The Burgundy-Franche-Comté Regional Council is setting up a regional emergency response center for cybersecurity incidents, the project benefits froman envelope of one million euros as part of the France Relance plan. Overseen at the regional level by ARNIA (Regional Digital and Artificial Intelligence Agency), it will be backed by ANSSI, the National Agency for Computer Systems Security. The structure should be operational within four months.
Computer attacks, such as ransomware or data theft, are more and more numerous and now affect both multinationals and very small businesses at local level, and increasingly, communities such as town halls, or public structures such as hospitals are targeted. “20% of ransomware victims in France are local authorities“, indicates Véronique Brunet, ANSSI delegate for Bourgogne-Franche-Comté” and it is estimated that there is one attack per week on the infrastructure of the hospital chain“.
Franche-Comté companies forced to file for bankruptcy after a cyberattack
Being able to respond to attacks at the regional level is now a necessity, the example given by Véronique Brunet is telling: “During the first confinement, _an attack in Franche-Comté affected around fifty companies_small, medium and large, the time to receive information from each, to understand how the attacks took place, we realized that all these companies had the same service provider, and that the attack had gone through this way . Two of these companies were forced to file for bankruptcy. If there had been a response center at the time which would have listed the incidents and seen things happen, we could have alerted in advance and prevented these structures from finding themselves in a difficult situation.“.
Objective for this center: to be as close as possible to the field by addressing businesses, communities and associations in the region, both for prevention and to intervene as soon as an attack is detected. “The day a business or community is attacked, it can call a dedicated number“, Explain Patrick Molinoz, vice-president of the regional council in charge of digital transition“the center will be able to analyze what happened, make concrete recommendations in an emergency to secure what can be secured, then it will help find the right doctor“.
The center will be operational in four months
The cyberattack response center will not be intended to “repair” the damage done to the company, but it will direct the victims to labeled companies that can take care of this technical aspect. A center manager has been recruited and two specialist analysts will join him, they will be trained for 4 months by ANSSIbefore actually starting their activities.