29 Nov Pan-European Cybersecurity Campaign – Opinions and Experiences
RESPONSE OF OUR MEMBER STORMSHIELD TO THE CYBERSECURITY CAMPAIGN
Message no. 6 of the Campaign: European Cybersecurity Companies live in a context of high level and demanding certifications. That provides a warranty on technical issues but also on quality standards shaping the action of our companies. The ongoing evolution towards European-grade certification criteria will make such a warranty valid across Europe.
In order to ensure their critical mission, cybersecurity solutions are positioned at strategic points in a network or an information system; these solutions often have elevated rights and are placed as close as possible to the most sensitive resources, often without any gatekeeper. Thus, any weakness or vulnerability in these solutions is a major risk since it provides a direct point of access to protected resources. Protection systems must offer assurances of robustness and quality and, therefore, be considered to be trustworthy. For this, it is necessary to rely on technologies that are part of a continuous certification and qualification process.
With its first official certification obtained in 2004, Stormshield is fully engaged in this dynamic. Our trusted technologies are qualified and certified at the highest European level for VPN and Firewall products, with certificates and labels issued by French, Dutch, Spanish, NATO and EU institutions. Some of the related assessments go far beyond an external test of the product’s security, integrating code audits and a review of design, development and vulnerability patch management processes. The proven robustness of our products enables us to support organisations and companies with extreme criticality regarding cybersecurity issues. Based on our strong experience in this field, we have been invited by the European Union Agency for Cybersecurity, ENISA, to work on the definition of the European product certification scheme, within the framework of the European Cybersecurity Act. This initiative is aimed to elevate the level of trust in technology, in a harmonized manner, within Europe.
Message no.8 of the Campaign: While we see that Cybercrime borders are often blurred between cupidity-moved hackers and state-backed actors, sovereign Cyber solutions are a necessity to protect against all malicious attacks. Supporting European alternatives is also meant to ensure freedom of choice for the future.
In cyberspace, relations between the superpowers are strained. It is now impossible to talk about digital and telecommunications without thinking about politics and geopolitics. Between an ultra-controlled American model advocating extraterritoriality (e.g. Cloud Act) and closed or locked Chinese and Russian models (e.g. China’s Great Firewall), Europe is looking for a third way, based on values of transparency, openness and protection of individual freedoms (e.g. GDPR).
In recent years, we have seen the various State-sponsored digital attack and defence strategies of the major international powers taking shape under the guise of cybersecurity. Cyber warfare is under way, as Florence Parly, French Minister of the Armed Forces, stated in January 2019. Controlling one’s means of protection is becoming a strategic priority. This doesn’t only affect state organizations; companies are also targeted. Even small businesses are affected, because they are often part of an ecosystem and can serve as an entry point for rebounds on the information system of a major client or one of their partners.
This shows that the origin of technologies, especially those that handle or protect sensitive data or those that secure vital and critical infrastructures, is paramount. Companies and organizations must therefore take this strategic factor into account in their reasoning before entrusting the security keys of their information system to a supplier. Relying on trusted European technologies allows EU companies and organisations to retain control over their protection and to make sure that efficient alternatives will remain.
Stormshield is a leading European cybersecurity company and the 1st French cybersecurity vendor* providing trusted products to protect IT and OT networks, endpoints and data. Stormshield is a subsidiary of the greatest European Industrial success, Airbus and is serving more than 17 000 customers worldwide. Our R&D is 100% located in France. The mission of our 400 passionate employees is to ensure cyber-serenity for organizations and companies operating critical and operational infrastructures, so that theses businesses can focus, with full peace of mind, on their core activities.
At Stormshield, cybersecurity experts plan how to protect sensitive and critical infrastructure.
Enter text here
Stormshield on Social Media