The Creation and Role of Maritime Cybersecurity Governance

Research output: ThesisDoctoral Thesis


This thesis investigates and contributes to the understanding of the development of maritime cybersecurity governance. Over the past decade the maritime sector, like many other sectors, has faced an increase in digital technologies integrated into everyday operations. Protecting these digital assets is vital as over 80% of world merchandise by volume is carried by sea (UNCTAD 2020). Through the ratification of MSC.428(98), the International Maritime Organization (IMO) has started the process of governing maritime cyber risk. However, this thesis will argue that this Resolution will be just one of many governance instruments that will be needed to govern maritime cyber risk effectively.

This thesis is broadly divided into three parts. The first part explores the rich history of cooperation within maritime governance. Considering the maritime space as a global common, this thesis will discuss how the international community has used existing frameworks like the United Nations Convention on the Law of the Sea (UNCLOS) to govern maritime cyberspace. However, like-minded stakeholders have formed additional governance regimes in order to address and manage issue complexity. This thesis utilises an ethnographic methodology to develop an understanding of how these complex governance regimes work, and how its constituent parts interact. Through this cooperation, it is hoped that effective maritime cybersecurity governance can be created.

The second part of this thesis considers how maritime governance intersects with cybersecurity. This thesis will demonstrate that the collaborative approach adopted by the maritime sector is not without its challenges. Due to this research's direct engagement with the sector, many of these challenges have been witnessed first-hand, allowing for a better understanding of their influence over the governance regime. Allowing this section to conclude that the governance of maritime cybersecurity is complex, and that the international community is still only at the infancy stage of its development.

The third and final part will look at what the future holds for maritime cybersecurity governance, utilising the themes of robustness and resilience. By considering how the sector has effectively created governance for other risks a more resilient approach to cybersecurity governance is emerging. Future challenges for cybersecurity governance remain however, including increased digitalisation and autonomy. This thesis concludes with a critical overview of maritime cybersecurity governance and offers policy-relevant insights into how the governance decisions of today, could improve cybersecurity for the sector in the future - and ensure as a consequence that a critical component in the global economy is safe-guarded.
Original languageEnglish
Awarding Institution
  • Royal Holloway, University of London
  • Dodds, Klaus, Supervisor
  • Martin, Keith M., Supervisor
Award date1 Feb 2023
Publication statusUnpublished - 2023


  • Maritime
  • Cybersecurity
  • Cybersecurity Governance
  • Maritime Cybersecurity

Cite this