Skip to content
P2 — Q3/Q4 2026 Q3/Q4 2026

NCSC cyber incident reporting

Swiss cyber incident reporting obligation

What we are examining

The Swiss cyber-incident reporting obligation often catches SMEs unprepared: format, deadlines and contact points are unclear, and the structured procedure is missing when it matters.

Hypothesis

— A tool for the formal report plus procedure checklist is delimitable — IT service providers are the natural distribution partners — Flat-rate per company subscription works better than per-incident billing

Status

Concept. We are watching the gradual extension of the NCSC reporting obligation and start validation talks in Q3 2026.