Global Supply Chain Cyber Security and Barrier to International Trade in LATAM Countries

Globalization has led to "International production fragmentation." This concept of International Production Fragmentation represents a major point of departure from the "Fordist" production system, which is exemplified by the American automobile industry, where all the economic activities are organized within a single firm located on one side or in proximity. Another analysis says that due to International production fragmentation, lack of standardization internationally, and geopolitics the cyber threat to the cyber supply chain has increased.

In global trade, the terms task trade, international production fragmentation, arm's trade length in trade facilitation, and economic migration become essential to free trade. Cybersecurity poses a risk, these concepts are analyzed concerning supply chain cybersecurity. Also, the inference derived on how Cybersecurity is a trade barrier in this section.

Grossman and Rossi-Hansberg (2012) introduced the 'trade task' to describe the international division of labor. This is also referred to as "vertical specialization," "offshoring," "outsourcing," "production sharing," "slicing the value chain," and "delocalization." The concept of this international division of labor and the theory of comparative advantage led to the deduction that a relatively unskilled labor-abundant developing economy like the one in Latin America would complete and export the relatively unskilled labor-intensive tasks involved in producing goods, say final assembly. Similarly, relatively capital or skilled labor-intensive countries would ship an intermediate product, such as capital goods and design and research development services. Thereby, the challenge in securing the supply chain cybersecurity is to spread awareness and skill the unskilled labor to maintain Cybersecurity. Furthermore, the unskilled labor-intensive LATAM countries usually have lenient cybersecurity laws and compliance measures, which brings risk to the Cybersecurity of the supply chain.

Although one of the critical enabling factors of production fragmentation was the proliferation of standards, which enable the modularization of the production process through mechanisms for verifying complex quality information, this has not happened in Cybersecurity.

Analysis of the concept of an arm's length transaction, which is essential in global free trade, assures that the two parties in the deal are acting in their self-interest and not subjected to any pressure or coercion from the other party. However, applying this context of the present scenario, China demands IT companies to hand over their source code and intellectual property to the bureaucrats to do business in China according to its cybersecurity law, as a quid pro quo. This law hampers arm's length transactions and global supply chain cybersecurity, as the companies might go against the customers' will for profit. It is important to note that China has major investments in LATAM critical infrastructure.

Anderson et al. (2006) show that the supply chain development may have affected the wage gap between the majority of skilled workers and unskilled workers in developed countries and the wage gap between a tiny minority at the top of the income distribution and everyone else. By retaining the more skill-intensive activities, both highly-skilled and medium-skilled workers benefits. Subsequently, the fall in cooperation costs shifts more production to developing countries. Still, the actions which leave the advanced economies becoming increasingly skill-intensive, and that transfer eventually lowers the demand for medium-skilled workers. However, as the relative wage of highly skilled workers continues to rise, the salary inequality among skilled workers increases. Anderson et al. (2006) argue that it is also possible that beyond a certain point, the wage gap between moderately skilled and unskilled workers shrinks rather than widens in developed countries. Therefore, this income gap is a huge motivator for cyber-attacks in developing nations. Thereby, there is a cyber supply chain risk identified in this context and the rise of hacktivism in the context of LATAM countries.

An argument is that identifying the organization that will gain from the cyber-attack can be a part of the supply chain. However, Mentzer et al. (2001) point out that "anyone organization can be many supply chains. For example, Walmart can be a part of the supply chain for candies, clothing, hardware, etc. This many supply chain phenomenon begins to explain the network nature that many supply chain possesses. For example, AT&T might find Motorola, a customer in one supply chain, a partner in another, a supplier in the third, and a competitor in the fourth supply chain." Therefore, only individual network analysis of the supply chain can help identify the attacker of the Cybersecurity of the supply chain.

There are other barriers to the cybersecurity maintenance of the supply chain. In the Latin American region context, it includes institutional barriers, such as a lack of institutions regulating cyberspace, national cybersecurity laws, differences in standards, and even red tape. These can act as a vulnerability in the Cybersecurity of the global supply chain.