Challenges in Maritime Cybersecurity Training and Compliance

The implementation of cybersecurity standards and directives in the maritime sector plays a crucial role in protecting critical maritime infrastructures from cyber threats. The level of protection depends heavily on humans. However, the effectiveness of cybersecurity training and compliance programs, an essential component of these standards, is often hindered by challenges related to the sector’s environment, including the established technologies, practices, and norms. This paper aims to identify these challenges through a literature review and set the basis for more effective human risk minimisation, responses, and training. We identify 18 challenges and validate them with an online survey (N=205) capturing real-world perspectives from maritime-related stakeholders. Our findings contribute to enhancing the effectiveness of maritime cybersecurity training and compliance programs, ultimately strengthening the maritime cybersecurity posture.