“Seaports are vital hubs for global trade, national security, and economic stability, yet they face growing cyber threats due to increased interconnectivity, legacy systems, and evolving cybercrime tactics. A cyberattack on a port can disrupt supply chains, impact economies and societies, and create security risks,” said Liina Areng, Director of LAC4. “This workshop was an important step toward strengthening maritime cybersecurity in the region by fostering collaboration, sharing expertise, and implementing best practices.”
The Importance of Maritime Cybersecurity
Maritime security is a multifaceted domain, encompassing everything from the physical security of port facilities and vessels to the prevention of piracy, smuggling, and environmental threats. However, one of the most rapidly evolving and potentially disruptive aspects of maritime security is cybersecurity. The growing digitalisation of port operations and the reliance on interconnectivity are creating possible vulnerabilities. As crucial nodes in global supply chains, ports cannot afford to underestimate risks in cyber space. A breach could lead to financial losses, operational disruptions, and national security threats. Strengthening the cybersecurity posture of ports is, therefore, not just a national concern but an international imperative, thus it must be a shared priority internally and internationally for public authorities and private operators.
Empowering Cybersecurity Authorities
The workshop provided participants with a comprehensive understanding of maritime cybersecurity, focusing on threat landscape, risk management, national coordination in incident response and implementation of cybersecurity standards to help mitigate cyber risks effectively and enhance regional cybersecurity capacity. By leveraging international best practices and case studies, the training addressed the unique cybersecurity challenges faced by ports in the region. The training included a variety of exercises that allowed the participants to integrate their learning with prior experience through group discussions and practical challenges.
The fourth day was dedicated to a practical table-top exercise for Ecuadorian participants, focusing on national cybersecurity coordination. As a result, participants were equipped with the knowledge and tools to develop robust cybersecurity strategies tailored to their ports. The event also fostered inter-agency collaboration and strengthened regional cooperation, contributing to a more secure maritime infrastructure in Ecuador, Peru, and Colombia.
The training was built on key findings from the Cybersecurity in Maritime Critical Infrastructure: Reflections on African Ports report from the CRIMSON project and the Security in the Port of Guayaquil report by the European Commission.
The European Union and the Government of Ecuador have maintained a strategic relationship in security cooperation for year. This training is a part of the EU’s commitments made in the Technical Security Roundtables (Mesas Técnicas de Seguridad), based on recently implemented projects and studies. This training reaffirmed the mutual commitment to build more robust and resilient security systems, addressing critical challenges such as cybersecurity in ports. EU’s regional programmes such as EU CyberNet seek to strengthen the capacities of national institutions to strengthen their resilience to cyber threats.
The training was led by Sergio Bryton and Jose Callero, maritime and cybersecurity experts from EU CyberNet Expert Pool and co-organised by CEDIA (Ecuadorian Corporation for the Development of Research and the Academy) and the Delegation of the European Union to Ecuador.