Integrating cybersecurity into supply chain risk management in elector
Lessons from Kenya's nascent democracy
Abstract
Kenya, like many African nations, is a nascent democracy striving to achieve credible and transparent electoral processes. The adoption of advanced technologies, such as the Kenya Integrated Election Management System (KIEMS), by the Independent Electoral and Boundaries Commission (IEBC) aims to enhance the efficiency of the electoral supply chain. However, this technological integration has inadvertently exposed the electoral process to significant cybersecurity threats, thereby compromising the integrity of critical supply chain components. This study employs a phenomenological qualitative case study design to investigate the cybersecurity vulnerabilities within Kenya's electoral supply chain, focusing on procurement logistics, ballot paper production, and reverse logistics during the post-election phase. Through in-depth interviews with purposively selected IEBC employees, the study identifies key cyber threats, including vendor manipulation, database hacking, social media disinformation, and foreign technological interference. These threats have led to legal disputes and contested election outcomes, as evidenced in Kenya's 2013, 2017, and 2022 elections. The findings underscore the urgent need for nascent democracies to integrate robust cybersecurity measures into their supply chain risk management strategies to safeguard electoral integrity and enhance resilience against cyber-attacks. By addressing these vulnerabilities, young democracies can mitigate the risks of election contestations and ensure the legitimacy of their democratic processes.
The registered author has submitted the article (the "Work") for Transport & Logistics the International Journal published by the Institute of Logistics, FBERG, Technical University of Košice.
The author transfers to the Institute of Logistics, FBERG, Technical University of Košice (the "Publisher") during the full term of copyright, the exclusive rights comprised in the copyright of the Work, including but not limited to the right to publish the Work and the material contained therein throughout the world, in all languages and in all media of expression now known or later developed, and to license or permit others to do so.
Notwithstanding the above, the author retains the following:
- Proprietary rights other than copyright, such as patent rights.
- The right to make copies of all or part of the Work for the author’s use in classroom teaching.
- The right to use, after publication, all or part of the Work in a book by the author, or a collection of the author’s work.
- The right to make copies of the Work for internal distribution within the institution which employs the author.
- The right to use figures and tables of the Work, and up to 250 words of text, for any purpose.
- The right to make oral presentations of material from the Work.
- The right to publish an extended, updated or rewritten version in another periodical.
- The right to include the work (post and preprint version) in an institutional repository.
The author agrees that all copies made under any of the above conditions will include a notice of copyright and a citation to the Publication.
The author represents that the Work is the author’s original work. If the Work was prepared jointly, the author agrees to inform the co-authors of the terms of this Agreement and to obtain their permission to sign on their behalf. The Work is submitted only to this, and has not been published before. (If excerpts from copyrighted works are included, the author will obtain written permission from the copyright owners and show credit to the sources in the Work.) The author also represents that, to the best of his or her knowledge, the Work contains no libellous or unlawful statements, does not infringe on the rights of others, or contain material or instructions that might cause harm or injury.
