Cyber Threat Intelligence

Cyber Threat Intelligence and Detection Common Base or simply Cyber Threat Intelligence (French: Socle Commun du Renseignement cyber Et de la Détection) is a collaborative project [1] which has the goal to provide a set of cyber threat intelligence services for the French market, aimed at cybersecurity teams [2].

Context and Objective

According to an analysis published by the Agence nationale de la sécurité des systèmes d’information (ANSSI), the French National Cybersecurity Agency, the number of proven intrusions into information systems reported to the Agency has increased by 37% between 2020 and 2021, with small and medium-sized enterprises (SMEs), intermediate-sized enterprises (ETIs) and local authorities being the first victims. It is in this context that Cyber Threat was created [1]. It was announced on April, 5, 2023 [3]. Its objective is to create, within three years, a single platform for companies and public administrations, giving them access to intelligence services of cyber interest [1], namely:

  • Access to a national Threat Intelligence database (the memory);
  • An Analysis Center acting as an enrichment service;
  • Threat weather forecasts, explaining trends and predicting future attacks;
  • An automatic system for proposing the use of indicators. [2]

In the long term, this system will make it possible to establish the foundations of a centralized service offer with a National Cyber Situation Analysis Centre, whose vocation is to respond to the challenges of European sovereignty.The project intends to provide a range of services in a single system: a national database that will pool data and enhance them within a trusted cloud, an analysis service that will make it possible to understand the threat at any given moment, and an automatic analysis of the trend and projections based on models that benefit from advanced artificial intelligence technologies [1].

Leadership and Collaboration

The consortium organized by the technology company Thales includes industry giants such as the ATOS group, cyberthreat intelligence specialists such as Sekoia, detection specialists such as GLIMPS, detection and/or intelligence solution providers such as HarfangLab and Filigran, IT security specialists such as Snowpack and KOR Labs, contextual analysis specialists such as Geotrend, and two academic partners: Institut Mines Télécom (IMT) and Grenoble INP [2].

This project, which is part of the national cyber strategy of the France 2030 investment plan, was selected following a call for projects launched by Bpifrance. The project is financed by the State [1].

References