WhoisXML API Participates in the Cyber Security Nordic 2025 Conference
Brendan O’Doherty, Intelligence Partnerships at WhoisXML API, recently attended the Cyber Security Nordic 2025 conference held at the Helsinki Expo and Convention Centre on November 4-5, 2025. He joined more than 2,000 professionals from Nordic governments, critical infrastructure sectors, enterprises, and academia.
Brendan reflected on the two-day event, saying, “Cyber Security Nordic 2025 reinforced Helsinki’s position as a cornerstone of European cybersecurity thought and practice. Across all sessions, the message was consistent – resilience in cybersecurity depends equally on technical sophistication, human composure, and policy integrity.”
Based on his on-the-ground report, here are the three key themes that defined this year's conference.
AI Is Accelerating Cyber Offense
The conversation around AI has moved past theoretical risks to operational realities. A major takeaway from the conference is that adversaries are now integrating AI throughout the entire cyber kill chain, from initial reconnaissance and evasion to negotiation tactics in ransomware operations.
The consensus among speakers was that AI is not necessarily replacing human attackers, but it is giving them more power. AI significantly compresses the cycle time between discovering vulnerability and exploiting it, allowing less-skilled actors to achieve more sophisticated outcomes that were previously out of their reach.
The result of using AI in cybercrime is an expanded threat surface, with security teams fighting against threats such as:
- AI-assisted phishing
- AI-based command generation for Command and Control (C2) frameworks
- LLM-driven credential parsing
Several sessions urged defenders to adopt AI-aware detection workflows and integrate adversarial simulations into their red teaming exercises to prepare for these next-generation threats.
Internet Fragmentation Potentially Affecting Cyber Defense
The Domain Name System (DNS) plays a major role in how the Internet works and is, therefore, a foundational component of cybersecurity. As such, it’s no wonder that some sessions highlighted the importance of DNS protection for detecting and blocking threats, such as malware and DNS tunneling.
However, the conference presented a sobering outlook on the DNS infrastructure itself. Elena Plexida, Vice President for Government and IGO Engagement at ICANN, highlighted how geopolitical challenges will change how the global namespace will be operated in the future.
In other words, the single, unified global Internet that we know today could become fragmented due to national regulations (e.g., Russia’s sovereign DNS model) and experimental protocols (e.g., Ethereum Name Service [ENS] and Handshake). This fragmentation poses new challenges for global cyber defense and intelligence gathering.
Human Is the Most Crucial Element in High-Stakes Incidents
Aside from tackling the technical aspects of cybersecurity, the conference also placed emphasis on the human component, particularly during incident response.
Research presented at the event underscored the psychology of prolonged response — sustained high-pressure response windows lead to cognitive fatigue and emotional exhaustion, which result in shortcuts, misjudgments, and diminished situational awareness. Trauma from these experiences can become a factor in other cyber incidents.
To address this challenge, speakers emphasized the importance of practicing preparedness plans through exercises so they are executed seamlessly. Incident response exercises help ensure that everything and everyone works well together.
Joel Muujärvi, Operative Team Lead, Preparedness and Business Continuity Services at Insta Advance, covered this topic in a session where he said, “The moment something unexpected happens, the plans will collide with reality. So what matters then is not the document itself but how people use it, how they adapt to the situation, coordinate, and decide.”
About WhoisXML API
WhoisXML API is a seasoned OEM data provider, specializing in delivering well-parsed, normalized, and comprehensive WHOIS, IP, and DNS intelligence. With more than 15 years of industry experience, we have amassed a vast repository of data, encompassing more than 25.5 billion historical WHOIS records, 50+ billion hostnames, 116+ billion DNS records, 10.5+ million IP netblocks, and 99.5% coverage of active IPv4 and IPv6 addresses.
We offer a wide range of domain, DNS, and other Internet intelligence solutions delivered via comprehensive databases, secure APIs, and intuitive web GUIs. Regardless of the consumption model, our intelligence serves as a robust foundation for leading cybersecurity products and services, with products like predictive threat intelligence data feeds leveraging AI predictive analytics capabilities and domain telemetry to enable organizations to detect potential malicious web properties early.
Trusted by more than 52,000 satisfied customers spanning cybersecurity, marketing, law enforcement, e-commerce, and financial services, WhoisXML API has consistently been recognized for its rapid growth and innovation, earning multiple accolades as an Inc. 5000 honoree and a Financial Times Top Fastest-Growing Company.