The defence ministry has had its knuckles rapped for failing to assert Switzerland’s interests in an investigation into a cyberattack on the Ruag technology company in 2016.
A parliamentary control committee said the ministry had not done enough to insist on a thorough analysis of the attack in the strategic planning of the state-owned company.
The theft of an estimated 20 gigabytes of sensitive data was a serious problem, the committee said in a report published on Tuesday.
The control body said both the government and the defence ministry had acted swiftly in the wake of the discovery of the data theft. However, Ruag had taken some time to realise the risks linked to the attack and to take appropriate measures.
The finance ministry, in charge of IT systems of the government administration, is currently examining ways to unbundle the computer networks of the defence ministry and the technology company.
The control committee said it might take until 2023 to complete the process amid calls for a partial privatisation of Ruag.
swissinfo.ch with SDA-ATS/ug