You are here


Survey Answer:

For the time being, there are no generally applicable laws or administrative measures specif-ically dedicated to regulating IT-Security. Instead, the relevant provisions are spread over a number of different laws and administrative instruments (cf. below Questions 1.2 - 3). This being said, cyber incidents of any type may be reported voluntarily (by anyone) to the Re-porting and Analysis Centre for Information Assurance (MELANI). The introduction of obliga-tions relating to IT-Security such as notification duties following a cyber incident are current-ly being discussed on the political level within the National Strategy for Switzerland's protec-tion against cyber risks (NCS). In addition, the establishment of a federal cyber competence center is currently being prepared.

Provided By:
Roland Mathys, Schellenberg Wittmer and Clara-Ann Gordon, Niederer Kraft Frey