Every day, the French National Cybersecurity Agency watches over the cybersecurity of public infrastructures. From now on, the Agency will rely on private providers to protect the French economic fabric.
Screening devices for data analysis are crucial in order to detect attacks, but one also needs “fuel to support these tools, says Director General of the ANSSI Guillaume Poupard. You don’t detect an attack by magic: You need to know attack signatures, which requires an important tracking job”. One of the missions of the ANSSI is to develop probes to analyze attacks in order to understand them and anticipate them. The ANSSI has an historic role as keeper of the infrastructures of administrations and ministries. However, the law has recently changed:”Since recently we can intervene directly, for example in a hosting company, not to collect data but to make sure that an attacker cannot use this server for malicious actions”.
Creating partnerships to improve detection
Moreover, the ANSSI is currently relying on ANSSI-certified private partners. “The ICF 2019 has been a good occasion to announce the first three certified providers of security incidents detection: Orange, Sopra Steria and Sogeti. More will come later, since France has a real industrial ecosystem capable of performing these tasks» says Guillaume Poupard. The goal is to distill the requirements and know-how of the ANSSI in the French private enterprises, in order to ensure nation-wide emulation to the benefit of cybersecurity.