Since 2018, the Federal Office for National Economic Supply (FONES) and numerous industry associations have recommended the implementation of the ICT Minimum Standard. For some industries, the standard is even mandatory: for Swiss energy providers since July 1, 2024, and for gas providers likely from July 1, 2025. This ensures your organization is optimally protected against cyber risks. As an independent consulting company, Redguard supports you in assessing your security level and develops a tailored implementation plan for your organization. With a systematic approach and attention to your organization's needs, we help you implement the ICT Minimum Standard efficiently.
Our specialists determine the maturity level of your organization according to the ICT Minimum Standard. We follow a systematic approach that considers not only the size (e.g., large companies, SMEs) but also the specific risk-based approach of your organization. Based on the status assessment, a current-to-target analysis (gap analysis) can be conducted. This identifies the areas requiring action within your organization and allows for the creation of an implementation plan.
Assessment process:
According to the risk-based approach of your organization, the ICT Minimum Standard allows for a degree of flexibility. We assist you in developing and implementing a pragmatic and cost-effective approach to comply with the ICT Minimum Standard, tailored to the specific conditions of your organization (e.g., personnel and financial resources).
Security is not a state that can be achieved once and for all. Rather, cyber security is a process that must be practiced, regularly reviewed, and improved. We help you not only comply with the standard but also establish a process tailored to your needs to continuously optimize your maturity level. The goal is to sustainably protect your organization against cyberattacks and ensure long-term compliance with the ICT Minimum Standard.
The ICT Minimum Standard serves as a recommendation and possible guideline for improving ICT resilience. It is primarily aimed at operators of critical infrastructures. However, it is also applicable to any company or organization and freely available.
To facilitate the application of the minimum standard in critical sectors, the Economic Supply of Switzerland, in collaboration with industry associations of the affected sectors, has established the minimum standard to address the specificities of certain sectors. This effort led to the development of sector-specific minimum standards for the following sectors:
If you have any questions or need assistance improving your cyber security framework, we welcome your contact