The vision and strategic objectives set out what the NCS aims to achieve. The principles define how this is to be done.
- The NCS starts with a risk-based, comprehensive approach aimed at improving Switzerland's resilience to cyberthreats. "Risk-based" implies that full protection against cyberthreats is not possible, but that these threats can be addressed in such a way that the remaining risk is acceptable. A "comprehensive approach" takes into account all relevant vulnerabilities and risks.
- Protecting Switzerland against cyberthreats is a joint task for society, the business community and the state, with responsibilities and competencies clearly defined and put into practice by all those involved. The NCS is thus implemented on the basis of federalist principles, in a decentralised way and with shared responsibility.
- The NCS is based on an understanding of the subsidiary and partnership role of the state. This means that the state only intervenes when the welfare of our society is seriously threatened and private actors are unable or unwilling to solve the problem independently. In this case, the state can provide support, create incentives or intervene through regulation, determining the appropriate measures in close consultation with the actors concerned and striving for close cooperation with them.
- Implementation of the NCS is transparent, provided that this does not interfere with the effectiveness of the measures. This is achieved through active communication about the NCS to society, the business community, academia and policymakers, and through the direct involvement of key partners from the administration, society and the business community.