Protection against cyber-risks: Federal Council approves ordinance and additional staff
Bern, 28.05.2020 - The Ordinance on Protecting against Cyber-Risks in the Federal Administration was adopted by the Federal Council during its meeting on 27 May 2020 and will come into force on 1 July 2020. Moreover, the Federal Council decided to allocate 20 new posts to increase staffing for the implementation of the 2020-2022 national strategy for the protection of Switzerland against cyber-risks.
To enable the Confederation to play a more active role in protecting Switzerland against cyber-risks, the Federal Council decided in January 2019 to establish a cybersecurity competence centre, headed by a Federal Cybersecurity Delegate. With the Ordinance on Protecting against Cyber-Risks in the Federal Administration, the Federal Department of Finance (FDF) is implementing the Federal Council's mandate of 30 January 2019 and creating the legal basis for the establishment and expansion of the National Cybersecurity Centre (NCSC). This ordinance and the 20 new posts in the area of cyber-risks will enable the Federal Council to meet the demands of businesses and political circles for a robust competence centre with a clear structure and greater centralisation.
Main organisational features
The ordinance adopted by the Federal Council governs the structure, tasks and powers of the authorities involved. This means that it also sets out the composition and tasks of the Cyber Core Group and the NCS Steering Committee, two bodies that enable increased interdepartmental cooperation within the Federal Administration. After consulting the services concerned, the NCSC can take the lead and order immediate measures when dealing with a cyberincident. The ordinance additionally regulates the obligation of Federal Administration service providers to report to the NCSC.
The FDF has started to establish the NCSC under the leadership of the Cybersecurity Delegate, Florian Schütz, who took up his position in August 2019. He is the Confederation's key contact person in the area of cyber-risks, and issues IT security guidelines for the Federal Administration, among other things. The NCSC currently consists of a strategic and an operational division. The strategic division is already being managed as an independent new unit in the FDF General Secretariat. The operational division includes the existing Reporting and Analysis Centre for Information Assurance (MELANI), Federal ICT Security and GovCERT.ch, which were previously part of the Federal IT Steering Unit (FITSU). These areas will also be transferred to the FDF General Secretariat, under the direct management of the Cybersecurity Delegate, once the organisational establishment work has been completed.
20 new posts for NCS implementation
The Federal Council adopted the implementation plan for the 2018-2022 national strategy for the protection of Switzerland against cyber-risks (NCS) back in May 2019 and approved 24 additional posts at that time. These resources are to be expanded further. Subject to the Federal Council's future decisions on resources in the area of personnel, another 20 posts are planned to cover the task areas in the offices responsible for protecting against cyber-risks.
Address for enquiries
Noemi Martig, Media Spokesperson
Tel. +41 58 485 69 72
The Federal Council
Federal Department of Finance
General Secretariat DDPS
Federal intelligence service