This paper presents a modular cyber security training programme for the maritime domain, called Maritime Cyber Security (MarCy), developed using the Critical Events Model (CEM). The programme was evaluated using the Delphi technique with the participation of 19 experts from academia and industry. The MarCy programme is designed to provide cyber security training for seafarers and office employees in shipping companies. Eleven elective modules were proposed to improve the knowledge, skills, and attitude of learners against cyber risks. The programme can be implemented by universities, shipping companies, training institutes, and governmental organizations for maritime cyber security training purposes. The maritime industry is a vital sector in global supply chains and is increasingly dependent on advanced technology, which has increased the risk of cyber threats. The human element is still one of the main weaknesses in cyber security, and many cyber attacks take advantage of human personnel's lack of awareness. Current research is limited in its offerings for cyber security training specific to maritime personnel. Role-based cyber security training is suggested in many maritime guidelines, but most training programmes offer generic content. Each role in the maritime industry requires specific learning needs for cyber security. For instance, a Ship Security Officer (SSO) who could be responsible for cyber security onboard should get deeper knowledge about cyber risks compared to a second engineer (2/E). The study focuses on the development of a modular cyber security training programme for the maritime domain. The programme was developed using the Critical Events Model (CEM) and was later evaluated through a Delphi technique with the participation of 19 experts from academia and industry. Eleven elective modules were designed for the cyber security training of seafarers and office staff in shipping companies. The study also includes discussions of academics and professionals about maritime cyber security training in different dimensions. The study reviewed existing maritime cyber security training programmes and guidelines, and identified the need for a modular, role-based training programme. The MarCy programme was developed to address the gaps in current training offerings and to provide a more effective and targeted approach to cyber security training for maritime personnel. The programme was evaluated using the Delphi technique, which is a method of gathering expert opinions to reach a consensus on the effectiveness and usability of the programme. The results of the evaluation indicated that the MarCy programme is a valid and effective approach to cyber security training for the maritime domain. The programme can be implemented by universities, shipping companies, training institutes, and governmental organizations for maritime cyber security training purposes.This paper presents a modular cyber security training programme for the maritime domain, called Maritime Cyber Security (MarCy), developed using the Critical Events Model (CEM). The programme was evaluated using the Delphi technique with the participation of 19 experts from academia and industry. The MarCy programme is designed to provide cyber security training for seafarers and office employees in shipping companies. Eleven elective modules were proposed to improve the knowledge, skills, and attitude of learners against cyber risks. The programme can be implemented by universities, shipping companies, training institutes, and governmental organizations for maritime cyber security training purposes. The maritime industry is a vital sector in global supply chains and is increasingly dependent on advanced technology, which has increased the risk of cyber threats. The human element is still one of the main weaknesses in cyber security, and many cyber attacks take advantage of human personnel's lack of awareness. Current research is limited in its offerings for cyber security training specific to maritime personnel. Role-based cyber security training is suggested in many maritime guidelines, but most training programmes offer generic content. Each role in the maritime industry requires specific learning needs for cyber security. For instance, a Ship Security Officer (SSO) who could be responsible for cyber security onboard should get deeper knowledge about cyber risks compared to a second engineer (2/E). The study focuses on the development of a modular cyber security training programme for the maritime domain. The programme was developed using the Critical Events Model (CEM) and was later evaluated through a Delphi technique with the participation of 19 experts from academia and industry. Eleven elective modules were designed for the cyber security training of seafarers and office staff in shipping companies. The study also includes discussions of academics and professionals about maritime cyber security training in different dimensions. The study reviewed existing maritime cyber security training programmes and guidelines, and identified the need for a modular, role-based training programme. The MarCy programme was developed to address the gaps in current training offerings and to provide a more effective and targeted approach to cyber security training for maritime personnel. The programme was evaluated using the Delphi technique, which is a method of gathering expert opinions to reach a consensus on the effectiveness and usability of the programme. The results of the evaluation indicated that the MarCy programme is a valid and effective approach to cyber security training for the maritime domain. The programme can be implemented by universities, shipping companies, training institutes, and governmental organizations for maritime cyber security training purposes.