Bilateral Liability-Based Contracts in Information Security Outsourcing
| Autor: | Kai Lung Hui, Ping Fan Ke, Wei Thoo Yue, Yuxi Yao |
|---|---|
| Rok vydání: | 2019 |
| Předmět: |
Service (business)
Finance Information Systems and Management Computer Networks and Communications Limited liability business.industry media_common.quotation_subject 05 social sciences Liability ComputingMethodologies_IMAGEPROCESSINGANDCOMPUTERVISION ComputingMilieux_LEGALASPECTSOFCOMPUTING 02 engineering and technology Information security Library and Information Sciences Managed security service Management Information Systems Outsourcing 020204 information systems 0502 economics and business 0202 electrical engineering electronic engineering information engineering 050211 marketing Quality (business) business Information Systems media_common |
| Zdroj: | Information Systems Research. 30:411-429 |
| ISSN: | 1526-5536 1047-7047 |
| DOI: | 10.1287/isre.2018.0806 |
| Popis: | We study the efficiency of bilateral liability-based contracts in managed security services (MSSs). We model MSS as a collaborative service with the protection quality shaped by the contribution of both the service provider and the client. We adopt the negligence concept from the legal profession to design two novel contracts: threshold-based liability contract and variable liability contract. We find that they can achieve the first best outcome when postbreach effort verification is feasible. More importantly, they are more efficient than a multilateral contract when the MSS provider assumes limited liability. Our results show that bilateral liability-based contracts can work in the real world. Hence, more research is needed to explore their properties. We discuss the related implications. The online appendix is available at https://doi.org/10.1287/isre.2018.0806 . |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|