%0 Journal Article
%T Developing a Comprehensive Cyber Risk Assessment Framework for Supply Chains: Insights into Third-Party Vulnerabilities and Security Gaps
%A Muhannad Almohaimeed
%A Faisal Albalwy
%A Rawan Alharbi
%A Aisha Alqarni
%A Abrar Aljohani
%J Intelligent Information Management
%P 58-77
%@ 2160-5920
%D 2025
%I Scientific Research Publishing
%R 10.4236/iim.2025.173004
%X This research developed an all-rounded cyber risk assessment framework for supply chains, which focused on third-party vulnerabilities and security gaps that arise due to increasing digitalization. The objectives were to identify key cybersecurity vulnerabilities, profile third-party risks, and formulate actionable strategies to enhance resilience. Informed by research questions on principal vulnerabilities, managing third-party risk, and cybersecurity strategies that scale, this methodology combined data analytics and a literature review against aligned frameworks like the NIST Cybersecurity Framework and ISO/IEC 27001. Critical risks included noncompliance standards, ineffective sharing of data, malware threats, and disruption to operations because of system downtime. These would encompass proactive steps such as blockchain-based traceability, improved encryption protocols, and periodic third-party audits. Periodic risk assessments were recommended; IoT and blockchain were used for real-time supply chain visibility; cybersecurity training was provided to stakeholders; and sustainability was integrated within the risk management framework. The contribution resulted in the development of a safe and resilient digital ecosystem with practical solutions to protect organizations from cyber threats while business continuity was assured. Future research should go on to validate the framework in real-world contexts and address the implications of emerging technologies such as quantum computing and AI on supply chain cybersecurity.
%K Supply Chain Cybersecurity
%K Data Analytics
%K Risk Assessment
%K Vulnerability Identification
%K Third-Party Risk
%K Risk Management
%U http://www.scirp.org/journal/PaperInformation.aspx?PaperID=142683