Faced with increasingly sophisticated cyberthreats, France has a rich and structured cybersecurity ecosystem. From public institutions to private companies and professional communities, each player plays a specific role in the defence of information systems. Here’s an overview of the main players in cybersecurity in France.
The French National Agency for Information Systems Security (ANSSI)
Created in 2009, the ANSSI is at the heart of the French government’s cyber security policy. Reporting to the Prime Minister, the agency develops and implements public policy on information systems security. It intervenes both upstream, to support government agencies and operators of vital importance (OIV) in securing their infrastructures, and downstream, during the management of major cyber incidents.
The ANSSI issues security qualifications and certifications to service providers and products, pilots the SecNumCloud scheme for the trusted cloud, and conducts numerous awareness-raising initiatives aimed at businesses and the general public.
Read also: Cybersecurity report 2024 and outlook for 2025: what are the trends?
Cyber Defence Command (COMCYBER)
On the military side, COMCYBER is responsible for France’s military cyber defence strategy. Created in 2017, this joint command reports directly to the Armed Forces Chief of Staff. It is responsible for protecting military systems against cyber attacks and, if necessary, conducting offensive operations in cyberspace.
COMCYBER works closely with the ANSSI, intelligence services, international partners and French industry to strengthen defence capabilities and anticipate digital threats.
Companies specialised in cyber security
Alongside public institutions, many private French companies are actively contributing to the protection of information systems, the development of sovereign technologies and the security of critical infrastructures.
Airbus Cyber
A subsidiary of the Airbus Group, Airbus CyberSecurity helps protect organisations against cyber attacks. It works with:
- Defence
- Aerospace
- Governments
- Businesses
- Critical infrastructure (hospitals, power stations, etc.)
The company creates protection systems tailored to the needs of each customer. The aim is to strengthen their resistance to cyber threats over the long term.
It also has a training centre offering customised courses for all levels – from managers who want to understand the issues to technical experts who want to develop their skills.
It keeps abreast of the latest developments in cyber security by actively participating in European and national research programmes such as ECYSAP.
TYREX
Formerly known as KUB, Tyrex designs and manufactures decontamination kiosks designed to neutralise threats carried by USB sticks and other removable media before they are connected to sensitive systems. These devices analyse the media and isolate malicious software.
Particularly popular in industrial, administrative and military environments, Tyrex stations significantly reduce the risk of USB infection. The company is also pursuing a major R&D effort to stay at the cutting edge of removable media decontamination and respond to new forms of targeted threats.
Cyber associations and communities
In addition to institutions and businesses, associations play an essential role in sharing knowledge, professionalising players and keeping a collective watch on new cyber threats.
The Clusif
The “Club de la Sécurité de l’Information Français” (Clusif), founded in 1992, is one of the leading professional associations in the sector. It brings together experts from all areas of cybersecurity: private companies, government departments, service providers, researchers and standards bodies.
Clusif regularly publishes benchmark studies and methodological guides, and organises working groups on the major issues of the day.
The CESIN
Founded in 2012, CESIN (“Club des Experts de la Sécurité de l’Information et du Numérique”) brings together mainly CISOs and cybersecurity managers from large companies and government departments. A genuine forum for exchange between peers, CESIN encourages the sharing of practical experience, the pooling of best practices and the analysis of emerging issues.
Every year, CESIN publishes a barometer in conjunction with Opinionway, which provides an accurate picture of the practices, budgets and cyber priorities of French organisations. This provides valuable feedback from the field.
The French Cybersecurity Federation
The more recently created “Fédération Française de la Cybersécurité” (FFC) aims to unite all the public and private players in the field around a common industrial and political strategy. It works to promote French skills, defend the interests of the industry and represent the voice of businesses to national and European public authorities.
