Cybersecurity is a crucial issue in today’s digital world, and Switzerland is no exception. Indeed, with the increasing digitalisation of our societies, the risks associated with cybercrime are multiplying and threatening the security of individuals, businesses and institutions. Faced with this growing threat, it is essential to implement effective protection measures to ensure the confidentiality, integrity and availability of data. In this context, cybersecurity in Switzerland is particularly important, requiring close collaboration between public and private actors to address IT security challenges. Drawing on our experience with our many clients in Switzerland, we have compiled in this checklist the best practices that we implement daily to strengthen their level of security.
1 Raising Employee Awareness of Cyberattacks
Train staff on cybersecurity threats
Training staff with specialists on cybersecurity threats is crucial to protect the company from potential attacks. By raising employees’ awareness of risks - particularly phishing, one of the most common methods used by cybercriminals to obtain confidential information - and by training them on good IT security practices, the company strengthens its defence against cyber threats.
According to the National Cyber Security Centre (NCSC), the number of reported phishing attempts in Switzerland doubled in 2024, exceeding 975,000 incidents.
Switzerland is therefore not lagging behind the rest of the world and must contend with this ongoing threat. By learning to recognise phishing attempts, such as fraudulent emails or suspicious links, employees can become a true line of defence and your best allies.
Raise awareness of the importance of data security
Raising employees’ awareness of the importance of data security is a crucial aspect in protecting the company’s confidential information. It is essential that every team member understands the risks related to data loss or theft. By raising awareness of cyber threats and engaging employees to take proactive measures to protect data, the company can strengthen its security and reduce the risk of data breaches.
This approach is even more important since the entry into force of the new Data Protection Act (DPA) in September 2023, which introduces increased individual accountability: it is no longer only the company or legal entity, but also the individuals processing data who can be held responsible in the event of a violation.
2 Strengthen Cybersecurity with Regular Updates
Keep software and systems up to date
Maintaining software and systems is essential to ensure their proper functioning and security. By regularly updating software, organisations can benefit from the latest features and security patches. Similarly, updating operating systems and IT equipment prevents bugs and identified security flaws that could compromise data confidentiality and integrity. Regular maintenance is therefore one of the basic pillars of good cybersecurity hygiene, essential for preventing vulnerabilities exploited by cybercriminals. It is important to dedicate time and resources to regular maintenance of software and systems to ensure their effectiveness and reliability. Recent approaches, such as implementing a Continuous Threat Exposure Management (CTEM) programme, allow resources and action priorities to focus on the most critical company assets.
3 Strong Authentication as a Security Measure
Implement two-factor authentication
Two-factor authentication is one of the additional cybersecurity solutions that requires two forms of identity verification before granting access to a system or sensitive data.
This dual verification strengthens security by requiring the user to provide not only a password but also another form of authentication, such as an SMS code, a physical security key, or a fingerprint. By implementing two-factor authentication, companies can significantly reduce the risk of unauthorised access or account hacking, providing additional protection for their data and systems. This measure is also one of the essential pillars of a solid cybersecurity strategy, ensuring reinforced defence against intrusion attempts.
Use strong and unique passwords for each account
According to the Hive Systems Password Table 2025, a weak password like “123456” can be cracked in less than a second, whereas a complex password such as “G7#vP2q!Lm9$” would require billions of years to decrypt using brute-force methods.
Cybersecurity also depends on using strong and unique passwords for each account, which is essential to protect our online information. By using combinations of uppercase and lowercase letters, numbers, and special characters, passwords become much harder for hackers to guess. Moreover, using a different password for each account limits the risk in case of a data breach on a website. It is crucial to take this security measure seriously to protect personal and financial information.
We are also seeing increasing adoption of passwordless authentication, made possible by frameworks such as FIDO2. These approaches are gaining popularity by eliminating many password-related vulnerabilities. However, they require technical implementation and a longer adoption curve among employees. The cost/benefit/risk ratio must be evaluated before implementation.
4 Network Monitoring and Protection
Monitor network traffic to detect suspicious activities
In terms of cybersecurity, it is essential to continuously monitor network traffic to detect any suspicious activity. By analysing the flow of data across the network, it is possible to spot abnormal patterns, unauthorised access attempts, or malicious behaviour. A malicious actor may hide their actions on endpoints, but they can never hide communication on the network. Network traffic monitoring, using tools such as IDS/IPS and NDR, allows potential new cyber threats to be detected quickly. It also enables appropriate measures to be taken to counter them and protect the company’s sensitive data. It is a crucial tool to maintain a secure network and prevent cyberattacks.
Deploy threat detection tools
Implementing threat detection tools is essential to protect IT systems from malicious attacks and reduce cybersecurity risks. These tools allow real-time monitoring of network traffic, user activity, and abnormal behaviours that could indicate an intrusion.
In this context, a Security Operations Centre (SOC) can be useful and relevant, providing a set of technological solutions (i.e., XDR, EDR) operated by qualified personnel who alert you in real time in case of malicious activity. By identifying and quickly reporting any unauthorised access attempt, intrusion detection tools enable security teams to respond rapidly to block attacks and limit potential damage.
5 Security Policy
Develop and implement an information security policy
IT security is a key priority for any organisation that wants to protect sensitive data and IT systems from external threats. To implement an effective information security policy, it is essential to conduct a risk assessment and define security procedures and rules.
Staff should be trained in IT security best practices, protective solutions for data and systems should be implemented, and potential threats should be continuously monitored.
Ensure compliance with cybersecurity standards
Ensuring compliance with cybersecurity standards is crucial for any organisation to protect itself against emerging cyber threats and guarantee the security of sensitive data. This involves implementing measures and procedures in line with current Swiss regulations, such as the revised Data Protection Act (DPA), the Information Security Act (ISA), and the ICT minimum standard (non-binding but a good baseline). By adopting a proactive approach and investing in appropriate tools and training, companies can reduce cyberattack risks and strengthen their security posture.
6 Regular Data Backups
Perform regular backups of critical data
It is essential to perform regular backups of critical data to ensure its security and integrity. In the event of a disaster, file corruption, or hacking, having up-to-date copies allows data to be restored quickly and losses to be limited. This preventive practice, a fundamental part of good cybersecurity hygiene, is essential to guarantee business continuity and protect sensitive data from potential threats. It is also crucial to regularly test backup restoration to ensure reliability and be able to respond effectively in case of an incident. By implementing a rigorous backup plan and validating its restoration, organisations can safeguard against data loss and ensure availability when needed.
7 Access Management
Limit access to sensitive data only to authorised personnel (principle of least privilege)
To protect the company’s sensitive data, it is essential to restrict access to authorised individuals only. This is the fundamental pillar of the Zero Trust philosophy and the least privilege approach. It helps reduce the risk of confidential information leaks and ensures the security of customer personal data. By implementing strict access control measures, such as two-factor authentication and monitoring user activities, organisations can strengthen their cybersecurity posture and comply with data protection regulations. It is therefore crucial to establish clear policies and procedures to manage access rights and protect sensitive information from data breaches.
8 Device Management
Secure devices connected to the corporate network
Securing devices connected to the corporate network is essential to prevent cyberattacks and ensure the confidentiality of sensitive data. It is crucial to implement security measures such as firewalls, endpoint protection (EDR), intrusion detection and prevention systems, and segmentation between different network zones (i.e., production, testing, external suppliers). Furthermore, access to network-connected devices should be limited to authorised personnel and suspicious activity continuously monitored.
Some devices cannot be secured as desired (for example, IoT, OT, supplier equipment, etc.). For these devices, it is necessary to restrict network flows to only what is required for proper operation, using physical and/or logical segmentation, and implement deception tools to quickly detect malicious behaviour. This approach follows the defence-in-depth principle to make it as difficult as possible for malicious actors.
9 Security Audits
Conduct regular security audits
To ensure the security of IT systems and sensitive data, it is crucial to conduct regular security audits. Audits help identify potential vulnerabilities in the infrastructure and implement corrective measures. Priority should be given to the systems and applications most critical to organisational operations.
They also help maintain compliance with data security standards and regulations. By proactively conducting security audits, organisations can anticipate potential risks and strengthen the protection of strategic information.
10 Cybersecurity Crisis Management Plan
Develop an incident response plan
An incident response plan is essential for any organisation that wants to react quickly and effectively to a cyberattack. Developed in collaboration with business teams, security teams, and risk management, it defines the organisation of teams and procedures to follow in case of an incident. It is crucial that this plan is regularly tested and updated according to organisational changes, technological developments, and potential threats. A rapid and organised response can make all the difference in limiting the damage caused by a cyberattack.
Adopting a Proactive Cyberattack Management Approach with SPIE
To summarise, here are the 10 concrete actions to strengthen your cybersecurity:
- Train and raise employee awareness of risks and best practices
- Keep software and systems up to date to close vulnerabilities
- Implement strong authentication, including two-factor authentication
- Monitor network traffic and deploy intrusion detection tools
- Develop a clear security policy aligned with Swiss standards (DPA, ISA, ICT minimum standard)
- Perform regular backups and systematically test restoration
- Limit access to sensitive data according to the principle of least privilege
- Secure devices connected to the corporate network
- Conduct regular security audits to anticipate vulnerabilities
- Establish an incident response plan for fast and coordinated action
These pillars form the essential foundation of good cybersecurity hygiene, ensuring protection, availability, and confidentiality of your data against increasingly sophisticated threats.
SPIE, Switzerland’s cybersecurity leader, puts all its expertise at the service of your digital security. With comprehensive solutions, proven experience with hundreds of organisations, and commitment to continuous training, SPIE supports you in building a robust and proactive defence against cyberattacks. Do not leave hackers any chance: secure your organisation today with SPIE. Contact us for a personalised assessment and solutions tailored to your needs. Cybercrime does not wait.