Page 43 - Monaco Economy 124
P. 43
La cybersécurité en chiffres* Cybersecurity in figures*
• 1,59 millions d’euros de budget pour les moyens de l’AMSN. • 1.59 million euro budget for AMSN resources.
• 4,98 millions d’euros de budget sécurité numérique pour les • 4.98 million euro cyber security budget for State executive
services exécutifs de l’État. services.
• 68 Opérateurs d’Importance Vitale. • 68 Operators of Vital Importance.
• 588 événements de sécurité ont fait l’objet d’un suivi avec les • 588 security events were followed up with the entities
entités concernées. +52% vs 2020 concerned. +52% vs. 2020
• 29 incidents qualifiés nécessitant des actions approfondies de • 29 qualified incidents requiring in-depth incident response
réponse à incident. -15% vs 2020. actions. -15% vs. 2020.
• 3 rançongiciels. • 3 ransomware.
• 3 intrusions dans des systèmes d’information. • 3 intrusions into information systems.
• 59 escroqueries (tentatives ou commises), usurpations • 59 scams (attempted or committed), theft of digital
d’identités numériques. identities.
• 25 hameçonnages. • 25 phishing attacks.
• 3 infractions commises sur les réseaux sociaux (usurpation • 3 offenses committed on social networks (identity theft,
d’identité, harcèlement, diffamation…) harassment, defamation, etc.)
* Source Rapport d’activité de l’AMSN 2021 * Source AMSN 2021 activity report
The Monaco Cyber Security Agency: «There are many
different scenarios which are constantly evolving» Interview by Milena Radoman
Cyber risk is now considered by many organizations as their number one threat. Frédéric Fautrier,
Director of the Monaco Cyber Security Agency (AMSN), explains how Monaco is coping.
Who manages the crisis if there are cyber- be implemented with the victim and the What scenarios are considered and what
attacks in the Principality? What is the authorities. If the origin of the attack is countermeasures are put in place?
process? Is there a specific plan? located outside the Principality, the AMSN and There are many scenarios which are constantly
We must distinguish the notion of attack the authorities may also have to coordinate evolving, which means that we cannot “rest
from the notion of crisis. The Principality, the the response with their counterparts in the on our laurels». The work to ward off attacks
State, businesses and individuals are subject countries concerned. is done in advance; this includes putting
to greater or less severe digital attacks on a measures in place to understand the evolution
daily basis; fortunately in most cases, crisis Is the objective to protect operators of vital of attack situations and to identify new groups
management is not necessary. importance (OVIs) as a priority? If so, how? of attackers; supervising information systems
If crisis management were triggered following Yes indeed, the priority is to protect OVIs in order to detect the slightest unusual
a cyber-attack, this is because the attack against digital attacks since by definition 1 behaviour; implementing security rules to
would present a general threat to life in the they operate in sectors that are essential protect information systems; raising user
Principality. for the functioning of institutions and public awareness so that they know how to use digital
Crisis management is managed by the services, for economic activity or more tools whilst avoiding traps set by hackers. But
competent authorities, as they do today when generally for life in the Principality; they this list is by no means exhaustive,
an emergency/rescue plan is triggered. operate establishments or use facilities In addition, other strong commitments are
Under these conditions, the AMSN is called or structures whose unavailability could also essential to deal with these scenarios:
upon to characterize and deal with digital significantly affect the aforementioned international cooperation to exchange
attacks and to neutralize their effects in interests. information, because digital attacks have
compliance with Monegasque and international Specific safety rules have been defined with and no borders; bringing hackers to justice so
law and with the validation of the Principality’s for each OVI since 2018. They are required to that they do not go unpunished which deters
2
authorities. If the victim is an operator of vital implement them. The AMSN monitors OVIs on attackers; and modifying legislative and
importance (OVI) the AMSN provides technical a daily basis in accordance with these rules and regulatory frameworks which adapts to the
support and coordinates the response to provides them with technical support. evolution of the threat.
1. see Article 27 of Law No. 1.435
2. see Ministerial Order No. 2018-1053 of November 8, 2018, implementing Article 27 of Law No. 1.435 of November 8, 2016, on the fight against technological crime, as amended.
43
