%0 Journal Article %J Technology Innovation Management Review %D 2015 %T Cybersecurity and Cyber-Resilient Supply Chains %A Hugh Boyes %K cyber-resilience %K cybersecurity %K risk management %K supply chain %K threat management %X There has been a rapid growth in the use of communications and information technology, whether embedded in products, used to deliver services, or employed to enable integration and automation of increasingly global supply chains. Increased use of information technology introduces a number of cybersecurity risks affecting cyber-resilience of the supply chain, both in terms of the product or service delivered to a customer and supply chain operation. The situation is complicated by factors such as the global sourcing of technology components or software, ownership of the systems in a supply chain, different legal jurisdictions involved, and the extensive use of third parties to deliver critical functionality. This article examines the cyber-resilience issues related to the supply of products, services, and the supply chain infrastructure considering the nature of threats and vulnerabilities and the attributes of cybersecurity. In doing so, it applies a model for cybersecurity that is adapted from the Parkerian hexad to explore the security and trustworthiness facets of supply chain operations that may impact cyber-resilience. %B Technology Innovation Management Review %I Talent First Network %C Ottawa %V 5 %P 28-34 %8 04/2015 %G eng %U http://timreview.ca/article/888 %N 4 %1 University of Warwick Hugh Boyes is a Principal Fellow at WMG at the University of Warwick, United Kingdom, where he focuses on cyber-resilience and the cybersecurity of cyber-physical systems. He is a Chartered Engineer, a Fellow of the IET and holds the CISSP credential issued by (ISC)2. Hugh is also the Cyber Security Lead at the Institution of Engineering and Technology (IET), where he focuses on developing cybersecurity skills initiatives for engineering and technology communities. This work is particularly focused on the design and operation of physical-cyber systems (e.g., industrial control systems, building automation systems). He has written two guidance documents for the Institution of Engineering and Technology (IET) on cybersecurity in the built environment, and with Alex Luck, is the joint technical author of a BSI publicly available specification (PAS) on security-minded building information modeling, digital built environments, and smart asset management. %R http://doi.org/10.22215/timreview/888