In Brief
The Federal Information Security Act (ISA) came into effect on 1 January 2024 and is already undergoing amendments to include a requirement for operators of critical infrastructures to report cyberattacks. The definition of “critical infrastructures” is broad, encompassing many private companies. The amendment, known as revISA, has passed the deadline for public referendum challenges as of 18 January 2024, making it anticipated that the new reporting obligation will become law in 2025, with the exact date yet to be determined.
This alert addresses key questions about the new reporting requirement and provides important insights.
Read the full alert here.
The post Switzerland: New obligation to report cyber incidents appeared first on Global Compliance News.