Areas of action

The NCSC strategy covers ten areas of action:

Skills and knowledge building

Switzerland, as a centre for education and research, should give appropriate weight to the area of cyber-risks and provide society, the business community and the authorities with the necessary skills and research findings.


Current status/information:

Swiss higher education institutions offer various cybersecurity-related qualifications at all levels. You can find information on these courses on the institutions' own websites.

armasuisse's Cyber-Defence Campus forms the connection between the DDPS, industry and the scientific community in cyberdefence research, development and training.

Reports/studies on cybersecurity training in Switzerland:

Expert report on the main research topics in the area of cyber-risks.

List of Swiss training courses on cyberissues

As part of the NCS implementation, the Swiss Security Network (SSN), together with armasuisse's Cyber-Defence Campus and the Military Academy (MILAC) at ETH Zurich, has drawn up a list of the best training courses on cyberissues.

For updates and additions to the list of Swiss training courses on cyberissues, please contact

Cybersecurity technologies

The report describes the efforts to identify, analyse and forecast trends related to cybersecurity technologies. Therefore, the insights therein allow for more informed decision-making in technology investment, technology assessment, as well as technology roadmapping.

Threat situation

Switzerland remains dependent on having a holistic picture of the cybersituation to protect the country against cyber-risks. In view of the intensified threat situation, existing capabilities must be expanded, and the exchange of information with the business community and the cantons must be further strengthened.


Current status/information:

Resilience management

Measures to improve ICT resilience in critical sub-sectors and administrations are to be implemented and further developed on the basis of periodically updated risk and vulnerability assessments.



ICT standardisation and regulation are important tools for protecting against cyber-risks. Minimum requirements for protective measures strengthen prevention, and specifications for dealing with incidents (e.g. reporting obligations) help to ensure an improved response. Standardisation and regulation are important in the international environment too, as they create more transparency and trust in the globalised digital society.


Incident management

Since there is no such thing as complete protection against cyberincidents and an increasing number of targeted attacks is to be expected, the establishment and operation of an organisation to deal with incidents (incident management) is one of the core tasks in dealing with cyber-risks. Incident management involves detecting cyber-risks as early as possible, identifying and implementing countermeasures, and analysing the incidents to allow conclusions to be drawn on how to improve prevention.


Crisis management

Cyberincidents can have serious consequences and escalate to the point where crisis management becomes necessary at national level. An up-to-date, uniform and comprehensive picture of the situation is crucial for handling crises, as are the definition of efficient decision-making processes and a communication strategy.


Law enforcement

The digital infrastructure available via the internet opens up new possibilities for prospective criminals with enormous potential for damage to society and the economy. There are hardly any time or geographical restrictions on criminal offences anymore. Cybercrime transcends national borders in a highly dynamic process with short innovation cycles. The higher the degree of digital networking, the greater the risk that incidents originating in cyberspace will have a damaging impact in the real world.


Current status/information:

Information on the Network for Investigative Support in the Fight against Cybercrime (NEDIK) of the CCJPD and CCPCS.



Large-scale or highly targeted cyberattacks on Switzerland's critical infrastructures can endanger the security of the population and the economy. In addition to a broad range of measures to increase protection against cyber-risks, capabilities and resources are needed in all situations to prevent attacks and identify the players responsible. In the event of attacks that endanger the functioning of critical infrastructures, it must be possible to take active countermeasures when needed in order to ensure their operation.


Active positioning of Switzerland in international cybersecurity policy

Switzerland's foreign and security policy interests must also be safeguarded in cyberspace. Switzerland therefore works at both the diplomatic and technical/operational levels to strengthen international cooperation to minimise cyber-risks.


Public impact and awareness-raising

The rapid development of and increase in cyber-risks are creating uncertainty among the population and business community. It is hard for individuals and companies to assess the cyber-risks to which they are exposed, and what protective measures are appropriate. In addition to the difficulty of being able to assess their own cyber-risks, it is often unclear what support they can expect from the state. The NCS's broad portfolio and decentralised implementation mean that it is hard to understand what measures are taken by the state to improve Switzerland's protection against cyber-risks. Active communication about the measures taken and the progress made is therefore one of the tasks of strategy implementation.


Further Information:


Last modification 26.04.2022

Top of page