An Impact-Wave Analogy for Managing Cyber Risks in Supply Chains

P.J.G. Guerra; Daniel Alberto Sepúlveda Estay

doi:10.1109/IEEM.2018.8607563

An Impact-Wave Analogy for Managing Cyber Risks in Supply Chains

P.J.G. Guerra, Daniel Alberto Sepúlveda Estay

Technical University of Denmark

Research output: Chapter in Book/Report/Conference proceeding › Article in proceedings › Research › peer-review

314 Downloads (Orbit)

Abstract

Supply chains are dependent on Information Technology (IT) and cyberspace processes. Yet, despite the advantages of its increased connectivity and systems integration with suppliers and customers, this also opens the door to new risks from and to supply chain partners. Literature in this nascent research area is limited, with few frameworks available to complement traditional risk management methods. This paper shows the current results of a literature review on the field of supply chain cyber risk management (SCCRM), with the aim of gathering and structuring its extant literature and proposing a taxonomy that will give a better overview of the approaches found in the scientific literature. This taxonomy is then used to propose a novel SCCRM framework. Finally, a novel Impact-Wave analogy is presented to provide a graphical understanding of the application of this framework.

Original language	English
Title of host publication	2018 IEEE International Conference on Industrial Engineering and Engineering Management (IEEM)
Number of pages	5
Publisher	IEEE
Publication date	2019
ISBN (Electronic)	978-1-5386-6786-6
DOIs	https://doi.org/10.1109/IEEM.2018.8607563
Publication status	Published - 2019
Event	2018 IEEE International Conference on Industrial Engineering and Engineering Management - Bangkok, Thailand Duration: 16 Dec 2018 → 19 Dec 2018 https://ieeexplore.ieee.org/xpl/conhome/8589962/proceeding

Conference

Conference	2018 IEEE International Conference on Industrial Engineering and Engineering Management
Country/Territory	Thailand
City	Bangkok
Period	16/12/2018 → 19/12/2018
Internet address	https://ieeexplore.ieee.org/xpl/conhome/8589962/proceeding

Access to Document

10.1109/IEEM.2018.8607563

FulltextAccepted author manuscript, 378 KB

OpenUrl availability

Full text

CyberShip: Cyber Resilience for the Shipping Industry (CyberShip)
Barfod, M. B. (Project Manager), Psaraftis, C. (Project Participant), Jensen, C. D. (Project Participant), Sepúlveda Estay, D. A. (Project Participant) & Sahay, R. (Project Participant)
01/09/2017 → 29/05/2020
Project: Research

File

An Impact-Wave Analogy for Managing Cyber Risks in Supply Chains
Sepúlveda Estay, D. A. (Guest lecturer)
17 Dec 2018
Activity: Talks and presentations › Conference presentations

File

Cite this

@inproceedings{52d60539c0ec445b83985a6b370dd698,

title = "An Impact-Wave Analogy for Managing Cyber Risks in Supply Chains",

abstract = "Supply chains are dependent on Information Technology (IT) and cyberspace processes. Yet, despite the advantages of its increased connectivity and systems integration with suppliers and customers, this also opens the door to new risks from and to supply chain partners. Literature in this nascent research area is limited, with few frameworks available to complement traditional risk management methods. This paper shows the current results of a literature review on the field of supply chain cyber risk management (SCCRM), with the aim of gathering and structuring its extant literature and proposing a taxonomy that will give a better overview of the approaches found in the scientific literature. This taxonomy is then used to propose a novel SCCRM framework. Finally, a novel Impact-Wave analogy is presented to provide a graphical understanding of the application of this framework.",

author = "P.J.G. Guerra and {Sep{\'u}lveda Estay}, {Daniel Alberto}",

year = "2019",

doi = "10.1109/IEEM.2018.8607563",

language = "English",

booktitle = "2018 IEEE International Conference on Industrial Engineering and Engineering Management (IEEM)",

publisher = "IEEE",

address = "United States",

note = "2018 IEEE International Conference on Industrial Engineering and Engineering Management, IEEM 2018 ; Conference date: 16-12-2018 Through 19-12-2018",

url = "https://ieeexplore.ieee.org/xpl/conhome/8589962/proceeding",

}

Guerra, PJG & Sepúlveda Estay, DA 2019, An Impact-Wave Analogy for Managing Cyber Risks in Supply Chains. in 2018 IEEE International Conference on Industrial Engineering and Engineering Management (IEEM). IEEE, 2018 IEEE International Conference on Industrial Engineering and Engineering Management, Bangkok, Thailand, 16/12/2018. https://doi.org/10.1109/IEEM.2018.8607563

TY - GEN

T1 - An Impact-Wave Analogy for Managing Cyber Risks in Supply Chains

AU - Guerra, P.J.G.

AU - Sepúlveda Estay, Daniel Alberto

PY - 2019

Y1 - 2019

N2 - Supply chains are dependent on Information Technology (IT) and cyberspace processes. Yet, despite the advantages of its increased connectivity and systems integration with suppliers and customers, this also opens the door to new risks from and to supply chain partners. Literature in this nascent research area is limited, with few frameworks available to complement traditional risk management methods. This paper shows the current results of a literature review on the field of supply chain cyber risk management (SCCRM), with the aim of gathering and structuring its extant literature and proposing a taxonomy that will give a better overview of the approaches found in the scientific literature. This taxonomy is then used to propose a novel SCCRM framework. Finally, a novel Impact-Wave analogy is presented to provide a graphical understanding of the application of this framework.

AB - Supply chains are dependent on Information Technology (IT) and cyberspace processes. Yet, despite the advantages of its increased connectivity and systems integration with suppliers and customers, this also opens the door to new risks from and to supply chain partners. Literature in this nascent research area is limited, with few frameworks available to complement traditional risk management methods. This paper shows the current results of a literature review on the field of supply chain cyber risk management (SCCRM), with the aim of gathering and structuring its extant literature and proposing a taxonomy that will give a better overview of the approaches found in the scientific literature. This taxonomy is then used to propose a novel SCCRM framework. Finally, a novel Impact-Wave analogy is presented to provide a graphical understanding of the application of this framework.

U2 - 10.1109/IEEM.2018.8607563

DO - 10.1109/IEEM.2018.8607563

M3 - Article in proceedings

BT - 2018 IEEE International Conference on Industrial Engineering and Engineering Management (IEEM)

PB - IEEE

T2 - 2018 IEEE International Conference on Industrial Engineering and Engineering Management

Y2 - 16 December 2018 through 19 December 2018

ER -

An Impact-Wave Analogy for Managing Cyber Risks in Supply Chains

Abstract

Conference

Access to Document

OpenUrl availability

Fingerprint

Projects

CyberShip: Cyber Resilience for the Shipping Industry (CyberShip)

Activities

An Impact-Wave Analogy for Managing Cyber Risks in Supply Chains

Cite this