Resumen
The maritime sector is a vital component of the global economy. Its international nature supersedes state boundaries and any disruption in its operations could have consequent and collateral global effects, affecting the socio-economic wellbeing of regions, states and peoples. The increasing adoption of digitalisation in the sector, primarily increases efficiency, minimize cost and maximise benefit, while improving safety, simultaneously introduces a new cyber threat landscape. The attack surface has broadened further due to the COVID-19 pandemic, as recent, high-profile cyber attacks to shipping companies have indicated. Cybersecurity is not limited to technology but involves people and business processes. Hence, to mitigate the security risk introduced by cyber threat actors, the industry, like any other, should initially focus on identifying its most critical assets and then adopt risk mitigation measures, spreading from legislative initiatives to company-specific technology solutions. Industry-led initiatives should promote the adoption of cyber-related policies and mechanisms that focus on business continuity. It should be the role of international bodies, classification societies and national authorities to ensure compliance and full implementation of these measures. This paper adopts a System of Systems Analysis to carry out a vulnerability assessment of port and ship ecosystem, while providing insights on the role of the aforementioned entities. Our analysis decomposes the industry?s major assets; ports and ships, to specific subcomponents which are used as the basis of the vulnerability assessment. According to our findings, this approach highlights that the majority of these subcomponents; ports and ships, are increasingly vulnerable to cyber attacks.