13.04.2023 - The new national cyberstrategy (NCS) was approved by the Federal Council during its meeting on 5 April 2023 and by the cantons during today's plenary session of the CCJPD. The strategy sets out the objectives and measures with which the federal government and the cantons, together with the business community and universities, intend to counter cyberthreats. A steering committee will be established to plan and coordinate the implementation of the strategy, and will also refine it. Its role is to be expanded and its independence increased.
Cybersecurity is becoming increasingly important in everyday life and affects each and every one of us. In order to boost Switzerland's resilience and effectively counter cyberthreats, cooperation between the federal government, the business community, the cantons and universities is key. The new cyberstrategy approved by the Federal Council and the cantons, which replaces the previous strategy, establishes the framework for this and defines common objectives and measures. Switzerland has already successfully implemented many measures since the first strategy to protect against cyber-risks was launched around a decade ago. For example, the federal government has continuously expanded the competent organisations and created viable structures.
A broad-based cyberstrategy
The new cyberstrategy builds on the work of the first two strategies, adding content and precision where necessary. Overall, the strategy defines 17 measures, each of which contributes to the five strategic objectives of "empowerment", "secure digital services and infrastructures", "effective detection, prevention, management and defence against cyberincidents", "effective prosecution of cybercrime" and "leading role in international cooperation".
The strategy was prepared with the involvement of over a hundred experts from the cantons, the business community, universities, society and the federal government. It is no longer limited in time, but it will be updated if the environment or the political framework changes. In addition, the National Cybersecurity Centre (NCSC) will continue to perform a fundamental review every five years, to ascertain whether the strategy sets out the right objectives and measures, or whether adjustments are necessary.
A steering committee to oversee implementation
As with the previous strategies for the protection of Switzerland against cyber-risks, a steering committee will oversee the implementation of the new cyberstrategy and draw up an implementation plan for the measures in consultation with the key players. The effectiveness assessment of the previous strategy indicated that strategic steering by the committee needs to be enhanced. As a result, its role will be expanded and its independence increased. The steering committee is made up of experts from the various areas of cybersecurity and aims to bring together the concerns of the cantons, the business community, society, universities and the federal government. To enable it to perform its tasks independently, it will be chaired by someone from outside the federal government. The Federal Department of Defence, Civil Protection and Sport (DDPS) will submit a proposal to the Federal Council by autumn 2023 for the composition of the steering committee and its leadership. The NCSC will take over the NCS office in order to ensure close cooperation with the administrative units. The implementation work will be financed by the competent players.