zum Inhalt springen

    Cybersecurity in Cooperation

    Tags:

    Many digital systems that shape our daily lives are not, or are insufficiently, tested for security. As an independent, non-profit organization, the National Test Institute for Cybersecurity NTC closes exactly these gaps.

    2025-verbund

    Cooperative Projects: A Service Neither State nor Market Can Provide

    With its cooperative projects, the NTC takes on a role that is unique in Switzerland. Neither private-sector organizations nor government agencies can deliver this service in a comparable way: Businesses act in a competitive environment and are not designed to coordinate cross-organizational testing initiatives. The government, on the other hand, provides important impulses in the field of digital security, but, due to its current structure and legal framework, is only partly able to directly initiate or finance such cooperation.

    The NTC closes this gap: It brings together organizations facing similar challenges, pools resources, and conducts coordinated security tests and risk analyses. Systems or products used by multiple stakeholders, such as hospital information systems or energy management systems for photovoltaic installations, are tested by NTC . As a neutral testing body, the NTC produces detailed technical reports, made available exclusively to participating partners. In addition, a summary report with key findings is published. This creates real added value for the public good—without compromising confidentiality.

    Case Study: Hospital Information Systems

    Hospital Information Systems (HIS) form the digital backbone of modern hospitals. Despite their central role, they were rarely tested independently in Switzerland—due to unclear responsibilities and a lack of incentives. The National Test Institute for Cybersecurity NTC conducted a technical security analysis of three widely used HIS. The result: more than 40 medium to severe vulnerabilities, including three of the highest criticality. The affected vendors received the results directly and are now working on remediation.

    How Does a Cooperative Test Work?

    It typically starts with an initial suspicion. After a preliminary assessment, the NTC identifies suitable partners, jointly defines scope and timeline, and conducts the tests with the consent of all parties involved. All partners receive a final report documenting vulnerabilities, assessments, and actionable recommendations. The National Test Institute for Cybersecurity NTC also supports the responsible disclosure process.

    The Value of Cooperative Projects

      • Cost efficiency: Expenses are shared among partners.
      • System-wide benefit: Results strengthen the security of all participants.
      • Independence: Reports are delivered free from vendor or operator influence.

      Conclusion

      Cybersecurity is a collective responsibility. The cooperative projects of the National Test Institute for Cybersecurity NTC create security that would not otherwise exist—and sustainably strengthen Switzerland’s digital resilience. They serve as a model for efficient, cross-sector collaboration and demonstrate how targeted testing can effectively protect the public good.