What You Need to Know about the Security Operations Center Market in Switzerland


The IT Security Swiss Conference ISSX 2023 of the renowned Vogel publishing house took place in the fall of 2023. What follows is notes from my keynote address.

Managed security services providers in Switzerland are seeing success with the security operations center (SOC) model.

Swiss companies – like companies everywhere – are facing increasingly sophisticated, frequent, complex and versatile cyberattacks. In addition to this, they are also struggling with a lack of qualified resources and the difficulty of constantly updating specialist knowledge. They are finding the kind of managed security services (MSS) that can help address this challenge.

Medium-sized companies, which are more impacted by the shortage of cybersecurity specialists than large companies, increasingly rely on the support of external service providers to overcome these growing challenges. These medium-sized companies are increasingly interested in MSS from SOC service providers, which have in the past been used primarily by larger companies.

New Target Groups Drive the Market

This new target group is fueling the rapid growth of the SOC services market in Switzerland. While the market size of these services was at 307 million Swiss Francs (SFR) in 2022, it reached 359 million SFR in 2023 and will grow to 424 million SFR in 2024. Between 2021 and 2024, the market will grow by an average of around 19% a year. This is exceptionally strong growth, even in the generally fast-growing market for cybersecurity services.

Figure 1: Market Volume Development of Security Operations Center (SOC) Services in Switzerland (Mio. SFR)

Success Factors for Providers in Switzerland

Providers are expected to be highly innovative to stay ahead in the race against cybercriminals. Some providers are expanding their SOCs into cyber defense centers (CDCs), where increasingly complex threats are countered with AI and automation. As cyber criminals leverage AI, cyber fusion centers have emerged as a supplement to existing SOCs to expand cybersecurity management to be more targeted and future-oriented by additional information and overarching expertise.

These requirements for the performance of providers apply to all countries. In Switzerland, there is one special success factor that has become even more important. This is the so-called "Swissness."

Swissness means that IT services are generated and operated in Switzerland. Although the global presence of providers is also important for large global Swiss companies, the option of obtaining managed security services from a SOC in Switzerland is often of interest to them, especially in industries that handle sensitive data, such as the banking industry, which is particularly important in Switzerland. The demand for SOC services from Switzerland is linked to the country’s special data protection requirements and the risks companies face given the data protection agreements with the U.S. that have been repeatedly declared invalid.

The Swiss market for SOC services is growing strongly. “Swissness” helps providers to benefit particularly strongly from this.
-Frank Heuer

Swissness is particularly relevant for medium-sized companies. In this target group, in addition to operating in Switzerland, it is also important to have contacts in Switzerland who speak the national languages. As the demand for SOC services in this target group is growing at an above-average rate, the importance of Swissness is also increasing. This is reflected in the ranking of Swiss SOC operators, as shown by the latest ISG Cybersecurity Provider Lens Switzerland 2023 report.

Figure 2: Swiss Providers Among the (Leading) SOC Operators

The vendor survey for the new 2024 ISG Provider Lens Cybersecurity study launched. The results will be published in the summer of 2024. The 2023 study is still available. If your company is represented in the above analysis and you would like to use the results, please contact us at isg-one.com.

Please also contact us if you offer cybersecurity products or services in Australia, Brazil, France, Germany, Switzerland, U.K. or the U.S. and have not yet received an invitation to the provider survey. Results are used to help enterprises find cybersecurity providers that offer the cybersecurity products and services they need.


About the author

Frank Heuer

Frank Heuer

Frank Heuer is a Senior Advisor at ISG Germany. His main areas of coverage include the digital workspace, communications, social business & collaboration, cloud computing with a special focus on workspace/unified communications & collaboration as a service, and security.

The focus of his work is on advising ICT providers on strategic and operational marketing and sales issues. Mr. Heuer act as speaker on conferences and in web casts and is a member of the IDG expert network.