Mitigating cyber supply chain risks in cyber physical systems organizational landscape

Yeboah-Ofori, Abel ORCID: and Opoku-Akyea, Daniel (2019) Mitigating cyber supply chain risks in cyber physical systems organizational landscape. In: 2019 International Conference on Cyber Security and Internet of Things (ICSIoT), 29-31 May 2019, Accra, Ghana.

Mitigating Cyber Supply Chain Risks in Cyber Physical Systems Organizational Landscape.pdf - Accepted Version

Download (666kB) | Preview


Cyber supply chain (CSC) provide an organization with the ability to align its business processes, information flows and data structures with other organization. However, the increase interdependencies have brought about inherent, threats, risks, attacks and vulnerabilities that adversaries maybe able to exploit when not properly mitigated. Additionally, every cyberattack on each organization increases the probability of the risk cascading to others. The CSC risk has increased exponentially due to uncertainties surrounding cyberattacks and the cyber threat landscape. Recent CSC threats have been disruptive and impacting on the smooth flow of delivery of products and services. CSC risk has been observed as one of the areas that impact greatly and causes budget overruns. The aim of this paper is to mitigate CSC risks in an organizational landscape. In particular, the paper identifies supply inbound and outbound chain threat landscape using a risk breakdown structure. Further, weassess the risk to gather cyber threat intelligence. Furthermore, we use the probability distribution method to determine the CSC risks and analyze the risk probabilities and likelihood of risk cascading impact. Our results show that CSC risk can be neutralized using probability distribution methods to detect and mitigate the risks and their impact levels.

Item Type: Conference or Workshop Item (Paper)
ISBN: 9781728174174
Identifier: 10.1109/ICSIoT47925.2019.00020
Page Range: pp. 74-81
Identifier: 10.1109/ICSIoT47925.2019.00020
Additional Information: © 2019 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.
Keywords: Cyber Supply Chain, Risk Mitigation, Threat Landscape, Cyber Physical System, Risk Management
Subjects: Computing > Information security > Cyber security
Related URLs:
Depositing User: Dr Abel Yeboah-Ofori
Date Deposited: 25 Jun 2021 15:54
Last Modified: 28 Aug 2021 07:15


Downloads per month over past year

Actions (login required)

View Item View Item