Annual Review 2021

Foreword

In a nutshell, 2021 was an eventful year, full of dynamic activity in the cyber domain. This brought about an increase in the way we use digital technologies in our everyday lives, notably in the light of the unfolding health crisis. Terms such as ransomware, denial of service attacks, computer sabotage and cyber espionage have gradually found their way into the news and into the daily lives of our organisations, our administrations and of all French people.

Faced with this growing threat, the commitment of the men and women who embody ANSSI has never wavered. It is this singular investment, which each and every individual has made, that lies at the very heart of what our agency stands for today and what it aspires to for tomorrow.

Thanks to its employees and to the ongoing support of its authorities, starting with that of the Secretary-General for Defence and National Security (SGDSN), ANSSI has developed its action in all technical, operational and strategic fields. At European level, in order to increase the EU’s state of preparedness against largescale cyber attacks, ANSSI developed a concentrated and ambitious sequence for the French Presidency of the Council of the European Union. Nationally, ANSSI’s action translates into the constitution of effective cyber governance structure with government departments. This initiative, designed under the impulse of the Prime Minister, aims at strengthening the cyber security of French government bodies; and finally, at regional level, through the deployment of cyber security programmes for regional authorities, hospitals and public institutions.

Although the increase in international tensions will inevitably play out in cyber space, I remain confident and optimistic, knowing that, for the past eight years, I have been able to count on the employees of ANSSI, their values and their excellence. I firmly believe that they will rise to the sizeable challenges that lie ahead.

Guillaume Poupard
Director-General of ANSSI

Key figures and facts

1

DEFENDING AND RESPONDING

In 2021, cyber activity did not slacken its pace.
Far from it !

A daily operational engagement

The year 2021 was marked by an evolving cyber threat: the number of ransomware attacks stabilised at a significant level (203) but less visible attacks for the purposes of espionage and destabilisation persisted with increasingly complexity, engaging ANSSI’s operational teams on a daily basis.Find out more (French only)

 

Anticipating and preparing

Against this backdrop of growing threat, where no one is spared from cyber attacks, anticipation and preparation are the watchwords. As a founding member of InterCERT France, a community aiming to build its members’ capacity to detect and respond to security breaches, ANSSI has also invested, as part of the cyber component of the France Relance recovery plan, in supporting the creation of regional and sectoral computer security incident response teams (CSIRT). Find out more

True to its principles of openness and sharing, ANSSI has continued to publish its threat analysis reports with numerous technical markers enabling the detection of sophisticated cyber attacks. It has also made available three essential guides to assist organisations in developing and implementing cyber crisis management strategies and tools.

• Organising a cyber crisis management exercise.Find out more

• Crisis of cyber origin: the keys to operational and strategic management.Find out more

• Anticipating and managing your cyber crisis communication.Find out more

OPERATIONAL FIGURES

  • 2,089
    reports
  • 1,057
    incidents
  • 8
    major incidents
  • 17
    cyber defence
    operations

2 KNOWING AND SHARING

Technical and scientific expertise is in ANSSI’s DNA, the very basis of its legitimacy. This expertise lies at the heart of the agency’s ability to maintain authority, to lead a network of stakeholders, to mobilise the ecosystem and to offer trusted solutions for securing information systems.

As a structuring link in the French cyber security ecosystem, ANSSI issues the Security Visa to products that have demonstrated their robustness and to service providers that comply with the agency’s recommendations. In 2021, 167 qualifications and 88 certifications were issued, grouped under this single brand. As a guarantee of security for users, the Security Visa is constantly being enriched to best meet the needs of the market: a new requirement rule set for remote identity verification service providers was published in 2021.Find out more

Committed to the continuous development of its technical expertise from its inception, the agency is engaged in new partnerships, in particular with stakeholders in the world of research and innovation. ANSSI is also investing alongside Inria in research and technology transfer in cyber security. This commitment was formalised in July 2021 with the signing of an agreement between the agency and Inria, embodied within the Cyber Campus.Find out more (French only)

The sharing of ANSSI’s knowledge and know-how is also illustrated by the publication of resources on various topics. In 2021, the agency published 48 documents. These include the technical guide Recommendations for Multi-factor Authentication and Passwords (French only), the analysis of concepts such as Zero Trust or post-quantum cryptography, etc.Consult the publications

KEY FIGURES

  • 255
    security visas
    issued, of which167 qualifications
    and 88 certifications
  • 48
    documents
    published

3

EVOLVING AND SUPPORTING

The French model of cyber defence positions ANSSI at the heart of the interministerial structure attached to the SGDSN. This allows ANSSI to support a wide range of beneficiaries on a daily basis and to be engaged in all cyber security issues.

An evolving agency

To maintain openness, ANSSI is actively involved in the Cyber Campus, located in La Défense. Its training centre, together with its industry relations division, will be set up there. ANSSI also plans to develop a branch in Rennes in order to grow synergies with existing cyber stakeholders. A team of ten officers responsible for defining and guiding the site’s activities were transferred to Rennes in the summer of 2021 ahead of its opening in early 2023.

Healthcare and regional authorities:
priority beneficiaries in 2021

In 2021, ANSSI’s activity in implementing the cyber security component of the recovery plan continued at a pace. As at 31 December 2021, more than 600 organisations have benefited from programmes in cyber security. In addition, in order to strengthen the security of hospital information systems, highly prized by cyber attackers, 135 hospital trusts have been designated as operators of essential services and have benefited from support under the recovery plan.

EU-wide projection

2021 was resolutely focussed on preparations for the French Presidency of the Council of the European Union (FPEU). This presidency is a real opportunity to strengthen European cyber security and has therefore required significant work to identify priorities, understand the EU’s work programme in the cyber domain and ensure the best possible conditions for the presidency. Revision of the NIS Directive, cyber security of the European institutions, development of a trusted industrial fabric and European solidarity in the event of a cyber crisis are therefore very high priorities of the FPEU.

KEY FIGURES

  • 573
    employees as at
    31/12/2021
  • 112
    new recruits
  • 37
    average age
    of ANSSI’s employees
  • 21 million euros
    ANSSI’s budget
    (excluding payroll)

4

TRAINING AND AWARENESS RAISING

Training and awareness raising are at the heart of ANSSI’s missions. Aimed at a variety of targets, its actions contribute to a better understanding of digital risks and account for an important part of operations on the ground, particularly at regional level.

As a key player with proven expertise, ANSSI’s Information Systems Security Training Centre (CFSSI) has continued its training activities for civil servants and for staff of operators of vital importance and essential services. As well as steering the agency’s training strategy, the CFSSI also coordinates the SecNumedu labelling programme, designed to identify higher education establishments that provide cyber security training.Find out more

The Observatoire des métiers (Observatory of Professions), launched by ANSSI, is a project aimed at delineating the main features and structure of the job market specific to information system security. It provides a wide variety of resources for use by companies, training institutions and students. In this context, ANSSI has joined forces with the Ministry of Labour and the National Agency for Adult Vocational Training to conduct a survey of cyber security professionals.
Find out more (French only)

Activities to raise awareness of cyber issues are also aimed at the general public. In addition to the Cybermalveillance.gouv.fr platform, which publishes valuable awarenessraising content for all French citizens, ANSSI has become a member of the public interest group Pix and has helped to develop the cyber skills included in their digital skills assessments. And lastly, since its launch in 2018, some 45,000 certificates for the SecNumacadémie MOOC online course have been issued by ANSSI. Find out more (French only)

 

KEY FIGURES

  • 47
    SecNumedu training
    labels awarded
    as at 31/12/2021
  • 59
    SecNumedu-FC
    training labels
    awarded as at
    31/12/2021
  • 45,000
    SecNumacadémie
    certificates issued
    as at 31/12/2021
  • 450
    awareness-raisingactions carried outat regional level
    as at 31/12/2021