The Impact of Digital Vulnerabilities on Organizational Resilience : A case study of different perceptions in a supply chain

Abstract

Digitalization hasled organizations to bemore effective and cost efficient. However,it has also broughtnew sets of vulnerabilities. Digital vulnerabilities can occurfrom technology, such as bugs or malfunction in software, or from human interaction with technology. These vulnerabilities could originate from either intentional or unintentional actionsand reduce an organizations’resilience if appropriate capabilitiesare not constructed. These capabilities areconsidered to be an organizations’skill to achieve itsambiguous goals. This thesisaimsto investigate how digital vulnerabilities impact organizational resilienceby posing three research questions. These are answered by conductinga case study of a four-tiered supply chain, performing qualitative interviews backed up by a literature review.It identifieskey digital vulnerabilities presentin a supply chainandthe consequences of ignoring them. Furthermore, acomparisonof different perceptions of digital vulnerabilitiesand organizational resilienceis given andguidanceon future organizational resilienceispresented.Our findingshighlight the extensive use of e-mail andflow of informationas the most significantsource ofdigital vulnerabilities. Exchange of sensitive documentationwith unknown recipientsreduce the oversight of who obtainsinformation,consequently leading it to fallinto the wrong hands.Considering differences in perceptions, does the main distinctionoccur between the third and fourth tier. The first three tiers are aware of their possibility of being attacked, while there is a general belief among the fourth tierthat unfortunate events do happen, but not to them. A supply chainscommon goal of staying resilient is challenged by the tiers having different understandings and ways of handling digital vulnerabilities. The smaller organizations were not pointed out as the weakest link.However,our findings show that they are a bigger threat to the supply chain than they are aware of. A denying attitude toward digital vulnerabilities will potentially damage organizational resilience if they are not properly managed.