La Confédération se penche sur le partage d’information cyber

Lors de sa séance du 13 décembre 2019, le Conseil fédéral a adopté le rapport «Obligation de déclarer les incidents graves affectant la sécurité des infrastructures critiques: solutions possibles». Ce rapport décrit les principales questions qui se posent au sujet de l’introduction d’obligations de déclarer et présente plusieurs modèles possibles pour la mise en œuvre de telles obligations. Le Conseil fédéral se fondera sur les résultats de ce rapport pour prendre, d’ici à fin 2020, des décisions de principe sur l’introduction d’obligations de déclarer.

En Suisse, il n’existe pas d’obligation générale de signaler les cyberincidents. Les informations sur les cyberincidents concernant des infrastructures critiques telles que l’approvisionnement en énergie, la télécommunication et les secteurs des finances et des assurances s’échangent sur une base volontaire par l’intermédiaire de la Centrale d’enregistrement et d’analyse pour la sûreté de l’information (MELANI). Vu l’évolution rapide des cyberrisques, il faut se demander si cet échange volontaire est suffisant pour identifier à temps les menaces dans tous les secteurs. C’est pourquoi la Stratégie nationale de protection de la Suisse contre les cyberrisques prévoit l’examen d’obligations de notifier dans ce domaine. En outre, le Parlement a transmis un postulat (17.3475 Graf-Litscher) qui charge le Conseil fédéral de présenter un rapport sur les possibilités d’introduire des obligations de signaler les incidents de sécurité affectant les infrastructures critiques

Source : Bund

ZURICH EVENT : How To Protect Your Brand From Competitive & Digital Risks – 24.03.2020

MARCH_2020_ZURICH_PROTECT-YOUR-BRAND-1

Become a member now and discover all membership benefits
such as free access to all our events in Zurich and Geneva !

REGISTER FOR THE EVENT VIA WEEZEVENT

The goal of every business, whether large or small, is to maximise its competitive advantage. Competitive Intelligence (CI) supports business decision making by enabling the timely discovery of opportunities and threats. How can modern enterprises use CI to overcome challenges and orient their course of action in response to actionable opportunities? In a world where digital threats amplify the traditional business risks, what is the link between CI and cyber resilience? Why does a high-impact CI function require anticipatory, strategic guidance through the effective use of unique primary intelligence sources (HUMINT)?

The third meeting in the Next Big Thing series will be led by our distinguished guests, Sascha Maier, the Head of IT & Cyber Resilience at IWC Schaffhausen, and Marc Limacher, Founder and CEO at INOVIS. Together we will explore different perspectives on the role of competitive intelligence in ensuring the stability, prosperity, and security of a business.

PROGRAM

18:00 – Welcome Tea & Coffee

18:10 – Opening by Aleksandra Bielska (Swissintell, Zurich Greater Area Manager)

18:15 – Speakers

How to Protect the Brand In 2020 From Competitive and Digital Risks? by Sascha Maier (Head of IT & Cyber Resilience at IWC Schaffhausen)

High Impact Strategic Foresight: Competitive Advantage via Competitor & Market Anticipation? by Marc Limacher (Founder and CEO at INOVIS)

19:45 – Q&A and Discussion

20:00 – Networking Apéro

REGISTER FOR THE EVENT VIA WEEZEVENT

The role of insurance in critical infrastructure resilience

Resilience enhances the traditional risk management toolkit in several aspects, and insurance is an effective risk transfer mechanism that can contribute to increasing resilience. However providing insurance to a CI based on its resilience level is a complicated matter. Resilience is for systems, whereas insurance policyholders are companies, not systems. Beyond the fact that insurance can strengthen resilience and the assumption that resilience can improve insurability, many of the ‘needs’ from insurance relating to resilience come back to understanding and calculating risk. The SmartResilience Horizon2020 project (2017-2019) considered the problem of how to assess the resilience of a CI and developed a series of indicators and methods for that purpose. Then it considered the problems currently faced by the insurance sector and explored whether such methods could reduce vulnerability to consequences of disruptions, and provide better insurance coverage.

This paper briefly presents some of the outcomes of the SmartResilience project, focusing on (1) the extent to which insurance can enhance resilience, (2) how resilience can improve the conditions of insurability of CI, and (3) how SmartResilience methods can be used for that purpose. There exists a positive feedback mechanism.

Source : EPFL