The interministerial coordination committee on cyber-prevention and cybersecurity
Given that cybersecurity covers a wide range of areas and falls within the remit of many State bodies, the Government decided on 13 December 2017 to set up an interministerial committee bringing together the players concerned, to be responsible for ensuring national coordination on cybersecurity matters.
The committee's members represent the main State bodies active in cybersecurity at the national level. Its chair and secretary is the High Commissioner for National Protection.
The committee's missions are:
to ensure the consistency of actions and initiatives undertaken in the areas of cyber-prevention and cybersecurity;
to coordinate the implementation of the initiatives launched and the measures decided on at the European and international level in the areas of cyber-prevention and cybersecurity;
to monitor the implementation at the national level of policies decided on at the European and international level;
to advise the Government in the areas of cyber-prevention and cybersecurity by identifying topics and priorities to be considered in this area, and the players responsible for implementing them;
to discuss the positions on cyber-prevention and cybersecurity to be adopted by national representatives at European and international bodies.
The High Commission for National Protection
The mission of the High Commission for National Protection (HCPN) is to ensure that the nation is always and in all circumstances protected against threats that could seriously infringe upon the country's sovereignty and independence, the free functioning of its institutions, the safeguarding of its national interests and the safety of the population.
With regard to cybersecurity, the HCPN takes action in terms of preventing, anticipating and managing cyber-crises and protecting critical infrastructures.
The Cyber Emergency Response Plan defines the action the government must take in the event of a technical flaw or large-scale attack on the information systems of the public and/or private sector.
A further mission of the HCPN is to coordinate and draw up the national strategy on the security of network and information systems.
The National Information System Security Agency (ANSSI)
The ANSSI is the national agency with responsibility for the security of both classified and non-classified information systems used by the State. The Agency's main missions are to define the State's general policy on information security, to define, in collaboration with the players concerned, policies and guidelines on information security for specific fields, to define the approach to risk management, and to promote the security of information by measures to increase awareness.
The function of the National Information System Security Agency is carried out by the High Commission for National Protection.
The CERT Gouvernemental (GOVCERT.LU)
The main missions of the CERT Gouvernemental are to constitute a single point of contact dedicated to handling large-scale security incidents affecting the networks and information systems of State administrations and departments, to provide a watch for detecting, alerting and responding to large-scale IT attacks and security incidents, and to serve as the national Computer Emergency Response Team (national CERT) and military Computer Emergency Response Team (military CERT).
The CERT Gouvernmental falls under the authority of the HCPN.