«Cybercrime»: a new attack vector requires new methods of fighting crime
Rapid technical development and especially networking have created new threats. In some cases, severe cyberattacks are threatening the entire digitalized economy, the administration in Switzerland and private individuals. Some keywords are, for example, industrial spying, abuse of (customer) data, sabotage of critical infrastructures, targeted attacks on exposed persons and research and development. No company can deal with this challenge single-handedly. As the World Economic Forum¹ has put it: «The prevailing environment of uncertainty, along with accompanying pervasive risk aversion surrounding cyber threats, is restricting economic development». In short: «cybercrime» is developing analogously to the dynamics of digitalization of our economy and society. Long-known crimes are threatening (public) security in Switzerland in new ways. Efficient crime prevention and crime fighting require new skills and awareness, new processes and appropriate use of ICT. It must be the aim to achieve «cyber resilience», which is the ability to effectively deal with «cyber incidents». This ability is measured on the basis of the average period of time between system failure and average mean time to restore services (MTTRS).
Concerning the current status
The good news: 54% of the companies interviewed in Switzerland have an information protection strategy. But only about one third of these companies consider information security a top priority for management. Tests show a cyber resilience value of only 18%. So the vast majority of companies are not sure if they have the ability to deal properly with «cyber incidents». The related processes and procedures are barely put into practise, if they exist at all.