A Stochastic Model for Improving Information Security in Supply Chain Systems

Introduction

At the present time, leaders of business and industry frequently use the acronyms of globalization, security of information technology, and supply chain management (SCM). These terms have together grown to become powerful tools for business and industry expansion. Toyota, Dell, and Wal-Mart were among the first companies to succeed in the implementation of SCM tools in their specialized industries. These tools have developed over the last two decades as a result of competitor growth and mutual international interests; which has led to the development of a variety of products. Product variety (enhanced by IT) has pressured international business to reduce the restrictions placed on global trade. Consequently, accurate information technology is a crucial part of proper integration to all parties involved in globalization and has enhanced the success of international business. Growing competition has forced companies to generate high quality, lower cost products, and maintain quick responsiveness in the delivery of products and services (Chopra & Meindl, 2004). Figure 1 shows the integration process of supply chain and globalization, as developed by the authors.

Figure 1.

Integration of IT into supply chain and globalization

The supply chain is a complex network of facilities dispersed over a large geographical area may be across the globe. The supply chain system is a dynamic system that evolves over time due to changes in customer demand. The key issues in SCM system are a wide spectrum of corporate activities from strategic to tactical and operational levels. IT and its security are essential for the integration of the chain of SCM and securing the success. Today, business growth is enhanced by rapid development of information concerning internet-based technologies and services. Information available on the internet has provided organizations with new and creative ways to improve business processes, drive revenue growth, reduce costs and improve customer satisfaction; and consequently, facilitates the implementation of SCM systems. The evolving information systems require that the information resources need to be shared securely among customers, employees, business partners and financial institutions. With this, however, come serious security threats (Al Nunu, 2006).

Undoubtedly, as globalization increases, competing in today’s international marketplace has become challenging. In order to survive, organizations must tighten the supervision placed on information security in supply chain system. While many realize the vulnerability of supply chain visibility, many companies are still unaware of the right approach in information security implementation. However, information security of complex systems, such as supply chain management, is essential and covers a wide range of an organization’s function. The main challenges in securing of an integrated system such as supply chain management are information integration and the lack of standardization (Chopra & Meindl, 2004). The IT security problem becomes crucial due to attacker accessibility of more than one chain or driver of a supply chain system. The main objective of security in any SCM system is based on the following premises: accountability, security assurance and continuity. Accountability within a system ensures that security violations can be traced back to the violators. Security assurance provides a desirable level of confidence that the confidentiality, integrity and availability requirements of a system are met. The last point, continuity assures that a life cycle approach to security engineering presents a level of confidence that accountability and assurance is continuously maintained throughout the system lifetime (Pfleeger & Pfleeger, 2004).