竞争企业的信息安全策略选择:自主防御或外包被引量：3

Information Security Strategy Selection of Competitive Enterprises: Independent Defense or Outsourcing

导出

摘要 [目的/意义]信息安全问题是关系到企业保持市场竞争优势、持续稳健发展的重要问题,如何有效平衡安全性和经济性目标、最大化信息安全效益已成研究热点.[方法/过程]文章基于博弈理论构建了竞争企业的信息安全决策模型,重点分析了系统内在脆弱性水平、安全系统相似性、收益转移、外部性等因素对安全决策的影响,并结合数值模拟的方法验证主要结论.[结果/结论]研究表明:竞争企业选择不同信息安全策略时,脆弱性水平是影响决策的主要因素;竞争企业都选择自主防御时,脆弱性水平和系统相似性是影响决策的主要因素;竞争企业均选择外包策略时,系统相似性和外部性是影响决策的主要因素. [Purpose/significance]The information security is an important issue related to maintain market competitive advantage and sustain steady development for enterprises.It has become a research focus to effectively balance safety and economic goals and maximize information security benefits.[Method/process]Based on the game theory,this paper constructs the infbrmation security model of competitive enterprises,and analyzes how the system internal vulnerability level,security system similarity,income transfer and externality impact on security decision-making.The main conclusions are verified by a numerical simulation method.[Result/conclusion]The research shows that when enterprises choose different information security strategies,the vulnerability level is the main factor affecting decision-making.When enterprises choose independent defense strategies,the vulnerability level and system similarity are the main factors affecting decision-making.When enterprises choose outsourcing strategy,the system similarity and externality are the main factors affecting decision-making.

作者赵柳榕刘健楠朱晓峰

机构地区南京工业大学经济与管理学院南京大学工程管理学院

出处《情报理论与实践》 CSSCI 北大核心 2019年第12期94-100,59,共8页 Information Studies:Theory & Application

基金国家自然科学基金项目“考虑风险依赖和竞争外部性的信息安全外包决策机制和策略优化研究”(项目编号:71801125) 中国博士后科学基金项目“信息安全技术自主管理和外包管理的策略选择及优化研究”(项目编号:2018M630544)的成果

关键词竞争企业信息安全自主防御外包 competitive enterprise information security independent defense outsourcing

分类号 F27 [经济管理—企业管理]

引文网络
相关文献

参考文献4

1赵柳榕,梅姝娥,仲伟俊.基于博弈的蜜罐和入侵检测系统最优配置策略[J].系统管理学报,2018,27(3):512-519. 被引量：3
2顾建强,梅姝娥,仲伟俊.信息安全外包激励契约设计[J].系统工程理论与实践,2016,36(2):392-399. 被引量：8
3方玲,仲伟俊,梅姝娥.企业信息系统安全技术策略选择:自主防御还是外包[J].管理工程学报,2019,33(1):205-213. 被引量：7
4徐颖,李鑫,张珊.竞争企业核心战略要素情报动态分析[J].图书情报工作,2015,59(6):75-81. 被引量：4

二级参考文献35

1朱德利.一种基于竞争要素的竞争情报分析框架[J].情报科学,2006,24(4):621-626. 被引量：1
2Sang M, Fred L,David L,et al.Management science approach to contingency models of organizational structure[J].The Academy of Management Journal,1982,25(3):553-566. 被引量：1
3波特. 竞争战略[M].陈小悦,译.北京:华夏出版社,2011. 被引量：1
4Soujanya P,Erik C,Amir H,et al.Towards an intelligent framework for multimodel affective data analysis[J].Neural Networks,2015,63:104-116. 被引量：1
5Josip M, Darko P.Accounting for dynamics in attribute-importance and for competitor performance to enhance reliability of BPNN-based importance-performance analysis[J].Expert Systems with Applications, 2012,39(5):5144-5153. 被引量：1
6Gao X, Zhong W, Mei S. Information security investment when hackers disseminate knowledge[J]. Decision Analysis, 2013, 10(4):352-368. 被引量：1
7Elhag S, Fernandez A, Bawakid A. On the combination of genetic fuzzy systems and pairwise learning for improving detection rates on intrusion detection systems[J]. Expert Systems with Applications, 2015, 42(1):193-202. 被引量：1
8Huang C D, Behara R S. Economics of information security investment in the case of concurrent heterogeneous attacks with budget constraints[J]. International Journal of Production Economics, 2013, 141(1):255-268. 被引量：1
9Elitzur R, Gavious A, Wensley A. Information systems outsourcing projects as a double moral hazard problem[J]. Omega, 2012, 40(3):379-389. 被引量：1
10Bandyopadhyay T, Mookerjee V, Rao R C. Why IT managers don't go for cyberinsurance products[J]. Communications of the ACM, 2009, 52(11):68-73. 被引量：1