⚠ NCSC: Week 18: Parcel phishing with a devious twist – The "double phishing" scam 🔴 CVE: Critical vulnerabilities tracked — CVSS ≥ 9.0 📰 Swiss Security Insights — Cybersecurity for Swiss businesses ⚠ NCSC: Week 18: Parcel phishing with a devious twist – The "double phishing" scam 🔴 CVE: Critical vulnerabilities tracked — CVSS ≥ 9.0 📰 Swiss Security Insights — Cybersecurity for Swiss businesses

About

Independent cybersecurity intelligence for the Swiss landscape.

Swiss Security Insights is an independent publication covering cybersecurity threats, regulations, and best practices as they apply to Switzerland and Swiss organisations operating globally.

My name is Marco Scarito. I am an Information Security Architect based in Lugano, working in the Swiss financial sector. My background spans security architecture, cyber defence, and security operations — built through years of hands-on work in SOC environments and governance roles. I hold a degree from the Università degli Studi di Milano and professional certifications including CISSP and CISM.

Switzerland presents a unique security landscape: a dense concentration of financial institutions, pharmaceutical companies, international organisations, and high-value targets — combined with a regulatory framework that is distinct from but increasingly aligned with European standards. Generic global security advice often misses the nuances that matter here.

This blog exists to fill that gap. Writing from within the Swiss financial sector gives me a practical, ground-level perspective on the threats and compliance pressures that Swiss organisations actually face — not the ones that make headlines abroad. Three articles per week, written in plain English, covering threat intelligence, regulatory developments, incident analyses, and actionable guidance.

All views expressed here are my own and do not represent those of my employer. I am not affiliated with any vendor, government body, or political organisation.

What You Will Find Here

Threat Intelligence — Analysis of attack campaigns, malware families, and threat actors relevant to Switzerland.

Regulatory Coverage — Plain-English explanations of the nDSG, FINMA circulars, NIS2 implications for Swiss companies, and ISO/IEC standards.

Incident Analysis — Forensic reviews of notable incidents affecting Swiss organisations, with lessons for defenders.

Best Practices — Practical, implementable guidance that does not require an enterprise security budget.

Editorial Process & AI Use

Research, analysis, and editorial judgement are always my own. I use AI-assisted tools to accelerate drafting and structural organisation. Every article is reviewed, fact-checked, and edited by me before publication. Responsibility for accuracy and opinion rests entirely with me as the named author.

MS

Marco Scarito

Information Security Architect | CISSP · CISM

Based in Lugano, I work as an Information Security Architect in the Swiss financial sector. I write about cybersecurity threats, Swiss regulatory developments, and digital resilience — drawing on hands-on experience in security architecture, SOC operations, and governance.

LocationLugano, Switzerland (Ticino)
RoleInformation Security Architect, Swiss Financial Sector
CertificationsCISSP · CISM
LinkedInlinkedin.com/in/marcoscarito
Publishing3 articles per week

Areas of Focus

SOC / SIEM ISO 27001 Threat Intel ITIL / CoBIT nDSG / FINMA OWASP Incident Response GRC