Thales, a French multinational company specialising in aerospace, defence and security, has announced the launch of a collaborative project called SCRED. The project involves 11 French companies and organisations dedicated to cybersecurity, aiming to create a single platform that provides cyber threat intelligence services to companies and government entities over the next three years. This initiative is part of the France 2030 investment plan and national cyber strategy, which aims to support the development of the country’s cybersecurity sector.
The project was selected after a call for projects launched by the French public investment bank, Bpifrance. Thales will lead the project, and the other companies and organisations involved include ATOS, Filigran, GeoTrend, Glimps, Harfanglab, KORLabs Cybersecurity, Sekoia, SnowPack, Institut Mines-Télécom and INP Grenoble.
The SCRED project will provide a range of services that no other nation has yet been capable of delivering through a single system. These services include a national database pooling and exploiting threat intelligence in a trusted cloud. This analysis service provides insights into threats at any given time and data analytics that reveal trends and make projections based on models and advanced artificial intelligence technologies.
SCRED’s immediate aim is to provide services to French organisations. Still, the platform will also play a role in establishing a centralised service offering, including a National Cyber Situation Analysis Centre that would eventually help ensure European sovereignty in cybersecurity. SCRED will make accessing cyber threat intelligence and responding to attacks cost-effective, which consequently will provide users with a competitive edge, strengthen users’ confidence in information systems, aid greater cyber sovereignty by using indigenous French solutions, and pave the way for new cybersecurity standards validated in Europe and internationally.
As the information systems of contemporary organisations become increasingly complex and exposed to growingly sophisticated cyberattacks, tools that contribute to society’s cyber resilience need to be adopted widely. The European Central Bank recently recommended introducing a cyber stress test for banking institutions next year. A unified national cyber intelligence database, backed by a technical analysis centre, may provide a holistic picture of the threat landscape. Such a broad picture would help organisations better preempt, detect, and share intelligence on the threats within the community.
Data poisoning is becoming a menace for Cybersecurity Operations Centres and Computer Emergency Response Teams in the information warfare age. According to a report published in March this year by ANSSI, France’s national agency for information system security, ANSSI reported that the number of proven cases of unauthorised access increased by 37 percent from 2020 to 2021. The most targeted were small businesses and public service providers. A unified national cyber intelligence database and a technical analysis centre, gathering information from the space industry, maritime, defence, or aviation – could ensure security for organisations devoid of security apparatus.
The data gathered from SCRED members and the wider user community would lay the plinth for a new National Cyber Situation Analysis Centre. SCRED also envisages EU-wide autonomy in producing and using cyber intelligence data, threat detection capabilities and intelligence sharing between countries. This ambitious project will also support the development of emerging European companies and market leaders.
Pierre-Yves Jolivet, VP of Cyber Solutions for Thales, stated that the company is committed to working with other cybersecurity specialists to accelerate the maturity of France’s cyber intelligence capabilities and strengthen the country’s collective security.