Maritime transport is a crucial activity for the European Union economy. It enables import and exports of goods, supply in energy, trade within the European Union and transport of passengers and vehicles. This activity relies on more than 1 200 seaports within the European Union, each with different organisation, interests, challenges and activities. The global digitalization trend and recent policies and regulations require ports to face new challenges with regards to information and communication technology (ICT). Ports tend to rely more on technologies to be more competitive, comply with some standards and policies and optimize operations. This brings new stakes and challenges in in the area of cybersecurity, both in the Information Technologies (IT) and Operation Technologies (OT) worlds. This report identifies those challenges, in relation to critical operations, stakeholder's ecosystem and assets identification. It then lists the main threats posing risks to the port ecosystem and describes key cyberattack scenarios that could impact them. This approach allowed the identification of security measures that ports shall put in place to better protect themselves from cyberattack. The main measures identified are described below and intend to serve as good practices for people responsible for cybersecurity implementation in Port Authorities and Terminal Operators (e.g. CISOs, CIOs etc.): - Define a clear governance around cybersecurity at port level, involving all stakeholders involved in port operations. Indeed, many companies are involved in port operation (port operators, Port Authority, pilotage company, shipping companies, etc.), it is crucial to ensure they are all involved in cybersecurity matters and aware about how they participate to the global port operation security. · Raise awareness of cybersecurity matters at port level and infuse a cybersecurity culture. Indeed, the maritime sector is historically very aware of safety and security matters, but it seems cybersecurity is not fully integrated yet in stakeholders' minds. This measure shall be combined with training, to ensure proper understanding of cybersecurity matters and ability to enforce it in daily operations. · Enforce the technical cybersecurity basics, like network segregation, updates management, password hardening, segregation of rights, etc. In the context of OT, with legacy systems that usually cannot be updated, network segregation and password protection are key to ensure a correct level of cybersecurity. - Consider security by design in applications, especially as ports use many systems, some of which are opened to third parties for data exchange. Any vulnerability on those systems can be a gate to compromise the port systems. · Enforce detection and response capabilities at port level to react as fast as possible to any cyberattack before it impacts port operation, safety or security. Ports can rely on simple detection measures such as alerts when a specific action is done (authentication attempt on a very critical asset for example) or search for Indicators of Compromise (IOC), or on more comprehensive, using machine learning to correlate information and identify compromising patterns. Such initiatives have already started to rise within ports ecosystem.