SWEDEN Trends and Developments Contributed by: Anders Bergsten and Victoria Nordenberg, Mannheimer Swartling
Mannheimer Swartling Advokatbyrå AB Norrlandsgatan 21 111 43 Stockholm Sweden Tel: +46 859 506 000 Fax: +46 859 506 001 Email: felicity.trocme@msa.se Web: www.mannheimerswartling.se
Digitalisation and Cyber-Attacks Sweden is a leading nation in the research and development of new technologies, with digi - talisation at the heart of its progress. Howev - er, the deteriorating global security landscape has increased the risk of cyber-attacks, which makes highly digitised countries extra vulner - able. Like in many other countries, both public and private entities in Sweden are repeatedly targeted by cyber-attacks from foreign powers (either state actors or threat actors acting with the tacit acceptance from host nations). Conse - quently, the ability to effectively manage these cyber threats is crucial for Swedish organisa - tions, leading to an increased need for robust protection against such attacks. This has led to an increased need for robust protection against cyber-attacks. In Sweden, cyber threats manifest themselves in various forms, including intelligence threats from foreign powers and criminal activities targeting companies. These threats often involve tactics such as phishing, password attacks, malware and attacks on mobile devices and email sys - tems. As cyber-attacks continue to evolve and become more sophisticated, it is imperative for
every organisation to regularly ensure that its defences remain robust and effective. Protec - tion against cyber-attacks is particularly impor - tant for organisations that provide essential soci - etal functions and manage critical IT systems. The direct and indirect costs of cyber-attacks on such operations are estimated to be in the billions of Swedish kronor yearly. It should be noted that the Swedish regulatory environment concerning cybersecurity has not entirely kept pace with the swift deterioration in the global security landscape, together with the adoption of many EU initiatives. To a certain extent, this has led to a somewhat fragmentized regulatory picture – eg, in relation to supervisory authorities and notification obligations in case of incidents caused by cyber-attacks. Extended Applicability In the past, the legal obligations to meet certain cybersecurity requirements have been directed at public authorities, whereas now the regula - tory framework will require substantial secu - rity measures from a much broader group of organisations, including private companies. In 2019, the applicability of the Protective Secu -
267 CHAMBERS.COM
Powered by FlippingBook