TY - EJOU AU - Xiong, Qiang AU - Zhang, Jianlong AU - Song, Qianwen TI - Multi-Stage Game-Theoretical Decision Analysis of Enterprise Information Security Outsourcing Based on Moral Hazard T2 - Journal of Cyber Security PY - 2025 VL - 7 IS - 1 SN - 2579-0064 AB - In the domain of information security outsourcing, the multi-stage game-theoretic decision-making process, intertwined with moral hazard and dynamic strategy adjustments, significantly impacts the long-term collaboration between the principal (outsourcing enterprise) and the contractor (Managed Security Service Provider—MSSP). This paper conducts a comprehensive analysis of these aspects within information security outsourcing partnerships. A multi-stage game model incorporating moral hazard is constructed to meticulously examine the strategic behaviors and expected revenue fluctuations of both parties across different cooperation stages. Through in-depth model derivation, the impacts of service fees, cooperation-stage progression, and long-term cooperation on expected revenues are explored, and crucial managerial recommendations are proposed. Enterprises need to flexibly adjust cooperation strategies, fully consider the influence of service fees on long-term benefits, and attach importance to long-term cooperation. Specifically, dynamic strategy adjustments can effectively address the changing risks in the outsourcing process. An appropriate increase in service fees can enhance information security defense effectiveness, while excessive fees may have the opposite effect. Long-term cooperation is beneficial for both the principal and the MSSP, promoting the stability and sustainability of the partnership. As the cooperation advances, the principal’s expected revenues increase gradually, necessitating strategic adjustments based on stage-specific income changes. Simulation analyses validate the key conclusions, demonstrating the model’s effectiveness and robustness in practical applications. This research provides a solid theoretical basis and practical guidance for enterprises in information security outsourcing decision-making, enabling them to better manage moral hazard and optimize the long-term value of outsourcing collaborations. KW - Information security outsourcing; dynamic moral hazard; multi-stage game; decision analysis DO - 10.32604/jcs.2025.065625