Investigation of the Effect of e-Platform Information Security Breaches: A Small and Medium Enterprise Supply Chain Perspective

Many small and medium enterprises (SMEs) engage in dyadic information integration partnerships or partial integration with their direct suppliers and customers. They often utilize e-commerce or cloud computing technology platforms hosted by third-party providers to leverage such partnerships. However, information security breaches and disruptions caused by cyberattacks are commonplace in the information technology industry. The effects of said disruptions and breaches on e-commerce businesses under varied disruption conditions are still uncertain. Furthermore, the effect of security breaches on nonparticipating members of the supply chain is poorly understood, especially under various disruption profiles. Using discrete event modeling, in this article, we explore the impact of disruption caused by information security breaches on supply chain performance and the externality effect of partial integration on nonparticipants. We also examine the impact of breach disruption frequency and remediation length on supply chain performance with varying levels of information sharing. These impacts were studied under two typical inventory replenishment policies for SMEs. It was determined that remediation length should be a prioritized factor in impact management and that flexibility in the inventory replenishment policy can help mitigate the impact of information disruption on the inventory performance of businesses, especially that of nonparticipants, in information-sharing partnerships.