New Cybersecurity-Check for SMEs: Practical measures against growing cyber risks

The new study, “SME Cybersecurity 2025”, reveals a dangerous discrepancy: The threat from cybercrime remains high, yet SMEs are responding with increasing hesitancy. Many companies lack clear organizational structures, defined emergency procedures, or regular security checks.

“Many SMEs know they need to act, but they lack guidance and clear priorities. The cybersecurity check highlights the most important levers– and shows how to get started with realistic steps,” says Andreas Kaelin, Alliance Digital Security Switzerland.

The cybersecurity check offers specific recommendations across five areas that are particularly relevant for Swiss SMEs:

•    Organization & Processes
•    Employees & Awareness
•    Technical Protective Measures
•    Data Protection & Legal Information 
•    External Partners & Service Providers

A self-assessment component helps companies determine their current maturity level and define concrete priorities. “Especially in cybersecurity, where risks are complex and dynamic, standards create reliability and guidance. The cybersecurity check translates these principles into clear, practical criteria for SMEs,” says Marcel Knecht, Swiss Association for Standardization (SNV).

The cyber study shows that external IT service providers play a central role for SMEs – but quality levels vary widely. “The CyberSeal provides guidance for SMEs by identifying service providers who demonstrably meet an appropriate security standard. The cybersecurity check also clarifies how external partners should be integrated effectively,” explains Florian Muff, Head of Auditors CyberSeal ADSS.