The Swiss National Cyber Security Centre (NCSC) published its consolidated figures for 2022: over 34,500 incident reports, with steady growth compared to previous years.
The most prevalent threats
Among the most represented categories in the report:
- Fake extortion emails — approximately 33% of total reports. These are messages claiming to have recorded the recipient in compromising situations and demanding a cryptocurrency payment to avoid releasing the material
- Phishing — attempts to steal banking credentials, corporate login details or personal information via email and counterfeit websites
- Online fraud — fake sales, non-existent listings, e-commerce platform scams
What it means for SMEs
Small and medium-sized enterprises are often the preferred target because they combine valuable business data with less robust protection systems than large organisations. The average cost of an incident — between operational downtime, recovery and potential penalties — frequently exceeds the cost of a preventive security investment.
NCSC recommendations
The NCSC recommends as minimum measures for companies:
- Two-factor authentication on all critical services
- Regular verified backups, stored offline or on isolated systems
- Periodic staff training on recognising suspicious emails
- Timely updates of operating systems and software
The full report is available on the official site ncsc.admin.ch.
Sources
- NCSC — Semi-annual report 2022/2: ncsc.admin.ch — Halbjahresbericht 2022/2