Cybersecurity quick check for SME

Joint initiative of FONES, the Federal Commission of Experts on Data Processing and Data Security, ICTswitzerland, FITSU – MELANI, ISSS, SATW, SNV, SQS and SVV

Cyberattacks are now part of our daily lives. SMEs must therefore have a way to quickly determine whether their technical, organisational and staff-related measures can protect them adequately against cyber-risks. A high-calibre group of specialists has therefore developed a quick-check for this purpose.

More than 98% of companies in Switzerland are SMEs. They form the backbone of the Swiss economy. To secure their long-term success, SMEs must use digital technologies to integrate suppliers, employees and customers into their processes. This requires a growing networking of corporate infrastructure and data with the Internet. And that is associated with a dramatic increase in the risks from cyberspace.

More than a third of Switzerland’s SMEs have already been hit by cyberattacks

Hackers are increasingly targeting their cyberattacks at what are referred to as «low-hanging fruit», that is, insufficiently protected SMEs. The findings of a study entitled «Cyberrisiken in Schweizer KMUs» (The Cyber-risks for Swiss SMEs), published in December 2017, are clear: about a third of the country’s SMEs have already been hit by viruses or Trojan horses. Four percent of the companies polled said they had already suffered data loss and/or been blackmailed online. Many companies do not address the issue seriously until it is too late.

A quick check test in 12 areas

The aim of the initiative is to provide a self-assessment tool that is particularly practical for smaller companies. Rather than focusing on a comprehensive and complete analysis, this is a way for SMEs – especially those with little in-depth understanding of computing and IT security – to quickly and easily find out whether their technical, organisational and staff-related measures provide sufficient protection against cyber-risks. A brief and deliberately simple accompanying document provides additional information on each topic, should this be required.

A broad-based initiative in line with the national cyber strategy

The quick check was developed at the initiative of the SQS and under the auspices of the SATW within a broad-based group of specialists that included representatives from the FONES, the Federal Commission of Experts on Data Processing and Data Security, ICTswitzerland, FITSU – MELANI, ISSS, SATW, SNV, SQS and SVV.