Maritime sector’s cyber risk appetite exceeds their key industries, new report finds

02 January, 2025

The maritime industry’s growing appetite for cyber risk comes at a time when it must also contend with an increasing number of vulnerabilities. According to the report, 71% of the nearly 500 maritime professionals surveyed believe their organisation’s industrial assets are more vulnerable to cyber-attacks than ever before. Similarly, 71% also say that the leaders of their organisations consider cyber security to be the greatest risk facing their business.

“In the maritime industry, we must align our ambitions for digital transformation and decarbonisation with a firm commitment to safeguarding our people, vessels, and the systems we rely on,” says Knut Ørbeck-Nilssen, CEO Maritime at DNV. “Cyber-attacks pose an ever-growing threat to the safety of the maritime industry. We can innovate and lead in ensuring the resilience of our businesses and societies, but this can only be achieved if we truly manage cyber risk.”

As the sector moves towards greater digitisation to improve safety, efficiency, and sustainability, maritime stakeholders—including ship owners, ports, and the entire maritime value chain—are becoming increasingly dependent on connected digital technologies. Key areas where maritime professionals see the greatest opportunities include advanced data analytics, the Internet of Things (IoT), artificial intelligence (AI) and machine learning, high-bandwidth satellite communications, and autonomous operations.

However, while the interconnectivity these technologies provide brings new opportunities, it also heightens the sector’s vulnerability to cyber threats. Despite this, maritime professionals are generally confident in the industry’s ability to manage these risks. More than 80% (83%) of those surveyed say their organisation has a strong cyber security posture, and 71% believe their organisation would swiftly return to normal operations following a cyber-attack.

A major contributing factor to this confidence is that nearly three-quarters (73%) of maritime professionals report their organisation is increasing cybersecurity spending compared to the previous year. Most also believe that their organisation is well-prepared for potential outcomes such as asset downtime, operational disruption, theft of sensitive data, physical injury or loss of life, and the grounding of a vessel.

Despite the increased awareness of cyber risks and growing investment in cybersecurity, there are signs of a false sense of security within the sector. Only 53% of those surveyed are confident their organisation can fully monitor supply chain vulnerabilities, a significant concern given the rise in cyber-attacks targeting supply chains. Additionally, 68% believe their organisation’s IT security is stronger than its operational technology (OT) security—OT systems being those connected to physical assets like sensors, programmable logic controllers (PLCs), and those supporting automation, safety, and navigation. Furthermore, 76% say the cyber security training provided by their organisation is insufficient to defend against sophisticated threats.