Contact
c/oFinancial Directorate of the Canton of Zug
Baarerstrasse 53
6300 Zug
scroll

Why is security testing necessary?

The advancing digitalisation in public administration, industry and civil society is leading to a steadily growing risk, which is due, among other things, to the use of untrustworthy digital products. The security and independence of Switzerland is particularly at risk if insecure cyber-physical components are used in the operation of critical infrastructures such as the

energy supply, financial market, transport and communication infrastructure, hospitals and water supply, police and army. In addition, Switzerland faces an unacceptable risk when millions of potentially insecure components are used in the economy and civil society, be they network routers, messaging services, collaboration and video platforms, and IoT devices.

57%

of all IoT devices are vulnerable to cyberattacks. Often the consequences of a breach are severe.

Source: 2020 Unit 42 IoT Threat Report | Paloalto Networks (2020)

98%

of all data traffic via IoT devices is unencrypted. This means personal and confidential data is exposed on the network.

Source: 2020 Unit 42 IoT Threat Report | Paloalto Networks (2020)

60%

of all cyber attacks are due to non-updated software. Most of them could be avoided.

Source: Costs and Consequences of Gaps in Vulnerability Response | Ponemon Institute (2019)

Mission

The National Test Institute for Cyber Security NTC tests networked components for their cyber security on behalf of the Confederation, cantonal and municipal authorities, industry as well as universities and NGOs.

The NTC guarantees independent and in-depth testing of the security and trustworthiness of cyber-physical components and makes a strategic contribution to maintaining Switzerland's security and independence.

Contact
NTC | Mission

The institution

The NTC is a national test centre for independent and in-depth testing of the security and trustworthiness of cyber-physical components. It is building up its own testing and research infrastructure in the canton of Zug and works closely with universities, private providers of security tests and international test centres.

The NTC has existed as an association domiciled in the canton of Zug since December 2020.

Legal documents

for NTC customers
General test specifications NTC (german)

for suppliers of NTC customers
Memorandum of Understanding (englisch)

Statutes NTC
Statutes of the Association NTC (german)

Principles

Focus on maintaining Switzerland's security and sovereignty
Priority is given to audit mandates relating to critical infrastructures, authorities such as the police and the army, as well as audits of networked components that are used in large numbers in the Swiss economy and civil society.

Independence
Independence from all manufacturers has top priority. Financial participation by product manufacturers and service providers is excluded. Any influence of persons and organisations on self-determination and objectivity is completely prevented.

Relationship with the private sector and other stakeholders
The security analysis and assessments carried out by NTC are based on international recommendations and standards, which are extended whenever a deeper analysis is necessary. NTC draws on the numerous existing competencies from private industry, research and educational institutions in Switzerland and abroad to ensure assessments with the appropriate level of competence.

Market neutrality
There is no direct influence on the market for hardware and software components. Tests are not carried out with the purpose of increasing sales promotion by manufacturers or dealers.

NTC | Principles

About us

Team

Annalena Tosi
Finance, Project Management

Annalena Tosi has been working with ICPRO on a wide range of projects and mandates since 2013. As a project manager, she facilitates the successful set-up and management of organisations in the field of digitalisation, politics and cybersecurity. Next to finances and controlling, her area of responsibility also includes communications, conceptual and organisational tasks. She currently attends to the development of the National Test Institute for Cybersecurity NTC and of the Alliance for Digital Security Switzerland ADSS. Also, she supports the policy and cybersecurity departments of the umbrella organisation digitalswitzerland. Within the management of the former umbrella organisation ICTswitzerland (until the merger with digitalswitzerland 2020), Annalena took over the management of the project management and association's administration. During that time, she organised and accompanied the parliamentary seminars in Shenzhen (2014), San Francisco Bay Area (2017) and Israel (2018). Under her project management, Switzerland presented itself as the partner country of CeBIT (2016), at that time the largest trade fair for information technology. Born in Hamburg, she lived in Berlin for many years and studied economics at Freie Universität zu Berlin, specialising in econometrics, finance, growth and business cycle policy. For the past twelve years, Annalena Tosi has been living in Switzerland, where she started her family.

Annalena Tosi

Finance, Project Management

Partner

Supported by Canton Zug

A project initiative of the Canton of Zug

Swiss Confederation NCSC

Specialist support from the National Cyber Security Centre NCSC

NTC | Our partners

Emergence and milestones

Juli 2020

Publication of initial concept

Publication of the concept paper on the creation of a testing institute for networked devices from the point of view of cyber security.

To the concept paper (german)
Oktober 2020

Assessment of requirements

A survey among operators of critical infrastructures confirms the need for a national cyber security testing institute.

To the results (german)
Dezember 2020

Parliamentary initiative

Motion Franz Grüter "Participation of the Confederation in the establishment and operation of the National Test Institute for Cyber Security".

The proposal (german)
Dezember 2020

Founding of the association

Foundation of the association "National Test Institute for Cyber Security NTC" and entry in the Commercial Register of the Canton of Zug.

Januar 2021

Go-Live of the website

In January 2021, the website for the National Cyber Security Testing Institute NTC went live.

Juni 2021

The first orders

On behalf of the National Cyber Security Centre NCSC, the NTC audits the functionalities and security of the Swiss Covid certificate system.

On behalf of an IT service provider for medical, the security of its services was audited.

August 2021

Motion of the Government Council of the Canton of Zug

A cantonal Council resolution concerning the contribution of the Canton of Zug was created to support the establishment of the NTC.

To the application (german)
March 2022

Unanimous positive decision of Cantonal Council of the Canton of Zug

The Cantonal Council Zug decided positively and unanimously on 31.3.2022 on the allocation of CHF 7.55 million as proposed by the Government Council for the National Cyber Security Test Institute NTC.

Contact

Contact

Leave your contact details so that we can respond to your request:

Nach oben