TY - JOUR T1 - Building Cyber-Resilience into Supply Chains JF - Technology Innovation Management Review Y1 - 2015 A1 - Adrian Davis KW - cyber-resilience KW - cybersecurity KW - direct suppliers KW - indirect suppliers KW - information-centric approach KW - procurement KW - requirements KW - resilience KW - supply chain KW - Tier 1 suppliers AB - The article discusses how an organization can adopt an information-centric approach to protect its information shared in one or more supply chains; clearly communicate the expectations it has for a direct (Tier 1) supplier to protect information; and use contracts and measurement to maintain the protection desired. Building on this foundation, the concept of resilience – and that of cyber-resilience – is discussed, and how an information-centric approach can assist in creating a more cyber-resilient supply chain. Finally, the article concludes with five steps an organization can take to improve the protection of its information: i) map the supply chain; ii) build capability; iii) share information and expertise; iv) state requirements across the supply chain using standards, common frameworks, and languages; and v) measure, assess, and audit. PB - Talent First Network CY - Ottawa VL - 5 UR - http://timreview.ca/article/887 IS - 4 U1 - (ISC)2 Adrian Davis, PhD, MBA, FBCS CITP, CISSP, heads the Europe, Middle East, and Africa (EMEA) team for (ISC)2, the global, not-for-profit leader in educating and certifying information security professionals throughout their careers. His role is to deliver the (ISC)2 vision of inspiring a safe and secure cyber-world and its mission of supporting and providing members and constituents with credentials, resources, and leadership to secure information and deliver value to society. Before working for (ISC)2, Adrian delivered practical business solutions to over 360 blue-chip multinational clients for the Information Security Forum. His expertise included: managing information security in supply chains; information security governance and effectiveness; the relationship between information security and business continuity; and possible near-term threats to organizations. Adrian regularly attends and chairs conferences and contributes articles for the press. He also contributed to the development of ISO/IEC 27014: Governance of Information Security and currently acts as a co-editor for ISO/IEC 27036 Information Security in Supplier Relationships, Part 4: Guidelines for Security of Cloud Services. ER - TY - JOUR T1 - Implementation Prerequisites for Electronic Procurement of Services JF - Technology Innovation Management Review Y1 - 2015 A1 - Ute Reuter KW - digitalization KW - electronic procurement KW - implementation KW - improvement KW - process innovation KW - procurement KW - purchasing KW - service management KW - service procurement AB - Service procurement is a business function of increasing importance and is highly suitable for integration of electronic support, but it suffers from severe research deficits. As yet, implementation prerequisites for electronic procurement of services are obscure and not quantifiable. In this research project, organization, formalization, and specialization of procurement and standardization and strategic importance of the procured services are identified as relevant implementation prerequisites. Measurement models for these prerequisites are established and proven through quantitative empirical research. As such, this article is a major step towards a more rigorous investigation of electronic procurement of services. PB - Talent First Network CY - Ottawa VL - 5 UR - http://timreview.ca/article/870 IS - 2 U1 - VWA-University of Extra-Occupational Studies Ute Reuter is Professor of Business Economics, specializing in company management, human resource management, and organization, at VWA-University of Extra-Occupational Studies in Stuttgart, Germany. She holds a doctoral degree from Stuttgart University, Germany, and two diploma degrees: one in Business Economics from Hohenheim University, Germany, and one in Administrative Studies from the Federal University of Business Administration in Bonn, Germany. She researches in the areas of innovation, procurement, service management, digitalization, and company management and is especially interested in topics interlinking these different research areas. ER -