• Keine Ergebnisse gefunden

Federal Council considers introduction of cyber incident reporting duty

N/A
N/A
Info
Herunterladen
Protected

Academic year: 2022

Aktie "Federal Council considers introduction of cyber incident reporting duty"

Copied!
1
0
0

Wird geladen.... (Jetzt Volltext ansehen)

Jetzt herunterladen ( 1 Seite )

Volltext

(1)

TECH, DATA, TELECOMS & MEDIA - SWITZERLAND

Federal Council considers introduction of cyber incident reporting duty

20 December 2019 | Contributed by Walder Wyss

While many countries have introduced far-reaching obligations to report cyber incidents, Switzerland has not yet followed this lead. However, on 13 December 2019 the Federal Council adopted a report which considers key issues with regard to the introduction of a general reporting obligation for operators of critical infrastructure. The report also discusses possible implementation models. A decision is expected by the end of 2020. The press release is available in English, German, French and Italian.

Contrary to international trends, Switzerland has not yet adopted a general obligation to report cyber incidents. The current system is based on voluntary notification and information exchange via the Reporting and Analysis Centre for Information Assurance and, depending on the sector of activity (eg, nuclear, financial or telecoms services), mandatory notification to the supervisory authority. The introduction of a general obligation to report cyber incidents has been one of the objectives of Switzerland's National Strategy to Protect Switzerland Against Cyber Risks (NCS) (for further details please see "Federal Council to create new cybersecurity competence centre").

Based on the newly adopted report, the Federal Council will examine the following four implementation models:

Introduction of a single reporting office. This solution would allow for the central collection of information, enabling a comprehensive and coordinated response to cybersecurity threats across industry sectors.

Extension and strengthening of existing reporting offices. This model could rely on and extend experienced and reliable structures as well as the expertise of existing regulators.

Decentralised reporting offices complemented by central reporting office. This mixed system would combine the first two models to make use of existing regulators' expertise while allowing a cross-sectoral and coordinated response to threats.

Maintaining the current regulatory situation.

Further issues to be clarified include who will be subject to the reporting obligations and the types of incident to be reported. The obligations will most probably apply to companies operating critical infrastructures, which may comprise sectors such as energy supply, telecoms, finance and insurance. In addition, it will have to be determined which events will be considered as relevant security incidents triggering a reporting duty. Finally, it remains unclear how this general reporting obligation would be coordinated with the new notification duties under the revised Swiss Data Protection Act.

In view of the rapid development of cyber risks, the Federal Council's upcoming decision could have a considerable impact on the compliance obligations of companies in certain industry sectors. It will therefore be necessary to monitor developments in this area.

For further information on this topic please contact Jürg Schneider, Christophe Gösken or Florian Roth at Walder Wyss by telephone (+41 58 658 58 58) or email

(juerg.schneider@walderwyss.com, christophe.goesken@walderwyss.com or florian.roth@walderwyss.com). The Walder Wyss website can be accessed at www.walderwyss.com.

The materials contained on this website are for general information purposes only and are subject to the disclaimer.

AUTHORS Jürg Schneider

Christophe Gösken

Florian Roth

Referenzen

Jetzt herunterladen ( PDF - 1 Seite - 59.58 KB )

ÄHNLICHE DOKUMENTE

Objecthood and the problem of form : a critical introduction

metaphysical difference between the stage actor’s space and the viewer’s space - the premise of traditional aesthetic experience as an illusionary subject-object- relationship,

Swiss Federal Council Sets Forth Key Elements of a Swiss Investment Control Regime: 155

Swiss Federal Council Sets Forth Key Elements of a Swiss Investment Control Regime: Following the decision of the Swiss Parliament dated 3 March 2020, in which it tasked the

Federal Council in favour of requiring critical infrastructures to report cyberattacks

In congruence with the national strategy for the protection of Switzerland against cyber risks (NCS), which aims, among other things, to expand the capabilities for

Federal Council to request Parliament to abolish withholding tax on bonds

However, in light of the consultation process, the Federal Council has decided to discontinue its backup withholding tax system in relation to interest on bonds and other

HOD ACTION: Council on Medical Education Report 6 adopted as amended, and the remainder of the report filed.

prevention of burnout among residents, fellows, and medical students. Our AMA will encourage further studies and disseminate the results of studies on physician and medical

Correction to: An evaluation of the federal adverse events reporting system data on adverse effects of 5‑alpha reductase inhibitors

After isolating cases of monotherapy, an increase in fre- quency of case reports for finasteride was seen following the FDA mandated label change. The Conclusion should read

a publication of the National Intelligence Council

a For more on the role of women as agents of change in the economic and political spheres, see previous Global Trends works—Global Trends 2020: Mapping the Global Future, pp

The Unsustainable Use of Sand: Reporting on a Global Problem

Unfortunately, the extensive use of sand and the increase in mining activities have negative environmental impacts on both the local and global levels [10], and urgent measures