
People Capabilities In this section you can find Services Banking and Finance Banking and Finance overview Asset & Lease Finance Capital Markets Corporate Debt Leveraged Finance Project, Energy and Infrastructure Finance Real Estate Finance Restructuring and Insolvency Securitization and Structured Finance Trade and Export Finance Competition, Trade and Foreign Investment Competition, Trade and Foreign Investment overview Antitrust and Competition Investigations Antitrust and Competition Litigation Dawn Raids Foreign Investment and National Security Law International Sanctions and Export Controls International Trade Law Merger Control Procurement and State Aid Construction and Engineering Construction and Engineering overview Construction Disputes Contracts and Procurement EPC Project Advisory Corporate and M&A Corporate and M&A overview Capital Markets Company Secretarial Services Corporate Governance International Corporate Reorganizations Joint Ventures Mergers and Acquisitions Private Equity Venture Capital Corporate Crime Corporate Crime overview Anti-Bribery and Corruption Anti-Money Laundering International Sanctions and Export Controls Regulatory Investigations and Enforcement Data Privacy, Security and Technology Data Privacy, Security and Technology overview Cybersecurity Data Privacy Disruptive Technology Electronic and Mobile Commerce Information Law Product Counseling Regulatory Defense and Litigation Technology Transactions and Sourcing Telecom Services Employment, Labor and Pensions Employment, Labor and Pensions overview Corporate Transactions Cross-Border Employment and Pensions Diversity, Pay and Discrimination Employee Benefits and Executive Compensation Employment Employment Litigation Global Mobility and Immigration Labor and Industrial Relations Pensions and Retirement Plans Pensions Risk Transfer and Management Financial Services Regulation Financial Services Regulation overview Asset Management Crypto Assets Derivatives Financial Services Disputes and Investigations Funds Insurance Insurance overview Captives Insurance and Reinsurance Disputes Insurance and Retirement Products, Insurance Distribution Insurance Financing and Capital Markets Insurance M&A, Reinsurance and Restructuring Insurance Regulation and Compliance Insurance Regulatory Investigations and Enforcement Insurtech Pensions Risk Transfer and Management Intellectual Property Intellectual Property overview IP Audits and Assessments IP Litigation IP Transactional Patents Trademarks, Trade Dress and Copyrights Trade Secrets Litigation and Dispute Resolution Litigation and Dispute Resolution overview Class Actions Commercial Litigation Antitrust and Competition Litigation Construction Disputes Energy Disputes Environmental, Health and Safety Financial Services Disputes and Investigations Fraud Insurance and Reinsurance Disputes International Arbitration Procurement Disputes Real Estate Disputes Regulatory Investigations and Enforcement Tax Controversy and Litigation Real Estate and Planning Real Estate and Planning overview Commercial Development and Leasing Corporate Real Estate Planning and Environmental Real Estate Disputes Real Estate Finance Living Strategic Contracts Strategic Contracts overview Contract Modernization Outsourcing Strategic Partnerships Tax Industries Consumer Consumer overview Food and Beverage Luxury Retail and Wholesale Energy Energy overview Clean Energy Energy Regulatory Hydrogen Nuclear Oil and Gas Power Financial Services Financial Services overview Corporate and Investment Banking Private Capital Retail Banking and Consumer Finance Governments and Infrastructure Governments and Infrastructure overview Governments and Strategic Projects Infrastructure Transportation Industrials Industrials overview Aerospace, Defense and Security Automotive Chemicals Manufacturing and Industrial Engineering Life Sciences and Healthcare Life Sciences and Healthcare overview Agriculture and Medicinal Cannabis and CBD Healthcare Industrial Biotechnology Medical Devices Pharmaceuticals and Biotechnology Research and Development Vaccines Real Estate Real Estate overview Alternative Assets Multi and Single Family Residential Office and Industrial Real Estate Investment Retail and Mixed Use Transport Related Real Estate Technology & Digital Technology & Digital overview Digital Content Digital Infrastructure Technology Resources Insights Client tools Events and training Business topics About About us Firm leadership Purpose and values Responsible business Community Diversity and inclusion Environmental sustainability Pro bono Reports Alumni News Careers Global careers Applications Why us? Lawyers and partners Offices Sweden Visit global site Select a local version of the site Angola Asia Austria Belgium Bulgaria Czech Republic Estonia Finland France Germany Hungary Iraq Ireland Italy Jordan Latvia Lithuania Luxembourg Mauritius Mozambique Netherlands Poland Portugal Qatar Romania Saudi Arabia Slovakia South Africa Spain Sweden Switzerland Tunisia United Arab Emirates United Kingdom United States Rest of the world en Select language Cestina Deutsch Dutch Eesti English Español Français Italiano Latviešu Lietuvių Polski Slovencina Cybersecurity Home Capabilities Services Data Privacy, Security and Technology Home Capabilities Services Data Privacy, Security and Technology Cybersecurity Cybersecurity Hope is not a plan. By working with our global cybersecurity lawyers, you will be better prepared for any cyber-attack. Whichever industry you work in, securing your data, technology and systems from both internal and external hacks is critical. The consequences of a serious cyber breach can stretch far beyond the initial hack, and can lead to extensive reputational damage, business interruption, regulatory scrutiny and litigation. The key is to plan ahead, both from an IT and legal perspective, and that is where we can help. Our experienced cybersecurity lawyers are always available, providing full spectrum support from preparedness to response, internal investigation to notifications and media communications, and representation before regulators to class action defense. Whether it's ransomware, coding glitches, emails or staff gone astray, we can help you understand the civil and criminal law implications and make informed choices. As a deeply-integrated global practice, we are also exceedingly well-versed in coordinating compliance, notifications, regulatory responses and litigation across jurisdictions, including for the world’s largest companies. Additionally, our worldwide reach means that, should the worst happen, there is always someone working for you. Our global lawyers can help you with all aspects of data cybersecurity law. Notable experience in this field includes: designing and operationalizing breach response policies and procedures to cover over 24 global jurisdictions, including the 50 US states, Puerto Rico, the UK and the EU for a Fortune 50 publicly traded technology company providing full-spectrum advice for a global medical device manufacturing company which suffered multiple data breaches, including a ransomware attack impacting their global operations representing the subsidiary of one of the largest financial services firms in the publicly announced FCA and ICO enforcement investigation, following a significant cybersecurity breach in the US. This continues to be one of the largest incidents reported in recent times, and we have worked closely with the client to ensure consistency in approach across multiple jurisdictions and multiple contemporaneous regulatory investigation and claims activity advising a large US health insurer on a high-profile breach that affected more than one million individuals. The response required public notification (including state and HIPAA notifications), and class-action defense (three jurisdictions and cert petition to the US Supreme Court). Additionally, we engaged with the FBI and the US National Cyber Investigative Joint Task Force relative to the incident advising an international bank and a global life sciences client on major programs to revise procurement contracting processes and the clauses they adopt globally for cybersecurity to comply with international sector and subject matter laws in their vendor management programs Areas In Data Privacy, Security and Technology Data Privacy, Security and Technology Data Privacy Disruptive Technology Electronic and Mobile Commerce Information Law Product Counseling Regulatory Defense and Litigation Technology Transactions and Sourcing Telecom Services Key contacts Sara Malmgren Partner Stockholm, Sweden Torbjörn Lindmark Managing Partner Stockholm, Sweden Latest Insights legal updates Commercially Connected - 29 April 2026 legal updates Commercially Connected Shorts - 22 April 2026 legal updates EU Digital Fitness Check consultation – implications for multinational businesses legal updates Commercially Connected Shorts - 15 April 2026 Latest News firm news At Least One in Three US Companies Unprepared to Tackle National Security Compliance Risks, Eversheds Sutherland Report Finds firm news Eversheds Sutherland continues strategic scale up of its Global Privacy & Cybersecurity practice with further partner hire firm news Eversheds Sutherland Sweden are now ISO 27001 information security certified Tabs Label legal updates April 29, 2026 Commercially Connected - 29 April 2026 legal updates April 22, 2026 Commercially Connected Shorts - 22 April 2026 legal updates April 16, 2026 EU Digital Fitness Check consultation – implications for multinational bus... legal updates April 15, 2026 Commercially Connected Shorts - 15 April 2026 Legal notices Terms & conditions Privacy notice Cookies LinkedIn YouTube Facebook Connect Contact us Client login Staff login Subscribe About us About Eversheds Sutherland Purpose and values Responsible business Alumni Insights Client tools Events and training Business topics Careers Offices © Eversheds Sutherland 2026. All rights reserved. Eversheds Sutherland is a provider of legal and other services operating through various separate and distinct legal entities. For further information about these entities and Eversheds Sutherlands' structure please see the Legal Notice page of this website. Eversheds Sutherland is the name and brand under which the members of Eversheds Sutherland Limited (Eversheds Sutherland (International) LLP and Eversheds Sutherland (US) LLP) and their respective controlled, managed and affiliated firms and the members of Eversheds Sutherland (Europe) Limited (each an "Eversheds Sutherland Entity" and together the "Eversheds Sutherland Entities") provide legal or other services to clients around the world. Eversheds Sutherland Entities are constituted and regulated in accordance with relevant local regulatory and legal requirements and operate in accordance with their locally registered names. The use of the name Eversheds Sutherland, is for description purposes only and does not imply that the Eversheds Sutherland Entities are in a partnership or are part of a global LLP. The responsibility for the provision of services to the client is defined in the terms of engagement between the instructed firm and the client. For further information about these Eversheds Sutherland Entities and Eversheds Sutherlands’ structure please see the Legal Notices page of this website.

Cybersecurity

Hope is not a plan. By working with our global cybersecurity lawyers, you will be better prepared for any cyber-attack.

Whichever industry you work in, securing your data, technology and systems from both internal and external hacks is critical.

The consequences of a serious cyber breach can stretch far beyond the initial hack, and can lead to extensive reputational damage, business interruption, regulatory scrutiny and litigation.

The key is to plan ahead, both from an IT and legal perspective, and that is where we can help. Our experienced cybersecurity lawyers are always available, providing full spectrum support from preparedness to response, internal investigation to notifications and media communications, and representation before regulators to class action defense. Whether it's ransomware, coding glitches, emails or staff gone astray, we can help you understand the civil and criminal law implications and make informed choices.

As a deeply-integrated global practice, we are also exceedingly well-versed in coordinating compliance, notifications, regulatory responses and litigation across jurisdictions, including for the world’s largest companies. Additionally, our worldwide reach means that, should the worst happen, there is always someone working for you.

Our Cybersecurity experience

Our global lawyers can help you with all aspects of data cybersecurity law. Notable experience in this field includes:

designing and operationalizing breach response policies and procedures to cover over 24 global jurisdictions, including the 50 US states, Puerto Rico, the UK and the EU for a Fortune 50 publicly traded technology company
providing full-spectrum advice for a global medical device manufacturing company which suffered multiple data breaches, including a ransomware attack impacting their global operations
representing the subsidiary of one of the largest financial services firms in the publicly announced FCA and ICO enforcement investigation, following a significant cybersecurity breach in the US. This continues to be one of the largest incidents reported in recent times, and we have worked closely with the client to ensure consistency in approach across multiple jurisdictions and multiple contemporaneous regulatory investigation and claims activity
advising a large US health insurer on a high-profile breach that affected more than one million individuals. The response required public notification (including state and HIPAA notifications), and class-action defense (three jurisdictions and cert petition to the US Supreme Court). Additionally, we engaged with the FBI and the US National Cyber Investigative Joint Task Force relative to the incident
advising an international bank and a global life sciences client on major programs to revise procurement contracting processes and the clauses they adopt globally for cybersecurity to comply with international sector and subject matter laws in their vendor management programs

Sara Malmgren

Partner

Stockholm, Sweden

torbjornlindmark@eversheds-sutherland.se

Torbjörn Lindmark

Managing Partner

Stockholm, Sweden

Latest Insights

legal updates
Commercially Connected - 29 April 2026
legal updates
Commercially Connected Shorts - 22 April 2026
legal updates
EU Digital Fitness Check consultation – implications for multinational businesses
legal updates
Commercially Connected Shorts - 15 April 2026

Latest News

Tabs Label

Modern building interior with glass roof

legal updates

April 29, 2026

Commercially Connected - 29 April 2026

Modern city high‑rise buildings glass exterior

legal updates

April 22, 2026

Commercially Connected Shorts - 22 April 2026

legal updates

April 16, 2026

EU Digital Fitness Check consultation – implications for multinational bus...

Contemporary glass architecture structural framework detail

legal updates

April 15, 2026

Commercially Connected Shorts - 15 April 2026

Offices

© Eversheds Sutherland 2026. All rights reserved. Eversheds Sutherland is a provider of legal and other services operating through various separate and distinct legal entities. For further information about these entities and Eversheds Sutherlands' structure please see the Legal Notice page of this website.

Eversheds Sutherland is the name and brand under which the members of Eversheds Sutherland Limited (Eversheds Sutherland (International) LLP and Eversheds Sutherland (US) LLP) and their respective controlled, managed and affiliated firms and the members of Eversheds Sutherland (Europe) Limited (each an "Eversheds Sutherland Entity" and together the "Eversheds Sutherland Entities") provide legal or other services to clients around the world. Eversheds Sutherland Entities are constituted and regulated in accordance with relevant local regulatory and legal requirements and operate in accordance with their locally registered names. The use of the name Eversheds Sutherland, is for description purposes only and does not imply that the Eversheds Sutherland Entities are in a partnership or are part of a global LLP. The responsibility for the provision of services to the client is defined in the terms of engagement between the instructed firm and the client. For further information about these Eversheds Sutherland Entities and Eversheds Sutherlands’ structure please see the Legal Notices page of this website.

Cybersecurity

Hope is not a plan. By working with our global cybersecurity lawyers, you will be better prepared for any cyber-attack.

Areas In Data Privacy, Security and Technology

Key contacts

Latest Insights

Latest News