Apr 6, 2023
As the information systems of today's organisations become ever more complex and exposed to cyberattacks of increasing sophistication, tools that contribute to the cyber resilience of our societies need to be adopted on a much wider scale. The European Central Bank, for example, recently recommended that a cyber stress test for banking institutions should be introduced by next year. As a first step, a single national cyber intelligence database, backed by a technical analysis centre, will provide a shared picture of the threat landscape that will help players better anticipate and detect threats and share information across a given sector of industry or community of interest.
“Thales is committed to working with other cybersecurity specialists to accelerate the maturity of France’s cyber intelligence capabilities and strengthen the country’s collective security. This project will coordinate a whole ecosystem of players to provide users with a full service platform and contribute to France’s strategic autonomy in this area,” said Pierre-Yves Jolivet, VP Cyber Solutions for Thales.
A single point of entry for cyber threat intelligence in France
Led by Thales, which will coordinate its capabilities and expertise with those of 10 other companies and organisations specialising in cybersecurity, SCRED will offer a range of services that no other country has yet been able to provide through a single system. They include a national database to pool and exploit threat intelligence in a trusted cloud, an analysis service to provide insights into threats at any given point in time, and data analytics to reveal trends and make projections based on models and advanced artificial intelligence technologies.
Greater strategic autonomy in the cyber domain
SCRED will provide users with a competitive edge by reducing the cost of accessing cyber threat intelligence and responding to attacks. It will help to consolidate users' confidence in information systems, support greater cyber sovereignty by using French solutions, and pave the way for new standards recognised in Europe and internationally.
The data collected from SCRED members and the user community will lay the foundations for the creation of a new National Cyber Situation Analysis Centre. Further ahead, the project could support EU-wide autonomy in the production and use of cyber intelligence data, threat detection capabilities and information sharing between countries, sectors and companies. This ambitious project will also support the development of emerging European companies and market leaders.
Data stewardship by communities of interest
In the age of information warfare, the phenomenon of data poisoning is a growing concern for the Cybersecurity Operations Centres (CSOCs) and Computer Emergency Response Teams (CERTs) that gather vast amounts of raw and non-contextualised data about cyber activity. Relevant data processing and analytics skills are therefore highly sought after by companies of all sizes.
According to a report published in March 2023 by ANSSI, France’s national agency for information system security, the number of proven cases of unauthorised access reported to the agency increased by 37% from 2020 to 2021, with smaller businesses and public service providers among the most frequently targeted organisations. A single data gathering and analysis centre, with information shared across a given community of interest – such as the space industry, naval defence, aviation or any other sector of activity – will help to meet growing demand from players who currently have few tools at their disposal.
Participants in the SCRED project:
ATOS, Filigran, GeoTrend, Glimps, Harfanglab, KORLabs Cybersecurity, Sekoia, SnowPack, Insitut Mines Télécom - Télécom SudParis, INP Grenoble, Thales.
Attend the FIC conference on April 6 2:30-3:30 p.m. : FIC EUROPE – Du 5 au 7 avril 2023 – Lille Grand Palais (forum-fic.com)
Towards a strategic autonomy of cyber intelligence?