Does cybersecurity maturity level assurance improve cybersecurity risk management in supply chains?

Ju Myung Song, Tawei Wang, Ju Chun Yen, Yu Hung Chen

Research output: Contribution to journalArticlepeer-review

Abstract

This study uses analytical models to investigate whether requiring cybersecurity assurance or a particular maturity level for vendors or contractors will help them improve their cybersecurity management. Our findings suggest that, if a supplier decides on its preferred cybersecurity maturity level without knowing what level a contract requires, the supplier is more likely to exert more effort to improve its cybersecurity management. We also show that a buyer can incentivize the supplier to engage in improving cybersecurity risk management by imposing a reduced contractual price or a fine when a breach occurs. Our findings reveal the role played by cybersecurity maturity level assurance and we discuss practical implications.

Original languageEnglish
Article number100695
JournalInternational Journal of Accounting Information Systems
Volume54
DOIs
StatePublished - Sep 2024

Keywords

  • Analytical model
  • Cybersecurity assurance
  • Cybersecurity maturity model

Fingerprint

Dive into the research topics of 'Does cybersecurity maturity level assurance improve cybersecurity risk management in supply chains?'. Together they form a unique fingerprint.

Cite this