Identification of Cyber Security Risks in Subscription-based Business Models for Manufacturing Companies and Derivation of Suitable Measures
- In the age of digitalization, manufacturing companies are under increased pressure to change due to product complexity, growing customer requirements and digital business models. The increasing digitization of processes and products is opening up numerous opportunities for mechanical engineering companies to exploit the resulting potential for value creation. Subscription business is a new form of business model in the mechanical engineering industry, which aims to continuously increase customer benefit to align the interests of both companies and customers. Characterized by a permanent data exchange, databased learning about customer behavior, and the transfer into continuous innovations to increase customer value, subscription business helps to make Industry 4.0 profitable. The fact that machines and plants are connected to the internet and exchange large amounts of data results in critical information security risks. In addition, the loss of knowledge and control, data misuse and espionage, as well as the manipulation of transaction or production data in the context of subscription transactions are particularly high risks. Complementary to direct and obvious consequences such as loss of production, the attacks are increasingly shifting to non-transparent and creeping impairments of production or product quality, which are only apparent at a late stage, or the influencing of payment flows. A transparent presentation of possible risks and their scope, as well as their interrelationships, does not exist. This paper shows a research approach in which the structure of subscription models and their different manifestations based on their risks and vulnerabilities are characterized. This allows suitable cyber security measures to be taken at an early stage. From this basis, companies can secure existing or planned subscription business models and thus strengthen the trust of business partners and customers.
Author: | Günther SchuhORCiDGND, Volker StichGND, Jan HickingGND, Lars Kaminski, Jacques Engländer, Anna Majchrzak |
---|---|
DOI: | https://doi.org/10.15488/11246 |
Parent Title (English): | Proceedings of the Conference on Production Systems and Logistics (CPSL 2021) |
Publisher: | publish-Ing. |
Place of publication: | Hannover |
Editor: | David Herberger, Marco Hübner |
Document Type: | Conference Proceeding |
Language: | English |
Date of Publication (online): | 2021/10/01 |
Date of first Publication: | 2021/10/01 |
Release Date: | 2022/02/16 |
Tag: | SV7427 Cyber Security; Digital Transformation; Manufacturing Companies; Subscription Business |
Page Number: | 10 |
First Page: | 212 |
Last Page: | 222 |
FIR-Number: | SV7427 |
Name of the conference: | Conference on Production Systems and Logistics, International Conference, CPSL 2021 |
place of the conference: | Vancouver |
Date of the conference: | 10.08.21 |
Institute / Department: | FIR e. V. an der RWTH Aachen |
Informationsmanagement | |
Dewey Decimal Classification: | 0 Informatik, Informationswissenschaft, allgemeine Werke / 00 Informatik, Wissen, Systeme / 000 Informatik, Informationswissenschaft, allgemeine Werke |
Licence (German): | Creative Commons – CC BY 3.0 DE – Namensnennung 3.0 Deutschland |