcybersecurity.com/en/services/incident-response.md): Incident-response consulting, escalation management, and post-incident review. - [Agentic SOC](https://fmcybersecurity.com/en/services/agentic-soc.md): Autonomous SOC operations powered by Charlotte AI. - [Vulnerability & Exposure Management](https://fmcybersecurity.com/en/services/exposure-management.md): Continuous exposure-management programme built on Tenable. - [Security Maturity Assessment](https://fmcybersecurity.com/en/services/security-maturity-assessment.md): Baseline and gap analysis against a chosen framework. - [Cloud Security Assessment](https://fmcybersecurity.com/en/services/cloud-security-assessment.md): Cloud posture review and compliance readiness check. - [ISO 27001](https://fmcybersecurity.com/en/services/iso27001.md): From compliance burden to certification, typically in 2 to 3 weeks of focused work. - [NIS2](https://fmcybersecurity.com/en/services/nis2.md): NIS2 readiness for Nordic organisations; Norway transposition is in progress as an EEA state. - [DORA](https://fmcybersecurity.com/en/services/dora.md): Digital Operational Resilience Act readiness for in-scope financial entities. - [GDPR](https://fmcybersecurity.com/en/services/gdpr.md): GDPR programme work, DPIAs, and documented control. - [AI Advisory](https://fmcybersecurity.com/en/services/ai-advisory.md): AI strategy, governance, and secure deployment guidance. - [Shadow AI](https://fmcybersecurity.com/en/services/shadow-ai.md): Discover and govern unsanctioned AI use, built on CrowdStrike Falcon AIDR. - [Vibe Coding](https://fmcybersecurity.com/en/services/vibe-coding.md): Security guardrails for AI-assisted and AI-generated code. - [Pentest with AI](https://fmcybersecurity.com/en/services/pentest.md): AI-driven pentesting delivered through Aikido. - [Application Security](https://fmcybersecurity.com/en/services/application-security.md): AppSec programmes, SDLC integration, and continuous security. - [Aikido](https://fmcybersecurity.com/en/services/aikido.md): Continuous application security and AI-driven pentesting. - [CyberArk](https://fmcybersecurity.com/en/services/cyberark.md): Privileged access and identity governance for regulated environments. - [Tenable](https://fmcybersecurity.com/en/services/tenable.md): Vulnerability and exposure management across cloud, endpoint, and OT. ## Services (Norwegian) - [CISO-for-hire](https://fmcybersecurity.com/services/ciso.md): Fraksjonell og midlertidig CISO-ledelse; strategisk arbeid på principal-nivå uten heltidsansettelse. - [Fageksperter](https://fmcybersecurity.com/services/subject-matter-experts.md): Senior rådgivning innen sikkerhetsarkitektur, styring og programleveranse. - [ServiceNow-rådgiver](https://fmcybersecurity.com/services/servicenow.md): ServiceNow-sikkerhet og GRC-arkitektur for regulerte miljøer. - [Prosjektleder](https://fmcybersecurity.com/services/project-leader.md): Arkitektnivå prosjektledelse for sikkerhets- og plattforminitiativer. - [CrowdStrike](https://fmcybersecurity.com/services/crowdstrike.md): Falcon Complete Next-Gen MDR levert via CrowdStrike; 24/7-broen driftes av CrowdStrike. - [Incident Response](https://fmcybersecurity.com/services/incident-response.md): Hendelseshåndtering, eskaleringsstyring og evaluering etter hendelser. - [Agentic SOC](https://fmcybersecurity.com/services/agentic-soc.md): Autonom SOC-drift drevet av Charlotte AI. - [Sårbarhets- og eksponeringshåndtering](https://fmcybersecurity.com/services/exposure-management.md): Kontinuerlig eksponeringshåndtering bygget på Tenable. - [Sikkerhetsmodenhetsvurdering](https://fmcybersecurity.com/services/security-maturity-assessment.md): Baseline og gap-analyse mot et valgt rammeverk. - [Skysikkerhetsvurdering](https://fmcybersecurity.com/services/cloud-security-assessment.md): Vurdering av skyposisjon og compliance-modenhet. - [ISO 27001](https://fmcybersecurity.com/services/iso27001.md): Fra compliance-belastning til sertifisering, vanligvis på 2–3 ukers fokusert arbeid. - [NIS2](https://fmcybersecurity.com/services/nis2.md): NIS2-modenhet for nordiske organisasjoner; Norge gjennomfører direktivet som EØS-stat. - [DORA](https://fmcybersecurity.com/services/dora.md): DORA-modenhet for finansforetak i virkeområdet. - [GDPR](https://fmcybersecurity.com/services/gdpr.md): GDPR-programarbeid, DPIA-er og dokumentert kontroll. - [AI-rådgivning](https://fmcybersecurity.com/services/ai-advisory.md): AI-strategi, styring og veiledning for sikker utrulling. - [Shadow AI](https://fmcybersecurity.com/services/shadow-ai.md): Oppdage og styre uautorisert AI-bruk, bygget på CrowdStrike Falcon AIDR. - [Vibe Coding](https://fmcybersecurity.com/services/vibe-coding.md): Sikkerhetsrammer for AI-assistert og AI-generert kode. - [Pentest med AI](https://fmcybersecurity.com/services/pentest.md): AI-drevet pentesting levert via Aikido. - [Applikasjonssikkerhet](https://fmcybersecurity.com/services/application-security.md): AppSec-programmer, SDLC-integrasjon og kontinuerlig sikkerhet. - [Aikido](https://fmcybersecurity.com/services/aikido.md): Kontinuerlig applikasjonssikkerhet og AI-drevet pentesting. - [CyberArk](https://fmcybersecurity.com/services/cyberark.md): Privilegert tilgang og identitetsstyring for regulerte miljøer. - [Tenable](https://fmcybersecurity.com/services/tenable.md): Sårbarhets- og eksponeringshåndtering på tvers av sky, endepunkt og OT. ## Platforms - [CrowdStrike](https://fmcybersecurity.com/en/services/crowdstrike.md): Falcon Complete Next-Gen MDR delivered through CrowdStrike; the 24/7 bridge is operated by CrowdStrike. - [CrowdStrike](https://fmcybersecurity.com/services/crowdstrike.md): Falcon Complete Next-Gen MDR levert via CrowdStrike; 24/7-broen driftes av CrowdStrike. - [CyberArk](https://fmcybersecurity.com/en/services/cyberark.md): Privileged access and identity governance for regulated environments. - [CyberArk](https://fmcybersecurity.com/services/cyberark.md): Privilegert tilgang og identitetsstyring for regulerte miljøer. - [Tenable](https://fmcybersecurity.com/en/services/tenable.md): Vulnerability and exposure management across cloud, endpoint, and OT. - [Tenable](https://fmcybersecurity.com/services/tenable.md): Sårbarhets- og eksponeringshåndtering på tvers av sky, endepunkt og OT. - [Aikido](https://fmcybersecurity.com/en/services/aikido.md): Continuous application security and AI-driven pentesting. - [Aikido](https://fmcybersecurity.com/services/aikido.md): Kontinuerlig applikasjonssikkerhet og AI-drevet pentesting. ## Partners - [CrowdStrike partner page](https://fmcybersecurity.com/en/partners/crowdstrike.md): Certified partner; Falcon Complete Next-Gen MDR and Falcon AIDR as the core delivery model. - [CrowdStrike partnerside](https://fmcybersecurity.com/partners/crowdstrike.md): Sertifisert partner; Falcon Complete Next-Gen MDR og Falcon AIDR som kjerneleveranse. - [Aikido partner page](https://fmcybersecurity.com/en/partners/aikido.md): Certified partner; AI Pentest as the delivery model for testing. - [Aikido partnerside](https://fmcybersecurity.com/partners/aikido.md): Sertifisert partner; AI Pentest som leveransemodell for testing. - [Tenable partner page](https://fmcybersecurity.com/en/partners/tenable.md): Certified partner; exposure-management practice across cloud, endpoint and OT. - [Tenable partnerside](https://fmcybersecurity.com/partners/tenable.md): Sertifisert partner; eksponeringshåndtering på tvers av sky, endepunkt og OT. - [CyberArk partner page](https://fmcybersecurity.com/en/partners/cyberark.md): Certified partner; PAM-focused identity practice. - [CyberArk partnerside](https://fmcybersecurity.com/partners/cyberark.md): Sertifisert partner; PAM-fokusert identitetspraksis. ## Insight indexes - [Insights](https://fmcybersecurity.com/en/insights.md): Strategic perspective, operational guides, and webinars from the FM CyberSecurity team. - [Innsikt](https://fmcybersecurity.com/insights.md): Strategisk perspektiv, operative guider og webinarer fra FM CyberSecurity-teamet. - [News](https://fmcybersecurity.com/en/insights/news.md): Latest news and announcements from FM CyberSecurity. - [Nyheter](https://fmcybersecurity.com/insights/news.md): Siste nytt og oppdateringer fra FM CyberSecurity. - [Events](https://fmcybersecurity.com/en/insights/events.md): Upcoming and past events, webinars, and live sessions. - [Arrangementer](https://fmcybersecurity.com/insights/events.md): Kommende og tidligere arrangementer, webinarer og live-sesjoner. - [Tracked attacks](https://fmcybersecurity.com/en/insights/attacks.md): Cybersecurity incidents affecting Norwegian organisations, with sourced summaries. - [Registrerte angrep](https://fmcybersecurity.com/insights/attacks.md): Cyberhendelser mot norske organisasjoner med kildebaserte sammendrag. - [Strategy](https://fmcybersecurity.com/en/insights/strategy.md): Articles, guides and webinars on Strategy. - [Strategi](https://fmcybersecurity.com/insights/strategy.md): Artikler, guider og webinarer om Strategi. - [Compliance](https://fmcybersecurity.com/en/insights/compliance.md): Articles, guides and webinars on Compliance. - [Compliance](https://fmcybersecurity.com/insights/compliance.md): Artikler, guider og webinarer om Compliance. - [Endpoint Security](https://fmcybersecurity.com/en/insights/endpoint.md): Articles, guides and webinars on Endpoint Security. - [Endepunktssikkerhet](https://fmcybersecurity.com/insights/endpoint.md): Artikler, guider og webinarer om Endepunktssikkerhet. - [Identity Security](https://fmcybersecurity.com/en/insights/identity.md): Articles, guides and webinars on Identity Security. - [Identitetssikkerhet](https://fmcybersecurity.com/insights/identity.md): Artikler, guider og webinarer om Identitetssikkerhet. - [Cloud Security](https://fmcybersecurity.com/en/insights/cloud.md): Articles, guides and webinars on Cloud Security. - [Skysikkerhet](https://fmcybersecurity.com/insights/cloud.md): Artikler, guider og webinarer om Skysikkerhet. - [Exposure Management](https://fmcybersecurity.com/en/insights/exposure.md): Articles, guides and webinars on Exposure Management. - [Eksponeringsstyring](https://fmcybersecurity.com/insights/exposure.md): Artikler, guider og webinarer om Eksponeringsstyring. - [Application Security](https://fmcybersecurity.com/en/insights/appsec.md): Articles, guides and webinars on Application Security. - [Applikasjonssikkerhet](https://fmcybersecurity.com/insights/appsec.md): Artikler, guider og webinarer om Applikasjonssikkerhet. - [AI Security](https://fmcybersecurity.com/en/insights/ai-security.md): Articles, guides and webinars on AI Security. - [AI-sikkerhet](https://fmcybersecurity.com/insights/ai-security.md): Artikler, guider og webinarer om AI-sikkerhet. - [Article](https://fmcybersecurity.com/en/insights/format/article.md): Every Article from the FM CyberSecurity team. - [Artikkel](https://fmcybersecurity.com/insights/format/article.md): Alle innslag av typen Artikkel fra FM CyberSecurity-teamet. - [Guide](https://fmcybersecurity.com/en/insights/format/guide.md): Every Guide from the FM CyberSecurity team. - [Guide](https://fmcybersecurity.com/insights/format/guide.md): Alle innslag av typen Guide fra FM CyberSecurity-teamet. - [Webinar](https://fmcybersecurity.com/en/insights/format/webinar.md): Every Webinar from the FM CyberSecurity team. - [Webinar](https://fmcybersecurity.com/insights/format/webinar.md): Alle innslag av typen Webinar fra FM CyberSecurity-teamet. - [Report](https://fmcybersecurity.com/en/insights/format/report.md): Every Report from the FM CyberSecurity team. - [Rapport](https://fmcybersecurity.com/insights/format/report.md): Alle innslag av typen Rapport fra FM CyberSecurity-teamet. - [News](https://fmcybersecurity.com/en/insights/format/news.md): Every News from the FM CyberSecurity team. - [Nyhet](https://fmcybersecurity.com/insights/format/news.md): Alle innslag av typen Nyhet fra FM CyberSecurity-teamet. - [Event](https://fmcybersecurity.com/en/insights/format/event.md): Every Event from the FM CyberSecurity team. - [Arrangement](https://fmcybersecurity.com/insights/format/event.md): Alle innslag av typen Arrangement fra FM CyberSecurity-teamet. ## Insight articles (English) - [CyberSecStats #58 - Employees selling credentials, decision-maker cyber priorities, Q1 ransomware stats](https://fmcybersecurity.com/en/insights/strategy/cybersecstats-58.md): This week's CyberSecStats roundup: 30+ stats on ransomware disclosure rates in Q1 2026, AI ROI gaps, credential resale, identity at machine speed, and SMB fraud losses. - [How we publish to our website with no admin login](https://fmcybersecurity.com/en/insights/strategy/how-we-publish-to-our-website-with-no-admin-login.md): FM publishes through a Cloudflare Workers MCP server, gated by Microsoft Entra. No admin login, no user table, no CMS, no /forgot-password page. - [From compliance burden to competitive advantage, in 2-3 weeks](https://fmcybersecurity.com/en/insights/compliance/from-compliance-burden-to-competitive-advantage-in-2-3-weeks.md): How leadership teams move from compliance uncertainty to documented control in 2-3 weeks, evidence that holds up under investor, customer, or regulatory due diligence. - [How Nordic SMBs prepare for NIS2](https://fmcybersecurity.com/en/insights/compliance/nis2-prep.md): Practical compliance steps for the new EU directive, what to do this quarter, and what can wait. - [Charlotte AI: what does agentic SOC mean for you?](https://fmcybersecurity.com/en/insights/strategy/charlotte-ai-soc.md): A look at how CrowdStrike's agentic SOC changes the economics of 24/7 monitoring for SMBs. - [Shadow AI, the risk no one talks about](https://fmcybersecurity.com/en/insights/ai-security/shadow-ai.md): Recording from our recent webinar on the unsanctioned AI tools your employees already use, and how to handle them without killing productivity. ## Insight articles (Norwegian) - [Slik publiserer vi til nettsiden uten admin-innlogging](https://fmcybersecurity.com/insights/strategy/slik-publiserer-vi-til-nettsiden-uten-admin-innlogging.md): FM publiserer gjennom en Cloudflare Workers MCP-server, sluset gjennom Microsoft Entra. Ingen admin-innlogging, ingen brukertabell, ingen CMS, ingen /forgot-password-side. - [Slik forbereder norske SMB-er seg på NIS2](https://fmcybersecurity.com/insights/compliance/slik-forbereder-norske-smber-seg-pa-nis2.md): Praktiske compliance-steg for det nye EU-direktivet, hva du bør gjøre nå, og hva som kan vente. - [Charlotte AI: Hva betyr agentic SOC for deg?](https://fmcybersecurity.com/insights/strategy/charlotte-ai-hva-betyr-agentic-soc-for-deg.md): Slik endrer CrowdStrike sin agentic SOC økonomien i 24/7-overvåking for SMB-er. - [Shadow AI, risikoen ingen snakker om](https://fmcybersecurity.com/insights/ai-security/shadow-ai-risikoen-ingen-snakker-om.md): Opptak fra webinaret vårt om de usanksjonerte AI-verktøyene ansatte allerede bruker, og hvordan håndtere dem uten å drepe produktiviteten. - [Fra compliance-byrde til konkurransefortrinn, på 2-3 uker](https://fmcybersecurity.com/insights/compliance/fra-krav-til-kontroll-pa-2-3-uker.md): Hvordan ledelser går fra compliance-usikkerhet til dokumentert kontroll på 2-3 uker, bevis som tåler due diligence fra investor, kunde eller tilsyn. ## Optional - [Our Offices](https://fmcybersecurity.com/en/offices.md): We are headquartered in central Oslo, working across Norway and the Nordics with international clients. - [Våre kontorer](https://fmcybersecurity.com/offices.md): Vi har hovedkontor sentralt i Oslo, og jobber på tvers av Norge og Norden — med internasjonale kunder. - [Life @ FM CyberSecurity](https://fmcybersecurity.com/en/careers.md): Senior specialists working at principal level — scoping engagements, operating consoles, sitting close to the customers we work for. No graduate programme, no layers of project managers between you and the work. - [Livet @ FM CyberSecurity](https://fmcybersecurity.com/careers.md): Senior fagspesialister som jobber på prinsipalnivå — scoper oppdrag, opererer konsoller, og sitter tett på kundene vi jobber for. Ingen trainee-program, ingen lag av prosjektledere mellom deg og arbeidet. - [Open positions](https://fmcybersecurity.com/en/open-positions.md): Senior cybersecurity roles at FM CyberSecurity in Oslo — senior security consultants, CyberArk PAM, and sales leadership. - [Ledige stillinger](https://fmcybersecurity.com/open-positions.md): Senior cybersikkerhetsroller hos FM CyberSecurity i Oslo — senior sikkerhetskonsulenter, CyberArk PAM og salgsledelse. ## Reference - [Sitemap (XML)](https://fmcybersecurity.com/sitemap-index.xml): Full XML sitemap covering both locales. - [Single-document corpus](https://fmcybersecurity.com/llms-full.txt): Every page concatenated into one Markdown file for long-context agents.