The Industrial Cybersecurity Center in France

Team

Maite Carli García

Maite Carli is Communication Manager and European Coordinator at the Industrial Cybersecurity Center. Specialized in administration of networks and communications, industrial critical infrastructures, industry 4.0, data analysis technologies in the Health sector and industrial cybersecurity, having done several courses and a master. She has developed his professional career during the last 9 years in the […]

Laurent Pelud

Laurent is the CEO of SCASSI, an engineering and consulting firm specializing in information systems and security of embedded systems. SCASSI is a European cybersecurity company, present in Toulouse (headquarters), Paris and Madrid. Laurent is one of the biggest experts in cybersecurity. He obtained a master degree in architecture from information and communication systems in […]

Mr. Laurent Pelud, the Industrial Cibersecurity Center Coordinator in France, ( CCI Coordinators Team), helps us to get in context of the state of the industrial cybersecurity in his country, and to do so, he shares with us his impressions.

He describes the level of sensitivity of industrial organizations in his country according to the following percentages:

He also affirms that the trend of recent years has been an exponentially grown.

France counts with local and national public bodies promoting an adequate legal framework, in order to ensure the progressive incorporation of industrial cybersecurity measures in national presence companies (mainly critical infrastructure). The main organizations are:

  • ANSSI - Agence Nationale de la Sécurité des Systèmes d'Information
  • SGDSN - Secrétariat Général de la Défense et la Sécurité Nationale
  • DRSD - Direction du Renseignement et de la Sécurité de la Défense Ministerio de Defensa Nacional

Among the main national laws and regulations affecting in this context in France, Laurent mentions:

  • II 901
  • LPM - Loi de Programmation Militaire
  • NIS
  • Homologation PASSI

Analysing the most widely adopted industrial cybersecurity measures by French organizations to protect industrial automation systems, Laurent Pelud highlights the application of:

  • Industrial cybersecurity consulting / advisory
  • Ethical hacking
  • Development of continuity and / or contingency plans
  • Conventional firewalls
  • IDS / IPS
  • Backups
  • SIEM (Security information and event management)
  • Antivirus

The CCI Coordinator in France characterizes the industrial cybersecurity situation in his country with the following SWOT analysis:

Weaknesses

  • Lack of operational technologies certifications, processes and professionals

Strengths

  • Public organizations driven force (industry, national issues and defence).

  • Significant industrial cybersecurity innovation projects

  • Frequent events and forums on industrial cybersecurity

  • Increase of Industrial cyber security trained professionals

  • Leadership and recognition in the international markets

  • Solutions and services catalogue in industrial cybersecurity

Threats

  • Application of IT security measures without discretion

  • High development of industrial applications without cybersecurity requirements

  • Shortage of local industrial cybersecurity professionals working for manufacturers

Opportunities

  • Increased of cibersecurity demand for Industry 4.0 and the Internet of things

Activities