WALLIX GROUP, a software company providing cyber security and governance solutions for information systems access, has welcomed the entry into force of new regulations regarding the protection of Operators of Vital Importance (OVI) against cyber attacks. These new legal provisions open up major markets for WALLIX GROUP.
Operators of Vital Importance, around 250 corporations in France to protect
Operators of Vital Importance are defined as public or private sector operators with information systems where violations of security or functioning could substantially diminish the Nation's war or economic potential, security or survival capacity. Today, some 250 state-owned corporations, government departments and major private operators in France are affected.
9 decrees already published for priority sectors
France's National Cybersecurity Agency (ANSSI) has currently published 9 sector-related decrees in the country's Official Journal which define the rules governing the security of OVI information systems. These sectors include:
- Water management
- The provision of natural gas
- The provision of petroleum hydrocarbons
- The provision of electricity
- Maritime and inland waterway transport
- Land transport
- Air transport
Once these sector decrees enter into force from 1 October 2016, OVIs will be obliged to protect themselves against any breaches of their information systems. Accordingly, entities will be required to:
- declare any security incidents to the ANSSI;
- declare all of their Vitally Important Information Systems (VIIS) to the ANSSI;
- provide the contact details of their Fire Safety Systems (SSI) emergency services to the ANSSI;
- comply with the 20 safety regulations linked to: governance, risk and information systems management, systems protection and crisis management in the event of any major information systems attacks.
In concrete terms, OVIs will notably be required to install software or hardware accredited and recommended by the ANSSI used to permanently detect any hacking or external intrusions. They will also be required to implement the appropriate defense systems needed to anticipate and protect all extremely sensitive information against destructive cyber attacks. All offenders face a fine of up to 150,000 euros and a one-year prison sentence in the event of a "default" that compromises sensitive infrastructures.
WAB Suite, an all-in-one accredited solution
Given that this is an issue that dates back to 2013, WALLIX was quick to obtain first-level security certification (CSPN) from the ANSSI for its WALLIX AdminBastion (WAB) Suite offer. WAB Suite is an all-in-one privileged account management solution used to secure and monitor super user access and sessions. Equipped with a password safe with complex, secret and modifiable authentication features, it is able to trace all privileged account activity using real-time monitoring and recording functions.
Combined with sophisticated audit trails, this traceability optimizes response times for security officers in the event of an incident and conforms to the compliance rules dictated by the ANSSI. Rather than react to an attack, the goal is to anticipate any breaches by building adequate defense systems to protect the most sensitive information of these OVIs and avoid destructive cyber attacks.
Operating environments, WAB Suite features and functions and the sensitive data to be protected are all subjected to threat and attack scenarios in order to offer clients and partners the trustworthy solutions that are fundamental for any critical and vital organization.
Today, a host of companies have already chosen WAB to protect the passwords and privileged accounts that provide access to their sensitive data and infrastructures, or to monitor the activity of their internal and external service providers, in particular in strategic sectors such as defense, telecommunications, energy, health or FINANCIAL services.
Cyber security in Europe, a Directive that will apply from 2018
A pioneer in the field, France was one of the first European Union countries to transpose the NIS Directive (Network and Information Security) adopted by the European Parliament and European Union Council which all member states will be required to implement from May 2018 at the latest.
At the same time, the approval by the European Council of its draft General Data Protection Regulation has also opened the way for its final adoption by the European Parliament. The aims of the new regulation are to:
- strengthen the level of protection for individuals whose personal data is processed, and
- increase trade and commercial opportunities in the digital single market.
The reform provides for a series of measures that will apply across the entire European Union and to all European and non-European companies that offer online services. All operators that fail to comply with this regulation can face penalties of up to €20 million or 4% of their global yearly turnover.
Next publication: H1 results on 27 October 2016 after the close of trading.
WALLIX, www.wallix.com, is a software company offering privileged access management solutions for large and medium sized enterprises, public organizations and cloud service providers, helping their many customers to protect their critical IT assets including data, servers, terminals and connected devices.
Wallix AdminBastion Software Suite (or WAB Software Suite) gives the most effective route to security and compliance by reducing its users' biggest security risk – privileged access to IT – in the shortest possible time. With an unobtrusive architecture, full multi-tenancy, and virtual appliance packaging, WAB Software Suite is the easiest solution in its category to implement, use and manage. Its best of breed features which include password management, web access portal, access control and comprehensive session monitoring and recording can be deployed easily and securely on premise or in a hybrid cloud environment.
WALLIX is a public company listed on Alternext, with a strong customer presence in EMEA. WALLIX has offices in Paris, London and Munich. 300 companies trust WALLIX GROUP to secure their IT systems, including Alain Afflelou, Danagas, Dassault Aviation, Gulf Air, Maroc Telecom, McDonald's, Michelin, PSA Peugeot-Citroen and Quick.
For more information, go to: www.wallix.com
ACTUS finance & communication
Jérôme FABREGUETTES-LEIB – Investors Relations
+33 (0)1 53 67 36 78 / firstname.lastname@example.org
ACTUS finance & communication
Nicolas BOUCHEZ – Finance Media Relations
+33 (0)1 53 67 36 74 / email@example.com
Franck TUPINIER – Corporate Media Relations
+33 (0)6 74 68 37 93 / firstname.lastname@example.org
 Article L1332-1 of the French Code of Defense