Supply chain flows and stocks as entry points for cyber-risks

As supply chains become more digital to reach new levels of global competitiveness, caveats from this decision arise. Cyber-risks are one of these potential setbacks, affecting supply chains directly and indirectly, and propagating via supply chain flows and stocks information, material, and financial. This study applied a systematic literature review to determine how the supply chain's flows and stocks serve as points of entry to cyber-risks. Cyber-risks arise from different sources (i.e., direct attacks, built-in problems, low-quality issues), impacting supply chains' flows and stocks (material and information). There is a relation between the type of supply chain and which flow, or stock facilitates access to the supply chain. Finally, we provide a distinction between two concepts related to Supply Chain Risk Management and cyber-risks. This research is useful to 1) enterprise decision-makers, as the description of potential cyber-risks' points of entry delivers hints on where to focus managerial efforts; 2) developers of Supply Chain Management (SCM) Information and Communication Technology (ICT) systems, since discussing potential points of entry build awareness about probable exploitation points, thus improving ICT systems' resiliency, and 3) scholars, as the depiction of the state-of-the-art may serve as a common departing point for future research. (C) 2021 The Authors. Published by Elsevier B.V.Portuguese national funds from FCT - Fundacao para a Ciencia e a Tecnologia, within the Ph.D. Scholarship Reference: SFRH/BD/145941/2019, partially supported this research