Interplay between cyber supply chain risk management practices and cyber security performance

PurposeThis study aims to examine whether the cyber supply chain risk management (CSCRM) practices adopted by manufacturing firms contribute to achieving cyber supply chain (CSC) visibility. Studies have highlighted the necessity of having visibility across interconnected supply chains. Thus, this study examines the extent of CSCRM practices enabling CSC visibility to act as a mediator in achieving CSC performance.Design/methodology/approachA survey method was used to obtain data from the electrical and electronics manufacturing firms registered with the Federations of Malaysian Manufacturers directory. Data from 130 respondents were analysed using IBM SPSS and PLS-SEM.FindingsThis study empirically proves a dedicated governance team's integral role in setting the security tone within its CSC. The result also confirms the significant role that CSC visibility plays in achieving CSC performance. As theorised in the literature, there is also a strong direct relationship between CSC visibility and CSC performance, assuring manufacturing firms that investments and policies devised to improve CSC visibility are fruitful.Originality/valueThe significance of supply chain visibility in an integrated supply chain is recognised and studied using analytical models, behavioural techniques and case studies. Substantial empirical evidence on the CSCRM practices which contributes towards achieving supply chain visibility is still elusive. This study's major contribution lies in identifying CSCRM practices that can contribute towards achieving CSC visibility, and the mediating role CSC visibility plays in achieving CSC performance.