Outlook for the summer session 2021

digitalswitzerland regularly publishes an outlook and review of the sessions of the national parliament. The publications are available in the national languages German and French.

digitalswitzerland provides comprehensive monitoring of digital policy at federal and cantonal level. This is made available exclusively to our members on the monitoring platform politoscope.ch.

Login via politoscope.ch (for members only)

The Federal Council has recognised the opportunities offered by digitalisation to meet public authority requirements and wants to implement them with the present federal law. Yet, we think the present draft law is still not bold enough.

Together with asut and swissICT, the digitalswitzerland association has submitted a statement* to the Federal Council on the Federal Act on the Use of Electronic Means for the Performance of Official Duties.

*Political statements by digitalswitzerland reflect exclusively the views of the digitalswitzerland Association and its members and not those of the digitalswitzerland Foundation.

digitalswitzerland regularly publishes an outlook and review of the sessions of the national parliament. The publications are available in the national languages German and French.

digitalswitzerland provides comprehensive monitoring of digital policy at federal and cantonal level. This is made available exclusively to our members on the monitoring platform politoscope.ch.

Login via politoscope.ch (for members only)

digitalswitzerland regularly publishes an outlook and review of the sessions of the national parliament. The publications are available in the national languages German and French.

digitalswitzerland provides comprehensive monitoring of digital policy at federal and cantonal level. This is made available exclusively to our members on the monitoring platform politoscope.ch.

Login via politoscope.ch (for members only)

Thanks to modern infrastructure and location-independent activities, two-thirds of Swiss SMEs were able to respond quickly to the coronavirus lockdown and in many cases could switch easily to working from home. At the start of 2020, an average of 10% of employees worked primarily from home, and during the lockdown this rose to almost four times as many. The numbers fell again after the lockdown, and with 16% of employees now working from home, this equates to a 60% increase compared to the start of the year. While Swiss SMEs demonstrated flexibility, the risks from home offices and digitalisation are underestimated by many companies. Although a quarter of Swiss SMEs have already been victims of a serious cyberattack, two-thirds of SMEs neither hold regular employee training on the subject of cyber security nor have a security concept in place.

From August to October 2020, the market and social research institute gfs-zürich conducted a representative survey of 503 CEOs of small companies (with 4 to 49 employees) in the German, French and Italian-speaking regions of Switzerland on the effects the coronavirus pandemic has had on digitalisation. The survey was commissioned by digitalswitzerland, Mobiliar, the National Cyber Security Centre (NCSC), the School of Business of the University of Applied Sciences and Arts Northwestern Switzerland (FHNW) and the Swiss Academy of Engineering Sciences (SATW).

An overview of the main findings:

• During the lockdown, Swiss SMEs exploited the potential of the home office and the trend continues: For a third of SMEs, working from home was not an option due to work being tied to a particular location, whereas the remaining two-thirds were able to transform workstations into home offices without any major problems thanks to modern infrastructure. This meant that the number of employees working from home during the lockdown almost quadrupled from 10% to 38%. Since then, home offices have become established in many SMEs, and with 16% of employees now working from home. This is 60% higher than before the lockdown.
• Online conference tools gaining ground: After e-mail and telephone, most communication within SMEs takes place using private communication channels such as WhatsApp and other messaging services. Since the lockdown began, online conference tools in particular have become more important: the number of virtual meetings has more than doubled, rising from 9% to 20%.
• A quarter of Swiss SMEs have already fallen victim to a serious cyberattack: Out of the 38,250 or so SMEs throughout Switzerland that have been attacked, around a third (12,930 SMEs) have suffered financial damage and every tenth attack has led to reputational damage and/or loss of customer data.
• Not enough preventive measures are being taken: Despite frequent cyberattacks, only half of all SMEs have an emergency plan to ensure business continuity and around two-thirds neither hold regular employee training nor have implemented a security concept within the company.
• People as a risk factor – cyberrisks are often underestimated: Only just under half (47%) of the CEOs stated that they are well informed about security-related issues. Even more drastic is the lack of awareness that they themselves may become a victim of a cyberattack: Just 11% consider being put out of action for a day due to a cyberattack as a major risk.

Florian Schütz, Federal Cyber Security Delegate, praised the adaptability of Swiss SMEs: “It is really promising to see how much progress even the smaller SMEs in Switzerland have made with regard to their IT infrastructure, and that increasing focus is being placed on cyber security. The lockdown showed how important the digital transformation is for companies to remain adaptable. Many SMEs have recognised this and are accelerating their digitalisation activities. However, the current situation also makes it clear how important it is that we create framework conditions in order to shape cyber security in Switzerland in a way that the opportunities associated with digitalisation can be exploited as much as possible. The federal government plans to further expand its efforts and actively support the general population and businesses in the protection against cyber risks.”

Andreas Hölzli, Head of the Cyber Risk Competence Centre at Mobiliar, explained that “Although Swiss SMEs are investing in IT security, one in four of the SMEs surveyed has already been a victim of a cyberattack. The problem is that organizational measures in particular are often considered less important. Companies need measures that go beyond the technical aspects, including raising awareness among their employees, for instance.”

Prof. Dr Marc K. Peter of FHNW believes that working from home will become an established component of the new working world strategy for “blended working” in the long term: “For many jobs, a combination of working from home and working in the office will become part of everyday life. With this, however, urgent consideration needs to be given to the fact that this will require huge investments in technology and IT at Swiss SMEs.”

For Nicole Wettstein, Cybersecurity Programme Manager at SATW, the large number of SMEs affected by a cyberattack is motivation for driving forward the current awareness-raising activities: “It is crucial that the number of SMEs implementing the minimum measures for basic cyber security protection continues to increase.”

Andreas W. Kaelin, Deputy Managing Director and Head of Cyber Security Dossier at digitalswitzerland, indicated that, “according to the survey, around two-thirds of small businesses rely on the support of external IT service providers. This means we need to urgently take action to make it easier for companies to identify trustworthy IT service providers, because the security of a company relies entirely on the service providers.”

Analysis and measures to secure the digital supply chain

The internet is connecting people and machines more and more and has already made a lasting difference to our lives. While the integrity and safety of products from traditional sectors are inspected for certain issues prior to market approval (e.g. in the areas of mobility, food, medicines, etc.), the quality and safety of many digital products is not assured. There are various reasons for this. Today’s supply chain security for digital products is often inadequate and undermines the existing security measures. Also, decision-makers are often unable to make sustainable decisions due to a lack of well-founded and transparent information.
As digitalisation progresses, ignorance concerning the level of security of the products used can lead to critical threats. If incompletely tested products are used in critical infrastructures, threats may be widespread and endanger the provision to society in the areas of electricity, medicine, mobility and physical protection. These risks are abstract, have developed slowly and, consequently, were ignored for a long time and continually accumulated until now.

The Supply Chain Security working group analyses how technological risks are dealt with in other sectors (e.g. electricity supply) and, based on this, identifies and documents the measures that are needed for secure digitalisation. The following topics are addressed, among others:

• What are the biggest risks of the digital society and where do they lie?
• What do critical attack scenarios look like and who are the attackers?
• What can and must we – as an industry or as society in general – consider or undertake right away?
• What measures are necessary and helpful to secure the digital supply chain?

As a society, we have a duty to prevent known and avoidable mistakes so that now and in the future the opportunities offered by digitalisation outweigh the risks.