Supply Chain Resilience - a Concept for Coping with Cyber Risks

Research output: Book/ReportPh.D. thesisResearch

178 Downloads (Pure)


This dissertation examines how supply chains can build resilience to cyber risks. Although cyber risks are globally recognized as the most significant risks to businesses globally, the addressing of cyber risks is underrepresented in the supply chain management literature. Cyber risks diverge in nature from the supply chain risks usually discussed, so the understanding of supply chain resilience falls short of cyber risks, as these specific risks require specific supply chain resilience capabilities. There is an imbalance in the supply chain literature between the knowledge of resilience in general and the knowledge of specific risks, such as cyber risks.
The theoretical basis of this dissertation is rooted in supply chain resilience by incorporating different understandings of resilience. The underlying core approaches are panarchical, engineering, social-ecological, and individual resilience. Based on pragmatism as the overarching research paradigm, this thesis uses sensemaking, dynamic capabilities, and complex adaptive systems theory as theoretical lenses that guide data collection and analysis. Moreover, the use of these theories in supply chain resilience to cyber risks is a novel approach.
Pragmatism allows disparate methodologies to study the resilience of supply chains to cyber risks. This dissertation approaches the topic of interest with a mixed-methods approach combining storytelling and interpretive case studies in Article 1 and positivist case studies in Articles 2 and 3. The data in the first study are based on 13 interviews with a single manager to gain in-depth knowledge of managing supply chain cyber risks by tracing its evolution over the last 30 years. The second and third articles are based on 79 interviews with 59 participants from 28 industrial companies in Central Europe representing four supply chains.
The dissertation’s findings demonstrate the difference between cyber risks and the risks usually discussed in the supply chain resilience literature. The first article shows how sensemaking and storytelling support research on supply chain resilience to cyber risks. It also advances the understanding of how to make sense of the cyber risks in supply chains identified in this article and how to learn from the experiences of a manager who has been managing supply chain cyber risks for 30 years.
The second article demonstrates how to build supply chain resilience to cyber risks using the three microfoundations of dynamic capability theory: sensing, seizing, and transforming. This study identifies eight dynamic capabilities and their associated practices. The findings of the third article provide a theoretically grounded understanding of the complexity of supply chain resilience to cyber risks and related agents and environments, thereby expanding knowledge. While the second article identifies practices for building supply chain resilience to cyber risks, the third article identifies supply chain characteristics and properties that facilitate or hinder their enabling.
This dissertation expands the knowledge of supply chain resilience by focusing on cyber risks and highlighting the necessity of unique capabilities and emerging characteristics of supply chains. It also contributes to theoretical lenses applied in a new context: supply chain resilience to cyber risks. Furthermore, it assists managers in addressing supply chain resilience to cyber risks by combining different understandings of resilience with different methodologies and theoretical lenses to provide a more holistic picture. Finally, this study reveals more levels in a supply chain, from bits and bytes to the global level, that managers are unaware of and academics have not yet recognized.
Original languageEnglish
Place of PublicationFrederiksberg
PublisherCopenhagen Business School [Phd]
Number of pages170
ISBN (Print)9788775680993
ISBN (Electronic)9788775681006
Publication statusPublished - 2022
SeriesPhD Series

Cite this