Gérard Collomb Ministre de l'Intérieur de France began his presentation by describing cyber-security as one of the main challenges of the 21st century. He noted how WannaCry had affected to many manufacturing plants, hospitals, SMEs and others, throughout the world. Collomb warned, “Cyber-threats are present everywhere and continue growing. Material and human damage have so far been limited but they are growing and terrorism of the future will be cyber-related and will kill people, whether by hacking water supplies or hospitals etc. It will be financed by digital currencies and crime will become digital rather than physical as people hit by ransomware pay to recover personal data.”
Part of the Ministry of Interior's role in the fight against terrorism includes implementing fast removal of radical content. In dealings with major internet companies, legislation introduced on 30 October 2017 allows the authorities to seize internet data, whereas previously it could only seize physical assets. There is also now a platform for online feedback about online content removal resulting in removal of 30,000 documents for dissemination of terrorism.
Working with ANSSI and the Secretary of State, a group has also been set up to better assist victims of cyber crime.
Regarding data protection, the Minister explained that the implementation of the EU NIS directive will make the country more secure and there has already been significant progress over the last eight months. Faced with the size of the cyber-challenge Collomb said that there is a need to change scale of response. Government needs to be able to anticipate the future thus France is currently developing its five year strategy to fight cyber-crime on a large scale. The new ambition is to protect France.
The first pillar is at the European level as cyber-crime knows no borders, hence it is only possible if strong action is implemented at a continental level and the minister said that France will unconditionally support all initiatives at this level, including the creation of a major European cyber-security agency funded to ensure it has adequate resources, including for the creation of a research centre on cyber-security.
Europe is currently spending six to seven times less than than the US in this field and the Minister insisted that the countries of Europe must correct this.
“What will we do to support our response to a large scale attack? We must be ready to respond to actions such as the blocking of telecoms and transport systems.
“Europe must be strong and active in the field of cyber-security to defend its global interests at the European level. Then we need national capability. Our strategic defence review showed France's armed forces, ANSSI and the Gendarmier have significant resources and talented engineers, but the skills and means are too limited when faced with the growing threat, and they are too scattered between departments, which dilutes their efficiency, we are mapping security threats to current resources and making proposals by summer to draft a road map for the entire five year mandate. As part of this mapping of capabilities, it is planned to create 10,000 police force roles during the five years 800 dedicated to cyber. And there will also be increases in the systems needed and provision of the most advanced tools required.”
The road map will also be horizontal, issued to all state staff at the Interior Ministry, Gendarmier staff, and for prefects, (who must manage crises).
Cyber-security must also be an everyday obsession for those on structural programmes in the coming years. It was pointed out that the government can't support digital identity based services unless user data totally secure, eg the Gendarmier could not just roll out of more surveillance cameras etc unless they are protected from attacks.
The entire government is now giving increased importance to cyber with the State, civil authorities, the military and private stakeholders as it is recognised that it is essential for the state to be in close contact with the whole cyber-ecosystem.
The minster's message re-emphasised how public and private sectors must cooperate and at a European level we must work together. Resilience is a challenge to our entire society and must be built into all stakeholders, sub contractors, those who process data. We must raise awareness of everyone. “We want to work with chambers of commerce, entire economic works must get behind this and mobilise companies and every French citizen; everyone has a mobile phone, several connected devices. So everyone must understand that to get the benefits of digital life, there are also risks, but it is possible to limit these risks."
From September schools in France will get cyber security awareness training. “We want to create in our country a culture about cyber-security. Resilience - allowing us to live and develop despite adversity - to rebound, to continue and use opportunities for progress despite threats. We need to be able to rebound after attacks,” concluded the minister.