The zero trust supply chain: Managing supply chain risk in the absence of trust

Zachary A. Collier*, Joseph Sarkis

*Motsvarande författare för detta arbete

Forskningsoutput: TidskriftsbidragArtikelVetenskapligPeer review

69 Citeringar (Scopus)

Sammanfattning

The modern supply chain is characterised by an ill-defined and porous perimeter, allowing entry points for potential adversaries to intercept sensitive information and disrupt operations. Such supply chain attacks are increasing in frequency and their impacts can be costly to an organisation. Trust between supply chain partners is commonly thought to be a risk management tool, where increasing trust results in reduced risk. However, increased trust may actually expose the supply chain to more risk, not less. In this paper, we propose the concept of the zero trust supply chain. Originating in the field of information technology and cybersecurity, a zero trust philosophy assumes that all actors and activity are untrusted. In contrast to perimeter-based security, which attempts to keep adversarial actors out, a zero trust-based security posture assumes that adversaries are already inside the system, and therefore imposes strict access and authentication requirements. In this paper, we map zero trust concepts to the supply chain, and discuss the steps an organisation might take to transition to zero trust. We set forth a research agenda by examining zero trust through the lens of several organisational theories and propose a number of research propositions.

OriginalspråkEngelska
Referentgranskad vetenskaplig tidskriftInternational Journal of Production Research
Volym59
Nummer11
Sidor (från-till)3430-3445
Antal sidor16
ISSN0020-7543
DOI
StatusPublicerad - 17.02.2021
MoE-publikationstypA1 Originalartikel i en vetenskaplig tidskrift

Nyckelord

  • 512 Företagsekonomi

Styrkeområden och områden med hög potential (AoS och AoHP)

  • AoHP: Humanitär och samhällslogistik

Fingeravtryck

Fördjupa i forskningsämnen för ”The zero trust supply chain: Managing supply chain risk in the absence of trust”. Tillsammans bildar de ett unikt fingeravtryck.

Citera det här