Agence nationale de la sécurité des systèmes d'information explained

The Agence nationale de la sécurité des systèmes d'information (ANSSI; English: French National Agency for the Security of Information Systems) is a French service created on 7 July 2009 with responsibility for computer security.^[2]

ANSSI reports to the Secretariat-General for National Defence and Security (SGDSN) to assist the Prime Minister in exercising his responsibilities for defence and national security.

ANSSI replaced the, which on July 31, 2001, replaced the SCSSI.

Guillaume Poupard, Chief Engineer of Armaments, was appointed director general of ANSSI on 27 March 2014,^{[3] [4]} succeeding .

Vincent Strubel succeeds Guillaume Poupard as new director general on January 4, 2023.^[5]

ANSSI has a budget of €80 million (2014) and a workforce of 500 in 2015^[6] and with a target of 567 by the end of 2017.

Background and context

ANSSI is heir to a long line of bodies responsible for ensuring the security of sensitive information belonging to the French State:^[7]

• 1943: Encryption Technical Directorate (created in Algiers);
• 1951: Encryption Technical Service Centre (in Paris);
• 1977: the Central Encryption and Communications Security Establishment;
• 1986: the Central Service for Computer Security;
• 2001: .

These organizations initially created in a military security perspective confidential information and data protection have gradually evolved. In 1986, the Central Communications Security Establishment has been replaced by the Central Service for Computer Security. Today ANSSI retains a mission of the defence of state information systems, but is also charged with a mission to provide advice and support to government and operators of critical national infrastructure.

Missions

ANSSI has the following mission:

"The agency ensures the mission of national authority security of information systems. As such it is responsible for proposing rules for the protection of state information systems and verify the implementation of measures adopted.

In the field of cyber defence, it provides a monitor, detect, alert and reaction to computer attacks, especially on the networks of the State."^[8]

Organization

Management

ANSSI is headed by a director general (currently Vincent Strubel), appointed by the Prime Minister. He is assisted by a deputy director and a chief of staff.

ANSSI has five sub-directorates:

• the Centre for the Operational Security of Information Systems (COSSI) that ensures the implementation of the defense authority-based information systems devoted to ANSSI.
• Sub-Directorate Expertise (SDE)^[9] which carries the overall mission of expertise and technical assistance of the agency. It supports all the other sub-directorates ANSSI, ministries, industry and providers of security and vital operators.
• Sub-Directorate Secure Information Systems (SIS)^[10] which carries the mission to propose, design and implement products and secure information systems for the benefit of ministries, operators and vital importance ANSSI .
• Sub-Directorate External Relations and Coordination (RELEC)^[11] that animates, transverse manner, the external relations of the agency, coordination of interventions and the development of regulations.
• Sub-Directorate General Affairs (SDAG)^[12] in charge of preparing and managing support of administrative activities at ANSSI.

ANSSI also has its own training centre, the Safety Training Centre for Information Systems (CFSSI),^[13] including delivering degrees in computer security (ESSI), registered in the National Directory of Professional Certifications.

Governance

ANSSI governance is ensured by a Strategic Committee^[14] including:

• the General Secretary of Defence and National Security (chairman),
• the Chief of the Defence Staff;
• the Secretary General of the Ministry of the Interior, Overseas France and Territorial Communities;
• the Secretary General of Ministry of Foreign and European Affairs;
• the Delegate General for Armaments;
• the Director General of External Security;
• the director general of information and communication systems;
• the general manager of the modernization of the state;
• the Director General of Internal Security;
• Vice president of the General Council of Industry, Energy and Technology;
• Director general of the National Agency for Computer Security.

Means

According to a Senate report, although significant efforts have been put in place in recent years, the situation in France with regard to the threat from cyber attacks is still unsatisfactory. Indeed, ANSSI lacks financial and human resources comparable to its American, British and German counterparts.^[15]

Human resources

Years	Workforce
2009 (first year)	120
2011	170
2012	250
2013	360
2015	500
2015	460[16]
2016	500[17]
2017	550[18]
2018	600[19]
2019	610[20]
2020	548[21]
2021	573[22]

To meet the national challenge of cyber security, ANSSI continues to expand its teams with positions to be filled in all line of work.^[19] The aim is to reach 675 agents in 2022 according to the Public Finance Programming Bill of 2018.^[23]

Financial resources

Year	Budget
2009	€45 million
2012	€75 million
2014	€83 million
2018	€100 million
2020	€21 million (excluding payroll)[24]
2022	€23 million (excluding payroll)[25]

Activities

According to French newspaper Le Monde, the ANSSI would have thwarted what seemed to be a simple attack, an interference by the Russians during the French presidential campaign of 2017.^[26] "This is not a simple hacking operation, but an attempt to destabilize the French presidential election,"^[27] wrote the political party En marche! in the early evening of May 5, 2017.

Following the data leak, ANSSI opened an investigation into the breach.^[28]

See also

• European Network and Information Security Agency
• European Cybercrime Centre
• National Cyber Security Centre (disambiguation)
• CLIP OS
• Service central de la sécurité des systèmes d'informations

External links

• ANSSI official website

Notes and References

1. Web site: Homepage.
2. http://www.legifrance.gouv.fr/WAspad/UnTexteDeJorf?numjo=PRMD0914748D Décret n° 2009-834 du 7 juillet 2009
3. Web site: Guillaume Poupard prend la tête de l'Anssi . dead . 28 March 2014 . French . 28 March 2014 . https://web.archive.org/web/20140328132350/http://www.01net.com/editorial/616970/guillaume-poupard-prend-la-tete-de-l-anssi/ .
4. Décret du 27 mars 2014 portant nomination du directeur général de l'Agence nationale de la sécurité des systèmes d'information - M. POUPARD (Guillaume)
5. Décret du 4 janvier 2023 pportant nomination du directeur général de l'Agence nationale de la sécurité des systèmes d'information - M. STRUBEL (Vincent)
6. http://questions.assemblee-nationale.fr/q14/14-29424QE.htm Question no 29424 de M. Julien Aubert sur les moyens publics alloués à la cyberdéfense
7. http://www.ssi.gouv.fr/fr/anssi/presentation/l-historique-de-l-anssi.html Historique de l'ANSSI
8. Présentation des missions sur le site de l'ANSSI ssi.gouv.fr
9. Présentation de la sous-direction SDE sur le site de l'ANSSI ssi.gouv.fr
10. Présentation de la sous-direction SIS sur le site de l'ANSSI ssi.gouv.fr
11. Présentation de la sous-direction RELEC sur le site de l'ANSSI ssi.gouv.fr
12. Présentation de la sous-direction SDAG sur le site de l'ANSSI ssi.gouv.fr
13. Présentation du CFSSI sur le site de l'ANSSI ssi.gouv.fr
14. Comité stratégique de la SSI sur le site de l'ANSSI ssi.gouv.fr
15. Web site: La cyberdéfense : un enjeu mondial, une priorité nationale. Sénat. 3 April 2023 . 22 April 2023.
16. Web site: Rapport Annuel 2015. 22 April 2023. ssi.gouv.fr. fr. September 2016.
17. Web site: Rapport Annuel 2016. 22 April 2023. ssi.gouv.fr. fr. September 2016.
18. Web site: Rapport Annuel 2017. 22 April 2023. ssi.gouv.fr. fr. April 2018.
19. Web site: L'ANSSI recrute.
20. Web site: Papiers numériques. 3 December 2023. cyber.gouv.fr. fr. 2020.
21. Web site: Rapport d'activité 2020. 3 December 2023. cyber.gouv.fr. fr. 2021.
22. Web site: Rapport d'activité 2021. 3 December 2023. cyber.gouv.fr. fr. 2022.
23. Web site: Contrôle budgétaire : Agence nationale de la sécurité des systèmes d'information anssi – communication – Intervention le 18 avril 2018. 28 April 2018.
24. Web site: Papiers numériques. 3 December 2023. cyber.gouv.fr. fr. 2021.
25. Web site: Rapport d'activité 2022. 3 December 2023. cyber.gouv.fr. fr. April 2023.
26. News: 2019-06-15. Les coulisses du piratage des « MacronLeaks . fr. Le Monde.fr. 2021-04-30.
27. Web site: 2017-05-05. Communiqué de presse - En Marche a été victime d'une action de piratage massive et coordonnée. 2020-09-11. La République En Marche !. fr.
28. Web site: 2017-05-06. French cybersecurity agency to probe Macron hacking attack. 2021-04-30. AP NEWS.