Career Biography

Daniel Henriksen began his legal career at Deloitte Advokatfirma, where he worked in the Commercial Law department advising on a broad range of legal issues, including contract law, IT contracts, data privacy and litigation.

In 2015, he joined Intility, where he helped establish and build the company’s Legal & Compliance function. Today, Daniel leads Intility’s Security Management department — a cross-functional unit of nearly 50 full-time specialists spanning four areas: Legal & Compliance, Security Operations Centre, Threat and Vulnerability Management, and Security Architecture and Development. Within this structure, the Legal & Compliance team of nine handles the full spectrum of daily legal matters, from data privacy and regulatory compliance to complex commercial negotiations.

Daniel has led negotiations on a number of complex, high-value contracts and tenders, including agreements with Stockholm Metro and some of Norway’s largest energy producers, as well as across a broad range of enterprise clients on both the customer and supplier side. A key part of his work has also been supporting the business in developing new service offerings within property infrastructure, where Legal & Compliance’s early involvement helped shape compliant, scalable services that have since attracted some of Intility’s largest clients.

A significant focus of his current work is helping customers understand their obligations under NIS2 and DORA, and how Intility’s services can support them in meeting those requirements. Internally, the team is equally focused on Intility’s own compliance posture — including the legal and security considerations surrounding the use of AI, and the emerging EU regulatory frameworks governing AI and data, such as the AI Act and the Data Act.

The intersection of privacy, cybersecurity and technology — particularly as new regulations continue to emerge — has always been of great interest to him. While regulatory frameworks are designed to protect both businesses and individuals, it is equally critical to avoid overregulation. When compliance requirements become excessive, organisations risk shifting focus toward checking boxes rather than taking actions that genuinely strengthen privacy and security. This concern is especially pressing today: as AI lowers the barrier for sophisticated cyberattacks, organisations that treat compliance as a formality rather than a foundation will find themselves increasingly exposed. Striking the right balance is therefore essential — protecting people and businesses effectively, while ensuring that the focus remains on building real resilience rather than the appearance of it.