news 11.11.2025

Resilience of Healthcare was tested in a National Cyber Exercise

The National Cyber Exercise (KYHA) of the Healthcare domain was held on 3–7 November 2025 in the premises of the Jamk University of Applied Sciences (Jamk). The wellbeing services counties of South Karelia, Kymenlaakso and Päijät-Häme, certain service providers, and the Social Insurance Institution of Finland (Kela) participated in the training.

JYVSECTECin tilannehuone

The KYHA exercises help participants enhance their technical skills and collaboration in complex and large-scale cybersecurity incident scenarios.

“The training highlights the importance of collaboration and regular practice, even under normal conditions. Well-defined processes and operational guidelines are essential and must be kept up to date. Only practice realises their significance. The wellbeing services county of Kymenlaakso found the exercise very useful, and we received many areas for development to take home”, says Matti Ahola, Chief Information Officer of the wellbeing services county of Kymenlaakso, who participated in the exercise.

As part of the exercise scenario, cyber attacks were targeted at technical systems used in healthcare, which were modelled on the RGCE (Realistic Global Cyber Environment) cyber exercise environment. Systems that were the target of cyber attacks in this exercise included various patient information systems, hospital pharmacies and home care systems.

“Our RGCE cyber range has been developed to meet the requirements of different domains through RDI activities. This national exercise in healthcare is a good example of how the results of research and development activities can be utilised in national-level training activities”, says Tero Kokkonen, Director of Jamk’s Institute of Information Technology.

National Cyber Exercise is part of the Finnish Comprehensive Security Model

Cyber exercises strengthen the ability to respond to real-life cybersecurity incidents. Competence and cooperation ensure the functioning of society’s vital functions and public services.

Tero Kokkonen and Janne Allonen

Director of Jamk Institute of Information Technology, Tero Kokkonen (left), and Deputy Cyber Security Director Janne Allonen from the Ministry of Transport and Communications of Finland.

“Healthcare must also act in crisis situations, as the effects of a cyber attack are not only visible in systems, but also in patient care, safety and trust”, says Janne Allonen, Deputy Cyber Security Director at the Ministry of Transport and Communications of Finland.

“Finland’s strength is the comprehensive security model, in which different parties work together. Through exercises and training, we create a common foundation on which preparedness, leadership and recovery are built. Of course, it is in our interest to train and educate Finnish society and the healthcare sector as extensively as possible to strengthen our resilience”, Allonen continues.

In addition to healthcare, the parties participating in the annual KYHA exercises include municipality and critical infrastructure organisations, Finnish state administration organisations and security authorities. In total, the KYHA exercises have already benefited more than 80 Finnish organisations and helped to maintain the critical expertise of more than 3200 people related to Finland’s security.

The national cyber exercises will be carried out by the JYVSECTEC (Jyväskylä Security Technology), a research, development and training centre located at Jamk’s Institute of Information Technology, in cooperation with the Ministry of Transport and Communications of Finland. The Security Committee of Finland also participates in a guiding role.

Further information

Janne Allonen, Deputy Cyber Security Director, Ministry of Transport and Communications of Finland
[email protected]
p. 029 5342 002

Tero Kokkonen, Director, Jamk Institute of Information Technology
[email protected]
p. 050 4385 317

Keywords

Main News
cybersecurity
Share