National Cyber Security Centre Annual Report 2024 – Review of first year as a federal office

28.03.2025 - The National Cyber Security Centre (NCSC) draws a positive balance from its first year as an independent federal office. In its annual report published today, the NCSC provides an overview of the most important developments, successes and challenges in boosting cybersecurity in Switzerland in 2024.

The NCSC’s upgrade to an independent federal office enabled it to further expand and optimise its services. By focusing on work processes, the NCSC was able to strengthen cybersecurity in Switzerland despite limited resources and respond to the increasing demands of businesses, society and policymakers. The NCSC was so able to create a solid basis to fulfil its legal mandate and further expand its services.

One of the NCSC’s core concerns was to support organisations and the public in dealing with cyberincidents. In addition to analysing cyberthreats and responding to incidents, the NCSC's other key activities include prevention and support for critical infrastructure, businesses and the public. One example is the support provided at major events such as the WEF Annual Meeting and the Summit on Peace in Ukraine, where the NCSC ran a cyber situation room with partners from the private sector and public authorities.
The Cyber Security Hub, a platform for sharing and managing information on cyberthreats, cyberincidents, vulnerabilities and cybersecurity practices, and the bug bounty programme were continuously developed and expanded in 2024. The bug bounty programme has now established itself as an indispensable component for improving security in the Federal Administration. In 2024, the NCSC received a total of 371 vulnerability reports, 239 of which were classified as valid following technical analysis. Last year the NCSC paid out a total of CHF 250,000 in bounties to ethical hackers.

The NCSC’s strategic focus was further sharpened: cybersecurity in Switzerland is being continuously strengthened in close cooperation with all relevant stakeholders. The NCSC pursues four key objectives: To increase understanding of cyberthreats, provide prevention tools, reduce damage and ensure the security of digital products.
The NCSC continues to face major challenges in 2025 as geopolitical uncertainties and a growing threat situation require the targeted use of available resources and a clear prioritisation of tasks. It will continue to work closely with international partners and maintain a reliable security infrastructure.