“Cyber warfare has begun and France must be ready to fight it,” Florence Parly, the French minister for the armed forces, declared on Jan. 18. Parly was introducing the new French Military Cyber Strategy, which consists of two separate documents: the Ministerial Policy for Defensive Cyber Warfare (hereafter the Ministerial Policy) and the Public Elements for the Military Cyber Warfare Doctrine (hereafter the Public Elements). Together, these documents outline the French Ministry of Defense’s (ministère des Armées) doctrine on lutte informatique défensive et offensive, or defensive and offensive cyber warfare.
This marks the first time France has disclosed elements of its military cyber strategy, most importantly the offensive aspects of that strategy. As Parly noted, this new strategy is part of a broader effort she is leading to adapt the French army to 21st-century threats.
This article will analyze the main elements of France’s military cyber defense strategy and doctrine and examine how they relate to France’s overall cyber defense strategy as outlined in the 2018 Strategic Review of Cyberdefense. The content of the newly released documents is not so surprising, as it reflects the long evolution of military cyber defense in France over the past decade and illustrates France’s global approach to this emerging domain, outlined in War on the Rocks last year by Boris Toucas. But the choice to publicly release the doctrine — especially its offensive dimension — both affirms France as a cyber power and sets a precedent for future national cyber strategies.