The voluntary measures include training for staff, inventories of hardware and software and early threat detection, among others.
Based on the internationally recognised Cybersecurity Framework devised by the US National Institute of Technology, the new “minimal standard” has been developed with the input of key industries, the Swiss government said in a statement.
Its unveiling comes just two weeks after Swiss weekly SonntagsZeitung revealed that around 15,000 email addresses and passwords belonging to Swiss government employees, including those of top officials, had been leaked and were being traded online.
The measures also arrive shortly after Swiss authorities shelved a two-year investigation into a huge cyberattack at government-owned Swiss arms maker Ruag in 2016. Around 20 gigabytes of data is thought to have been stolen.
The attack was thought to be Russian in origin, Swiss media reported at the time, although this never been officially confirmed. The Swiss military was this year criticized by a parliamentary committee for failing to adequately plan for cyberattacks.
But critics say the new voluntary Swiss measures may not go far enough. Socialist MP Edith Graf-Litscher told Swiss daily Tages Anzeiger they were a step in the right direction but said mandatory reporting to the government about cyberattacks on critical infrastructure was both much-needed and long overdue.