Managing supply chain risk and disruption from IT security incidents

Deane, Jason K.; Ragsdale, Cliff T.; Rakes, Terry R.; Rees, Loren Paul

doi:10.1007/s12063-009-0018-2

Cited by 43 publications

(22 citation statements)

References 10 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Sawik, 2013). Deane et al (2009) developed a model of risk within a supply chain by developing a mixed integer programming model in the form of a network flow problem (Deane et al, 2009). Other models have taken a more operational perspective by introducing stochastic methods in petri-net models (e.g.…”

Section: Past Models Of Risk Measurementmentioning

confidence: 99%

An analytical framework for supply network risk propagation: A Bayesian network approach

Garvey

Carnovale

Yeniyurt

2015

European Journal of Operational Research

227

171

View full text Add to dashboard Cite

Section: Past Models Of Risk Measurementmentioning

confidence: 99%

An analytical framework for supply network risk propagation: A Bayesian network approach

Garvey

Carnovale

Yeniyurt

2015

European Journal of Operational Research

227

171

View full text Add to dashboard Cite

“…The cyber risk of deliberate assaults falls into two categories -direct attacks and indirect attacks. The first category comprises acts such as hacking attacks (Deane et al, 2009;Khursheed et al, 2016;Sharma and Routroy, 2016;Boone, 2017), denial-of-service (Faisal et al, 2007;Deane et al, 2010) or password sniffing (Warren and Hutchinson, 2000) for financial gains. Several authors, for example, Faisal et al (2007) and Tran et al (2016), include the risks of industrial espionage or compromises to intellectual property, under direct attack.…”

Section: Indirect and Direct Attacksmentioning

confidence: 99%

“…In connection with these acts of thoughtlessness, the literature also reports incidents in which employees consciously misuse or even sabotage a company's information. For example, opportunistic misuse of confidential data (Deane et al, 2009) or a premeditated personal vendetta against an employer (Sharma and Routroy, 2016). As the employee cyber threat is internal, whether deliberate or accidental, this is termed an insider threat.…”

Section: Insider Threatmentioning

confidence: 99%

See 1 more Smart Citation

Managing cyber risk in supply chains: a review and research agenda

Ghadge

Weiß

Caldwell

et al. 2019

SCM

View full text Add to dashboard Cite

Purpose In spite of growing research interest in cyber security, inter-firm based cyber risk studies are rare. Therefore, this study aims to investigate cyber risk management in supply chain contexts. Design/methodology/approach Adapting a systematic literature review process, papers from interdisciplinary areas published between 1990 and 2017 were selected. Different typologies, developed for conducting descriptive and thematic analysis, were established using data mining techniques to conduct a comprehensive, replicable and transparent review. Findings The review identifies multiple future research directions for cyber security/resilience in supply chains. A conceptual model is developed, which indicates a strong link between information technology, organisational and supply chain security systems. The human/behavioural elements within cyber security risk are found to be critical; however, behavioural risks have attracted less attention because of a perceived bias towards technical (data, application and network) risks. There is a need for raising risk awareness, standardised policies, collaborative strategies and empirical models for creating supply chain cyber-resilience. Research limitations/implications Different types of cyber risks and their points of penetration, propagation levels, consequences and mitigation measures are identified. The conceptual model developed in this study drives an agenda for future research on supply chain cyber security/resilience. Practical implications A multi-perspective, systematic study provides a holistic guide for practitioners in understanding cyber-physical systems. The cyber risk challenges and the mitigation strategies identified support supply chain managers in making informed decisions. Originality/value To the best of the authors’ knowledge, this is the first systematic literature review on managing cyber risks in supply chains. The review defines supply chain cyber risk and develops a conceptual model for supply chain cyber security systems and an agenda for future studies.

show abstract

“…A lot of scholars recently indicate uncertainty as a risk factor of supply chain [1,[12][13][14][15][16][17][18]. Regarding such uncertainty in supply chain, Hur et al [2] make mention of the complexity of products as a determinant factor of supply chain structure, and Kim and Ham [19] mention that the types of products, the number of distribution centers and plants, and the types of transportation vehicles are the factors to increase complexity.…”

Section: Complexity Of Supply Chainmentioning

confidence: 99%

A Mathematical Approach to Supply Complexity Management Efficiency Evaluation for Supply Chain

Kim

2015

Mathematical Problems in Engineering

View full text Add to dashboard Cite

This study aims to identify the factors of complexity due to the globalization of supply chain and to measure the management efficiency of the factors which cause the supply complexity within supply chain. This study conducts an analysis to utilize linear programming and bootstrapping, targeting 12 Korean companies among the selected companies in Fortune Global 500. According to the results from the analysis, 4 companies with relatively high management efficiency of the factors which cause the supply complexity and 8 companies with relatively low management efficiency are found. The research findings reveal that public companies with the small number of products, factories, and providers relatively manage the supply complexity compared to private companies. Moreover, this study suggests projection point as a direction for relatively less efficient companies and excess quantity of input which should reduce for its achievement. This study also has an implication to establish a further standard of efficiency to manage the supply complexity for companies.

show abstract

Managing supply chain risk and disruption from IT security incidents

Cited by 43 publications

References 10 publications

An analytical framework for supply network risk propagation: A Bayesian network approach

An analytical framework for supply network risk propagation: A Bayesian network approach

Managing cyber risk in supply chains: a review and research agenda

A Mathematical Approach to Supply Complexity Management Efficiency Evaluation for Supply Chain

Contact Info

Product

Resources

About