The Reporting and Analysis Centre for Information Assurance recently published its latest semi-annual report regarding the most important cyber incidents and cyber risks of the second half of 2019 in Switzerland and abroad. The report contains several practical recommendations for individuals and companies to improve their protection against cyberattacks.
On 1 January 2020 the Swiss Financial Market Supervisory Authority implemented various revised rules primarily targeting small banks (the so-called 'small banks regime'). Among other aspects, this will result in a relaxation of IT outsourcing requirements for financial institutions. The amendments are positive and a step in the right direction, as they will allow financial institutions to enjoy more leeway to benefit from IT outsourcing services.
While many countries have introduced far-reaching obligations to report cyber incidents, Switzerland has not yet followed this lead. However, the Federal Council recently adopted a report which considers key issues with regard to the introduction of a general reporting obligation for operators of critical infrastructure. The report also discusses possible implementation models.
The Federal Council recently adopted a dispatch message to improve the legal framework governing distributed ledger technologies (DLT) in Switzerland. The Federal Council's objective is to increase legal certainty, remove obstacles to DLT-based applications and limit the risk of abuse. The Swiss parliament will examine the dispatch message in early 2020.
In view of the media industry's ostensibly democratic and political role, the Federal Council has decided to adopt effective and feasible support measures. These measures will be implemented by adapting existing laws and incorporating online media into the scope of the Federal Act on Radio and Television. However, the plan to create a new Electronic Media Act has been abandoned.
The Federal Council recently adopted a plan to implement the national strategy to protect Switzerland against cyber risks until 2022 and took additional steps towards the establishment of a cybersecurity competence centre. Work is also underway to develop a cyber-defence campus and strengthen capabilities relating to information acquisition and allocation.
The Federal Supreme Court recently ruled that internet access providers are not liable for third-party websites and portals that make movies available for illegal downloading or streaming. Further, internet access providers are not obliged to monitor or block access to such websites and portals.
The Federal Council recently announced its intention to create a cybersecurity competence centre to provide a one-stop national point of contact for all cybersecurity issues. The plan is a response to requests from Parliament and the business community and is a step towards implementing Switzerland's national strategy for protecting against cyber risks.
The Federal Council recently adopted a new open government data strategy for providing the public with free access to government data. From 2020 onwards, all government data will gradually be made available for free and in a computer-friendly format. The strategy aims to strengthen transparency, accountability and innovation. With a centralised source of information and appropriate support for data users such as researchers and creators, Switzerland will remain an important innovative hub.