This article investigates the extent to which biosecurity measures are recognized and have been implemented in the Nordic countries, in the absence of formalized security standards and legislation. Two trials were undertaken: first, a broad combined biosafety and biosecurity questionnaire survey of the Nordic countries, and, second, a focused on-site audit of 22 facilities, with 94 laboratories, in Denmark. Both trials indicated that external security had been partially implemented but that little attention had been paid to internal security and the establishment of biosecurity. It was demonstrated that the backgrounds and identities of insiders were rarely checked and that they could have gained access to both pathogen inventory lists and freezers in many facilities. In 81% of pathogen-containing facilities, pathogens were not routinely and centrally accounted for. The authors recommend the establishment of a legal framework congruent with international standards and obligations; novel governmental national biosecurity authorities, requiring a fusion of both microbiological and technical expertise and legislative powers; and the formulation of a new code of conduct termed “Good Biosecurity Practice.”