Sie befinden Sich nicht im Netzwerk der Universität Paderborn. Der Zugriff auf elektronische Ressourcen ist gegebenenfalls nur via VPN oder Shibboleth (DFN-AAI) möglich. mehr Informationen...
Digital Supply Chains (DSCs) are highly integrated global internet communities of customers, distributors, producers, and suppliers. DSCs have increasingly incorporated Internet of Things (IoT) innovations such as field sensors and real time condition monitoring; and have served as effective platforms for IoT technology diffusion. However, as IoT has become more pervasive, pushing the edges of networks further out, new cyber threat windows have opened everywhere. More recently, Cyber-Supply Chain Risk Management (C-SCRM) has emerged as a critical discipline combining expertise from cybersecurity, supply chain management and enterprise risk management; and designed to stem the proliferation of digital supply chain attacks seeking illicit access to corporate networks for competitive espionage, financial and intellectual property theft, and disruption of operations. Yet to date, there has been little evidence that C-SCRM practices are actually effective in containing all or even some types of breaches. Our decade-long research provides the first statistical analysis of the effects on an organization’s breach profile based on the extent of its adoption of policies and practices defined within the U.S. National Institute of Standards and Technology (NIST) ‘s Cybersecurity Framework, increasingly the de-facto global C-SCRM standard. Our analysis determined that there were specific Framework activity areas and sets of policies/practices within those activity areas that strongly correlated with more effective control of specific breach types. Our findings lay the foundation for an evidence-based approach to mastering IT network vulnerabilities and defending global digital supply chains.
•Digital Supply Chains (DSCs) are integrated global internet communities of customers, distributors, producers, and suppliers.•DSCs have incorporated Internet of Things (IoT) innovations such as field sensors and real time condition monitoring.•Cyber-Supply Chain Risk Management (C-SCRM), combines expertise from cybersecurity, supply chain and risk management.•Our research is the first analysis of the effects of C-SCRM adoption on an organization’s breach profile.•Our findings provide an evidence-based approach to mastering IT network vulnerabilities and defending digital supply chains.