NCSC cyber incident reporting
Swiss cyber incident reporting obligation
What we are examining
The Swiss cyber-incident reporting obligation often catches SMEs unprepared: format, deadlines and contact points are unclear, and the structured procedure is missing when it matters.
Hypothesis
— A tool for the formal report plus procedure checklist is delimitable — IT service providers are the natural distribution partners — Flat-rate per company subscription works better than per-incident billing
Status
Concept. We are watching the gradual extension of the NCSC reporting obligation and start validation talks in Q3 2026.