Search results

When Dr. Rhodes Boyson was appointed Parliamentary Secretary at the Department of Education & Science, terror stalked the land. But then came the glad tidings that he was not to be in charge of the schools, unlike previous Parliamentary Secretaries; and there was rejoicing, at least among schoolteachers and informed parents. The martinet of Highbury Grove (less well‐known in his earlier role at Robert Montefiore) was not to be unleashed upon innocent children. That task would go to the Lady Young, whose lack of proven knowledge was at least balanced by her lack of known prejudice. Dr. Boyson would be reserved for higher education, about which he was deemed to have neither knowledge nor prejudice, never having hitherto pronounced upon the subject. There he could do little harm.

The purpose of this paper is to explore how companies approach the management of cyber and information risks in their supply chain, what initiatives they adopt to this aim, and to what extent along the supply chain. In fact, the increasing level of connectivity is transforming supply chains, and it creates new opportunities but also new risks in the cyber space. Hence, cyber supply chain risk management (CSCRM) is emerging as a new management construct. The ultimate aim is to help organizations in understanding and improving the CSCRM process and cyber resilience in their supply chains.

This research relied on a qualitative approach based on a comparative case study analysis involving five large multinational companies with headquarters, or branches, in the UK.

Results highlight the importance for CSCRM to shift the viewpoint from the traditional focus on companies’ internal information technology (IT) infrastructure, able to “firewall themselves” only, to the whole supply chain with a cross-functional approach; initiatives for CSCRM are mainly adopted to “respond” and “recover” without a well-rounded approach to supply chain resilience for a long-term capacity to adapt to changes according to an evolutionary approach. Initiatives are adopted at a firm/dyadic level, and a network perspective is missing.

This paper extends the current theory on cyber and information risks in supply chains, as a combination of supply chain risk management and resilience, and information risk management. It provides an analysis and classification of cyber and information risks, sources of risks and initiatives to managing them according to a supply chain perspective, along with an investigation of their adoption across the supply chain. It also studies how the concept of resilience has been deployed in the CSCRM process by companies. By laying the first empirical foundations of the subject, this study stimulates further research on the challenges and drivers of initiatives and coordination mechanisms for CSCRM at a supply chain network level.

Results invite companies to break the “silos” of their activities in CSCRM, embracing the whole supply chain network for better resilience. The adoption of IT security initiatives should be combined with organisational ones and extended beyond the dyad. Where applicable, initiatives should be bi-directional to involve supply chain partners, remove the typical isolation in the CSCRM process and leverage the value of information. Decisions on investments in CSCRM should involve also supply chain managers according to a holistic approach.

A supply chain perspective in the existing scientific contributions is missing in the management of cyber and information risk. This is one of the first empirical studies dealing with this interdisciplinary subject, focusing on risks that are now very high in the companies’ agenda, but still overlooked. It contributes to theory on information risk because it addresses cyber and information risks in massively connected supply chains through a holistic approach that includes technology, people and processes at an extended level that goes beyond the dyad.

To investigate the status of third party logistics (3PL) in Mexico and the feasibility of 3PL as a global, uniform strategy.

A survey among firms located in the central part of Mexico, followed by a comparison of the results with data from existing 3PL studies of Europe and the USA.

3PL seems a common but “low profile” practice among large Mexican firms. Only a third outsources more than three functions, which are mostly supportive and operational. Compared to Mexico, 3PL use is higher in Europe and USA. Firms in Europe and USA focus more on tactical, integrated functions and cost reduction when using 3PL while Mexican firms aim for improved customer service and concentration on core activities. The lack of competitive local providers makes 3PL expensive and may favour larger, international providers.

The results warrant additional surveys of Mexico and other developing regions, preferably using a unique survey design and covering more SME's. Case studies are needed to further investigate how multinational firms manage the 3PL decision process on different organizational and regional levels.

Uniform, global 3PL strategies should be considered with care: what may work in Europe may not work in Mexico or the USA. Outsourcing should be seen as a means and not as an end. Mexican firms can use 3PL successfully yet achieve different ends than European firms. Mexico's large SME market offers opportunities for providers of 3PL services.

This is the first thorough study about outsourcing logistics practices in Mexico, which adds a Latin‐American perspective to the very few 3PL studies conducted in developing regions. In addition, the comparison of Mexican outsourcing practice with practices across the USA and Europe offers a cross‐cultural view on 3PL and identifies the need for further mapping of expectations and conditions related to effective outsourcing of logistics in other regions.

I hope I may be forgiven if I return to an old and favourite theme: the fees charged and about to be charged to overseas students in Britain for higher education. My excuse for doing so is that Ministers do exactly the same; perhaps because of a guilty conscience, or perhaps because they have a sneaking feeling that there is a gap of logic in the reasoning behind their policies which they cannot quite pinpoint. Thus the Parliamentary Secretary at DES, Dr. Boyson, recently justified the Government's policies on charging so‐called ‘economic fees’ from next September with the argument that the growth in overseas students in the 1970s was equivalent to the provision of three middle‐sized universities. Since he was addressing the National Union of Students it is doubtful if the argument cut much ice, but it is worth examination nonetheless.

The contribution of this study aims to twofold: First, it provides an overview of the current state of research on cyberattacks on Chinese supply chains (SCs). Second, it offers a look at the Chinese Government’s approach to fighting cyberattacks on Chinese SCs and its calls for global governance.

A comprehensive literature review was conducted on Clarivate Analytics’ Web of Science, in Social Sciences Citation Index journals, Scopus and Google Scholar, published between 2010–2021. A systematic review of practitioner literature was also conducted.

Chinese SCs have become a matter of national security, especially in the era of cyber warfare. The risks to SC have been outlined. Cybersecurity regulations are increasing as China aims to build a robust environment for cyberspace development. Using the Technology-organization-environment (TOE) framework, the results show that the top five factors influencing the adoption process in firms are as follows: relative advantage and technological readiness (Technology context); top management support and firm size (Organization context) and government policy and regulations (Environment context).

This review focuses on cyberattacks on Chinese SCs and great care was taken when selecting search terms. However, the author acknowledges that the choice of databases/terms may have excluded a few articles on cyberattacks from this review.

This review provides managerial insights for SC practitioners into how cyberattacks have the potential to disrupt the global SC network.

Past researchers proposed a taxonomic approach to evaluate progress with SC integration into Industry 4.0; in contrast, this study is one of the first steps toward an enhanced understanding of cyberattacks on Chinese SCs and their contribution to the global SC network using the TOE framework.

The purpose of this paper is to explore the perceptions of supply chain managers regarding the elements that make up cyber supply chain risk management (CSCRM) and the related level of alignment, to understand how organizations can deploy a CSCRM strategy that goes beyond the technical, internal functioning of single companies and moves beyond the dyad, to create a better alignment that can ultimately lead to improved cyber supply chain resilience.

An exploratory survey in the fast-moving consumer goods (FMCG) industry involving over 100 organizations in Italy was conducted. Results were analysed through one-way analysis of variance, to appraise the differences in the perceptions of the various actors of the FMCG supply chain (Manufacturers, Logistics Service Providers, Retailers).

While a certain degree of alignment of the perceptions across the FMCG supply chain exists, the study found that Logistics Service Providers can play a crucial role as orchestrators of the CSCRM process towards a more “supply chain-oriented” response to cyber threats and risk events. The research also highlights the necessity to see people as key elements for improving cyber resilience in the supply chain.

Through a vertical analysis of a supply chain, the study extends the existing theory on CSCRM, which contains isolated case studies. It also contributes to extending the current theory with the proposal of the paradigm of Logistics Service Providers as orchestrators of the CSCRM process. The study combines different classifications of CSCRM initiatives and embraces theories external to the supply chain literature.

Through the empirical analysis, this study helps practitioners in streamlining the design of cyber security strategies and actions that span across the supply chain for better alignment. This could mean more coordination of efforts and more targeted/accurate investments in CSCRM initiatives. The study invites practitioners to ponder the perceived relevance of the human factor as a source of risk and the perceived importance of countermeasures aimed at mitigating risk events stemming from that source.

By focusing on an entire supply chain, this is one of the first studies on CSCRM that goes beyond the dyad. Its originality also lies in its use of the investigations of perceptions along the supply chain as pillars for the alignment of CSCRM strategies and mitigation initiatives. This original perspective allows for discovering the role of Logistics Service Providers in driving the alignment of the efforts towards better outcomes of the CSCRM process.

In spite of growing research interest in cyber security, inter-firm based cyber risk studies are rare. Therefore, this study aims to investigate cyber risk management in supply chain contexts.

Adapting a systematic literature review process, papers from interdisciplinary areas published between 1990 and 2017 were selected. Different typologies, developed for conducting descriptive and thematic analysis, were established using data mining techniques to conduct a comprehensive, replicable and transparent review.

The review identifies multiple future research directions for cyber security/resilience in supply chains. A conceptual model is developed, which indicates a strong link between information technology, organisational and supply chain security systems. The human/behavioural elements within cyber security risk are found to be critical; however, behavioural risks have attracted less attention because of a perceived bias towards technical (data, application and network) risks. There is a need for raising risk awareness, standardised policies, collaborative strategies and empirical models for creating supply chain cyber-resilience.

Different types of cyber risks and their points of penetration, propagation levels, consequences and mitigation measures are identified. The conceptual model developed in this study drives an agenda for future research on supply chain cyber security/resilience.

A multi-perspective, systematic study provides a holistic guide for practitioners in understanding cyber-physical systems. The cyber risk challenges and the mitigation strategies identified support supply chain managers in making informed decisions.

To the best of the authors’ knowledge, this is the first systematic literature review on managing cyber risks in supply chains. The review defines supply chain cyber risk and develops a conceptual model for supply chain cyber security systems and an agenda for future studies.

The purpose of this paper is to test how integrative mechanisms, including information sharing and process coordination, influence logistics outsourcing, and how logistics outsourcing influence performance from an extended RBV perspective.

The structural equation modeling (SEM) method is used to examine the proposed model, based on data collected from 361 companies in greater China.

Integrative mechanisms are helpful for logistics outsourcing (basic, customized, and advanced outsourcing). Specially, information sharing contributes to customized and advanced outsourcing, but has no significant effect on basic outsourcing. In contrast, process coordination improves basic and advanced outsourcing, but insignificantly influences customized outsourcing. Besides, each type of logistics outsourcing has differently effects on 3PL users’ performance. This study contributes to 3PL theories and practices.

This study empirically examines the antecedents and the outcomes of logistics outsourcing, contributing to 3PL literature and practices.

The purpose of this paper is to explore supply chain collaboration issues in the extended enterprise (EE) to develop a more complete understanding of the nature and effectiveness of collaboration in the transition towards, but also within, the EE paradigm.

The paper presents results from a three‐company case study focusing on the civil aerospace industry, with all companies taking part in an EE. The research involved obtaining and systematically analysing a diversity of interview data and company documents to assist in the development of theory, which was subject to a systematic validation process.

The authors propose a taxonomy, which, first, assists in understanding the transition towards the EE and supports a distinction between sets of factors that affect the effectiveness of collaboration, termed the “contractual” and “engaging” factors. Second, it assists in understanding the dynamic, complex nature of the EE paradigm and suggests a further breakdown of the “engaging” factors into “enabling” and “enhancing” sub‐sets.

The taxonomy assists in comprehending the EE concept and can also help to provide a road map in the transition towards and development within this paradigm. The description of the factors and their interrelationships suggest key areas that managers may wish to consider to enhance the effectiveness of collaboration among participant organisations.

This is an empirically‐based paper that presents new understanding about the EE paradigm, focussing especially on the effectiveness of collaboration among members, and using a multidisciplinary approach which draws upon strategic, operations and knowledge management fields.