A supply chain network game theory model of cybersecurity investments with nonlinear budget constraints

A. Nagurney, P. Daniele, S. Shukla
Ann. Oper. Res., 2017, 248 (1), 405–427.

In this paper, we develop a supply chain network game theory model consisting of retailers and demand markets with retailers competing noncooperatively in order to maximize their expected profits by determining their optimal product transactions as well as cybersecurity investments subject to nonlinear budget constraints that include the cybersecurity investment cost functions. The consumers at the demand markets reflect their preferences through the demand price functions, which depend on the product demands and on the average level of cybersecurity in the supply chain network. We identify the supply chain network vulnerability to cyberattacks as well as that of the individual retailers. We demonstrate that the governing Nash equilibrium conditions can be formulated as a variational inequality problem and we provide a novel alternative formulation, along with the accompanying theory. We also propose an algorithm for the alternative formulation, which yields, at each iteration, closed form expressions in product transactions, security levels, and Lagrange multipliers associated with the budget constraints. We then apply the algorithm to compute solutions to a spectrum of numerical supply chain network cybersecurity investment examples. The examples broaden our understanding of the impacts of the addition of retailers, changes in budgets, demand price functions, and financial damages, on equilibrium product transactions and cybersecurity investments, as well as on the supply chain network vulnerability and retailer vulnerability under budget constraints.

Lascia un commento