|Table of Contents|

[1] Xiong Qiang, Zhong Weijun, Mei Shue, et al. Incentive mechanism analysis of information security outsourcingbased on principal-agent model [J]. Journal of Southeast University (English Edition), 2014, 30 (1): 113-117. [doi:10.3969/j.issn.1003-7985.2014.01.021]
Copy

Incentive mechanism analysis of information security outsourcingbased on principal-agent model()
Share:

Journal of Southeast University (English Edition)[ISSN:1003-7985/CN:32-1325/N]

Volumn:
30
Issue:
2014 1
Page:
113-117
Research Field:
Economy and Management
Publishing date:
2014-03-31

Info

Title:
Incentive mechanism analysis of information security outsourcingbased on principal-agent model
Author(s):
Xiong Qiang1 2 Zhong Weijun1 Mei Shu’e1
1School of Economics and Management, Southeast University, Nanjing 211189, China
2School of Management, Jiangsu University, Zhenjiang 212013, China
Keywords:
principal agent information security outsourcing incentive mechanism
PACS:
F270
DOI:
10.3969/j.issn.1003-7985.2014.01.021
Abstract:
In order to solve principal-agent problems caused by interest inconformity and information asymmetry during information security outsourcing, it is necessary to design a reasonable incentive mechanism to promote client enterprises to complete outsourcing service actively. The incentive mechanism model of information security outsourcing is designed based on the principal-agent theory. Through analyzing the factors such as enterprise information assets value, invasion probability, information security environment, the agent cost coefficient and agency risk preference degree how to impact on the incentive mechanism, conclusions show that an enterprise information assets value and invasion probability have a positive influence on the fixed fee and the compensation coefficient; while information security environment, the agent cost coefficient and agency risk preference degree have a negative influence on the compensation coefficient. Therefore, the principal enterprises should reasonably design the fixed fee and the compensation coefficient to encourage information security outsourcing agency enterprises to the full extent.

References:

[1] Schwartz M J. More firms outsourcing security to MSSPs[EB/OL].(2010)[2013-08-09]. http://www.informationweek.com/security/management/more-firms-outsourcing-security-to-mssps/225700537.
[2] Gordon L A, Loeb M P. The economics of information security investment[J]. ACM Transactions on Information and System Security, 2002, 5(4):438-457.
[3] Huang C D, Hu Q, Behara R S. An economic analysis of the optimal information security investment in the case of a risk-averse firm[J]. International Journal of Production Economics, 2008, 114(2): 793-804.
[4] Willcocks L P, Lacity M C, Kern T. Risk mitigation in IT outsourcing strategy revisited: longitudinal case research at LISA[J]. The Journal of Strategic Information Systems, 1999, 8(3): 285-314.
[5] Lee Jae-Nam, Miranda S M, Kim Yong-Mi. IT outsourcing strategies: universalistic, contingency, and configurational explanations of success[J]. Information Systems Research, 2004, 15(2): 110-131.
[6] Fenn C, Shooter R, Allan K. IT security outsourcing: how safe is your IT security?[J]. Computer Law & Security Review, 2002, 18(2): 109-111.
[7] Rowe B R. Will outsourcing IT security lead to a higher social level of security?[C]//Workshop on the Economics of Information Security(WEIS). Pittsburgh: Carnegie Mellon University, 2007: 1-37.
[8] Hui K, Hui W, Yue W T. Information security outsourcing with system interdependency and mandatory security requirement[J]. Journal of Management Information Systems, 2012, 29(3): 117-156.
[9] Koh C, Soon A, Straub D W. IT outsourcing success: a psychological contract perspective[J]. Information Systems Research, 2004, 15(4): 356-373.
[10] Reid T, Campbell K. IT outsourcing: success or disaster[J]. Canadian Underwriter, 2004, 71(10): 64-66.
[11] Lee C H, Geng X, Raghunathan S. Contracting information security in the presence of double moral hazard[J]. Information Systems Research, 2013, 24(2):295-311.
[12] Ding W, Yurcik W. Outsourcing internet security: the effect of transaction costs on managed service providers[C]//The International Conference on Telecommunication Systems—Modeling and Analysis. Dallas, TX, USA, 2005:17-20.

Memo

Memo:
Biographies: Xiong Qiang(1979—), male, graduate; Zhong Weijun(corresponding author), male, doctor, professor, zhongweijun@seu.edu.cn.
Foundation items: The National Natural Science Foundation of China(No.71071033), the Youth Foundation of Humanity and Social Science of Ministry of Education of China(No.11YJC630234).
Citation: Xiong Qiang, Zhong Weijun, Mei Shu’e.Incentive mechanism analysis of information security outsourcing based on principal-agent model.[J].Journal of Southeast University(English Edition), 2014, 30(1):113-117.[doi:10.3969/j.issn.1003-7985.2014.01.021]
Last Update: 2014-03-20