https://orcid.org/0000-0003-4958-189X
![Sample our Economics, Finance,Business & Industry journals, sign in here to start your access, latest two full volumes FREE to you for 14 days]({"type":"image" , "src" : "/sda/5931/TOC-Subject-Sample-2021-Economics-Finance-Business-Industry.jpg"})
Abstract
Recent cybersecurity breaches have highlighted the resulting economic, political, and social effects. These incidents highlight that cybersecurity is now a supply chain issue. This should not be surprising given the interconnected digital world that defines organisational ecosystems. Due to their relative ‘newness’, coupled with the complexity of both supply chains and cybersecurity, there is lack of clarity and gaps in the current knowledge base regarding cybersecurity across the supply chain. At the same time, this issue is of critical importance to both practitioners and researchers, and thus needs to be structured in such a way to facilitate a common understanding of what cybersecurity across the supply chain cybersecurity entails and the subsequent research opportunities. Thus, the primary objective of this paper is to develop a research framework for cybersecurity across the supply chain to guide future research. An exploratory research methodology was applied, which relied on multiple sources to develop the research framework, including structured literature reviews, anecdotal evidence, interviews with subject matter experts, and external validation by both practitioners and researchers. The paper concludes by identifying areas that demand further research and with a call for more research on cybersecurity across the supply chain.
Acknowledgements
The authors of this article would like to recognise the contributions and suggestions offered by not only the reviewers but also Dr. Elizabeth Connors, Department of Accounting and Information Systems, the Eli Broad College of Business, Michigan State University.
Disclosure statement
No potential conflict of interest was reported by the author(s).
Data Availability Statement
Data sharing is not applicable to this article as no new data were created or analyzed in this study.
Notes
1 The CMMC or the Cybersecurity Maturity Model Certification is a new cybersecurity programme being introduced and promoted by the United States Department of Defense to address cybersecurity concerns within the supply chain. It builds on existing regulation (DFARS 252.204-7012) by adding a verification component to cybersecurity. The intent is for all firms seeking this certification to be audited by certified independent third-party organisations (Office of the Under Secretary of Defense for Acquisition & Sustainment, 2020).
Additional information
Notes on contributors
Steven A. Melnyk
Steven A. Melnyk (Ph.D., Western –1981) is Professor of Supply Chain Management at Michigan State University. He has co-authored 21 books, over 100 refereed journal articles and numerous practitioner articles. His research focus includes supply chain risk and resilience, strategic supply chain management, supply chain cyber security, and certified management standards. Dr. Melnyk sits on the editorial review board for numerous journals. From 2014 to 2016, Dr. Melnyk was a member of the APICS Board of Directors. From 2017 to 2019, Dr. Melnyk had a joint appointment from the University of Newcastle (Australia) where he was the Newcastle Global Innovation Chair in Supply Chain Management. In 2017, the Academy of Management - the Operations and Supply Chain Division -- recognized Dr. Melnyk as a Distinguished Scholar in the field. Dr. Melnyk is recognized for this ability to bridge the gap between theory and practice. In 2018, Dr. Melnyk received the Withrow Teacher-Scholar Award from the Eli Broad School of Business, Michigan State University, in recognition of his work as both a researcher and a teacher.
Tobias Schoenherr
Tobias Schoenherr is the Hoagland-Metzler Endowed Professor of Purchasing and Supply Management in the Eli Broad College of Business at Michigan State University. He holds a PhD in Operations Management and Decision Sciences from Indiana University, Bloomington. His research focuses on buyer-supplier relationships, especially at the intersection of the themes of innovation, technology, sustainability and globalization. He has published more than 75 journal articles in outlets such as Management Science, Journal of Operations Management, Production and Operations Management, Decision Sciences, Journal of Marketing Research, and Journal of Supply Chain Management. He is currently serving as the Co-Editor-in-Chief for the International Journal of Operations and Production Management and is an Associate Editor for the Journal of Operations Management, Decision Sciences and the Journal of Purchasing and Supply Management.
Cheri Speier-Pero
Dr. Cheri Speier-Pero is the Ernst & Young Professor in Accounting and Information Systems, and currently serves as Associate Dean for Undergraduate Programs in the Eli Broad College of Business at Michigan State University. Dr. Speier-Pero received her Ph.D. in Management Information Systems from Indiana University in 1996. Previously, she was a regional sales manager for industrial robotics, information technology and data collection systems. She has published articles in a breadth of disciplines including journals such as MIS Quarterly, Decision Sciences, Organizational Behavior and Human Decision Processes, the Journal of Operations Management, the Journal of Marketing, International Journal of Human and Computer Studies, Information and Management among others. Dr. Speier-Pero’s primary research interests include the influence of work environments on decision making, individual acceptance and use of technology, applied predictive analytics, and the effective use of information technology to support supply chain relationships. She has served as the Editor-in-Chief at Decision Sciences having previously served as Senior and Associate Editor. She has also served as an Associate Editor at IEEE journals and a reviewer for several leading journals, such as Management Information Systems, Information Systems Research, and Management Science, among others. Dr. Speier-Pero has been a member of research teams receiving funding from the National Science Foundation (online learning) and the Department of Homeland Security (supply chain and information technology initiatives to protect the food supply). She has also received research grants from IBM and Dow Chemical to extend the Homeland Security grant into other industries. Dr. Speier-Pero is a Filene Fellow and in that role serves as the Research Director for the Center of Excellence for Data Analytics and the Future of Financial Services. At Michigan State, Dr. Speier-Pero teaches enterprise information systems at the undergraduate and graduate levels and a marketing/business analytics course in the Masters of Science in Business Analytics program. She also teaches in a variety of executive education programs at Michigan State University and has served as a consultant to both Hertz Corporation and Nokia. Dr. Speier-Pero was awarded the MSU University-wide Teacher Scholar award in 2001 and the Broad College Withrow Award in 2015 recognizing her excellence in teaching and research. She has also won departmental research and teaching awards.
Chris Peters
Chris Peters is the founder and CEO of the Lucrum Group, a company focused on helping firms improve the design, assembly, and coordination of complex manufacturing supply chains. Chris Peters has expertise in the areas of supply chain interoperability, cybersecurity for manufacturing, and accelerating adoption. His work has been documented in several books and publications, ranging from The Wall Street Journal to BusinessWeek and IndustryWeek. As Executive Director of the U.S. Partnership for Assured Electronics, Chris is responsible for establishing and growing this organization that helps ensure the U.S. Government has access to resilient and trusted electronics supply chains. Chris is also a frequent speaker and has written several papers on defense manufacturing supply chains and the defense industrial base. Earlier in his career, Chris co-founded MetalSite, the world's first industry-backed online manufacturing marketplace, funded by five of the country's largest metals producers. He has created similar manufacturing consortia in 20 industries throughout North America, Europe and Asia, fundamentally changing the way that supply chain partners interact.
Jeff F. Chang
Jeff F.Chang (BS, Long Island University; MS, University of Denver), CPIM, CISM is a Lockheed Martin Fellow in the Resilient Digital Environment and Supply Chain Management organizations where he specializes in Supply Chain Risk Management (SCRM) and Cyber-SCRM (C-SCRM). He leads a Cyber Governance, Risk and Compliance (GRC) team dedicated to minimizing cyber-driven business impact and supply chain disruptions through effective SCRM Center of Excellence, supplier cyber posture monitoring & regulatory compliance assurance, cyber incident investigation & remediation, supply chain threats & vulnerability management and program information protection. Jeff has 30+ years of career experience in supply chain, supply chain cybersecurity, process optimization, systems engineering, and business transformation; with the past 10 years focused specifically on supply chain cybersecurity. Jeff has held multiple technical leadership positions within Lockheed Martin and the Defense Industry; examples are Chief Systems Engineer, Chief IT Architect, Program Manager, Fellow and chair of NDIA Supply Chain Cyber committee. As a trained Lean Six Sigma Master Black Belt (MBB), Jeff is also an active Lean Six Sigma practitioner.
Derek Friday
Dr. Derek Friday is a Lecturer of Management at The University of Newcastle Australia. He holds a PhD in Management from the University of Newcastle, and a Master of Science in Procurement and Supply Chain Management from Makerere University. He is a Chartered Member of Chartered Institute of Logistics and Transport Australia (CILTA) and serves as an executive member in the CILTA Hunter Chapter executive management committee. Derek’s primary expertise is in logistics and supply chain management and has a combined experience of over 10 years as a university academic and industry practitioner. For the foreseeable future, Derek aims to collaborate with national and international academics and industry experts to establish the role next-generation cyber defence technologies and interfirm collaboration capabilities as requisites for cyber-resilient ecosystems key combating the evolving supply chain cyberthreat environment.