Over the years, many countries including France have developed laws and regulation to enforce cyber security. Guidance, standards and regulations are now part of the cyber weapon.

No matter if you are an Operators of Essential Services (OES) or an Operator of Vital Importance (OVI), you must conform to European, national or international regulations. In all cases, you will have obligations, rules and sanctions.

Seclab’s products are compliant with many of these laws and regulations.  Our Electronic Airgap technology covers by default segregation of domains, but it can be use in many other ways.

FRENCH MILITARY PROGRAMMING LAW (French LPM)

France was the first country to regulate an effective and mandatory cybersecurity system for critical infrastructures. French LPM is the origin of the NIS Directive.

This system made it possible to identify the Operators of Vital Importance (OVI), private and public, who operate or use installations deemed essential for the survival of the Nation. 12 sectors are defined :

  • Energy
  • Transport
  • Water management
  • Industry
  • Finance
  • Communications
  • Health
  • Military activity
  • National civil activity
  • Judicial activity
  • Food
  • Space and research

This security notably involves the application of a certain number of security rules.

EUROPEAN NIS DIRECTIVE

Inspired by the french LPM, the Directive on security of Network and Information Systems (NIS Directive) was developed by the european parliament in August 2016. Member States had to transpose the Directive into their national laws by 9 May 2018 and identify operators of essential services (OES) by 9 November 2018 :

  • Energy ( Electricity, Oil, Gas )
  • Transport ( Air transport, Rail transport, Water transport, Road transport )
  • Banking, Financial
  • Health sector ( including hospitals, private clinics and online settings)
  • Drinking water supply and distribution
  • Digital Infrastructure

The NIS Regulations set out strict compliance obligations for OES to ensure they “take appropriate and proportionate technical and organisational measures to manage the risks posed to the security of network and information systems which they use in their operations

EUROPEAN CYBERSECURITY ACT

The Cybersecurity Act (in force since June 2019)  :

  • strengthens the role of ENISA: the agency now has a permanent mandate, and is empowered to contribute to stepping up both operational cooperation and crisis management across the EU. It also has larger financial and human resources than earlier.
  • the definition provides for a European cybersecurity certification framework, essential to strengthen the security of the European digital single market.

ENISA (‘European Union Agency for Network and Information Security’) is the EU’s agency that deals with cybersecurity. It provide support to Member States, EU institutions and businesses in key areas, including the implementation of the NIS Directive.

HOW SECLAB IS ABLE TO HELP YOU

  • Seclab’s solutions are designed to protect network (Sec-XN) or USB (Sec-XU) by segregating each area. Our Electronic Airgap Technology has been created to segregate each part of critical domains.
  • From the french law derived from the NIS Directive, the 8th point is dedicated to the ‘cloisonnement’, meaning segregation.