The Management Update 2025 took place as usual in Zurich at Brasserie Lipp on the afternoon of January 29.

In his hour-long keynote speech, Prof. Adrian Perrig from ETH Zurich spoke about the creation and development of the highly available SCION network and ecosystem, which has been growing slowly but steadily over the last few years. It was founded at ETH-Z in 2009. The SCION network (Secure, Clean, and Isolated Network) provides a modern network architecture that aims to sustainably improve and stabilize the security, control, and isolation of data transmissions through cryptographic mechanisms that ensure the authentication and integrity of data.

In Switzerland, SCION is already being used by various sectors such as finance (Secure Swiss Finance Network – SSFN), healthcare (Secure Swiss Healthcare Network – SSHN = HIN trust circle) and research to ensure secure and reliable communication. The SCION ecosystem is growing worldwide.

The ultimate goal is to establish a global SCION research and education network with major network providers. SCION offers advantages over IPv4/IPv6, especially in terms of availability and latency. Competition drives adoption and a virtuous cycle will help SCION achieve the necessary breakthrough speed to enable a secure global Internet before the end of this decade. This development will significantly improve the security and efficiency of international data exchange. In addition, SCION provides a robust foundation for future Internet innovations. Prof. Perrig’s fascinating presentation – he was able to answer many questions directly or during the subsequent break – was greatly appreciated by the participants.

After the break, Bruno Wildhaber (krm) then presented the popular “Legal Update” with a critical assessment of the current initiatives in Parliament relating to digitalization and data governance: the eID story seems to be coming to an end, but it remains to be seen how successful it will be; the “Swiss Government Cloud” is moving tentatively towards digital sovereignty, but the current procurements speak a different language (award to Microsoft at the end of 2024 for 150 million without a tender). The big questions are posed by AI regulation. In the EU, the first provisions of the AI Act came into force on February 2, 2025. Switzerland, on the other hand, has missed the boat and the report on AI regulation is still delayed, let alone the adoption of corresponding legislation.

The lack of AI rules harbors risks such as violations of existing laws, new security risks and ethical concerns. The krm shows why “AI compliance” is needed in a governance framework (see AI compliance services of the krm).

Daniel Burgwinkel discussed the Information Security Act (ISG) and who is affected by it in Switzerland. The significance for the Swiss economy is that companies must check whether they fall under the ISG and comply with the reporting obligations to the BACS (Federal Office for Cybersecurity). In addition, companies in Switzerland must check in 2025 whether they are directly affected in the EU by the EU Directive NIS2 (“The Network and Information Security (NIS) Directive”).

The following presentation by Daniel Spichty on data sovereignty (Bruno Wildhaber spoke in place of the excused DS) focused on the relevance of digital sovereignty despite its different understandings and meanings, as well as on possible solutions for companies. The propagated strategy was summarized in an innovative acronym:

It goes without saying that these demands are diametrically opposed to the authoritarian “STARGATE” mega-project of the US tech giants. They have therefore become all the more important.

Dominik Sievi then spoke about the objectives and principles of the Confederation’s new GEVER strategy (to be published at the end of 2024) and the choice of a suitable GEVER solution. Conclusion: There is no longer a “GEVER” system, but a set of capabilities in the overall federal architecture that supports compliant information management for business-relevant information and allows business process control, management and processing; i.e. a. the “GEVER-compliant” use of M365 is simplified and is already an established standard in various organizations; b. the strategy is aimed at the large federal organization, cantons can use it as a guide. For municipalities, the effects are negligible; c. future GEVER of the federal administration should be put out to tender in the next few years. The speaker gave useful tips for a successful tender. Such tenders will form the basis for further GEVER development in Switzerland.

Finally, Jürg Hagmann and Michael Rumpf discussed the IG trends, which are logically dominated by AI. They began with a call to action:

On the cusp of the AI era, it is crucial for companies to recognize the fundamental role of information management (IM). It’s not just about having more data, it’s about managing the right data in the right way. It’s the eternal IM homework as a perennial issue: information lifecycle management (ILM) and robust records management as the sine qua non of effective AI. Without the “ILM&RM” foundation, no AI house will stand. The following four requirements are central to preventing the “data problem”:

• Data quality without ROT (redundant, out-of-date, trivial) =
• Data Cleanup always prevails,
• Data integrity,
• create semantically structured data (knowledge graphs, taxonomies, etc.).

The path to successful and ethical AI implementation is not about more complex algorithms or larger data sets. It is through smarter, more efficient information management. It is time for companies to bridge the gap between their AI ambitions and their data reality. Otherwise, it is foreseeable that data delusion will compromise any AI outcome.

Michael Rumpf pointed out that AI tools will not be able to do much more in 2025 than they did last year – simply much better! He explained the necessary & decisive basic AI skills as well as a differentiated view of the depth of AI value creation, which makes the difference in competition.

AI agents can play the role of game changers here. Various additional documents for the participants also document how the data problem can hinder AI success.

As always, there was an intensive exchange of ideas during the subsequent aperitif riche. The date of the krm update 2026 will be January 28. Reserve this day already!

The krm will explore the above-mentioned topics in greater depth in further newsletter articles in 2025.