Strengthened HR capacities

Over the past year, Brittany Ferries has notably doubled the size of its cyber team, responsible for maintaining the front line. Today, seven staff members are responsible for cybersecurity. Their mission is to protect the company against attacks and to educate their colleagues on board and ashore.

Brittany Ferries joins the France Cyber ??Maritime association and tests its defences in real conditions

The association, based in Brest, organized in partnership with YesWeHack an event called Bug Bounty in May 2022, in which Brittany Ferries participated. This Live Hacking exercise is the first in Europe specifically dedicated to the maritime sector.

For two days, cybersecurity experts known as "ethical hackers" tested Brittany Ferries' online booking platform for vulnerabilities, highlighting weaknesses that could be exploited by criminals.

“This Bug Bounty was important for two reasons,” said Ian Frens, cybersecurity manager at Brittany Ferries. “Firstly, it was the first European Live Hacking event to benefit the sector, often seen as more vulnerable than others. Second, the event gave Brittany Ferries important insight into potential weaknesses in its reservation systems. Finally, it helped identify potential attack paths adopted by cybercriminals to target the core of our business.”

Xavier Rebour, Director of France Cyber ??Maritime, adds “The Bug Bounty has been popular in the IT world for some time, but we decided to apply it to a new environment. This Bug Bounty, baptized “Battleship”, was the first dedicated to the maritime world in Europe. We were more than delighted when Brittany Ferries gladly agreed to join the adventure. We are all the more pleased to see how fruitful the exercise has been. We will organize a second Battleship in 2023 and encourage maritime companies to join the event to test their digital systems”.

Brittany Ferries obtains Bureau Veritas certification

Brittany Ferries has been a pioneer in the sector, obtaining Bureau Veritas certification for the two newest vessels in its fleet. The SALAMANCA achieved Cyber-Managed status in June, joining her sister ship, the GALICIA. This class rating requires shipowners to conduct a risk assessment of the vessel and to define and implement policies and procedures to manage cybersecurity. These vessels are among the very few vessels under the French flag to have obtained this certification, demonstrating Brittany Ferries' commitment to meeting high standards in terms of cyber risk management.

Staff awareness campaigns

The Brittany Ferries cyber team has taken steps to heighten the vigilance of what is often seen as one of the prime targets of attackers, company personnel. To do this, the team hired a company to educate all employees on the methods and approaches adopted by criminals who try to steal information or infiltrate networks using malware.

In the weeks and months following the awareness, employees were targeted with fake phishing emails promising, for example, enticing perks. In the event that an employee does not detect the threat, clicks or downloads the file, he is immediately informed of his error, is reminded of the good reflexes to adopt as well as the obligation to remain vigilant at all times.