Building cyber-resilience in maritime transport: A stakeholders’ perspective on mitigation measures

Cybersecurity risks are becoming a major concern in the maritime industry due to the increasing reliance on information technology and operational technology systems. This paper aims to develop a new methodology to evaluate the effectiveness of risk control measures (RCMs). Six criteria influencing the choice of cybersecurity RCMs are identified through literature review. Expert opinions are used to assess major cybersecurity RCMs using the fuzzy TOPSIS (Technique for Order Preference by Similarity to Ideal Solution) method. The methodology prioritises the most viable RCMs using primary data collected from 100 experts. The findings indicate that the most effective cybersecurity control measures based on stakeholders’ opinions are “Effective Antivirus software management,” “Management of network devices,” and “Developing a cybersecurity strategy.” This paper contributes to maritime cybersecurity policy guidance by providing experimental evidence and offers a new decision tool to aid stakeholders in selecting the most suitable measures to address the relevant risks.