As of 31 December 2025, ACI Risk Measure ApS has acquired Danish Cyber Defence A/S from Danish Cyber Collective A/S.
For several years, ACI Risk Measure has worked to make cyber risk measurable and decision-relevant for executive teams and boards by translating technical and operational risks into financial terms. With the acquisition of Danish Cyber Defence, this approach is further strengthened through realistic security testing and a well-established corporate network where members share experience and insight across organisations.
Danish Cyber Defence operates a network of organisations that, through realistic assume-breach testing, work with their actual ability to detect and manage cyber attacks. The tests are based on real attack scenarios and focus on what happens in practice when organisations are under pressure. When repeated over time, the tests provide a more nuanced picture of organisational strengths and weaknesses than one-off reports.
The acquisition supports the ambition to connect cybersecurity, risk management and compliance more closely with executive decision-making. For members and partners, Danish Cyber Defence’s day-to-day operations, services and planned activities will continue unchanged, and the team behind the Alliance remains the same, ensuring continuity and stability.
The Chairman of Danish Cyber Defence, Søren Pind, who as part of the acquisition joins ACI Risk Measure as a partner and co-owner, highlights the need for a more leadership-driven approach:
“Cyber risk is no longer something that can be left to technology alone. When realistic testing is combined with a clear understanding of consequences, leadership teams have a stronger basis for taking responsibility and setting priorities,” says Søren Pind.
The acquisition is carried out with the ambition of further developing a Danish foundation for cyber resilience, which over time can also be applied in a broader European context.
Changes to the management and board of Danish cyber defence A/S
Executive management
Erik Sørup Andersen, Chief Executive Officer
Jesper Sobol, Chief Operating Officer
Board of Directors
Søren Pind, Chairman
Jens Thonke, Deputy Chairman
Johnny Nielsen, Board Member
As part of the transaction, Søren Pind also joins ACI Risk Measure as a partner and co-owner.
Background
The dialogue between Danish Cyber Defence and ACI Risk Measure began in 2024, driven by a shared belief in the value of combining the results of C-level testing with quantitative techniques to translate technical cyber risk into financial risk that stakeholders outside organisations’ IT functions can understand.
When Danish Cyber Collective initiated a review of the Alliance’s vision and future strategy in spring 2025, it was natural to explore the potential of a closer integration between the two organisations’ approaches to cybersecurity. This analysis revealed significant synergies, which ultimately led to the decision to sell Danish Cyber Defence to ACI Risk Measure.
Through the transaction, the Alliance gains access to broader capabilities in cybersecurity, cyber risk management and compliance, a strong Nordic industry network, and increased capacity to deliver additional activities and services that create value for members.
ACI Risk Measure intends to continue developing and growing the Alliance in the same spirit, actively sharing analyses of the risk landscape and emerging trends, and engaging leading experts from across the industry network.
This creates a stronger foundation for attracting additional members and expanding value-creating activities within the Alliance.
About ACI Risk Measure
History
Risk Measure was founded in April 2023 with a mission to help organisations make better decisions about managing cyber risk through an evidence-based and quantitative approach to cyber risk assessment.
On 1 January 2025, Risk Measure acquired ACI A/S and changed its name to ACI Risk Measure. Through the acquisition of ACI, the company gained deep expertise in risk quantification and a portfolio of mature risk quantification services developed in collaboration with organisations in the financial sector and a number of large international companies that have been front-runners in data-driven and quantitative risk management.
ACI Risk Measure today
ACI Risk Measure currently employs approximately 20 people and specialises in technical and organisational cybersecurity, risk management and compliance.
The company is a co-founder of Northern Cyber Alliance together with CSIS, Bech-Bruun, Delta Crisis Management and BRO Kommunikation.
ACI Risk Measure collaborates with Factor Insurance Brokers on advisory services related to cyber insurance and works with a number of technical security providers and advisers, including Truesec, Fraktal, CSIS, Elisa (Finland) and IZARA.
ACI Risk Measure’s client base primarily consists of medium-sized and large organisations headquartered in Europe, as well as the financial sector and selected public-sector organisations. Currently, ACI Risk Measure provides cyber risk quantification services and cybersecurity and compliance advisory services to approximately 50% of Danish banks and around 30% of Danish pension funds.
Executive management
Erik Sørup Andersen, Chief Executive Officer
Jesper Sobol, Chief Operating Officer
Board of Directors
Jens Thonke, Chairman and Partner, ACI Risk Measure
Johnny Nielsen, Deputy Chairman
Daria Krivonos, Board Member and Director, Future Studies Institute
Maj Britt Arberg, Board Member
About Danish Cyber Defence
Danish Cyber Defence is a corporate network that works purposefully to strengthen members’ cyber resilience through realistic security testing and confidential knowledge sharing.