Transportation
x

Accelerating multi-compliance cyber security in the aviation sector

How did Air Caraïbes' CISO restructure cybersecurity management to increase productivity with Tenacy?
“Tenacy helped us to understand the challenges we faced, and also to justify our budget requests.”
Jean-Michel Pater
CISO at Air Caraïbes
The challenge
Increase productivity and accelerate multi-compliance in the aerospace sector

A member of the French Dubreuil family group, which specializes in transportation, real estate, and hospitality, Air Caraïbes serves more than 20 destinations around the world.

Jean-Michel Pater, CISO, is responsible for all IT issues with a small team, whose tasks range from day-to-day IT management to maintaining optimal cybersecurity.

" Under regulations, and in particular the 3CF, numerous requirements are imposed and require the implementation of specific actions that can quickly become time-consuming, such as data recovery or action plans. "
Jean-Michel Pater, CISO at Air Caraïbes
Productivity
Save time for a small team.
Multi-compliance
Monitor compliance with multiple standards, particularly 3CF.
Governance
Gain visibility and optimize cyber management.
The objective
Simplify and accelerate compliance as standards multiply, and unite the organization around a single platform to restructure cybersecurity management.
The solution

Why did you choose Tenacy?

Workflow automation

+20 native connectors to automate data collection.

Cyber management

Action plans, dashboards, and reports generated in just a few clicks.

Optimized Multi-Compliance

Standardsmapped in the platform and kept up to date to track and manage multi-compliance.

Table of Contents
Discover how Tenacy structures your cybersecurity
Schedule a demo

1/ Centralize and automate data collection

In order to manage cybersecurity under the best possible conditions, Air Caraïbes' CISO needed more than just a compliance monitoring tool: he needed to be able to automate the collection of cyber data via native connectors or the implementation of push APIs.

Thanks to Microsoft Azure AD, Defender, and PingCastle connectors, Tenacy made this possible: data, audit reports, and action plans could be implemented directly in the platform.

Covered objective:

Centralize reliable and actionable cyber data .

" Being able to rely on a solution that brings together all the necessary monitoring elements (dashboards, reports, action plans) in one place is a real plus for a team like ours. No more Excel spreadsheets! "
Jean-Michel Pater, CISO at Air Caraïbes

2/ Gain visibility and accelerate multi-compliance

Multiple regulations, including the French Cyber Compliance Framework (3CF), imposed numerous requirements on the group. These required the implementation of specific, particularly time-consuming actions, such as data recovery and action plans.

With Tenacy, Air Caraïbes was able to gain a comprehensive overview of its cybersecurity posture and track the impact of an action on compliance with multiple standards simultaneously.

Covered objective:

Manage multi-compliance cyber without wasting time.

{{cta-lead-magnet}}

3/ Rely on expert deployment

To enable team members to focus on value-added tasks, Air Caraïbes chose to delegate the deployment of the solution (data recovery, integration of repositories, etc.) to Tenacy as part of its Professional Services.

Experts were present at every stage to enable the organization to make a successful transition without spending hours on it.

Covered objective:

Deploy a cyber GRC platform without disrupting an entire organization.

4/ Prove cyber impact and strengthen credibility

In addition to its collaborative nature and effectiveness in cybersecurity governance, Tenacy played an important role with the senior management of Air Caraïbes and that of its majority shareholder, the Dubreuil Group.

The teams were able to use the platform to easily generate dashboards and reports tailored to different stakeholders.

Covered objective:

Structure cybersecurity and demonstrate its business impact.

"Tenacy enabled us to convey the challenges we faced, but also to justify our budget requests. "
Jean-Michel Pater, Chief Information Security Officer at Air Caraïbes

Results

Stakeholders involved in the company's cybersecurity projects

Time savings

on 3CF compliance.
"For the teams, it's a great way to see the positive impact their work has on strengthening our security." Jean-Michel Pater, CISO at Air Caraïbes

47 independent contributors

on the platform in one year (SSI team members, business departments, senior management).

Global and shared visibility

on audits, analyses, security status.
Conclusion
The Air Caraïbes case study illustrates how an airline facing multiple IT challenges can restructure its cyber governance, simplify multi-compliance, and unite the entire organization around a common vision.
Do these issues resonate with you?
Schedule a demo
Other articles

You may be interested in

ReCyF 2.5 (Cyber France Reference Framework)
Glossary
ReCyF 2.5 (Cyber France Reference Framework)

ReCyF is the French cybersecurity framework based on the European NIS 2 Directive. It sets out 20 mandatory security objectives for critical and essential entities and specifies the acceptable means for demonstrating compliance.

April 10, 2026
CESIN Barometer 2026: analysis of cyber threats and cybersecurity trends in France
News
CESIN Barometer 2026: analysis of cyber threats and cybersecurity trends in France

The CESIN 2026 barometer reveals a paradoxical trend in corporate cybersecurity: while the number of significant cyberattacks is decreasing, their consequences are becoming considerably more severe.

This annual study by the Club des Experts de la Sécurité de l'Information et du Numérique (Club of Information and Digital Security Experts) is an essential reference for understanding the evolution of cyber threats in France.

January 29, 2026
Cyber Resilience Act: everything you need to know about the new European regulation
Compliance
Cyber Resilience Act: everything you need to know about the new European regulation

The purpose of this article is to provide you with a clear and practical overview of the Cyber Resilience Act.

At the end of the document, you will also find advice on how to structure your approach and facilitate compliance.

January 27, 2026

Regain Control of Your Cybersecurity

Schedule My Personalized Demo
30 minutes with no obligation