Supply Chain (SC) digitalization is reshaping dynamics in response to contemporary business demands, but it also introduces new challenges, particularly within the cybersecurity landscape. Cyber Supply Chain Risk Management (CSCRM) emerges as a comprehensive discipline addressing cybersecurity challenges throughout the SC, integrating cybersecurity practices with traditional risk management principles. Furthermore, within the context of digitization, Artificial Intelligence (AI) offers opportunities to strengthen cybersecurity defences. Literature review on the topics of Supply Chain Risk Management (SCRM), CSCRM and AI, enables the identification of the primary theoretical gaps, which focus on exploring the relationship between SCRM and CSCRM, as well as perspectives on AI implementation in supporting CSCRM, driving the definition of the Preliminary Research Framework. Data collected through case studies methodology, which involved cybersecurity providers, system integrators, and consultancy firms, significantly addressed the RQs and shaped the Final Research Framework. The outcomes of this research study include a classification of CSCRM solutions within the canonical SCRM phases and an exploration of connections between CSCRM solutions and cyber risk classes. Furthermore, this study provides a classification of the contribution that different AI capabilities bring to each phase of the CSCRM process, along with the identification of elements that positively or negatively influence their implementation. This dissertation aims to bridge theoretical gaps and provide a business-oriented framework for effective CSCRM implementation, while also highlighting AI's potential in enhancing cybersecurity. However, the current research is based on evidence gathered from the standpoint of players acting as cybersecurity providers within the SC. Consequently, future research directions involve the requirement for a larger sample size to collect broader insights, involving the adopters’ perspective as well, to assess the effectiveness of the models proposed and their point of view about the role of AI in enhancing cybersecurity.
La digitalizzazione della Supply Chain (SC) sta ridisegnando le dinamiche di risposta alle attuali esigenze aziendali, introducendo però nuove sfide nel contesto cybersecurity. Il Cyber Supply Chain Risk Management (CSCRM) è una disciplina emergente che affronta queste sfide integrando pratiche di cybersecurity con i principi tradizionali di gestione del rischio. In questo contesto di digitalizzazione, l'Intelligenza Artificiale (IA) rappresenta un’opportunità per migliorare la cybersecurity lungo la SC. L'analisi della letteratura sui temi di Supply Chain Risk Management (SCRM), CSCRM e IA consente di identificare i principali gap teorici, che si focalizzano sull'esplorazione della relazione tra SCRM e CSCRM, e sulle prospettive di implementazione dell'IA a supporto del CSCRM, dettando le linee guida per la definizione del modello di ricerca iniziale. I dati raccolti attraverso i casi studio, che hanno visto coinvolti providers di cybersecurity, system integrators e società di consulenza, hanno contribuito in modo significativo a rispondere alle domande di ricerca e a definire il modello di ricerca finale. I risultati di questo lavoro di ricerca includono una classificazione delle soluzioni CSCRM all'interno delle fasi canoniche del SCRM e un'esplorazione delle connessioni tra le soluzioni CSCRM e i diversi rischi cyber. Inoltre, questo studio fornisce una classificazione del contributo che le diverse capacità di IA apportano a ciascuna fase del processo CSCRM, insieme all'identificazione dei fattori che influenzano positivamente o negativamente la loro implementazione. Questa tesi mira a colmare i gap teorici e fornire un modello di supporto manageriale per implementare il CSCRM in modo efficace, evidenziando il potenziale dell'IA nel migliorare la cybersecurity. Tuttavia, la ricerca attuale si basa su dati raccolti esclusivamente da fornitori di soluzioni cybersecurity e, di conseguenza, le direzioni di ricerca future prevedono la necessità di espandere il campione, integrando anche la prospettiva degli adopters, per valutare l'efficacia dei modelli proposti e il loro punto di vista in merito al ruolo dell'IA nella cybersecurity.
The role of Artificial Intelligence in Cybersecurity: a supply chain risk management perspective
Temporiti, Matteo;Ravasio, Giovanni
2022/2023
Abstract
Supply Chain (SC) digitalization is reshaping dynamics in response to contemporary business demands, but it also introduces new challenges, particularly within the cybersecurity landscape. Cyber Supply Chain Risk Management (CSCRM) emerges as a comprehensive discipline addressing cybersecurity challenges throughout the SC, integrating cybersecurity practices with traditional risk management principles. Furthermore, within the context of digitization, Artificial Intelligence (AI) offers opportunities to strengthen cybersecurity defences. Literature review on the topics of Supply Chain Risk Management (SCRM), CSCRM and AI, enables the identification of the primary theoretical gaps, which focus on exploring the relationship between SCRM and CSCRM, as well as perspectives on AI implementation in supporting CSCRM, driving the definition of the Preliminary Research Framework. Data collected through case studies methodology, which involved cybersecurity providers, system integrators, and consultancy firms, significantly addressed the RQs and shaped the Final Research Framework. The outcomes of this research study include a classification of CSCRM solutions within the canonical SCRM phases and an exploration of connections between CSCRM solutions and cyber risk classes. Furthermore, this study provides a classification of the contribution that different AI capabilities bring to each phase of the CSCRM process, along with the identification of elements that positively or negatively influence their implementation. This dissertation aims to bridge theoretical gaps and provide a business-oriented framework for effective CSCRM implementation, while also highlighting AI's potential in enhancing cybersecurity. However, the current research is based on evidence gathered from the standpoint of players acting as cybersecurity providers within the SC. Consequently, future research directions involve the requirement for a larger sample size to collect broader insights, involving the adopters’ perspective as well, to assess the effectiveness of the models proposed and their point of view about the role of AI in enhancing cybersecurity.| File | Dimensione | Formato | |
|---|---|---|---|
|
2024_04_Ravasio_Temporiti_Tesi_01.pdf
non accessibile
Descrizione: Dissertation
Dimensione
10.05 MB
Formato
Adobe PDF
|
10.05 MB | Adobe PDF | Visualizza/Apri |
|
2024_04_Ravasio_Temporiti_Executive_Summary_02.pdf
non accessibile
Descrizione: Executive Summary
Dimensione
866.96 kB
Formato
Adobe PDF
|
866.96 kB | Adobe PDF | Visualizza/Apri |
I documenti in POLITesi sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
https://hdl.handle.net/10589/219321