The "Beirat Cyber-Defence" of the Federal Department of Defence, Civil Protection and Sport (DDPS) together with the Swiss Academy of Engineering Sciences SATW organized the event "cyber sovereignty" on 20 September 2017 in Bern.
SATW’s Vice President Eric Fumeaux welcomed the approximately 70 people invited to the event. He introduced SATW and its tasks and handed over to Adolf Doerig, chairman of the DDPS’ "Beirat Cyber-Defence", who explained the background and the objectives of the event. In the first part, the results of the workshops on cyber sovereignty, which took place in the afternoon with selected experts, were presented to the public. After an aperitif a panel discussion followed and finally, as highlight of the evening, Federal Councillor Guy Parmelin, Head of the DDPS, addressed the audience..
Reto Brennwald chaired the panel discussion with Dominique Andrey, Military Advisor to Federal Councillor Guy Parmelin, Professor Lino Guzzella, President ETH Zurich, Peter Gruetter, President asut, Pascal Kaufmann, CEO Starmind, and Professor Martin Vetterli, President EPFL. Is there such a thing as cyber sovereignty? If not, it would have to be created, answered Dominique Andrey. And if not for the whole of Switzerland, at least for its armed forces. They need sovereignty, i.e. authority, in order to fulfil their tasks. Peter Gruetter asked whether "sovereignty" was the right term. There is no territorial sovereignty in cyberspace and Lino Guzzella raised concerns that there was no power monopoly either. Nevertheless, a nation must protect certain domains such as its critical infrastructures or health care system. This requires concerted action by the government, research institutions and the industry.
Is it a core problem that hardware and software of our systems are not manufactured in Switzerland? According to Pascal Kaufmann there is a need for greater awareness of data. Personally, he deliberately discloses data if the benefit is right. However, Switzerland can play a leading role in terms of security and data and there are niche products with great potential in this country. Martin Vetterli cited Israel as an example of a small country that has achieved cyber sovereignty and has become a world leader. However, Israel has other geopolitical challenges. "The problem is that we are not aware that we have no sovereignty. Our data goes to California and is then sold back to us.” Lino Guzzella agreed, mentioning Swiss products that could solve the problem: “There are solutions at our universities to prevent data export. The Swiss army would also benefit from this". With regard to Israel, Peter Gruetter said that Switzerland would never be willing to invest such a large amount of money in security. However, it is necessary to explain to the people the advantages of cybersecurity. There is a lot of catching up to do in this respect.
Reto Brennwald wanted to know, who should take the lead "This is a political question”, said Martin Vetterli. However, he sees a responsibility for the universities who are service provider to the government. Furthermore, the subject cannot be assigned to a single federal department, it probably concerns all of them. According to Pascal Kaufmann, companies play a major role: Business models based on Swiss quality are successful. Lino Guzzella mentioned the crypto valley: A global ecosystem is growing up in Zug, without any top-down control. Local politicians provided a good framework and then withdrew. Whoever creates a crypto currency today, goes to Zug. "You have to attract the right people and have to let them work. Above all, they must not be hindered.” According to Martin Vetterli, it is important to create a market: "When money is invested, something will happen." Dominique Andrey said that the cantons and the people are reluctant when something comes from Bern: "A dictation from above is not realistic in Switzerland." Peter Gruetter argued that the roles should be clarified first, for which this event was an important first step. Should cyber sovereignty be enshrined in the constitution? While some people were cautiously positive, Dominique Andrey considers this to be unnecessary: It is implicitly covered by article 2 of the federal constitution.
The highlight of the evening was the security policy vision of Federal Councillor Guy Parmelin. He thanked the organizers for their foresightedness in putting the topic on the agenda. “The discussion on cyber sovereignty leads us to the heart of security policy", he made clear. He said that it was a sensitive and complex topic for which he was strongly committed. Great challenges must be faced in the near future. We are confronted with a geopolitical situation that is unsettling. "That's why we have to invest, because there is no security at zero cost." He emphasized three important developments in cyberspace: more and more cyberweapons are circulating. Vulnerability is increasing as the number of poorly secured systems explodes. After all, there are fewer and fewer possibilities to protect oneself simply and cheaply. The situation is therefore developing unfavourably. That is why he signed the Cyber-Defence Action Plan in June. However, everyone, including the DDPS, is confronted with the challenge of finding a balance between the already gloomy reality and irrational fears. In addition, the necessary resources must be found, especially qualified staff members.
One has to look further: Whoever buys a technical device today has to ask himself whether he can master it. The answer is no! Whether it's a smartphone or a bomber, both contain thousands of lines of code. Where are the weak points? Who's got the key for breaking the codes? Guy Parmelin cited many more examples to illustrate the challenges. Instead of just seeing dangers, it is important to take advantage of the opportunities. One has to find out where one stands and not unnecessarily reinvent the wheel. He said he wanted to see more cooperation between all those who could bring in expertise and resources. Neither Switzerland nor the DDPS are islands. The digitalisation brings about profound changes. We must provide the means to meet this challenge and become independent actors, not passive or even ignorant consumers."
Adrian Sulzer, Head of Communications and Marketing, phone +41 44 226 50 27, adrian.sulzer(at)satw.ch
