SmartSea advocates for cross-sector collaboration to ensure maritime cybersecurity keeps pace with green technology

As the global shipping industry races to decarbonise and digitalise, Simon Fotakis, Director of Technology Sales at SmartSea, powered by SITA, and a Certified Information Services Security Professional (CISSP) is calling on the industry not to forget about the importance of cybersecurity.



Despite increasing digital integration, the maritime sector remains highly vulnerable to cyber threats, many of which target poorly protected onboard IT systems rather than core navigation or propulsion infrastructure.

“The truth is, cybersecurity still lags behind where it needs to be,” says Mr Fotakis (pictured). “We’re seeing advanced ships with cutting-edge green tech but often connected to weak IT infrastructures that are vulnerable to exploitation, espionage, and sabotage. Many in the maritime industry still treat cybersecurity as a checkbox instead of a core capability. It’s a dangerous disconnect from reality as a single intrusion could cripple a fleet and erase years of progress.”

According to BIMCO, more than 80% of shipowners have experienced a cyberattack in the past three years and the average cost of a maritime cyberattack is estimated at $3.1 million. Despite this, only 31% of maritime companies say they have a high level of cybersecurity preparedness and phishing remains the top attack vector, responsible for 91% of successful breaches in the industry.

Whilst high-profile attacks tend to focus on navigation or automation, email systems, laptops, onboard servers, and business software, typically less well protected, are the real soft targets.

These systems are often directly connected to shore-side networks, providing threat actors with convenient entry points. As Mr Fotakis points out: “Attackers don’t always go for the bridge. They go for the inbox!”

To protect maritime assets from espionage and long-dwell intrusions, SmartSea employs a layered cybersecurity framework. Its Managed Detection and Response (MDR) service includes Extended Detection and Response (XDR) agents across vessel and shore-side infrastructure, with all logs centralised into an AI-powered Security Information and Event Management (SIEM) system.

These tools feed into a dedicated 24/7/365 Security Operations Center (SOC), capable of detecting even the most sophisticated “low-and-slow” attacks that evade traditional defences.

SmartSea also helps clients defend against state-sponsored actors by training crew and staff to spot phishing and social engineering tactics as well as implementing strict access control and multifactor authentication. This is combined with deploying next-generation email and endpoint security solutions and performing cyber maturity assessments that uncover hidden vulnerabilities across onboard and shore-side environments.

To tackle the growing threat of cyber espionage and nation-state attacks, SmartSea is calling for deeper collaboration between shipping companies, insurers, and cybersecurity providers.

“There is a need for real-time intelligence sharing across the maritime supply chain, joint incident response planning with live scenario testing, and insurance models that reward genuine cyber maturity rather than ticking compliance boxes”, says Mr Fotakis.

He also advocates for the development of secure-by-design technologies from the outset, rather than retrofitting security measures.

“Cybersecurity isn’t just an IT issue, it’s a business and reputational risk,” he says. “As the industry goes green and more digitally focused, we must also be more protective of our IT systems onboard or risk losing it all.”