
On 5 April 2023, Thales announced the launch of SCRED1, a collaborative project by 11 French companies and organisations specialising in cybersecurity. The goal of the project over the next three years is to create a single platform to provide cyber threat intelligence services to companies and government entities.
The French government has announced its support for the development of the country's cybersecurity sector under the France 2030 investment plan and national cyber strategy. French companies specialising in cybersecurity have been invited to propose the innovative technologies needed to ensure France's sovereignty in this area, and have joined forces on the SCRED project, which has been selected after a call for projects launched by Bpifrance, the French public investment bank.
Led by Thales, SCRED includes players from both the private and public sectors: ATOS, Filigran, GeoTrend, Glimps, Harfanglab, KORLabs Cybersecurity, Sekoia and SnowPack, as well as the Institut Mines-T l com and INP Grenoble. While the immediate aim of the project is to provide services to French organisations, the platform will lay the foundations for a centralised service offering, including a National Cyber Situation Analysis Centre that will ultimately help to ensure European sovereignty in the field of cybersecurity.
As the information systems of todays organisations become ever more complex and exposed to cyberattacks of increasing sophistication, tools that contribute to the cyber resilience of our societies need to be adopted on a much wider scale. The European Central Bank, for example, recently recommended that a cyber stress test for banking institutions should be introduced by next year.2 As a first step, a single national cyber intelligence database, backed by a technical analysis centre, will provide a shared picture of the threat landscape that will help players better anticipate and detect threats and share information across a given sector of industry or community of interest.
Thales is committed to working with other cybersecurity specialists to accelerate the maturity of France's cyber intelligence capabilities and strengthen the country's collective security. This project will coordinate a whole ecosystem of players to provide users with a full service platform and contribute to France's strategic autonomy in this area, said Pierre-Yves Jolivet, VP Cyber Solutions for Thales.
A single point of entry for cyber threat intelligence in France Led by Thales, which will coordinate its capabilities and expertise with those of 10 other companies and organisations specialising in cybersecurity, SCRED will offer a range of services that no other country has yet been able to provide through a single system. They include a national database to pool and exploit threat intelligence in a trusted cloud, an analysis service to provide insights into threats at any given point in time, and data analytics to reveal trends and make projections based on models and advanced artificial intelligence technologies.
Greater strategic autonomy in the cyber domain SCRED will provide users with a competitive edge by reducing the cost of accessing cyber threat intelligence and responding to attacks. It will help to consolidate users confidence in information systems, support greater cyber sovereignty by using French solutions, and pave the way for new standards recognised in Europe and internationally.
The data collected from SCRED members and the user community will lay the foundations for the creation of a new National Cyber Situation Analysis Centre. Further ahead, the project could support EU-wide autonomy in the production and use of cyber intelligence data, threat detection capabilities and information sharing between countries, sectors and companies. This ambitious project will also support the development of emerging European companies and market leaders.
Data stewardship by communities of interest In the age of information warfare, the phenomenon of data poisoning is a growing concern for the Cybersecurity Operations Centres (CSOCs) and Computer Emergency Response Teams (CERTs) that gather vast amounts of raw and non-contextualised data about cyber activity. Relevant data processing and analytics skills are therefore highly sought after by companies of all sizes.
According to a report published in March 2023 by ANSSI, France's national agency for information system security, the number of proven cases of unauthorised access reported to the agency increased by 37% from 2020 to 2021, with smaller businesses and public service providers among the most frequently targeted organisations.3 A single data gathering and analysis centre, with information shared across a given community of interest - such as the space industry, naval defence, aviation or any other sector of activity - will help to meet growing demand from players who currently have few tools at their disposal.
Participants in the SCRED project:
ATOS, Filigran, GeoTrend, Glimps, Harfanglab, KORLabs Cybersecurity, Sekoia, SnowPack, Insitut Mines T l com - T l com SudParis, INP Grenoble, Thales.
Attend the FIC conference on April 6 2:30-3:30 p.m. : FIC EUROPE - Du 5 au 7 avril 2023 - Lille Grand Palais (forum-fic.com)
Towards a strategic autonomy of cyber intelligence?
Alexis Caurette, VP Strategy and Marketing BL CDS
Ivan Fontarensky, Cyber Threat Intelligence Expert
1 SCRED: Socle Commun du Renseignement cyber Et de la D tection / shared cyber intelligence and threat detection platform
2 Interview with Verslo inios (europa.eu) : We need banks to be prepared. That's why for next year we are launching a thematic stress test on cyber resilience, which will try to test how banks are able to respond to and recover from a successful cyberattack. It's a new exercise, and