Identification of Cyber Security Risks in Subscription-based Business Models for Manufacturing Companies and Derivation of Suitable Measures
- In the age of digitalization, manufacturing companies are under increased pressure to change due to product complexity, growing customer requirements and digital business models. The increasing digitization of processes and products is opening up numerous opportunities for mechanical engineering companies to exploit the resulting potential for value creation. Subscription business is a new form of business model in the mechanical engineering industry, which aims to continuously increase customer benefit to align the interests of both companies and customers. Characterized by a permanent data exchange, databased learning about customer behavior, and the transfer into continuous innovations to increase customer value, subscription business helps to make Industry 4.0 profitable. The fact that machines and plants are connected to the internet and exchange large amounts of data results in critical information security risks. In addition, the loss of knowledge and control, data misuse and espionage, as well as the manipulation of transaction or production data in the context of subscription transactions are particularly high risks. Complementary to direct and obvious consequences such as loss of production, the attacks are increasingly shifting to non-transparent and creeping impairments of production or product quality, which are only apparent at a late stage, or the influencing of payment flows. A transparent presentation of possible risks and their scope, as well as their interrelationships, does not exist. This paper shows a research approach in which the structure of subscription models and their different manifestations based on their risks and vulnerabilities are characterized. This allows suitable cyber security measures to be taken at an early stage. From this basis, companies can secure existing or planned subscription business models and thus strengthen the trust of business partners and customers.
Verfasserangaben: | Günther SchuhORCiDGND, Volker StichGND, Jan HickingGND, Lars Kaminski, Jacques Engländer, Anna Majchrzak |
---|---|
DOI: | https://doi.org/10.15488/11246 |
Titel des übergeordneten Werkes (Englisch): | Proceedings of the Conference on Production Systems and Logistics (CPSL 2021) |
Verlag: | publish-Ing. |
Ort: | Hannover |
Herausgeber*in: | David Herberger, Marco Hübner |
Dokumentart: | Konferenzveröffentlichung |
Sprache: | Englisch |
Datum der Veröffentlichung (online): | 01.10.2021 |
Datum der Erstveröffentlichung: | 01.10.2021 |
Datum der Freischaltung: | 16.02.2022 |
Freies Schlagwort / Tag: | SV7427 Cyber Security; Digital Transformation; Manufacturing Companies; Subscription Business |
Umfang: | 10 |
Erste Seite: | 212 |
Letzte Seite: | 222 |
FIR-Nummer: | SV7427 |
Konferenzname: | Conference on Production Systems and Logistics, International Conference, CPSL 2021 |
Konferenzort: | Vancouver |
Konferenzzeitraum: | 10.08.21 |
Institut / Bereiche des FIR: | FIR e. V. an der RWTH Aachen |
Informationsmanagement | |
DDC-Klassifikation: | 0 Informatik, Informationswissenschaft, allgemeine Werke / 00 Informatik, Wissen, Systeme / 000 Informatik, Informationswissenschaft, allgemeine Werke |
Lizenz (Deutsch): | Creative Commons – CC BY 3.0 DE – Namensnennung 3.0 Deutschland |