ORIGINAL ARTICLE
E-commerce supply chains with considerations of cyber-security: Should governments play a role?
Suyuan Luo,
Tsan-Ming Choi,
Suyuan Luo
Department of Transportation Economics and Logistics Management, College of Economics, Shenzhen University, Shenzhen, China
Search for more papers by this authorCorresponding Author
Tsan-Ming Choi
Department and Graduate Institute of Business Administration, College of Management, National Taiwan University, Taipei, Taiwan, ROC
Correspondence
Tsan-Ming Choi, Department and Graduate Institute of Business Administration, College of Management, National Taiwan University, Roosevelt Road, Taipei 10617, Taiwan, ROC.
Email: [email protected]
Search for more papers by this authorSuyuan Luo,
Tsan-Ming Choi,
Suyuan Luo
Department of Transportation Economics and Logistics Management, College of Economics, Shenzhen University, Shenzhen, China
Search for more papers by this authorCorresponding Author
Tsan-Ming Choi
Department and Graduate Institute of Business Administration, College of Management, National Taiwan University, Taipei, Taiwan, ROC
Correspondence
Tsan-Ming Choi, Department and Graduate Institute of Business Administration, College of Management, National Taiwan University, Roosevelt Road, Taipei 10617, Taiwan, ROC.
Email: [email protected]
Search for more papers by this authorHandling editor: Jayashankar Swaminathan
Accepted by Jayashankar Swaminathan, after 3 revisions.
Abstract
E-commerce supply chains and their members face risks from cyber-attacks. Consumers who purchase goods online also risk having their private information stolen. Thus, businesses are investing to improve cyber-security at a nontrivial cost. In this paper, we conduct a Stackelberg game-theoretical analysis. In the basic model, we first derive the equilibrium pricing and cyber-security level decisions in the e-commerce supply chain. Based on real-world practices, we then explore whether governments should impose cyber-security penalty schemes. Our findings show that when the government is characterized by having sufficiently high emphasis on consumer surplus, implementing the penalty scheme is beneficial to social welfare. Then, we extend the analysis to examine how adopting systems security enhancing technologies (such as blockchain) will affect the government's choice of imposing penalty. We uncover that when it is beneficial to have government's penalty scheme, the technology benefit-to-cost ratio is a critical factor that governs whether the optimal penalty will be lower or higher with the adoption of systems security enhancing technologies. To generate more insights, we conduct further analyses for various extended modeling cases (e.g., with alliance, competition, and the defense-level dependent penalty scheme) and find that our main results remain robust. One important insight we have uncovered in this study is that imposing government penalty schemes on cyber-security issues may do more harm than good; while once it is beneficial to implement, the government should charge the heaviest possible fine. This finding may explain why in the real world, governments basically always adopt a polarized strategy, that is, either do not impose penalty or impose a super heavy penalty, on cyber-security issues.
Supporting Information
| Filename | Description |
|---|---|
| poms13666-sup-0001-CyberSecurity-E.docx64.5 KB | SUPPORTING INFORMATION |
| poms13666-sup-0002-CyberSecurity-E.docx581.2 KB | SUPPORTING INFORMATION |
| poms13666-sup-0003-CyberSecurity-E.docx441.8 KB | SUPPORTING INFORMATION |
Please note: The publisher is not responsible for the content or functionality of any supporting information supplied by the authors. Any queries (other than missing content) should be directed to the corresponding author for the article.
REFERENCES
- Abhishek, V., Jerath, K., & Zhang, Z. J. (2016). Agency selling or reselling? Channel structures in electronic retailing. Management Science, 62(8), 2259–2280. https://doi.org/10.1287/mnsc.2015.2230
- Arya, A., & Mittendorf, B. (2015). Supply chain consequences of subsidies for corporate social responsibility. Production and Operations Management, 24(8), 1346–1357. https://doi.org/10.1111/poms.12326
- Babich, V., & Hilary, G. (2019). Distributed ledgers and operations: What operations management researchers should know about blockchain technology. Manufacturing & Service Operations Management, 22(2), 223–240.
- Bensoussan, A., Mookerjee, V., & Yue, W. T. (2020). Managing information system security under continuous and abrupt deterioration. Production and Operations Management, 29(8), 1894–1917. https://doi.org/10.1111/poms.13198
- Berenguer, G., Feng, Q., Shanthikumar, J. G., & Xu, L. (2017). The effects of subsidies on increasing consumption through for-profit and not-for-profit newsvendors. Production and Operations Management, 26(6), 1191–1206. https://doi.org/10.1111/poms.12632
- Bier, V., & Gutfraind, A. (2019). Risk analysis beyond vulnerability and resilience—Characterizing the defensibility of critical systems. European Journal of Operational Research, 276(2), 626–636. https://doi.org/10.1016/j.ejor.2019.01.011
- Cai, G. (2010). Channel selection and coordination in dual-channel supply chains. Journal of Retailing, 86(1), 22–36. https://doi.org/10.1016/j.jretai.2009.11.002
- Cai, Y. J., Choi, T. M., & Zhang, J. (2021). Platform supported supply chain operations in the blockchain era: Supply contracting and moral hazards. Decision Sciences, 52(4), 866–892. https://doi.org/10.1111/deci.12475
- Carrillo, J. E., Vakharia, A. J., & Wang, R. (2014). Environmental implications for online retailing. European Journal of Operational Research, 239(3), 744–755. https://doi.org/10.1016/j.ejor.2014.05.038
- Cheung, K. F., & Bell, M. G. (2019). Attacker–defender model against quantal response adversaries for cyber security in logistics management: An introductory study. European Journal of Operational Research, 291(2), 471–481. https://doi.org/10.1016/j.ejor.2019.10.019
- Cheung, K. F., & Bell, M. G. (2021). Improving connectivity of compromised digital networks via algebraic connectivity maximisation. European Journal of Operational Research, 294(1), 353–364. https://doi.org/10.1016/j.ejor.2021.01.015
- Choi, T. M., Guo, S., Liu, N., & Shi, X. (2020). Optimal pricing in on-demand-service-platform-operations with hired agents and risk-sensitive customers in the blockchain era. European Journal of Operational Research, 284(3), 1031–1042. https://doi.org/10.1016/j.ejor.2020.01.049
- Choi, T. M., Kumar, S., Yue, X., & Chan, H. L. (2021). Disruptive technologies and operations management in the Industry 4.0 era and beyond. Production and Operations Management. https://doi.org/10.1111/poms.13622
- Choi, T. M., & Luo, S. (2019). Data quality challenges for sustainable fashion supply chain operations in emerging markets: Roles of blockchain, government sponsors and environment taxes. Transportation Research Part E, 131, 139–152. https://doi.org/10.1016/j.tre.2019.09.019
- Choi, T. M., & Shi, X. (2021). On-demand-ride-hailing-service platforms with hired drivers during coronavirus (COVID-19) outbreak: Can blockchain help? IEEE Transactions on Engineering Management. https://doi.org/10.1109/TEM.2021.3131044
- Choi, T. M., Wallace, S. W., & Wang, Y. (2018). Big data analytics in operations management. Production and Operations Management, 27(10), 1868–1883. https://doi.org/10.1111/poms.12838
- Cohen, M. A., & Lee, H. L. (2020). Designing the right global supply chain network. Manufacturing & Service Operations Management, 22(1), 15–24.
- Cohen, M. C. (2018). Big data and service operations. Production and Operations Management, 27(9), 1709–1723. https://doi.org/10.1111/poms.12832
- Cui, R., Li, M., & Zhang, S. (2021). AI and procurement. Manufacturing & Service Operations Management. https://doi.org/10.1287/msom.2021.0989
- Doroudi, S., Avgerinos, T., & Harchol-Balter, M. (2021). To clean or not to clean: Malware removal strategies for servers under load. European Journal of Operational Research, 292(2), 596–609. https://doi.org/10.1016/j.ejor.2020.10.036
- Eling, M., & Wirfs, J. (2019). What are the actual costs of cyber risk events? European Journal of Operational Research, 272(3), 1109–1119. https://doi.org/10.1016/j.ejor.2018.07.021
- Guha, S., & Kumar, S. (2018). Emergence of big data research in operations management, information systems, and healthcare: Past contributions and future roadmap. Production and Operations Management, 27(9), 1724–1735. https://doi.org/10.1111/poms.12833
- Ha, A. Y., Tian, Q., & Tong, S. (2017). Information sharing in competing supply chains with production cost reduction. Manufacturing & Service Operations Management, 19(2), 246–262.
- Hagiu, A., & Wright, J. (2015). Marketplace or reseller? Management Science, 61(1), 184–203. https://doi.org/10.1287/mnsc.2014.2042
- Hao, L., & Fan, M. (2014). An analysis of pricing models in the electronic book market. MIS Quarterly, 38(4), 1017–1032. https://doi.org/10.25300/MISQ/2014/38.4.04
- Hastig, G. M., & Sodhi, M. (2020). Blockchain for supply chain traceability: Business requirements and critical success factors. Production and Operations Management, 29(4), 935–954. https://doi.org/10.1111/poms.13147
- Hsu, V. N., Lai, G., & Liang, G. (2019). Agricultural partnership for dairy farming. Production and Operations Management, 28(12), 3042–3059. https://doi.org/10.1111/poms.12992
- Hua, Z., Chen, W., & Zhang, Z. G. (2016). Competition and coordination in two-tier public service systems under government fiscal policy. Production and Operations Management, 25(8), 1430–1448. https://doi.org/10.1111/poms.12555
- Ji, Y., Kumar, S., & Mookerjee, V. (2016). When being hot is not cool: Monitoring hot lists for information security. Information Systems Research, 27(4), 897–918. https://doi.org/10.1287/isre.2016.0677
- Jiang, L., Dimitrov, S., Mantin, B. (2017). P2P marketplaces and retailing in the presence of consumers’ valuation uncertainty. Production and Operations Management, 26(3), 509–524.
- Khouzani, M., Liu, Z., & Malacaria, P. (2019). Scalable min-max multi-objective cyber-security optimisation over probabilistic attack graphs. European Journal of Operational Research, 278(3), 894–903. https://doi.org/10.1016/j.ejor.2019.04.035
- Kim, B. C., Chen, P. Y., & Mukhopadhyay, T. (2011). The effect of liability and patch release on software security: The monopoly case. Production and Operations Management, 20(4), 603–617. https://doi.org/10.1111/j.1937-5956.2010.01189.x
- Kuruzovich, J., & Etzion, H. (2018). Online auctions and multichannel retailing. Management Science, 64(6), 2734–2753. https://doi.org/10.1287/mnsc.2017.2732
- Kwark, Y., Chen, J., & Raghunathan, S. (2017). Platform or wholesale? A strategic tool for online retailers to benefit from third-party information. MIS Quarterly, 41(3), 763–785. https://doi.org/10.25300/MISQ/2017/41.3.05
- Li, L. (2002). Information sharing in a supply chain with horizontal competition. Management Science, 48(9), 1196–1212. https://doi.org/10.1287/mnsc.48.9.1196.177
- Li, M., Zhu, L., & Lin, X. (2018). Efficient and privacy-preserving carpooling using blockchain-assisted vehicular fog computing. IEEE Internet of Things Journal, 6(3), 4573–4584. https://doi.org/10.1109/JIOT.2018.2868076
- Li, T., & Sethi, S. P. (2016). A review of dynamic Stackelberg game models. Discrete & Continuous Dynamical Systems-B, 22(1), 125.
- Liang, R., Wang, J., Huang, M., & Jiang, Z. Z. (2020). Truthful auctions for e-market logistics services procurement with quantity discounts. Transportation Research Part B: Methodological, 133, 165–180. https://doi.org/10.1016/j.trb.2020.01.002
- Lim, S. F. W. T., & Srai, J. S. (2018). Examining the anatomy of last-mile distribution in e-commerce omnichannel retailing. International Journal of Operations & Production Management, 38(9), 1735–1764.
- Luo, S., & Choi, T. M. (2021). Great partners: How deep learning and blockchain help improve business operations together. Annals of Operations Research. https://doi.org/10.1007/s10479-021-04101-4 PMID: 34720317
- Nagurney, A., & Shukla, S. (2017). Multifirm models of cybersecurity investment competition vs. cooperation and network vulnerability. European Journal of Operational Research, 260(2), 588–600. https://doi.org/10.1016/j.ejor.2016.12.034
- Niu, B., Xie, F., Chen, L., & Xu, X. (2019). Join logistics sharing alliance or not? Incentive analysis of competing e-commerce firms with promised-delivery-time. International Journal of Production Economics, 224, 107553.
- Olsen, T. L., & Tomlin, B. (2020). Industry 4.0: Opportunities and challenges for operations management. Manufacturing & Service Operations Management, 22(1), 113–122.
- Paul, J. A., & Zhang, M. (2021). Decision support model for cybersecurity risk planning: A two-stage stochastic programming framework featuring firms, government, and attacker. European Journal of Operational Research, 291(1), 349–364. https://doi.org/10.1016/j.ejor.2020.09.013
- Pun, H., & Hou, P. (2021). Combating copycatting from emerging market suppliers in global supply chains. Working paper. SSRN. https://ssrn.com/abstract=3801968
- Pun, H., Swaminathan, J. M., & Hou, P. (2021). Blockchain adoption for combating deceptive counterfeits. Production and Operations Management, 30(4), 864–882. https://doi.org/10.1111/poms.13348
- Ru, J., Shi, R., & Zhang, J. (2018). When does a supply chain member benefit from vendor-managed inventory? Production and Operations Management, 27(5), 807–821. https://doi.org/10.1111/poms.12828
- Scholz, M., Dorner, V., Schryen, G., & Benlian, A. (2017). A configuration-based recommender system for supporting e-commerce decisions. European Journal of Operational Research, 259(1), 205–215. https://doi.org/10.1016/j.ejor.2016.09.057
- Shen, B., Dong, C., & Minner, S. (2021). Combating copycats in the supply chain with permissioned blockchain technology. Production and Operations Management. https://doi.org/10.1111/poms.13456
- Shen, Y., Willems, S. P., & Dai, Y. (2019). Channel selection and contracting in the presence of a retail platform. Production and Operations Management, 28(5), 1173–1185. https://doi.org/10.1111/poms.12977
- Shetty, N., Schwartz, G., Felegyhazi, M., & Walrand, J. (2010). Competitive cyber-insurance and internet security. In T. Moore, D. Pym, & C. Ioannidis (Eds.), Economics of information security and privacy. (pp. 229–247). Springer.
10.1007/978-1-4419-6967-5_12 Google Scholar
- Simon, J., & Omar, A. (2020). Cybersecurity investments in the supply chain: Coordination and a strategic attacker. European Journal of Operational Research, 282(1), 161–171. https://doi.org/10.1016/j.ejor.2019.09.017
- Swaminathan, J. M. (2018). Big data analytics for rapid, impactful, sustained, and efficient (RISE) humanitarian operations. Production and Operations Management, 27(9), 1696–1700. https://doi.org/10.1111/poms.12840
- Tan, Y. R., & Carrillo, J. E. (2017). Strategic analysis of the agency model for digital goods. Production and Operations Management, 26(4), 724–741. https://doi.org/10.1111/poms.12595
- Tang, Q., & Whinston, A. B. (2020). Do reputational sanctions deter negligence in information security management? A field quasi-experiment. Production and Operations Management, 29(2), 410–427. https://doi.org/10.1111/poms.13119
- Tian, L., Vakharia, A. J., Tan, Y. R., & Xu, Y. (2018). Marketplace, reseller, or hybrid: Strategic analysis of an emerging e-commerce model. Production and Operations Management, 27(8), 1595–1610. https://doi.org/10.1111/poms.12885
- Tsay, A. A., & Agrawal, N. (2004). Channel conflict and coordination in the e-commerce age. Production and Operations Management, 13(1), 93–110. https://doi.org/10.1111/j.1937-5956.2004.tb00147.x
- Wang, C., Fan, X., & Yin, Z. (2019). Financing online retailers: Bank vs. electronic business platform, equilibrium, and coordinating strategy. European Journal of Operational Research, 276(1), 343–356. https://doi.org/10.1016/j.ejor.2019.01.009
- Wang, Z., Zheng, Z., Jiang, W., & Tang, C. S. (2021). Blockchain-enabled data sharing in supply chains: Model, operationalization, and tutorial. Production and Operations Management, 30(7), 1965–1985. https://doi.org/10.1111/poms.13356
- Wu, H., Cai, G., Chen, J., & Sheu, C.. (2015). Online manufacturer referral to heterogeneous retailers. Production and Operations Management, 24(11), 1768–1782. https://doi.org/10.1111/poms.12363
- Wu, Y., Feng, G., & Fung, R. Y. K. (2018). Comparison of information security decisions under different security and business environments. Journal of the Operational Research Society, 69(5), 747–761. https://doi.org/10.1057/s41274-017-0263-y
- Xiao, W., & Xu, Y. (2018). Should an online retailer penalize its independent sellers for stockout? Production and Operations Management, 27(6), 1124–1132. https://doi.org/10.1111/poms.12859
- Xu, J., Hsu, V. N., & Niu, B. (2018). The impacts of markets and tax on a multinational firm's procurement strategy in China. Production and Operations Management, 27(2), 251–264. https://doi.org/10.1111/poms.12798
- Yan, Y., Zhao, R., & Xing, T. (2019). Strategic introduction of the marketplace channel under dual upstream disadvantages in sales efficiency and demand information. European Journal of Operational Research, 273(3), 968–982. https://doi.org/10.1016/j.ejor.2018.09.022
- Yang, M., Jacob, V. S., & Raghunathan, S. (2021). Cloud service model's role in provider and user security investment incentives. Production and Operations Management, 30(2), 419–437. https://doi.org/10.1111/poms.13274
- Yu, J. J., Tang, C. S., & Shen, Z. J. M. (2018). Improving consumer welfare and manufacturer profit via government subsidy programs: Subsidizing consumers or manufacturers? Manufacturing & Service Operations Management, 20(4), 752–766.
- Zhang, F., & Zhang, R. (2018). Trade-in remanufacturing, customer purchasing behavior, and government policy. Manufacturing & Service Operations Management, 20(4), 601–616.
- Zhang, S., & Zhang, J. (2020). Agency selling or reselling: E-tailer information sharing with supplier offline entry. European Journal of Operational Research, 280(1), 134–151. https://doi.org/10.1016/j.ejor.2019.07.003
- Zhang, T., & Choi, T. M. (2021). Optimal consumer sales tax policies for online-offline retail operations with consumer returns. Naval Research Logistics, 68(6), 701–720. https://doi.org/10.1002/nav.21935
- Zhang, X., & Yao, Y. (2020). How much is too much? The effect of offline call intensity on online purchase of digital services. Production and Operations Management, 29(3), 509–525. https://doi.org/10.1111/poms.13124
