‘Despite numerous cyberattacks, our service counters remain open’
Six cantons in Eastern Switzerland join forces against cyberattacks, with a joint early warning system from
Swisscom that provides 24/7 protection for public authorities.
Managed Security Services for St. Gallen and five other cantons
- Mandate: build and maintain secure IT services for public and economic activities
- 20 employees
- Primary responsibility for cross-cantonal cybersecurity solution
- Comprehensive cybersecurity solution for St. Gallen and five other cantons
- Consulting, planning, implementation and operation from a single source
- Favourable terms thanks to economies of scale
6 cantons, 1 solution: standing together against cyberthreats
17 percent of all cyberattacks worldwide target public authorities – that is according to the Microsoft Digital Defence Report 2025. This means that the state, cantons and municipalities are among the top-ranking targets of cybercriminals. And yet public authorities often lack the resources required to strengthen their resilience against increasingly frequent and sophisticated attacks.
The governments of six cantons in Eastern Switzerland are all too aware of the risks. Appenzell Innerrhoden and Ausserrhoden, Glarus, Schaffhausen and Thurgau have joined forces, led by the canton of St. Gallen, to purchase a solution that offers reliable protection against cyberattacks. Their joint tender in 2024 set out to identify a suitable provider of Security Operations Center (SOC) and Security Information and Event Management (SIEM) services.
Limited in-house resources versus increased risk
To build and run a proprietary cyber early warning system is too much, on multiple levels, for
cantonal IT departments to handle. Experts are hard to come by, budgets are tight and the
required specialist infrastructure is expensive. “We don’t have the resources to facilitate 24/7
monitoring of our IT infrastructure”, explains Stefan Bösch, Cybersecurity Coordinator for the
canton of St. Gallen. “What’s more, we don’t manage the IT ourselves; it is outsourced. Our
service provider is unable to provide seamless monitoring – there are still blind spots.”
So what prompted the search for a high-performance analysis and monitoring solution? Stefan
Bösch: «The threat situation has intensified and policymakers are calling for action. We are
recording significantly more DDoS and malware attacks than ever before. Security is an essential
component of the cyber strategy for the canton, which stipulates that we should deploy a Security
Operations Center (SOC) for round-the-clock monitoring. »
SOC enables rapid response
In the canton of St. Gallen, the new early warning system from Swisscom is already up and
running. The project took only four months to complete, from kick-off to commissioning. The
canton of Glarus has also launched the SOC, and the project is under way in the canton of
Appenzell Ausserrhoden. The remaining cantons will follow suit in due course. The ‘Security
Operations Center as a Service’ model encompasses state-of-the-art Security Information and
Event Management (SIEM) and SOAR (Security Orchestration, Automation and Response)
solutions. These provide the cantonal IT departments with an overview of security incidents, allowing them to react quickly where necessary. Complex cyberattacks are detected and averted efficiently – by isolating an infected PC, for example.
The citizens benefit from the increased security, too – which, ultimately, was the primary goal of the project. «Ideally, they shouldn’t notice a thing», says Stefan Bösch. «Even under heightened threat conditions, with multiple attacks ongoing, we can keep the government services running – our service counters, both virtual and physical, remain open for business. »
The canton of St. Gallen is leading the way in cybersecurity.
Why choose Swisscom?
By purchasing a powerful cyber early warning system as a group, the six cantons of Eastern Switzerland have significantly improved their security situation. And they have done so on favourable terms, as Stefan Bösch explains: «Thanks to our joint project, we benefit from lower prices. We also have cost security – the price is fixed for the next five years. » Swisscom also has a team of security specialists with extensive expertise and many years of experience.