What are the cyber vulnerabilities in supply chain management? How can firms manage cyber risk and cyber security challenges in procurement, manufacturing, and logistics?Today it is clear that supply chain is often the core area of a firm's cyber security vulnerability, and its first line of defense. This book brings together several experts from both industry and academia to shine light on this problem, and advocate solutions for firms operating in this new technological landscape.Specific topics addressed in this book include: defining the world of cyber space, understanding the connection between supply chain management and cyber security, the implications of cyber security and supply chain risk management, the 'human factor' in supply chain cyber security, the executive view of cyber security, cyber security considerations in procurement, logistics, and manufacturing among other areas.

This SpringerBrief introduces methodologies and tools for quantitative understanding and assessment of supply chain risk to critical infrastructure systems. It unites system reliability analysis, optimization theory, detection theory and mechanism design theory to study vendor involvement in overall system security. It also provides decision support for risk mitigation. This SpringerBrief introduces I-SCRAM, a software tool to assess the risk. It enables critical infrastructure operators to make risk-informed decisions relating to the supply chain, while deploying their IT/OT and IoT systems. The authors present examples and case studies on supply chain risk assessment/mitigation of modern connected infrastructure systems such as autonomous vehicles, industrial control systems, autonomous truck platooning and more. It also discusses how vendors of different system components are involved in the overall security posture of the system and how the risk can be mitigated through vendor selection and diversification. The specific topics in this book include: Risk modeling and analysis of IoT supply chains Methodologies for risk mitigation, policy management, accountability, and cyber insurance Tutorial on a software tool for supply chain risk management of IoT These topics are supported by up-to-date summaries of the authors’ recent research findings. The authors introduce a taxonomy of supply chain security and discusses the future challenges and directions in securing the supply chains of IoT systems. It also focuses on the need for joint policy and technical solutions to counter the emerging risks, where technology should inform policy and policy should regulate technology development. This SpringerBrief has self-contained chapters, facilitating the readers to peruse individual topics of interest. It provides a broad understanding of the emerging field of cyber supply chain security in the context of IoT systems to academics, industry professionals and government officials.

Supply chains are experiencing a seismic shift towards customer-centricity and sustainability and the challenges that are bound to arise will require innovative solutions. The escalating complexities of logistics, exacerbated by the profound impacts of the pandemic, underscore the urgency for a paradigm shift. Every industry is grappling with unprecedented disruptions from shortages in essential components to workforce deficits. Navigating Cyber Threats and Cybersecurity in the Logistics Industry serves as a beacon of insight and solutions in this transformative landscape. This groundbreaking book, a result of an in-depth study evaluating 901 startups and scale-ups globally, delves into the Top Logistics Industry Trends & Startups. It unveils the pivotal role of the Insights Discovery Platform, powered by Big Data and Artificial Intelligence, covering over 2 million startups and scale-ups worldwide. This platform offers an immediate and comprehensive assessment of innovations, facilitating the early identification of startups and scale-ups that hold the key to revolutionizing logistics.

Recently, supply chains (SCs) are applying information technology to enable data sharing among suppliers, instant access to information, and complete tracking of products. With more Cybersecurity risks present, such as theft of information, service interruptions, and financial resources risks, the vulnerability of systems is increased. The management of supply chain Cybersecurity, which encompasses information systems, software, and infrastructure, is the emphasis of the supply chain's safety measure. There are several serious danger that attack supply chain systems. Most SC Cybersecurity procedures are used to reduce the threats posed by vulnerabilities to those processes. Researchers have mostly concentrated on supply chain-related cyber physical system (CPS) issues. This study makes attempts to classify and evaluates the Cybersecurity insecurities of supply chains. In addition, this work provides an update of the analytic hierarchy process (AHP) method called α-discounting multi-criteria decision-making (α-D MCDM), which enables a more uniform assessment of supply chain cyber insecurities. This paper suggests using the α-D MCDM in various ways to address various supply chain evaluation problems.

Every industry has faced the tidal wave of 'digital' that has either re-shaped or dramatically altered their modus operandi. Supporting technologies in the management information systems arena have given rise to increased end to end visibility, real time access to information, and tightly controlled monitoring of deployed assets. In many industries it is straightforward to see the impact that digital technologies have had. Finance is a great example, with cash payments becoming increasingly less and less common, and digital currencies increasing in prominence. Yet how has this impacted supply chain management? In a discipline that spans multiple industries, continents, and companies, are there examples that we can point to that explain how digital supply chains have become? Which aspects of supply chain management were transformed by the digital tidal wave, and which functions are lagging behind? This is what this volume seeks to address.Trends: what are the current trends in digital (or digitalization) supply chain management? Ideally, these trends will include all aspects of the supply chain. That is, how has the digital revolution impacted sourcing? What are the digital trends in the logistics, warehousing, and distribution industry? How has 'digital' impacted the operations and manufacturing industry? Challenges: where are the diminishing returns to digital and its inclusion in the supply chain? Are there problems related to procurement and sourcing as the digital revolution takes hold? Are logistics challenges compounded in a digital world? Is manufacturing more streamlined or are there additional complexities that need to be addressed?Solutions: Are the challenges all too overwhelming, or are there remedies that we can advance to cope with an ever increasingly digital world?

This book presents a new threat modelling approach that specifically targets the hardware supply chain, covering security risks throughout the lifecycle of an electronic system. The authors present a case study on a new type of security attack, which combines two forms of attack mechanisms from two different stages of the IC supply chain. More specifically, this attack targets the newly developed, light cipher (Ascon) and demonstrates how it can be broken easily, when its implementation is compromised with a hardware Trojan. This book also discusses emerging countermeasures, including anti-counterfeit design techniques for resources constrained devices and anomaly detection methods for embedded systems.

The book presents the concepts of ICT supply chain risk management from the perspective of NIST IR 800-161. It covers how to create a verifiable audit-based control structure to ensure comprehensive security for acquired products. It explains how to establish systematic control over the supply chain and how to build auditable trust into the products and services acquired by the organization. It details a capability maturity development process that will install an increasingly competent process and an attendant set of activities and tasks within the technology acquisition process. It defines a complete and correct set of processes, activities, tasks and monitoring and reporting systems.