The Federal Council adopted the national strategy for the protection of Switzerland against cyber risks (NCS) on 27 June 2012 and its implementation plan (IP NCS) on 15 May 2013.
The strategy sets out 16 objecties for its implementation:
Obj. 1 - Identify cyber risks by means of research.
Obj. 2 - Risk and vulnerability analysis.
Obj. 3 - Vulnerability analysis of the ICT infrastructures of the Federal Administration by means of an investigation plan.
Obj. 4 - Establish a picture of the situation and its development.
Obj. 5 - Incident analysis and follow-up.
Obj. 6 - Concept for an offences overview and coordination of inter-cantonal clusters of cases.
Obj. 7 - Overview of the competence-building offering.
Obj. 8 - Increased use of competence-building offerings and closing of gaps in the offerings.
Obj. 9 - Internet governance.
Obj. 10 - International cooperation in cyber security.
Obj. 11 - International initiatives and standardisation processes in the area of security.
Obj. 12 - Continuity management.
Obj. 13 - Crisis management.
Obj. 14 - Active measures and identification of the perpetrator.
Obj. 15 - Plan for management procedures and processes with cyber-specific aspects.
Obj. 16 - Action required in terms of legal foundations.
The measures are being addressed under 4 different lines of action:
- Prevention (M2, M3, M4)
- Response (M5, M6, M14)
- Continuity (M12, M13, M15)
Support processes (M1, M7, M8, M9, M10, M11, M16)
NATIONAL CYBERSECURITY STRATEGY - NIS Capacities
|Year of adoption||The Federal Council adopted the national strategy for the protection of Switzerland against cyber risks (NCS) on 27 June 2012 and its implementation plan (IP NCS) on 15 May 2013.|
|Updates and revisions||At the moment Switzerland is working on the implementation of the 16 measures mentioned in the strategy. A few measures are already implemented. However Switzerland is still working on the bigger part of the strategy and all measures have to be implemented by the end of 2017, at the latest.|
|Implementation and monitoring||
The Federal Council is the officially recognized institution responsible for implementing a national cybersecurity strategy, policy and roadmap. To coordinate the implementation work, the Federal Council appointed the coordination unit (CU NCS), which is part of the Reporting and Analysis Centre for Information Assurance (MELANI) within the Federal IT Steering Unit (FITSU). Moreover, the Federal Council instructed an NCS steering committee (NCS SC) to support implementation with strategic controlling.
|Operational capacity building||
GovCERT.ch (English: https://www.govcert.admin.ch/) is the Computer Emergency Response Team (GovCERT) of the Swiss government and the offical national CERT of Switzerland. GovCERT.ch's parent organisations is the Reporting and Analysis Centre for Information Assurance (MELANI) which belongs to the Federal IT Steering Unit (FITSU) of the Federal Department of Finance (FDF).
Its constituency is the network of the Swiss Federal Administration (Government) as well as the private and public sectors in Switzerland. GovCERT.ch supports the critical IT infrastructure in Switzerland in dealing with cyberthreats by providing services such as technical analyses and information about targeted (but not limited to) attacks against the national critical IT infrastructure. Additionally, GovCERT.ch is authorised to handle all types of computer security incidents related to Switzerland, representing the national CERT of Switzerland.
It has been a member of the Forum of Incident Response and Security Teams (FIRST) since 2010. In addition, GovCERT.ch is member of the group of European Government CERTs (EGC).
SWITCH-CERT (English: www.switch.ch/), the Computer Emergency Response Team operated by SWITCH, currently protects members of the Swiss academic community, holders of .ch and .li domains, Swiss banks and, by default, the entire Swiss Internet community.
Businesses and Public Private Partnerships
MELANI provides officially recognised national or sector-specific programmes for sharing cybersecurity assets within the public and private sector.
|Overall assessment/best practices||
SWTICH-CERT provides an Info Desk with a wide range of information services, insights and practical guidance on cybersecurity, including basic IT security measures but no glossary of key terms.
The national cybersecurity strategy will provide various types of educational and professional training programs for raising awareness with the general public, promoting cybersecurity courses in higher education and promoting certification of professionals in either the public or the private sectors, when it is fully implemented (by the end of 2017).
|Date of last WISER analysis||
Compliance with the GDPR and NIS Directive: Report a cyber incident
|Report a cyber incident to national CERT/CSIRT||
|Guidance and Updates||
SWITCH-CERT (English: www.switch.ch/) operates an Info Desk providing updates and guidance on a range of related cybersecurity matters spanning bi-montht security reports available in English and German (https://www.switch.ch/security/info/security-reports/); papers and presentations (https://www.switch.ch/security/info/papers/), currently available in German where the aim is to make Internet users and companies more aware of the latest IT security threats, including participation at internationa trade fairs and exhibitions on cybersecurity. A security Blog (https://www.switch.ch/security/info/social-media/) with insights on threats and technical apsects, including Twitter streams (English). Awareness videos (English; https://www.switch.ch/security/info/awareness/) offering guidance on basic security measures.
In May 2017, the results of a KPMG survey on Swiss businesses revealed a year-on-year increase of 34% on cyber attacks affecting companies in the country. However the survey also revealed that businesses are getting better at dealing with the threat of cyber attacks: 81% of those surveyed indicated that they have gained a greater awareness of the risks over the last twelve months, 52% have developed a better understanding of the attackers’ motivation, strategy and modus operandi, while 44% said that prediction capabilities have improved.
|Languages||English; German (mostly for Internet users and companies for awareness-raising)|
|Date of last WISER analysis||August 2017|