English
Related papers

Related papers: Assessing Supply Chain Cyber Risks

200 papers

Cyber threats affect all kinds of organisations. Risk analysis is an essential methodology for cybersecurity as it allows organisations to deal with the cyber threats potentially affecting them, prioritise the defence of their assets and…

Cryptography and Security · Computer Science 2019-03-20 David Rios Insua , Aitor Couce Vieira , Jose Antonio Rubio , Wolter Pieters , Katsiaryna Labunets , Daniel Garcia Rasines

Supply chains are increasingly targeted by threat actors. Using a recent taxonomy, we contrast the diverse levels of detail given by national authorities. The threat is commonly acknowledged, but guidance is disjointed. NIST SP 800-161…

Cryptography and Security · Computer Science 2022-08-04 Colin Topping , Ola Michalec , Awais Rashid

The software product is a source of cyber-attacks that target organizations by using their software supply chain as a distribution vector. As the reliance of software projects on open-source or proprietary modules is increasing drastically,…

Cryptography and Security · Computer Science 2023-05-24 Betul Gokkaya , Leonardo Aniello , Basel Halak

Digital technologies have changed the way supply chain operations are structured. In this article, we conduct systematic syntheses of literature on the impact of new technologies on supply chains and the related cyber risks. A…

Computers and Society · Computer Science 2020-05-18 Petar Radanliev , David De Roure , Kevin Page , Jason Nurse , Rafael Mantilla Montalvo , Omar Santos , La Treall Maddox , Peter Burnap

This paper provides the first large-scale data-driven analysis to evaluate the predictive power of different attributes for assessing risk of cyberattack data breaches. Furthermore, motivated by rapid increase in third party enabled…

Risk Management · Quantitative Finance 2023-11-14 Kevin Hu , Retsef Levi , Raphael Yahalom , El Ghali Zerhouni

Cyber assurance, which is the ability to operate under the onslaught of cyber attacks and other unexpected events, is essential for organizations facing inundating security threats on a daily basis. Organizations usually employ multiple…

Cryptography and Security · Computer Science 2022-07-26 Nan Sun , Chang-Tsun Li , Hin Chan , Md Zahidul Islam , Md Rafiqul Islam , Warren Armstrong

Cyber risk assessment is a fundamental activity for enhancing the protection of an organization, identifying and evaluating the exposure to cyber threats. Currently, this activity is carried out mainly manually and the identification and…

Cryptography and Security · Computer Science 2022-07-08 Marco Angelini , Silvia Bonomi , Alessandro Palma

This article delves into the strategic approaches and preventive measures necessary to safeguard the software supply chain against evolving threats. It aims to foster an understanding of the challenges and vulnerabilities inherent in…

Cryptography and Security · Computer Science 2024-07-22 Ahmed Akinsola , Abdullah Akinde

This paper introduces a two-pillar cyber risk management framework to address the pervasive challenges in managing cyber risk. The first pillar, cyber risk assessment, combines insurance frequency-severity models with cybersecurity cascade…

Risk Management · Quantitative Finance 2025-01-13 Wing Fung Chong , Runhuan Feng , Hins Hu , Linfeng Zhang

Software supply chain attacks have increased exponentially since 2020. The primary attack vectors for supply chain attacks are through: (1) software components; (2) the build infrastructure; and (3) humans (a.k.a software practitioners).…

Cryptography and Security · Computer Science 2025-09-11 Laurie Williams , Sammy Migues

Quantifying cyber risks is essential for organizations to grasp their vulnerability to threats and make informed decisions. However, current approaches still need to work on blending economic viewpoints to provide insightful analysis. To…

Cryptography and Security · Computer Science 2024-05-07 Muriel Figueredo Franco , Aiatur Rahaman Mullick , Santosh Jha

The task of designing secure software systems is fraught with uncertainty, as data on uncommon attacks is limited, costs are difficult to estimate, and technology and tools are continually changing. Consequently, experts may interpret the…

Cryptography and Security · Computer Science 2013-06-03 Simon Miller , Susan Appleby , Jonathan M. Garibaldi , Uwe Aickelin

Outsourcing of information and communication technologies (ICT) and related services is an established and growing industry. Recent trends, such as the move toward multi-sourcing have increased the complexity and risk of these outsourcing…

Computers and Society · Computer Science 2016-06-09 Deborah Bunker , Catherine Hardy , Abdul Babar , Ken Stevens

Supply chain is emerging as the next frontier of threats in the rapidly evolving IoT ecosystem. It is fundamentally more complex compared to traditional ICT systems. We analyze supply chain risks in IoT systems and their unique aspects,…

Cryptography and Security · Computer Science 2019-08-22 Muhammad Junaid Farooq , Quanyan Zhu

Supply chain security has become a growing concern in security risk analysis of the Internet of Things (IoT) systems. Their highly connected structures have significantly enlarged the attack surface, making it difficult to track the source…

Cryptography and Security · Computer Science 2022-01-31 Yunfei Ge , Quanyan Zhu

The rise of AI has transformed the software and hardware landscape, enabling powerful capabilities through specialized infrastructures, large-scale data storage, and advanced hardware. However, these innovations introduce unique attack…

Cryptography and Security · Computer Science 2025-08-29 Michael R Smith , Joe Ingram

Information security risk assessment methods have served us well over the past two decades. They have provided a tool for organizations and governments to use in protecting themselves against pertinent risks. As the complexity,…

Cryptography and Security · Computer Science 2018-11-09 Jason R. C. Nurse , Sadie Creese , David De Roure

Supply chain security threats pose new challenges to security risk modeling techniques for complex ICT systems such as the IoT. With established techniques drawn from attack trees and reliability analysis providing needed points of…

Cryptography and Security · Computer Science 2020-03-30 Timothy Kieras , Muhammad Junaid Farooq , Quanyan Zhu

Recent trends in targeted cyber-attacks has increased the interest of research in the field of cyber security. Such attacks have massive disruptive effects on rganizations, enterprises and governments. Cyber kill chain is a model to…

Networking and Internet Architecture · Computer Science 2016-06-13 Tarun Yadav , Rao Arvind Mallari

The software supply chain involves a multitude of tools and processes that enable software developers to write, build, and ship applications. Recently, security compromises of tools or processes has led to a surge in proposals to address…

Cryptography and Security · Computer Science 2022-09-12 Marcela S. Melara , Mic Bowman
‹ Prev 1 2 3 10 Next ›