This paper considers the problem of disruption risk management in global supply chains. We consider a supply chain with two participants, who face interdependent losses resulting from supply chain disruptions such as terrorist strikes and natural hazards. The Harsanyi–Selten–Nash bargaining framework is used to model the supply chain participants' choice of risk mitigation investments. The bargaining approach allows a framing of both joint financing of mitigation activities before the fact and loss-sharing net of insurance payouts after the fact. The disagreement outcome in the bargaining game is assumed to be the result of the corresponding non-cooperative game. We describe an incentive-compatible contract that leads to First Best investment and equal “gain” for all players, when the solution is “interior” (as it almost certainly is in practice). A supplier that has superior security practices (i.e., is inherently safer) exploits its informational advantage by extracting an “information rent” in the usual spirit of incomplete information games. We also identify a special case of this contract, which is robust to moral hazard. The role of auditing in reinforcing investment incentives is also examined.