Cybersecurity and France in 2019


As in most developed nations across the globe, cybersecurity has come into the spotlight in France in the last few years. As a country that has always strived to be a pioneer in politics, social progress, technology, and innovation, France has recently shown an attempt to bolster cybersecurity measures and raise awareness of cyber-attacks [1].

The high-profile cyber-attack during the Paris G20 back in 2011 has shown the French authorities that a stronger focus is needed on cybersecurity [2]. This event resulted in the fortification of the country’s cybersecurity systems, with more resources assigned to the ANSSI (Agence nationale de la sécurité des systèmes d’information) [3] and various projects launched to protect French businesses, political institutions, and the general public from future attacks.

Cybersecurity institutions in France

ADVERTISEMENT

The main institution for cybersecurity in France is the ANSSI. It was formed in 2008, with the French “White Paper on Defense and National Security” stating that cyber-attacks had become one of the biggest threats to the nation and its people.

By founding this cybersecurity institution and dedicating resources to cybersecurity efforts, France acknowledged that an updated and adapted approach to national security was required from now on [4].

The ANSSI is attached to the Secretary-General for National Defense and is under the authority of the French Prime Minister. Its primary tasks are to detect cyber-attacks and work to prevent them or limit their scale.

Another recent addition to the cybersecurity institutions is the COMCYBER (Commandement de la cyberdéfense). Created in 2017 and attached to the country’s Ministry of the Armed Forces, COMCYBER has a mission of developing France’s offensive and defensive cyber capacities [5].

The significance of cybersecurity in France has only become greater in recent years, especially as tensions have risen in the country due to recent terrorist attacks. This has led to the ANSSI playing a larger role in national defense and the formation of new cybersecurity organizations, such as Orange Cybersecurité, a division of multinational telecom corporation Orange S. A. [6].

Cyber-attack stats in France going up

As in many other countries, cyber-attacks have become increasingly common in France recently.

A survey in 2016 showed that more than half of French businesses had been the victim of some sort of cyber-attack, with SMBs being the most common targets [7].

ADVERTISEMENT

Statistics also show that close to 14 million people in France become victims of cyber-attacks annually, leading to costs of over 2.8 billion euros (3.1 billion US dollars). The most common cyber-attacks in France are bank card fraud and password theft, with a large part of attacks originating outside the country.

The situation has escalated so much that, at the beginning of 2019, France’s Secretary of Defence announced that “Cyberwar has begun.” He also revealed that France’s military forces would start using ‘cyber arms’ in the same way as normal weapons [8].

This announcement was heard not just in France, but in the entire world, as it was one of the first cases of a member of both NATO and the EU announcing the use of its offensive cyber capacities.

France, along with the EU, has tightened its laws on cybercrime in the last few years. Possible punishments now include imprisonment for up to seven years, as well as fines as high as 100,000 euros ($110,000) [9]. However, the statistics show that as in other countries, the majority of cases don’t result in arrests and never reach the court.

Educating the French society

As establishing organizations like ANSSI and COMCYBER is clearly not enough, France is making strong efforts to educate its people on the potential dangers they face when using the internet every day.

The ANSSI is, therefore, constantly looking at new and effective ways to help people not only learn about the dangers the internet can pose but also how to stay safe online [10].

The ‘European cybersecurity month’ has been an annual event throughout the European Union for several years now, and France has made big efforts to honor this occasion. Each October, various initiatives are organized to build up awareness of cybersecurity threats for both individuals and businesses in the country.

Leading French figures and various associations around the country are encouraged to take part in this event, with social media campaigns also organized for people to spread the word about online dangers.

ANSSI has also established a training center under the name CFSSI (Centre de formation à la sécurité des systèmes d’information), which offers various courses and qualifications in cybersecurity. Part of this service includes the “SecNum Académie,” which is a free online training program that everyone can use to learn all about staying safe at work.

ADVERTISEMENT

Another brand of the CFSSI is the “SecNum Edu.” It offers cybersecurity courses for students and workers in collaboration with higher education institutions around the country. This means that anyone in France who wants to learn more about staying safe online has the necessary tools and services available to them [11].

Statistics from INSEE (Institut national de la statistique et des études économiques) show that over 90% of French internet users have some form of protective software or system to stay safe online, with antivirus being the most popular choice.

However, France has some of the lowest rates of VPN usage when compared to many other nations [12], even though France has some excellent options to choose from. And as the French government is part of the Nine Eyes alliance, French internet users need to safeguard their privacy and encrypt their internet connections via the use of VPNs to stay safe online.

Resources used:

  1. http://cybersecurity.bsa.org/assets/PDFs/country_reports/cs_france.pdf
  2. https://en.wikipedia.org/wiki/Cyberattack_during_the_Paris_G20_Summit
  3. https://web.archive.org/web/20130313131706/http://www.ssi.gouv.fr/en/the-anssi/mission/
  4. https://www.diplomatie.gouv.fr/en/french-foreign-policy/defence-security/cyber-security/
  5. https://www.enisa.europa.eu/topics/national-cyber-security-strategies/ncss-map/strategies/information-systems-de
  6. https://www.ouest-france.fr/high-tech/la-cybercriminalite-en-hausse-en-france-et-dans-le-monde-4716773
  7. https://www.theregister.co.uk/2019/01/22/france_cyber_war/
  8. https://www.village-justice.com/articles/Cybercriminalite-reponse-penale-Union,14872.html
  9. https://www.ssi.gouv.fr/en/cybersecurity-in-france/formations/
  10. https://www.mastersportal.com/study-options/268599581/it-security-france.html
  11. https://www.vpnmentor.com/blog/vpn-use-data-privacy-stats/