2021, a year “rich and full of dynamism in cyberspace,” announces Anssi leader Guillaume Poupart in the introduction to this new report on the agency’s activities. A dynamism that appears both on the side of defenders and on the side of attackers, “ransomware, denial of service attacks, computer sabotage, cyber espionage – these are all words that have gradually found a recurring place in the news and daily life of our companies, our administration and all the French,” the director notes. But faced with a growing threat, Annecy does not disarm. If Guillaume Poupart does not explicitly mention his impending departure, which was announced to the agents at the beginning of the year, he says that he is “so confident and optimistic that for eight years I could count on the ANSSI agents, on their values. , to their perfection. »
The report offers several numbers to gauge the level of agency involvement over the past year. Thus, the agency reports 2,089 messages received by its services, which is less than last year, which was then 2,287. On the other hand, more of these messages led to “incidents”: 1,057 in 2021 against 759 in 2020 year, including 8 “major incidents”. Finally, the agency was involved in 17 cyber defense operations, down from 20 last year.
To cope with this constant threat, Anssi continues to develop its activities. Thus, at the end of 2021, the agency had a total of 573 agents, compared to 548 last year. But Anssi is diversifying its premises, notably by opening a branch in Rennes in 2023 and taking over a new facility at the Cyber Campus in La Defense. The agency’s operating budget, excluding salaries, remained the same as last year: 21 million euros. In 2018, the total budget of the agency, this time including the salary fund, was estimated at more than 100 million euros. The total number of agents was also slightly higher in 2019 at 610 agents.
Among the missions the agency handled, the implementation of security paths continued with funds received from the recovery plan, a total of 600 organizations were able to take advantage of these “cybersecurity paths”: as the agency explained, the purpose of these courses is to support organizations in “diagnosing” the state of IT – the safety of the facility before the implementation of corrective measures. Another topic funded from the recovery plan package for the agency is the creation of regional CSIRTs, which the first 7 applicants have already benefited from.
Finally, the Agency continues its labeling and knowledge sharing efforts, with 323 Anssi security visas issued in 2021. Among these visas, the Agency has 167 qualifications and 156 certificates. And may be glad to publish 48 papers intended for the general public.