Geopolitical uncertainties and advancing cryptographic technologies are reshaping enterprise identity architecture. While organizations migrated from on-premises Active Directory to cloud solutions for better user experience, self-sovereign identity (SSI) frameworks now present a paradigm shift toward decentralized identity management.

This presentation examines how the Swiss E-ID transforms enterprise identity strategies beyond government services. We analyze technical foundations of SSI implementations, comparing zero-knowledge proof mechanisms with confidential computing approaches for secure credential storage and selective disclosure.

Microsoft 365 has become a cornerstone of enterprise productivity — and a growing target for sophisticated cyber threats. In this talk, we’ll explore how Swisscom’s B2B CSIRT has optimised the incident response process for Microsoft 365 through automation and expert-driven detection logic.

We’ll introduce Swisscom’s Next-Gen IR automation framework, which enables rapid, secure collection of forensic logs by registering a dedicated application in the customer’s tenant with appropriate permissions. This automation significantly accelerates the start of investigations and ensures comprehensive visibility across M365 workloads.

In this talk I will give you some insights into our work at the NCSC and the cyber threat landscape in Switzerland by presenting two real-world cases that we have handled this year.

In the first part, I will show how a suspected nation state threat actor used an Open-Relay-Box (ORB) network in Switzerland to attack an NGO in Switzerland. In the second part, I will shed some light into suspected DPRK activities that are targeting employees of Swiss Crypto Firms with fake job offers.