FAQ : Consulting
Are you subject to the nFADP after a ransomware attack?
Yes. The nFADP (new Federal Act on Data Protection, in force since September 2023) requires notification to the FDPIC as quickly as possible if a personal data breach presents a high risk to the individuals concerned. A ransomware attack that has accessed or exfiltrated personal data triggers this obligation. Bexxo supports companies through this regulatory process as part of its intervention.
Can you recover data if we have no backup?
Yes, in many cases. Our data recovery experts — the same teams as SOS Data Recovery, active since 2006 — can extract data directly from physical media (hard drives, SSDs, servers, NAS) using advanced forensic techniques. Ransomware encrypts files, it does not necessarily destroy them at the physical level. The recovery rate depends on the type of ransomware and the condition of the media.
Do you need an internal CISO or can you outsource?
For a Swiss SME, outsourcing the CISO function (vCISO — Virtual CISO) is often more cost-effective than a full-time hire. Bexxo can fulfil this role: defining the security policy, attending management meetings, handling incident management and reporting — at a cost suited to your size.
Does Bexxo consulting cover nFADP compliance?
Yes. nFADP compliance (new Federal Act on Data Protection, Switzerland) is integrated into all our consulting engagements. We analyse your data processing activities, identify gaps, implement the required technical and organisational measures and provide you with the documentation needed in the event of an FDPIC inspection.
How long does a ransomware intervention take?
The initial intervention begins within 2 hours of contact. The total recovery time varies from 24 hours (data accessible via intact backups) to 5 to 10 business days for complex cases requiring forensic extraction or advanced decryption. An accurate assessment is provided after the initial analysis phase, before any commitment.
How much does a cybersecurity consulting service cost?
Our consulting engagements start from CHF 2,500 for an initial diagnosis. A full engagement (strategy + nFADP compliance + training) ranges from CHF 8,000 to CHF 35,000 depending on the size of the company and the scope. A personalised quote is provided after a free initial consultation.
Is cybersecurity training mandatory for SMEs?
The nFADP (in force since September 2023) requires organisational data protection measures, including staff awareness. Beyond the legal obligation, training is the most cost-effective prevention lever: 91% of cyberattacks start with a phishing email (KnowBe4), a threat entirely preventable through training.
Is it necessary to pay the ransom to recover data?
In the majority of cases, no. Paying the ransom does not guarantee recovery: 56% of organisations that paid only partially recovered their data (Sophos 2024), and 80% are re-attacked within the year. Bexxo first evaluates all technical options — decryption, backups, forensic extraction — before considering any negotiation, which always remains a last resort.
Is the analysis really free and without commitment?
Yes, unconditionally. The initial analysis is offered by Bexxo as part of our cybersecurity awareness initiative for Swiss SMEs. No credit card is required, no contract is signed. At the end of the analysis, if you are interested in additional services (in-depth audit, package, training), you will receive a detailed quote — which you are free to accept or decline. 68% of Swiss SMEs have never had a cybersecurity review (NCSC): this analysis is designed to remove that barrier.
What areas does the cybersecurity analysis cover?
The analysis covers 5 priority areas for SMEs:
- Network: firewall configuration, remote access (VPN), segmentation.
- Website: SSL/TLS, security headers, common vulnerabilities (OWASP Top 10).
- Authentication: password policy, MFA, administrator access management.
- Training: level of team awareness on phishing (91% of cyberattacks start with an email — Proofpoint 2024).
- Data: classification of sensitive data, nFADP compliance.
Depending on your needs, the analysis can focus on one or more specific areas.
What deliverables can I expect from a cybersecurity consultation?
You will receive a detailed action plan with customized recommendations and an implementation timeline. Bexxo also provides follow-up to measure progress and adjust the strategy as needed.
What do you receive at the end of the analysis?
At the end of the exchange with the Bexxo expert, you receive by email a personalized PDF report including: (1) a summary of the risks identified by area, classified by criticality (high/medium/low); (2) a prioritized action plan with the measures to implement first; (3) recommendations adapted to the size and sector of your company. You can view an example report via the link below. This report can be used as a basis for your internal audits or presented in the event of an nFADP inspection.
What is Bexxo's free cybersecurity analysis?
Bexxo's free cybersecurity analysis is a personalized assessment of your company's security posture, carried out free of charge and without commitment by a Bexxo expert. In a 30-minute exchange, we assess your risks across 5 areas: network infrastructure, website, access management (MFA authentication), team awareness on phishing, and classification of sensitive data. You then receive a written PDF report with the identified vulnerabilities and a prioritized action plan — identical to the report given to our paying clients.
What is cybersecurity consulting?
Cybersecurity consulting is a strategic support service provided by external experts designed to assess an organisation's risks, define an appropriate security policy and oversee its implementation. At Bexxo, our consultants draw on the ISO 27002:2022 standard and the NIST CSF framework to structure each engagement.
What is ransomware recovery?
Ransomware recovery is an emergency intervention process designed to restore access to data and systems encrypted by an attack, without yielding to cybercriminals' demands. It includes forensic analysis of the malware, searching for decryption tools, restoration from backups and, if necessary, data extraction directly from physical media.