Building Cyber Resilience Onboard: Why Technology Alone Isn’t Enough
By Jamie Jones Chief Operating Officer, GTMaritime
With the continued growth of connectivity across the maritime industry, cybersecurity remains a critical priority. As vessels increasingly rely on digital systems for navigation, operations, and communication, the risk of a cyber attack grows—and it’s not just about firewalls and software updates. Building true cyber resilience onboard means going beyond technology to address human behaviour, onboard culture, and training.
At GTMaritime, we’ve run controlled phishing simulations across a variety of vessels. The results were stark: while general industry data suggests phishing simulation tests only deceive 1-2% of users, our test data showed that 15% of maritime users clicked malicious links, and 7% went so far as to submit personal data. These are not just numbers—they’re potential breaches waiting to happen.
What makes maritime particularly susceptible? There are several contributing factors. For one, vessels operate under significant pressure, with crews working to tight schedules and often in high-stakes environments. Frequent crew turnover means teams may lack consistency in cyber knowledge or security habits. This is further influenced by a culture where compliance from those onboard is often prioritised—something that can be a barrier when it comes to recognising and reporting suspicious activity. There’s also a natural reliance on the onboard systems and a belief that the technology in place will catch any threats.
The statistics only reinforce this concern. A recent report, a collaboration by Thetius, CyberOwl, and law firm HFW, found that 93% of seafarers feel underprepared to deal with cyber threats, and 86% of shipowners believe their crews require better training and support. The conclusion is clear: Technology is vital, but it cannot be the whole solution.
Improving cyber resilience at sea starts with education—but not just any training. It needs to be meaningful, hands-on, and grounded in the realities of life onboard. Crew members need to understand not only what a phishing attempt looks like, but what the consequences could be, and how to respond if they encounter one. It’s not enough to deliver this training during onboarding or via a checklist—it must be reinforced regularly, just like any other safety protocol.
Culture, too, plays a vital role. Cybersecurity must become part of the everyday conversation onboard, treated with the same seriousness as physical safety. That means leadership modelling the right behaviours, encouraging open communication, and ensuring security is discussed during handovers and daily operations—not just during incidents and audits.
Monitoring and testing also have an important part to play. Running controlled cyber simulations and penetration tests helps identify potential weak spots and gives companies the chance to support those who may be at higher risk. These exercises shouldn’t be used to single people out, but rather to guide targeted, supportive training and to reinforce the importance of staying alert.
And perhaps most critically, every crew member needs to know exactly what to do in the event of a cyber incident. Having a response plan on paper is not enough. Teams must be familiar with the steps, understand their role, and have rehearsed the process in simulated scenarios. A calm, well-coordinated response can make the difference between a minor issue and a major crisis.
As vessels continue to become smarter and more connected, the stakes will only grow. To meet this challenge, shipowners and operators must embrace a human-first approach to cybersecurity—one that equips their people, embeds resilience into their daily operations, and recognises that even the best technology needs a well-trained crew behind it.
Cyber defence is a key component of maritime security, but its effectiveness depends on the vigilance and actions of your people.