This research developed an all-rounded cyber risk assessment framework for supply chains, which focused on third-party vulnerabilities and security gaps that arise due to increasing digitalization. The objectives were to identify key cybersecurity vulnerabilities, profile third-party risks, and formulate actionable strategies to enhance resilience. Informed by research questions on principal vulnerabilities, managing third-party risk, and cybersecurity strategies that scale, this methodology combined data analytics and a literature review against aligned frameworks like the NIST Cybersecurity Framework and ISO/IEC 27001. Critical risks included noncompliance standards, ineffective sharing of data, malware threats, and disruption to operations because of system downtime. These would encompass proactive steps such as blockchain-based traceability, improved encryption protocols, and periodic third-party audits. Periodic risk assessments were recommended; IoT and blockchain were used for real-time supply chain visibility; cybersecurity training was provided to stakeholders; and sustainability was integrated within the risk management framework. The contribution resulted in the development of a safe and resilient digital ecosystem with practical solutions to protect organizations from cyber threats while business continuity was assured. Future research should go on to validate the framework in real-world contexts and address the implications of emerging technologies such as quantum computing and AI on supply chain cybersecurity.
References
[1]
Linton, J.D., Boyson, S. and Aje, J. (2014) The Challenge of Cyber Supply Chain Security to Research and Practice—An Introduction. Technovation, 34, 339-341. https://doi.org/10.1016/j.technovation.2014.05.001
[2]
Manuj, I. and Mentzer, J.T. (2008) Global Supply Chain Risk Management Strategies. International Journal of Physical Distribution & Logistics Management, 38, 192-223. https://doi.org/10.1108/09600030810866986
[3]
Luiijf, E., Besseling, K. and Graaf, P.D. (2013) Nineteen National Cyber Security Strategies. International Journal of Critical Infrastructures, 9, 3-31. https://doi.org/10.1504/ijcis.2013.051608
[4]
Reade, C. (2009) Human Resource Management Implications of Terrorist Threats to Firms in the Supply Chain. International Journal of Physical Distribution & Logistics Management, 39, 469-485. https://doi.org/10.1108/09600030910985820
[5]
Mu, R.P. and Fan, Y.G. (2014) Security in the Cyber Supply Chain: A Chinese Perspective. Technovation, 34, 385-386. https://doi.org/10.1016/j.technovation.2014.02.004
[6]
Manzouri, M., Ab Rahman, M.N., Nasimi, F. and Arshad, H. (2013) A Model for Securing Sharing Information across the Supply Chain. American Journal of Applied Sciences, 10, 253-258. https://doi.org/10.3844/ajassp.2013.253.258
[7]
Huong Tran, T.T., Childerhouse, P. and Deakins, E. (2016) Supply Chain Information Sharing: Challenges and Risk Mitigation Strategies. Journal of Manufacturing Technology Management, 27, 1102-1126. https://doi.org/10.1108/jmtm-03-2016-0033
[8]
Linkov, I., Eisenberg, D.A., Plourde, K., Seager, T.P., Allen, J. and Kott, A. (2013) Resilience Metrics for Cyber Systems. Environment Systems and Decisions, 33, 471-476. https://doi.org/10.1007/s10669-013-9485-y
[9]
Syed, N.F., Shah, S.W., Trujillo-Rasua, R. and Doss, R. (2022) Traceability in Supply Chains: A Cyber Security Analysis. Computers & Security, 112, Article ID: 102536. https://doi.org/10.1016/j.cose.2021.102536
[10]
Alzahrani, A. and Asghar, M.Z. (2024) Cyber Vulnerabilities Detection System in Logistics-Based Iot Data Exchange. Egyptian Informatics Journal, 25, Article ID: 100448. https://doi.org/10.1016/j.eij.2024.100448
[11]
Gani, A.B.D., Fernando, Y., Lan, S., Lim, M.K. and Tseng, M. (2022) Interplay between Cyber Supply Chain Risk Management Practices and Cyber Security Performance. Industrial Management & Data Systems, 123, 843-861. https://doi.org/10.1108/imds-05-2022-0313
[12]
Layode, O., Naiho, H.N.N., Labake, T.T., Adeleke, G.S. and Johnson, E. (2024) Addressing Cybersecurity Challenges in Sustainable Supply Chain Management: A Review of Current Practices and Future Directions. International Journal of Management & Entrepreneurship Research, 6, 1954-1981. https://doi.org/10.51594/ijmer.v6i6.1208
[13]
Zekhnini, K., Chaouni Benabdellah, A., Bag, S. and Gupta, S. (2024) Supply Chain 5.0 Digitalization: An Integrated Approach for Risk Assessment. Management Decision. https://doi.org/10.1108/md-12-2023-2329
[14]
Hua, K., Levia, R., Yahaloma, R. and Zerhounia, E.G. (2022) Supply Chain Characteristics as Predictors of Cyber Risk: A Machine-Learning Assessment. International Journal of Unconventional Computing, 18, 115-144.
[15]
Khan, K. (2021) Developing a Framework for Smart Supply Chain Risk Assessment. MSc Thesis, Ryerson University.
[16]
Ozkan-Ozen, Y.D., Sezer, D., Ozbiltekin-Pala, M. and Kazancoglu, Y. (2022) Risks of Data-Driven Technologies in Sustainable Supply Chain Management. Management of Environmental Quality: An International Journal, 34, 926-942. https://doi.org/10.1108/meq-03-2022-0051