It-sikkerhed og compliance bliver fortsat vigtigere for organisationer og enkeltpersoner på grund af den teknologiske udvikling, risici og nye lovkrav.

It- og cybersikkerhed prioriteres i stigende grad af lovgivere, organisationer, individer og tilsynsmyndigheder.

Onlinetransmissioner og behandling af data har iboende risici, som skal begrænses gennem overholdelse af lovgivningen, risikovurderinger og passende tekniske og organisatoriske foranstaltninger.

Udover GDPR er følgende EU-initiativer og -regler blandt andet relevante for cybersikkerhed:

  • NIS2-direktivet (cybersikkerhedskrav for en række sektorer og tjenester)
  • E-databeskyttelsesdirektivet og -forordning (databeskyttelse og elektronisk kommunikation)
  • European Electronic Communications Code (EECC) (teleudbyder og udbydere af nummeruafhængige interpersonelle kommunikationstjenester)
  • Forordningen om cybersikkerhed (Cybersecurity Act – ramme for cybersikkerhedscertificering af produkter og tjenester)
  • DORA (sektorspecifik forordning om digital operationel modstandsdygtighed i den finansielle sektor)
  • CER (direktiv om kritiske enheders modstandsdygtighed)
  • Forordningen om cybersikkerhed og Forordningen om informationssikkerhed (cybersikkerhed i forbindelse med Den Europæiske Unions institutioner, organer, kontorer og agenturer).

Mange brancher er underlagt generelle eller sektorspecifikke regulatoriske cybersikkerhedskrav og skal sikre overholdelse af disse.

Sikkerhedsstandarder og revisionserklæringer

Informationssikkerhedsstandarder som fx ISO 27001 overholdes ofte af organisationer for at kontrollere og styre it-sikkerhed og risici.  Nogle it-leverandører kan også være ISO-certificerede, og flere og flere kunder kræver certificeringer af deres leverandører.

Mange it-leverandører indhenter årlige revisionserklæringer fra uafhængige revisorer som ISAE 3000, 3402 type I eller II (International Standard on Assurance Engagements – Assurance Reports on Controls at a Service Organisation). Revisionserklæringerne bruges til at dokumentere og vurdere status for en it-organisation og tilstrækkeligheden af interne kontroller. Nogle it-kunder kan kræve en revisionserklæring, som kan medføre en konkurrencefordel for den it-leverandør, der har en sådan erklæring.

Juridisk bistand inden for alle regulatoriske it-sikkerhedskrav

Vi yder juridisk bistand inden for alle regulatoriske it-sikkerhedskrav, herunder håndtering af complianceprocesser, support i håndteringen af cyberangreb og dialog med relevante myndigheder. Du får adgang til en bred vifte af juridiske færdigheder inden for området, men lige så vigtigt vil du møde en dybdegående forståelse af din virksomhed og branchen som helhed.

Vi samarbejder herudover tæt med vores specialister inden for blandt andet Persondata, Compliance, It, Tech & Digitalisering, Finansiering, Offentlig virksomhed & Forvaltning og M&A & Selskabsforhold.

Ratings

TMT

What the team is known for
Bech-Bruun is a well-known law firm offering strong expertise in IT mandates across Denmark. Its team is well placed to advise on outsourcing and the negotiation of SAP, master licence and SaaS agreements. In addition, clients benefit from the firm’s strength in digitalisation projects, cyber breaches and product launches as well as software procurements. GDPR compliance projects and data protection inspections are also assisted with, while the firm’s members also act as data protection officers. Bech-Bruun is further recognised for its telecommunication expertise, assisting with regulatory mandates such as EECC implementation. Its clientele includes prominent international clients from the technology, automotive and energy sectors as well as public entities.

Notable practitioners
Niels Andersen remains a trusted adviser for his strength in a broad array of IT mandates ranging from large outsourcing projects and software procurements to the negotiation of IT contracts and product launches.

Chambers and Partners Europe 2022, TMT

 

Information Technology

Legal 500 - Bech-Bruun

Ranked: Tier 1

Bech-Bruun handles the full spectrum of issues relating to IT law, including traditional IT system development and supply agreements as well as emerging technologies such as AI and blockchain media. The strength of the team’s capabilities is reflected in its client roster that includes Microsoft and Samsung. It is particularly strong in the area of data protection and has extensive experience providing TMT advice to public sector clients. Practice head Mikkel Friis Rossa advises on IT matters and new technologies at the intersection between IT, data protection and marketing law, while Niels M. Andersen maintains a prominent reputation in the IT space.

"The collaboration, people and flexibility have been and are outstanding."

"The knowledge of our business and need. It provides quick and good answers to our challenges and at an acceptable price."

"Always very quick to respond and use all the specialists there are in Bech Bruun, so we always get the best and still the experience of one point of contact."

Legal 500, Information Technology

Telecoms

Legal 500 - Bech-Bruun

Ranked: Tier 1

Bech-Bruun‘s telecoms practice covers the full breadth of work, including regulatory issues, infrastructure agreements and data protection mandates. The team advises both domestic and international clients and has a strong foothold in the public sector space, with Nordic RSC and Energinet as key clients. In Copenhagen, Niels M. Andersen has a broad practice, advising on all issues concerning IT and technology, including outsourcing, transfers and license agreements, while Mikkel Friis Rossa in Aarhus specialises in data protection work. The pair jointly lead the national team.

Legal 500, Telecoms

BB

Vil du ringes op?

Fortæl os, hvornår du har tid til at tale. Så ringer en af vores specialister dig op.