Skip to main content
274
Views
464
Downloads
1
1
1
1
1
1
1
1
Reviewed article

Interorganizational Cooperation in Supply Chain Cybersecurity: A Cross-Industry Study of the Effectiveness of the UK Implementation of the NIS Directive

How to cite:
Tania Wallis, Chris Johnson, Mohamed Khamis
"Interorganizational Cooperation in Supply Chain Cybersecurity: A Cross-Industry Study of the Effectiveness of the UK Implementation of the NIS Directive"
Information & Security: An International Journal,
48
no. 1
(2021):
36-68.
https://doi.org/10.11610/isij.4812

Interorganizational Cooperation in Supply Chain Cybersecurity: A Cross-Industry Study of the Effectiveness of the UK Implementation of the NIS Directive

Source:

Information & Security: An International Journal,
Volume: 48,
Issue1,
p.36-68
(2021)

Abstract:

The transposition of the EU Directive on Network and Information Security (NIS) by EU Member States involved assigning a set of responsibilities to operators, regulators and policy makers within a national cybersecurity strategy, in order to improve cybersecurity levels across critical infrastructures. This research investigates the perspectives and experiences of organisations affected by the NIS Directive focussing on three different sectors (Energy, Water & Aviation). The authors evaluate the response of different actors to NIS interventions and their challenges in meeting their assigned responsibilities, in particular their ability to oversee supply chain cybersecurity. It proposes further support for partnerships and cooperation across organisations to increase the effectiveness of NIS implementation. Based on results from semi-structured interviews and observations of industry working groups, an approach to supply chain oversight to achieve a balance between control and cooperation is recommended, to improve cybersecurity within industry sectors and across critical national infrastructures. Although our initial focus has been on working mainly with UK stakeholders, we argue that our recommendations have a more general application beyond those countries directly affected by the Directive.

274
Views
464
Downloads
1
1
1
1
1
1
1
1
8
Citations
Journal of Information Security and Cybercrimes Research
6,
no. 2
(2023):
116-129.
School of Computing Faculty
Doctor Of Science In Information Technology
(2023):
2023 International Conference On Cyber Management And Engineering (CyMaEn)
(2023):