Successful cooperation between the DDPS and the Swiss financial sector to protect privacy

Bern, 28.04.2023 - The Swiss Federal Department of Defence, Civil Protection and Sport (DDPS) has concluded a joint pilot project with the Swiss National Bank, SIX and Zurich Cantonal bank to strengthen the resilience of critical Swiss infrastructure in the area of cyber defence. The initiative aims to enable security teams in the financial sector to have access to cyber defence capacities of the Confederation and to improve the general security situation through increased collaboration. Conventional data collaboration challenges are overcome by the use of confidential computing and data clean rooms, a combination of new encryption and data protection technologies.

In an increasingly threatening digital environment, a coordinated defence network can be an effective means of protection. With this in mind, the DDPS initiated a pilot project in 2021 aimed at improving the skills of security teams and to obtain a comprehensive overview of the threat landscape in the financial services sector. The project has emerged from the second «Cyber Startup Challenge 2021» of the Cyber-Defence Campus at armasuisse – an open tender for startups, to develop innovative technologies for cyber defence in Switzerland. The winner of this competition was the Swiss startup Decentriq. Decentriq developed a Software-as-a-Service (SaaS) platform which offers what are known as data clean rooms for companies. Data clean rooms are protected virtual environments based on confidential computing technology, in which sensitive data is encrypted and cleaned so that it can be used for data analyses across organisations.

Implementation of technology

Using the technology from Decentriq and the expertise of key stakeholders in the Swiss financial sector, such as the Swiss National Bank, SIX and Zurich Cantonal Bank, common email phishing threats across organisational boundaries were identified during the pilot project. Using encryption technology, banks were able to detect new phishing campaigns, identify common patterns and compare the phishing defence of all participating organisations. The successful pilot project showed that useful insights into cyber threats could be obtained through the neutral and protected instance of the data clean rooms without sensitive data having to be exchanged between organisations.

A secure exchange between private and public stakeholders increases the security of critical infrastructures, which is one of the main goals of the National Cyberstrategy (NCS). The proof of concept, which was concluded last year, identified the technical feasibility and potential insights for the responsible teams of the project participants. The next steps for 2023 will consist of proposing a system solution for the entire financial sector.

Definition of confidential computing: Confidential computing is a technology for confidential data processing in the cloud. Confidential computing’s speciality, compared with the previous encryption of data in the cloud, is that sensitive data is not only protected in idle status (in memories and databases) or during transmission (via a network connection), but also during usage. In a nutshell, the technology uses encryption mechanisms to ensure security from third parties and cloud providers when processing sensitive data.

Address for enquiries

Kaj-Gunnar Sievert
Head of Communications armasuisse
+41 (0) 58 464 62 47