Even in Switzerland, the topic is so important that the National Cyber Security Centre NCSC gives clear recommendations on it. An important measure is minimum standards, which are guaranteed by the new Cyber-safe.ch certification.
The Cyber-Safe certification is especially tuned for SMEs and municipalities to verify and report that basic protection is in place for your IT security. The certification also demonstrates to your customers and business partners that the data and business processes are adequately protected.
As a specialist in IT security, Arco IT GmbH undertook this process and is the first company in German-speaking Switzerland to receive the certificate.
Who is behind Cyber-Safe?
The Swiss Association for the Cybersecurity Certification [L’Association suisse pour le certification de cybersécurité] is a non-profit association. Its aim is to support organizations in Switzerland with responsible management in cybersecurity, for which this certification has been developed. This is a suitable tool for SMEs to achieve an acceptable level in cybersecurity.
Figure 2: Statistics of cyberattacks SMEs 2020
Cyber Risks in SMEs - The Reasons and Benefits for Certification
The above statistics show that most attacks are carried out using malware such as viruses or Trojans. Surveys show that phishing is also used very frequently in email communications. Although data theft and online extortion are rare, the risks are significant.
It is a fallacy that only large companies are attacked. SMEs are also regularly the target of such attacks and 80% of all medium-sized companies have already been confronted with phishing.
So far, it has tended to be the larger companies that have become aware of the growing risks of digitization. In the meantime, the topic is also reaching the smaller companies. However, there is a lack of resources and skills to minimize risk. SMEs have many unanswered questions and it is difficult to take the right action.
The certification includes a cost-effective situation analysis and test to be carried out for SMEs. All relevant risks such as human, technical and organizational are examined.
The certificate is valid for two years and confirms the good status of your own IT protection. In order to obtain the certificate, a standardized process must be carried out in order to demonstrate that all requirements have been met.
How does the certification process work?
– Fill out the online questionnaire.
– Log in and give your consent to perform phishing tests and network scanning.
– You will receive a detailed report on your IT security level and the corrective actions required
to obtain the certification.
– You can implement the corrective measures yourself or with your IT partner.
– An independent auditor goes to your premises to check the implementation of the measures.
– You are awarded the certification.
Figure 3: Certification Procedure
Arco IT is the first Partner in German-Speaking Switzerland
Arco IT GmbH specializes in consulting and services in IT security. The evaluation of the security situation of companies is an important foundation for the development of an appropriate protection concept. Because the new cyber-safe.ch certification fulfills such an important function, Arco IT has decided to become a partner of the association. We will support the promotion of the certification, and help to certify more companies, organizations and institutions.
Arco IT is ready to assist and guide your organization to certification so that you are well protected and can strengthen the trust of business partnerships with the cyber-safe.ch certification.
