Onboard Maritime Cyber Security

The Project

The problem: Non-technical ship crews struggled with cybersecurity threats, leading to high compliance deviances and distrust between shore IT teams and onboard personnel

CyberOwl is a Cyber Security company headquartered in the UK, offering cyber risk monitoring and resolution for the maritime industry globally.

As Lead Product Designer at CyberOwl, I designed the onboard maritime cybersecurity platform that bridges the gap between technically proficient shore IT teams and non-technical ship crew. The core challenge: how do you democratize cybersecurity when your end users fear 'breaking something' and your stakeholders don't trust them to act independently?

For: CyberOwl

My Role: Product Designer

Tools: Figma, Sketch

FOCUS AREAS:

 

Multi-Stakeholder Design

Security/Compliance UX

User Research

UI Design

Behaviour Change Design

 

 Results

This product achieved a reduction of 71% of compliance deviances on average across our customer base.

"Just-in-time" notification system created continuous training moments, improving crew cyber awareness without formal training sessions.

Positive feedback from both shore IT teams (increased trust in crew) and crew members (increased confidence in taking action)

The challenge:

Cyber Security is a complex field that requires technical knowledge in IT and cyber risks. In the maritime industry, vessels are at risk of cyber incidents that could bring a vessel to a halt. Often times, the crew needs to be involved to help the shore team resolve the issue. However, the communication is manual (email, texts, back end forth) and the crew lacks the knowledge to feel confident in taking action. Those create a reluctance from both sides (shore and crew) to delegate, but still having the need for collaboration. Adding to the complexity, cyber policy deviances are at the top of the risky behaviour from the crew. Helping them understand the consequences of risky behaviour would alleviate the potential breaches.

The approach:

I started this project with speaking to our customers (IT shore) to understand the process of incident resolution and involvement of the crew. Those interactions were critical in thinking about the challenge at hand because the customers on the shore are the final decision makers when it comes to the choice of communication, the degree of delegation and the visibility needed for them to feel comfortable that the product will ease their processes.

I then conducted interviews with crew members to gain insights into their own challenges when dealing with Cyber Security.

The outcome:

The results from those conversations showed the lack of cyber knowledge was an hindrance to better collaboration: the crew didn’t want to take on those responsibilities by fear of doing something wrong; the shore didn’t trust the crew to make these issues a priority nor to understand potential risky behaviours that could be prevented rather than reacted. Communication was another important challenge, from the means of communication to the content of it. Tools such as emails or texts are often used, making it extremely cumbersome on both sides. The need for clear instructions for each party to feel confident in understanding, taking actions or delegating was another obstacle, due to the time involvement and the understanding of information.

The solution:

Providing a platform available onboard the vessels for shore to push incidents that crew could tackle, with simple steps to follow for resolution, adding notes and history to improve communication was the first step to redefine the workflow of those interactions. The second step was reinforcing the knowledge of Cyber Security onboard with a system of “just in time notifications”. A system of desktop notification would highlight the crew at the point of breach that this behaviour was risky and increase their awareness.

The Research

 

Starting the research, I focused on shore IT conversations for several reasons: their engagement in cyber hygiene is greater than the crew’s; the final controls are in the hands of the IT team, they are the ones who implement policies and make decisions for a safe and compliant process; finally, they are the ones who make the final commercial decision and hold the budget.

That being said, because the crew would be the end user I also wanted to understand their mindset and challenges. I therefore conducted several interviews with crew members.

User Interviews; Quantitative Survey; Prototyping

User interviews

Phase 1.

The first phase of my research focused on the IT team on shore. Being the ones implementing rules and policies, it was important to understand their point of view and challenges. In the course of 4 weeks, I spoke to several personas, from operational IT to management.

The results:

  • Lack of trust in the crew to know what to do

  • Perceived lack of engagement of crew in cyber security

  • A captain’s ego is a tool to engage a healthy competition to be on top

  • Training is an exercise done once a year and stays high level

Phase 2.

Having spoken to the shore teams, my next step was to get insights from the crew itself to understand their challenges but also to gauge their level of engagement in this topic.

The results:

  • Crew is responsible for many tasks in their day to day and their main focus is on getting the vessel from point A to point B safely

  • Their knowledge of IT is limited, hence they either perform tasks that are risky (i.e. non compliant behaviours) or simply don’t want to touch IT related topics by fear of reprimand or “breaking something”

    • This is however nuanced by factors like nationalities and age group of crew members - younger crew members feel mre comfortable with IT

  • Understanding of cyber security and compliant behaviour remains low despite training

  • Support and clear instructions is needed to feel comfortable in engaging in the topic

The Solution

The dashboard puts the crew member at the centre. A personalised greeting and a "since you were last here" feed make the screen feel like their tool, rather than a console borrowed from shore IT.

Three categories (Devices you connect, Online activity, and Vessel software) are presented to the crew. The names reflect how a crew member actually experiences the vessel: things they bring aboard, things that come in from outside, and the systems already running. Shore can still control what appears in each.

The fleet rank widget taps into a pattern I heard repeatedly in captain interviews: "a captain's ego is a tool". It pairs that competition with positive reinforcement through a weekly trend.

 

Each alert opens with a short video as the hero element. It answers both questions a crew member has in the moment: why is this risky, and what do I do about it?; in two minutes, with captions, in plain English.

The videos themselves are produced with AI-generated avatars (tools like Synthesia or HeyGen). This is what makes the format viable: every threat type gets its own walkthrough rather than a single generic explainer, content updates ship in hours rather than weeks, and every video re-renders into the crew's preferred language with the same familiar presenter.

Below the video, a plain-language recap acts as a job aid rather than a substitute. Replacing dense IT documentation ("Check the File Explorer... check the Task Manager...") with three concrete steps written in crew voice closes the gap between knowing what to do and feeling confident enough to do it . The core trust issue surfaced in research, on both sides.

Shore can still customise the steps and curate what each customer's crews see.

 

From my research, it was clear that knowledge in cyber security was a challenge for both parties, leading to behaviours putting the vessel’s IT at risk and for a mistrust to be installed.

The next step was hence to address this challenge by introducing a continuous training.

I introduced a desktop pop-up at the point of "bad behaviour", triggered by non-compliant actions defined by the shore team. These short notifications explain why the behaviour is risky and what the company's policy is, turning every breach into a ten-second training moment rather than an after-the-fact incident.

Continuous, in-context exposure outperformed once-a-year formal training: some customers saw non-compliant behaviours drop by 50% within months of rollout.

Reflection & Impact

This project reinforced a principle that now guides my approach to multi-stakeholder products: the best solutions don't pick sides—they create alignment.

The tension between shore IT (wanting control) and crew (needing autonomy) could have resulted in a compromise that satisfied neither. Instead, by designing features that served both needs—checklists that gave crew clear instructions while allowing IT to customize them, notifications that educated crew while reducing shore's support burden—we created a solution where both stakeholders won.

What changed after launch:

  • The "just-in-time notification" pattern became CyberOwl's standard for behavior change features across the platform

  • Customer Success reported that shore-crew trust improved measurably—a qualitative win that drove renewal conversations

  • The design framework influenced how we approached two subsequent features with similar multi-stakeholder dynamics

What I'd do differently: I would have tested the notification frequency and tone more rigorously. Some crews found the pop-ups helpful; others felt they were intrusive. A/B testing different cadences could have optimized engagement further.

The principle I carry forward: In B2B products, your real user is often the relationship between two people—and the best designs strengthen that relationship rather than replacing it.

Next

Research-Driven Loyalty Program Redesign for Nespresso