The increasing integration of digital systems into maritime operations has introduced new dependencies between shipboard IT and OT environments, exposing critical functions such as navigation, propulsion control, communication, and cargo management to cyber-related risks. While international regulatory 1 instruments require cyber risk management to be addressed within Safety Management Systems, practical implementation at the operational level remains inconsistent. A key limitation identified in both incident analyses and sector studies is the insufficient preparedness of maritime personnel to recognize and respond to cyber incidents. Existing maritime education and training frameworks provide limited coverage of cybersecurity, often treating it as a compliance or awareness topic rather than an operational competence. As a result, seafarers frequently lack system-specific knowledge, procedural guidance, and decision-making support for cyber-related events occurring during normal operations. The CyberSEA project was initiated to address this gap through the development of targeted, practice-oriented training resources for maritime professionals. One of its core outputs is a structured maritime cybersecurity training course designed to support operational readiness by focusing on realistic threat scenarios, procedural response, and the human element of cyber risk management. The course adopts a human-centred and operationally oriented approach, recognizing that seafarers play a critical role in both preventing and mitigating cyber incidents onboard vessels. The specific objectives of the course are to: Increase awareness of maritime-specific cyber threats and vulnerabilities across critical shipboard and shore-based systems; Enable recognition of early indicators of cyber incidents and abnormal system behaviour; Support informed and timely decision-making during cyber-related events; Enhance procedural competence in responding to cyber incidents in alignment with SMS and IMO guidance; Promote a culture of cyber risk awareness and shared responsibility within maritime organizations. A key methodological component was the development of scenario-based learning content 2. Real-world maritime cyber incidents, documented attack cases, and technically plausible hypothetical scenarios were analyzed and transformed into structured training scenarios. These scenarios serve as the pedagogical backbone of the course, ensuring that learning outcomes are grounded in realistic operational contexts rather than abstract technical concepts. The course design aligns with contemporary principles of vocational education and adult learning, emphasizing modularity, contextualization, and applied learning. Learning outcomes were defined to reflect operational roles and responsibilities onboard vessels, ensuring relevance for officers, ratings, and shore-based personnel. The CyberSEA training course is organized into modular learning units, enabling flexible integration into maritime academies, vocational training programmes, and continuous professional development schemes. Each module addresses a specific cybersecurity theme while maintaining coherence within the overall course structure. Core thematic areas covered include: Fundamentals of maritime cybersecurity and the evolving threat landscape; Cyber vulnerabilities in navigation, propulsion, communication, and cargo systems; Human-factor vulnerabilities, including social engineering and phishing; Detection of cyber incidents and anomaly recognition; Procedural response to cyber incidents onboard and ashore; Integration of cybersecurity into Safety Management Systems; Regulatory and policy frameworks relevant to maritime cybersecurity. A distinguishing feature of the course is the integration of hands-on exercises and remote laboratory environments, allowing trainees to engage with simulated cyber threats in a controlled setting. These practical components are designed to reinforce theoretical knowledge and to develop situational awareness, procedural discipline, and confidence in responding to cyber incidents. Assessment activities embedded within the modules focus on knowledge comprehension and scenario-based decision-making rather than purely technical proficiency, reflecting the course’s emphasis on the human element. By combining system-specific risk analysis, scenario-based learning, and applied training methods, the course addresses limitations identified in existing maritime education frameworks. The main contribution of this work lies in translating regulatory requirements and cybersecurity principles into a practical training model tailored to maritime operations. The course design demonstrates how cybersecurity awareness, procedural competence, and human-centered learning can be integrated into a coherent educational framework supporting maritime cyber resilience.
Rodríguez et al. (Mon,) studied this question.