France has created a new national IT systems security agency to better defend its IT networks.
The French Networks and Information Security Agency (FNISA) will conduct a round-the-clock watch on sensitive government networks in order to detect and respond to cyberattacks.
That mission is increasingly important, as U.S. and South Korean government authorities have battled this week with attacks on their information infrastructures.
The French agency will also advise government departments and commercial network operators on best practices, and provide information about information security threats and how to avoid them to the general public.
In addition, FNISA will help develop trusted IT products and services for use by French companies and government networks. The possibility that key network infrastructure purchased from foreign suppliers could contain hidden “back doors” allowing them to spy on communications has become a concern for governments in recent years. A plan by Chinese network equipment manufacturer Huawei Technologies to acquire a stake in U.S. vendor 3Com in 2007 fell apart after U.S. lawmakers raised questions about the potential effect on national security.
FNISA was set up at the request of President Nicolas Sarkozy following a review of defense and national security last year. Its creation was announced in the government’s Official Journal on Wednesday.
The agency is recruiting, and the vacancies to be filled give a taste of what concerns it.
For one post, it is looking for an engineer with experience in securing VOIP systems — on desktop and mobile systems.
Another post will deal with the security of the physical layer of wireless communications systems, including Wi-Fi networks and contactless payment systems.
There are no clues which way the agency leans in the description of a post dealing with operating system security: neither Windows nor Linux gets a mention, although the ideal candidate will have experience of virtualization and compartmentalization of processes.
FNISA will take the place of an existing government agency, the Central Information Systems Security Division, which was set up in 2001 to advise the government and provide information to the general public on information security threats. Both agencies, old and new, fall under the control of the General Secretary for National Defense.