Professional Documents
Culture Documents
32 CYBER SECURITY IN SUPPLY CHAIN MANAGEMENT A Systematic Review
32 CYBER SECURITY IN SUPPLY CHAIN MANAGEMENT A Systematic Review
32 CYBER SECURITY IN SUPPLY CHAIN MANAGEMENT A Systematic Review
net/publication/350496787
CITATION READS
1 552
4 authors:
All content following this page was uploaded by Nik Syuhailah Nik Hussin on 24 July 2021.
Mohd Nasrulddin Abd Latif1 Nurul Ashykin Abd Aziz2, Nik Syuhailah Nik
Hussin2, Zuraimi Abdul Aziz2
1) Politeknik Mukah Sarawak, Sarawak, Malaysia, 2) Universiti Malaysia Kelantan, Kelantan, Malaysia
ABSTRACT. Background: Cyber security of supply chain is a part of its safety measure that focuses on the
management of the required cyber security that includes information technology systems, software, and networks. Supply
chain management has a high risk of being threatened by cyber terrorism, malware and data-theft. Common supply chain
cyber security activities are done to minimize risks including sole-purchase from trusted vendors, and disconnection of
critical machines from external networks.
Methods: The main data sources for this study are research articles published from 2010 to 2020 in a peer-reviewed
journal in the Web of Science and Scopus database. This study uses a systematic survey approach that is guided by
PRISMA Statement, where the current study shows the trend of cyber research security in supply chain management.
Results: The final screening shows 41 identified related articles that are related to cyber security in supply chain
management. This study also examined the publishing trends related to cyber security in supply chain management for
both WOS and Scopus databases. The analysis shows that the highest publishing value was in 2019, coming from the
Scopus database. In addition, four elements are covered in this study namely: (i) network security; (ii) information
security; (iii) web application security and (iv) internet of things (IoT).
Conclusions: In brief, some suggestions are proposed to provide guidance for future researchers to study deeper about
cyber security in supply chain management.
Key words: systematic review, supply chain, cyber security, network security, information security.
and integrity of a programme, network, and monitoring can be done through firewalls and
data from unauthorized and harmful access. intrusion detection systems. In detail, the web
Likewise, it refers to the process and application layer needs to be set up to ensure
technological body [Seemma, Nandhini, that it is safe from unauthorized users by
Sowmiya, 2018]. developing high-quality security mechanisms
for software development [Ge, Paige, Polack,
According to Miorandi et al. [2012], the Chivers, Brooke, 2006]. Web applications are
supply chain is now consolidated between an essential type of service provider and
organizations through digital communication communication channel for their users.
links due to digitization. In the supply chain, Vulnerability on the internet can have
all members become the weakest because of a detrimental effect and in turn, it affects all
the information and security arrangements that sensitive data.
are shared throughout the supply chain.
Meanwhile, Li et al. [2015], through their The systematic literature review is an
analysis found that information exchange, analysis of research questions formulated using
agility, and visibility increase through digital systematic methods that aims to collect
technology. However, there are some threats secondary data and efforts to identify, select
and risks that arise in this supply chain. and synthesize related studies to answer the
research questions. To build a relevant
There are investigative reports made on systematic overview, the current article is
data breaches where small organizations are guided by this key research question: "What is
often the target of cyber attacks due to their the focus field of cyber security in supply
size in the supply chain. As such, larger chain management?" This study's
companies are at risk of being exposed to concentration is to explore areas that have been
specific threats, which have contracts with explored by previous studies in the context of
these small organizations to produce particular cyber security in supply chain management,
products [Verizon, 2014]. There is no denying and this study also attempts to identify the
that there is an increase in the number of trends of articles published in the last 10 years
attackers, but the tools available to the (2010-2020). Therefore, the focus of this study
potential attackers are also becoming more is to study this problem systematically.
sophisticated and active [Kizza, 2013; Koien,
Oleshchuk, 2013]. Hence, Taneja [2013]
highlighted that the use of the cyber medium METHODOLOGY
and the internet could achieve its full potential
if it thrives from cyber vulnerabilities and For the present study, the method used to
threats. obtain related articles of cyber security in
supply chain management is discussed.
Yeboah-Ofori and Shareeful Islam [2019] Researchers have used key sources to search
described that cyber security within the supply for associated articles from the Web of Science
chain provides organizations with secure (WOS) and Scopus databases. Using the
network facilities to meet business objectives Preferred Reporting Items for Systematic
as a whole. Obviously, technological Reviews and Meta-Analyzes (PRISMA)
integration helps increase business processes, approach, the researchers conducted systematic
production productivity, and even reduce reviews such as eligibility criteria and
distribution costs. However, the increasing exclusions, process revision like introductory
interdependence between the various supply steps, examination and qualification. Next, it is
chain stakeholders has created many followed by data abstraction and article
challenges, including the lack of third-party analysis.
audit mechanisms and cyber threats. This has
also led to attacks such as design specification Research Design
manipulation, changes, and manipulation
during distribution activities. Hackers are also Systematic literature review is outlined on
seen targeting web applications, as they have the basis of important criteria from the
many networks. Thus, careful attention and
50
Latif M.N.A., Aziz N.A.A., Hussin N.S.N., Aziz Z.A., 2020. Cyber security in supply chain management: a
systematic review. LogForum 17 (1), 49-57. http://doi.org/10.17270/J.LOG.2021.555
51
,
Latif M.N.A., Aziz N.A.A., Hussin N.S.N., Aziz Z.A., 2020. Cyber security in supply chain management: a
systematic review. LogForum 17 (1), 49-57. http://doi.org/10.17270/J.LOG.2021.555
52
Latif M.N.A., Aziz N.A.A., Hussin N.S.N., Aziz Z.A., 2020. Cyber security in supply chain management: a
systematic review. LogForum 17 (1), 49-57. http://doi.org/10.17270/J.LOG.2021.555
53
,
Latif M.N.A., Aziz N.A.A., Hussin N.S.N., Aziz Z.A., 2020. Cyber security in supply chain management: a
systematic review. LogForum 17 (1), 49-57. http://doi.org/10.17270/J.LOG.2021.555
Their study also found that IoT can positively field of cyber security in supply chain
and significantly impact the integration of management.
internal processes, customers, and suppliers,
which affects supply chain and organization
performance. Mostafa, Hamdy, and Alawady CONCLUSION
[2018] highlighted that IoT is a new
technology that enables the connection of In brief, this study presents a systematic
several objects by collecting real-time data and review of existing literatures on the results of
sharing it; the information generated can then cyber security in supply chain management by
be used to support automated decision-making. reviewing study publications in the last ten
Phase and Mhetre [2018] described that IoT years. The reviews were sourced from two
infrastructure operates by assembling, databases namely Scopus and WoS, that
delivering information to track the position, produced 41 articles related to the field. This
quality, and timely delivery of goods. IoT survey provides scholars' views on the
today is used to track goods and predict the importance of cyber security in supply chain
situation to help protect and reduce losses. management. From the present study, it shows
Multifaceted algorithms happen due to the that the trend of cyber security research in
different supply chains. Lastly, 19.5% of the supply chain management is increasing and
statistics showed about other fields. getting more attention from scholars. This
present study discovered four main elements in
cyber security: i) network security; ii) web
RECOMMENDATIONS FOR application security; iii) internet of things; and
FUTURE RESEARCH iv) information security. Lastly, the majority of
the past studies focused on network security.
Based on the 41 final articles screened in Therefore, many studies related to cyber
the present study, the researchers found that security are needed in the future to provide
future studies can meet some constraints. First more understanding about the importance of
and foremost, cyber security is an essential cyber security for supply chain management in
factor in today’s supply chain management, an organization or business.
but most studies do not explain it further.
Researchers suggest that future studies explore
more about web security elements other than ACKNOWLEDGMENTS AND
those discovered in this study, namely web FUNDING SOURCE DECLARATION
application security, internet of things, network
security, and information security. By This research received no specific grant
exploring other elements in future studies, they from any funding agency in the public,
can explain more about the importance of commercial, or not-for-profit sectors.
establishing cyber security in supply chain
management. Secondly, most past studies
relied on keyword searching. This technique is REFERENCES
the most commonly used form of text search
on the web. Most search engines query and
Ardito L., Petruzzelli A. M., Panniello U.,
retrieve their texts using keywords [Rahman,
Garavelli A.C., 2019. Towards Industry
2013]. Nevertheless, another searching method
4.0: Mapping digital technologies for
includes citation searching. As claimed by
supply chain management-marketing
Fasco [2004], savvy searching means citation
integration. Business Process Management
searching. This search technique has long been
Journal, 25(2), 323–346.
used for decades. Moreover, Wright, Golder
http://doi.org/10.1108/BPMJ-04-2017-0088
and Rodriguez-Lopez [2014] claimed that
citation searching is an additional search Boyson S., 2014. Cyber supply chain risk
method for systematic review and it is useful to management: Revolutionizing the strategic
confirm findings in other reviews. Hence, control of critical IT systems. Technova-
future studies are proposed to use this tion, 34(7), 342–353.
technique to explore more search articles in the
54
Latif M.N.A., Aziz N.A.A., Hussin N.S.N., Aziz Z.A., 2020. Cyber security in supply chain management: a
systematic review. LogForum 17 (1), 49-57. http://doi.org/10.17270/J.LOG.2021.555
55
,
Latif M.N.A., Aziz N.A.A., Hussin N.S.N., Aziz Z.A., 2020. Cyber security in supply chain management: a
systematic review. LogForum 17 (1), 49-57. http://doi.org/10.17270/J.LOG.2021.555
system. Computer Standards and Interfaces, intrusion detection system using hybrid
56, 74–82. method. Journal of Theoretical and Applied
http://doi.org/10.1016/j.csi.2017.09.006 Information Technology, 98(12), 2078–
2091.
Rahman M., 2013. Search Engines Going
Beyond Keyword Search: A Survey. Taneja M., 2013. An Analytics Framework to
International Journal Pf Computer Detect Compromised IOT Devices Using
Applications, 75, 1–8. Mobility Behaviour. In ICT Convergence
(ICTC) on. IEEE, 38–43.
Ram J., Zhang Z., 2020. Belt and road
initiative (BRI) supply chain risks: Urquhart L., McAuley D., 2018. Avoiding the
propositions and model development. internet of insecure industrial things.
International Journal of Logistics Computer Law and Security Review, 34(3),
Management. 450–466.
http://doi.org/10.1108/IJLM-12-2019-0366 http://doi.org/10.1016/j.clsr.2017.12.004
SANS Technology Instirute. (2020). Wright K., Golder S., Rodriguez-Lopez R.,
Predictions and Trends for Information, 2014. Citation Searching: A Systematic
Computer and Network Security. Retrieved Review Case Study of Multiple Risk
from https://www.sans.edu/cyber-research Behaviour Interventions. Medical Research
Methodology, 14(73), 1–8.
Seemma P. ., Nandhini S., Sowmiya M., 2018.
Overview of Cyber Security. International Zhu J., 2020. A Tale of Two Databases: The
Journal of Advanced Research in Computer Use of Web of Science and Scopus in
and Communication Engineering, 7(11), Academic Papers. Forthcoming in
125–128. Scientometrics.
http://doi.org/10.17148/IJARCCE.2018.711
27
Tamy S., Belhadaoui H., Rabbah N., Rifi M.,
2020. Cyber security based machine
learning algorithms applied to industry 4.0
application case: Development of network
56
Latif M.N.A., Aziz N.A.A., Hussin N.S.N., Aziz Z.A., 2020. Cyber security in supply chain management: a
systematic review. LogForum 17 (1), 49-57. http://doi.org/10.17270/J.LOG.2021.555
Wnioski: Sformułowano kilka sugestii, które mogą być wskazówkami do dalszych badań nad bezpieczeństwem
cybernetycznym w zarządzaniu łańcuchem dostaw.
Słowa kluczowe: przegląd danych, łańcuch dostaw, bezpieczeństwo cybernetyczne, bezpieczeństwo sieci,
bezpieczeństwo informacji
57