Cybersecurity in Switzerland: Still a lot of room for improvement

Crime is in and of itself something banal and takes place at all times and almost everywhere - wherever there is opportunity. This is how Serdar Günal-Rütsche, head of cybercrime at the Zurich Cantonal Police, outlines the situation, thereby revising the notion that criminals must be exclusively "tough guys". After all, opportunities for crime abound in Swiss cyberspace: According to an analysis by Dreamlab Technologies, a large proportion of all IP addresses in Switzerland are easy or relatively easy to attack. The analysis even identified several thousand cases where the system software is so outdated that computers are left unprotected, as it were, against the rigors of the Internet.

Cybersecurity in Switzerland becomes a top priority

However, cybersecurity in Switzerland is moving higher and higher on the agenda of political and economic players everywhere. We are now too dependent on technology to risk a total failure. And this risk certainly exists, as evidenced by recent attacks on Microsoft systems by state-sponsored actors, for example. This also means that it is no longer just "lone wolves" who are causing trouble and damage with hacks or Internet fraud. There is now a kind of "war" in cyberspace. Accordingly, security policy aspects were heavily weighted at this year's Swiss Cyber Security Days, which were held virtually on March 10 and 11. Speakers such as Army Chief Thomas Süssli or General Didier Tisseyre from the French Ministry of Defense pointed out the urgency of building up know-how in order to be able to defend against the multifaceted threats from cyberspace. The federal government and the cantons are in the process of making the federal structures more consistent in order to be able to fight cybercrime more effectively.

Innovation offensive in cyber security called for

Important stakeholders in this endeavor are also the companies - and thus also the SMEs. They are the ones who could generate know-how for cyber defense. An innovation offensive is needed, as André Kudelski, President of Innosuisse and CEO of the Kudelski Group, demands. There is currently a lack of investment by SMEs in research and development. That's why better access to venture capital is needed - combined with a change in mentality: promoting entrepreneurship with more courage to take risks and less Swiss caution. In addition, it is important to prevent innovative startups from being sold abroad too quickly.

But there are also concrete steps to report: At a time when there is a growing need for meaning and support to ensure the future viability of a business, it was also announced the creation of the digiVolution Foundation, a new strategic force to better master cyber-bio-physical convergence and digitalization.

Companies lull themselves into a false sense of security

What makes sense strategically still seems far from reality operationally in many places. A Study by gfs-zürich recently showed that many companies in Switzerland are not yet taking the issue of cyber security seriously enough. All the more so because the home office obligation has multiplied the attack surface. The reasons are manifold: Many decision-makers are overburdened or overestimate the capabilities of their own IT departments. Many see the issue as settled when technical measures such as firewalls are implemented, forgetting that organizational measures are also needed. This was the criticism of keynote speaker André Duvillard, delegate of the Confederation and the cantons for the Swiss Security Association. Nicolas Mayencourt (CEO Dreamlab Technologies) and Marc K. Peter (University of Applied Sciences Northwestern Switzerland FHNW) were in the same vein: "The digital transformation brings a massive increase in complexity and a high dependence on technology. This has just been highlighted by the Corona pandemic, which has massively accelerated the digital transformation. "2020 became a record year for cybercrime," Mayencourt said. Much still needs to change, he said: while detailed standards and regulations are in place for fire safety, for example, there is a lack of anything comparable for cybersecurity. And cybersecurity is far too little discussed in education in Switzerland. And last but not least, cybersecurity is also a question of leadership: it cannot simply be delegated, but must also become a management issue in companies.

Impressive example of the damage cyberattacks can cause

Nisa Meta from Swisswindows AG, a company with 150 employees at three locations, showed what consequences a cyber attack can have on an SME. It started in May 2019 with an email that seemed unsuspicious: It appeared to be part of a pre-existing conversation, but carried a compromised attachment. Accordingly, the recipient was sure everything seemed fine. The consequences of clicking on the attachment were ultimately fatal: it was ransomware that encrypted the company's data, coupled with a ransom demand. Swisswindows did not respond to the demand and reported the incident to the police and MELANI. The company was initially offline for 10 days, project data was lost, and for a month the company had to switch to manual work because the production control system was also down. It took two months before the machines could be started up again, and six months before the main interfaces were working again. The resulting loss of production and sales coupled with the high repair costs ultimately led to the company's insolvency. Nisa Meta derives the following recommendations from these experiences: Rely on reliable external IT partners who have the appropriate expertise for production operations, in addition to building an internal IT team for first level support, implement crisis management, ensure cost buffers and train employees in cybersecurity - so that opportunities for cybercriminals are identified before it is too late.

Meeting place for cybersecurity in Switzerland

The third edition of the Swiss Cyber Security Days brought together more than 1,800 people live online, creating countless interactions between experts, service providers and participants. The main presentations were each simultaneously translated into French, English and/or German, a digital tour de force that - with a few "bumps" - was successfully implemented. The conferences now remain accessible to the public throughout the year on the "SCSD 365" platform. The exchange and information platform is accessible free of charge and enables the cybercommunity to get in touch with each other all year round. The exhibitors' marketplace on the SCSD365 platform was used for around 1,200 contacts over the last two days and almost 4,000 messages were exchanged. The next Swiss Cyber Security Days will take place on April 6 and 7, 2022.

More information: Swiss Cyber Security Days

Tips for IT security can be found in the book "IT Security for SMEs"