The maritime sector plays a key role in the EU economy and society, accounting for a large segment of Europe’s overall freight and passenger transport. However, as the sector has been steadily undergoing a digital transformation with the introduction of innovative solutions based on ICT and the convergence between IT and OT, the cyber risk profile has also changed. Combined with a significant increase in cyber-attacks against key maritime actors such as ports and shipping companies, this change highlights the need for maritime cybersecurity to be addressed in more detail.

The maritime sector comprises a complex ecosystem with many interdependencies and organisations of different size, operational scope, ICT complexity and cybersecurity maturity working in tandem to ensure the unhindered provisioning of freight and passenger transport services. Port authorities, terminal operators, other entities operating within ports, shipping companies, classification societies, shipbuilding companies and more each play a key role in this ecosystem and their individual cybersecurity posture is key for the maritime sector. The NIS Directive recognises this fact by identifying a plethora of maritime operators as Operators of Essential Services (OES).

The EU Agency for Cybersecurity intends to keep playing its role in the continuous process of strengthening the cybersecurity of the EU maritime sector by: Addressing key issues and recommendations

  • Supporting the development and implementation of the relevant policy and regulatory framework
  • Facilitating information sharing and the exchange of good practices between maritime stakeholders
  • Conducting awareness raising activities and organising physical and virtual events
  • Promoting discussions and validating activities through the maritime work stream in TRANSSEC

We use cookies on our website to support technical features that enhance your user experience.
We also use analytics. To opt-out from analytics, click for more information.

I've read it More information