Public administrations: how should you choose your cybersecurity solution?
08 07 2019
The digital transformation has unleashed a storm of cyberattacks that are undermining public administrations and their information systems. Faced with the multitude of firewall options on the market, how can you select the most appropriate cybersecurity solution? A three-part response from Raphaël Granger, Account Manager for Public Administrations at Stormshield.
What kinds of regulatory obligations are imposed on the public sector?
The public sector is subject to a variety of different cybersecurity regulations. As such, each administration must first determine which regulations apply to it. For example, France’s regulatory framework consists of three pillars with varying degrees of strictness. The Military Planning Law (MPL) requires that public administrations under its jurisdiction use ANSSI-qualified solutions, while the General Security Baseline (GSB) merely recommends it. For its part, the Security Policy on Government Information Systems (SPGIS) describes it as good practice, alongside the use of certified solutions. This national framework is complemented at the European level by the GDPR and the Cybersecurity Act.
At present, Stormshield Network Security (SNS) is the only firewall solution qualified as “Standard” by the ANSSI. Why is this important?
It is the result of a complex process that goes beyond certification and attests to the reliability of our product. It’s also a sign of the ANSSI’s trust in us: qualification is bestowed after six to eight months of testing by the agency, which also examines the solution’s source code.
What other criteria should be taken into account when selecting a cybersecurity solution for a public administration?
It is very important to:
- Focus on the essential features needed to meet your firewall requirements and comply with your regulatory obligations. Instead of choosing a product based on a myriad of proposed features that won’t really be used, it’s more important to select a product that will perfectly meet the needs of your public administration.
- Make sure the solution is a good fit for the needs and architecture of your information system (IS).
- Choose a reliable partner that specialises in protecting the information systems of public administrations. This is the case for Stormshield, which does a lot its business in the public sector (local governments, core ministries, etc.).
- Choose a local partner. Through its distribution network, Stormshield has cultivated a regional presence and a European footprint—two complementary assets that will ensure it will always be by your side