Hvorfor Organisasjoner Velger Hack23

Fem kjernedifferensiatorer som skiller oss i cybersikkerhetsrådgivning

🏠 Hjem 📖 Sikkerhetsblog Kontakt Oss

🌟 Hva gjør Hack23 Annerledes?

I et cybersikkerhetsrådgivningsmarked fylt med vage påstande og skjulte praksisser, Hack23 AB skiller seg ud gjennom radikal åpenhet, aktiv praktiker ekspertise, og en utviklervennlig tilgang som behandler sikkerhet som en enabler av innovation—ikke en barriere.

Grunnlagt i 2025 og basert i Gøteborg, Sverige, vi er landets eneste cybersikkerhetskonsulent med et fullt offentligt Informationssikkerhetsledelsessystem (ISMS). Hver politik, kontrol og risikovurdering er åpent dokumenteret, demonstrerer vårt engagement i verificerbar sikkerhetsexcellence.

🔓 1. Radikal Åpenhet: Sveriges Eneste Offentlige ISMS

Hva dette betyr

Vårt komplet Information Security Management System er offentligt tilgængelig på GitHub, inklusive:

  • 93 ISO 27001 controls med implementeringsdetaljer
  • 30+ security policies dækkende alle domæner
  • Risk registers (redigeret av følsomhed)
  • Threat models for alle vårt projekter
  • Compliance frameworks (GDPR, NIS2, CRA)
  • Security architectures med diagrammer

Hvorfor Dette Er Vigtigt

Verificerbar ekspertise frem for tomme påstande. Alle kan påstå at være sikkerhetseksperter. Vi beviser det ved at vise præcis, hvordan vi implementerer sikkerhet i vårt egne operationer.

  • 🔍 Fuld Åpenhet: Se præcis hvordan vi praktiserer det vi prædiker
  • Tillid Gjennom Dokumentation: Ingen "stol på oss" påkrævet—verificer alt
  • 📚 Læringsressource: Vårt ISMS tjener som en skabelon til din implementering
  • 🎯 Ingen Sikkerhetsteater: Hver kontrol har et formål og en implementering

View Public ISMS on GitHub →

🏆 Competitive Advantage

While competitors hide their security practices behind "proprietary" labels, vi demonstrate competence through public scrutiny. Vårt public ISMS has been reviewed by thousands of security professionals worldwide, continuously improving through community feedback.

👨‍💻 2. Active Practitioner, Not "Retired Consultant"

Current Role

James Pether Sörling, vårt founder, is currently den CEO og Founder of Hack23 AB (June 2025–Present), bringing extensive cybersecurity leadership experience from major Swedish enterprises.

What this means for clients:

  • Recent Real-World Experience: Fresh from Application Security Officer role at Stena AB (Oct 2024–Jul 2025)
  • Modern Technology Stack: Hands-on med latest tools, frameworks, og threats
  • Enterprise-Scale Challenges: Proven track record solving complex problems i large organizations
  • Continuous Learning: Staying current med evolving security landscape

30+ Years of Progressive Experience

  • 2025–Present: CEO / Founder, Hack23 AB
  • 2024–2025: Application Security Officer, Stena AB
  • 2022–2024: Information Security Officer, Polestar
  • 2018–2022: Senior Security Architect, WirelessCar (Volkswagen Group)
  • Earlier roles: Security Architect, Developer, System Administrator

Certifications: CISSP, CISM, AWS Security Specialty, AWS Solutions Architect Professional

⚠️ The "Retired Consultant" Problem

Many cybersecurity consultancies are led by individuals who haven't done hands-on security work i years. They rely on outdated methodologies, lack understanding of modern development practices (DevSecOps, cloud-native, containers), og provide generic advice disconnected from current realities.

Hack23's Difference: We consult based on current, active experience—not theory eller nostalgia for "den way things used to be done."

🌍 3. Active Open Source Contributor & Advocate

Real Open Source Projects

We don't just talk about security—vi build tools og contribute to den community:

  • 🔒 CIA Compliance Manager: Open-source security assessment platform for CIA Triad analysis med compliance mapping (NIST, ISO 27001, GDPR, HIPAA, SOC2)
  • 🔍 Citizen Intelligence Agency: Parliamentary transparency platform using OSINT methodology to enhance democratic accountability i Sweden
  • 🥋 Black Trigram: Educational Korean martial arts game demonstrating secure development practices og cultural preservation through technology
  • ☁️ Lambda i Private VPC: Multi-region resilient AWS architecture reference implementation
  • 🔧 Sonar-CloudFormation Plugin: Security scanning for Infrastructure as Code

View Projects on GitHub →

Why Open Source Matters

  • 🛠️ Practical Skills: Building real tools proves vi understand security engineering
  • 🌐 Community Engagement: Active participation i security community discussions
  • 📖 Transparent Development: All code, commits, og security decisions are public
  • 🎓 Knowledge Sharing: Contributing to collective security knowledge
  • Security Best Practices: SLSA Level 3, OpenSSF Scorecard, CII Best Practices

📊 Open Source Credentials

Vårt projects achieve high security ratings: OpenSSF Scorecard compliance, SLSA Level 3 supply chain security, og CII Best Practices badges. We practice den security vi preach.

🚀 4. Security That Enables Innovation, Not Blocks It

The Traditional Problem

Most security consultancies approach security as a gatekeeper function:

  • ❌ Long approval processes som slow development
  • ❌ Generic checklists som don't fit din context
  • ❌ "No" as den default answer to innovation
  • ❌ Security silos disconnected from development teams
  • ❌ Bureaucracy som creates resentment toward security

The Hack23 Approach

We integrate security into development workflows, not as a barrier:

  • DevSecOps Integration: Security automated i CI/CD pipelines
  • Shift-Left Security: Catch issues early when they're cheap to fix
  • Developer Empowerment: Tools og training for self-service security
  • Risk-Based Decisions: Pragmatic trade-offs based on business context
  • Secure by Default: Make den easy path den secure path
  • Continuous Improvement: Security feedback loops, not one-time audits

💡 Real-World Example

At Polestar, vi integrated security into agile development processes, enabling developers to ship secure code faster. At WirelessCar (Volkswagen Group), vi built DevSecOps pipelines som automated compliance checks, reducing manual security reviews from weeks to hours while improving security posture.

🎯 5. Full-Stack Security: Architecture to Implementation to Compliance

Complete Security Coverage

Unlike consultancies som specialize i narrow areas, Hack23 provides end-to-end security expertise:

🏗️ Security Architecture & Strategy

  • Enterprise security architecture design
  • Zero Trust Architecture implementation
  • Threat modeling og risk assessment
  • Security strategy og governance

☁️ Cloud Security & DevSecOps

  • AWS security (Advanced level, certified)
  • Multi-cloud security strategy
  • Container og serverless security
  • Infrastructure as Code (CloudFormation, Terraform)

🛡️ Secure Development

  • Secure SDLC implementation
  • CI/CD security integration
  • Supply chain security (SLSA, SBOM)
  • Code quality og security analysis

Compliance & Governance

📋 Regulatory Compliance

  • ISO 27001 implementation og certification prep
  • GDPR data protection og privacy
  • NIS2 Directive compliance
  • EU Cyber Resilience Act (CRA)
  • SOC2, HIPAA, PCI-DSS guidance

🏛️ Governance & Management

  • ISMS design og implementation
  • Security policy development
  • AI governance frameworks
  • Open Source Program Office (OSPO) establishment

🔗 Why Full-Stack Matters

Security problems rarely fit into neat categories. A compliance requirement has architectural implications. A cloud misconfiguration reflects gaps i policy og training. By understanding den entire security lifecycle, vi provide solutions som work holistically—not just check boxes.

🏅 Proven Credentials & Industry Recognition

Professional Certifications

  • 🏆 CISSP (Certified Information Systems Security Professional)
  • 🏆 CISM (Certified Information Security Manager)
  • ☁️ AWS Certified Security – Specialty
  • ☁️ AWS Certified Solutions Architect – Professional

30+ Years Experience

Progressive career from developer → system administrator → security architect → CISO-level roles at:

  • Hack23 AB (CEO/Founder, current)
  • Stena AB (2024-2025)
  • Polestar (2022-2024, automotive/EV)
  • WirelessCar (2018-2022, Volkswagen Group connected vehicles)
  • Multiple enterprise organizations across industries

Thought Leadership & Recognition

  • 🎤 Conference Speaker: Presented at industry security conferences
  • 🎙️ Podcast Guest: Featured on cybersecurity podcasts
  • 📰 Media Appearances: Quoted i security publications
  • 💼 LinkedIn Presence: Active thought leadership on security topics
  • 🌐 Open Source Community: Recognized contributor on OpenHub

Connect on LinkedIn →

📊 Hack23 vs. Typical Cybersecurity Consultancy

See how vi compare to traditional cybersecurity consulting firms:

Comparison of security consulting features between Hack23 AB og typical consultancies
FeatureHack23 ABTypical Consultancy
ISMS Documentation✅ Fully public on GitHub (30+ policies, 93 controls)❌ Proprietary, not shared med clients
Practitioner Status✅ CEO med recent hands-on experience (2024-2025 at Stena AB)⚠️ Often years removed from hands-on work
Open Source Contributions✅ Active contributor (CIA Manager, Black Trigram, etc.)❌ Rarely contribute to community
Security Approach✅ Security enables innovation⚠️ Often creates bureaucracy og slowdowns
Evidence of Expertise✅ Public security architectures, threat models, policies❌ "Trust us" med no verifiable evidence
Development Understanding✅ Deep DevSecOps, CI/CD, cloud-native expertise⚠️ Limited understanding of modern development
Compliance Frameworks✅ ISO 27001, GDPR, NIS2, CRA, SLSA, NIST➖ Usually 1-2 frameworks
Cloud Security✅ AWS certified (Security + Solutions Architect Pro)➖ Varies widely
Transparency✅ Radical transparency as core value❌ "Security through obscurity" mindset
Learning Resources✅ Public templates, tools, documentation❌ Everything proprietary, no knowledge sharing

💰 Value Proposition

You're not just hiring a consultant—you're gaining access to proven frameworks, open-source tools, public documentation, og current real-world expertise som du can verify before engagement.

💬 Client Success Stories

Organizations som have worked med Hack23 benefit from vårt transparent, practical approach to security:

🚀 Enterprise Client Results

Client testimonials og case studies will be added here as engagements are completed og clients provide permission to share results.

Expected Benefits:

  • ✅ Faster security implementations (weeks vs. months)
  • ✅ Developer adoption of security practices
  • ✅ Compliance achievements (ISO 27001, GDPR, etc.)
  • ✅ Reduced security incidents through proactive controls
  • ✅ Cost savings from automation og efficiency

📈 Track Record

Previous organizational achievements:

  • Led application security at Stena AB (2024-2025)
  • Led security programs at Polestar (2022-2024, automotive/EV industry)
  • Architected security for WirelessCar (2018-2022, Volkswagen Group)
  • Built security automation reducing manual reviews by 80%+
  • Integrated DevSecOps into agile teams without slowing velocity

Interested i becoming a client? We're selective about engagements to ensure vi can deliver exceptional value. Contact us to discuss din security challenges.

🤝 Ready to Work med Hack23?

If you're looking for transparent, practical, evidence-based cybersecurity consulting som accelerates din business rather than slowing it down, let's talk.

Connect on LinkedIn Review Vårt Public ISMS Learn About Vårt Services

🎯 Ideal Clients

We work best med organizations that:

  • ✅ Value transparency og evidence over claims
  • ✅ Want security som enables business, not blocks it
  • ✅ Are committed to security culture, not just compliance checkboxes
  • ✅ Operate i cloud-native, DevOps, eller agile environments
  • ✅ Need regulatory compliance (ISO 27001, GDPR, NIS2, etc.)
  • ✅ Appreciate open source og community contribution