Maritime suppliers face rising cyber risks, Achilles data shows

More than one in four maritime parts and service suppliers have been found to have high or very-high cyber vulnerabilities, according to new data released by Achilles Network. The findings come as shipowners and operators strengthen their supplier due diligence processes through the integration of Achilles verified ESG and cyber indicators within Procureship’s digital procurement platform.

The long-term partnership between Procureship and Achilles, first announced in March 2025, is now operational. The collaboration brings Achilles verified Sustainability Scores directly into the Procureship system, enabling shipping companies to access third-party-assessed ESG data at the point of supplier evaluation. This move supports stronger supplier selection, enhances supply chain resilience, and helps companies reduce exposure to compliance risks.

More than 1,000 global suppliers underwent a 12-month review assessing risks across environmental, social, governance, and cyber domains. The review revealed that 28% of suppliers carried a high or very-high cyber risk, while over half lacked third party-assured anti-bribery systems, public liability insurance, or information security policies.

Additionally, around 25% of suppliers were found not to measure their greenhouse gas emissions, and more than half were using uncertified carbon systems. On a positive note, nearly half of suppliers were using certified environmental management systems, and about 13% had decarbonisation plans in place.

Grigoris Lamprou, Co-founder and CEO at Procureship, said that understanding suppliers’ ESG capabilities is essential for global shipowners to protect operations and strengthen their sustainability strategies. “By ensuring these data points are now available within Procureship, our users have the confidence to work with suppliers that can strengthen their own business practices and minimise any potential risk,” he added.

Craig Rodgerson, CEO at Achilles, noted that the industry is increasingly relying on data-driven insights to manage environmental and cyber vulnerabilities. “By embedding this type of data into the Procureship platform, users can gain early warnings of potential supplier vulnerabilities, enabling them to shift their risk management from reactive to predictive,” he said.

Procureship now displays Achilles verified data in supplier profiles and search results, allowing buyers to view Achilles scores instantly during quotation evaluation. This integration helps users source products and services that meet their operational and compliance requirements, supporting more informed procurement decisions across the maritime sector, including in India, where shipowners and logistics operators are adopting stricter supplier vetting standards in line with global best practices.