Revue Stratégique Cyberdéfense de France (I)

The CISA and CISM certifications were my first contact with security strategies and since then I’ve read several cyber strategies such as the Cybersecurity Strategy of the EU, the National Security Strategy of Spain, the National Cybersecurity Strategy of Spain, the Department of Defense (DoD) Cyber Strategy of the United States and the National Cyber Strategy of the United States. Today, I want to write about the last Cybersecurity Strategy I’m reading, the review of the Cyberdefense Strategy of France. In fact, I’m only going to write about the first part of the strategy, “Les dangers du monde cyber”, due to the fact that this strategy is too extend for just one post.

The Cybersecurity Strategy of France starts speaking about how threats are moving quickly to cyber spying, cybercrime, destabilization, and cyber sabotage. For instance, the strategy highlights the Operation Aurora and Mandiant reports where United States organizations were attacked from China. It also highlights the darkweb for cybercrime, and social networks for terrorism and political destabilization. The strategy makes also reference other cyber operations such as Stuxnet, NotPetya, DDoS attacks, etc.

Action de sabotage informatique
The main actions and the operation modes of cyber attacks are also discussed into the cyber strategy. In fact, we can read, and see an example, of the four phases of a cyber attack: Reconnaissance, Intrusion, Malware Insertion, and Exploitation. In addition, we can read about the attacker infrastructure needed for a cyber attack such as C&C servers and exploitation toolkit. The threat structure is also commented into the strategy where we can read an overview of lots of cyber attacks (Shamoon, Carbanak, WannaCry, etc)

Exfiltration de données par envoi d'un courriel piégé
This Cybersecurity Strategy has also into account the vulnerabilities. It’s said that the National Security is insufficient because there are increasingly more and more digital services, which could have vulnerabilities, and therefore there is more risk for the State. For instance, a vulnerability into an important system, like the Swift System for worldwide payments, can be able to break the reputation of the system.

Resilience for mitigating risks of cyber attacks is also into this strategy. How can we get resiliency? Integrating cybersecurity into organizations, considering security throughout the information system lifecycle, knowing technologies and threats, and considering active defenses.

Cycle de vie de la sécurité d'un systéme d'information
There are many other sections in this first part of the Cybersecurity Strategy of France such as international regulation, which is not too good, or cybersecurity models for protection. I think the review of dangers of the cyber world in this strategy is very complete with lots of examples, concepts and references. I like it!!

On va continuer comme ça la semaine prochaine!!