Cybersecurity in Tanzanian Maritime Operations: Exploring Global Best Practices and Their Local Adaptation Using the Cybersecurity Capability Maturity Model (C2M2)

Mayala Lutome Patrick Edrick Johansen Mugisha Keneth Oliver Mbaga Mansour Likamba

DOI:

https://doi.org/10.18535/sshj.v8i10.1421

##plugins.themes.novelty.article.sidebar##

Issue
Vol. 8 No. 10 (2024)
Published
2024-10-26
Keywords:
    Cybersecurity, Maritime Operations, Risk Management, Cyber Resilience
PDF

Abstract

The increasing integration of digital technologies in maritime operations has significantly enhanced efficiency in cargo tracking, port management, and communication systems. However, this digital transformation also introduces substantial cybersecurity risks, particularly in developing regions like Tanzania, where technological infrastructure and specialized skills may lag behind global standards. This study evaluates the cybersecurity readiness of three key Tanzanian maritime organizations Tanzania Ports Authority (TPA), Tanzania Shipping Agency Corporation (TASAC), and SINOTASHIP using the Cybersecurity Capability Maturity Model (C2M2). Through a detailed assessment across ten C2M2 domains, the study identifies existing strengths and critical gaps in areas such as risk management, asset management, and incident response. The findings reveal that while basic cybersecurity practices exist, they are largely reactive, with most domains scoring between Level 1 (Initial) and Level 3 (Defined). This lack of advanced, proactive measures poses significant risks to Tanzania's maritime infrastructure, particularly given the strategic role of ports like Dar es Salaam in regional trade. The study highlights the need for tailored improvements, including enhanced asset management, continuous workforce training, and real-time monitoring systems, to bridge the gap between global standards and local practices. By implementing these measures, Tanzanian maritime operations can strengthen their resilience against cyber threats, ensuring secure and efficient port operations in an increasingly interconnected world.

References

1. Allianz Global Corporate & Specialty (AGCS). (2020). Rising Sophistication of Cyber Attacks in Maritime Industry. Retrieved from
https://www.agcs.allianz.com/news-and-insights/reports/shipping-review.html
2. Allianz Global Corporate & Specialty (AGCS). (2020). Safety and Shipping Review 2020: Cyber Risks in Maritime Operations. Retrieved from
https://www.agcs.allianz.com
3. BIMCO, CLIA, ICS, INTERCARGO, INTERTANKO. (2018). Guidelines on Cyber Security Onboard Ships (Version 3). Retrieved from https://www.bimco.org
4. BIMCO, et al. (2018). Guidelines on Cyber Security Onboard Ships. Retrieved from https://www.bimco.org
5. BIMCO. (2018). Over 40% of Shipping Companies Affected by Cyber-Attacks. Retrieved from https://www.bimco.org
6. Chalya, S., & Mkoma, H. (2020). Cybersecurity Preparedness in the Maritime Sector: A Case of Tanzania.
7. European Commission. (2016). The Network and Information Systems (NIS) Directive. Retrieved from
https://digital-strategy.ec.europa.eu/en/policies/nis-directive
8. International Maritime Organization (IMO). (2017). Resolution MSC.428(98) on Maritime Cyber Risk Management in Safety Management Systems. Retrieved from https://www.imo.org/en/MediaCentre/HotTopics/Pages/Guidelines-on-Maritime-Cyber-Risk-Management.aspx
9. International Maritime Organization (IMO). (2020). Global Rise in Cyberattacks on Maritime Operations. Retrieved from https://www.imo.org
10. Jones, P., & Tam, Y. (2019). Impact of Cyber Threats on Global Maritime Trade.
11. Kaspersky. (2018). Ransomware Attack on A.P. Moller-Maersk: Case Study. Retrieved from https://www.kaspersky.com
12. Maersk. (2018). NotPetya Cyber Attack: Financial and Operational Impacts. Retrieved from https://www.maersk.com
13. Maritime and Port Authority of Singapore (MPA). (2019). Maritime Cybersecurity Programme: A Collaborative Initiative. Retrieved from https://www.mpa.gov.sg
14. Mwangoka, J., & Mtenzi, F. (2019). Cybersecurity Challenges in Developing Nations: A Tanzanian Perspective.
15. U.S. Department of Energy (DOE). (2014). Cybersecurity Capability Maturity Model (C2M2) Version 1.1. Retrieved from https://www.energy.gov/c2m2

Authors

Mayala Lutome Patrick
Assistant Lecturer, Dar es Salaam Maritime Institute
Edrick Johansen Mugisha
Dar es Salaam Maritime Institute
https://orcid.org/0009-0008-4623-356X
Keneth Oliver Mbaga
Dar es Salaam Maritime Institute
Mansour Likamba
Assistant Lecturer, Dar es Salaam Maritime Institute
[1]
“Cybersecurity in Tanzanian Maritime Operations: Exploring Global Best Practices and Their Local Adaptation Using the Cybersecurity Capability Maturity Model (C2M2)”, Soc. sci. humanities j., vol. 8, no. 10, pp. 5688–5697, Oct. 2024, doi: 10.18535/sshj.v8i10.1421.