In response to the increasing threats from increasingly frequent cyber attacks in the maritime transport and industry, the international maritime organization IMO has published “Guidelines on Maritime Cyber Risk Management”.

The aforementioned guidelines were published on 07/05/2017 by Circular MSC-FAL.1/Circ3. Through them, IMO includes certain cybersecurity requirements and issues in the International Maritime Safety Management Code (ISM Code) as a mandatory element as of January 1, 2021.

One of the requirements of these guidelines is to ensure the training of seafarers in the field of cyber security. In this regard, Nikola Vaptsarov Naval Academy (NVNA) in Varna launched “Cybersecurity for seafarers“ courses:

- Course 1: Maritime Cybersecurity Essentials - Cyber Hygiene at Sea

- Course 2: Maritime Advance Cybersecurity - Cybersecurity at Sea

- Course 3: Maritime Cybersecurity Management

The recommended course order of completion is Course 1, followed by Course 2 and Course 3. The courses aim to provide learners with the knowledge, skills, and practical experience to enable them to contribute to the safety of shipping, life, and health of people on board, protecting the marine environment from pollution and property at sea, by mastering theoretical knowledge and practical skills in the field of cyber security.

The “MARITIME CYBERSECURITY ESSENTIALS – CYBER HYGIENE AT SEA” course is purposed for the lowest level of executive onboard staff and employees of shore enterprises, related to the measures of cybersecurity of onboard ship and ashore systems. Additionally, this course is suitable for any member of the ship staff, providing fundamental knowledge and skills for the completion of day-to-day tasks with an increased level of cybersecurity.
This course contains the following educational modules:
- Cyber threats and vulnerabilities in the maritime industry
- Protection of personal devices
- Critical data protection
- Safely browsing the network
- Cybersecurity for mobile devices
The duration of this course is 32 classes. Each of the educational modules contains between 2 to 4 separate themes with corresponding lections and practical classes.
The “MARITIME ADVANCE CYBERSECURITY – CYBERSECURITY AT SEA” course is aimed at people with technical knowledge and competence, who have been tasked with administering onboard IT and OT systems. Unlike the previous level of cybersecurity courses, this one is of service to administrators and cybersecurity officers aboard. Personnel involved with planning onboard cybersecurity systems, as well as communication systems between sea and shore, can find this level of the course helpful.
This course contains the following educational modules:
- Cybersecurity of the ship’s IT and OT systems
- Cyber-attacks at sea and their mitigation
The duration of this course is 16 classes. Each of the educational modules in question contains 3 or 4 separate themes with corresponding lections and practical classes.

The “MARITIME CYBERSECURITY MANAGEMENT” course is aimed at staff, who are responsible for creating cybersecurity procedures and their application in ship companies. This course partly overlaps with the previous, which will allow different level staff to easily re-qualify.
This course contains the following educational modules:
- Cyber-attacks at sea and their mitigation
- Management of cybersecurity at sea
The duration of this course is 16 classes. Each of the educational modules in question contains 4 separate themes with corresponding lections and practical classes