The Information Report about Cyber-Defense of the French Senate

The Information Report about Cyber-Defense of the French Senate

The French´s Committee on Foreign Affairs, Defence and Armed Forces of the Senate adopted on Wednesday 18 July a report on cyber-defense.

Entitled "Cyber-defence: a global issue, a national priority", the document, prepared by Senator Jean-Marie Bockel, advocates the development of an "offensive strategy" and suggests a ban of the China´s routers.

The report underlines that cyber-attacks are a strategic threat that has materialised and increased in recent years and a threat now recognised at international level.
But, despite significant progress since 2008, the report states that French´s mechanism of protection still has some major gaps.

The report proposes 10 priorities and 50 specific recommendations to make the protection and defence of information systems a real national priority.
The 10 priorities are:

1. Make cyber defence and the protection of information systems a national priority, taken to the highest level of Government, in particular in the context of the new White Paper. Consider the relevance of formulating a public doctrine concerning offensive capacities.

2. Strengthen the staff, resources and prerogatives of the French Network and Information Security Agency (ANSSI), as well as providing dedicated staff and resources within the armed forces, the French procurement agency and specialized services, and develop a true human resources policy.

3. Introduce amended legislation to give ANSSI the resources to carry out its missions and set up a specialist legal function with national competence to crack down on serious attacks on information systems.

4. Improve recognition of the need to protect information systems in the actions of each ministry, improving awareness at all levels, reducing the number of gateways between networks and the Internet, and developing analysis systems that can be used to detect attacks, as well as enhancing the authority of civil servants involved in the security of information systems.ù

5. Make it compulsory for companies and vital service operators to declare incidents to ANSSI should a major attack occur against their information systems and encourage them to take protective measures by means of incentive measures.

6. Strengthen the protection of critical infrastructure operator information systems by reducing the number of gateways between their networks and the Internet, developing analysis systems, generalising audits, making it compulsory to declare processes and SCADA systems connected to the Internet and by preferring the introduction, on a sector basis, of shared detection centres.

7. Support via a voluntarist industrial policy, on a national and European scale, French industrial base, in particular SMEs, specialising in the design of products and services essential to information systems security, and, more generally, the information and communication technologies sector, and strengthen cooperation between the Government and the private sector.

8. Encourage the training of engineers specialising in the protection of information systems, develop research and consultancy activities, and emphasise raising public awareness, in particular through a communication campaign inspired by French road safety campaigns.

9. Pursue bilateral cooperation with our main allies, support NATO and the European Union’s actions, engage in dialogue with China and Russia and promote the
adoption at international level of confidence building measures.

10. Prohibit the deployment and use nationally and at a European level of “routers” or other core network equipment that present a risk to national security, in particular “routers” and certain other equipment of Chinese origin.

Read the Senate´s Information Report here:

venerdì 19 ottobre 2012

Sei iscritto alla members area? Fai il login, oppure iscriviti.

Misura antispam: Quanto fa più 9?