Keynote: How uncompromising security-by-desing approaches can radically improve SME cyber security. presented at FSC 2020

by Arie Malz,


Summary : Information and IT Security is a major and unsolved challenge for the SME in Switzerland. This is a crucial issue because SME are the backbone of the Swiss economy. On the other hand, the larger SMEs are forced to invest in digitization and digitalization to remain competitive. This creates an environment of great risks for IP theft, blackmail, insecurity, unknown risks, and long-term distrust, in B2C as well as in the B2B context. Yet, up to now the overwhelming majority of their cybercrime costs for these companies undiscovered or undisclosed underreported to avoid reputational damage resulting in the fact that a vast majority of the SME either underestimate the risk, underinvest and primarily misallocate investments in capabilities and know-how to cope with these challenges.Can the application of uncompromising security-by-design be the answer to protecting at least the most sensitive SME data and processes? If so how do we define it and measure it? What is the role of proper standards-setting and certification bodies?