Cybersecurity in ERP-Integrated Supply Chains: Risks and Mitigation Strategies
Article Sidebar
Main Article Content
Abstract
Cybersecurity risks have emerged as a burning issue as global supply chains increasingly use Enterprise Resource Planning (ERP) systems to integrate official systems into their supply chains. ERP systems unite different stakeholders, including suppliers, logistics, and finance teams, making it possible to exchange real-time information and streamline it. However, there is a possibility of cyberattacks in these systems, particularly when integrating with third-party systems, having poor access control, and using outdated software. The emergence of high-profile attacks such as the 2017 NotPetya has underscored the dramatic financial and operational loss factors because of ERP breaches and outlined the importance of firm protection against cyberattacks. This paper discusses the most significant cybersecurity threats to ERP-integrated supply chains and voices the successful mitigation measures. Major risks observed are the vulnerability of third parties, weak access control, and the use of old ERP systems. Such measures as multi-factor authentication, continuous monitoring, and vendor risk management are also evaluated as the best practices of the study. The study provides effective suggestions that can be implemented in organizations to ensure that their ERP-based supply chains are secured, and the chances of data breaches and disruptions in operations are reduced. With the digitalization of supply chains, the future is seen to utilize the new capabilities to use new technologies, including artificial intelligence and blockchain, to further improve the security and information integrity of ERP.
Article Details
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.
References
North Rizza, M. (2023). IDC MarketScape: Worldwide SaaS and cloud-enabled large enterprise ERP 2023–2024 vendor assessment (Doc. No. US50655523). International Data Corporation. https://dam.infor.com/api/public/content/a77719a8b2e94674b34a01ceaa5619fd?v=5df2d28b
Al Maruf, A. (2025). A systematic review of ERP-integrated decision support systems for financial and operational optimization in global retails business. American Journal of Interdisciplinary Studies, 6(1), 236-262.
Konecka, S., & Bentyn, Z. (2024). Cyberattacks as threats in supply chains. https://www.um.edu.mt/library/oar/bitstream/123456789/127946/1/ERSJ27%283%29A47.pdf
Agbelusi, J., Ashi, T. A., & Chukwunweike, S. O. (2024). Breaking down Silos: Enhancing Supply Chain Efficiency through Erp Integration and Automation. International Research Journal of Modernization in Engineering Technology and Science, 6(09), 1-17.
Vishwakarma, S. K. (2025). Sustainable aviation fuel (SAF) procurement challenges. Journal of Innovation and Sustainable Energy Management. https://www.jisem-journal.com/index.php/journal/article/view/9420
Ilori, O., Nwosu, N. T., & Naiho, H. N. N. (2024). Third-party vendor risks in IT security: A comprehensive audit review and mitigation strategies. World Journal of Advanced Research and Reviews, 22(3), 213-224.
Ponemon Institute LLC. (2024). Unlocking the cost of chaos: The state of enterprise mobility in life- and mission-critical industries (Ponemon report; sponsored by Imprivata). Imprivata. https://security.imprivata.com/rs/413-FZZ-310/images/ebook-ponemon-report-2024.pdf
Casildo, E., & Park, D. (2020). The Total Economic Impact™ of Acumatica: Cost savings and business benefits enabled by Acumatica (A Forrester Total Economic Impact™ study commissioned by Acumatica). Forrester Consulting. https://www.acumatica.com/media/2020/04/The-Total-Economic-Impact-of-Acumatica.pdf?utm_source=chatgpt.com
Accenture. (2020). Third annual state of cyber resilience: Innovate for cyber resilience—Lessons from leaders to master cybersecurity execution. Accenture. https://insuranceblog.accenture.com/wp-content/uploads/2020/05/Accenture-Cybersecurity-Report-2020.pdf
IBM Security, & Ponemon Institute. (2020). Cost of a data breach report 2020. IBM. https://www.ibm.com/security/digital-assets/cost-data-breach-report/1Cost%20of%20a%20Data%20Breach%20Report%202020.pdf
Atakari, C. (2024). A Multi-Layered Cybersecurity Model for ERP Systems Supporting National Critical Infrastructure: Threats, Challenges, and Solutions. International Journal of Emerging Trends in Computer Science and Information Technology, 5(1), 94-101.
Dhanagari, M. R. (2025). Aerospike: The key to high-performance real-time data processing. JISEM Journal. https://www.jisem-journal.com/index.php/journal/article/view/8894
Samala, S. (2025). Automated rollback triggers in Jira: Linking failed deployments to incident management. Computer Fraud & Security. https://computerfraudsecurity.com/index.php/journal/article/view/787
Steinberg, S., Stepan, A., & Neary, K. (2021). NotPetya: A Columbia University case study (SIPA-21-022.1). Columbia University, School of International and Public Affairs (SIPA), Picker Center Digital Education Group. https://www.sipa.columbia.edu/sites/default/files/2022-11/NotPetya%20Final.pdf
Nagaraj, V. (2024). Addressing power efficiency challenges in AI hardware through verification. SciPubHouse. https://scipubhouse.com/home/international-journal-of-sustainability-and-innovation-in-engineering-ijsie/content/ijsie-2024/addressing-power-efficiency-challenges-in-ai-hardware-through-verification/
Xu, L., Li, Y., Lin, Y., Tang, C., & Yao, Q. (2024). Supply chain cybersecurity investments with interdependent risks under different information exchange modes. International Journal of Production Research, 62(6), 2034-2059.
Durgam, S. (2025). CICD automation for financial data validation and deployment pipelines. JISEM Journal. https://www.jisem-journal.com/index.php/journal/article/view/8900
Gartner. (2020). Gartner Security & Risk Management Summit, Day 1 highlights. Gartner Newsroom. https://www.gartner.com/en/newsroom/press-releases/2020-09-14-gartner-security---risk-management-summit--day-1-high
Efe, A. (2024). Risk modelling of cyber threats against MIS and ERP applications. Pamukkale Üniversitesi İşletme Araştırmaları Dergisi, 11(2), 502-530.
Nzimande, X. (2025). A Critical evaluation of proactive cybersecurity countermeasures in business information systems and industrial control systems to mitigate cyber-attacks (Doctoral dissertation, Stellenbosch: Stellenbosch University).
Hariharan, R. (2025). Zero trust security in multi-tenant cloud environments. JISEM Journal. https://www.jisem-journal.com/index.php/journal/article/view/8899
Forrester Consulting. (2025). The Total Economic Impact™ of Microsoft Entra Suite: Cost savings and business benefits enabled by Microsoft Entra Suite (A Forrester Total Economic Impact™ study commissioned by Microsoft). https://tei.forrester.com/go/Microsoft/EntraSuite/docs/Forrester_TEI_The_Total_Economic_Impact%E2%84%A2_Of_Microsoft_Entra_Suite_vA.pdf
Chadha, K. S. (2025). Zero-trust data architecture for multi-hospital research: HIPAA-compliant unification of EHRs, wearable streams, and clinical trial analytics. IJCESEN. https://ijcesen.com/index.php/ijcesen/article/view/3477
A.P. Møller - Mærsk A/S. (2017). Cyber attack update [Press release]. GlobeNewswire. https://www.globenewswire.com/news-release/2017/06/28/1029815/0/en/Cyber-attack-update.html
Aslan, Ö., Aktuğ, S. S., Ozkan-Okay, M., Yilmaz, A. A., & Akin, E. (2023). A comprehensive review of cyber security vulnerabilities, threats, attacks, and solutions. Electronics, 12(6), 1333.
Odimarha, A. C., Ayodeji, S. A., & Abaku, E. A. (2024). Securing the digital supply chain: Cybersecurity best practices for logistics and shipping companies. World Journal of Advanced Science and Technology, 5(1), 026-030.
Mukkawar, A. (2025). Adaptive Security Framework for ERP Systems: Leveraging AI/ML with RBAC and ABAC to Combat Emerging Threats.
Gannavarapu, P. (2025). Performance optimization of hybrid Azure AD join across multi-forest deployments. JISEM Journal. https://www.jisem-journal.com/index.php/journal/article/view/8897
Barakat, W. A. (2024). An examination of emerging technologies in supply chain management and their impacts on efficiency in the automotive industry. Pepperdine University.
Fadojutimi, B., Israel, A., Arowosegbe, O. B., & Ashi, T. A. (2024). Future-Proofing Supply-chains: Leveraging ERP Platforms for Advanced Automation and Interoperability. International Research Journal of Modernization in Engineering Technology and Science, 6(9), 1241-1261.
Lulla, K. (2025). Pre-silicon DFT feedback loops: Enhancing GPU productisation efficiency. IJCESEN. https://ijcesen.com/index.php/ijcesen/article/view/3778/1063
Weinberg, A. I., & Cohen, K. (2024). Zero trust implementation in the emerging technologies era: Survey. arXiv preprint arXiv:2401.09575.
Aljohani, A. (2023). Zero-trust architecture: Implementing and evaluating security measures in modern enterprise networks. Shifra, 2023, 60-72.
Owusu-Berko, L. (2025). Advanced supply chain analytics: Leveraging digital twins, IoT and blockchain for resilient, data-driven business operations.
Dang Jr, T., & DANG, Q. T. T. (2024). The development of ERP-related courses for purchasing and logistics students: ERP and Logistics Simulation courses at JAMK.
Chinta, P. C. R., Jha, K. M., Velaga, V., Moore, C., Routhu, K., & SADARAM, G. (2024). Harnessing Big Data and AI-Driven ERP Systems to Enhance Cybersecurity Resilience in Real-Time Threat Environments. Available at SSRN 5151788.
Jha, A. C. (2025). Automated firewall policy generation with reinforcement learning. IJIOT.
https://www.academicpublishers.org/journals/index.php/ijiot/article/view/5483
Surana, S. (2025). Implementing ERP Systems in Financial Services: A Case Study on Driving Adoption and Ensuring Data Integrity. Journal Of Economics And Business Management, 4(6), 1-10.
Kunduru, A. R. (2023). Blockchain technology for ERP systems: A review. American Journal of Engineering, Mechanics and Architecture, 1(7), 56-63.
Gooda, S. K., Mohanraj, P., Veni, J., Ashish, A., Kannadhasan, S., & Thamizhkani, B. (2025). Cloud-Based Solutions for Scalable Enterprise Resource Planning Systems Benefits and Implementation Strategies. In ITM Web of Conferences (Vol. 76, p. 05002). EDP Sciences.
Anh, N. H. (2024). Hybrid Cloud Migration Strategies: Balancing Flexibility, Security, and Cost in a Multi-Cloud Environment. Transactions on Machine Learning, Artificial Intelligence, and Advanced Intelligent Systems, 14(10), 14-26.
Kommidi, V. R., Padakanti, S., & Pendyala, V. (2024). Securing the Cloud: A Comprehensive Analysis of Data Protection and Regulatory Compliance in Rule-Based Eligibility Systems. Technology (IJRCAIT), 7(2).
Sargiotis, D. (2024). Data security and privacy: Protecting sensitive information. In Data governance: a guide (pp. 217-245). Cham: Springer Nature Switzerland.
Srikanth Reddy Gudi. (2025). A Comparative Analysis of Pivotal Cloud Foundry and OpenShift Cloud Platforms. The American Journal of Applied Sciences, 7(07), 20–29. https://doi.org/10.37547/tajas/Volume07Issue07-03
Naveen Salunke. (2024). Cost Optimization in Supply Chain Management Leveraging Vendor Development and Sourcing Strategies. Journal of Business and Management Studies, 6(5), 225-237. https://doi.org/10.32996/jbms.2024.6.5.24