CYBERSECURITY IN THE MARITIME INDUSTRY: THREATS, RESPONSES, AND INCIDENT MANAGEMENT
DOI:
https://doi.org/10.32782/mathematical-modelling/2025-8-1-6Keywords:
cyber incident, cybersecurity, cyber-incident response plan, project managementAbstract
This article addresses the issue of cybersecurity in the maritime sector amidst the increasing digitalization of mar- itime infrastructure. Recent research and publications on cybersecurity in the shipping industry indicate an increase in threats due to the digitalization of the maritime industry. It emphasizes the importance of implementing effective cyber incident response plans to ensure business continuity and reduce risks associated with cyber threats. The implementation of international standards, scenario testing, and agile process management all form the foundation for cyber resilience in the maritime sector.The purpose of the study is to develop a model for building an effective action plan and response plan for cyber incidents using modern project management technologies and based on data protection standards. As authors, we see the following main tasks: building an action plan to ensure the cybersecurity of the ship based on governing documents, the experience of leading specialists, and an analysis of achievements in the field of cybersecurity on seagoing vessels; implementing the project into the education system of the relevant direction and testing it during the cadets’ swimming practices; further using it for operational training of crew members on ships. Currently, an agreement has been reached to include the built plan in the program of the educational component “Cybersecurity of ship computer networks and systems” of specific educational institutions, such as the Kherson State Maritime Academy.Existing approaches to incident response were analysed, and the possibilities of adapting project management to increase the effectiveness of such measures were investigated. Another goal of this study is to improve the plan for practical training of future shipowners in ensuring cybersecurity on a seagoing vessel by modernizing and changing the content of the educational component. A structured approach to creating a cyber incident response plan focused on the specifics of threats in shipping is proposed. The study’s practical significance lies in the possibility of using the results obtained by shipping companies and port authorities to train personnel by the requirements of international standards.
References
Akpan F., Bendiab G., Shiaeles S., Karamperidis S., Michaloliakos M. Cybersecurity Challenges in the Maritime Sector. Network. 2022. № 2 (1). Р. 123–138. https://doi.org/10.3390/network2010009
A Primer on IMO Cyber Risk Management Guidelines. URL: https://www.american-club.com/ files/files/A_Primer_on_IMO_Cyber_Risk_Management_Guidelines.pdf
Alcaide J.I., Llave R.G. Critical infrastructures cybersecurity and the maritime sector. Transp. Res. Procedia. 2020. № 45. Р. 547–554. https://doi.org/10.1016/j.trpro.2020.03.058
C´elic´ J., Vukšic´ M., Baždaric´ R., Cuculic´ A. The Challenges of Cyber Resilience in the Maritime Sector. Addressing the Weak Awareness of the Dangers Caused by Cyber Threats. 2025. Vol. 13. P. 762. https://doi.org/10.3390/jmse13040762
Complying with the IMO 2021. URL: https://www.missionsecure.com/regulation-overview- imo-2021-cyber-risk-management-compliance
Macdonald F. The lifecycle dilemma Navigating cybersecurity risks across designing, constructing and operating a vessel. Thetius, CyberOwl, and HFW. 2025. URL: https://thetius.com/wp-content/uploads/2025/03/Thetius-CyberOwl-HFW-The-Lifecycle-Dilemma.pdf
Kessler G.C., Shepard S.D. Maritime Cybersecurity. Independently published, 2020. 270 p.
Guidelines on Cyber Security Onboard Ships. 2021. URL: https://www.bimco.org/products/publications/titles/the-guidelines-on-cyber-security-nboard-ships/
Hopkinson S. Navigation: Learn How to Navigate at Sea Paperback (4th ed.). England : Fernhurst Books Limited, 2023. 96 р.
International standard. Information security, cybersecurity and privacy protection – Information security management systems – Requirements. Ed. 3 (ISO/IEC 27001:2022). 2022. URL: https://www.iso.org/standard/27001
International standard. Information technology – Information security incident management. Ed. 2 (ISO/IEC 27035-1:2023). 2023. URL: https://www.iso.org/standard/78973.html
International standard. Maritime navigation and radiocommunication equipment and systems. Ed. 3 (IEC 61162-460), 2024. URL: https://cdn.standards.iteh.ai/samples/108137/f09eb4a33df343f6aee8acb807227f16/IEC-61162-460-2024.pdf.
International standard. SOLAS Consolidated Edition. London : International Maritime Organization Publications, 2020. 574 p.
International standard. STCW Including 2010 Manila Amendments. London : International.
Kaminska N., Kravtsova L., Kravtsov H., Zaytseva T. Modeling ship cyber-security using Markov chains: an educational approach. Proceedings of the 11th Workshop on Cloud Technologies in Education. 2023. Vol. 3679. P. 22–35. URL: http://ceur-ws.org/
Kavallieratos G., Katsikas S., Gkioulos V. Cyberattacks Against the Autonomous Ship. In Computer Security: Springer. Berlin ; Heidelberg, Germany, 2023. P. 20–36.
Кочерєв О. С. Система дипломування судноводіїв у галузі морського, зокрема річкового, судноплавства України. Південноукраїнський правничий часопис. 2021. № 3 (1). P. 77–81. DOI https://doi.org/10.32850/sulj.2021.3.1.13.
NIST Cybersecurity Framework : посібник з побудови кіберзахисту. URL: https://www.nist.gov/cyberframework
Systems Hardening. URL: https://www.beyondtrust.com/resources/glossary/systems-hardening
Горбов В., Ратушняк І., Горбова Г. Стандарти компетентності персоналу морських суден та захисту його прав. Миколаїв : НУК, 2023. 180 с.
Корнієнко O. Тенденції цифрових технологій у морському менеджменті. Економіка та управління національним господарством. 2023. № 81. С. 51–56. https://doi.org/10.32782/ 2521-666X/2023-81-6
Кравцова Л., Зайцева Т., Камінська Н. Марковські процеси в дослідженні ймовірності кібератак на морському судні. Information Technologies in Education (ITE). 2023. № 3 (52). С. 20–32. https://doi.org/10.14308/ite000763
