The year 2021, a year “rich and full of dynamism in the cyber field” announces the leader of Anssi Guillaume Poupard in the introduction to this new activity report of the agency. A dynamism that is illustrated as much on the side of defenders as that of attackers, “ransomware, denial of service attacks, computer sabotage, cyber espionage are all words that have gradually found a recurring place in the news and daily life of our companies, our administrations and all French people” notes the director. But faced with the growing threat, the Anssi does not disarm. If Guillaume Poupard does not explicitly mention his forthcoming departure, announced to the agents at the beginning of the year, he says he is “confident and optimistic so much, for eight years, I was able to count on the ANSSI agents, on their values, on their excellence. »
The report offers several numbers to estimate the agency’s level of engagement over the past year. Thus, the agency reports 2,089 reports received by its services, a lower figure than last year, which was then 2,287. On the other hand, a greater number of these reports resulted in “incidents “: 1057 in 2021 against 759 in 2020, including 8 “major incidents”. Finally, the agency was engaged in 17 cyber defense operations, a figure slightly lower than last year, which had 20.
To deal with this ever-constant threat, Anssi continues to develop its activity. The agency thus had a total of 573 agents at the end of 2021, compared to 548 last year. But Anssi will diversify its premises, in particular via the opening of a branch in Rennes in 2023 and the occupation of a new space within the Cyber Campus at La Defense. The agency’s operating budget, excluding payroll, remained the same as last year: 21 million euros. In 2018, the agency’s total budget, this time taking into account the payroll, was estimated at more than 100 million euros. The total number of agents was also slightly higher in 2019, at 610 agents.
Among the missions that occupied the agency, the implementation of security pathways through the funds obtained by the recovery plan continued, with a total of 600 organizations having been able to benefit from these “cybersecurity pathways”: such as explained the agency, these courses aim to support organizations in “diagnoses” on the state of IT security of the entity, before implementing corrective measures. Another subject financed by the envelope allocated to the agency by the recovery plan: the establishment of regional CSIRTs, of which the first 7 candidates have already been able to benefit.
Finally, the Agency is continuing its efforts in terms of labeling and knowledge sharing, with 323 Anssi security visas issued in 2021. Among these visas, the Agency counts 167 qualifications and 156 certifications. And can be delighted to have published 48 documents intended for the general public.