{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2023,4,7]],"date-time":"2023-04-07T04:32:29Z","timestamp":1680841949841},"reference-count":60,"publisher":"Elsevier BV","content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["SSRN Journal"],"DOI":"10.2139\/ssrn.4101510","type":"journal-article","created":{"date-parts":[[2022,5,11]],"date-time":"2022-05-11T05:09:24Z","timestamp":1652245764000},"source":"Crossref","is-referenced-by-count":0,"title":["A Cybersecurity Incident Classification Integrating the Perspectives of Perpetrators and Target Companies"],"prefix":"10.2139","author":[{"given":"N\u00fabio","family":"Gomes Filho","sequence":"first","affiliation":[]},{"given":"Nazar\u00e9","family":"Rego","sequence":"additional","affiliation":[]},{"given":"Jo\u00e3o","family":"Claro","sequence":"additional","affiliation":[]}],"member":"78","reference":[{"issue":"1","key":"ref1","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1093\/cybsec\/tyy006","article-title":"A taxonomy of cyber-harms: Defining the impacts of cyber-attacks and understanding how they propagate","volume":"4","author":"I Agrafiotis","year":"2018","journal-title":"Journal of Cybersecurity"},{"key":"ref2","first-page":"71","volume":"13","author":"B Arief","year":"2015","journal-title":"Understanding Cybercrime from Its Stakeholders' Perspectives: Part 1--Attackers. IEEE Security & Privacy"},{"issue":"2","key":"ref3","doi-asserted-by":"crossref","first-page":"84","DOI":"10.1109\/MSP.2015.44","article-title":"Understanding Cybercrime from Its Stakeholders' Perspectives: Part 2--Defenders and Victims","volume":"13","author":"B Arief","year":"2015","journal-title":"IEEE Security & Privacy"},{"key":"ref4","doi-asserted-by":"crossref","DOI":"10.6028\/NIST.SP.800-161r1-draft2","author":"J Boyens","year":"2021","journal-title":"Cyber Supply Chain Risk Management Practices for Systems and Organizations Cyber Supply Chain Risk Management Practices for Systems and Organizations"},{"issue":"1","key":"ref5","doi-asserted-by":"crossref","first-page":"29","DOI":"10.1016\/S0167-4048(97)85785-9","article-title":"Information system attacks: A preliminary classification scheme","volume":"16","author":"F Cohen","year":"1997","journal-title":"Computers & Security"},{"issue":"3","key":"ref6","doi-asserted-by":"crossref","first-page":"1","DOI":"10.21314\/JOP.2019.228","article-title":"An investigation of cyber loss data and its links to operational risk","volume":"14","author":"R D Cohen","year":"2019","journal-title":"Journal of Operational Risk"},{"issue":"2","key":"ref7","doi-asserted-by":"crossref","first-page":"215","DOI":"10.1108\/SCM-09-2017-0289","article-title":"Managing cyber and information risks in supply chains: insights from an exploratory analysis","volume":"24","author":"C Colicchia","year":"2019","journal-title":"Supply Chain Management"},{"key":"ref8","first-page":"1","article-title":"Parameter estimation and model selection","author":"L M Collins","year":"2010","journal-title":"Latent Class and Latent Transition Analysis: With Applications in the Social, Behavioral, and Health Sciences"},{"issue":"4","key":"ref9","doi-asserted-by":"crossref","first-page":"19","DOI":"10.22215\/timreview\/887","article-title":"Building Cyber-Resilience into Supply Chains","volume":"5","author":"A Davis","year":"2015","journal-title":"Technology Innovation Management Review"},{"issue":"6","key":"ref10","first-page":"1","article-title":"Multiple Imputation for General Missing Data Patterns in the Presence of High-dimensional Data","author":"Y Deng","year":"2015","journal-title":"Scientific Reports"},{"issue":"4","key":"ref11","doi-asserted-by":"crossref","first-page":"171","DOI":"10.1108\/09685229910292664","article-title":"Managing and controlling computer misuse","volume":"7","author":"G Dhillon","year":"1999","journal-title":"Information Management & Computer Security"},{"key":"ref12","doi-asserted-by":"crossref","first-page":"403","DOI":"10.1016\/j.chb.2018.11.039","article-title":"Toward a cybercrime classification ontology: A knowledge-based approach","volume":"92","author":"C Donalds","year":"2018","journal-title":"Computers in Human Behavior"},{"issue":"3","key":"ref13","doi-asserted-by":"crossref","first-page":"1109","DOI":"10.1016\/j.ejor.2018.07.021","article-title":"What are the actual costs of cyber risk events?","volume":"272","author":"M Eling","year":"2019","journal-title":"European Journal of Operational Research"},{"issue":"6","key":"ref14","doi-asserted-by":"crossref","first-page":"677","DOI":"10.1108\/17410390710830727","article-title":"Information risks management in supply chains: an assessment and mitigation framework","volume":"20","author":"M N Faisal","year":"2007","journal-title":"Journal of Enterprise Information Management"},{"key":"ref15","article-title":"Public companies' cybersecurity risk disclosures","volume":"38","author":"L Gao","year":"2020","journal-title":"International Journal of Accounting Information Systems"},{"issue":"2","key":"ref16","first-page":"223","article-title":"Managing cyber risk in supply chains: a review and research agenda","volume":"25","author":"A Ghadge","year":"2019","journal-title":"An International Journal"},{"key":"ref17","doi-asserted-by":"crossref","first-page":"261","DOI":"10.1016\/j.procs.2021.01.145","article-title":"Supply chain flows and stocks as entry points for cyber-risks","volume":"181","author":"N Gomes Filho","year":"2020","journal-title":"Procedia Computer Science"},{"issue":"1","key":"ref18","doi-asserted-by":"crossref","first-page":"33","DOI":"10.3233\/JCS-2009-0398","article-title":"The impact of information security breaches: Has there been a downward shift in costs","volume":"19","author":"L A Gordon","year":"2011","journal-title":"Journal of Computer Security"},{"issue":"3","key":"ref19","article-title":"Market Value of Voluntary Disclosures Concerning Information Security","volume":"34","author":"Loeb Gordon","year":"2010","journal-title":"MIS Quarterly"},{"key":"ref20","doi-asserted-by":"crossref","first-page":"124134","DOI":"10.1109\/ACCESS.2020.3006172","article-title":"Have You Been a Victim of COVID-19-Related Cyber Incidents? Survey, Taxonomy, and Mitigation Strategies","volume":"8","author":"S Hakak","year":"2020","journal-title":"IEEE Access"},{"issue":"1","key":"ref21","doi-asserted-by":"crossref","first-page":"31","DOI":"10.1016\/j.cose.2004.06.011","article-title":"A taxonomy of network and computer attacks","volume":"24","author":"S Hansman","year":"2005","journal-title":"Computers & Security"},{"issue":"1","key":"ref22","doi-asserted-by":"crossref","first-page":"81","DOI":"10.1198\/tast.2009.0016","article-title":"Review of three latent class cluster analysis packages: Latent gold, poLCA, and MCLUST","volume":"63","author":"D Haughton","year":"2009","journal-title":"American Statistician"},{"issue":"1","key":"ref23","doi-asserted-by":"crossref","first-page":"11","DOI":"10.1145\/3051473.3051476","article-title":"Market Reaction to Security Breach Announcements","volume":"48","author":"A Hovav","year":"2017","journal-title":"ACM SIGMIS Database: The DATABASE for Advances in Information Systems"},{"key":"ref24","author":"J D Howard","year":"1997","journal-title":"An Analysis of Security Incidents on the Internet 1989-1995"},{"issue":"9","key":"ref25","doi-asserted-by":"crossref","first-page":"1277","DOI":"10.1177\/1049732305276687","article-title":"Three Approaches to Qualitative Content Analysis","volume":"15","author":"H.-F Hsieh","year":"2005","journal-title":"Qualitative Health Research"},{"issue":"4","key":"ref26","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1145\/3418288","article-title":"Analysis of Cyber Incident Categories Based on Losses","volume":"11","author":"J P Kesan","year":"2020","journal-title":"ACM Transactions on Management Information Systems"},{"key":"ref27","first-page":"6","volume":"5","author":"O Khan","year":"2015","journal-title":"Supply Chain Cyber-Resilience: Creating an Agenda for Future Research"},{"issue":"2","key":"ref28","doi-asserted-by":"crossref","first-page":"105","DOI":"10.1002\/jip.31","article-title":"A classification of computer security incidents based on reported attack data","volume":"2","author":"M Kjaerland","year":"2005","journal-title":"Journal of Investigative Psychology and Offender Profiling"},{"issue":"7","key":"ref29","doi-asserted-by":"crossref","first-page":"522","DOI":"10.1016\/j.cose.2006.08.004","article-title":"A taxonomy and comparison of computer security incidents from the commercial and government sectors","volume":"25","author":"M Kjaerland","year":"2006","journal-title":"Computers & Security"},{"issue":"3","key":"ref30","doi-asserted-by":"crossref","DOI":"10.1145\/185403.185412","article-title":"A taxonomy of computer program security flaws, with examples","volume":"26","author":"C E Landwehr","year":"1994","journal-title":"ACM Computing Surveys"},{"issue":"10","key":"ref31","doi-asserted-by":"crossref","first-page":"1","DOI":"10.18637\/jss.v042.i10","article-title":"poLCA : An R Package for Polytomous Variable Latent Class Analysis","volume":"42","author":"D A Linzer","year":"2011","journal-title":"Journal of Statistical Software"},{"issue":"2","key":"ref32","article-title":"Threats to Information Systems: Today's Reality, Yesterday's Understanding","volume":"16","author":"K D Loch","year":"1992","journal-title":"MIS Quarterly"},{"issue":"2","key":"ref33","doi-asserted-by":"crossref","first-page":"105","DOI":"10.1080\/01924036.2004.9678719","article-title":"Cybercrime: Towards an Assessment of its Nature and Impact","volume":"28","author":"S D Moitra","year":"2004","journal-title":"International Journal of Comparative and Applied Criminal Justice"},{"key":"ref34","volume":"108","author":"L Mosterd","year":"2021","journal-title":"Context dependent trade-offs around platform-to-platform openness: The case of the Internet of Things"},{"key":"ref35","author":"D Oberski","year":"2019","journal-title":"Calculate entropy R2 for poLCA model"},{"key":"ref36","first-page":"362","volume":"34","author":"D Reddy","year":"2014","journal-title":"Criticality analysis and the supply chain: Leveraging representational assurance"},{"key":"ref37","volume":"115","author":"A Robb","year":"2022","journal-title":"Enhancing organisational innovation capability -A practice-oriented insight for pharmaceutical companies"},{"issue":"7","key":"ref38","doi-asserted-by":"crossref","first-page":"716","DOI":"10.3844\/jcssp.2010.716.722","article-title":"Amelioration of Attack Classifications for Evaluating and Testing Intrusion Detection System","volume":"6","author":"M Saber","year":"2010","journal-title":"Journal of Computer Science"},{"issue":"6","key":"ref39","first-page":"165","article-title":"Cybercrime and Cybercriminals: A Comprehensive Study","volume":"4","author":"R Sabillon","year":"2016","journal-title":"International Journal of Computer Networks and Communications Security"},{"issue":"6","key":"ref40","doi-asserted-by":"crossref","first-page":"1196","DOI":"10.1016\/j.sapharm.2016.11.011","article-title":"Latent Class Analysis: An example for reporting results","volume":"13","author":"J B Schreiber","year":"2017","journal-title":"Research in Social and Administrative Pharmacy"},{"key":"ref41","first-page":"33","article-title":"Commission Statement and Guidance on Public Company Cybersecurity Disclosures","volume":"2","year":"2011","journal-title":"CF Disclosure Guidance"},{"issue":"2","key":"ref42","doi-asserted-by":"crossref","first-page":"238","DOI":"10.1108\/JEIM-03-2014-0031","article-title":"Modeling information risk in supply chain using Bayesian networks","volume":"29","author":"S Sharma","year":"2016","journal-title":"Journal of Enterprise Information Management"},{"issue":"0","key":"ref43","first-page":"1","article-title":"A quantitative bow-tie cyber risk classification and assessment framework","volume":"0","author":"B Sheehan","year":"2021","journal-title":"Journal of Risk Research"},{"issue":"1","key":"ref44","doi-asserted-by":"crossref","first-page":"161","DOI":"10.1016\/j.ejor.2019.09.017","article-title":"Cybersecurity investments in the supply chain: Coordination and a strategic attacker","volume":"282","author":"J Simon","year":"2020","journal-title":"European Journal of Operational Research"},{"issue":"11","key":"ref45","doi-asserted-by":"crossref","first-page":"2595","DOI":"10.1080\/00207540601020544","article-title":"A critical balance: collaboration and security in the IT-enabled supply chain","volume":"45","author":"G E Smith","year":"2007","journal-title":"International Journal of Production Research"},{"key":"ref46","article-title":"Defining cyber risk","volume":"135","author":"G Strupczewski","year":"2020","journal-title":"Safety Science"},{"issue":"3","key":"ref47","doi-asserted-by":"crossref","first-page":"3","DOI":"10.1145\/572241.572242","article-title":"Defining the boundaries of computer crime","volume":"30","author":"H T Tavani","year":"2000","journal-title":"ACM SIGCAS Computers and Society"},{"issue":"4","key":"ref48","doi-asserted-by":"crossref","first-page":"710","DOI":"10.1109\/TSMC.2017.2700495","article-title":"A Systematic Approach Toward Description and Classification of Cybercrime Incidents","volume":"49","author":"G Tsakalidis","year":"2019","journal-title":"IEEE Transactions on Systems, Man, and Cybernetics: Systems"},{"issue":"3","key":"ref49","first-page":"12","article-title":"mice: Multivariate Imputation by Chained Equations in R","volume":"45","author":"S Van Buuren","year":"2011","journal-title":"International Journal of Cyber Warfare and Terrorism"},{"key":"ref50","first-page":"392","volume":"34","author":"H S Venter","year":"2014","journal-title":"Security issues in the security cyber supply chain in South Africa"},{"key":"ref51","author":"J K Vermunt","year":"2016","journal-title":"Technical Guide for Latent GOLD 5.1: Basic, Advanced and Syntax"},{"key":"ref52","article-title":"Interorganizational Cooperation in Supply Chain Cybersecurity: A Cross-Industry Study of the Effectiveness of the UK Implementation of the NIS Directive","volume":"48","author":"T Wallis","year":"2021","journal-title":"Information & Security: An International Journal"},{"issue":"2","key":"ref53","doi-asserted-by":"crossref","first-page":"201","DOI":"10.1287\/isre.1120.0437","article-title":"The association between the disclosure and the realization of information security risk factors","volume":"24","author":"T Wang","year":"2013","journal-title":"Information Systems Research"},{"issue":"7\/8","key":"ref54","doi-asserted-by":"crossref","first-page":"710","DOI":"10.1108\/09600030010346521","article-title":"Cyber attacks against supply chain management systems: a short note","volume":"30","author":"M Warren","year":"2000","journal-title":"International Journal of Physical Distribution & Logistics Management"},{"issue":"4","key":"ref55","doi-asserted-by":"crossref","first-page":"287","DOI":"10.1177\/0095798420930932","article-title":"Latent Class Analysis: A Guide to Best Practice","volume":"46","author":"B E Weller","year":"2020","journal-title":"Journal of Black Psychology"},{"issue":"8","key":"ref56","doi-asserted-by":"crossref","first-page":"91","DOI":"10.1145\/859670.859675","article-title":"Enemy at the gate: Threats to information security","volume":"46","author":"M E Whitman","year":"2003","journal-title":"Communications of the ACM"},{"issue":"1","key":"ref57","doi-asserted-by":"crossref","first-page":"43","DOI":"10.1016\/j.ijinfomgt.2003.12.003","article-title":"In defense of the realm: Understanding the threats to information security","volume":"24","author":"M E Whitman","year":"2004","journal-title":"International Journal of Information Management"},{"key":"ref58","first-page":"382","volume":"34","author":"C Williams","year":"2014","journal-title":"Security in the cyber supply chain: Is it achievable in a complex"},{"issue":"2","key":"ref59","first-page":"135","article-title":"A System-Fault-Risk Framework for cyber attack classification","volume":"5","author":"N Ye","year":"2005","journal-title":"Information Knowledge Systems Management"},{"issue":"2-3","key":"ref60","doi-asserted-by":"crossref","first-page":"143","DOI":"10.1080\/09537287.2019.1631468","article-title":"Moving towards digitalization: a multiple case study in manufacturing","volume":"31","author":"A Zangiacomi","year":"2020","journal-title":"Production Planning & Control"}],"container-title":["SSRN Electronic Journal"],"original-title":[],"language":"en","deposited":{"date-parts":[[2023,4,6]],"date-time":"2023-04-06T19:33:22Z","timestamp":1680809602000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.ssrn.com\/abstract=4101510"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022]]},"references-count":60,"URL":"https:\/\/doi.org\/10.2139\/ssrn.4101510","relation":{},"ISSN":["1556-5068"],"issn-type":[{"value":"1556-5068","type":"electronic"}],"subject":[],"published-other":{"date-parts":[[2022]]},"published":{"date-parts":[[2022]]}}}