New analysis published by the World Economic Forum (WEF) argues that as ports become increasingly digitized and interconnected, their exposure to cyber risk is no longer confined to individual operators but extends across maritime ecosystems. The article highlights how traditional, siloed security approaches are proving inadequate against threats that move laterally across supply chains, prompting a shift toward ‘collective cyber defence’ models in which port authorities, logistics firms, and government actors share intelligence, coordinate responses, and jointly manage risk.
“Automated terminals, smart infrastructure and real-time data platforms are transforming not only how goods move through ports but also how the wider industrial ecosystem coordinates operations, manages energy and uses shared infrastructure, making ports more efficient and interconnected,” Marijn van Schoote, FERM managing director / former CISO PoR at the Port of Rotterdam; Irene Varoli, lead for Transitioning Industrial Clusters at the WEF, and Chiara Barbeschi, specialist for cyber resilience at the WEF, wrote in a post last week.
At the Port of Rotterdam, advanced port-call optimization and shared data platforms are enabling more predictive, coordinated operations. This improves vessel arrival accuracy, cuts waiting times by up to 20%, and allows earlier optimization of berths, equipment deployment, and hinterland connections before congestion builds.
But deeper digital interdependence also widens the attack surface. A disruption in one system can quickly cascade across port operations, industrial partners, and inland transport networks.
At the same time, threats are becoming more targeted and sophisticated, often with geopolitical drivers. Maritime cyber incidents reportedly rose by 103% in 2025, with attackers exploiting port operating system vulnerabilities, launching denial-of-service attacks on infrastructure, and deploying ransomware against major terminals.
Drawing on lessons from the Dutch initiative, the post underscores that collaboration is emerging as a strategic necessity rather than a voluntary add-on. By pooling threat intelligence and aligning response mechanisms, stakeholders can strengthen resilience across critical trade infrastructure and ensure continuity of global supply chains. The approach signals a broader shift in industrial cybersecurity, where shared responsibility and coordinated defence are becoming foundational to protecting economic lifelines in an increasingly complex threat landscape.
The post identifies that growing digital interdependence also expands the cyber-attack surface. “A disruption to one system can rapidly propagate across port operations, industrial partners, and inland transport networks. Simultaneously, cyber threats are becoming more targeted and sophisticated and can be geopolitically motivated. Maritime cyber incidents reportedly increased by 103% in 2025, with vulnerabilities in port operating systems exploited, denial-of-service attacks targeting infrastructure and ransomware hitting major terminals.”
They cited that when ransomware encrypts terminal operating systems during a cyberattack, container handling can come to a standstill, triggering costly delays and ripple effects across global supply chains.
The Netherlands’ response provides a solid case study for increasing port resilience to protect national and European prosperity.
Ferm Seaports brings together the five major Dutch ports and over 1,000 companies operating across them, built on the premise that cybersecurity is a shared responsibility, not a competitive edge. The initiative sits under the Joint Cyber Strategy for Dutch Seaports, developed by the ports in collaboration with the Branche Organisatie Zeehavens, the Ministry of Infrastructure and Water Management, and the National Coordinator for Security and Counterterrorism.
The logic is straightforward. Ports may compete commercially, but they cannot afford to compete on cybersecurity. Threats do not follow organizational boundaries, operational silos, or market lines, and effective defence cannot either.
Ferm focuses on three primary organization groups, supported and facilitated by relevant public partners and stakeholders.
The first group comprises those organizations that are foundational to the safe handling of maritime traffic, such as Vessel Traffic Services operators and mooring service providers. This is the most critical process within the port chain, enabling the flow of goods, logistics and industrial production, with consequences that extend across the port ecosystem and beyond.
The second group includes organizations that form critical chains for the continuity of the Dutch economy and the European hinterland, such as terminal operators and chemical companies. Ferm has mapped these critical chains to identify where disruptions would have the greatest economic and societal impact.
The third group includes all port-related organizations that may not be formally designated as critical but play an important supporting role in daily port operations. These include shipping companies, ship builders, nautical service providers, and non-maritime organizations within the port.
The Ferm initiative shows how ecosystem-level collaboration strengthens cyber resilience in ports and in the interconnected industrial systems that depend on them.
Since Rotterdam, the initiative has expanded to four additional Dutch seaports. While more than 1,000 companies operate across these ports, Ferm directly connects around 80 organizations through structured coordination and information sharing. It identifies an average of 15 vulnerable systems and issues approximately two urgent security advisories per week, demonstrating the scale of exposure and the value of coordinated monitoring and response.
Its success lies in a clear, shared vision, strong top-management commitment, and sustainable, long-term funding partnerships, with the initiative supported and financed by the five Dutch seaport authorities. The lessons extend beyond ports, as industrial clusters become more digitized, collective cyber resilience becomes a structural necessity. Initiatives such as Ferm demonstrate how collaboration, rather than competition, can become a strategic asset for safeguarding the continuity of critical economic lifelines.
Earlier this month, the WEF observed that cyber resilience is being reframed as a forward-looking discipline rather than a reactive function, as industrial organizations confront a surge in AI-enabled attacks, deepening digital interdependencies, and expanding third-party risk exposure.
