Objective: Effective cyberattack detection, prevention, management and defence

Switzerland has the necessary capacities and organisational structures in all situations to identify cyberthreats and cyberincidents quickly and minimise the damage they cause. Incidents can be dealt with even if they persist over an extended period and affect different areas simultaneously.

Effective cyberattack detection, prevention, management and defence are key factors in cybersecurity. In order to determine suitable protective measures, it must be clear which threats they are intended to counter. If an incident does occur, suitable tools, data and processes are needed to deal with it. The next step is to identify the perpetrators of the attack as precisely as possible (attribution). This in turn makes it easier to assess the threat situation more accurately and to prevent future attacks. Crisis management becomes necessary if cyberincidents affect the functionality of critical infrastructures or Switzerland's security. For crisis management to work, it must be practised regularly.

Finally, measures to protect one's own systems are not the only options for defending against cyberattacks. It is important that technical data about attackers, their infrastructure and their modi operandi are collected and made available to potential victims. Active measures to detect threats, to identify attackers and to disrupt and prevent attacks are also possible.

Measures

Last modification 09.04.2023

Top of page

https://www.ncsc.admin.ch/content/ncsc/en/home/strategie/ziele-massnahmen/ncs-ziel-erkennung-cyberangriffe.html