France’s Cybersecurity Landscape Evolves: Adopting AI, Integrated Platforms, and GRC Policies to Counter New Threats and Regulations
A groundbreaking report from tech advisory firm Information Services Group (ISG) has shed light on the evolving cybersecurity landscape in France, with AI threats and stricter regulations prompting businesses to reassess their security strategies.
As security budgets expand, French enterprises are seeking expert advice to establish priorities and tackle growing security challenges effectively. According to the 2025 ISG Provider Lens Cybersecurity – Services and Solutions report, these organizations are adapting to a more intricate, multi-layered security environment, with many incorporating AI-powered defense solutions in response to new regulations, cloud adoption, fiscal constraints, and a shortage of skilled workers.
Julien Escribe, partner and managing director at ISG, commented, “The approach companies in France are taking towards security services is evolving.” He added, “With expanding security budgets, enterprises require guidance and insight to set the right priorities and address security issues effectively.”
The report indicates that businesses are gravitating towards comprehensive solutions for security rather than relying on multiple tools. Organizations are seeking service providers capable of bolstering their security teams as they navigate the complexities of multicloud and cloud topologies, which present integration, visibility, and management challenges, according to the company. As a result, companies find it challenging to maintain oversight of applications, leading them to employ solutions like secure access service edge (SASE), which combines network security and connectivity in a unified service.
The report underscores that French organizations are prioritizing integrated security platforms for a comprehensive view of potential threats and centralized defense management. Financial constraints and the ongoing shortage of cybersecurity talent have led many businesses to rely on technical security service (TSS) providers for support, centralized platforms, and automation.
ISG notes that French enterprises must incorporate governance, risk, and compliance (GRC) policies into their security strategies due to the impending implementation of EU regulations such as the NIS2 directive and AI Act. Over 15,000 French businesses will be subject to additional compliance, according to the report.
The paper also highlights that malicious actors are utilizing AI in cyberattacks, creating new challenges for detection and response. In response, companies are turning to security service providers that leverage genAI and machine learning. These clients are investing more in AI-driven detection, employee training, and automated responses.
Benoît Scheuber, a principal consultant and security analyst at ISG, stated, “The cybersecurity landscape is being revolutionized by AI, leading companies to seek providers capable of integrating tools that enhance efficiency.” He further added, “Clients are looking for providers that can seamlessly integrate the best products into a unified platform for operational efficiency.”
