Four steps for a value-orientated cybersecurity culture

Markus Christen and his team have created a guideline focussing on the non-technical aspects of cybersecurity.

Modern society is increasingly dependent on information technology. Cybersecurity is therefore important. Various guidelines and checklists already exist in the technical field. However, when conflicts between ethical values or social complexity play a role in cybersecurity issues, this often leads to difficult decisions.

Modern society is increasingly dependent on information technology. Cybersecurity is therefore important. Various guidelines and checklists already exist in the technical field. However, when conflicts between ethical values or social complexity play a role in cybersecurity issues, this often leads to difficult decisions.

The research team presented the new guideline to the Federal Parliament at the end of December. The Parliamentary Group on Digital Sustainability (Parldigi) hosted an event on the topic of cybersecurity.

This is because 1 January 2024 marks a significant turning point for ensuring and regulating cybersecurity in Switzerland: on this date, the new Federal Office for Cybersecurity will begin its activities and the revised Information Security Act will come into force.

Legal gaps and recommendations

The second focus of the presentation at the Parldigi event in the Federal Palace was the legal framework for cybersecurity. According to the researchers, there are still gaps in the new Swiss Information Security Act.

Markus Christen and his team highlighted the most important gaps, focussing on critical infrastructures.

"We are in favour of introducing minimum requirements that apply to all critical infrastructures. It is important that all critical infrastructures improve their cyber resilience. The best way to achieve this harmonised level is to apply minimum cybersecurity requirements (..)."

The guidelines and the legal recommendation for improving the cybersecurity of critical infrastructures in Switzerland are the result of the research project "Creating an ethical and legal governance framework for trustworthy cybersecurity in Switzerland" as part of the National Research Programme NRP 77 on the topic of "Digital Transformation".