Information for authorities

Current warnings
Signalez les cyberincidents à l'OFCS
How to protect your company
What to do in the case of a cyberincident?
Overview of cyberthreats and how to protect yourself from them
Events
NCSC reports

News

Reporting cyberattacks on critical infrastructure mandatory from 1 April 2025

On 7 March, the Federal Council introduced a reporting obligation for cyberattacks on critical infrastructure, which will come into force on 1 April. Operators of critical infrastructure will be required to report cyberattacks to the National Cyber Security Centre (NCSC) within 24 hours of discovery. After submitting the initial report within 24 hours of discovering the incident, they have 14 days to complete their report.
Further Information

Cyber Security Hub

The Cyber Security Hub (CSH) is an important information system of the National Cyber Security Centre (NCSC). It is used to share and manage information on cyber threats, cyber incidents and cybersecurity practices.
Further Information

Current warnings

E-mails with malware in the name of debt collection agencies and health insurance companies

02.12.2024 - The NCSC is currently receiving numerous reports of e-mails that claim to come from a debt collection agency or a health insurance company. They concern an alleged claim or reminder. Do not click on the link, as this is an attempt to distribute malware to Windows users.

Report cyberincidents to NCSC

The NCSC is grateful for reports of cyberincidents of any kind (phishing attempts, investment fraud, etc.) via the report form.

Report form

How to protect your company

Protect your authority

Cybersecurity in the supply chain

Cooperation with IT service providers

What to do in the case of a cyberincident?

In the case of a cyberincident, quick action is important. Under ‘Current Topics’ you will find the most common cyberincidents in authorities:

Overview of cyberthreats and how to protect yourself from them

The ‘Current threats’ section provides an overview of the most important cyberthreats, how to protect yourself from them and what to do if you are the victim of a cyberincident.

Events

23. Mai 2024 - Brown Bag Lunch: Wie mache ich meine Behörde fit nach einem Cybervorfall

Eine gute Krisenkommunikation hilft, sich als zentrale und vertrauenswürdige Informationsquelle zu positionieren sowie Spekulationen, Indiskretionen oder Falschmeldungen vorzubeugen. Cyberangriffe erfordern deshalb eine zeitnahe, koordinierte und gut durchdachte Krisenkommunikation, um Sicherheit zu vermitteln und das Vertrauen der Anspruchsgruppen zurückzugewinnen.

Brown Bag Lunch: Krisenkommunikation bei Cybervorfällen - YouTube

5. September 2024 - Brown Bag Lunch: Cybersicherheit in der Lieferkette

Aufgrund der wachsenden Vernetzung, dem Einsatz von IoT (Internet der Dinge) sowie der Integration logischer Prozesse entlang der Lieferkette bieten sich Cyberkriminellen jede Menge Angriffsvektoren, um in die internen Systeme von Unternehmungen einzudringen. Das Bundesamt für Cybersicherheit (BACS) führte zusammen mit Planzer Transport AG ein Pilotprojekt durch, um Fachwissen und Kräfte branchen- und cybersicherheitsseitig zu bündeln. Die Erkenntnisse und erarbeiteten Hilfsmittel werden in diesem Brownbag Lunch vorgestellt.

Brown Bag Lunch: Cybersicherheit in der Lieferkette - YouTube

NCSC reports

NCSC semi-annual report:

The semi-annual report of the NCSC presents the most important cyber threats currently shaping Switzerland's threat landscape.

NCSC report 2024-1
All reports

Follow us on LinkedIn:

Follow us on LinkedIn and get all the NCSC news.