Digital Policy Alert logo

Switzerland: Consulation closed on amendment to Information Security Act including cyberattack reporting obligation

Policy overview

Description

Consulation closed on amendment to Information Security Act including cyberattack reporting obligation

On 14 April 2022, the Swiss Federal Council closed the public consultation on potential amendments to the Information Security Act regarding cybersecurity reporting obligations within the strategy for the National Cybersecurity Centre (NCSC). The Fe…

Scope

Policy Area
Data governance
Policy Instrument
Cybersecurity regulation
Regulated Economic Activity
other service provider
Implementation Level
national
Government Branch
executive
Government Body
central government

Complete timeline of this policy change

Hide details
2022-01-12
in consultation

On 12 January 2022, the Swiss Federal Council opened a public consultation on a proposal to introdu…

2022-04-14
processing consultation

On 14 April 2022, the Swiss Federal Council closed the public consultation on potential amendments …

2022-12-02
under deliberation

On 2 December 2022, the Federal Council published its explanatory draft of the proposed revision of…

2023-09-29
adopted

On 29 September 2023, the Swiss parliament adopted the revision of the Information Security Act inc…

2025-04-01
in force

On 1 April 2025, the reporting obligation for cyber attacks on critical infrastructures included in…

2025-10-01
in force

On 1 October 2025, the enforcement of fines under the amended Information Security Act begins. Sinc…