Defending digital supply chains: Evidence from a decade-long research program. (December 2022)
- Record Type:
- Journal Article
- Title:
- Defending digital supply chains: Evidence from a decade-long research program. (December 2022)
- Main Title:
- Defending digital supply chains: Evidence from a decade-long research program
- Authors:
- Boyson, Sandor
Corsi, Thomas M.
Paraskevas, John-Patrick - Abstract:
- Abstract: Digital Supply Chains (DSCs) are highly integrated global internet communities of customers, distributors, producers, and suppliers. DSCs have increasingly incorporated Internet of Things (IoT) innovations such as field sensors and real time condition monitoring; and have served as effective platforms for IoT technology diffusion. However, as IoT has become more pervasive, pushing the edges of networks further out, new cyber threat windows have opened everywhere. More recently, Cyber-Supply Chain Risk Management (C-SCRM) has emerged as a critical discipline combining expertise from cybersecurity, supply chain management and enterprise risk management; and designed to stem the proliferation of digital supply chain attacks seeking illicit access to corporate networks for competitive espionage, financial and intellectual property theft, and disruption of operations. Yet to date, there has been little evidence that C-SCRM practices are actually effective in containing all or even some types of breaches. Our decade-long research provides the first statistical analysis of the effects on an organization's breach profile based on the extent of its adoption of policies and practices defined within the U.S. National Institute of Standards and Technology (NIST) 's Cybersecurity Framework, increasingly the de-facto global C-SCRM standard. Our analysis determined that there were specific Framework activity areas and sets of policies/practices within those activity areas thatAbstract: Digital Supply Chains (DSCs) are highly integrated global internet communities of customers, distributors, producers, and suppliers. DSCs have increasingly incorporated Internet of Things (IoT) innovations such as field sensors and real time condition monitoring; and have served as effective platforms for IoT technology diffusion. However, as IoT has become more pervasive, pushing the edges of networks further out, new cyber threat windows have opened everywhere. More recently, Cyber-Supply Chain Risk Management (C-SCRM) has emerged as a critical discipline combining expertise from cybersecurity, supply chain management and enterprise risk management; and designed to stem the proliferation of digital supply chain attacks seeking illicit access to corporate networks for competitive espionage, financial and intellectual property theft, and disruption of operations. Yet to date, there has been little evidence that C-SCRM practices are actually effective in containing all or even some types of breaches. Our decade-long research provides the first statistical analysis of the effects on an organization's breach profile based on the extent of its adoption of policies and practices defined within the U.S. National Institute of Standards and Technology (NIST) 's Cybersecurity Framework, increasingly the de-facto global C-SCRM standard. Our analysis determined that there were specific Framework activity areas and sets of policies/practices within those activity areas that strongly correlated with more effective control of specific breach types. Our findings lay the foundation for an evidence-based approach to mastering IT network vulnerabilities and defending global digital supply chains. Highlights: Digital Supply Chains (DSCs) are integrated global internet communities of customers, distributors, producers, and suppliers. DSCs have incorporated Internet of Things (IoT) innovations such as field sensors and real time condition monitoring. Cyber-Supply Chain Risk Management (C-SCRM), combines expertise from cybersecurity, supply chain and risk management. Our research is the first analysis of the effects of C-SCRM adoption on an organization's breach profile. Our findings provide an evidence-based approach to mastering IT network vulnerabilities and defending digital supply chains. … (more)
- Is Part Of:
- Technovation. Volume 118(2022)
- Journal:
- Technovation
- Issue:
- Volume 118(2022)
- Issue Display:
- Volume 118, Issue 2022 (2022)
- Year:
- 2022
- Volume:
- 118
- Issue:
- 2022
- Issue Sort Value:
- 2022-0118-2022-0000
- Page Start:
- Page End:
- Publication Date:
- 2022-12
- Subjects:
- Digital supply chains -- Internet of things (IoT) -- Cybersecurity -- Risk management -- Cyber supply chain risk management (C-SCRM)
Technological innovations -- Periodicals
Industrial management -- Periodicals
Innovations -- Périodiques
Gestion d'entreprise -- Périodiques
Electronic journals
658.57 - Journal URLs:
- http://www.sciencedirect.com/science/journal/01664972 ↗
http://www.elsevier.com/journals ↗ - DOI:
- 10.1016/j.technovation.2021.102380 ↗
- Languages:
- English
- ISSNs:
- 0166-4972
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - 8761.150000
British Library DSC - BLDSS-3PM
British Library HMNTS - ELD Digital store - Ingest File:
- 24156.xml