Introduction
There is widespread recognition that cybersecurity vulnerabilities make the maritime transportation system a soft target. For example, about 10 years ago, a European Union study found “inadequate preparedness regarding cyber risks” in the maritime sector. In 2013, a U.S. Presidential Executive Order announced that cyber threats continue to grow as one of the most serious security challenges for critical infrastructure, such as port facilities. A few years later, an International Maritime Organization (IMO) resolution acknowledged the “urgent need” to address maritime cyber threats. Just a few days after that IMO resolution, Maersk, the global shipping company, suffered a major cyberattack, leading its chairman to admit in an interview that the maritime industry had been naïve with cybersecurity and needs “radical improvement.”