We found a match
Your institution may have access to this item. Find your institution then sign in to continue.
- Title
An economic mechanism to manage operational security risks for inter-organizational information systems.
- Authors
Fang, Fang; Parameswaran, Manoj; Zhao, Xia; Whinston, Andrew
- Abstract
As organizations increasingly deploy Inter-organizational Information Systems (IOS), the interdependent security risk they add is a problem affecting market efficiency. Connected organizations become part of entire networks, and are subject to threats from the entire network; but members' security profile information is private, members lack incentives to minimize impact on peers and are not accountable. We model the problem as a signaling-screening game, and outline an incentive mechanism that addresses these problems. Our mechanism proposes formation of secure communities of organizations anchored by Security Compliance Consortium (SCC), with members held accountable to the community for security failures. We study the interconnection decisions with and without the mechanism, and characterize conditions where the mechanism plays roles of addressing moral hazard and hidden information issues by screening the organizations' security types and/or by providing them incentives to improve. We also discuss the welfare gains and the broad impact of the mechanism.
- Subjects
INFORMATION resources management; COMPUTER network security; COMPUTER security; LABOR incentives; STRATEGIC information system
- Publication
Information Systems Frontiers, 2014, Vol 16, Issue 3, p399
- ISSN
1387-3326
- Publication type
Article
- DOI
10.1007/s10796-012-9348-y