Cyber Third-Party Risk Management: A Comparison of Non-Intrusive Risk Scoring Reports

Keskin, Omer F.; Caramancion, Kevin Matthe; Tatar, Irem; Raza, Owais; Tatar, Unal

doi:10.3390/electronics10101168

Cited by 20 publications

(8 citation statements)

References 30 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The impact of cyberattacks on SC goes beyond the organization and may transfer to cities and countries, as it happened in China, or even to the complete continent. From a managerial standpoint, another important concept that emerges in this study is Cyber Third-Party Risk Management, which sheds light on the fact that risks for the organizations can come from inside the company and also from a third party, supplier or customer (Keskin et al, 2021).…”

Section: Discussionmentioning

confidence: 99%

Eleven years of cyberattacks on Chinese supply chains in an era of cyber warfare, a review and future research agenda

Pérez-Morón

2021

JABS

View full text Add to dashboard Cite

Purpose The contribution of this study aims to twofold: First, it provides an overview of the current state of research on cyberattacks on Chinese supply chains (SCs). Second, it offers a look at the Chinese Government’s approach to fighting cyberattacks on Chinese SCs and its calls for global governance. Design/methodology/approach A comprehensive literature review was conducted on Clarivate Analytics’ Web of Science, in Social Sciences Citation Index journals, Scopus and Google Scholar, published between 2010–2021. A systematic review of practitioner literature was also conducted. Findings Chinese SCs have become a matter of national security, especially in the era of cyber warfare. The risks to SC have been outlined. Cybersecurity regulations are increasing as China aims to build a robust environment for cyberspace development. Using the Technology-organization-environment (TOE) framework, the results show that the top five factors influencing the adoption process in firms are as follows: relative advantage and technological readiness (Technology context); top management support and firm size (Organization context) and government policy and regulations (Environment context). Research limitations/implications This review focuses on cyberattacks on Chinese SCs and great care was taken when selecting search terms. However, the author acknowledges that the choice of databases/terms may have excluded a few articles on cyberattacks from this review. Practical implications This review provides managerial insights for SC practitioners into how cyberattacks have the potential to disrupt the global SC network. Originality/value Past researchers proposed a taxonomic approach to evaluate progress with SC integration into Industry 4.0; in contrast, this study is one of the first steps toward an enhanced understanding of cyberattacks on Chinese SCs and their contribution to the global SC network using the TOE framework.

show abstract

Section: Discussionmentioning

confidence: 99%

Eleven years of cyberattacks on Chinese supply chains in an era of cyber warfare, a review and future research agenda

Pérez-Morón

2021

JABS

View full text Add to dashboard Cite

show abstract

“…Malware [33] Web Application Attacks [26][44] Supply Chain Attacks [53] Third-party and vendor risks [53] Zero-day Vulnerabilities [50] Social Engineering This dimension encompasses threats that Phishing [30] and Deceptive Threats Dimension rely on manipulation and deceit, often involving the impersonation of legitimate entities or processes Deepfakes and Disinformation [51] Account Takeover Threats [87] Disruptive Threats Dimension Threats within this dimension are designed to interrupt services and infrastructure, often causing significant operational impact Distributed Denial of Service [30] Cryptojacking [50]…”

Section: Advancedmentioning

confidence: 99%

“…Third-Party Risk Management [53] Banks must assess the security posture of thirdparty vendors and partners, ensuring that they adhere to the same security standards to prevent potential supply chain attacks.…”

Section: Regular Audits and Penetrationmentioning

confidence: 99%

Cyber Threats Classifications and Countermeasures in Banking and Financial Sector

Darem,

Alhashmi,

Alkhaldi

et al. 2023

IEEE Access

View full text Add to dashboard Cite

The banking and financial sector has always been a prime target for cyber threats due to the critical nature of the information they handle. With the increasing dependence on technology and digital transformation, the sector is facing more complex and sophisticated threats from cybercriminals. The banking sector serves as the backbone of a country's economy, interlinked with various other sectors like petroleum, mining, health, and industry. Any significant damage to the banking sector can send shockwaves through the entire economic landscape. Therefore, cyber threat classifications play a crucial role in risk management and provide a valuable framework for understanding and responding to cyber threats. Understanding the potential impact of a cyber-attack helps organisations assess the risks they face and develop appropriate risk mitigation strategies. The purpose of this research paper is to provide a comprehensive analysis of cyber threats in the banking and financial sectors, including identifying common threats, their nature and character to help in classification. One of the significant contributions of this research paper is to classify cyber threats to the banking and financial sectors based on their severity and technicality. This classification helps to identify the appropriate countermeasures required to mitigate the risks of each type of threat. Furthermore, the paper explores the technical, non-technical, organizational countermeasures and the legal and regulatory measures used to protect financial transactions from cyber threats. This research work delves into the challenges and limitations of cyber threat classifications, focusing specifically on those confronting the banking and financial sector in their pursuit of robust cybersecurity. Additionally, it analyses recent trends and developments in the field, highlighting the evolving nature of cyber threats to banking. The most significant challenge is the rapidly evolving nature of cyber threats, making it challenging to keep up with the latest trends and technologies.

show abstract

“…Regarding third-Party dependencies, civil registration systems may rely on third-party vendors or service providers for certain functionalities or infrastructure [177]. Managing the security of these external dependencies can be challenging since organizations have limited control over the security practices of third parties [178]- [180]. It is essential to conduct thorough vendor assessments and establish clear contractual agreements to ensure the security and privacy [181] of the system.…”

Section: Issues With Current Countermeasures Against Security Breache...mentioning

confidence: 99%

Security challenges in civil registration: safeguarding vital information in an evolving landscape

Peter Kennedy Okoth

2023

World J. Adv. Res. Rev.

View full text Add to dashboard Cite

Civil registration is a fundamental process that captures vital events such as births, deaths, marriages, and divorces, enabling governments to create accurate demographic databases and deliver essential services to their citizens. However, in today's digital age, civil registration systems face numerous security challenges that jeopardize the integrity and confidentiality of vital information. This paper highlights some of the key security challenges encountered in civil registration systems and outlines potential strategies to address them. Firstly, the digitization of civil registration processes has opened new avenues for cyber threats. Malicious actors may attempt to compromise the security of databases, manipulate or steal vital records, or disrupt services through cyberattacks. Robust cybersecurity measures, including encryption, firewalls, intrusion detection systems, and regular security audits, are essential to safeguard sensitive data and ensure the continuity of civil registration operations. Secondly, the issue of identity theft poses a significant challenge to civil registration security. Fraudulent practices, such as the creation of fake identities or the alteration of existing records, can undermine the trustworthiness of the system and lead to the misallocation of resources. The implementation of identity verification mechanisms, such as biometrics or unique identifiers, can enhance the accuracy and integrity of civil registration data while reducing the risk of identity fraud. Thirdly, ensuring the privacy and confidentiality of individuals' personal information is critical in civil registration systems. With the increasing digitization and interconnectedness of data, there is a heightened risk of unauthorized access or data breaches. Strong data protection regulations, robust access controls, and encryption techniques can help mitigate these risks, fostering public trust and confidence in civil registration processes. Moreover, the challenge of inclusivity must be addressed to ensure the effectiveness and reliability of civil registration systems. Marginalized populations, including refugees, migrants, and those residing in remote areas, may face barriers in accessing civil registration services, leaving them vulnerable to identity-related challenges. Deploying mobile registration units, leveraging innovative technologies, and promoting community engagement are strategies that can improve inclusivity and extend the benefits of civil registration to all individuals.

show abstract

Cyber Third-Party Risk Management: A Comparison of Non-Intrusive Risk Scoring Reports

Cited by 20 publications

References 30 publications

Eleven years of cyberattacks on Chinese supply chains in an era of cyber warfare, a review and future research agenda

Eleven years of cyberattacks on Chinese supply chains in an era of cyber warfare, a review and future research agenda

Cyber Threats Classifications and Countermeasures in Banking and Financial Sector

Security challenges in civil registration: safeguarding vital information in an evolving landscape

Contact Info

Product

Resources

About