Swiss Government Wants to Implement Mandatory Duty to Report Cyber-Attacks


The Swiss government has asked Parliament to amend the Information Security Act to make it mandatory for critical infrastructure providers to report cyber-attacks to the National Cyber Security Centre (NCSC).

The move would be aimed at shedding light on hackers and sounding the alarm more widely on cyber-threats in the country.

“Successful cyber-attacks can have far-reaching consequences for the availability and security of the Swiss economy,” reads a press release published last Friday.

The move comes months after a ransomware attack disrupted Swissport flights in February. In the same month, Swiss stock exchange operator SIX witnessed a surge in hacking attempts around the start of Russia’s invasion of Ukraine.

“The general public, authorities and companies are exposed to the risk of cyber-attacks on a daily basis. There is currently no overall picture of what attacks have taken place because reporting to the NCSC is voluntary,” the Swiss government wrote.

Commenting on the news, Matt Marsden, VP of technical account management at Tanium, said that “visibility is power” when protecting against advanced, sophisticated threats.

“Information-sharing partnerships among the public and private sector to disseminate threat intel has been happening for a while now,” Marsden told Infosecurity.

“This new [Swiss] policy formalizes the concept by mandating full disclosure of attacks against critical infrastructure that can serve as a baseline for detailed analysis to guard against future incidents.”

At the same time, the executive said he believes the success of this initiative will reside in the capacity of the government to collect, analyze and share meaningful real-time data.

 “Adhering to these standards will require careful planning to ensure that organizations have the resources in place from a staffing and technology standpoint to keep pace with the voluminous data that will need to be harnessed,” Marsden added. “There needs to be a sense of urgency to spur the funding necessary to be successful.”

The Tanium VP concluded by saying the move echoes the US’ choices, with the Department of Homeland Security taking the lead to collect, analyze and share threat data with key audiences.



Source link