Beyond adaptive security coping behaviors: Theory and empirical evidence

2022 | Information & Management | Citations: 10

Authors: Chen, Yan; Luo, Xin (Robert); Li, Han

Abstract: Extant research seldom focuses on maladaptive security coping behaviors. Applyin ... Expand

Abstract: Extant research seldom focuses on maladaptive security coping behaviors. Applying the extended parallel process model, this study has developed a research model to reveal the processes underlying users’ adaptive and mal­ adaptive security coping behaviors. The model is empirically examined along with alternative models. Results show that perceived coping efficacy is the most influencing factor promoting adaptive coping behaviors and deterring maladaptive coping behaviors. Fear plays a mediating role in the threat appraisal process and leads to adaptive and maladaptive coping behaviors. Trust in the Internet as the contextual factor influences the threat and coping appraisal processes and adaptive coping behaviors. Collapse

Topics: internet technology IT security threat IT security data security self efficacy

Methods: survey PLS tool descriptive statistic partial least squares regression literature study

Theories: extended parallel process model protection motivation theory

Discovering the interplay between defensive avoidance and continued use intention of anti-malware software among experienced home users: A moderated mediation model

2022 | Information & Management | Citations: 0

Authors: Xie, Yitian; Siponen, Mikko; Moody, Greg; Zheng, Xiaosong

Abstract: Dismissing or disregarding security notifications (defensive avoidance) may lead ... Expand

Abstract: Dismissing or disregarding security notifications (defensive avoidance) may lead to inactive use of anti-malware, compromising the effective protection of home computers. Nevertheless, few studies have investigated the cognitive and behavioral mechanisms initiated by defensive avoidance in users. Motivated thus, we propose a moderated mediation model that depicts users’ cognitive and behavioral mechanisms initiated by defensive avoidance, as well as the moderation role of perceived vulnerability and user involvement. Our results show that perceived vulnerability and user involvement may moderate a biased cognitive mediation process between defensive avoidance and future behavioral intention. Collapse

Topics: malware participatory design usage intention behavioral intention home computer

Methods: design methodology mediation analysis survey descriptive statistic SEM tool

Theories: fear appeal theory

When IT Evolves Beyond Community Needs: Coevolution of Bottom-Up IT Innovation and Communities

2021 | Journal of the Association for Information Systems | Citations: 0

Authors: Zorina, Aljona; Karanasios, Stan

Abstract: This paper examines how innovative uses of IT artifacts and their repurposing t ... Expand

Abstract: This paper examines how innovative uses of IT artifacts and their repurposing to fulfill emerging or unsatisfied user needs (bottom-up innovation, BUI) develop in community settings. Based on a longitudinal analysis of "HomeNets," communities that developed residential internet access in Belarus over a 20-year period, we illustrate that the development of community BUI is driven not only by the needs of the innovating members but also by the interplay between the innovating members' community context and technology and the interplay between the BUI technology and context. We demonstrate how these dynamics trigger community BUI development that goes beyond the needs and expectations of the innovating actors and impacts community evolution and long-term survival. Based on our findings, we develop a model of community BUI development. We discuss the theoretical implications of our findings, highlighting the role of technology and context in community BUI and its processual unfolding beyond the needs and intentions of the innovating members. Collapse

Topics: innovation management internet technology user requirement information technology infrastructure home computer

Methods: qualitative interview survey longitudinal research conceptual modelling design artifact

Adaptive and Maladaptive Coping with an It Threat

2019 | Information Systems Management | Citations: 6

Authors: Chenoweth, Tim; Gattiker, Tom; Corral, Karen

Abstract: Numerous studies have investigated employees’ decisions to adopt IS security mea ... Expand

Abstract: Numerous studies have investigated employees’ decisions to adopt IS security measures by focusing on adaptive responses. Using the Extended Parallel Processing model (EPPM), this study evaluates subjects’ adaptive and maladaptive intentions with respect to antispyware software. Our results show that both adaptive and maladaptive coping occur, and we identify antecedents of each. We advance IS security theory by considering maladaptive coping along with adaptive coping and by modeling threat and efficacy as contingent effects. Collapse

Topics: spyware IT security IT security threat self efficacy user behavior

Methods: survey data transformation scale reliability factor analysis confirmatory factor analysis

An Empirical Study of Home User Intentions towards Computer Security

2019 | HICSS | Citations: 1

Authors: Mills, Annette M; Sahi, Natasha

Abstract: Home computer users are solely responsible for implementing security measures on ... Expand

Abstract: Home computer users are solely responsible for implementing security measures on their devices. Although most computers have security software installed, the potential remains for security breaches, which makes it important for home users to take additional steps, such as not sharing one’s password and using strong passwords, to secure their devices further. Drawing on protection motivation theory and findings from prior research, this study evaluates factors that influence individuals to implement additional security measures to protect their home computers. Using SmartPLS and responses from 72 home computer users, the results show that response efficacy, self-efficacy and subjective norms were significant in encouraging persons to implement additional security measures. Maladaptive rewards on the other hand acted as a significant detractor, while neither perceived vulnerability nor perceived severity was significant in relation to willingness to implement additional security measures. Collapse

Topics: IT security defense home computer self efficacy laptop computer password

Methods: partial least squares path modeling partial least squares regression structural equation modeling PLS tool survey

Theories: protection motivation theory

Unlocking the Mixed Results of the Effect of Self-Efficacy in Information Security on Compliance.

2019 | Americas Conference on Information Systems | Citations: 0

Authors: Reddy, Dinesh; Dietrich, Glenn

Abstract: The outcome of the effect of Self-efficacy in information security (SEIS) on co ... Expand

Abstract: The outcome of the effect of Self-efficacy in information security (SEIS) on compliance to secure behavior has been positive to most extent. However, in some studies, the relationship between SEIS and compliance has shown a negative effect, thus signaling mixed results. The importance of unlocking this mixed result is significant since any proven deviation in results (about the effect of SEIS on compliance) will challenge the past empirical findings. Past research has ignored to explain why the results of the effect of SEIS on compliance are mixed. In this article, we explore the multi level nature of SEIS, measurement process involved, and context specific conceptualizations of SEIS as possible reasons that explain the reversal of security behavior. This research will guide future research on what could cause people with high SEIS to not exhibit secure compliance behavior, where SEIS and compliance are more often modeled in behavioral security research. KeywordsSelf-efficacy in information security, cybersecurity compliance, overconfidence. Collapse

Topics: self efficacy IT security data security phishing home computer

Methods: survey meta analysis

Theories: protection motivation theory

Short-term and Long-term Effects of Fear Appeals in Improving Compliance with Password Guidelines

2018 | Communications of the Association for Information Systems | Citations: 0

Authors: Mwagwabi, Florence; McGill, Tanya; Dixon, Mike

Abstract: Passwords are the most widely used method of authentication on the Internet, but ... Expand

Abstract: Passwords are the most widely used method of authentication on the Internet, but users find compliance with password guidelines difficult, and we know little about the long-term effects of attempts to improve compliance. In this paper, we extend the work of fear appeals use in the IS security domain to investigate their longer-term effects. We conducted a longitudinal experimental study to examine fear appeals’ long- and short-term effects. Using a model based on protection motivation theory (Rogers, 1983), we found that fear of threat, perceived password effectiveness, and password self-efficacy predicted compliance. We also found that neither perceived vulnerability to a security attack nor perceived severity of an attack influenced compliance. Providing persuasive communication improved compliance with password guidelines and resulted in significantly stronger passwords, but the effects on compliance intentions were only short term. This study extends our understanding of the factors that influence compliance with password guidelines and how we can modify them to improve compliance. We raise interesting questions about the role of fear in different IS security contexts. We also highlight the need for more research on the long-term impact of persuasive communication. Collapse

Topics: password IT security self efficacy behavioral intention IT security defense

Methods: experimental group survey parametric test ANOVA longitudinal research

Theories: protection motivation theory health belief model theory of reasoned action behavioral theory

POLITICAL IDEOLOGY AS A PREDICTOR OF ONLINE MEDIA PIRACY

2017 | European Conference On Information Systems | Citations: 0

Authors: Graf-Vlachy, Lorenz; Goyal, Tarun; Ouardi, Yannick; König, Andreas

Abstract: The factors which lead people to adopt or reject technologies of varying degrees ... Expand

Abstract: The factors which lead people to adopt or reject technologies of varying degrees of legality have not been studied extensively in information systems research. To address this gap, we combine literature in information systems and political ideology and theorize on the general influence of the personality traits openness to experience and conscientiousness on online media piracy. Furthermore, we propose differential consequences of the personality characteristic ambiguity intolerance for two different kinds of online media piracy, namely pirated online streaming and file sharing. We use clickstream data from 3,873 individuals in the U.S. to study their use of online media piracy websites. Contrary to what prior studies would suggest, we do not find that individuals with a more conservative ideology, and thus likely lower levels of openness to experience and higher levels of conscientiousness, engage in less online media piracy across the board. Instead, we find that individuals with a more conservative ideology, and hence likely lower ambiguity intolerance, exhibit lower use of a legally ambiguous technology (pirated streaming websites) whereas there is no difference in the use of a similar but legally unambiguous technology (pirated file sharing websites). We discuss how our findings impact the study of new technology adoption. Collapse

Topics: website digital media personality technology adoption information system use

Methods: regression analysis method theory development self reported survey logistic regression probit regression

Theories: technology acceptance model

User Motivations in Protecting Information Security: Protection Motivation Theory Versus Self-Determination Theory

2017 | Journal of Management Information Systems | Citations: 0

Authors: Menard, Philip; Bott, Gregory J.; Crossler, Robert E.

Abstract: Managers desiring to protect information systems must understand how to most eff ... Expand

Abstract: Managers desiring to protect information systems must understand how to most effectively motivate users to engage in secure behaviors. Information security researchers have frequently studied individuals’ performance of secure behaviors in response to threats. Protection motivation theory (PMT) has been used to explain individuals’ propensity to engage in voluntary secure behaviors, but the adaptation of this theory has yielded inconsistent results. Motivation as a measurable construct, as derived from self-determination theory (SDT), has never been included in or compared against PMT. In this study, we construct security messages that appeal to individuals’ intrinsic motivation, rather than fear, as a way to elicit secure responses. Using three sets of respondents, we integrated the SDT and PMT models and compared the native models in the context of security behaviors. We demonstrate that by using data- and individual-focused appeals and providing choices for users, managers may observe greater intention to engage in secure behavior among employees. Collapse

Topics: behavioral intention self efficacy password intrinsic motivation organizational context

Methods: statistical power analysis survey design partial least squares regression statistical hypothesis test PLS tool

Applying a critical approach to investigate barriers to digital inclusion and online social networking among young people with disabilities

2017 | Information Systems Journal | Citations: 31

Authors: Newman, Lareen; Browne-Yung, Kathryn; Raghavendra, Parimala; Wood, Denise; Grace, Emma

Abstract: Despite the seeming ubiquity of young people's Internet use, there are still man ... Expand

Abstract: Despite the seeming ubiquity of young people's Internet use, there are still many for whom access to the Internet and online social networking remains inequitable and patterned by disadvantage. The connection between information technology and young people with disabilities is particularly under-researched. This article contributes to the field of critical information systems research by exposing significant barriers and facilitators to Internet accessibility for young people with disabilities. It uses Bourdieu's critical theory to explore how the unequal distribution of resources shapes processes of digital inclusion for young people with disabilities. It highlights access needs and experiences that are both disability and non-disability related. The article draws on interviews in South Australia with 18 young people aged 10–18 years with a physical disability (such as cerebral palsy) or acquired brain injury and with 17 of their family members. Interviews evaluated participants' and parents' reflections on the benefits of a home-based, goal-oriented intervention to increase the young person's Internet use for social participation purposes. The Bourdieuian analysis demonstrated how varying levels of accrued individual and family offline capital resources are related to digital/online resources and disability-specific online resources. This revealed how unequal resources of capital can influence technology use and hence digital inclusion for young people with disabilities. Our study demonstrates that young people with particular types of disabilities require intensive, personalised and long-term support from within and beyond the family to ‘get online’. We conclude that Internet studies need to more frequently adopt critical approaches to investigate the needs of users and barriers to information technology use within sub-groups, such as young people with disabilities. © 2016 John Wiley & Sons Ltd Collapse

Topics: information system use internet technology digital divide smartphone social network

Methods: qualitative interview survey case study qualitative coding