Agility unchained: An agile incident response approach for managing supply chain attacks

Thumbnail Image

Files

master_Wei_Yijuan_2026.pdf (1.45 MB)

URL

Journal Title

Journal ISSN

Volume Title

School of Business | Master's thesis
Unless otherwise stated, all rights belong to the author. You may download, display and print this publication for Your own personal use. Commercial use is prohibited.

Authors

Date

2025-12-28

Department

Major/Subject

Mcode

Degree programme

Master's programme in Information and Service Management
Tieto- ja palvelujohtamisen maisteriohjelma

Language

en

Pages

83

Series

Abstract

Increasing digitalization and interconnectivity have heightened the vulnerability of global supply chains to cyberattacks. High-profile incidents such as the SolarWinds breach demonstrate how compromising a single trusted supplier can trigger widespread operational, financial, and reputational consequences across entire supply chain networks, affecting both enterprises and government agencies. As supply chain attacks grow more sophisticated, the rigidity of conventional Incident Response (IR) models have become increasingly evident. This thesis proposes an agile incident response framework for managing supply chain attacks. The theoretical framework integrates three core agile principles (iterative and incremental approach, communication and collaboration, and continuous learning and improvement) into the traditional IR lifecycle. By aligning empirical challenges in real-world IR practices with agile theory, the framework aims to enhance IR agility and cyber resilience across supply chains. The empirical study adopts a qualitative field study approach. Four semi-structured interviews were conducted with cybersecurity and supply chain professionals. Thematic analysis was used to identify key challenges in existing IR processes and derive agile integrated implementation practices. These insights form the foundation of the theoretical framework and thirteen propositions. To assess practical feasibility and effectiveness, the framework and propositions were sub-sequently evaluated by six industry practitioners through a structured expert survey. Findings indicate that adopting an agile IR approach can strengthen supply chain IR agility by enhancing organizational and supply chain-wide coordination, enabling incremental containment and recovery, and fostering continuous organizational learning. The study contributes to both theory and practice by offering a structured, practitioner-validated model that supports more adaptive and resilient incident response in increasingly complex and risky supply chain ecosystems.

Description

Supervisor

Ghanbari, Hadi

Keywords

cybersecurity, incident response, incident management, agile incident response, supply chain attacks, supply chain cyber resilience

Other note

Citation

Permanent link to this item

https://urn.fi/URN:NBN:fi:aalto-202601151317

Collections

[gradu] Kauppakorkeakoulu / BIZ