| Cybersecurity is dependent on the security of the supply chain, but it is not sustainable through traditional practices of the supply chain. Many scholars and experts believe that information communication and technology products carry cyber vulnerabilities, which may be intentional or unintentional flaws in a computer system, that are not visible into traditional supply chain practices. These flaws bring challenges into the traditional supply chain making its visibility inadequate to sustaining the integrity of computer hardware and software. The existing literature on cybersecurity or supply chain management does not extend far enough to address how to enhance cybersecurity through the emerging field of cyber-supply chain. The void led many scholars and experts to call on additional studies to standardize concepts. The present study emerged to find a theoretical explanation that establishes how cyber-supply chain supports cybersecurity by producing cyber-supply chain concepts to mitigate cyber vulnerabilities in information communication and technology products. Grounded theory methodology served for data collection and analysis. Participants were recruited among graduate students, staff, and faculties from computer science departments at Old Dominion University and Norfolk State University and had strong opinions about strengthening cybersecurity through the cyber-supply chain. The findings revealed the substantive theory of cyber-supply chain visibility that describes how to safeguard cybersecurity through supply chain management through the conception and development (CONDEV), fulfillment and implementation (FULIMP), and regulation and compliance (RECO) stages. The resulting theory is a three-stage model and paradigm shift from traditional supply chain management. The model necessitates cyber-supply chain managers to conquer interdisciplinary proficiency that assimilates risk assessment from both cybersecurity and supply chain management. This study extended the body of cyber-supply chain knowledge while equally confirming the unsuitability of traditional supply chain visibility models into the management of information communication and technology products. Finally, this study unlocked opportunities for additional research and prompted on the necessity to craft a new academic curriculum that would integrate the principles of Cyber-supply chain visibility to prepare present and future business leaders for challenges ahead. |
