Abstract

Cyberattacks on European ports have increased recently, especially since the war in Ukraine. Public and political concerns exist about ports becoming victimized by state-sponsored cyberattacks. As ports depend heavily on interconnected technology, attacking a single port facility damages the entire port sector and other connecting sectors. Cybersecurity literature acknowledges that these attacks are often a result of human behaviour, making humans the weakest link in the cybersecurity chain. Specific knowledge on how human behaviour and cognitive constraints relate to (awareness of) cyberattacks on ports remains undeveloped. This article therefore considers the status quo of cyberthreat awareness within the Port of Rotterdam and North Sea Canal Area/Port of Amsterdam as important European gateways to discover how awareness of cyberthreats and attacks relates to ports’ cyber-resilience. Interviewed (port) security experts and employees argued the lack of cyberthreat awareness is caused by 1) rapid technological developments in a traditional sector, 2) cybersecurity versus economic interests and 3) inactive partnerships.