Methodology for Designing Decision Support Systems for Visualising and Mitigating Supply Chain Cyber Risk from IoT Technologies

This paper proposes a methodology for designing decision support systems for visualising and mitigating the Internet of Things cyber risks. Digital technologies present new cyber risk in the supply chain which are often not visible to companies participating in the supply chains. This study investigates how the Internet of Things cyber risks can be visualised and mitigated in the process of designing business and supply chain strategies. The emerging DSS methodology present new findings on how digital technologies affect business and supply chain systems. Through epistemological analysis, the article derives with a decision support system for visualising supply chain cyber risk from Internet of Things digital technologies. Such methods do not exist at present and this represents the first attempt to devise a decision support system that would enable practitioners to develop a step by step process for visualising, assessing and mitigating the emerging cyber risk from IoT technologies on shared infrastructure in legacy supply chain systems

From wicked problem to design problem: Developing actionable briefs and solution opportunities through a collaborative, multidisciplinary design-led approach

This paper argues that using a design-led approach is highly beneficial when tackling complex problems to transform ambiguity into actionable design briefs and solution opportunities. This is evidenced by way of an ongoing project with a large public-sector organisation. Northumbria University’s School of Design academic experts use design-led approaches to innovation that promote ‘creative fusion’ between diverse stakeholders in order to tackle ‘wicked problems’. The authors continue this work as part of an AHRC/ERDF-funded programme entitled Creative Fuse North East (CFNE), along with five regional universities, of which the project discussed here is a part. The main objective of which is to develop and deploy approaches to innovation that apply skills from creative graduates to benefit the wider creative economy, address barriers to innovation and promote growth and sustainability within and without of the Creative, Digital and IT sector (CDIT). It will be argued that to do this it is vital to convert stakeholders into co-creation activists empowered with the creative confidence required to speculate about uncertain futures

A visual exploration of cybersecurity concepts

Funding: This research was funded by the UK EPSRC under grant EP/N028228/1 (PACTMAN).Cybersecurity-related concepts can be difficult to explain or summarise. The complexity associated with these concepts is compounded by the impact of rapid technological changes and the contextual nature of the meaning ascribed to the various themes. Since visual imagery is often employed in articulation and explanation, we conducted a study in which we asked participants to sketch their understanding of cybersecurity concepts. Based on an analysis of these sketches and subsequent discussions with participants, we make the case for the use of sketching and visuals as a tool for cybersecurity research. Our collection of sketches and icons can further serve as the seed for a visual vocabulary for cybersecurity-related interfaces and communication

Avoiding the internet of insecure industrial things

Security incidents such as targeted distributed denial of service (DDoS) attacks on power grids and hacking of factory industrial control systems (ICS) are on the increase. This paper unpacks where emerging security risks lie for the industrial internet of things, drawing on both technical and regulatory perspectives. Legal changes are being ushered by the European Union (EU) Network and Information Security (NIS) Directive 2016 and the General Data Protection Regulation 2016 (GDPR) (both to be enforced from May 2018). We use the case study of the emergent smart energy supply chain to frame, scope out and consolidate the breadth of security concerns at play, and the regulatory responses. We argue the industrial IoT brings four security concerns to the fore, namely: appreciating the shift from offline to online infrastructure; managing temporal dimensions of security; addressing the implementation gap for best practice; and engaging with infrastructural complexity. Our goal is to surface risks and foster dialogue to avoid the emergence of an Internet of Insecure Industrial Things

Cyber risk at the edge: Current and future trends on cyber risk analytics and artificial intelligence in the industrial internet of things and industry 4.0 supply chains

Digital technologies have changed the way supply chain operations are structured. In this article, we conduct systematic syntheses of literature on the impact of new technologies on supply chains and the related cyber risks. A taxonomic/cladistic approach is used for the evaluations of progress in the area of supply chain integration in the Industrial Internet of Things and Industry 4.0, with a specific focus on the mitigation of cyber risks. An analytical framework is presented, based on a critical assessment with respect to issues related to new types of cyber risk and the integration of supply chains with new technologies. This paper identifies a dynamic and self-adapting supply chain system supported with Artificial Intelligence and Machine Learning (AI/ML) and real-time intelligence for predictive cyber risk analytics. The system is integrated into a cognition engine that enables predictive cyber risk analytics with real-time intelligence from IoT networks at the edge. This enhances capacities and assist in the creation of a comprehensive understanding of the opportunities and threats that arise when edge computing nodes are deployed, and when AI/ML technologies are migrated to the periphery of IoT networks