top of page
Reto Zeidler
Leader | Advisor | Lecturer
“Leadership in security means to ensure that security creates value to the business and the people.”
Not the typical "security guy" but a visionary leader in the field of information- and cyber security with more than 20 years of experience in various industries and regulated environments. Member of multiple national and international security communities and Lecturer at the Lucerne University of Applied Sciences, author and contributor to many papers, articles as well as keynote speaker.
Resources for Students & Professionals
Latest News & Trends
Risk and Compliance
Managed Security Services Are Optimised for Detection, Not Survival
How Managed Security Service Providers (MSSPs) are perceived is clear. They are expected to reduce operational risk, help with compliance and respond fast when things go wrong. ENISA's 2025 MSS Market Analysis reveals that this falls often short, especially once incidents move beyond detection. Here are the key gap's between what customers demand, what suppliers deliver and regulators expect. ENISA’s 2025 MSS Market Analysis was informed by a broad survey of stakeholders acr
The Cyber Resilience Act is not a product regulation. It is a leadership test.
Over the past two years, a recurring pattern has emerged in incidents across Europe. Vulnerabilities in widely used software components are discovered late, patched unevenly, and communicated poorly. When exploitation follows, the damage spreads across entire ecosystems, not just single organisations. Regulators responded accordingly. The EU Cyber Resilience Act, adopted in 2024 and entering application from 2027, shifts attention to the security of digital products placed on
Supply Chain Risk: How a Shared Software Target Disrupted Heathrow & Brussels in One Weekend
Between Fri night, 19 Sept, and Sun, 21 Sept 2025, ransomware targeting Collins Aerospace’s MUSE check-in/boarding software disrupted...
Blindspot Third-Party Risk Management - What CISOs and CROs Need to Know
Third-Party Risk Management (TPRM) has become critical as supply chain attacks surge by 431% since 2021. The 2024 CrowdStrike incident...
EU Digital Operation Resilience Act and Why It Matters for Swiss IT Service Providers
The Digital Operational Resilience Act (DORA) establishes a comprehensive regulatory framework for digital resilience in the EU financial sector, effective January 17, 2025. DORA applies to virtually all financial entities and critically extends to their ICT third-party service providers, regardless of location. Service providers to EU financial institutions must comply with stringent requirements for risk management, incident reporting, testing, and business continuity plann
How to Create an Effective AI Security Policy for Your Organization?
AI adoption has exploded since 2023, creating productivity gains but introducing significant security risks including shadow AI, prompt...
AI in Cyber Security
AI and Cyber Security
Defending Democracy: Why We Must Treat the Information Space as Strategic Terrain
ccording to the article, the best-known Russian outlets, Russia Today and Pravda, publish between 800 and 900 articles per month in Switzerland, most of which qualify as disinformation. This is not isolated to Switzerland: across Europe, governments and multi-national organizations are recognizing that hybrid threats, blending cyber, information, and influence operations, are increasing in frequency and sophistication.
How to Create an Effective AI Security Policy for Your Organization?
AI adoption has exploded since 2023, creating productivity gains but introducing significant security risks including shadow AI, prompt...
Fake It Till You Make It: Deepfake in Today's Threat Landscape
The evolution of deepfake technology in cyberattacks has accelerated dramatically in 2024 and 2025. The most spectacular example is the...
Leadership and Security
Defending Democracy: Why We Must Treat the Information Space as Strategic Terrain
ccording to the article, the best-known Russian outlets, Russia Today and Pravda, publish between 800 and 900 articles per month in Switzerland, most of which qualify as disinformation. This is not isolated to Switzerland: across Europe, governments and multi-national organizations are recognizing that hybrid threats, blending cyber, information, and influence operations, are increasing in frequency and sophistication.
EU Cybersecurity Forecast 2026: What Leaders Must Reframe Now
Across the EU, threat intelligence and policy analysis point to the same pattern: attackers are combining AI-enabled techniques with geopolitical objectives, while organisations struggle to align cyber resilience with decision-making speed. At the same time, regulatory expectations are rising. NIS2 enforcement, DORA supervision, and data protection scrutiny are converging. Leaders are being asked not just whether controls exist, but whether governance actually works under str
Guide for free Cyber Security Training for Beginners and Practitioners (2026)
Updated guide for free cyber security training resources for beginners and advanced professionals.
Managed Security Services Are Optimised for Detection, Not Survival
How Managed Security Service Providers (MSSPs) are perceived is clear. They are expected to reduce operational risk, help with compliance and respond fast when things go wrong. ENISA's 2025 MSS Market Analysis reveals that this falls often short, especially once incidents move beyond detection. Here are the key gap's between what customers demand, what suppliers deliver and regulators expect. ENISA’s 2025 MSS Market Analysis was informed by a broad survey of stakeholders acr
The Cyber Resilience Act is not a product regulation. It is a leadership test.
Over the past two years, a recurring pattern has emerged in incidents across Europe. Vulnerabilities in widely used software components are discovered late, patched unevenly, and communicated poorly. When exploitation follows, the damage spreads across entire ecosystems, not just single organisations. Regulators responded accordingly. The EU Cyber Resilience Act, adopted in 2024 and entering application from 2027, shifts attention to the security of digital products placed on
Zero Klicks: AI will not kill the Internet but quietly the business models that are built on..
The underestimated economic implication of Zero-Click Searches.
bottom of page