Hier finden Sie wissenschaftliche Publikationen aus den Fraunhofer-Instituten.

An adaptive supply chain cyber risk management methodology

: Schauer, Stefan; Stamer, Martin; Bosse, Claudia; Pavlidis, Michalis; Mouratidis, Haralambos; König, Sandra; Papastergiou, Spyros

Fulltext (PDF; )

Ringle, Christian M.; Jahn, Carlos; Kersten, Wolfgang ; TU Hamburg-Harburg, Institut für Logistik und Unternehmensführung:
Digitalization in maritime and sustainable logistics : City logistics, port logistics and sustainable supply chain management in the digital age; Hamburg International Conference of Logistics, October 2017, Hamburg
Berlin: epubli, 2017 (Proceedings of the Hamburg International Conference of Logistics (HICL) 24)
ISBN: 978-3-7450-4332-7
ISBN: 3-7450-4332-4
Hamburg International Conference of Logistics (HICL) <11, 2017, Hamburg>
Conference Paper, Electronic Publication
Fraunhofer IML ()
it-security; cyber risk management; cyber risk assessment; maritime supply chain

Maritime information infrastructures have developed to highly interrelated cyber ecosystems, where ports as well as their partners are connected in dynamic Information and Communication Technology (ICT)-based maritime supply chains. This makes them open and vulnerable to the rapidly changing ICT threat landscape. Hence, attacks on a seemingly isolated system of one business partner may propagate through the whole supply chain, causing cascading effects and resulting in large-scale impacts. In this article, we want to present a novel risk management methodology to assess the risk level of an entire maritime supply chain. This methodology builds upon publicly available information, well-defined mathematical approaches and best practices to automatically identify and assess vulnerabilities and potential threats of the involved cyber assets. This leads to a constantly updated risk evaluation of each business partner’s cyber assets together with their cyber interconnections with other business partners. The presented risk management methodology is based on qualitative risk scales, which makes the assessment as well as the results more intuitive. Furthermore, it enables a holistic view on all of the integrated ICT-systems as well as their interdependencies and thus can increase the security level of both a whole supply chain and every participating business partner.