March 22, 2023

Swiss National Council to introduce mandatory reporting of cyberattacks

Operators of critical infrastructure in Switzerland will have 24 hours to report major cyberattacks or risk fines of up to CHF 100,000, the National Council recently ruled. Approved by 132 to 55, this amendment to the Federal Information Security Act will now go to the Swiss Council of States. 

The decision was touted as an important step towards increasing the security of Swiss infrastructure. Cyberattacks and computer system vulnerabilities pose serious risks and can result in significant damage. The new reporting obligation will require such incidents to be reported – and responded to – more rapidly. 

The Security Policy Commission (SIK-N) had proposed expanding the reporting obligation, not only to cyberattacks with a high potential for damage, but also to serious vulnerabilities in computer systems. The commission hopes this will have a preventive effect. 

The National Cyber Security Center (NCSC) will act as a central reporting point for cyberattacks and provide an electronic reporting form, allowing reports to be easily recorded and forwarded to other agencies.

 Want to learn more what this could mean for your business – and how to protect it – write us for free cybersecrity consultation at: