Switzerland Last Updated: September 2021

CYBERSECURITY POLICY

Strategy Documents

National Strategy for the Protection of Switzerland Against Cyber Risks (NCS) 2018-2022
Federal IT Steering Unit

Builds on the 2012-2017 NCS;

Identifies sources of damage in cyberspace or the physical environment: targeted and intentional cyber attacks, unintentional actions or natural
and technological events caused by human error in the provision and use of ICT, or by technical failures;
Four objectives to be achieved:
Building capacities, capabilities and knowledge;
Building processes, structures and foundations;
Focus on the protection of critical infrastructures;
Strengthening cooperation with third parties;
Identifies 29 measures in the following specific spheres of action: building competencies and knowledge; threat situation; resilience management;
standardisation/regulation; incident management; crisis management; prosecution; cyber defence; active positioning of Switzerland in
international cyber security policy; public impact and awareness raising.

Source Source 2
18 April 2018 (adopted by the Federal Council on)

Switzerland's Security 2018

Federal Department of Defence, Civil Protection and Sport

Situation report taking stock on Switzerland's security by the Federal Intelligence Service (FIS);
Asserts the need for Switzerland's security policy to remain focused on the following threats in cyberspace: espionage, economic influence by
attacks in cyberspace, offensive cyber campaigns against organizations;
Takes stock on the situation related to illegal intelligence in Switzerland, supplemented by cyber espionage tools: outlines potential sources of
cyber espionage, identifies the Internet of Things as an opportunity potentially to be exploited by attackers.

Source
February 2018

Report of the Federal Council on the Security Policy of Switzerland 2016

Federal Department of Defence, Civil Protection and Sport

Basis for Swiss Security Policy

Source
24 August 2016

Foreign Policy Strategy 2020–23

Swiss Federal Council

The foreign policy strategy thematic pocus areas for 2020-2023 are peace and security, prosperity, sustainability and digitalisation.

Source
2020

Switzerland's 2028 Foreign Policy Vision (AVIS28)

Federal Department of Foreign Affairs

AVIS28 sets out a vision in six points that provide a frame for defining future foreign policy.

Source
 Switzerland Last Updated: September 2021

2 July 2019

Switzerland's Security 2019 - Situation Report of the Federal Intelligence Service

Federal Department of Defence Civil Protection and Sport DDPS

The Federal Intelligence Service situation radar tool is one of the instruments giving direction to Switzerland’s security policy and providing Switzerland’s
inhabitants with an outline of the key issues from an intelligence viewpoint.

Source
2019

Implementation Frameworks

Minimum ICT Standard

Federal Office for National Economic Supply

Recommendation and potential guide to improving ICT resilience, aimed in particular at operators of critical infrastructures

Source
27 August 2018

NCS Implementation Plan 2018-2022

The Federal Council

The NCS implementation plan defines concrete implementation projects for all 29 NCS measures and sets out the responsibilities, the
performance targets to be achieved and the milestone schedule for these projects.

Source Source 2
15 May 2019

STRUCTURE

Key Positions

Special Envoy for Cyber Foreign and Security Policy, Federal Department of Foreign Affairs

Federal Cyber Security Delegate, National Cyber Security Centre, Federal Department of Finance

Source

Dedicated Agencies and Departments

Reporting and Analysis Centre for Information Assurance (MELANI)

Federal IT Steering Unit
Commissioned by the Federal Council to protect critical infrastructure through early detection and resolution of problems in the information and
communication infrastructure.
Source
1 October 2004
 Switzerland Last Updated: September 2021

Federal Intelligence Service

Federal Department of Defence, Civil Protection and Sport

Concerned with early perception and prevention of cyberattacks against critical infrastructure.

Source

International Security Section, Division for Security Policy, Directorate of Political Affairs
Federal Department of Foreign Affairs FDFA
Makes contributions to international efforts to address new security policy challenges such as cyber security.
Source

Office of the Special Envoy for Cyber Foreign and Security Policy
Federal Department of Foreign Affairs
Source

National Cyber Security Centre (NCSC)

Federal Department of Finance
Source

National CERT or CSIRT

GovCERT.ch
Reporting and Analysis Centre for Information Assurance (MELANI)

National CERT of the Swiss Government;

Supports the critical IT infrastructure in dealing with cyberthreats by providing services such as technical analyses and information about targeted
(but not limited to) attacks against the national critical IT infrastructure.

Source

LEGAL FRAMEWORK

Legislation

Criminal Code
Federal Assembly

Article 143: Unauthorised obtaining of data;

Article 143 bis: Unauthorised access to a data processing system;
Article 144 bis: Damage to data;
Article 147: Computer fraud;
Article 150 bis: Production and marketing of equipment for the unauthorised decoding of encoded services.

Source Source 2
21 December 1937 (adopted); 1 March 2018 (amended)

Intelligence Service Act

Federal Intelligence Service
 Switzerland Last Updated: September 2021

Voted in favour by the Swiss electorate on 25 September 2016;

Reformulates the Federal Intelligence Service's responsibilities and allows for the protection of national interests of strategic importance, such as
critical infrastructures.

Source Source 2
1 September 2017 (entry into force)

Federal Ordinance on Information Technology and Telecommunications in the Federal Administration (Federal ITO Ordinance)
Federal IT Steering Unit

Tasks the Federal Council (Federal IT Steering Unit) with implementing ICTs within the Federal Administration;
Provides a framework for the Federal Administration to strengthen strategic controlling and centrally managing the ICT standard services for the
entire Federal Administration.

Source Source 2
9 December 2011

Federal Act on Data Protection

Federal Assembly

Federal Act 235.1

Source Source 2
10 June 1992 (adopted); 1 January 2014 (amended)

Federal Act on International Mutual Assistance in Criminal Matters (Mutual Assistance Act, IMAC); Article 18 b: Electronic
communications traffic data

The federal or cantonal authority dealing with a request for mutual assistance may order the transmission of electronic communications traffic data to
another State before conclusion of the mutual assistance proceedings if:

a. provisional measures indicate that the communication that is the subject of the request originated abroad; or

b. the data was acquired by the executing authority based on an order for authorised real-time surveillance (Art. 269–281 CrimPC).

The data may not be used in evidence before the ruling on granting and the extent of mutual assistance is legally binding.

Notice of the ruling under paragraph 1 and any order or authorisation for surveillance must be given to the Federal Office immediately.

Source
in force since 1 January 2012

Views on International Law

Switzerland's Position Paper on the Application of International Law in Cyberspace

Confédération Suisse, Federal Department of Foreign Affairs (FDFA), Directorate of International Law (DIL)

Part I of the position paper addresses questions concerning international law in general including human rights; Part II places particular emphasis
on questions relating to international humanitarian law (IHL);
Switzerland considers international law to be applicable to cyberspace.

Source
May 2021

COOPERATION
 Switzerland Last Updated: September 2021

Multilateral Agreements

Budapest Convention
PARTY
Source
1 January 2012 (entry into force)

UN Processes

Represented at the Group of Governmental Experts on Developments in the Field of Information and Telecommunications in the Context
of International Security

Source Source 2
2016/2017, 2019/2021

Expressed views to the Annual Report of the UN Secretary-General on Developments in the Field of Information and Telecommunications
in the Context of International Security

Source
2014, 2016

Chaired the Open-Ended Working Group on Developments in the Field of Information and Telecommunications in the Context of
International Security

Source
2019/2020

Expressed Views at the Open-Ended Working Group on Developments in the Field of Information and Telecommunications in the Context
of International Security

Source Source 2
2019/2020

Bilateral and Multilateral Cooperation

Cooperation, Liechtenstein-Switzerland
Cooperation in cyberdefense.
Source
24 October 2017

Global Forum on Cyber Expertise, Member

A global platform for countries, international organizations and private companies to exchange best practices and expertise on cyber capacity building
Source
2015 (established)

Freedom Online Coalition

A partnership of 31 governments, working to advance Internet freedom. Coalition members work closely together to coordinate their diplomatic efforts and
engage with civil society and the private sector to support Internet freedom – free expression, association, assembly, and privacy online – worldwide.
 Switzerland Last Updated: September 2021

Source

Membership

International Telecommunications
Union (ITU)

Organization for Security and Co-

operation in Europe (OSCE)

United Nations (UN)