"Always in defense mode"

It really can be too easy for hackers: According to an evaluation by the Hasso Plattner Institute (HPI), the number sequence "123456" is the most popular password in Germany. We can only assume that the situation in Switzerland is not much different. Regardless of this, cyberattacks on companies and public administrations have continued to increase. The city of Bern, for example, was attacked 23 million times in 2023, as Mayor Alec von Graffenried revealed at a media conference in the run-up to the Swiss Cyber Security Days. "We are always in defense mode," he noted.

Bern becomes "capital" for cyber security

It is no coincidence that Bern is now the venue for the fifth Swiss Cyber Security Days (SCSD). The event is now moving from the more tranquil Fribourg to the federal city and has found a location at the BernEXPO exhibition center that is predestined for events consisting of an exhibition and congress. Added to this, of course, is the more central location and better accessibility, as well as the greater proximity to federal authorities or (system-critical) state-owned companies such as Swiss Post, SBB or Swisscom, all of which could become "primary targets" for cyber criminals. In this sense, Bern will be the "capital" of cyber security for two days in February.

The possibility of a cyberattack on critical infrastructure is also high on the federal and cantonal risk management agenda. At the aforementioned media conference, Bern's Director of Economic Affairs Christoph Ammann pointed out the great potential for damage: according to estimates, damage from cyberattacks amounts to around 5% of a country's GDP, in Switzerland this would be around CHF 200 billion. "Everyone is therefore called upon to take precautions. This applies to large companies as well as SMEs," said Christoph Ammann.

Innovative, but not when it comes to cyber security

And it is precisely with these precautions that Switzerland is lagging behind. The former National Councillor and current President of the Swiss Cyber Security Days regrets that Switzerland, the world's most innovative country, only ranks 42nd in the Global Cyber Security Index - behind North Macedonia and ahead of Ghana. "Switzerland must do better," says Fiala. The SCSD therefore want to make a contribution to achieving this. Politicians have also recognized the urgent need for action. The fact that Switzerland has now had a State Secretariat for Cyber since January 1, 2024 is an important step, according to Fiala.

However, even though cybercrime is now one of the top risks on a par with climate change and energy shortages, awareness of the problem is not yet equally high everywhere. The externalization of the problem is underestimated, as government councillor Christoph Ammann emphasized. Simply outsourcing data to the cloud does not necessarily result in greater security. The canton of Bern, for example, does not use a cloud but stores its data on the servers of its own company. However, the cyber threat is also unleashing forces: for example, the Bernese Economic Directorate and the Security Directorate are joining forces for the first time at the SCSD. "This is a first," says Christoph Ammann.

Broad-based program

What can visitors expect at the SCSD? There will be a "Main Stage" with keynotes from national and international experts. For example, the Ukrainian Minister for Digital Transformation, Georgii Dubynskyi, will report on his government's current experiences with cyber defense in times of war. Christian-Marc Lifländer, Head of the NATO Cyber Defense Section, will discuss the topic of "Cyberspace as an area of warfare: the use of cyber defence as an inseparable part of collective defense in NATO". From Switzerland, Nicolas Mayencourt and Marc K. Peter analyze the local cyber situation and ETH President Joël Mesot explains what research and innovation can do to combat cybercrime.

The so-called "Tech Stage" deals with topics such as the metaverse: The metaverse connects the real world with the virtual world. Has the hype surrounding the metaverse already died down or is the technology finally ready to prove itself as a future-proof technology? Sebastian Klöss (Bitkom) and Fabian Wicki (University of Applied Sciences Northwestern Switzerland) will address this question. A student project from ETH will also be presented: the Cyber Clinic for SMEs. This initiative sees itself as a bridge between research and business. It aims to improve the cyber security situation of underserved Swiss organizations such as SMEs, but also of large NGOs.

In addition, around 80 exhibitors will be on site with various solutions for improving cyber security. They will also be presenting their applications at two "Best Practice Stages" in the form of short presentations.

Further information on the program can be found at www.scsd.ch