Cybersecurity: what to remember from FIC 2021

A few months away from the French presidency of the Council of the European Union (EU), from January to June 2022, it is an International Cybersecurity Forum (FIC) 2021 largely focused on European cyber defense and public-private collaboration which closed its doors on Thursday, September 9 in Lille.

For three days, thousands of visitors were able to observe the innovations and solutions of Thales, Orange Cyberdéfense or Atos, as well as several hundred other companies whose stands were expertly installed alongside those of the Ministries of the Armed Forces and of the Interior. , but also from the National Information Systems Security Agency (Anssi) and various regions. In addition to French political figures, Margaritis Schinas, Vice-President of the European Commission, made the trip to signify the importance of European digital sovereignty. The comings of Margrethe Vestager and Thierry Breton, other European commissioners, had also been announced.

The show was an opportunity for the public and private sectors to make various announcements and give new impetus to European cybersecurity in this 2021 school year, a few days after the announcement of tens of billions of investments in the United States. to strengthen the country’s cybersecurity.

770 recruitments of additional cyber-fighters

Visiting the FIC on Wednesday September 8, the Minister of the Armed Forces Florence Parly announced the recruitment of 770 additional “cyber-combatants” by 2025 within the armed forces, the General Directorate of Armaments (DGA) and the Directorate General External Security (DGSE). The ministry initially planned 1,100 recruitments. The objective for France is to have 5,000 cyber fighters capable of working on three essential areas of national defense: anticipating cyberthreats, detecting attacks and responding to incidents. This “army” will be partly based in Rennes, at the Cyberdefense Command (ComCyber), an operational unit created in 2017.

At the beginning of 2021, the President of the Republic Emmanuel Macron announced a national plan for cybersecurity with a budget of 1 billion euros, including 720 million in public funding and the rest dedicated to the private sector. The national strategy must follow several axes: development of sovereign cybersecurity solutions; strengthening of links and synergies between actors in the sector; support for the adoption of cyber solutions by individuals, companies, communities and the State; training of young people and professionals in cybersecurity professions; support for the development of businesses in the sector via an equity contribution.

A national strategy in “Operationalization phase”

“This strategy is now in its operationalization phase”, said the government, this Thursday, September 9. To give concrete expression to these remarks, Cédric O, Secretary of State in charge of Digital Transition and Electronic Communications, also unveiled during a trip to the FIC three calls for projects within the framework of the national strategy. These will mobilize at least 250 million euros from the national budget for cybersecurity.

The first, which will close on October 15, aims to support the development of innovative and critical cybersecurity technologies, such as cyberattack detection or encryption solutions. The second, for which applications must be submitted before November 16, intends to develop the pooling of cybersecurity data between players in the sector, the aim being to increase knowledge of threats. This call for projects must be deployed within the Cyber ​​Campus.

The third, also in connection with the Cyber ​​Campus, in which the State will hold less than 50% of the capital, aims to support innovative projects within this public-private establishment, which is now due to open its doors in January 2022, and not more in the fall of 2021 as initially planned, announced Michel Van Den Berghe, president of the campus. He also indicated that similar campus projects are under study in Lille, Rennes and in the Pays de la Loire.

28 recommendations for a European digital sovereignty

On the occasion of the international exhibition, the Agora du FIC, think tank of the event, also published 28 recommendations “In terms of security and regulation of the digital space” intended for the French Presidency of the Council of the EU. The report lists six areas in which the latter could focus.

The first step is to focus on training, for example with the establishment of a “Central training corpus for senior officials, political and economic decision-makers”. Then, according to the Agora, France should focus on diplomacy and stability in the digital space, including the launch of a “Blacklist of companies that have sold entities to certain regimes”.

The report then recommends, among other things, the creation of a European network of alert and reaction centers for cyber attacks to strengthen military cyber defense. Then comes the fight against cybercrime with the recommendation of the creation of a “European prosecutor’s office specializing in cybercrime”.

To strengthen its cybersecurity and resilience in the field, the Old Continent could also “Accelerate the implementation of European certification schemes [et] finalize the draft NIS 2 directive ”, which aims to create a “Cyber ​​shield” through the establishment of a dedicated European entity. Finally, in terms of industrial policy, the FIC Agora lists nine recommendations such as the establishment of a digital traceability indicator, the facilitation of technology transfers or the creation of industrial alliances allowing the emergence of European champions of cloud computing.

The collective, key to the European strategy for Anssi

So many recommendations that echo the various objectives that Anssi has set for itself in the face of a “Threat that grows exponentially”, to use the words of Guillaume Poupard, director general of the agency. “The key is in the collective”, he added on Wednesday while appealing: “European institutions, national cybersecurity agencies and private companies, let’s mobilize to build sustainable cybersecurity in the European Union.”