Loading…
Managing supply chain risk and disruption from IT security incidents
Supply chain practices often put companies and their supply chains at risk. One of the most serious risks is disruptions. While many types of disruptions have been considered, little attention has been given to disruptions caused by information technology (IT) security incidents. Partner cooperation...
Saved in:
Published in: | Operations management research 2009-12, Vol.2 (1-4), p.4-12 |
---|---|
Main Authors: | , , , |
Format: | Article |
Language: | English |
Subjects: | |
Citations: | Items that this one cites Items that cite this one |
Online Access: | Get full text |
Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
Summary: | Supply chain practices often put companies and their supply chains at risk. One of the most serious risks is disruptions. While many types of disruptions have been considered, little attention has been given to disruptions caused by information technology (IT) security incidents. Partner cooperation can assist in preventing or mitigating damage from IT security breaches in supply chains, where breaches can disrupt production, cause loss of essential data, and compromise confidential information. We develop a generalizable mathematical model that quantifies IT security risk in the supply chain. We then show how to find solutions for optimal risk reduction under several definitions of optimality: minimizing upstream risk, minimizing downstream risk, and minimizing global (supply chain) risk. We show how to develop curves for each of the above scenarios that indicate when extra funds should be spent on security, which security controls should be implemented, and when subsidies among partners are beneficial. |
---|---|
ISSN: | 1936-9735 1936-9743 |
DOI: | 10.1007/s12063-009-0018-2 |