A key concern for public transport
All over the world, cyberattacks are on the rise, and the transportation sector is also a target. In an increasing digital environment, many systems such as driverless metros, signaling, and ticket sales depend on computers to operate.
Cyberattacks can have serious consequences for networks and passengers, including system takeover, theft of personal data, and more. That's why we do everything we can to protect our information systems and secure our data.
• PHYSICAL IMPACT: Full or partial loss of control of a system or vehicle resulting in a risk of injury.
• DYSFUNCTIONS OR PARALYSIS: Ticketing system blocked, Assets damaged, Rolling stock shut down, False information propagated.
• FINANCIAL LOSSES: Ransomware, Embezzlement, Loss of revenue, Recovery and restoration costs, Fines for non-compliance.
• DAMAGE TO THE BRAND'S REPUTATION: Loss of passenger confidence in public transport, leading to a decline in ridership.
• OPPORTUNITY LOSS: Strategic information leaked, Espionage.
Cyberprotect: our program to protect and systems
RATP Dev is committed to a proactive approach to securing data and information systems through a dedicated program, CyberProtect, designed in the spirit of ISO 27001 and the NIST cybersecurity framework, the key standards for cybersecurity.
The CyberProtect program addresses each level in the cybersecurity value chain: anticipation, protection, detection and resilience.
ANTICIPATION
Develop organizational understanding to identify cyberthreats and mitigate the associated risks.
- Establish clear governance and effective organizational systems to support cybersecurity.
- Ensure strict compliance with local, national and international cybersecurity standards, laws and regulations.
- Apply an effective risk management plan and adopt a continuous improvement process.
PROTECTION
Develop and implement appropriate safeguards to limit or contain the impact of a potential cybersecurity event.
- Design and implement security for the entire life cycle of the systems.
- Monitor and adjust the level of security throughout their lifetime.
- Implement digital and physical protection solutions to ensure the complete security of our systems.
- Utilize cybersecurity threat intelligence services to collect and organize information on cyberthreats.
DETECTION
Develop and implement appropriate actions to identify the occurrence of a cybersecurity event.
- Develop a cybersecurity culture and related skills within the organization: properly trained employees are a very effective first line of defense in the overall detection system.
- Manage risks that could be introduced by third parties in the RATP Dev supply chain.
RESILIENCE
Contain the impact of a potential cybersecurity incident, maintain resiliency plans and restore services impacted by an incident.
- Develop and implement effective incident and crisis management systems.
- Design a business continuity management process to minimize the impact of incidents and ensure an acceptable level of recovery of lost data.
- Prepare a disaster recovery plan in case a major crisis occurs.
x4
increase in the number of cyberattacks in one year in France (2021)
90%
of businesses affected by a cyberattack in 2019
3rd
sector most often targeted by cyberattacks in 2019
A closer look at some of the actions of the CyberProtect program
PHISHING AWARENESS CAMPAIGNS
Since 2020, RATP Dev has conducted several phishing awareness campaigns. Using specially designed software, our cybersecurity teams can send a fake malicious email and watch how the targeted employees respond (do they click on a suspicious link, enter information on a suspicious website, etc.).
The latest campaign targeted approximately 2,500 employees in various subsidiaries in France, the UK and Italy: 86% passed the test.
SECURING A MOBILE APP DEVELOPED IN-HOUSE
RATP Dev has developed an app for passengers called WIP (Walk in Peace) to promote solidarity and safety on public transport. To make the app secure, RATP Dev conducted two phases of cybersecurity testing:
- The first phase was conducted on the Rapid7 platform;
- The second phase was conducted on Pradeo and Yeswehack (Bug Bounty program).
The vulnerabilities detected by the tests were fixed before the application was released.
