When does One Weight Threats more? An Integration of Regulatory Focus Theory and Protection Motivation Theory

Protection motivation theory has been adopted to understand the driver of information security behaviors broadly. Based on theoretical arguments and empirical results, security behaviors are driven by individuals’ appraisal toward threats and coping. However, while most study focus on the impacts of independent variables on dependent variables, previous studies largely ignore a fact that, under certain conditions, individuals tend to weight the importance of threat (or coping) appraisal more. Given that the goal of security behavior is to protection information and individuals may be oriented to the goal differently, we argue that the magnitude of the impacts of threat and coping appraisal may be contingent on individuals’ goal orientation. Specifically, this study attempts to integrate protection motivation theory with regulatory focus theory and explore whether (1) threat appraisal is more critical when prevention focus in high and (2) coping appraisal generates more impact when promotion focus is high. By integrating protection motivation theory with regulatory focus theory and revealing the moderating roles of regulatory focus on protection motivations, we expect to contribute to protection motivation theory by showing the effects of threat and coping appraisal may be contingent on certain conditions

Pluralistic Ignorance in the Personal Use of the Internet and System Monitoring

Previous research suggests that computer security countermeasures would be effective in preventing computer abuse in organizations. However, computer abuse problems still persist despite these efforts. This study proposes a new model of computer abuse that explains a causal link between abusive behavior and a psychological state toward this behavior, drawn on the theory of pluralistic ignorance. Pluralistic ignorance is a form of erroneous social interference that is both an immediate cause and a consequence of literal inconsistency between private attitudes and public behavior. Under pluralistic ignorance, mistakenly perceived social norms overwhelm personal attitudes and subsequently lead to overt behavior contrary to an actor’s attitude. This new model contributes to the theoretical body of knowledge on computer abuse by providing a new angle for approaching the problem. In addition, it suggests to practitioners that social solutions should be considered, along with technical countermeasures, to reduce the pervasive computer abuse problems

An Empirical Investigation of Antecedents of Internet Abuse in the Workplace

engage in Internet abuse, and whether any of 15 antecedents predict the amount of that abuse. Data were collected from 571 Usenet users in an on-line survey. Aggregating the time for each of the eleven listed methods of Internet abuse revealed a total of 5.8 hours per week, on average. Most of the antecedents in two of the three Theory of Planned Behavior (TPB) categories (Attitudes and Subjective Norms), were significant, and none of the antecedents in the third TPB category (Perceived Behavioral Control) showed significance. addiction, self-justification, job satisfaction, peer culture, and supervisor culture were significant predictors of Internet abuse. Exploratory demographic factors computer experience, gender, and firm revenue also showed predictive power

Factors Affecting Illegal Hacking Behavior

The damage caused by illegal hacking has become one of the serious problems facing society. Based on general deterrence theory, social bond theory and social learning theory, the paper proposes a model which examines the factors affecting the likelihood an individual will engage in illegal hacking behavior. Data was gathered from a survey of 127 individuals who attended a hacker’s conference. The results indicate that the severity of punishment has a significant positive relationship with the hacking execution while the certainty of punishment has a significant negative relationship with the hacking execution. The results also suggest that the greater an individual’s commitment to conventional activities and the stronger the individual’s belief in following the norms and rules of society, the less likely he or she will engage in illegal hacking behavior. Finally, interaction with other computer hackers significantly impacts illegal hacking behavior

The Role of Formal and Social Control in Information Security Behaviors

The purpose of this study is to explore the effect of formal and social control on in-role and extra-role security behaviors. Following past studies, we reexamine the effect of formal control on behaviors. Based on social control theory, we further hypothesize the effect of social control on security behaviors. Data collected from 259 members of IS departments confirmed our hypotheses that both formal control and social control generate effects on both in-role and extrarole security behaviors. Implications for academia and practitioners are also provided

Critical Success Factors to Improve Compliance with Campus Emergency Notifications

We have recently witnessed an uptake in the number of campus related incidents. School administrations are increasinglyconcerned about notification systems to alert students against the incidents and to provide advice on actions that they wouldlike the students to take. However whether students appropriately react to notifications sent by these systems are still lessunderstood. This paper develops and validates an instrument to measure the critical factors (subjective norm, threat appraisal,message efficacy, and media richness) that motivate students to comply with the directions in the notifications. Theinstrument has been validated through a pretest, followed by a pilot test, finally a main field test based on the data collectedfrom a large Northeastern university. This research attempts to inform both theory and practice, and will help develop policysuggestions on what can be done to improve compliance with emergency notifications on university campus

An Organizational Level Advancement Ofmis and Its Security Milestones Intechnological Era

Today the most vital asset of any enterprise is its data and to maintain its security. In order to make your business successful in this era of modern economy and to compete with the advancing world, one must have to understand the importance of data management. Management Information System is a source of managing large amount of data of any firm and it has a powerful influence on the performance of an organization by maintaining its data electronically. This paper discusses the impact of MIS on performing various functions of an organization and how this software can increase the profitability, growth and innovation of an organization. In short, a positive relationship between an organization and MIS is discussed. With the increasing complexity in technology, there arise some serious issues of security which includes hacking, spoofing, cybercrime etc that needs to be catered. This research therefore covers possible solutions to such security threats along with some techniques and also discusses various types of information systems. The need therefore is to produce a way that encourages operating a secure information system for an organization