• Keine Ergebnisse gefunden

Federal Council in favour of requiring critical infrastructures to report cyberattacks

N/A
N/A
Protected

Academic year: 2022

Aktie "Federal Council in favour of requiring critical infrastructures to report cyberattacks"

Copied!
1
0
0

Wird geladen.... (Jetzt Volltext ansehen)

Volltext

(1)

TECH, DATA, TELECOMS & MEDIA - SWITZERLAND

Federal Council in favour of requiring critical infrastructures to report cyberattacks

15 January 2021 | Contributed by Walder Wyss

On 11 December 2020 the Federal Council tasked the Department of Finance with drafting a bill which will introduce a cyberattack notification obligation for operators of critical infrastructure.(1)

The reporting of cyberattacks which affect critical infrastructure, such as that used in the telecoms or financial sectors or for energy supply, is not currently subject to over-arching mandatory rules. Rather, reporting happens on a voluntary basis through the National Cyber Security Centre (NCSC) or based on sectoral regulations or recommendations.

In congruence with the national strategy for the protection of Switzerland against cyber risks (NCS), which aims, among other things, to expand the capabilities for information gathering around cyberattacks, the NCSC examined the need for and relevance of implementing an obligation to report cyberattacks and how such an obligation could be framed.

Based on the NCSC's findings, the Federal Council has instructed the Department of Finance to submit a draft which creates the necessary legal provisions by the end of 2021. The draft will appoint a central reporting office and provide uniform criteria for all sectors in order to clarify:

which party is responsible for reporting which incident;

which incidents must be reported;

the timeframe for reporting; and

how this new obligation will align with existing obligations to report deficiencies and security breaches in certain sectors.

The reporting of cyberattacks will facilitate the early identification of cyberattack methods and enable the NCSC to issue faster warnings.

This step forward by the Federal Council represents a key point of implementation of the NCS and will reinforce Switzerland's security and overall awareness of cyber risks.

For further information on this topic please contact Jürg Schneider, Hugh Reeves or Ashley Robinson at Walder Wyss by telephone (+41 58 658 58 58) or email (juerg.schneider@walderwyss.com,

hugh.reeves@walderwyss.com or ashley.robinson@walderwyss.com). The Walder Wyss website can be accessed at www.walderwyss.com.

Endnotes

(1) The announcement is avalaible here in German, French and Italian.

The materials contained on this website are for general information purposes only and are subject to the disclaimer.

AUTHORS

Jürg Schneider

Hugh Reeves

Ashley Robinson

Referenzen

ÄHNLICHE DOKUMENTE

The multiple complexities explained in the study, in terms of calculating the economic impact of IoT cyber risk, lead to the conclusion that impact can only be assessed with (1)

Защитата на интересите на работниците, която е призвана да осъществява всяка синдикална организация (чл. 2 КТ), наред с другите възможни според закона начини,

Annemarie Zielstra, Director, Centre for Protection of the National Infrastructure, The Netherlands Moderated by Giles Merritt, Director of the Security & Defence

Khaled Al-Ragem, Defence Attaché, Embassy of Kuwait to Belgium Suleyman Anil, Head, Cyber Defense, Emerging Security Challenges Division, North Atlantic Treaty Organization

A change in the pattern of the mortality schedule, it was shown, should be assessed by the difference it makes to expected length of life,production, reproduction, and

Full age-specific accounting, where labor participation, consumption, fertility, mortality, and utility are dependent on age, brings an actuarial precision to the results:

Even though more than 150 states have accepted the ban on anti-personnel mines, and considerable progress has been made with respect to the imple- mentation of the Ottawa

The results suggest that compiler is best implemented in a high-level programming language, and that SCANNER and PARSER should be independent of target