Developing a Comprehensive Cyber Risk Assessment Framework for Supply Chains: Insights into Third-Party Vulnerabilities and Security Gaps ()
ABSTRACT
This research developed an all-rounded cyber risk assessment framework for supply chains, which focused on third-party vulnerabilities and security gaps that arise due to increasing digitalization. The objectives were to identify key cybersecurity vulnerabilities, profile third-party risks, and formulate actionable strategies to enhance resilience. Informed by research questions on principal vulnerabilities, managing third-party risk, and cybersecurity strategies that scale, this methodology combined data analytics and a literature review against aligned frameworks like the NIST Cybersecurity Framework and ISO/IEC 27001. Critical risks included noncompliance standards, ineffective sharing of data, malware threats, and disruption to operations because of system downtime. These would encompass proactive steps such as blockchain-based traceability, improved encryption protocols, and periodic third-party audits. Periodic risk assessments were recommended; IoT and blockchain were used for real-time supply chain visibility; cybersecurity training was provided to stakeholders; and sustainability was integrated within the risk management framework. The contribution resulted in the development of a safe and resilient digital ecosystem with practical solutions to protect organizations from cyber threats while business continuity was assured. Future research should go on to validate the framework in real-world contexts and address the implications of emerging technologies such as quantum computing and AI on supply chain cybersecurity.
Share and Cite:
Almohaimeed, M. , Albalwy, F. , Alharbi, R. , Alqarni, A. and Aljohani, A. (2025) Developing a Comprehensive Cyber Risk Assessment Framework for Supply Chains: Insights into Third-Party Vulnerabilities and Security Gaps.
Intelligent Information Management,
17, 58-77. doi:
10.4236/iim.2025.173004.
Cited by
No relevant information.