Software Supply Chain Attacks, a Threat to Global Cybersecurity: SolarWinds’ Case Study

Exploitation of a vulnerability that compromised the source code of the Solar Winds’ Orion system, a software that is used widely by different government and industry actors in the world for the administration and monitoring of networks; brought to the fore a type of stealth attack that has been gaining momentum: supply chain attacks. The main problem in the violation of the software supply chain is that, from 85% to 97% of the code currently used in the software development industry comes from the reuse of open source code frameworks, repositories of third-party software and APIs, creating potential vulnerabilities in the development cycle of a software product. This research analyzes the SolarWinds case study from an exploratory review of academic literature, government information, but also from the articles and reports that are published by different cybersecurity consulting firms and software providers. Then, a set of good practices is proposed such as: Zero trust, Multi-Factor authentication mechanisms (MFA), strategies such as SBOM and the recommendations of the CISA guide to defend against this type of attack. Finally, the research discusses about how to improve response times and prevention against this type of attacks, also future research related to the subject is suggested, such as the application of Machine Learning and Blockchain technologies. Additionally for risk reduction, in addition to the management and articulation of IT teams that participate in all the actors that are part of the software life cycle under a DevSecOps approach.

Download Full-text

Failure Recovery Management in Performance of Logistics Services in a B2B Context: A Case Study Using the 3PL Perspective

Journal of Operations and Supply Chain Management ◽

10.12660/joscmv1n1p29-40 ◽

2008 ◽

Vol 1 (1) ◽

pp. 29 ◽

Cited By ~ 4

Author(s):

Luis Antonio Figueira Sanches Flores ◽

Marcos André Mendes Primo

Keyword(s):

Supply Chain ◽

Failure Recovery ◽

Third Party ◽

Future Research ◽

Factors Affecting ◽

Recovery Processes ◽

B2b Relationships ◽

Main Factors ◽

Recovery Management

What are the main factors affecting the failure recovery management in Logistics ServiceProviders (LSPs)? In trying to answer this question, a case study was conducted in a large Brazilian LSPto understand actions taken by that company in failure recovery processes, especially when the LSPmanages business-to-business (B2B) relationships. In those situations, the LSP acts as a third party relatingwith other two companies in the supply chain. At the end, seven main factors were found to be relevantto the failure recovery management analysis: Strong link in the supply chain, Relationship, Level ofCustomer Importance, Level of Customer Importance, Procedures, Personnel Training and Technology,Rewards for performance, Outsourcing. Limitations and suggestion for future research are discussed.

Download Full-text

A systematic literature review of healthcare supply chain and implications of future research

International Journal of Pharmaceutical and Healthcare Marketing ◽

10.1108/ijphm-05-2018-0028 ◽

2019 ◽

Vol 13 (4) ◽

pp. 405-435 ◽

Cited By ~ 2

Author(s):

Anuj Dixit ◽

Srikanta Routroy ◽

Sunil Kumar Dubey

Keyword(s):

Supply Chain ◽

Literature Review ◽

Inventory Management ◽

Cold Chain ◽

Future Research ◽

Research Papers ◽

Content Type ◽

Drug Manufacturing ◽

Customer Training

Purpose This paper aims to review the healthcare supply chain (HSC) literature along various areas and to find out the gap in it. Design/methodology/approach In total, 143 research papers were reviewed during 1996-2017. A critical review was carried out in various dimensions such as research methodologies/data collection method (empirical, case study and literature review) and inquiry mode of research methodology (qualitative, quantitative and mixed), country-specific, targeted area, research aim and year of publication. Findings Supply chain (SC) operations, performance measurement, inventory management, lean and agile operation, and use of information technology were well studied and analyzed, however, employee and customer training, tracking and visibility of medicines, cold chain management, human resource practices, risk management and waste management are felt to be important areas but not much attention were made in this direction. Research limitations/implications Mainly drug and vaccine SC were considered in current study of HSC while SC along healthcare equipment and machine, hospitality and drug manufacturing related papers were excluded in this study. Practical implications This literature review has recognized and analyzed various issues relevant to HSC and shows the direction for future research to develop an efficient and effective HSC. Originality/value The insight of various aspects of HSC was explored in general for better and deeper understanding of it for designing of an efficient and competent HSC. The outcomes of the study may form a basis to decide direction of future research.

Download Full-text

Toward a PCA-DEA based Decision Support System: A case study of a third-party logistics provider from Tunisia

2020 4th International Conference on Advanced Systems and Emergent Technologies (IC_ASET) ◽

10.1109/ic_aset49463.2020.9318268 ◽

2020 ◽

Author(s):

Safa Bhar Layeb ◽

Najla Aissaoui Omrane ◽

Jouhaina Chaouchi Siala ◽

Dalia Chaabani

Keyword(s):

Decision Support ◽

Decision Support System ◽

Support System ◽

Third Party ◽

Third Party Logistics ◽

System A

Download Full-text

The Compostable Coffee Pod: Is PürPod100tm the Best Thing Since Sliced Bread? A Case Study on Club Coffee

Research in Applied Economics ◽

10.5296/rae.v8i3.10071 ◽

2016 ◽

Vol 8 (3) ◽

pp. 49

Author(s):

Sylvain Charlebois ◽

Paul Uys

Keyword(s):

Supply Chain ◽

Supply Chain Management ◽

Reverse Logistics ◽

Food Supply ◽

Green Supply Chain Management ◽

Green Supply Chain ◽

Future Research ◽

Sustainable Food ◽

Chain Management

With consumer consciousness growing in the area of sustainable food supply, food distribution is looking for methods to embrace, adapt and improve its environmental performance, while still remaining economically competitive. Until recent innovative solutions were developed, coffee pods have been considered as an ecologically unsound approach to single-serve beverages. Some have argued that reverse logistics (recycling) is a better option than green supply chain management (composting). With a particular focus on coffee pods a case study on Club Coffee, which focuses on green supply chain management, is presented for the design of a capacitated distribution network for a two-layer supply chain involved in the distribution of coffee pods in Canada. Our investigation shows that Club Coffee’s relationship is not only critical to fostering the green supply chain ideology, but it is also unique in the business. Findings are presented and limitations and future research are proposed.

Download Full-text

Next generation Open Access analytics: A case study

Information Services & Use ◽

10.3233/isu-210106 ◽

2021 ◽

pp. 1-7

Author(s):

Tim Lloyd ◽

Sara Rouhi

Keyword(s):

Open Access ◽

Lessons Learned ◽

Third Party ◽

Future Research ◽

Critical Component ◽

Diverse Range ◽

Innovative Project ◽

Industry Standard ◽

External Stakeholders

A critical component in the development of sustainable funding models for Open Access (OA) is the ability to communicate impact in ways that are meaningful to a diverse range of internal and external stakeholders, including institutional partners, funders, and authors. While traditional paywall publishers can take advantage of industry standard COUNTER reports to communicate usage to subscribing libraries, no similar standard exists for OA content. Instead, many organizations are stuck with proxy metrics like sessions and page views that struggle to discriminate between robotic access and genuine engagement. This paper presents the results of an innovative project that builds on existing COUNTER metrics to develop more flexible reporting. Reporting goals include surfacing third party engagement with OA content, the use of graphical report formats to improve accessibility, the ability to assemble custom data dashboards, and configurations that support the variant needs of diverse stakeholders. We’ll be sharing our understanding of who the stakeholders are, their differing needs for analytics, feedback on the reports shared, lessons learned, and areas for future research in this evolving area.

Download Full-text

Supply chain agility in humanitarian protracted operations

Journal of Humanitarian Logistics and Supply Chain Management ◽

10.1108/jhlscm-09-2015-0037 ◽

2016 ◽

Vol 6 (2) ◽

pp. 173-201 ◽

Cited By ~ 21

Author(s):

Cécile L'Hermitte ◽

Peter Tatham ◽

Ben Brooks ◽

Marcus Bowles

Keyword(s):

Supply Chain ◽

Humanitarian Logistics ◽

Future Research ◽

Short Term ◽

Content Type ◽

Emergency Operations ◽

Supply Chain Agility ◽

Agile Practices ◽

Basic Features

Purpose – The purpose of this paper is to extend the concept of agility in humanitarian logistics beyond emergency operations. Since the humanitarian logistics literature focuses primarily on emergencies and sees longer term and regular operations as being conducted in relatively stable and predictable environments, agile practices are usually not associated with humanitarian protracted operations. Therefore, this paper explores the logistics and supply chain environment in such operations in order to identify their basic features and determine if agility is an important requirement. Design/methodology/approach – Using a case study of the United Nations World Food Programme, the authors collected and analysed qualitative and quantitative data on the characteristics of protracted operations, the risks and uncertainties most frequently encountered, their impact, and the ways that field logisticians manage contingencies. Findings – The research demonstrates that unpredictability and disruptions exist in protracted operations. Therefore, short-term operational adjustments and agile practices are needed in order to support the continuity of humanitarian deliveries. Research limitations/implications – Future research should focus on a wider range of humanitarian organisations and move from a descriptive to a prescriptive approach in order to inform practice. Notwithstanding these limitations, the study highlights the need for academics to broaden the scope of their research beyond emergencies and to address the specific needs of humanitarian organisations involved in longer term operations. Originality/value – This paper is the first empirical research focusing exclusively on the logistics features of humanitarian protracted operations. It provides a more concrete and complete understanding of these operations.

Download Full-text

Psychological Test Feedback: Canadian Clinicians’ Perceptions and Practices

Canadian Journal of Counselling and Psychotherapy ◽

10.47634/cjcp.v54i4.61217 ◽

2020 ◽

Vol 54 (4) ◽

pp. 691-714

Author(s):

Hansen Zhou ◽

William E. Hanson ◽

Ryan Jacobson ◽

Angie Allan ◽

Diana Armstrong ◽

...

Keyword(s):

Ethical Issues ◽

Secondary Analysis ◽

Third Party ◽

Future Research ◽

Practical Training ◽

Consensual Qualitative Research ◽

Test Feedback ◽

Data Analysis Procedure ◽

Research Questions

This study explores Canadian clinicians’ perceptions of test feedback (TFB) and how those perceptions influence their practice. This secondary analysis of open-ended qualitative data extends a previous study with similar research questions conducted by Jacobson et al. (2015). A case study design and consensual qualitative research (CQR) data analysis procedure was utilized to enhance the trustworthiness of the results. The findings indicate that clinicians give TFB in a variety of settings. Clinicians emphasize the importance of providing tailored and collaborative TFB, of attending to ethical issues related to TFB, and of improving academic training in TFB. Also, clinicians discuss unique situations in which feedback is provided to a third party rather than to the testing individual. Clinical implications such as increased practical training for providing TFB are discussed. Future research could investigate the outcomes of TFB provision.

Download Full-text

CRITICAL ATTRIBUTES ON SUPPLY CHAIN STRATEGY IMPLEMENTATION: CASE STUDY IN EUROPE AND ASIA

Management and Production Engineering Review ◽

10.2478/mper-2013-0040 ◽

2013 ◽

Vol 4 (4) ◽

pp. 66-75

Author(s):

Ilkka Sillanpää ◽

Nurul Aida binti Abdul Malek ◽

Josu Takala

Keyword(s):

Supply Chain ◽

Critical Factor ◽

Business Environment ◽

Strategy Implementation ◽

Future Research ◽

Global Business ◽

Supply Chain Strategy ◽

Factor Index ◽

The Right

Abstract This case study research aims to compare the performance of the implementation of supply chain management (SCM) strategies within Asian and European Companies. The case study measures company’s opinions of supply chain strategy implementation through utilization of Sense and Response methodology. Critical Factor Index (CFI), Balanced Critical Factor Index (BCFI) and Scaled Critical Factor Index (SCFI) are used in this study to represent the result of comparison between European and Asian companies. From the analysis of comparison of all Sense and Response models, it can be concluded that there are differences and similarities of critical attributes that affecting supply chain strategy implementation in Asian and European companies. There are two attributes that have consistent trend for both regions; innovation and organization structure. In this research the analysis of supply chain strategy implementation was made for the needs of manufacturing industry. Suggestions for future research are multiple case studies in different industry areas in global business environment. The results provide a guideline to the company to measure the right attributes for making the right decision in a dynamic environment. It also provides good knowledge for companies to implement supply chain strategies, the main approaches to implement it and the main challenges in supply chain strategy implementation. Supply chain strategy implementation was analyzed in the European and Asian companies. This research shows that there are several developing areas for companies when implementing supply chain strategies.

Download Full-text

ReCellular Inc: Managing Demand Uncertainty in Closed-Loop Remanufacturing

INFORMS Transactions on Education ◽

10.1287/ited.2021.0254ca ◽

2021 ◽

Author(s):

Akshay Mutha ◽

Saurabh Bansal ◽

V. Daniel R. Guide

Keyword(s):

Supply Chain ◽

Demand Uncertainty ◽

Closed Loop ◽

Learning Experience ◽

Third Party ◽

Low Grade ◽

Optimal Decisions ◽

Closed Loop Supply Chains ◽

Specific Factors

The modeling-based case study is useful for two purposes: introduce closed-loop supply chains and highlight and model some of its unique aspects that the traditional newsvendor formulation does not capture. The case focuses on a third-party remanufacturer (3PR) who buys used cellphones in different quality grades in anticipation of demand. Phones in high grade have been used gently—they have a high acquisition cost but low remanufacturing cost. Low-grade phones have been used extensively—they are cheaper to acquire but have a higher remanufacturing cost. Medium-grade phones have intermediate acquisition and remanufacturing costs. The 3PR needs to trade off these two costs and determine which grade(s) of used phones to buy. The 3PR restores all phones to the same like-new standard during remanufacturing. Extensive use of the case in supply chain management courses shows that in the absence of a mathematical model, students systematically deviate from the optimal decisions because of contextual features. Overall, students believed the case was challenging and that it provides a valuable learning experience, both as an exposure to the closed-loop supply chain domain as well as developing models with industry-specific factors.

Download Full-text

The Humanitarian Supply Chain Assessment Tool (HumSCAT)

Journal of Humanitarian Logistics and Supply Chain Management ◽

10.1108/jhlscm-09-2018-0064 ◽

2019 ◽

Vol 9 (2) ◽

pp. 221-249

Author(s):

Ruth Banomyong ◽

Puthipong Julagasigorn ◽

Paitoon Varadejsatitwong ◽

Pairach Piboonrungroj

Keyword(s):

Supply Chain ◽

Supply Chains ◽

Assessment Tool ◽

Recovery Phase ◽

Future Research ◽

Content Type ◽

Humanitarian Supply Chains ◽

Preparation Phase ◽

Humanitarian Supply Chain

Purpose An understanding of the “AS-IS” stage of a relief operation is the basis for further action in humanitarian supply chain management. The purpose of this paper is to develop a toolbox called the Humanitarian Supply Chain Assessment Tool (HumSCAT). This toolbox is comprised of a set of basic tools which can be classified into each phase of disaster relief. Design/methodology/approach The HumSCAT is proposed by paralleling frequently used tools in commercial supply chains with the objectives and characteristics of relief phases. A case study was used to validate the HumSCAT along with six tools provided in the preparation phase. Findings The HumSCAT consists of seven tools in the preparation phase, nine tools in the response phase and ten tools in the recovery phase. The case study illustrates how to use the HumSCAT and the six tools. The latter were found to be useful for improving the relief chain. Research limitations/implications The list of tools is not exclusive. Other tools might be applicable as long as they meet the objectives and characteristics of the phase. A tool should be adjusted accordingly to the contexts. Tools in other phases should be validated in future research. Practical implications The HumSCAT may serve as a reference toolbox for practitioners. Its output can be used for further designing of the “TO-BE” status of humanitarian relief chains. Originality/value The HumSCAT is proposed as a toolbox for academics and practitioners involved in humanitarian supply chains.

Download Full-text