For 25 years, SWITCH-CERT has been passionately committed to ensuring online security in Switzerland. In this interview, Silvio Oertli talks about milestones and the future.
SWITCH identified the need to safeguard IT security after networking Swiss universities through its research and education network. So SWITCH decided to create a central security team which could support universities in dealing with incidents. The Computer Emergency Response Team SWITCH-CERT was set up in 1994 and in 1996 it was one of Switzerland’s first CERTs to be recognised internationally.
Today, SWITCH-CERT is a leading independent centre of excellence in the field of information security, with excellent links to the international community. We support universities, the domain registries .ch and .li, the financial sector, industry, logistics and the energy sector in dealing with security incidents.
We help these groups protect themselves against cyber threats by assessing critical vulnerabilities and proactively providing hazard information. We conduct workshops with the aim of preparing our customers for critical situations. And we also give them the tools necessary to raise awareness among their employees and students. Most importantly, however, we give them the opportunity to share ideas and information in closed groups. We also support the banking sector with fraud cases in online banking.
A successful CERT understands how its customers work. The aim is to provide independent advice and coordinate support in their interests. Having a global network of specialists is essential in offering customers the security they need and to coordinate incidents on an international level.
For certain sectors, SWITCH-CERT works hand in hand with GovCERT. We offer them custom services to suit their specific requirements, which GovCERT cannot provide because it is too broad-based. Unlike other CERTs, we offer absolute provider neutrality and have access to a very large international network.
Alongside GovCERT, there are private CERTs that work for their own companies or offer security services to third parties.
In Switzerland, CERTs are organised in the association of CH-CERTs. We share information about current cyber threats and how to detect them. We also work closely with the National Cyber Security Centre (NCSC). Through this, the CERTs are also networked internationally.
Our range of tasks is very attractive, varied and meaningful, because both business and society benefit from our work. We also offer an exciting environment for personal development with a good work-life balance.
We work in national and international networks, we’re recognised, and we experiment with new technologies. This gives us an international shop window and we receive worldwide recognition for our work.
I enjoy the great variety and the many ways in which we support customers in the area of IT security.
SWITCH-CERT has already been able to provide some valuable information in preliminary proceedings leading to the arrest of criminals.
I want to be able to go to bed at night with a clear conscience.
The attacks have become increasingly sophisticated and disparate. That’s why we’ve positioned ourselves more broadly and also incorporated the whole area of the “Internet of Things” into our work.
On the one hand, the focus will shift to specialised workshops with our customers. On the other hand, we want to strengthen security with additional services. We’ll focus on services that reduce the response times to cyber threats through centralisation and use the collective knowledge of the entire community for their benefit.
Cybercriminals do not stick to the rules, so they will always be one step ahead of us. It’s important to be aware of this and able to deal with it.
It’s easy to hide on the internet. Cybercriminals are flexible. Prosecution across national borders does not make it easy for authorities to bring those responsible to justice. But as cooperation improves between the authorities, the CERTs and private organisations, we can also catch more cybercriminals.
The internet is like a city. There are safe streets, but also dark alleyways. We’re never going to be able to make everywhere safe. But, through the healthy exchange of information between countries, we can identify the dark alleyways and point them out to internet users.
Because we’re so close to research activities, we’re also actively involved in establishing new standards that add substantially greater security. One example is the introduction of SCION, a new internet architecture developed at ETH Zurich.
I would love to imagine a world where this is possible. But wherever you can make easy money faster than you can in the real world, there will always be people who follow this path. We can make things more difficult for these people, but at the same time, we need to understand that there will never be a city without criminality.
Some years ago, we started putting greater emphasis on security awareness. The aim is to provide our customers with the tools necessary to raise awareness about cyber threats among their users.
We also support alliances between the various CERTs, security companies and domain registries so that they can share information quickly and easily. That means that we can quickly protect and warn internet users.