The global maritime industry is rapidly digitizing, increasing its vulnerability to cyber threats. While various security measures are being implemented, human factors remain a significant weakness. This study addresses the need for specialized cyber security training for maritime personnel by developing a modular training program called Maritime Cyber Security (MarCy). The program was designed using the Critical Events Model (CEM) and evaluated through the Delphi technique with 19 experts from academia and industry. MarCy offers eleven elective modules to enhance the knowledge, skills, and attitudes of seafarers and office employees in shipping companies against cyber risks. The program can be implemented by universities, shipping companies, training institutes, and governmental organizations. The study also discusses the current state of maritime cyber security training, including the limitations of existing programs and the importance of role-based training. The methodology section outlines the steps of the MarCy program and the modifications made to the CEM to incorporate a modular approach. The evaluation step was simplified to focus on internal stakeholders' feedback, ensuring the training is tailored to the needs of learners.The global maritime industry is rapidly digitizing, increasing its vulnerability to cyber threats. While various security measures are being implemented, human factors remain a significant weakness. This study addresses the need for specialized cyber security training for maritime personnel by developing a modular training program called Maritime Cyber Security (MarCy). The program was designed using the Critical Events Model (CEM) and evaluated through the Delphi technique with 19 experts from academia and industry. MarCy offers eleven elective modules to enhance the knowledge, skills, and attitudes of seafarers and office employees in shipping companies against cyber risks. The program can be implemented by universities, shipping companies, training institutes, and governmental organizations. The study also discusses the current state of maritime cyber security training, including the limitations of existing programs and the importance of role-based training. The methodology section outlines the steps of the MarCy program and the modifications made to the CEM to incorporate a modular approach. The evaluation step was simplified to focus on internal stakeholders' feedback, ensuring the training is tailored to the needs of learners.