File Download

There are no files associated with this item.

  Links for fulltext
     (May Require Subscription)
Supplementary

Article: What do systems users have to fear? Using fear appeals to engender threats and fear that motivate protective security behaviors

TitleWhat do systems users have to fear? Using fear appeals to engender threats and fear that motivate protective security behaviors
Authors
KeywordsModel comparison
Information security
Intentions
Behavior
Coping
Fear appeals
Threat
System backups
Protection motivation theory
Issue Date2015
Citation
MIS Quarterly: Management Information Systems, 2015, v. 39, n. 4, p. 837-864 How to Cite?
AbstractBecause violations of information security (ISec) and privacy have become ubiquitous in both personal and work environments, academic attention to ISec and privacy has taken on paramount importance. Consequently, a key focus of ISec research has been discovering ways to motivate individuals to engage in more secure behaviors. Over time, the protection motivation theory (PMT) has become a leading theoretical foundation used in ISec research to help motivate individuals to change their security-related behaviors to protect themselves and their organizations. Our careful review of the foundation for PMT identified four opportunities for improving ISec PMT research. First, extant ISec studies do not use the full nomology of PMT constructs. Second, only one study uses fear-appeal manipulations, even though these are a core element of PMT. Third, virtually no ISec study models or measures fear. Fourth, whereas these studies have made excellent progress in predicting security intentions, none of them have addressed actual security behaviors. This article describes the theoretical foundation of these four opportunities for improvement. We tested the nomology of PMT, including manipulated fear appeals, in two different ISec contexts that model the modern theoretical treatment of PMT more closely than do extant ISec studies. The first data collection was a longitudinal study in the context of data backups. The second study was a short-term cross-sectional study in the context of anti-malware software. Our new model demonstrated better results and stronger fit than the existing models and confirms the efficacy of the four potential improvements we identified.
Persistent Identifierhttp://hdl.handle.net/10722/233871
ISSN
2015 Impact Factor: 5.384
2015 SCImago Journal Rankings: 6.984

 

DC FieldValueLanguage
dc.contributor.authorBoss, Scott R.-
dc.contributor.authorGalletta, Dennis F.-
dc.contributor.authorLowry, Paul Benjamin-
dc.contributor.authorMoody, Gregory D.-
dc.contributor.authorPolak, Peter-
dc.date.accessioned2016-09-27T07:21:51Z-
dc.date.available2016-09-27T07:21:51Z-
dc.date.issued2015-
dc.identifier.citationMIS Quarterly: Management Information Systems, 2015, v. 39, n. 4, p. 837-864-
dc.identifier.issn0276-7783-
dc.identifier.urihttp://hdl.handle.net/10722/233871-
dc.description.abstractBecause violations of information security (ISec) and privacy have become ubiquitous in both personal and work environments, academic attention to ISec and privacy has taken on paramount importance. Consequently, a key focus of ISec research has been discovering ways to motivate individuals to engage in more secure behaviors. Over time, the protection motivation theory (PMT) has become a leading theoretical foundation used in ISec research to help motivate individuals to change their security-related behaviors to protect themselves and their organizations. Our careful review of the foundation for PMT identified four opportunities for improving ISec PMT research. First, extant ISec studies do not use the full nomology of PMT constructs. Second, only one study uses fear-appeal manipulations, even though these are a core element of PMT. Third, virtually no ISec study models or measures fear. Fourth, whereas these studies have made excellent progress in predicting security intentions, none of them have addressed actual security behaviors. This article describes the theoretical foundation of these four opportunities for improvement. We tested the nomology of PMT, including manipulated fear appeals, in two different ISec contexts that model the modern theoretical treatment of PMT more closely than do extant ISec studies. The first data collection was a longitudinal study in the context of data backups. The second study was a short-term cross-sectional study in the context of anti-malware software. Our new model demonstrated better results and stronger fit than the existing models and confirms the efficacy of the four potential improvements we identified.-
dc.languageeng-
dc.relation.ispartofMIS Quarterly: Management Information Systems-
dc.subjectModel comparison-
dc.subjectInformation security-
dc.subjectIntentions-
dc.subjectBehavior-
dc.subjectCoping-
dc.subjectFear appeals-
dc.subjectThreat-
dc.subjectSystem backups-
dc.subjectProtection motivation theory-
dc.titleWhat do systems users have to fear? Using fear appeals to engender threats and fear that motivate protective security behaviors-
dc.typeArticle-
dc.description.natureLink_to_subscribed_fulltext-
dc.identifier.scopuseid_2-s2.0-84961795031-
dc.identifier.volume39-
dc.identifier.issue4-
dc.identifier.spage837-
dc.identifier.epage864-
dc.identifier.eissn2162-9730-

Export via OAI-PMH Interface in XML Formats


OR


Export to Other Non-XML Formats