An operational success, but a still unclear doctrine
The French services, Ansi, SGDSN, Comcyber, Viginum, have so far favored a line of defense based on anticipation, inter -institutional coordination, and the silent response. Demant opposing infrastructure, quickly share compromise indicators, strengthen the reaction capacity of operators of vital importance, so far the method seems to work. No blackout at the Olympic Games, no significant disruption in electronic voting, despite a very unstable international environment.
But behind this success, a substantive question remains: Does France need a formalized doctrine of offensive response?
What would an offensive doctrine mean?
Are we talking about “technical counterattack” capabilities for deterrent? Of coordinated infrastructure neutralization actions outside the national territory? From a commitment to international coalitions conducting targeted operations, such as the United States with its cyber command or certain European agencies during the dismantling of botnets? The expression remains unclear.
But even before defining what it would be legitimate to do, a first series of questions arises:
- Does current French law make it possible to lead active countermeasures without crossing the threshold of digital war?
- Who decides on a possible transition to offensive action? The Prime Minister, the President, the Defense Council?
- What legal guarantees would be necessary to supervise such a posture?
Does strike assume to name?
The question of public attribution also remains unresolved. During the latest Senate hearings, Stéphane Bouillon (SGDSN) and Vincent Strubel (ANSSI) recalled the complexity of a “name and shame” in a cyber context. The imputation is not always certain, and its dissuasive scope remains uncertain. Some states, like the United States or the United Kingdom, regularly appoint their attackers, when France is often behind.
Therefore, should we consider an evolution of public discourse? Or preserve a discreet approach to protect intelligence capacities and avoid diplomatic bids? And how to articulate this posture with increasing expectations in terms of political transparency, in particular vis-à-vis the Parliament or economic operators?
Does the rise in regulatory load change the situation?
With the transposition of Directive NIS 2, the ANSSI field of intervention widens to several thousand entities. The national security dependence report now extends far beyond traditional OIVs. Does this change of scale make a purely defensive strategy tenable? And above all, Can France continue to ensure the protection of such a large perimeter alone without taking the initiative in certain cases?
Again, several options coexist. If an offensive posture does not necessarily imply a strategic rupture, it supposes, at least, a clear debate on capacities, thresholds, and coordination with European partners.
What margins of technological autonomy?
Acting is also having sovereign tools. The control of offensive means (infiltration, disruption, erasure) depends on the ability to develop or control critical technologies. Does France have the ecosystem necessary to act without depending on extraterritorial solutions? And if this is not the case, should we accelerate the investment in a Cyber BitD with an offensive vocation, or pool these capacities at European level?
What to do with an offensive doctrine?
Finally, the question arises, because the offensive response is not an end in itself. It can aim to dissuade, to prevent a recurrence, to point out a strategic limit, but it can also weaken diplomatic or technical balances if it is poorly calibrated.
Before deciding, it will probably be necessary to answer a series of simple, but structuring questions:
- What is the purpose sought?
- What are the risks of climbing?
- What would be the legitimacy criteria of an offensive response?
- And who would carry it political responsibility?
What remains to be written
Operational success more opens the debate than it is the clot of a satisfaction. Because if the resilience has worked, it may also be because the opponent has not yet really crossed the threshold. And at AI time, nothing guarantees that this status quo is due to a brutal change in intensity or method.
The moment is conducive to asking the question, because an offensive doctrine, if it must exist, cannot be built in an emergency.
