Switzerland (CH)

The Federal Council adopted the national strategy for the protection of Switzerland against cyber risks (NCS) on 27 June 2012 and its implementation plan (IP NCS) on 15 May 2013. 

The strategy sets out 16 objecties for its implementation:

Obj. 1 - Identify cyber risks by means of research.
Obj. 2 - Risk and vulnerability analysis.
Obj. 3 - Vulnerability analysis of the ICT infrastructures of the Federal Administration by means of an investigation plan.
Obj. 4 - Establish a picture of the situation and its development.
Obj. 5 - Incident analysis and follow-up.
Obj. 6 - Concept for an offences overview and coordination of inter-cantonal clusters of cases.
Obj. 7 - Overview of the competence-building offering.
Obj. 8 - Increased use of competence-building offerings and closing of gaps in the offerings.
Obj. 9 - Internet governance.
Obj. 10 - International cooperation in cyber security.
Obj. 11 - International initiatives and standardisation processes in the area of security.
Obj. 12 - Continuity management.
Obj. 13 - Crisis management.
Obj. 14 - Active measures and identification of the perpetrator.
Obj. 15 - Plan for management procedures and processes with cyber-specific aspects.
Obj. 16 - Action required in terms of legal foundations.

The measures are being addressed under 4 different lines of action: 

  • Prevention (M2, M3, M4)
  • Response (M5, M6, M14)
  • Continuity (M12, M13, M15)
  • Support processes (M1, M7, M8, M9, M10, M11, M16) 
     

NATIONAL CYBERSECURITY STRATEGY - NIS Capacities

Year of adoption The Federal Council adopted the national strategy for the protection of Switzerland against cyber risks (NCS) on 27 June 2012 and its implementation plan (IP NCS) on 15 May 2013.  
Updates and revisions At the moment Switzerland is working on the implementation of the 16 measures mentioned in the strategy. A few measures are already implemented. However Switzerland is still working on the bigger part of the strategy and all measures have to be implemented by the end of 2017, at the latest. 
Implementation and monitoring

The Federal Council is the officially recognized institution responsible for implementing a national cybersecurity strategy, policy and roadmap. To coordinate the implementation work, the Federal Council appointed the coordination unit (CU NCS), which is part of the Reporting and Analysis Centre for Information Assurance (MELANI) within the Federal IT Steering Unit (FITSU). Moreover, the Federal Council instructed an NCS steering committee (NCS SC) to support implementation with strategic controlling. 

Operational capacity building 

GovCERT.ch (English: https://www.govcert.admin.ch/) is the Computer Emergency Response Team (GovCERT) of the Swiss government and the offical national CERT of Switzerland. GovCERT.ch's parent organisations is the Reporting and Analysis Centre for Information Assurance (MELANI) which belongs to the Federal IT Steering Unit (FITSU) of the Federal Department of Finance (FDF).

Its constituency is the network of the Swiss Federal Administration (Government) as well as the private and public sectors in Switzerland. GovCERT.ch supports the critical IT infrastructure in Switzerland in dealing with cyberthreats by providing services such as technical analyses and information about targeted (but not limited to) attacks against the national critical IT infrastructure. Additionally, GovCERT.ch is authorised to handle all types of computer security incidents related to Switzerland, representing the national CERT of Switzerland.

It has been a member of the Forum of Incident Response and Security Teams (FIRST) since 2010. In addition, GovCERT.ch is member of the group of European Government CERTs (EGC).

SWITCH-CERT (English: www.switch.ch/), the Computer Emergency Response Team operated by SWITCH, currently protects members of the Swiss academic community, holders of .ch and .li domains, Swiss banks and, by default, the entire Swiss Internet community.

Businesses and Public Private Partnerships

MELANI provides officially recognised national or sector-specific programmes for sharing cybersecurity assets within the public and private sector. 

The Geneva Centre for Security Policy (GCSP; http://www.gcsp.ch/Topics-Initiatives/Emerging-Security-Challenges-Progr...):

  • The cyber security cluster within the Emerging Security Challenges Programme tackles cyber issues through executive education and training, applied policy analysis and dialogue.
  • The cyber cluster serves as a hub that convenes cyber experts from across the public, private and civil society to examine current and future cyber challenges.
  • The cyber cluster offers executive education covering areas such as cyber security strategy formulation and cyber diplomacy.
  • Outreach activities include the co-organisation of track 1.5 dialogues, expert workshops tackling specific cyber issues (for example, the implementation of confidence-building measures), and capacity building activities such as the cyber 9/12 student challenge organised in collaboration with the Atlantic Council. 
  • The cluster contributes to internal and external policy papers on cyber security issues. Examples of topics examined include computer network defence, cyber security strategy formulation, and future challenges in cyberspace.
Overall assessment/best practices

SWTICH-CERT provides an Info Desk with a wide range of information services, insights and practical guidance on cybersecurity, including basic IT security measures but no glossary of key terms.

The national cybersecurity strategy will provide various types of educational and professional training programs for raising awareness with the general public, promoting cybersecurity courses in higher education and promoting certification of professionals in either the public or the private sectors, when it is fully implemented (by the end of 2017). 

Date of last WISER analysis

August 2017

 

Compliance with the GDPR and NIS Directive: Report a cyber incident

Report a cyber incident to national CERT/CSIRT

GovCERT.ch (English: https://www.govcert.admin.ch/)

SWITCH-CERT (English: www.switch.ch/)

Guidance and Updates

SWITCH-CERT (English: www.switch.ch/) operates an Info Desk providing updates and guidance on a range of related cybersecurity matters spanning bi-montht security reports available in English and German (https://www.switch.ch/security/info/security-reports/); papers and presentations (https://www.switch.ch/security/info/papers/), currently available in German where the aim is to make Internet users and companies more aware of the latest IT security threats, including participation at internationa trade fairs and exhibitions on cybersecurity. A security Blog (https://www.switch.ch/security/info/social-media/) with insights on threats and technical apsects, including Twitter streams (English). Awareness videos (English; https://www.switch.ch/security/info/awareness/) offering guidance on basic security measures.

In May 2017, the results of a KPMG survey on Swiss businesses revealed a year-on-year increase of 34% on cyber attacks affecting companies in the country. However the survey also revealed that businesses are getting better at dealing with the threat of cyber attacks: 81% of those surveyed indicated that they have gained a greater awareness of the risks over the last twelve months, 52% have developed a better understanding of the attackers’ motivation, strategy and modus operandi, while 44% said that prediction capabilities have improved.

Languages English; German (mostly for Internet users and companies for awareness-raising)
Date of last WISER analysis August 2017

 

Contact us for more info