Cyber security risks in globalized supply chains: conceptual framework

Pandey, Shipra; Singh, Rajesh Kumar; Gunasekaran, Angappa; Kaushik, Anjali

doi:10.1108/jgoss-05-2019-0042

Cited by 86 publications

(61 citation statements)

References 83 publications

(105 reference statements)

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…These systems make it necessary to analyze Cybersecurity risks in a globalized Supply Chain. Some occur due to cyber-attacks that cause an operational disruption in the SC; others cause an operational disruption affecting the entire Supply Chain, and others are produced by an inappropriate interaction between man and machine [ 55 ]. In addition to Cybersecurity, security in the traceability of operations is also necessary, for which a reference architecture of the applicability of Blockchain technology is necessary as well [ 56 ].…”

Section: Resultsmentioning

confidence: 99%

Sustainability in the Aerospace, Naval, and Automotive Supply Chain 4.0: Descriptive Review

et al. 2020

View full text Add to dashboard Cite

The search for sustainability in the Supply Chain (SC) is one of the tasks that most concerns business leaders in all manufacturing sectors because of the importance that the Supply Chain has as a transversal tool and due to the leading role that it has been playing lately. Of all the manufacturing sectors, this study focuses on the aerospace, shipbuilding, and automotive sectors identified as transport. The present study carries out a descriptive review of existing publications in these three sectors in relation to the sustainability of the Supply Chain in its 4.0 adaptation as an update in matters that are in constant evolution. Among the results obtained, Lean practices are common to the three sectors, as well as different technologies focused on sustainability. Furthermore, the results show that the automotive sector is the one that makes the greatest contribution in this sense through collaborative programs that can be very useful to the other two sectors, thus benefiting from the consequent applicable advantages. Meanwhile, the Aerospace and Shipbuilding sectors do not seem to be working on promoting a sustainable culture in the management of the Supply Chain or on including training programs for their personnel in matters related to Industry 4.0.

show abstract

Section: Resultsmentioning

confidence: 99%

Sustainability in the Aerospace, Naval, and Automotive Supply Chain 4.0: Descriptive Review

et al. 2020

View full text Add to dashboard Cite

show abstract

“…Among the elements, much of the focus for research still appears to be on cyber risks, sources of cyber risks and measures to tackle them. Previous contributions mainly present conceptual frameworks without empirical data (Boyson, 2014;Radanliev et al, 2020), investigations with illustrative cases or on companies working in different supply chains (Urciuoli and Hintsa, 2017;Pandey et al, 2020) or modelling efforts on specific issues or risk events (Deane et al, 2009;Li and Xu, 2020). The only contributions on the evaluation of perceptions within the investigated field focus either on the effect of incident awareness on information security policies (Volpentesta et al, 2011) or on perceptions of risks and IT interventions (Gaudenzi and Siciliano, 2017) but without embracing cyber risks according to a supply chain perspective.…”

Section: Theoretical Backgroundmentioning

confidence: 99%

“…Consequently, it appears that the industrial and scientific communities are concentrated on trying to make sense of "what can be done" to deal with cyber and information risks in the supply chain, particularly at the IT security level within the boundaries of the single organizations, without focusing first on the elements constituting a supply chain security strategy. Developing a fully integrated strategic approach to cyber risk is fundamental to supply chains and to think about how to address cyber risk at the end of the strategic process is simply too late in a cyber supply chain management process (Pandey et al, 2020). These elements also constitute the pillars for creating alignment in the supply chain regarding what kind of policies, actions and initiatives should be undertaken to secure the entire supply chain, rather than protecting only single organizations, which by themselves can become individual points of failure in cyberspace.…”

Section: Introductionmentioning

confidence: 99%

Who cares? Supply chain managers’ perceptions regarding cyber supply chain risk management in the digital transformation era

Creazza

Colicchia

Spiezia

et al. 2021

SCM

View full text Add to dashboard Cite

Purpose The purpose of this paper is to explore the perceptions of supply chain managers regarding the elements that make up cyber supply chain risk management (CSCRM) and the related level of alignment, to understand how organizations can deploy a CSCRM strategy that goes beyond the technical, internal functioning of single companies and moves beyond the dyad, to create a better alignment that can ultimately lead to improved cyber supply chain resilience. Design/methodology/approach An exploratory survey in the fast-moving consumer goods (FMCG) industry involving over 100 organizations in Italy was conducted. Results were analysed through one-way analysis of variance, to appraise the differences in the perceptions of the various actors of the FMCG supply chain (Manufacturers, Logistics Service Providers, Retailers). Findings While a certain degree of alignment of the perceptions across the FMCG supply chain exists, the study found that Logistics Service Providers can play a crucial role as orchestrators of the CSCRM process towards a more “supply chain-oriented” response to cyber threats and risk events. The research also highlights the necessity to see people as key elements for improving cyber resilience in the supply chain. Research limitations/implications Through a vertical analysis of a supply chain, the study extends the existing theory on CSCRM, which contains isolated case studies. It also contributes to extending the current theory with the proposal of the paradigm of Logistics Service Providers as orchestrators of the CSCRM process. The study combines different classifications of CSCRM initiatives and embraces theories external to the supply chain literature. Practical implications Through the empirical analysis, this study helps practitioners in streamlining the design of cyber security strategies and actions that span across the supply chain for better alignment. This could mean more coordination of efforts and more targeted/accurate investments in CSCRM initiatives. The study invites practitioners to ponder the perceived relevance of the human factor as a source of risk and the perceived importance of countermeasures aimed at mitigating risk events stemming from that source. Originality/value By focusing on an entire supply chain, this is one of the first studies on CSCRM that goes beyond the dyad. Its originality also lies in its use of the investigations of perceptions along the supply chain as pillars for the alignment of CSCRM strategies and mitigation initiatives. This original perspective allows for discovering the role of Logistics Service Providers in driving the alignment of the efforts towards better outcomes of the CSCRM process.

show abstract

“…11 Pandey and Singh describe a range of methods of attacking supply chain systems, from pre-installed malware on manufacturer components, to Denial of Service (DoS) attacks compromising availability of resources, direct attacks to damage and destroy services and, in particular, the ease of initial attacks against a thirdparty enabling access to their ultimate target. 12 A global supply chain survey by BlueVoyant reported that 80 % of participants had experienced a third-party breach during the past year and 77 % have limited visibility of their supply chain, with only 2 % managing to monitor their vendors in real time or daily. The energy system is becoming more distributed with an increasing reliance on third parties.…”

Section: Supply Chain Compromisesmentioning

confidence: 99%

634 Views No files have yet been downloaded. 0 Citations See all citations Reviewed article Interorganizational Cooperation in Supply Chain Cybersecurity: A Cross-Industry Study of the Effectiveness of the UK Implementation of the NIS Directive

Wallis¹,

Johnson²,

Khamis³

2021

ISIJ

View full text Add to dashboard Cite

The transposition of the EU Directive on Network and Information Security (NIS) by EU Member States involved assigning a set of responsibilities to operators, regulators and policy makers within a national cybersecurity strategy, in order to improve cybersecurity levels across critical infrastructures. This research investigates the perspectives and experiences of organisations affected by the NIS Directive focussing on three different sectors (Energy, Water & Aviation). The authors evaluate the response of different actors to NIS interventions and their challenges in meeting their assigned responsibilities, in particular their ability to oversee supply chain cybersecurity. It proposes further support for partnerships and cooperation across organisations to increase the effectiveness of NIS implementation. Based on results from semi-structured interviews and observations of industry working groups, an approach to supply chain oversight to achieve a balance between control and cooperation is recommended, to improve cybersecurity within industry sectors and across critical national infrastructures. Although our initial focus has been on working mainly with UK stakeholders, we argue that our recommendations have a more general application beyond those countries directly affected by the Directive.

show abstract

Cyber security risks in globalized supply chains: conceptual framework

Cited by 86 publications

References 83 publications

Sustainability in the Aerospace, Naval, and Automotive Supply Chain 4.0: Descriptive Review

Sustainability in the Aerospace, Naval, and Automotive Supply Chain 4.0: Descriptive Review

Who cares? Supply chain managers’ perceptions regarding cyber supply chain risk management in the digital transformation era

634 Views No files have yet been downloaded. 0 Citations See all citations Reviewed article Interorganizational Cooperation in Supply Chain Cybersecurity: A Cross-Industry Study of the Effectiveness of the UK Implementation of the NIS Directive

Contact Info

Product

Resources

About