“COMPLEX, PROFESSIONAL, with mixed intentions and in constant flux”. This is the alarming description of the cyber threat given by the French National Agency for the Security of Information Systems (ANSSI). After the explosion of ransomware, programs that paralyze a company’s computer systems and demand a ransom to unblock them, comes the wave of espionage and computer sabotage, it warns. In 2021, its investigators were confronted with an unprecedented number of destabilization attacks starting with a computer compromise: on average, three proven intrusions per day targeting companies or public authorities. Many of them exploit a so-called “zero-day” vulnerability due to the lack of updates to the IT tools that plug their original flaws. “Our awareness and support work, with companies and administrations, aims to raise the level of awareness of cyber risk to the right level within the entire nation, which is not yet the case,” explains Guillaume Poupard, Director of the ANSSI.
Priority. In 2021, the French government
made cyber security strategy a national priority and is devoting €1 billion over five years to it. According to the Allianz 2022 business risk barometer, cyber attacks are ranked number one, while cyber crime cost the global economy nearly $6 trillion last year. From Saint-Gobain to Lactalis to Lise Charmel, all the French companies that have been victims speak of a “terribly violent” episode. “It is no longer a technical issue, but a neuralgic issue for the company: it impacts the information that is now at the heart of the decision-making process,” warns Alexandre Papaemmanuel, a specialist in industrial issues and lecturer at Sciences-Po. As Guillaume Tissier,
co-organiser of the International Cybersecurity Forum, whose 2022 edition will take place on 7 and 8 June in Lille, explains, “companies have been asked to prove that they are protected against this systemic risk, that their assets are safe, and to extend this insurance to their partners”.