2:00-3:30

Coronado room

Security Beyond Compliance: How Cyber and Social Engineering Threats Could Circumvent Your Physical Security

As maritime facilities continue implementing the Maritime Transportation Security Act (MTSA) cybersecurity requirements, many organizations remain focused on regulatory compliance rather than operational resilience. Yet today’s adversaries increasingly exploit the convergence of cyber vulnerabilities, publicly available information, and human behavior to bypass traditional physical security measures without ever breaching a fence line.

This workshop examines how sophisticated threat actors can leverage social engineering, phishing, spoofed communications, operational reconnaissance, and cyber enabled deception to circumvent access control procedures, manipulate trusted personnel, and gain unauthorized access to sensitive maritime environments. Drawing from real-world observations, maritime exercise development, and security assessments conducted across ports and critical infrastructure facilities, the session will demonstrate how vulnerabilities often emerge not from failures in technology, but from gaps between policy, operational execution, and organizational culture.

Through relevant case studies and real-world maritime security examples, the speakers will examine how adversaries exploit fraudulent access requests, compromised communications, social engineering, and publicly available operational information to circumvent physical security measures. The workshop will highlight how compliance-driven security programs, without strong operational validation and workforce awareness, can create exploitable vulnerabilities across maritime transportation systems.

Rather than focusing solely on regulatory checklists, this session emphasizes a resilience-based approach to maritime security; one that integrates cybersecurity, physical security, operational coordination, workforce awareness, and leadership decision making into a unified defensive posture. Attendees will leave with actionable strategies to:

• strengthen validation procedures,
• improve frontline decision-making,
• enhance cyber-physical coordination, and
• better align security investments with operational risk realities.

This workshop is designed for maritime executives, Facility Security Officers (FSOs), port operators, government stakeholders, military personnel, and security professionals responsible for protecting critical maritime infrastructure in an increasingly converged threat environment.