E-commerce supply chains with considerations of cyber-security: Should governments play a role?

【Author】 Luo, Suyuan; Choi, Tsan-Ming

【Source】PRODUCTION AND OPERATIONS MANAGEMENT

【Abstract】E-commerce supply chains and their members face risks from cyber-attacks. Consumers who purchase goods online also risk having their private information stolen. Thus, businesses are investing to improve cyber-security at a nontrivial cost. In this paper, we conduct a Stackelberg game-theoretical analysis. In the basic model, we first derive the equilibrium pricing and cyber-security level decisions in the e-commerce supply chain. Based on real-world practices, we then explore whether governments should impose cyber-security penalty schemes. Our findings show that when the government is characterized by having sufficiently high emphasis on consumer surplus, implementing the penalty scheme is beneficial to social welfare. Then, we extend the analysis to examine how adopting systems security enhancing technologies (such as blockchain) will affect the government's choice of imposing penalty. We uncover that when it is beneficial to have government's penalty scheme, the technology benefit-to-cost ratio is a critical factor that governs whether the optimal penalty will be lower or higher with the adoption of systems security enhancing technologies. To generate more insights, we conduct further analyses for various extended modeling cases (e.g., with alliance, competition, and the defense-level dependent penalty scheme) and find that our main results remain robust. One important insight we have uncovered in this study is that imposing government penalty schemes on cyber-security issues may do more harm than good; while once it is beneficial to implement, the government should charge the heaviest possible fine. This finding may explain why in the real world, governments basically always adopt a polarized strategy, that is, either do not impose penalty or impose a super heavy penalty, on cyber-security issues.

【Keywords】blockchain technologies; cyber-security; e-commerce supply chains; government; social welfare

【标题】考虑网络安全的电子商务供应链：政府应该发挥作用吗？

【摘要】电子商务供应链及其成员面临着网络攻击的风险。在网上购买商品的消费者也有私人信息被盗的风险。因此，企业正在投入精力去改善网络安全，并付出了不小的代价。在本文中，我们进行了一个Stackelberg博弈理论分析。在基本模型中，我们首先推导出电子商务供应链中的均衡定价和网络安全水平决策。基于现实世界的实践，我们随后探讨了政府是否应该实施网络安全惩罚计划。我们的研究结果表明，当政府的特点是对消费者剩余有足够高的重视时，实施惩罚计划对社会福利是有利的。然后，我们扩展分析，研究采用系统安全增强技术（如区块链）将如何影响政府对实施惩罚的选择。我们发现，当政府的惩罚计划是有益的，技术效益与成本的比率是一个关键因素，它决定了采用系统安全增强技术后，最佳的惩罚是低还是高。为了产生更多的洞察力，我们对各种扩展的建模案例（例如，有联盟、竞争和依赖防御级别的惩罚方案）进行了进一步的分析，发现我们的主要结果仍然稳健。我们在这项研究中发现的一个重要见解是，对网络安全问题实施政府惩罚方案可能弊大于利；而一旦实施有利，政府应该收取尽可能重的罚款。这一发现可能解释了为什么在现实世界中在网络安全问题上政府基本上总是采取两极分化的策略，即要么不施加惩罚，要么施加超重的惩罚。

【关键词】区块链技术；网络安全;电子商务供应链；政府;社会福利

【收录时间】2022-03-22

【文献类型】Article; Early Access

【论文大主题】区块链政策法律

【论文小主题】区块链的司法政务应用

【影响因子】4.638

【翻译者】丁子仪