Ports handle nearly 80 per cent of global trade by volume and have evolved into far more than just physical gateways for ships and cargo. Modern ports now operate as highly digital ecosystems where port authorities, terminal operators, customs agencies, shipping lines and logistics providers rely on shared electronic platforms and real-time data exchange.While digitisation has improved efficiency and transparency, it has also exposed ports to growing cyber risks. A cyberattack today can disrupt cargo movement, halt vessel operations, disable critical equipment and create ripple effects across supply chains and national economies.These dangers are highlighted in the World Bank report, Cybersecurity in ports: Shifting from risk to resilience. Based on a global survey of more than 100 port stakeholders, expert interviews and extensive research, the report identifies major policy, operational and capacity gaps, particularly in low- and middle-income countries.The study found a significant cyber resilience gap between advanced economies and developing regions. Ports in high-income countries showed better incident reporting systems, regular cybersecurity training and more frequent risk assessments.In contrast, ports in many developing countries continue to face shortages in technical expertise, outdated systems and weak cyber preparedness.The report stresses that cybersecurity in ports is now inseparable from operational resilience.As ports adopt ‘Port 4.0’ technologies and integrate information technology (IT) with operational technology (OT), cyber incidents can affect not just office systems but also vessel movements, cargo handling and automated equipment, such as robotic cranes and guided vehicles.The financial impact is also growing. The average cost of a cyber incident in the maritime transport sector reached $5,50,000 in 2023, thrice that in 2022, while average ransom demands stood at $3.2 million.The World Bank says improving cybersecurity does not necessarily require entirely new institutional structures. Ports already have operational risk management systems, vendor oversight mechanisms and business continuity plans that can be adapted to include cybersecurity.The report recommends establishing clear cybersecurity frameworks, updated inventories of physical and digital assets, regular risk assessments and testing of recovery plans through drills and simulations.Published on June 1, 2026