以IDSs和人工调查技术组合为例，通过构建博弈模型，分析了风险偏好对信息系统安全技术选择与配置的影响，认为组织风险偏好不仅影响着自身的策略也将影响对方的策略。研究结论显示风险厌恶型组织配置IDS数量并不总是高于风险中立型组织，组织风险偏好对其部署单IDS还是多IDSs甚至无直接影响。同时组织在黑客期望收益很低时对风险厌恶型黑客的人工调查率更高，而在黑客期望收益很高时其对风险中立型黑客的调查率更高。此外，黑客在组织人工调查成本较低时更倾向于入侵风险中立型组织，在人工调查成本很高时更愿意入侵风险厌恶型组织。

At the example of IDSs and manual investigation technology portfolio, the influences of risk preference on selection and configuration of information system security technologies were analyzed through a game model, considering that an organization’s risk preference would influence both of its own strategy and the opponent’s strategy. The conclusions of this paper showed us that risk aversion organizations would not always configure more IDSs than risk neutral ones, and the risk preference of organizations even has no direct influences on its selection of single IDS or multi IDSs. Organizations would investigate risk aversion intruders manually more than risk neutral ones when the intruders’ expected revenues were very low while they would investigate risk neutral intruders manually more than risk aversion ones when the intruders’ expected revenues were very high. Besides, intruders would intrude risk neutral organizations more probably when the costs of manual investigation were low while they would intrude risk aversion organizations more likely when the manual investigation costs were high enough.