Security Decisions in a Networked Supply Chain with Integration
Communication network provides an important premise for the development of supply chain integration, but also brings more and more severe information security risks. Thus, the information security of each firm depends both on the firm’s own investment, as well as on the strategies of security made by supply chain firms. Using game theory model, this paper discusses the investment on security and sharing of the security information of the supply chain firms. Particularly, we analyze the impact of supply chain’s integration, and inherent vulnerability of network on firms’ security strategies. The results show that if a firm increases the investment on security, the other firm tends to free-riding. In addition, compared with the joint decision-making of firms, they will have less security investment when making decisions separately. Hence, firms should better form an information-sharing alliance to coordinate their security decisions.
KeywordsSecurity information sharing Security investment Integration degree
- 2.R. Anderson, Why cryptosystems fail, in Proceedings of the 1st ACM Conference on Computer and Communications Security, New York, USA, pp. 215–227, 1993Google Scholar
- 5.M.H.R. Khouzani, V. Pham, C. Cid, Strategic discovery and sharing of vulnerabilities in competitive environments, in International Conference on Decision and Game Theory for Security. Springer International Publishing, pp. 59–78 (2014)Google Scholar
- 6.H. Varian, System reliability and free riding. Econ. Inf. Secur. 2(5799), 1–15 (2004)Google Scholar
- 13.H. Ogut, N. Menon, S. Raghunathan, Cyber insurance and IT security investment: impact of interdependent risk, in Proceedings of Weis’, 2005Google Scholar