Cyberattacks as threats in supply chains

Abstract

PURPOSE: The purpose of this study is to investigate how cyber threats in supply chains are identified and assessed, with a particular focus on evaluating the utility of threat maps as tools for this purpose.

DESIGN/METHODOLOGY/APPROACH: This research defines and classifies various types of cyberattacks, providing examples from real-world supply chain disruptions. A bibliometric analysis was conducted using the Web of Science (WoS) database, focusing on open-access materials from the past five years. The search included the terms "supply chain," "threats," "cyber," and "cyberattack." Additionally, secondary data from Statista were reviewed, and a pilot study utilising Check Point's ThreatMap was performed.

FINDINGS: The study reveals that cyberattacks pose a significant threat to supply chains, but there is limited research in the fields of management and economics on this topic. The findings highlight gaps in understanding which countries and industries are most vulnerable, as well as the frequency of attack types. The analysis also uncovered discrepancies in the data from threat maps, suggesting these tools may not provide a comprehensive view of actual attack incidents.

PRACTICAL IMPLICATIONS: This research underscores the importance of developing real-time data tools for tracking cyber threats. It also suggests that healthcare and government sectors are particularly vulnerable to cyberattacks, and that future studies should examine the role of AI in enhancing supply chain security.

ORIGINALITY/VALUE: The study identifies a gap in existing research on cyber threats in supply chains, particularly regarding the most affected industries and countries. It also provides insights into the limitations of threat maps and the need for interdisciplinary approaches, combining management, economics, and computer science, to ensure supply chain resilience.