Agence nationale de la sécurité des systèmes d'information

The Agence nationale de la sécurité des systèmes d'information is a French service created on 7 July 2009 with responsibility for computer security.
ANSSI reports to the Secretariat-General for National Defence and Security to assist the Prime Minister in exercising his responsibilities for defence and national security.
ANSSI replaced the, which on July 31, 2001, replaced the SCSSI.
Guillaume Poupard, Chief Engineer of Armaments, was appointed director general of ANSSI on 27 March 2014, succeeding.
Vincent Strubel succeeds Guillaume Poupard as new director general on January 4, 2023.
ANSSI has a budget of €80 million and a workforce of 500 in 2015, with a target of 567 by the end of 2017.

Background and context

ANSSI is heir to a long line of bodies responsible for ensuring the security of sensitive information belonging to the French State:

1943: Encryption Technical Directorate ;
1951: Encryption Technical Service Centre ;
1977: the Central Encryption and Communications Security Establishment;
1986: the Central Service for Computer Security;
2001:.

These organizations initially created in a military security perspective confidential information and data protection have gradually evolved. In 1986, the Central Communications Security Establishment has been replaced by the Central Service for Computer Security. Today ANSSI retains a mission of the defence of state information systems, but is also charged with a mission to provide advice and support to government and operators of critical national infrastructure.

Missions

ANSSI has the following mission:

"The agency ensures the mission of national authority security of information systems. As such it is responsible for proposing rules for the protection of state information systems and verify the implementation of measures adopted.
In the field of cyber defence, it provides a monitor, detect, alert and reaction to computer attacks, especially on the networks of the State."

Organization

Management

ANSSI is headed by a director general, appointed by the Prime Minister. He is assisted by a deputy director and a chief of staff.
ANSSI has five sub-directorates:

the Centre for the Operational Security of Information Systems that ensures the implementation of the defense authority-based information systems devoted to ANSSI.
Sub-Directorate Expertise which carries the overall mission of expertise and technical assistance of the agency. It supports all the other sub-directorates ANSSI, ministries, industry and providers of security and vital operators.
Sub-Directorate Secure Information Systems which carries the mission to propose, design and implement products and secure information systems for the benefit of ministries, operators and vital importance ANSSI.
Sub-Directorate External Relations and Coordination that animates, transverse manner, the external relations of the agency, coordination of interventions and the development of regulations.
Sub-Directorate General Affairs in charge of preparing and managing support of administrative activities at ANSSI.

ANSSI also has its own training centre, the Safety Training Centre for Information Systems, including delivering degrees in computer security, registered in the National Directory of Professional Certifications.

Governance

ANSSI governance is ensured by a Strategic Committee including:

the General Secretary of Defence and National Security,
the Chief of the Defence Staff;
the Secretary General of the Ministry of the Interior, Overseas France and Territorial Communities;
the Secretary General of Ministry of Foreign and European Affairs;
the Delegate General for Armaments;
the Director General of External Security;
the director general of information and communication systems;
the general manager of the modernization of the state;
the Director General of Internal Security;
Vice president of the General Council of Industry, Energy and Technology;
Director general of the National Agency for Computer Security.
Means

According to a Senate report, although significant efforts have been put in place in recent years, the situation in France with regard to the threat from cyber attacks is still unsatisfactory. Indeed, ANSSI lacks financial and human resources comparable to its American, British and German counterparts.

Human resources

To meet the national challenge of cyber security, ANSSI continues to expand its teams with positions to be filled in all line of work. The aim is to reach 675 agents in 2022 according to the Public Finance Programming Bill of 2018.

Financial resources

Activities

[2017 Macron e-mail leaks]

According to French newspaper Le Monde, the ANSSI would have thwarted what seemed to be a simple attack, an interference by the Russians during the French presidential campaign of 2017. "This is not a simple hacking operation, but an attempt to destabilize the French presidential election," wrote the political party En marche! in the early evening of May 5, 2017.
Following the data leak, ANSSI opened an investigation into the breach.