Cyber supply chain security: a cost benefit analysis using net present value

Yeboah-Ofori, Abel ORCID: https://orcid.org/0000-0001-8055-9274, Addo-Quaye, Ronald, Oseni, Waheed, Amorin, Prince and Agangmikre, Conrad (2022) Cyber supply chain security: a cost benefit analysis using net present value. In: 2021 International Conference on Cyber Security and Internet of Things (ICSIoT), 15-17 Dec 2021, France.

[img]
Preview
PDF
Cyber Supply Chain Security- A Cost Benefit Analysis Using NPV - ICSIoT Updated 141221 Rony.pdf - Accepted Version

Download (305kB) | Preview

Abstract

Cyber supply chain (CSC) security cost effectiveness should be the first and foremost decision to consider when integrating various networks in supplier inbound and outbound chains. CSC systems integrate different organizational network systems nodes such as SMEs and third-party vendors for business processes, information flows, and delivery channels. Adversaries are deploying various attacks such as RAT and Island-hopping attacks to penetrate, infiltrate, manipulate and change delivery channels. However, most businesses fail to invest adequately in security and do not consider analyzing the long term benefits of that to monitor and audit third party networks. Thus, making cost benefit analysis the most overriding factor. The paper explores the cost-benefit analysis of investing in cyber supply chain security to improve security. The contribution of the paper is threefold. First, we consider the various existing cybersecurity investments and the supply chain environment to determine their impact. Secondly, we use the NPV method to appraise the return on investment over a period of time. The approach considers other methods such as the Payback Period and Internal Rate of Return to analyze the investment appraisal decisions. Finally, we propose investment options that ensure CSC security performance investment appraisal, ROI, and business continuity. Our results show that NVP can be used for cost-benefit analysis and to appraise CSC system security to ensure business continuity planning and impact assessment.

Item Type: Conference or Workshop Item (Paper)
ISBN: 9781665478786
Identifier: 10.1109/icsiot55070.2021.00018
Page Range: pp. 49-54
Additional Information: © 2021 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.
Keywords: Supply chains, Appraisal, Radio access technologies, Planning, Security, Cost benefit analysis, Business continuity
Subjects: Computing > Information security > Cyber security
Computing
Related URLs:
Depositing User: Waheed Oseni
Date Deposited: 03 Mar 2022 16:36
Last Modified: 03 Mar 2022 16:45
URI: http://repository.uwl.ac.uk/id/eprint/8824

Downloads

Downloads per month over past year

Actions (login required)

View Item View Item

Menu