Abstract: The maritime domain is a vast network of cargo ships, crude oil tanks, chemical tankers, container ships, passenger ships, insurance companies, offshore and onshore operators, port operators, national and international authorities, military forces, navigation experts, maritime management, satellite and communication systems, that must work together to prevent maritime cyber-attacks and manage the impacts of attacks when they occur. Ships are increasingly using systems that rely on digitization, integration, and automation, which calls for cyber risk management on and off-shore. As of 2017, there were more than 52,000 merchant ships sailing the Cyber Seas. Despite the increased danger of cyber-attacks on the high seas and in sea ports around the globe, internationally binding cybersecurity regulations for the maritime industry have not been adopted. However, effective risk management in the maritime sector, specifically to identify, assess, detect, respond to and recover has been recently raised by the United Nations International Maritime Organization (IMO) in its 2016 Guidelines on maritime cybersecurity. Technological advances in the shipping industry, such as autonomous ships, drones, robotics, various blockchain applications, and deep level machine learning hold considerable promise for the supply side of shipping. However, there is still uncertainty within the maritime industry regarding possible safety, security and cybersecurity incidents, as well as concern about the diminishing role of seafarers, mostly from the developing world. As the future of technological advances in shipping is expanded, the existing legal, policy and regulatory frameworks must be adapted and new frameworks written, as required, at both the national and international levels. The strategic plan for the International Maritime Organization (IMO) adopted in December 2017 recognizes the need to integrate new and emerging technologies into the regulatory framework for shipping. The evolution of the Belt and Road Initiative in the South China Sea also bear major implications for the shipping and maritime trade, as do recent regulatory requirements governing cyber security and privacy rights in the European Union. Through empirical evidence this paper explores the legal implications including the rights and duties of the maritime industry in protecting against unlawful intrusions into cyber systems, while at the same time advancing recommendations for legal frameworks and regulations essential to ensure safety and security on the Cyber Sea.

Keywords: Maritime security, Admiralty law, cyber security, data...