France ANSSI

Panorama de la cybermenace 2025: France Under Cyber Attack Pressure

ANSSI published its 2025 cyber threat panorama, reporting 3,586 security events processed in 2025, an 18% decrease from the prior year. The report identifies education/research (34%), government/territorial authorities (24%), health (10%), and telecommunications (9%) as the four most targeted sectors. The agency notes rising cybercrime with increased data exfiltration attempts, state-sponsored threats from Russia and China for espionage, and erosion of distinctions between state and criminal actors. NIS2 transposition and the Cyber Resilience Act are cited as regulatory pathways to raise ecosystem security levels.

Security Supervision Reference Architectures - Call for Comments

ANSSI has issued a call for comments on reference architectures for its forthcoming security supervision doctrine, covering both deployment architectures and implementation technologies. The consultation targets OIV, OSE, ministries, security supervision providers (PDIS, MSSP), and software publishers. Responses are due by 7 May 2026 and will inform two upcoming technical guides as well as future PDIS qualification criteria.

State Digital Security Roadmap 2026-2027 Published

ANSSI has published the State Digital Security Roadmap for 2026-2027, setting priority digital security efforts for French ministries. The roadmap was made public in the context of heightened cyber threats and 2025 data incidents affecting ministry systems. It aligns with EU NIS 2 Directive (2022/2555) compliance and begins preparation for post-quantum cryptography transition with implementation targets toward 2030. Monthly operational monitoring will be conducted by the Interministerial Committee for Digital Security Monitoring (CINUS).