Cyber security risks in globalized supply chains: conceptual framework

The purpose of this study is to examine cyber security risks in globalized supply chains (SCs). It has been seen to have a greater impact on the performance of SCs. The information and communication technology of a firm, which enhances the efficiency and effectiveness in the SC, could simultaneously be the cause of vulnerabilities and exposure to security threats. Researchers have primarily focussed on the cyber-physical system (CPS) vulnerabilities impacting SC. This paper tries to categorize the cyber security risks occurring because of the SCs operating in CPS.,Based on the flow of information along the upstream and downstream SC, this paper tries to identify cyber security risks in the global SCs. It has further tried to categorize these cyber security risks from a strategic point of view.,This paper tries to identify the various cyber security risk and cyber-attacks in globalized SC for improving the performance. The 16 cyber security risks have been categorized into three categories, namely, supply risk, operational risk and demand risk. The paper proposes a framework consisting of different cyber-attacks across the information that flows in global SCs along-with suitable mitigation strategies.,The paper presents the conceptual model of cyber security risks and cyber-attacks in globalized SCs based on literature review and industry experts. Further validation and scale development of these risks can be done through empirical study.,This paper provides significant managerial insights by developing a framework for understanding the cyber security risks in terms of the drivers of these risks and how to deal with them. From a managerial perspective, this framework can be used as a decision-making process while considering different cyber security risks across the stages of globalized SCs.,The major contribution of this study is the identification and categorization of cyber security risks across the global SCs in the digital age. Thus, this paper introduces a new phenomenon to the field of management that has the potential to investigate new areas of future research. Based on the categorization, the paper provides insights on how cyber security risks impact the continuity of SC operations.

[1]  Veer Shivajee,et al.  Manufacturing conversion cost reduction using quality control tools and digitization of real-time data , 2019, Journal of Cleaner Production.

[2]  S. Mangla,et al.  Applications of information and communication technology for sustainable growth of SMEs in India food industry , 2019, Resources, Conservation and Recycling.

[3]  R. Singh,et al.  Evaluation of supply chain coordination index in context to Industry 4.0 environment , 2019, Benchmarking: An International Journal.

[4]  Claudia Colicchia,et al.  Managing cyber and information risks in supply chains: insights from an exploratory analysis , 2019, Supply Chain Management: An International Journal.

[5]  Shareeful Islam,et al.  Cyber Security Threat Modeling for Supply Chain Organizational Environments , 2019, Future Internet.

[6]  Evi Hartmann,et al.  Impact of IoT challenges and risks for SCM , 2019, Supply Chain Management: An International Journal.

[7]  M. Christopher,et al.  The self-thinking supply chain , 2019, Supply Chain Management: An International Journal.

[8]  G. Antoniou,et al.  Supply chain risk management and artificial intelligence: state of the art and future research directions , 2018, Int. J. Prod. Res..

[9]  Konstantinos Psounis,et al.  Security Pricing as Enabler of Cyber-Insurance A First Look at Differentiated Pricing Markets , 2016, IEEE Transactions on Dependable and Secure Computing.

[10]  Shareeful Islam,et al.  An Integrated Cyber Security Risk Management Approach for a Cyber-Physical System , 2018, Applied Sciences.

[11]  Eric Armengaud,et al.  Industry 4.0 as Digitalization over the Entire Product Lifecycle: Opportunities in the Automotive Domain , 2017, EuroSPI.

[12]  Li Zhao,et al.  Development of a hybrid fresh food supply chain risk assessment model , 2017, Int. J. Prod. Res..

[13]  Vinod Kumar,et al.  Path Analysis Model for Supply Chain Risk Management , 2017, Int. J. Inf. Syst. Supply Chain Manag..

[14]  Fengjun Li,et al.  Cyber-Physical Systems Security—A Survey , 2017, IEEE Internet of Things Journal.

[15]  Jan Simota,et al.  Aspects of Risk Management Implementation for Industry 4.0 , 2017 .

[16]  Christian Kreiner,et al.  Integrated design for tackling safety and security challenges of smart products and digital manufacturing , 2017 .

[17]  Nir Kshetri,et al.  Creation, deployment, diffusion and export of Sub-Saharan Africa-originated information technology-related innovations , 2016, Int. J. Inf. Manag..

[18]  Rolf H. Weber,et al.  Cybersecurity in the Internet of Things: Legal aspects , 2016, Comput. Law Secur. Rev..

[19]  K. Govindan,et al.  Critical success factors for reverse logistics in Indian industries: a structural model , 2016 .

[20]  Nir Kshetri,et al.  Big data's role in expanding access to financial services in China , 2016, Int. J. Inf. Manag..

[21]  Luca Urciuoli,et al.  What are the causes of transport insecurity? Results from a survey with transport operators , 2016 .

[22]  Dirk Schaefer,et al.  On Servitization of the Manufacturing Industry in the UK , 2016 .

[23]  Anjali Kaushik,et al.  State transgression on electronic expression: is it for real? , 2015, Inf. Comput. Secur..

[24]  Anna Ståhlbröst,et al.  Leveraging Living Lab Innovation Processes through Crowdsourcing , 2015 .

[25]  R. Garud,et al.  The Disruptor’s Dilemma: TiVo and the U.S. Television Ecosystem , 2015 .

[26]  V. Venkatesh,et al.  Analysis on supply chain risks in Indian apparel retail chains and proposal of risk prioritization model using Interpretive structural modeling , 2015 .

[27]  T. Cheng,et al.  Joint supply chain risk management: An agency and collaboration perspective , 2015 .

[28]  Luca Urciuoli,et al.  Cyber-Resilience: A Strategic Approach for Supply Chain Management , 2015 .

[29]  William Ho,et al.  Supply chain risk management: a literature review , 2015 .

[30]  H. Boyes Cybersecurity and Cyber-Resilient Supply Chains , 2015 .

[31]  L. Urciuoli The resilience of energy supply chains: a multiple case study approach on oil and gas supply chains to Europe , 2014 .

[32]  Sandor Boyson,et al.  Cyber supply chain risk management: Revolutionizing the strategic control of critical IT systems , 2014 .

[33]  K. Govindan,et al.  Barriers to green supply chain management in Indian mining industries: a graph theoretic approach , 2013 .

[34]  Vipul Jain,et al.  Quantifying risks in a supply chain through integration of fuzzy AHP and fuzzy TOPSIS , 2013 .

[35]  A. Satir,et al.  Supply chain risk management – II: A review of operational, financial and integrated approaches , 2013 .

[36]  Toni Männistö,et al.  Supply Chain Cyber Security – Potential Threats , 2013 .

[37]  Qian Li,et al.  The Study on the Risk Management of Agricultural Products Green Supply Chain Based on Systematic Analysis , 2012, 2012 Second International Conference on Business Computing and Global Informatization.

[38]  Imrich Chlamtac,et al.  Internet of things: Vision, applications and research challenges , 2012, Ad Hoc Networks.

[39]  Ravinder Kumar,et al.  Supply Chain Management in SMEs: a case study , 2012, Int. J. Manuf. Res..

[40]  Jelena V. Vlajic,et al.  A framework for designing robust food supply chains , 2012, International Journal of Production Economics.

[41]  Angappa Gunasekaran,et al.  Drivers, barriers and critical success factors for ERPII implementation in supply chains: A critical analysis , 2011, J. Strateg. Inf. Syst..

[42]  V. Tummala,et al.  Assessing and Managing Risks Using the Supply Chain Risk Management Process (SCRMP) , 2011 .

[43]  Dave Evans,et al.  How the Next Evolution of the Internet Is Changing Everything , 2011 .

[44]  P. Datta,et al.  THE CONTRIBUTION OF THIRD‐PARTY INDICES IN ASSESSING GLOBAL OPERATIONAL RISKS;* , 2010 .

[45]  Sri Krishna Kumar,et al.  Minimisation of supply chain cost with embedded risk using computational intelligence approaches , 2010 .

[46]  David Thomas,et al.  State of the art in supply chain risk management research: empirical and conceptual findings and a roadmap for the implementation in practice , 2010, Logistics Research.

[47]  L. Urciuoli Supply chain security—mitigation measures and a logistics multi-layered framework , 2010 .

[48]  A. Hameri,et al.  Assessing the drivers of change for cross‐border supply chains , 2009 .

[49]  Shimon Y. Nof,et al.  Conflict resolution in supply chain security , 2009 .

[50]  Thomas J. Goldsby,et al.  Supply chain risks: a review and typology , 2009 .

[51]  J. Mentzer,et al.  Global supply chain risk management strategies , 2008 .

[52]  Jason Seawright,et al.  Case Selection Techniques in Case Study Research , 2008 .

[53]  Nukala Viswanadham,et al.  Analytical Framework for the Management of Risk in Supply Chains , 2007, IEEE Transactions on Automation Science and Engineering.

[54]  Kathleen M. Eisenhardt,et al.  Theory Building From Cases: Opportunities And Challenges , 2007 .

[55]  Stephan M. Wagner,et al.  An empirical investigation into supply chain vulnerability , 2006 .

[56]  H. Peck Reconciling supply chain vulnerability, risk and supply chain management , 2006 .

[57]  Ravi Shankar,et al.  IT-enablement of supply chains: understanding the barriers , 2005, J. Enterp. Inf. Manag..

[58]  R. Norman The Insider Threat , 2004 .

[59]  J. Hallikas,et al.  Risk management processes in supplier networks , 2004 .

[60]  J. R. Carter,et al.  An analysis of supply risk assessment techniques , 2004 .

[61]  Angappa Gunasekaran,et al.  Implementation of EDI in Hong Kong: an empirical analysis , 2004, Ind. Manag. Data Syst..

[62]  M. Christopher,et al.  Supply chain risk management: outlining an agenda for future research , 2003 .

[63]  Andrew Popp,et al.  Information flow in automotive supply chains - identifying and learning to overcome barriers to change , 2003, Ind. Manag. Data Syst..

[64]  G. Zsidisin,et al.  An Agency Theory Investigation of Supply Risk M anagement , 2003 .

[65]  Martin J. Eppler Managing Information Quality , 2003 .

[66]  T. Simatupang,et al.  THE COLLABORATIVE SUPPLY CHAIN. , 2002 .

[67]  J. Rowley Using case studies in research , 2002 .

[68]  Y. Sheffi Supply Chain Management Under The Threat Of International Terrorism , 2001 .

[69]  M. E. Johnson,et al.  Learning from Toys: Lessons in Managing Supply Chain Risk from the Toy Industry , 2001 .

[70]  Göran Svensson,et al.  A conceptual framework for the analysis of vulnerability in supply chains , 2000 .

[71]  Zach G. Zacharia,et al.  The nature of interfirm partnering in supply chain management , 2000 .

[72]  Marie Karakanian,et al.  Are Human Resources Departments Ready for E-HR? , 2000, Inf. Syst. Manag..

[73]  G. Prem Premkumar,et al.  Interorganization Systems and Supply Chain Management: An Information Processing Perspective , 2000, Inf. Syst. Manag..

[74]  Hau L. Lee,et al.  Information sharing in a supply chain , 2000, Int. J. Manuf. Technol. Manag..

[75]  Robert A. Simons How risky is your company? , 1999, Harvard business review.

[76]  David F. Pyke,et al.  Exploiting timely demand information to reduce inventories , 1996 .

[77]  V. Mitchell Organizational Risk Perception and Reduction: A Literature Review , 1995 .

[78]  J. Frank Yates,et al.  The risk construct. , 1992 .

[79]  J. March,et al.  Managerial perspectives on risk and risk taking , 1987 .

[80]  V. Mahajan,et al.  Risk/Return Performance of Diversified Firms , 1985 .

[81]  Cynthia A. Montgomery,et al.  Corporate economic performance: Diversification strategy versus market structure , 1981 .

[82]  W. Beaver Financial Ratios As Predictors Of Failure , 1966 .