The quest for complete security: An empirical analysis of users’ multi-layered protection from security threats

Crossler, Robert E.; Ormond, Dustin

doi:10.1007/s10796-017-9755-1

Cited by 30 publications

(13 citation statements)

References 75 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Both a strength and a weakness of the current study is that it focussed on one type of behaviour, as precautionary online behaviour (against phishing) consists of a range of behaviours (Crossler et al , 2017). The strength is related to the fact that predictors of one type of behaviour might not influence another type of behaviour (Blythe et al , 2015).…”

Section: Limitationsmentioning

confidence: 99%

Persuading end users to act cautiously online: a fear appeals study on phishing

Jansen

Schaik

2018

ICS

View full text Add to dashboard Cite

Purpose The purpose of this paper is to test the protection motivation theory (PMT) in the context of fear appeal interventions to reduce the threat of phishing attacks. In addition, it was tested to what extent the model relations are equivalent across fear appeal conditions and across time. Design/methodology/approach A pre-test post-test design was used. In the pre-test, 1,201 internet users filled out an online survey and were presented with one of three fear appeal conditions: strong fear appeal, weak fear appeal and control condition. Arguments regarding vulnerability of phishing attacks and response efficacy of vigilant online information-sharing behaviour were manipulated in the fear appeals. In the post-test, data were collected from 786 internet users and analysed with partial least squares path modelling. Findings The study found that PMT model relations hold in the domain of phishing. Self-efficacy and fear were the most important predictors of protection motivation. In general, the model results were equivalent across conditions and across time. Practical Implications It is important to consider online information-sharing behaviour because it facilitates the occurrence and success of phishing attacks. The results give practitioners more insight into important factors to address in the design of preventative measures to reduce the success of phishing attacks. Future research is needed to test how fear appeals work in real-world settings and over longer periods. Originality/value This paper is a substantial adaptation of a previous conference paper (Jansen and Van Schaik, 2017a, b).

show abstract

Section: Limitationsmentioning

confidence: 99%

Persuading end users to act cautiously online: a fear appeals study on phishing

Jansen

Schaik

2018

ICS

View full text Add to dashboard Cite

show abstract

“…This study has shown that psychological capital can play a vital role in developing employees' protective motivated behaviors. Reference [64] briefly outlined that existing information security behavior research addresses one threat and one behavior at a time while users perform multiple security behaviors to mitigate security threats. Their study examined three security threats (data loss, security-related performance degradation, identify theft) on 279 computer users and showed that users perform multiple security behaviors to deal with these threats.…”

Section: Intrinsic/extrinsic Motivations and Compliancementioning

confidence: 99%

“…PMT predicts better ISB if the threat and the coping process are specific, and PMT is a good predictor of ISB for individuals' threats, not the organizational threats [62] Mixed method approach used and PLS used for research model testing 559 insiders participated from the city government of Finland Enhanced fear appeal with PMT has better results on ISPC [54] The longitudinal research design was adopted. PLS is used for data and model testing 253 valid responses were collected Self-efficacy perceived threat severity, and perceived threat susceptibility significantly affect employees' continue protective behaviors [63] The quantitative research design adopted SEM used for model and hypothesis testing 377 usable responses from the public and private organizations Psychological capital has positive effects on employees' protective motivated behaviors [64] Mixed method research with multidimensional scaling analysis Seven expert interviews and 279 computer users participated Users perform multiple security behaviors to deal with security threats.…”

Section: Authorsmentioning

confidence: 99%

Information Security Behavior and Information Security Policy Compliance: A Systematic Literature Review for Identifying the Transformation Process from Noncompliance to Compliance

et al. 2021

View full text Add to dashboard Cite

A grave concern to an organization’s information security is employees’ behavior when they do not value information security policy compliance (ISPC). Most ISPC studies evaluate compliance and noncompliance behaviors separately. However, the literature lacks a comprehensive understanding of the factors that transform the employees’ behavior from noncompliance to compliance. Therefore, we conducted a systematic literature review (SLR), highlighting the studies done concerning information security behavior (ISB) towards ISPC in multiple settings: research frameworks, research designs, and research methodologies over the last decade. We found that ISPC research focused more on compliance behaviors than noncompliance behaviors. Value conflicts, security-related stress, and neutralization, among many other factors, provided significant evidence towards noncompliance. At the same time, internal/external and protection motivations proved positively significant towards compliance behaviors. Employees perceive internal and external motivations from their social circle, management behaviors, and organizational culture to adopt security-aware behaviors. Deterrence techniques, management behaviors, culture, and information security awareness play a vital role in transforming employees’ noncompliance into compliance behaviors. This SLR’s motivation is to synthesize the literature on ISPC and ISB, identifying the behavioral transformation process from noncompliance to compliance. This SLR contributes to information system security literature by providing a behavior transformation process model based on the existing ISPC literature.

show abstract

“…Consumer-friendly online shopping environments and processes need to address privacy considerations, and research needs to determine how consumers incorporate privacy considerations into their online purchasing decisions Tsai et al 2011). Identity theft and data breaches are global phenomena (Targett 2018) that spark widespread reluctance to divulge personal details to e-commerce providers, and the problem is a global one (e.g., Crossler et al 2019). In the United States, the personal and bank account information of almost one in every five Internet users has been stolen (Madden 2014).…”

Section: Online Identity Theftmentioning

confidence: 99%

Fear of Online Consumer Identity Theft: Cross-Country Application and Short Scale Development

et al. 2019

View full text Add to dashboard Cite

Hawliau Cyffredinol / General rights Copyright and moral rights for the publications made accessible in the public portal are retained by the authors and/or other copyright owners and it is a condition of accessing publications that users recognise and abide by the legal requirements associated with these rights. • Users may download and print one copy of any publication from the public portal for the purpose of private study or research. • You may not further distribute the material or use it for any profit-making activity or commercial gain • You may freely distribute the URL identifying the publication in the public portal ? Take down policy If you believe that this document breaches copyright please contact us providing details, and we will remove access to the work immediately and investigate your claim.

show abstract

The quest for complete security: An empirical analysis of users’ multi-layered protection from security threats

Cited by 30 publications

References 75 publications

Persuading end users to act cautiously online: a fear appeals study on phishing

Persuading end users to act cautiously online: a fear appeals study on phishing

Information Security Behavior and Information Security Policy Compliance: A Systematic Literature Review for Identifying the Transformation Process from Noncompliance to Compliance

Fear of Online Consumer Identity Theft: Cross-Country Application and Short Scale Development

Contact Info

Product

Resources

About