Let's talk about security

Malicious QR codes bypass all your anti-spam filters. Discover how quishing targets your employees and the 5 essential steps to protect your Swiss SME from this rapidly growing threat.

• Tags:  
• quishing
• QR code
• phishing
• cybersecurity
• Swiss SME
• stolen credentials
• nLPD
• 2FA
• awareness
• BYOD
• secure messaging
• Bexxo

Shadow IT refers to the unauthorized use of digital tools within a company — and its variant, Shadow AI, is now one of the main sources of data leaks for Swiss SMEs. Every time an employee copies customer data into ChatGPT or stores files on their personal Dropbox, your sensitive data escapes all control. Discover the concrete risks associated with the revised Federal Act on Data Protection (nLPD) and the American Cloud Act, and the sovereign solutions to regain control without hindering the productivity of your teams.

Complete Shadow IT / Shadow AI guide for Swiss SMEs: nLPD risks, Cloud Act, sovereign solutions (Euria, kDrive, Proton Drive, SwissTransfer) and practical governance.

• Tags:  
• Shadow IT
• Shadow AI
• ChatGPT enterprise
• nLPD
• Cloud Act
• SME Cybersecurity
• Swiss Data Protection
• Euria Infomaniak
• kDrive
• SwissTransfer
• Proton Drive
• Artificial Intelligence
• IT Governance
• Swiss SME

1 in 6 Swiss SMEs has experienced a cyberattack — and 94% of passwords are reused. These 7 digital hygiene practices protect your organization without requiring technical skills.

• Tags:  
• digital hygiene
• Swiss SME cybersecurity
• phishing
• passwords
• backups
• nLPD
• French-speaking Switzerland
• awareness
• 2FA
• ransomware

The guide that transforms cybersecurity into 9 concrete actions for Swiss SMEs 10-250, with a 30/60/90-day plan adapted for both managers and IT teams (two reading paths).

• Tags:  
• Cybersecurity
• Swiss SME
• 2025 Guide
• Action Plan
• MFA
• Phishing
• Backup
• Zero Trust
• Least Privilege
• Crisis Management
• Executives
• IT

Automatic updates are the simplest and most effective cybersecurity measure to protect your Swiss SME: a one-time setup of just a few minutes is enough to block cyberattacks that exploit known vulnerabilities. According to the National Cyber Security Centre (NCSC), 60% of cyber incidents affecting Swiss SMEs exploit unpatched software flaws. Discover how to configure this essential protection without disrupting your daily operations, with solutions tailored to the realities of Swiss SMEs and the requirements of the revised Federal Act on Data Protection (nLPD).

• Tags:  
• updates
• computer security
• Swiss SME
• cyber protection
• system vulnerabilities
• ransomware
• nLPD
• IT maintenance
• windows update
• security patch
• risk management
• best practices

Do your SME employees use their personal smartphones, tablets, and computers for work? This practice, called BYOD (Bring Your Own Device), offers flexibility and cost savings, but it exposes your company to significant security risks: data loss, nLPD violations, or cyberattacks. This practical guide explains how to effectively manage BYOD with measures accessible to Swiss SMEs: define a clear policy, protect devices, separate professional and personal data, raise awareness among your teams, and prepare a contingency plan. Concrete advice, without technical jargon, to protect your business without overcomplicating things.

• Tags:  
• BYOD
• Mobile security
• Security policy
• Data protection
• nLPD
• Personal devices
• Access management
• Awareness
• Swiss SME

A weak password exposes your accounts, identity, and finances to cyberattacks in seconds. This practical guide explains exactly how to create memorable and unbreakable passwords, enable two-factor authentication, and adopt sustainable digital hygiene — without being a computer expert.

• Tags:  
• password
• cybersecurity
• 2FA
• how-to guide

Public WiFi exposes Swiss SMEs to cyberattacks that are invisible but very real. Discover 5 concrete measures to protect your business data on the go and maintain business continuity.

• Tags:  
• cybersecurity
• data security
• VPN
• digital protection
• cyber risks
• best practices
• secure connections

A backup security plan is a set of documented procedures that ensures the availability, integrity, and rapid restoration of an SME's critical data in the event of an incident. According to the Veeam Data Protection Trends 2024 report, 76% of companies experienced at least one major data-related outage in the past 12 months — and those without a tested backup plan took an average of 3 times longer to resume operations.

For an SME, adopting such a policy protects the company's reputation, ensures regulatory compliance (GDPR, Swiss nLPD which came into force in September 2023), and maintains customer trust. It's a measurable strategic choice: according to Gartner (2023), the average cost of unplanned downtime reaches CHF 8,500 per hour — a risk that a structured plan helps to avoid.

• Tags:  
• data backup
• business continuity
• backup plan
• PIPEDA compliance

Anti-phishing training is the process by which employees learn to identify and report phishing attempts via email, thereby reducing the risk of a successful cyberattack. According to the Verizon 2024 Data Breach Investigations Report, 68% of data breaches involve human error—meaning your teams are both your biggest vulnerability and your best line of defense.

Every company knows that cybersecurity is paramount. Yet, 95% of IT security incidents are caused by human error (IBM Security, 2023). Employees well-prepared to detect phishing form the most effective protection against cyberattacks. The good news? Training them has never been easier, faster, or more positive. PhishTrainer is designed for this: transforming individual vigilance into a collective strength, in less than 10 minutes of setup.

• Tags:  
• PhishTrainer
• Phishing
• Cybersecurity

June 2025 was marked by the publication of numerous vulnerabilities. The information is presented as a breakdown by category, highlighting various types of flaws such as injections, authorization issues, and other critical vulnerabilities.

In addition, the data is broken down according to the CVSS score.

• Tags:  
• statistiques

May 2025 was marked by the publication of numerous vulnerabilities. The information is presented as a breakdown by category, highlighting various types of flaws such as injections, authorization issues, and other critical vulnerabilities.

In addition, the data is broken down according to the CVSS score.

• Tags:  
• statistiques

Phishing is the attack technique behind more than 90% of cyber incidents in companies (Verizon DBIR, 2024). Every day, thousands of Swiss and European organizations are targeted by fraudulent emails aimed at stealing credentials, financial data, or deploying malware. Technical solutions alone—anti-spam, firewalls—are no longer sufficient against increasingly targeted attacks. PhishTrainer transforms your employees into the first line of defense with ultra-realistic phishing simulations, designed and hosted exclusively in Switzerland, in compliance with the Swiss legal framework on data protection.

• Tags:  
• PhishTrainer
• Phishing
• Prevention
• Training

No organization is immune to cyberattacks. According to ANSSI, the number of reported cyber incidents in France increased by 30% in 2023. The question is no longer if an attack will occur, but when. Anticipate, contain, and quickly restore your activities with a Cyber Action Plan (PAC) — your structured resilience framework for cybersecurity incidents.

• Tags:  
• Attacks
• PAC
• Plans

Small and medium-sized enterprises (SMEs) represent 99.8% of the European economic fabric, but are also the target of 43% of global cyberattacks (Verizon Data Breach Investigations Report, 2024). Under-equipped and often with low awareness, they remain exposed to increasing risks. Discover why SMEs are particularly vulnerable to cyber threats and what concrete measures can be taken to strengthen their IT security.

• Tags:  
• Vulnerabilities
• SME