Long Thai Bui

ORCID Identifier(s)


Graduation Semester and Year




Document Type


Degree Name

Master of Science in Information Systems


Information Systems and Operations Management

First Advisor

Sridhar Nerur

Second Advisor

Nandu Nagarajan


In this paper, I study the impact of supply chain information networks on cyber risk exposure. I document that firms that are more central in the supply chain information network have higher cyber risk exposure. The rapid advancement of information and communication technology (ICT) has led to increased interconnectedness within global supply chain networks. While this enhances efficiency and profitability, it also exposes these entities to systematic and contagious risks, as cyber criminals exploit the connectedness to infiltrate multiple firms simultaneously. High-profile cyber-attacks like NotPetya, SolarWinds, and Colonial Pipeline have devastating effects on organizations and pose threats to national security. In response to these attacks, the United States government declared vulnerabilities in the supply chain network as a national emergency in 2022, leading to efforts to reinforce cybersecurity systems. However, limited research exists on supply chain factors that determine firms' exposure to cyber-attacks and cyber risk management policies. This paper contributes to the economics of cybercrime literature by exploring the interconnections of digital infrastructure among firms in the supply chain network and demonstrating the use of network theory and empirical analysis techniques to assess firm risk profiles.


Cyber risk, Supply chain, Network analysis


Business | Management Information Systems

Available for download on Thursday, August 01, 2024