The first NIS360 report published by the European Union’s cybersecurity agency (ENISA) on March 5, takes stock of the cybersecurity maturity level in key sectors. Among these, the maritime sector, which includes port authorities and operators managing maritime and inland ports, is a branch that requires particular attention. Indeed, this sector is classified as one whose maturity is still struggling to surpass criticality, placing it in ENISA’s “risk zone.”
The report observes that several factors contribute to this reality, including continued reliance on existing systems and the lack of adequate, concrete, and coordinated guidelines. It is important to note that positive initiatives exist, such as the provisions included in the Handbook Guidance on Maritime Security for Member States’ Competent Authorities published by EMSA in 2024. However, these do not provide specific guidance on implementing the NIS2 Directive within the maritime sector.
Finally, ENISA’s NIS360 report stresses that in a global landscape in which digital transformation is making navigation in the maritime and port ecosystem ever more difficult and riskier, structured cooperation, tailored guidelines, and support for appropriate preparation are absolutely essential.
The report can be accessed here.
Sources: European Union Agency for Cybersecurity; European Maritime Safety Agency.
