Why Trust and Continuity Matter

Recent trust surveys show that public confidence in both government and business has declined, with many people believing institutional leaders are not honest with them. The 2025 Edelman Trust Barometer, for example, highlights a “crisis of grievance,” in which large segments of the population feel left behind and are more inclined to distrust complex policy and technology initiatives.[2]​

This erosion of trust is particularly dangerous at a time when artificial intelligence, quantum technologies, and advanced biotechnologies are central to economic and military competition. A report submitted to Congress by U.S.–China policy experts emphasizes that both countries now treat these technologies as strategic industries, tying them directly to national power and long-term security.[4]​

Building Durable Relationships with Legislators

For technology companies, increasing national trust starts with treating Congress as a long‑term strategic partner, not simply as an annual budget gatekeeper.[4]​

• Institutionalize bipartisan technology engagement: Firms can create recurring, nonpartisan briefings and workshops with relevant committees to explain how artificial intelligence (AI), quantum, cyber, and bio tools affect national resilience, economic competitiveness, and workforce opportunity. By engaging members and staff from both parties, companies reduce the perception that emerging technologies are aligned with a single political faction.[5]​
• Lead with ethics, safety, and security: Research on public attitudes toward AI suggests people are more supportive when they see clear safeguards, transparency, and accountability mechanisms within the tech industry. Companies can build trust by proactively presenting their AI safety frameworks, data-protection policies, and supply‑chain security measures, aligning them with federal guidance and international norms on responsible technology use.[6]​

Securing Sustained Funding for Critical Technology

Trust is reinforced when technology programs are clearly tied to enduring strategic missions and supported through stable, multi‑year funding rather than fragile pilots.[5]​

• Connect capabilities to mission portfolios: Instead of scattered line items, technology programs can be organized into mission‑driven portfolios—such as quantum‑resilient communications, AI‑enabled national preparedness, or biosecurity infrastructure—that span research, prototyping, and deployment over several years. Multi‑year authorizations and appropriations make it harder for any single administration to abruptly cancel essential capabilities.[4]​
• Use innovation tools that protect both government and industry: Policy analyses highlight the value of mechanisms like Other Transaction Authority and structured public‑private partnerships to bring nontraditional vendors into national security and infrastructure work more quickly. By pairing these tools with clearer intellectual property protections and streamlined oversight, legislators can encourage top-tier tech firms to stay engaged in sensitive missions over the long term.[8]​

Embedding Technology in Law, Not Just Budgets

To prevent critical technologies from being swapped out with each political shift, their roles must be written into statute and tied to democratic oversight.[9]​

• Statutory roles for key technologies: Laws governing defense planning, critical infrastructure, and economic security should explicitly call for the use of AI, secure digital infrastructure, and advanced analytics in defined mission areas, such as threat detection, disaster response, and supply‑chain monitoring. Once these roles are codified, dismantling them requires visible legislative action rather than quiet executive changes.[9]​
• Multi-stakeholder governance in legislation: Legislated advisory councils and oversight boards that include government, industry, academia, and civil society should supervise high-impact technologies and publish regular reports. This structure signals that powerful tools are subject to ongoing, pluralistic scrutiny rather than being controlled solely by political appointees or corporate executives.[10]​

Quantum Networking Testbed Infrastructure

The National Defense Authorization Act (NDAA) put forth by Congress each year does not typically use a single, generic phrase like “quantum networking testbeds” in isolation; instead, it authorizes and directs specific programs and experiments that collectively constitute quantum networking testbed infrastructure. Several provisions and related authoritative documents are especially relevant to the future of quantum technology growth.

A Senate Armed Services Committee fact sheet on the fiscal year 2024 NDAA highlights language that “authorizes increased funding for a distributed quantum networking testbed” and the development of a next-generation ion‑trap quantum computer at the Air Force Research Laboratory (AFRL). While the fact sheet summarizes rather than reproduces the statutory text, it makes clear that Congress explicitly authorized a distributed quantum networking testbed as part of the defense Research, Development, Test, and Evaluation (RDT&E) portfolio.[12]​

Within the fiscal year 2025 NDAA, Congress, “authorizes funding to create a ‘quantum communications corridor’ as part of Navy research, development, test, and evaluation.” This is an explicit description of support for a testbed or network to advance quantum communication research so the Navy and the Department of Defense (DoD) can securely transmit information resistant to quantum computer decryption.[15]​

Other recent NDAA cycles also include broader direction that reinforces these testbed authorizations, such as requirements for DoD to establish pilot programs for promising quantum computing capabilities and to identify near‑term use cases that can be fielded within two years. These provisions do not always use the word “testbed” in the operative clause, but they direct the department to stand up experimental infrastructure and pilots that, in practice, operate as quantum networking and computing testbeds for defense applications.[16]​

In parallel, the National Quantum Initiative framework and associated Department of Energy (DOE) efforts describe quantum networking testbeds as shared infrastructure for entanglement distribution and quantum communications, and Congressional action has repeatedly referenced these federal testbeds and network efforts as part of the broader quantum information science ecosystem that the DoD can leverage.[13]​

Ensuring key technologies not only protect the nation but are also provided with substantial investment and economic promise is a necessity for companies to further their developmental efforts. Demonstrating that quantum technologies are viable for multiple applications—within internal defense and external partnerships—is one possible solution as tech companies become increasingly concerned with the long-term payoff of their test bed programs. For now, defense authorization bills appear to be the most forward leaning avenue supported by government, but the long-term stability of this method has yet to be validated.

How This Approach Builds Public Trust

When the tech industry engages both parties and chambers in Congress, supports multi-year statutory programs, and accepts meaningful oversight, it demonstrates that emerging technologies are being developed within a framework of law, ethics, and long-term national interest. In such a system, citizens can see that AI, quantum computing, and other advanced capabilities are not partisan experiments or purely profit-driven ventures, but part of a durable national strategy subject to democratic control.[2]​

The tech sector can both strengthen U.S. strategic competitiveness and contribute tangibly to rebuilding public trust in government by positioning itself as a co-steward of national resilience, helping design governance mechanisms, committing to transparency, and working with legislators to hard‑wire critical technologies into law and funding.[5]​

Sources:

1. https://www.edelman.com/trust/2025/trust-barometer
2. https://cooleypubco.com/2025/02/11/2025-edelman-trust-barometer-grievance/
3. https://www.edelman.com/news-awards/2025-edelman-trust-barometer-reveals-high-level-grievance
4. https://www.uscc.gov/sites/default/files/2024-11/Chapter_3–U.S.-China_Competition_in_Emerging_Technologies.pdf
5. https://www.uscc.gov/sites/default/files/2024-11/2024_Annual_Report_to_Congress.pdf
6. https://www.edelman.com/sites/g/files/aatuss191/files/2025-01/Global%20Top%2010%202025%20Trust%20Barometer.pdf
7. https://www.nationalsecurity.ai/chapter/executive-summary
8. https://ptacts.uspto.gov/ptacts/public-informations/petitions/1558121/download-documents?artifactId=z4DLuAiI8FBq5qxTCRlq-VPk-yx0lU4p_Mou2oSkOWL2OdIfZr8DAG4
9. https://www.jdsupra.com/legalnews/white-house-releases-2025-national-7517228/
10. https://www.biotech.senate.gov/wp-content/uploads/2025/04/NSCEB-Full-Report-%E2%80%93-Digital-%E2%80%934.28.pdf
11. https://www.imd.org/ibyimd/audio-articles/restoring-faith-in-leadership-in-the-age-of-grievance/
12. https://defensescoop.com/2024/01/08/ndaa-2024-quantum-provisions/
13. https://www.quantum.gov/wp-content/uploads/2022/08/NQIA2018-NDAA2022-CHIPS2022.pdf
14. https://www.quantum.gov/wp-content/uploads/2024/12/NQI-Annual-Report-FY2025.pdf
15. https://www.emergingtechnologiesinstitute.org/publications/insights/fy2025ndaa
16. https://www.nextgov.com/emerging-tech/2024/12/fy2025-ndaa-angles-enhance-dods-ai-and-quantum-sciences-capabilities/401545/

Beyond the Next Administration: Building Enduring Tech–Government Alliances for National Power was originally published on Global Security Review.

Maritime ports authorize customs clearance and are involved in regulatory checks, ensuring compliance with national and international law. Ports perform most of these functions digitally. Maritime ports are now under serious threat of malicious cyberattacks that can disrupt and compromise port operations worldwide.

Industry is deeply interconnected, and a cyberattack on one major port can send shockwaves through global trade networks. Consider a scenario where a major port, responsible for handling millions of cargo containers, suddenly halts operations due to a cyberattack. Cranes freeze, logistics systems collapse, and cargo ships are left stranded at sea. This is not a hypothetical scenario; it is a real and escalating threat to global trade.

The maritime industry, long seen as the backbone of international commerce, now faces an urgent cybersecurity crisis. Ports are no longer just about cranes and cargo; they have evolved into digital ecosystems reliant on interconnected networks, automation, and artificial intelligence. As ports become smarter, they are also becoming more vulnerable. Cybercriminals are increasingly exploiting these vulnerabilities, causing financial losses, operational disruptions, and even national security risks.

Maritime cyberattacks are no longer rare occurrences, they are becoming alarmingly frequent. In 2023, a ransomware attack crippled more than 1,000 vessels by targeting a software provider used across the shipping industry. The attack forced the shipping industry to shut down its ShipManager system, affecting global supply chains. A year earlier, the Port of Lisbon suffered a cyberattack that took its website offline for days, with the ransomware group LockBit claiming responsibility and alleging that it had stolen financial reports, contracts, and ship logs.

In Germany, a 2022 cyberattack on two oil companies disrupted fuel shipments, forcing Shell to reroute supplies and exposing the vulnerabilities of critical maritime infrastructure. The 2017 NotPetya ransomware attack, which paralyzed Maersk and caused an estimated $300 million in damage, remains one of the most devastating cyberattacks in shipping history.

Ports are among the most attractive targets for cybercriminals. The motives behind these attacks vary as some hackers seek financial gain, while others aim to steal sensitive trade-related data, and some may even use cyberattacks as part of hybrid warfare.

The economic consequences are staggering, from ransom payments and insurance hikes to delays that can ripple across global supply chains. Beyond financial losses, cyber threats to ports pose serious security risks. For example, a well-coordinated cyberattack on a major port could disrupt military logistics, cripple trade networks, or even manipulate cargo data to facilitate smuggling and illicit trade.

Hackers carry the potential for unauthorized intrusion into ports’ digital networks and interrupt ports’ routine operation through malicious software attacks. The workforce involved in port management may be trapped into revealing sensitive data by clicking on malicious links. The hackers can also disrupt digital networks that regulate critical port infrastructure, such as cranes, pumps, and valves. Supervisory control and data acquisition (SCADA) systems can come under cyber threats disrupting routine functions. Nonstandard computing hardware like sensors, actuators, or appliances that transmit data from the network wirelessly are vulnerable to data theft.

Hackers can steal data such as cargo manifests, crew information, and financial records. They can also manipulate data, such as altering cargo manifests, or manipulate navigation systems. Hackers can also steal intellectual property, such as trade secrets or proprietary software.

Another pressing issue is supply-chain security. Ports rely on a complex web of third-party vendors for logistics, software, and cargo management. If one vendor is compromised, the entire port system could be at risk.

Hackers can also use unmanned aerial vehicles (UAVs) for surveillance means or to attack port infrastructure, such as damaging equipment or disrupting power supplies. Ports may be exposed to cyberattacks through third-party suppliers, such as logistics providers or maintenance contractors. Ports may be exposed to cyberattacks through cargo and containers, which may contain malicious devices or software.

Cybersecurity in the maritime sector is often treated as an afterthought. Many ports still operate with outdated software and weak security protocols, making them easy targets. Given the critical role of ports in the global economy, the widening cybersecurity gap is a growing challenge. Strengthening port security necessitates urgent regulatory mechanisms, some of which are proposed below.

Regulatory Mechanisms

To mitigate the growing cyber threat, ports should adopt internationally recognized cybersecurity frameworks. First, ports should adhere to the rules and protocols of the International Maritime Organization’s (IMO) Maritime Cyber Risk Management Guidelines, the National Institute of Standards and Technology (NIST) Cybersecurity Framework, and ISO 27001 standards. Implementing these frameworks will help establish clear security protocols and ensure that ports are prepared to defend against cyberattacks.

Second, network security should be reinforced by segmenting information technology (IT) and operational technology (OT) systems, preventing malware from spreading across critical infrastructure. Regular penetration testing and vulnerability assessments can further identify weak points before attackers do.

Third, investing in cybersecurity training for port workers is equally crucial. Many cyberattacks exploit human error—phishing e-mails, weak passwords, and social engineering attacks remain among the most common entry points for hackers. A well-trained workforce can serve as the first line of defense against these threats.

Fourth, leveraging artificial intelligence and machine learning for threat detection can enhance ports’ ability to identify cyber risks before they escalate into full-scale attacks. Artificial intelligence (AI)–led systems can monitor network activity in real time, flagging suspicious behavior and predicting potential breaches before they happen. In this regard, the strict security assessments of third-party vendors and blockchain-based cargo tracking can enhance transparency and reduce the risk of supply-chain cyberattacks.

Fifth, beyond prevention, ports should also be prepared to respond effectively to cyber incidents. For this, establishing cyber incident response teams (CIRT) can ensure that ports have trained professionals ready to mitigate and recover from cyberattacks swiftly.

Sixth, regular cyber drills and crisis simulations should be conducted to test response plans. This ensures that when an attack occurs, the damage is minimized, and recovery is swift.

Seventh, international collaboration to deal with these threats is essential. Governments, port authorities, and private stakeholders should work together to share intelligence, standardize security protocols, and invest in collective defense mechanisms.

Public-private partnerships can play a key role in funding advanced cybersecurity infrastructure, while international regulatory bodies like the IMO must enforce stricter cybersecurity mandates across the industry. Finally, as ports transition into smart ports, powered by the internet of things (IoT), AI, and automation, cybersecurity should be at the forefront of maritime security strategies. Emerging technologies like quantum computing and zero trust architecture will play a crucial role in strengthening digital defenses, but ports should remain vigilant. The very technologies designed to enhance security could also introduce new vulnerabilities if not properly managed.

Cybersecurity is no longer just a technical issue; it is a fundamental pillar of modern port management. If cybersecurity continues to be treated as an afterthought, the next major cyberattack could bring global trade to a standstill. Ports are the lifelines of the world economy, and securing them is not just about protecting data, it is about safeguarding the stability of international commerce and national security.

Maryyum Masood is working as a Research Officer & Associate Editor at the Center for International Strategic Studies (CISS) Islamabad. She is an MPhil scholar in the Department of Strategic Studies at the National Defense University (NDU) Islamabad.

Rizwana Abbasi is an Associate Professor of Security Studies at the National University of Modern Languages, Islamabad, a non-resident Fellow of the Center for International Strategic Studies (CISS), Islamabad, and a Visiting Fellow at the Central European University of Austria.

Cybersecurity Framework for Maritime Port Management was originally published on Global Security Review.