Cooperative Security Against Interdependent Risks

TL;DR

This paper models interdependent security risks in networks like supply chains, proposing cooperative strategies and cost-sharing mechanisms to sustain optimal security levels, with analysis of informational effects and novel fair allocation methods.

Contribution

It introduces a graph-theoretic model for interdependent security, develops polynomial-time algorithms for optimal strategies, and proposes a novel, fair, and implementable cost-sharing mechanism.

Findings

Network-optimal security strategies can be computed efficiently.

Cooperative cost-sharing mechanisms can sustain security in certain informational settings.

The agreeable allocation provides a fair and stable solution, but may not always exist.

Abstract

Firms in inter-organizational networks such as supply chains or strategic alliances are exposed to interdependent risks. These are risks that are transferable across partner firms. They can be decomposed into intrinsic risks a firm faces from its own operations and extrinsic risks transferred from its partners. Firms broadly have access to two security strategies: either they can independently eliminate both intrinsic and extrinsic risks by securing their links with partners, or alternatively, firms can cooperate with partners to eliminate sources of intrinsic risk in the network. We develop a graph-theoretic model of interdependent security and demonstrate that the network-optimal security strategy can be computed in polynomial time. Then, we use cooperative game-theoretic tools to examine whether and when firms can sustain the network-optimal security strategy via cost-sharing mechanisms that are stable, fair, computable, and implementable via a series of bilateral cost-sharing arrangements. We consider different informational assumptions in the network and show that, when the players know only their own costs, firms have a clear incentive to cooperate globally whereas, in the presence of public information, there may not exist cost-sharing mechanisms that can sustain network-wide cooperation. We then design a novel cost-sharing mechanism: the agreeable allocation, that is easy to compute, bilaterally implementable, ensures stability, and is fair in a well-defined sense. However, the agreeable allocation need not always exist. We then generalize levels of agreeable allocation, with weaker implementability properties but greater existence guarantees.