Purpose

The purpose of this paper is to explore the perceptions of supply chain managers regarding the elements that make up cyber supply chain risk management (CSCRM) and the related level of alignment, to understand how organizations can deploy a CSCRM strategy that goes beyond the technical, internal functioning of single companies and moves beyond the dyad, to create a better alignment that can ultimately lead to improved cyber supply chain resilience.

Design/methodology/approach

An exploratory survey in the fast-moving consumer goods (FMCG) industry involving over 100 organizations in Italy was conducted. Results were analysed through one-way analysis of variance, to appraise the differences in the perceptions of the various actors of the FMCG supply chain (Manufacturers, Logistics Service Providers, Retailers).

Findings

While a certain degree of alignment of the perceptions across the FMCG supply chain exists, the study found that Logistics Service Providers can play a crucial role as orchestrators of the CSCRM process towards a more “supply chain-oriented” response to cyber threats and risk events. The research also highlights the necessity to see people as key elements for improving cyber resilience in the supply chain.

Research limitations/implications

Through a vertical analysis of a supply chain, the study extends the existing theory on CSCRM, which contains isolated case studies. It also contributes to extending the current theory with the proposal of the paradigm of Logistics Service Providers as orchestrators of the CSCRM process. The study combines different classifications of CSCRM initiatives and embraces theories external to the supply chain literature.

Practical implications

Through the empirical analysis, this study helps practitioners in streamlining the design of cyber security strategies and actions that span across the supply chain for better alignment. This could mean more coordination of efforts and more targeted/accurate investments in CSCRM initiatives. The study invites practitioners to ponder the perceived relevance of the human factor as a source of risk and the perceived importance of countermeasures aimed at mitigating risk events stemming from that source.

Originality/value

By focusing on an entire supply chain, this is one of the first studies on CSCRM that goes beyond the dyad. Its originality also lies in its use of the investigations of perceptions along the supply chain as pillars for the alignment of CSCRM strategies and mitigation initiatives. This original perspective allows for discovering the role of Logistics Service Providers in driving the alignment of the efforts towards better outcomes of the CSCRM process.

中文翻译：

---

谁在乎？数字化转型时代供应链管理者对网络供应链风险管理的认知

目的

本文的目的是探讨供应链经理对构成网络供应链风险管理 (CSCRM) 的要素的看法以及相关的一致性水平，以了解组织如何部署超越技术、单个公司的内部运作并超越二元组，以建立更好的联盟，最终可以提高网络供应链的弹性。

设计/方法/方法

对快速消费品 (FMCG) 行业进行了一项探索性调查，涉及意大利 100 多个组织。通过单向方差分析对结果进行分析，以评估快速消费品供应链的各个参与者（制造商、物流服务提供商、零售商）的看法差异。

发现

虽然整个 FMCG 供应链的认知存在一定程度的一致性，但研究发现，物流服务提供商可以作为 CSCRM 流程的协调者发挥关键作用，从而对网络威胁和风险事件做出更加“以供应链为导向”的响应. 该研究还强调了将人视为提高供应链网络弹性的关键因素的必要性。

研究限制/影响

通过对供应链的纵向分析，该研究扩展了现有的 CSCRM 理论，其中包含孤立的案例研究。它还有助于扩展当前的理论，提出物流服务提供商作为 CSCRM 流程协调者的范式。该研究结合了 CSCRM 计划的不同分类，并采用了供应链文献之外的理论。

实际影响

通过实证分析，本研究帮助从业者简化跨越供应链的网络安全策略和行动的设计，以实现更好的一致性。这可能意味着对 CSCRM 计划的更多努力协调和更有针对性/更准确的投资。该研究邀请从业者思考人为因素作为风险来源的感知相关性以及旨在减轻源自该来源的风险事件的对策的感知重要性。

原创性/价值

通过关注整个供应链，这是对 CSCRM 超越二元组的首批研究之一。它的独创性还在于它利用对供应链中的认知调查作为协调 CSCRM 战略和缓解措施的支柱。这种原始观点允许发现物流服务提供商在推动协调努力以实现 CSCRM 流程的更好结果方面的作用。