ANSSI welcomes an important step toward the transposition of the NIS Directive in France

Adopted on July 2016, the European Network and Information System Security (NIS) Directive – known as the “NIS Directive” aims at raising the level of cybersecurity preparedness and response in the European Union. On 15 February 2018, the French Parliament voted in favour of the legislative proposal, thus making an important step towards the full transposition into France’s national law.

As the French coordinator for the transposition, ANSSI welcomes the adoption of the law and is working alongside all relevant stakeholders to prepare all the executive acts (decrees) that will follow.
The NIS Directive aims at strengthening national cybersecurity capabilities; establishing a framework for cooperation among EU Member States –at both political and operational levels – and strengthening the cybersecurity of “operators of essential services” and “digital service providers”.

french ciip framework schemaBuilding on ANSSI’s and operators’ experience, the transposition benefitted from the work already accomplished within the framework of the implementation of the 2013 “Critical Infrastructures Information Protection” (CIIP) law co-drafted with public and private operators.

The national transposition is furthermore drawing on France’s counterparts experience, especially from the reference documents issued by the NIS Cooperation group established in 2017 at the EU level.

ANSSI is particularly supportive of the operational cooperation established between EU Member States, through the existing cyber security incident response teams (CSIRTs) network which was created by the NIS directive. The large-scale attacks that all countries face in 2017 confirmed the need for an overall threat evaluation and enhanced coordination in handling incidents.

As a strong promoter of European strategic autonomy regarding digital security, ANSSI remains committed to taking an active part in digital security projects led by EU Member States and European institutions so as to make the cyberspace more open and secure for European citizens.