Paper Type
Complete
Paper Number
PACIS2025-1390
Description
Small and Medium-sized Enterprises (SMEs) are vital to the global supply chain but are highly vulnerable to cyberattacks. This is because SMEs struggle to balance productivity and operational efficiency with cybersecurity. This paper aims to: 1) document and explore how larger companies support their SME suppliers in cybersecurity and 2) offer practical guidance to companies that are interested or considering different approaches to enhance third-party security in their supply chain. Using interviews and focus groups with companies at the forefront of supply chain cybersecurity, this research collected data on specific programs and mechanisms used to assist suppliers. Findings were categorized into six actionable strategies that managers could use to strengthen supplier engagement and mitigate third-party cyber risks. Based on these findings, the article provides managers and practitioners three key recommendations for more effective supplier engagement and contributes to the overall development of secure supply chain ecosystems.
Recommended Citation
Kwong, Jillian and Pearlson, Keri, "Building a Resilient Supply Chain: Collaborative Approaches to Small and Medium-sized Enterprise (SME) Cybersecurity" (2025). PACIS 2025 Proceedings. 2.
https://aisel.aisnet.org/pacis2025/is_praction/is_praction/2
Building a Resilient Supply Chain: Collaborative Approaches to Small and Medium-sized Enterprise (SME) Cybersecurity
Small and Medium-sized Enterprises (SMEs) are vital to the global supply chain but are highly vulnerable to cyberattacks. This is because SMEs struggle to balance productivity and operational efficiency with cybersecurity. This paper aims to: 1) document and explore how larger companies support their SME suppliers in cybersecurity and 2) offer practical guidance to companies that are interested or considering different approaches to enhance third-party security in their supply chain. Using interviews and focus groups with companies at the forefront of supply chain cybersecurity, this research collected data on specific programs and mechanisms used to assist suppliers. Findings were categorized into six actionable strategies that managers could use to strengthen supplier engagement and mitigate third-party cyber risks. Based on these findings, the article provides managers and practitioners three key recommendations for more effective supplier engagement and contributes to the overall development of secure supply chain ecosystems.
Comments
Practitioner