On October 09, French President Emmanuel Macron presented the National Strategic Review. This prepares the work of a new military programming law (LPM). In this report, cybersecurity, our area of focus, is at the heart of the major issues and comes in 4th position out of the 10 strategic objectives.
But before we talk specifically about the areas of improvement, investigation and consolidation for “First row cyber resilience”, let’s recall some numbers :
173 000 requests for help from victims of cyber attacks were collected through the french cybermalveillance.gouv.fr platform in 2021. One of the most important threats for individuals is phishing. For professionals, ransomware has become common, with an accelerating increase in searches for this type of cybercrime on the platform.
The ANSSI (National Agency for Information Systems Security) in charge of assisting the Secretariat of Defense and National Security, itself under the authority of the Prime Minister, recorded: 2089 reports, 1057 incidents including 8 major ones & 17 cyber defense operations in 2021. This represents a 37% growth in intrusions compared to the previous year.
The number of computer security incidents targeting health care institutions has continued to evolve, most recently with the attack on the South Ile-de-France hospital located in Corbeil Essonne on 20 August 2022.
While companies, French administrations and individuals are becoming aware of the challenges of cybersecurity, more than 15,000 positions are currently vacant in this field in France.
What are the career opportunities in cybersecurity ?
In this field, many work positions are offered, accessible at any level, from Bac+3 (similar to 3 years after A-level exam) to PhD. Several options exist to specialize in the field.
We can mention some of them (non-exhaustive list): Information Systems Security Manager, Security Architect, SOC Analyst Operator (Security Operation Center), Researcher in Information Systems Security…
How to face all these challenges ?
Emmanuel Macron, during his speech and the publication of the national strategic review, expressed the points of improvement to be achieved and specified that our public computer defenses are still “too fragile”.
It is then necessary to :
Train and inform: « Actors in the digital world must be trained and made aware of cyber risk. This means mobilizing the general public, systematizing its integration into educational curricula and reinforcing the attractiveness of the sector’s professions » ;
Preventing and assisting all victims of cyber malicious acts ;
This development also depends on European and international partners as well as the security and stability of cyberspace.
Finally, France is known as a reference on cybersecurity issues at the European level, but no budget has yet been disclosed.
In this context, all of us, cyber actors, still have a lot of work to do to rapidly develop operational resources and train more and more professionals, which are necessary to a secure ecosystem.
Cybermalveillance ANSSI Article Le Monde ANSSI Métiers Elysée Revue National Stratégique