Abstract
Supply chains today rely heavily on information technologies. Such reliance has encouraged attackers to shift their focus on conducting supply chain attacks, which is expected to become the most common type of cyberattack by 2030. Thus, it is crucial for Information Systems practitioners to gain a deeper understanding of supply chain cybersecurity. To that end, this teaching case demonstrates the importance of supply chain cybersecurity in the digital era drawing on two recent attacks with significant impact on supply chains: SolarWinds and Kaseya. We first discuss different dimension of cyberattacks, followed by an introduction of supply chain attacks. We then introduce an analytical tool called cyber kill chain that is widely used for analysing different stages of a cyberattack. In addition, we propose a taxonomy of cyberattacks that can be used as a tool, alongside other tools, to analyse cyberattacks. The taxonomy is especially useful for conducting a lightweight analysis and presenting an overview of cyberattacks to non-technical stakeholders, especially executives and directors.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
