Contracting managed security service: Double moral hazard and risk interdependency

作者：

Highlights：

• Propose a relational contract to ease double moral hazard in security outsourcing.

• The contract can eliminate double moral hazard with a large discount factor.

• Interdependency risk can strengthen the effect of the proposed contract.

• Relevance to real world is improved by setting a threshold for verifiable part.

摘要

•Propose a relational contract to ease double moral hazard in security outsourcing.•The contract can eliminate double moral hazard with a large discount factor.•Interdependency risk can strengthen the effect of the proposed contract.•Relevance to real world is improved by setting a threshold for verifiable part.

论文关键词：Managed security service,Interdependency of information security risks,Double moral hazard,Relational contract

论文评审过程：Received 9 October 2020, Revised 17 May 2021, Accepted 28 September 2021, Available online 1 October 2021, Version of Record 9 October 2021.

论文官网地址：https://doi.org/10.1016/j.elerap.2021.101097