Swiss Army Must Rebuild IT for 200 Million: Financial Control Warns of Implementation Risks

Summary

The Swiss Army is rebuilding its IT infrastructure for a total of 200 million francs – in response to a suspected Russian cyber attack on RUAG a decade ago. The project separates "mission-critical" military systems from civilian federal IT, which will be operated by the Federal Office of Information Technology in the future. The federal financial control (EFK) attests to the planning process's success but warns of the implementation phase (iTASK-U, 100 million francs): leadership gaps and incomplete control instruments pose risks. Parliamentarians from the SVP and Greens demand strict oversight and feel poorly informed.

People

• Martin Pfister (Federal Councillor, Defence Department)
• Thomas Süssli (former Army Chief, Project Manager)
• Mauro Tuena (SVP Security Policy Politician)

Topics

• Cybersecurity and Critical Infrastructure
• IT Governance and Project Management
• Budget Responsibility and Parliamentary Oversight
• Russian Cyber Espionage
• Digital Defense Architecture

Clarus Lead

The 200-million project comes under pressure because the financial control rates success prospects only "with reservations" and criticizes leadership gaps following Army Chief Süssli's departure. The contradiction is politically explosive: originally, IT disentanglement was supposed to save costs, yet instead the budget doubles by 100 million for the implementation phase. This endangers the trust of IT-experienced parliamentarians like SVP politician Mauro Tuena and Green representative Gerhard Andrey, who both demand strict external oversight – a sign of growing skepticism toward Federal IT projects following repeated cost overruns.

Detailed Summary

The cyber attack on RUAG (reportedly carried out by Russia) a decade ago revealed a critical architectural weakness: Army IT was tightly networked with the defense contractor and other federal IT systems, which allowed attackers to cause manifold damage. Back then, Defense Minister Guy Parmelin launched the iTASK project (Intelligence Technology Architecture Separation and Knowledge) to isolate mission-critical systems spatially and organizationally.

The planning phase (116 million francs through end of 2026) has created functioning disentanglement instruments according to financial control and is rated positively. However, the planned implementation (iTASK-U, 100 million francs from 2027 onwards) poses significant risks: data centers must be upgraded, hardware replaced. Following the resignation of Army Chief Thomas Süssli – a trained business informaticist who directly led the project – the initiative lacks clear leadership structure. Moreover, control models and measurable success metrics remain "incomplete." The EFK states: "A statement on success prospects is only possible today with reservations."

Parliamentary criticism targets two points: First, the budget paradox – Tuena had been assured that disentanglement would bring savings, not additional costs. Second, lack of transparency: "We have not been informed about this in the committee so far," says the IT entrepreneur. Gerhard Andrey (Greens) emphasizes that separating military and civilian systems is cybersecurity-wise "mandatory," but does not work without consistently implemented key figures and dependency analyses. He also criticizes the "one-sided, conservative security policy" that massively promotes the military at the expense of climate change adaptation and international cooperation.

Key Findings

• The Army separates mission-critical IT systems from civilian federal IT; planning phase cost 116 million, implementation costs an additional 100 million.
• Financial control warns of implementation risks: leadership gap following Süssli's resignation and incomplete control instruments jeopardize project completion.
• SVP and Greens demand parliamentary oversight to curb cost increases and enforce success metrics.

Critical Questions

1. Data Quality: What concrete indicators (milestones, KPIs) has the Army itself defined to measure success, and do these contradict the EFK assessment?

2. Conflicts of Interest: Do external IT service providers (e.g., private infrastructure providers) benefit from the 100-million implementation more than the Army itself?

3. Causality: Is the leadership gap following Süssli's departure truly the main cause of control deficiencies, or did the problem already exist in the planning phase?

4. Alternatives: Were options such as "hosting mission-critical systems with private providers with higher security" seriously evaluated, or was self-administration dogmatically predetermined?

5. Feasibility: How realistic is it that the Army will find an equally qualified successor after project manager Süssli's departure, when IT expertise is scarce on the market?

6. Side Effects: Could system separation lead to latencies or downtime during actual operations, and has this been simulated?

7. Budget Transparency: Where is the Army getting the additional 100 million from – from the current budget or new credits? Who decided this without informing Parliament?

Sources

Primary Source: "For 200 Million Francs: Army Must Rebuild Its IT – Financial Control Warns of Risks" – 20 Minutes, June 29, 2026 https://www.20min.ch/story/fuer-200-millionen-franken-armee-muss-ihre-it-umbauen-finanzkontrolle-warnt-vor-risiken-103592901

Verification Status: ✓ 29.06.2026

This text was created with support of an AI model. Editorial Responsibility: clarus.news | Fact-Check: 29.06.2026