The Anatomy of a Good Concept: A Systematic Review on Cyber Supply Chain Risk Management

As contemporary global supply chains have become interconnected and exposed to diverse escalating cyber threats, Cyber Supply Chain Risk Management (C-SCRM) has rapidly evolved as a managerial imperative to safeguard security, robustness, and resilience, and hence ensure organizational sustainability and growth. While the concept of C-SCRM has recently received much attention among scholars, practitioners, and policymakers as an emerging field of study, its conceptual utility and theoretical foundation remain undeveloped. To address this gap, this paper provides a systematic literature review of C-SCRM using a hybrid approach that integrates bibliometric and concept evaluation analysis to ensure the goodness of the concept. A total of 175 relevant peer-reviewed scholarly articles from the Web of Science (WOS) Core Collection were collected and analyzed. The review reveals that the concept has many strengths, in terms of its interdisciplinary conceptual foundation and growing managerial relevance, but it also suffers from conceptual diffusion, overlapping terminology, and limited construct operationalization that inhibits theory development, hinders empirical accumulation, and limits practitioners’ ability to operationalize C-SCRM as a strategic resource. This review contributes to the C-SCRM literature by providing (1) a historical overview and intellectual structure of C-SCRM; (2) a synthesis and comparative analysis of the existing definitions; (3) an evaluation of the conceptual adequacy and theoretical relevance that underpin C-SCRM research based on established criteria and (4) conceptual and empirical research directions as well as an integrative framework. Based on the insights, our review might facilitate the improvement of multidimensional construct clarity and validation in future empirical studies and could be a useful tool for managers to benchmark C-SCRM maturity in practice.