A cyber attack can affect anyone

The Itsec4KMU information platform has been in planning for a long time. The association behind it is now launching a website, and wants to make companies and cantons aware of the digital risks in the future.

“There’s nothing worth stealing from me.” This is a misconception that many SMEs have with regard to cyber attacks. Cyber attacks in the digital area are not specifically tailored to a company, however, but are often automated – and can have devastating consequences for a company.

The canton of Zug aims to prevent the risk of an attack through Itsec4KMU, the information point of the association of the same name, which is intended to ensure that companies are networked and are continuously informed about the risks of digital attacks.

Following the approval of the loan for the operating association by the Zug cantonal parliament last year, a launch and networking event took place last Wednesday evening on the grounds of the Lucerne University of Applied Sciences in Rotkreuz. In his introduction, Itsec4KMU President and Finance Director Heinz Tännler explained that the idea of an information point came about because the cantonal administration itself still lacked adequate security measures in the cyber area.

“This infrastructure is still under construction,” he explained. In this context, the government decided that the industry should also be sensitized – and this has resulted in the setting up of an information centre for cyber-security. This centre should take on a pioneering role.

Cyberattacks happen all the time
The goal of the Itsec4KMU association is clear: the “cyber resilience” of Swiss SMEs should be strengthened through information sharing, raising of awareness and networking. “Awareness of the risks is very important,” said René Häusler, founding member and director at the Lucerne University of Applied Sciences.

Most business owners don't spare much thought on what it could mean if they were affected by a digital attack. But one thing is clear: it can hardly ever be ruled out that an attack will happen, the only question is when. “Cyber attacks happen almost around the clock,” said Rene Häusler.

Heinz Tännler, government councillor and president of the Itsec4KMU association, introduced the evening.
Ms. Landammann Silvia Thalmann-Gut also took part in the event
The launch event took place at the Lucerne University of Applied Sciences in Rotkreuz
From left: Daniel Abt, President of the Canton of Zug Trade Association, Peter Letter, board member of the Zug Chamber of Commerce (ZWK), René Hüsler, founding member, and Heinz Tännler, government councillor of the Canton of Zug               
Photos: Mathias Blattmann

Most companies suffer financial damage through this, and, in some cases, this can also be accompanied by a loss of customers or damage to their reputation. The aim of Itsec4KMU is therefore to ensure that company employees develop a certain level of scepticism towards, for example, phishing emails. And that they don't click on the strange link they have received from an unknown email address. The focus is principally on SMEs, because the existing offers don’t reach this target group often enough. “It’s extremely important that you are able to access further information if you want to delve deeper into the topic.”

Bundling information on a single website
Vice President Nicole Wettstein explained how the association will help. The website is thereby crucial for the exchange of knowledge, with all the core offers bundled on this platform: educational work, offers of help and the opportunity to become involved in a network. “The website is deliberately kept slim so that companies are not put off by a flood of information,” she explained.

For example, the site can tell you what preventive measures can be taken to protect yourself against cyber threats - be it through password security, dual authentication or the installation of a firewall. The platform also provides information on the most common types of attacks, and explains how you should act if an emergency situation arises. “We want to promote exchange and transparency, so that no one is left in the dark,” said Nicole Wettstein.

In addition to SMEs, the target group of the offer also includes cantons, national and cantonal business associations, security service providers and universities.

The business world is happy about networking opportunities
The business representatives generally agreed with the speakers' comments on the importance of digital security. Both Daniel Abt, President of the Canton of Zug Trade Association (Gewerbeverband), and Peter Letter, Board Member of the Zug Chamber of Commerce (Wirtschaftskammer), confirmed that making data and the digital working environment secure in everyday working life is of great importance.

The infrastructure of a company could thereby be permanently damaged by an attack, and the economic consequences could be fatal. For this reason, the business world is all the more pleased with what the association has to offer and with the opportunity to network with other companies.
 

Cybersecurity projects in the canton of Zug
The Itsec4KMU is one part of a cyber-security package. The information centre includes a national testing institute for cybersecurity, and this has already started its work. From last summer, the test centre has been looking for experts to check networked products and digital applications for vulnerabilities. The Zug Parliament has thereby allocated around CHF 9 million for the two projects, of which a maximum of CHF 1.4 million will be used for the Itsec4KMU association.

Cybersecurity centre checks charging stations

The National Test Institute for Cybersecurity (NTC) took the opportunity to carry out a security analysis of the rapidly growing public- charging infrastructure for electromobility while it was being set up, according to their media release.

Internet-accessible systems from around 50 different manufacturers were tested In the period from May to August 2023, including seven mobile apps, the firmware of eleven charging stations and central backend applications of 23 charging station operators. The results of the tests show that the security situation needs to be improved in the area of public charging infrastructure for electromobility in Switzerland. For example, outdated communication protocols were being used by manufacturers.