Digital Supply Chains (DSCs) are highly integrated global internet communities of customers, distributors, producers, and suppliers. DSCs have increasingly incorporated Internet of Things (IoT) innovations such as field sensors and real time condition monitoring; and have served as effective platforms for IoT technology diffusion. However, as IoT has become more pervasive, pushing the edges of networks further out, new cyber threat windows have opened everywhere. More recently, Cyber-Supply Chain Risk Management (C-SCRM) has emerged as a critical discipline combining expertise from cybersecurity, supply chain management and enterprise risk management; and designed to stem the proliferation of digital supply chain attacks seeking illicit access to corporate networks for competitive espionage, financial and intellectual property theft, and disruption of operations. Yet to date, there has been little evidence that C-SCRM practices are actually effective in containing all or even some types of breaches.