Research On Cyber Supply Chain Security Resilience Investment And Coordination Mechanism

With the rapid development of new technologies,such as big data and quantum computing,cyber-physical systems,cyber supply chain security who has been concerned is becoming an emerging discipline.Cyber security is facing a series of new challenges and threats,the investment of cyber security resilience is increasing every year,because it is critical to supply chain members.However,the input in the construction of supply chain cyber security resilience presents a non-controlled,non-standard phenomenon,the lack of investment in cyber supply chain security management behavior theory.Therefore,it is necessary to research the cyber security resilience investment of supply chain.In this paper,we analyzes the supply chain cyber security resilience investment strategy and coordination mechanism,based on the information security economic theory and supply chain security resilience theory.Firstly,this paper analyzes cyber security investment decision problem of companies.we set up an cyber security investment model that include two companies,and further expanded the model to multiple companies' investment.The impact of cyber security investment costs on equilibrium results are analyzed by Nash equilibrium.Then,an example simulate the impacts of the investment threshold in the cyber security investment.And through simulation,we find that the safety level and the total number of companies are promoting to the investment threshold,however,the impact of the companies who has invested in the cyber security is negative for investment threshold.Those companies that have not invested in cyber security may occur "free-rider" behavior.Secondly,the vulnerability is considered into the supply chain cyber security investment strategy on the basis of above research,the supply chain is extended into one supplier and one retailer.It is showed that the investment level has a negative correlation with the vulnerability in the non-cooperative game,and supply chain members keep a higher level of investment in the cooperative game,compare the non-cooperative game with cooperation game.A bargaining coordination mechanism is established to eliminate the under-investment or over-investment of supply chain members,make the companies to achieve the optimal investment level under the cooperative game.Finally,the companies in supply chain are divided into two categories: core companies and partners respectively,in the background of supply chain integration.Then uses Stackerlberg game and Cournot game to analyze cyber supply chain security investment,between the two different types of companies and the main factors such as vulnerability,the value of shared resources,degree of supply chain integration between companies,sharing costs and so on.The conclusion is that core companies prefer the Stackelberg game,and the companies may have a socially optimal security investment level when they decide jointly.Furthermore,the Shapley value algorithm is presented to resolve the costs allocation among partners in supply chain.