Best practices in supplier relationship management and response when supply is disrupted by cyber attack : An incident response framework

Abstract

This paper explores the growing dependency of organisations on suppliers and the importance of supplier relationship management (SRM) in achieving sustainable competitive advantage. It highlights the various reasons organisations engage with suppliers, including accessing specialised expertise, cost savings, flexibility, risk mitigation and improved quality. The paper emphasises the need for organisations to adopt best practices in SRM to enhance their resilience to disruptions, particularly those caused by cyber attacks. It introduces a threat assessment process for organisations to evaluate the potential impact of supplier disruptions and proposes strategies for improving resilience through collaboration with suppliers. The article also discusses the significance of data sharing between organisations and suppliers, outlining different channels and methods for secure data exchange. It addresses the risks associated with data sharing, such as breaches, intellectual property theft, compliance violations and loss of control. Additionally, the article examines the impacts of supplier disruptions on organisations and emphasises the importance of establishing clear guidelines and policies for data sharing. It concludes by presenting a threat assessment process for supplier disruptions due to cyber attacks, including identifying critical suppliers, conducting risk assessments, analysing findings, developing mitigation strategies, implementing strategies and conducting ongoing monitoring.