{"title":"Integrated model to optimize supplier selection and investments for cyber resilience in digital supply chains","authors":"","doi":"10.1016/j.ijpe.2024.109338","DOIUrl":null,"url":null,"abstract":"<div><p>Digitalization has revolutionized the supply chain networks but also introduces vulnerabilities to the cyber threats. Notably, in past two years, the cyber-attacks on different organizations worldwide have increased at an alarming rate resulting in significant financial loss to supply chains, intellectual property breaches and supply disruptions. As a result, companies are making significant investments in their cybersecurity. However, many incidents were reported where threat actors attacked a company using the shared digital systems with its suppliers. Therefore, it is important that suppliers are selected based on their cyber resilience. This paper identifies the cyber resilience criteria and proposed a multi criteria decision making based framework to evaluate the cyber resilience of a supply chain partner. It has been also realized that investment in organizational cybersecurity alone is not sufficient to protect supply chains. Companies are now investing in increasing their supply chain cyber capabilities. In this direction, paper also proposes a mixed integer linear program (MILP) to jointly optimize supplier selection and cyber investment decisions in a supply chain based on the supplier's current cyber resilience and potential return on the cyber investments made in selected suppliers. Computational experiments are conducted to study the tradeoffs and impact of sourcing strategy, supplier capacity, cyber security investment decisions on supply chain cyber resilience. The findings underscore that an integrated decision making of supplier selection and cyber investments maximizes the supply chain cyber resilience.</p></div>","PeriodicalId":14287,"journal":{"name":"International Journal of Production Economics","volume":null,"pages":null},"PeriodicalIF":9.8000,"publicationDate":"2024-07-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Journal of Production Economics","FirstCategoryId":"5","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S0925527324001956","RegionNum":1,"RegionCategory":"工程技术","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"ENGINEERING, INDUSTRIAL","Score":null,"Total":0}
引用次数: 0
Abstract
Digitalization has revolutionized the supply chain networks but also introduces vulnerabilities to the cyber threats. Notably, in past two years, the cyber-attacks on different organizations worldwide have increased at an alarming rate resulting in significant financial loss to supply chains, intellectual property breaches and supply disruptions. As a result, companies are making significant investments in their cybersecurity. However, many incidents were reported where threat actors attacked a company using the shared digital systems with its suppliers. Therefore, it is important that suppliers are selected based on their cyber resilience. This paper identifies the cyber resilience criteria and proposed a multi criteria decision making based framework to evaluate the cyber resilience of a supply chain partner. It has been also realized that investment in organizational cybersecurity alone is not sufficient to protect supply chains. Companies are now investing in increasing their supply chain cyber capabilities. In this direction, paper also proposes a mixed integer linear program (MILP) to jointly optimize supplier selection and cyber investment decisions in a supply chain based on the supplier's current cyber resilience and potential return on the cyber investments made in selected suppliers. Computational experiments are conducted to study the tradeoffs and impact of sourcing strategy, supplier capacity, cyber security investment decisions on supply chain cyber resilience. The findings underscore that an integrated decision making of supplier selection and cyber investments maximizes the supply chain cyber resilience.
期刊介绍:
The International Journal of Production Economics focuses on the interface between engineering and management. It covers all aspects of manufacturing and process industries, as well as production in general. The journal is interdisciplinary, considering activities throughout the product life cycle and material flow cycle. It aims to disseminate knowledge for improving industrial practice and strengthening the theoretical base for decision making. The journal serves as a forum for exchanging ideas and presenting new developments in theory and application, combining academic standards with practical value for industrial applications.