Akademik Veri Yönetim Sistemi
International Journal of Information Management Data Insights, cilt.5, sa.2, 2025 (Scopus)
The increasing risks associated with cybersecurity in global supply chains present a significant problem, threatening the operational integrity and security of organisations on a global scale. The UK's Network and Information Systems (NIS) Framework, although fundamental in cybersecurity regulation, has significant gaps in effectively addressing the complexities of contemporary global supply chain architectures entangled with quickly advancing cyber threats. In this work, we analyse the UK NIS framework, identify key gaps, and propose solutions drawn from other existing frameworks, e.g., US NIST, EU NIS2. We base this analysis on a comparative evaluation using defined criteria related to supply chain coverage, adaptability, and risk management specificity. We enhanced the cybersecurity in supply chains by proposing novel security requirements plans for each risk profile. Furthermore, we examined various solutions for risk assessments and self-risk assessments for supply chain security. We analysed practical risk assessment approaches, including self-assessment strategies, particularly suited for SMEs. Moreover, we investigated the contracting between supply chains in the context of data and information sharing.