全部 标题 作者
关键词 摘要

OALib Journal期刊
ISSN: 2333-9721
费用:99美元

查看量下载量

相关文章

更多...

Developing a Comprehensive Cyber Risk Assessment Framework for Supply Chains: Insights into Third-Party Vulnerabilities and Security Gaps

DOI: 10.4236/iim.2025.173004, PP. 58-77

Keywords: Supply Chain Cybersecurity, Data Analytics, Risk Assessment, Vulnerability Identification, Third-Party Risk, Risk Management

Full-Text   Cite this paper   Add to My Lib

Abstract:

This research developed an all-rounded cyber risk assessment framework for supply chains, which focused on third-party vulnerabilities and security gaps that arise due to increasing digitalization. The objectives were to identify key cybersecurity vulnerabilities, profile third-party risks, and formulate actionable strategies to enhance resilience. Informed by research questions on principal vulnerabilities, managing third-party risk, and cybersecurity strategies that scale, this methodology combined data analytics and a literature review against aligned frameworks like the NIST Cybersecurity Framework and ISO/IEC 27001. Critical risks included noncompliance standards, ineffective sharing of data, malware threats, and disruption to operations because of system downtime. These would encompass proactive steps such as blockchain-based traceability, improved encryption protocols, and periodic third-party audits. Periodic risk assessments were recommended; IoT and blockchain were used for real-time supply chain visibility; cybersecurity training was provided to stakeholders; and sustainability was integrated within the risk management framework. The contribution resulted in the development of a safe and resilient digital ecosystem with practical solutions to protect organizations from cyber threats while business continuity was assured. Future research should go on to validate the framework in real-world contexts and address the implications of emerging technologies such as quantum computing and AI on supply chain cybersecurity.

References

[1]  Linton, J.D., Boyson, S. and Aje, J. (2014) The Challenge of Cyber Supply Chain Security to Research and Practice—An Introduction. Technovation, 34, 339-341.
https://doi.org/10.1016/j.technovation.2014.05.001
[2]  Manuj, I. and Mentzer, J.T. (2008) Global Supply Chain Risk Management Strategies. International Journal of Physical Distribution & Logistics Management, 38, 192-223.
https://doi.org/10.1108/09600030810866986
[3]  Luiijf, E., Besseling, K. and Graaf, P.D. (2013) Nineteen National Cyber Security Strategies. International Journal of Critical Infrastructures, 9, 3-31.
https://doi.org/10.1504/ijcis.2013.051608
[4]  Reade, C. (2009) Human Resource Management Implications of Terrorist Threats to Firms in the Supply Chain. International Journal of Physical Distribution & Logistics Management, 39, 469-485.
https://doi.org/10.1108/09600030910985820
[5]  Mu, R.P. and Fan, Y.G. (2014) Security in the Cyber Supply Chain: A Chinese Perspective. Technovation, 34, 385-386.
https://doi.org/10.1016/j.technovation.2014.02.004
[6]  Manzouri, M., Ab Rahman, M.N., Nasimi, F. and Arshad, H. (2013) A Model for Securing Sharing Information across the Supply Chain. American Journal of Applied Sciences, 10, 253-258.
https://doi.org/10.3844/ajassp.2013.253.258
[7]  Huong Tran, T.T., Childerhouse, P. and Deakins, E. (2016) Supply Chain Information Sharing: Challenges and Risk Mitigation Strategies. Journal of Manufacturing Technology Management, 27, 1102-1126.
https://doi.org/10.1108/jmtm-03-2016-0033
[8]  Linkov, I., Eisenberg, D.A., Plourde, K., Seager, T.P., Allen, J. and Kott, A. (2013) Resilience Metrics for Cyber Systems. Environment Systems and Decisions, 33, 471-476.
https://doi.org/10.1007/s10669-013-9485-y
[9]  Syed, N.F., Shah, S.W., Trujillo-Rasua, R. and Doss, R. (2022) Traceability in Supply Chains: A Cyber Security Analysis. Computers & Security, 112, Article ID: 102536.
https://doi.org/10.1016/j.cose.2021.102536
[10]  Alzahrani, A. and Asghar, M.Z. (2024) Cyber Vulnerabilities Detection System in Logistics-Based Iot Data Exchange. Egyptian Informatics Journal, 25, Article ID: 100448.
https://doi.org/10.1016/j.eij.2024.100448
[11]  Gani, A.B.D., Fernando, Y., Lan, S., Lim, M.K. and Tseng, M. (2022) Interplay between Cyber Supply Chain Risk Management Practices and Cyber Security Performance. Industrial Management & Data Systems, 123, 843-861.
https://doi.org/10.1108/imds-05-2022-0313
[12]  Layode, O., Naiho, H.N.N., Labake, T.T., Adeleke, G.S. and Johnson, E. (2024) Addressing Cybersecurity Challenges in Sustainable Supply Chain Management: A Review of Current Practices and Future Directions. International Journal of Management & Entrepreneurship Research, 6, 1954-1981.
https://doi.org/10.51594/ijmer.v6i6.1208
[13]  Zekhnini, K., Chaouni Benabdellah, A., Bag, S. and Gupta, S. (2024) Supply Chain 5.0 Digitalization: An Integrated Approach for Risk Assessment. Management Decision.
https://doi.org/10.1108/md-12-2023-2329
[14]  Hua, K., Levia, R., Yahaloma, R. and Zerhounia, E.G. (2022) Supply Chain Characteristics as Predictors of Cyber Risk: A Machine-Learning Assessment. International Journal of Unconventional Computing, 18, 115-144.
[15]  Khan, K. (2021) Developing a Framework for Smart Supply Chain Risk Assessment. MSc Thesis, Ryerson University.
[16]  Ozkan-Ozen, Y.D., Sezer, D., Ozbiltekin-Pala, M. and Kazancoglu, Y. (2022) Risks of Data-Driven Technologies in Sustainable Supply Chain Management. Management of Environmental Quality: An International Journal, 34, 926-942.
https://doi.org/10.1108/meq-03-2022-0051

Full-Text

Contact Us

service@oalib.com

QQ:3279437679

WhatsApp +8615387084133