Adapting supply chain management strategies to security – an analysis of existing gaps and recommendations for improvement

Urciuoli, Luca; Hintsa, Juha

doi:10.1080/13675567.2016.1219703

Cited by 33 publications

(33 citation statements)

References 50 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In this study, a few articles (e.g. Faisal et al, 2007;Smith et al, 2007;Charitoudi and Blyth, 2014;Tran et al, 2016;Urciuoli and Hintsa, 2017) acknowledge natural disasters as a critical driver for cyber risks. For example, when a flood or a tornado disrupts the functioning of servers, which then interferes with the seamless flow of the cyber supply chain network.…”

Section: Physical Threatsmentioning

confidence: 89%

“…Meanwhile, Smith et al (2007) and Urciuoli and Hintsa (2017) go one step further and add the deliberate damaging or theft of physical infrastructure components to this physical risk category. Faisal et al (2007) also consider terrorist attacks to be a part of the physical aspect of cyber risks.…”

Section: Physical Threatsmentioning

confidence: 99%

“…Data theft is central to cybercrime (Urciuoli and Hintsa, 2017) which, to date, seems to have exempted communities from direct cyber-attack. The risk propagation model proposed here, suggests supply chain risks are not static and, propagate out from the centre of risk occurrence to other related areas with the 'cascading or ripple effect' (Ghadge et al, 2013;Dolgui et al, 2018).…”

Section: Propagation Zonesmentioning

confidence: 99%

See 2 more Smart Citations

Managing cyber risk in supply chains: a review and research agenda

Ghadge

Weiß

Caldwell

et al. 2019

SCM

121

View full text Add to dashboard Cite

Purpose In spite of growing research interest in cyber security, inter-firm based cyber risk studies are rare. Therefore, this study aims to investigate cyber risk management in supply chain contexts. Design/methodology/approach Adapting a systematic literature review process, papers from interdisciplinary areas published between 1990 and 2017 were selected. Different typologies, developed for conducting descriptive and thematic analysis, were established using data mining techniques to conduct a comprehensive, replicable and transparent review. Findings The review identifies multiple future research directions for cyber security/resilience in supply chains. A conceptual model is developed, which indicates a strong link between information technology, organisational and supply chain security systems. The human/behavioural elements within cyber security risk are found to be critical; however, behavioural risks have attracted less attention because of a perceived bias towards technical (data, application and network) risks. There is a need for raising risk awareness, standardised policies, collaborative strategies and empirical models for creating supply chain cyber-resilience. Research limitations/implications Different types of cyber risks and their points of penetration, propagation levels, consequences and mitigation measures are identified. The conceptual model developed in this study drives an agenda for future research on supply chain cyber security/resilience. Practical implications A multi-perspective, systematic study provides a holistic guide for practitioners in understanding cyber-physical systems. The cyber risk challenges and the mitigation strategies identified support supply chain managers in making informed decisions. Originality/value To the best of the authors’ knowledge, this is the first systematic literature review on managing cyber risks in supply chains. The review defines supply chain cyber risk and develops a conceptual model for supply chain cyber security systems and an agenda for future studies.

show abstract

Section: Physical Threatsmentioning

confidence: 89%

Section: Physical Threatsmentioning

confidence: 99%

Section: Propagation Zonesmentioning

confidence: 99%

See 1 more Smart Citation

Managing cyber risk in supply chains: a review and research agenda

Ghadge

Weiß

Caldwell

et al. 2019

SCM

121

View full text Add to dashboard Cite

show abstract

“…Supply chain managers and suppliers share a large amount of data to support communication and collaborative efforts as well as build trust in the supply chain management process (Urciuoli and Hintsa, 2017). According to Boiko et al (2019) "the chains of manufacturers, suppliers, contractors, transport and trading companies are intertwined in the most intimate way and are already real online networks" (p. 67).…”

Section: Overviewmentioning

confidence: 99%

“…With the increase in cybercrimes and identity thefts, it is crucial for both supply chain managers and information security managers to understand the importance of embracing ethical cultures, moral reasoning, and ethical decision making. Urciuoli and Hintsa (2017) asserted that most supply chain managers were unaware of their supply chain exposure to cyberattack because they lacked visibility across the entire supply chain. This assertion supports the need for whistleblowing.…”

Section: Risk Of Reprisalmentioning

confidence: 99%