Sanja Bauk

Sanja has an extensive background in maritime research. She started with a strong emphasis on technical subjects, but over time, she shifted her research interests towards informatics and human-computer interaction. When it comes to maritime cybersecurity, her focus lies in identifying vulnerabilities within electronic navigation devices and back-end information-communication systems. She also aspires to delve into the persona of a maritime hacker and develop the ability to profile one, although she acknowledges that finding credible sources in this niche field can be challenging.

For five years before taking her position in Estonia, Sanja served as an Associate Professor at the Maritime Studies Department of Durban University of Technology in South Africa. During this tenure, she taught courses on ECDIS and RADAR/ARPA at a simulation level, as well as modules on Logistics III, Research Methodology, and Research Project at both undergraduate and postgraduate levels. Notably, she authored two books during this period: “Maritime Issues in the Digital Age,” which is a research monograph, and “Electronic Chart Display and Information System in Brief,” designed as a textbook for students.

Before her stint at Durban University of Technology, Sanja held positions ranging from Lecturing Assistant to Assistant Professor to Associate Professor at the Maritime Faculty in Kotor, University of Montenegro, for over two decades. Additionally, she had opportunities to share her expertise as a guest lecturer and researcher at various international institutions such as Karl-Franzens University Graz in Austria, Lund University in Sweden, RWTH University Aachen in Germany, and City, University of London in England. At the Maritime Faculty in Kotor, her teaching responsibilities encompassed Operations Research and a group of subjects related to Electronic Navigation and IT applications in maritime. Leveraging her substantial experience in Operations Research, she authored the book “Quantitative Methods for Management” and contributed numerous articles to journals and conferences. These publications covered a wide range of topics, including ship route optimization, optimization of wireless sensor networks in seaport environments, ship’s hull structural stability, and the digital transformation of the maritime industry.

Currently, Sanja has set her sights on maritime cybersecurity, with a particular interest in exploring vulnerabilities in maritime navigation systems and global maritime supply chains. Her overarching goal is to construct a comprehensive profile of a maritime hacker.

What motivated you to specialize in maritime specifically?

It was rather a result of the circumstances, than my choice. A country, in which I was born, Yugoslavia, disassociated at the beginning of 90s, and then it was a war there. This had negative implications on the beginning of my career and consequently on its further development. I wrote about the choice of my career path in the book “Life Stories of Women in Academia” (which is available on Amazon). In fact, an “invisible hand” brought me to maritime, but I found many interesting things about mechanical and electronic navigational devices, ship’s route simulation and optimization, various IT applications in maritime, and so on. By enrolling Maritime Studies, unexpectedly, the “ocean of unknown” opened up to me. Moreover, this “ocean of unknown” stretches still out in front of me.

Why is Estonia/TalTech the best place for the ERA Chair project in 
maritime security?

Why Estonia and TalTech – foremost, the people and their commitment, skills and knowledge, their active attitude in the field at the university and in the sector.  TalTech is the best place to take the lead in this, as it has the IT, cybersecurity and maritime expertise and networking that can be integrated and linked to the wider sector to create a sustainable maritime cybersecurity hub. When we look Estonian dimension – of course, because of our nationally high digital capability and innovative maritime sector. When combined digitalization with the development potential of the maritime industry, Estonia is the best choice for a global maritime cybersecurity hub.

How do you see your leading role in the “Horizon 2020 ERA Chair” (or MariCybERA) project?

Due to my understanding, a leader is the first among the equals. Therefore, it is my pleasure and honour to be a representative of professionals, who can work independently, but who at the same time can function as a team. In the environment, which includes accountability and freedom of team members, along with their readiness to be team players, I can see myself as a good consultative leader. Of course, a sound team around you, composed of specialists devoted to their work, is extremely important. I would be happy, if I (finally) reached the stage in my professional life, at which a successful team stands with me. As a small digression, let me quote a Zulu (South African) proverb: “A human being is a human being because of other human beings”. In fact, we have to respect each other, share correctly our work and its outcomes with the team to which we belong.

How do you plan to contribute to the development and growth of the Maritime Cybersecurity Centre at TalTech?

I plan to work hard and honestly. As a consultative leader, I will undoubtedly need support of the team. I will continue to work as a researcher and publish papers in recognized journals and present the results of my research work at well-established international conferences in maritime. Besides, I plan to enhance all ongoing activities within the Canter and to try to popularize research and science through the contemporary media channels.

Thanks to my experience in different academic environments during the past three decades, I know how important is to have adequate institutional support, human potential, premises, and financial resources for ensuring viability of research endeavours. Therefore, in an attempt to achieve success, I need, and count on MariCybERA team, Maritime Academy, TalTech, and wider community support.

What aspects of the project attracted you to join our university?

I was looking to this project dominantly from maritime prospective, since it is closer to me. Maritime sector is lagging behind in terms of digitalization in comparison to other spheres of human activities. The same applies for maritime cybersecurity. I recall, when I was a beginner in academia, one of the professors gave me a valuable advice: “Search for the truth in the dark.” Therefore, carrying out research in maritime cybersecurity is like searching for the truth in a still unenlightened space and I consider it as a challenge.

What do you see as the biggest challenges and opportunities in the field of maritime cybersecurity today?

For me as a researcher, scarcity of knowledge in the field is the biggest challenge. The ultimate goal is to unroot cybercriminal in maritime and in general. However, since this idealistic striving  will not stop hackers, we have to focus of cybersecurity hygiene, law, technical solutions in IT domain, human factor, education in cybersecurity, and all other means and measures, which can mitigate cyber threats and attacks. Involving a larger number of professionals, who share the same “dream” of eradicating cyber threats and attacks, is something we should work on together, as a team.

Are there any specific research projects or initiatives you would like to pursue within the Maritime Cybersecurity Centre?

Firstly, I would like to edit a research monography on maritime cybersecurity, which will contain achievements of respected MariCybERA team members so far in this still underexplored research niche. It should be an “identity card” of the team and the opportunity for the public to become familiar with the team’s achievements. It might be useful reading for the professionals, but additionally it can serve for educational purposes. Regarding the popularization of research and science, this monography can also serve well. Of course, this is an initial idea and in parallel and later on, we should go beyond this. The other ideas or initiatives, which might come from MariCybERA team members, are more than welcome, as well.

How do you intend to engage and involve students in the field of maritime cybersecurity?

A good way should be to introduce the students with some serious cybersecurity attacks in maritime and awake their understanding of the problem and its complexity. This can motivate them to explore deeper maritime cybersecurity issues and become specialist in this new discipline. My colleagues might have some ideas about cybersecurity hackathons, e.g., and we can go further in this direction. An international summer school might be a good idea, as well. Alternatively, collaborative online international learning projects with peers in maritime cybersecurity can engage students deeper into the field. Flip classrooms are also one option, where students can prepare at home essays about maritime cybersecurity and present them later to the classmates. In such way, students can become co-creators of maritime cybersecurity curriculum.

How do you plan to leverage your international experience, particularly from South Africa and Montenegro, to benefit the Maritime Cybersecurity Centre and its goals?

Having a good network is of crucial importance in research and development. I expect assistance of some of my colleagues from Montenegro in applying for research and development project grants in the field of maritime safety, security, and cybersecurity in particular. When it comes to colleagues form South Africa, I supervise currently two PhD and two master students there, and they can involve different cybersecurity aspects into their studies, so it might be a contribution towards developing and sharing new knowledge internationally. 

They say Estonia is famous for digitalization, do you feel that Estonia is the best place to develop research in the field of maritime cybersecurity?

If I am right, Estonia is the sixth in the world regarding digital development index. On the other side, it is a maritime country. It has a fleet under its own flag, including ships engaged in international merchant and passenger shipping. At the Baltic Sea, Estonia is outdid only by Denmark and Sweden. Since two crucial elements for dealing with maritime cybersecurity are in place: Estonian high digital index and maritime affairs, it is up to the MariCyberERA team to use them properly.

What are your thoughts on the importance of public-private partnerships in addressing cybersecurity challenges in the maritime industry?

The regulations in cybersecurity, including its maritime dimension, are of crucial importance for stakeholders’ readiness to invest more in it. Intensifying efforts on establishing more comprehensive cybersecurity law in maritime should encourage private sector to take more actively part into tackling cybersecurity threats. Additionally, building the trust among stakeholders is very important, and public sector should play a key role in this regard by creating safe and secure environment for all involved parties across maritime cluster.

What are your thoughts on promoting diversity and inclusivity within the field of maritime cybersecurity, and how do you plan to address these aspects in your role as the head of the department?

Maritime cybersecurity does not necessarily require seagoing time (experience) and therefore it provides numerous research and working opportunities for variety of persons with adequate technical, digital and social skills, who are interested in this discipline. As a person with international working experience, I have developed a high level of diversity understanding and expanded my awareness about inclusivity. High level of social and emotional intelligence, along with compassion, play important roles in uplifting awareness about diversity and inclusion needs in today’s society. I am ready to advocate and practice diversity and inclusion in my working environment, whenever the circumstances require it.  

How do you see the role of the Maritime Cybersecurity Centre in contributing to the overall cybersecurity landscape both nationally and internationally?

The role of the Maritime Cybersecurity Centre should be to contribute to the corpora of objective knowledge in the domain of maritime cybersecurity and beyond. Maritime cluster is huge and maritime cybersecurity tangents all spheres of digital infrastructure, including its designers, managers, and users. Therefore, the Centre should give a significant contribution to all vital aspects of maritime business and industry, which now-a-days inevitably merge physical and digital realms.

Contact: sanja.bauk@taltech.ee