The General Secretariat for Defence and National Security of France (SGDSN) has published the National Cybersecurity Strategy for 2026–2030, setting out the state’s medium-term priorities in response to growing cyber threats to citizens, institutions, the economy, and critical infrastructure.
The document outlines five key areas. The first is the creation of the largest cybersecurity talent pool in Europe by increasing the number of students and specialists, developing relevant programs in EU countries, and promoting workforce mobility among member states. The second focuses on strengthening the cyber resilience of the economy and social sector, enhancing the ability of the state and businesses to recover quickly from large-scale attacks, and introducing mandatory security standards for critical infrastructure based on a nationwide digital risk management system.
The third area предусматриes deterring cyber threats by demonstrating defensive capabilities, increasing the cost of attacks for potential adversaries, strengthening accountability for cybercrime, and developing early threat detection tools. The fourth involves controlling and protecting the digital environment of the defense sector, including reinforcing the role of the Cyber Defence Command (COMCYBER), integrating cyber operations into military doctrine, and investing in artificial intelligence, quantum computing, and other advanced technologies. The fifth focuses on maintaining cybersecurity at the European and international levels through coordination within the EU and promoting international norms of responsible state behavior.
The strategy marks France’s shift from a fragmented incident-response approach to a systemic model of cyber deterrence and preventive risk management, while formally recognizing cyberspace as a full-fledged dimension of national defense. The emphasis on building a large-scale talent pool and fostering European mobility for specialists also has a geopolitical dimension aimed at reducing Europe’s technological dependence.
