Integrating artificial intelligence capabilities in supply chain cyber risk management

Abstract

Purpose In recent years, supply chain (SC) cyber risks have become a significant organizational challenge. While artificial intelligence (AI) can play an important role in cyber risk protection, a comprehensive analysis of its impact is missing. This article aims to answer this gap by analyzing how different AI capabilities support the different phases of the Supply Chain Cyber Risk Management (SCCRM) process. Design/methodology/approach Three embedded case studies involving three different classes of cybersecurity providers with different roles in the cybersecurity industry were developed. The three cases of vendors, system integrators and consultancy firms have been chosen as these three distinct classes of actors can provide different perspectives about their specific business. Findings An analysis of how different AI capabilities are exploited by the three cases in the different phases of the SCCRM process is presented. In addition, a practical framework for managers is provided about how these solutions can be leveraged to enhance cybersecurity in the SC. Originality/value The present article contributes to theory by expanding the existing literature on SCCRM and establishing a link between the domains of AI and cybersecurity. It demonstrates the potential of AI capabilities to support the various phases of the SCCRM process. Specifically, the results revealed that AI plays a crucial role in supporting sensing, seizing and transforming capabilities in dealing with cyber risk. Thus, this study advances dynamic capabilities (DC) theory by offering an interpretive lens through which to understand AI adoption in SCCRM.