This study addresses the critical gap in effective cybersecurity training for C-suite executives in the maritime sector, who often struggle to respond to complex cyber incidents. To bridge this gap, the authors propose SERDUX-MARCIM, a novel hybrid training framework that integrates mathematical contagion models with tabletop exercises (TTX). This approach uniquely combines dynamic multi-node attack simulation with scenario-based decision-making drills, significantly enhancing executives’ cyber situational awareness, anticipatory judgment, and governance capabilities. Empirical evaluations conducted in Argentina and the United States demonstrate that the framework effectively improves participants’ understanding of cyber threats, their ability to forecast attack trajectories, and their organizations’ overall cybersecurity governance maturity.

As cyber threats grow in complexity and scale, many security incidents remain poorly managed due to the lack of proper training among C-level executives. Thus, there is a need for targeted cybersecurity education to enhance executive decision-making and crisis response. Traditional training methods, such as cyber wargames and Tabletop Exercises (TTX), aim to develop abilities to face critical incidents, however, they often lack the interactive and dynamic elements required to prepare individuals for real-world cyber incidents. This paper presents a novel approach to cybersecurity and cyberdefense education through the design of a specialized hybrid TTX for the maritime domain, which uses a framework to model mathematically how a cyberattack spreads along multiple nodes and impacts infrastructure. Our proposal was validated through exercises in Argentina and the United States, demonstrating a positive impact in developing the comprehension and projection levels of Cyber Situational Awareness (CSA), and reinforcing governance. Documentation about the Hybrid TTX, scenario, datasets and implementation of the SERDUX-MARCIM model, is available at the project repository at https://github.com/diegocabuya/SERDUX-MARCIM