Impact of electronic data interchange technology on JIT shipments
Management Science
The diffusion of electronic data interchange technology
Information systems innovation and diffusion
Value of Information in Capacitated Supply Chains
Management Science
The economics of information security investment
ACM Transactions on Information and System Security (TISSEC)
Research Report. Can Edi Benefit Adopters?
Information Systems Research
Information Systems Research
Information Sharing in a Supply Chain with Horizontal Competition
Management Science
The Value of Information Sharing in a Two-Level Supply Chain
Management Science
Supply Chain Inventory Management and the Value of Shared Information
Management Science
The Economic Incentives for Sharing Security Information
Information Systems Research
Hi-index | 0.00 |
Recent supply chain reengineering efforts have focused on integrating firms' production, inventory and replenishment activities with the help of communication networks. While communication networks and supply chain integration facilitate optimization of traditional supply chain functions, they also exacerbate the information security risk: communication networks propagate security breaches from one firm to another, and supply chain integration causes breach on one firm to affect other firms in the supply chain. We study the impact of network security vulnerability and supply chain integration on firms' incentives to invest in information security. We find that even though an increase in either the degree of network vulnerability or the degree of supply chain integration increases the security risk, they have different impacts on firms' incentives to invest in security. If the degree of supply chain integration is low, then an increase in network vulnerability induces firms to reduce, rather than increase, their security investments. A sufficiently high degree of supply chain integration alters the impact of network vulnerability into one in which firms have an incentive to increase their investments when the network vulnerability is higher. Though an increase in the degree of supply integration enhances firms' incentives to invest in security, private provisioning for security always results in a less than socially optimal security level. A liability mechanism that makes the responsible party partially compensate for the other party's loss induces each firm to invest at the socially optimal level. If firms choose the degree of integration, in addition to security investment, then firms may choose a higher degree of integration when they decide individually than when they decide jointly, suggesting an even greater security risk to the supply chain.