Cybersecurity cannot be managed in silos. It is this shared conviction that gave rise to the partnership between Data Guardians and Cheops Technology. On one side, a Security Operations Center (SOC) operated entirely in Switzerland, ISO 27001-certified, providing round-the-clock (24/7) monitoring and incident response. On the other, an audit & consulting firm specialising in governance, regulatory compliance and support towards certifications in the fields of information security and personal data protection (ISO 27001, CyberSafe, etc.).
Together, we now cover the entire cyber spectrum: from establishing a robust, certifiable governance framework to detecting a threat in real time. For our clients, this means one concrete thing: genuine, comprehensive cyber maturity, built on two complementary areas of expertise, both rooted in Switzerland.
Why this partnership?
The current situation in Switzerland no longer leaves room for improvisation. According to the Federal Office for Cybersecurity (FOCS), nearly 65,000 cyber incidents were reported in 2025 — a historically high volume — with attacks that are increasingly targeted and sophisticated. Moreover, since 1 April 2025, operators of critical infrastructure have had a legal obligation to report cyberattacks to the FOCS within 24 hours.
Against this backdrop, two needs are increasingly present among Swiss organisations, particularly SMEs and players in regulated sectors (healthcare, finance, public services): the operational capacity to detect and handle an incident in real time, and the organisational capacity to demonstrate security governance that complies with legal and regulatory requirements.
Few providers in Switzerland master both. This is precisely what this new partnership sets out to solve.
Two complementary areas of expertise rooted in Switzerland
Cheops Technology: detection and operational response
Established in Geneva since 1987, Cheops Technology operates a Security Operations Center (SOC) hosted in Switzerland, whose security services are ISO 27001-certified. Its CERT (Computer Emergency Response Team) centre is also accredited and a member of international cyber-threat information-sharing networks, including FIRST and Trusted Introducer.
In practice, Cheops’s teams deliver continuous monitoring of client environments: vulnerability management, event correlation via SIEM (Security Information and Event Management), threat hunting, malware analysis, threat intelligence, through to incident response and forensic analysis. In the event of a confirmed attack, its CERT team intervenes according to a proven methodology — from detection to continuous improvement — aligned with the best practices of the ISO/IEC 27035 standard on incident management.
Data Guardians: governance, compliance and certification
Data Guardians supports organisations on the strategic and regulatory side of cybersecurity: implementing information security management systems (ISMS) in line with ISO 27001, personal data protection in accordance with the FADP and the GDPR, risk analyses, and preparation for certifications (ISO 27001, ISO 27701, CyberSafe).
Our role: turning legal and regulatory requirements into an operational, documented and auditable governance framework that holds up over time.
What the partnership changes for you
When an incident occurs, detection is not enough: the event must also be qualified, reported to the relevant authorities where the law requires it, and the right lessons drawn from it. Conversely, a certified ISMS without a real and effective detection capability remains a theoretical framework. By combining Cheops’s SOC with the governance provided by Data Guardians, our clients gain access to a complete chain: prevention, detection, response, compliance and continuous improvement.
CERT, CSIRT, SOC: Who does what?
These three acronyms come up constantly whenever detection and incident response are discussed, and they are often confused. As part of this new partnership, here is a simple reference point to help you see things more clearly:
| SOC (Security Operations Center) | CSIRT (Computer Security Incident Response Team) | CERT (Computer Emergency Response Team) | |
| Main role | Continuous (24/7) monitoring of systems and networks; threat detection | Operational response to confirmed security incidents | Strategic threat intelligence, coordination and specialised expertise |
| Posture | Preventive and defensive | Reactive (the “firefighters” of cyber) | Strategic and forward-looking |
| Scope | A single organisation (in-house or outsourced) | A single organisation, often activated by the SOC | Multiple organisations; sectoral, regional or national scale |
| Example activities | SIEM alert analysis, vulnerability management, threat hunting | Containment, eradication, return to normal, forensics | Threat bulletins, threat-intelligence sharing, support on major incidents |
In practice, these scopes are permeable and may vary from one organisation to another: a single provider can wear all three hats. This is the case for Cheops Technology, whose SOC ensures continuous monitoring, whose CSIRT handles incidents, and whose accredited CERT centre takes part in international threat-sharing networks.
Structured incident response, from the first alert to lessons learned
Under the partnership, an organisation facing a cyberattack or a suspected incident benefits from structured handling: doubt removal to distinguish a confirmed incident from a false positive, then, where applicable, containment of the threat, eradication, system restoration and a post-mortem review. Forensic analysis can round out the process when usable digital evidence needs to be gathered — for instance, with a view to legal proceedings or a notification to the Federal Data Protection and Information Commissioner (FDPIC).
Data Guardians can work in parallel on the governance dimension of the crisis: legal qualification of the incident (data breach within the meaning of art. 24 FADP or art. 33 GDPR), support with mandatory notifications, updating of the incident response plan, and integration of lessons learned into the client’s ISMS.
Conclusion
This partnership therefore rests on a simple observation: in cybersecurity, technology without governance is blind, and governance without operational capability is powerless. By bringing together a Swiss ISO 27001-certified SOC and recognised expertise in compliance and certification, Data Guardians and Cheops Technology offer Swiss organisations a unique solution covering both dimensions.
Cyber maturity assessment, 24/7 monitoring, preparation for a certification: get in touch — we would be glad to build what comes next with you.
Sources: FOCS — Cyber threat situation reports; Cheops Technology Switzerland — SOC and CSIRT in Switzerland

