ANSSI publishes its 2024 annual review

Faced with an ever-increasing cyber threat, the past year has once again demonstrated that the nation's cyber security is a collective sport.

The Paris 2024 Olympic and Paralympic Games as an endorsement of the French cyber defence model

As leader of the cyber component, ANSSI was at the heart of the preparations for the Paris 2024 Olympic and Paralympic Games. The success of this major international event is an achievement for the Agency, which also testifies to the relevance of the French cyber defence model built around a national authority and anchored in a wider ecosystem deployed in the territories. The Games are the result of a method - anticipation, preparation, training - and a team - the public and private cyber ecosystem - that must endure if France is to remain among the leading nations in cybersecurity.

The NIS 2 directive, a vector of profound transformation for ANSSI

In 2024, ANSSI continued its work on transposing the NIS 2 directive, which is driving a major change in its organisation, its methods and the way it interacts with its beneficiaries and partners. Already heavily involved in this area over the past few years, the Agency's teams will continue to be so on a daily basis, in coordination with the cyber ecosystem, to support thousands of entities in their cybersecurity efforts.

Valuable progress in raising the general level of cybersecurity in the European Union

In the image of the regulatory framework defined by NIS 2, or the vote on the regulation on cyber resilience, to which ANSSI is fully committed, cybersecurity in Europe made good progress in 2024. Furthermore, in the face of technological developments, and in particular disruptive technologies, maintaining sovereign control over technical expertise is an essential mission for ANSSI.

2024 in a few figures :

• 656 agents, with an average age of 36, work every day for the cybersecurity of the Nation, within the ANSSI.
• 4,386 (+15%) security events handled by ANSSI, and 1,361 (+18%) incidents involving a malicious actor.
• 68 SecNumedu-labelled training courses, 1,696 people trained at the Information Systems Security Training Centre (CFSSI) and 117,856 SecNumacadémie certificates awarded.

2024 in a few key dates :

In addition to the Olympic and Paralympic Games, other events marked 2024:

• January 31st: Adoption of the EU Cybersecurity Certification (EUCC) scheme, based on common criteria.
• May 10th: Entry into force of the 2024-2030 military programming law’s implementing decree, enabling ANSSI to exercise the new capabilities with which it has been entrusted.
• July 9th: Publication by the Agency of recommendations on the hosting of sensitive information systems in the cloud.
• October 15th: Presentation before the Council of Ministers of a bill on the resilience of vitally important activities, on the protection of critical infrastructure, on cybersecurity, and on the operational resilience of the financial sector – whose II title, “Cybersecurity”, endeavours to achieve the transposition of the NIS 2 Directive.