Loading…

Managing supply chain risk and disruption from IT security incidents

Supply chain practices often put companies and their supply chains at risk. One of the most serious risks is disruptions. While many types of disruptions have been considered, little attention has been given to disruptions caused by information technology (IT) security incidents. Partner cooperation...

Full description

Saved in:
Bibliographic Details
Published in:Operations management research 2009-12, Vol.2 (1-4), p.4-12
Main Authors: Deane, Jason K., Ragsdale, Cliff T., Rakes, Terry R., Rees, Loren Paul
Format: Article
Language:English
Subjects:
Citations: Items that this one cites
Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Supply chain practices often put companies and their supply chains at risk. One of the most serious risks is disruptions. While many types of disruptions have been considered, little attention has been given to disruptions caused by information technology (IT) security incidents. Partner cooperation can assist in preventing or mitigating damage from IT security breaches in supply chains, where breaches can disrupt production, cause loss of essential data, and compromise confidential information. We develop a generalizable mathematical model that quantifies IT security risk in the supply chain. We then show how to find solutions for optimal risk reduction under several definitions of optimality: minimizing upstream risk, minimizing downstream risk, and minimizing global (supply chain) risk. We show how to develop curves for each of the above scenarios that indicate when extra funds should be spent on security, which security controls should be implemented, and when subsidies among partners are beneficial.
ISSN:1936-9735
1936-9743
DOI:10.1007/s12063-009-0018-2