An Empirical Investigation Of The Influence Of Fear Appeals On Attitudes And Behavioral Intentions Associated With Recommended Individual Computer Security Actions

Through persuasive communication, IT executives strive to align the actions of end users with the desired security posture of management and of the firm. In many cases, the element of fear is incorporated within these communications. However, within the context of computer security and information assurance, it is not yet clear how these fear-inducing arguments, known as fear appeals, will ultimately impact the actions of end users. The purpose of this study is to examine the influence of fear appeals on the compliance of end users with recommendations to enact specific individual computer security actions toward the amelioration of threats. A two-phase examination was adopted that involved two distinct data collection and analysis procedures, and culminated in the development and testing of a conceptual model representing an infusion of theories based on prior research in Social Psychology and Information Systems (IS), namely the Extended Parallel Process Model (EPPM) and the Unified Theory of Acceptance and Use of Technology (UTAUT). Results of the study suggest that fear appeals do impact end users attitudes and behavioral intentions to comply with recommended individual acts of security, and that the impact is not uniform across all end users, but is determined in part by perceptions of self-efficacy, response efficacy, threat severity, threat susceptibility, and social influence. The findings suggest that self-efficacy and, to a lesser extent, response efficacy predict attitudes and behavioral intentions to engage individual computer security actions, and that these relationships are governed by perceptions of threat severity and threat susceptibility. The findings of this research will contribute to IS expectancy research, human-computer interaction, and organizational communication by revealing a new paradigm in which IT users form perceptions of the technology, not on the basis of performance gains, but on the basis of utility for threat amelioration

The Diffusion Of Minor Technical Productivity And Quality Of Working Life Improvements Within A Firm With Multiple Operating Units

The productivity and quality of working life of operations across a firm with multiple operating units can be improved by the diffusion of minor innovations within the firm. The benefits to operating performance which result from a continuous stream of small, incremental innovations over time are well documented. The extent that individual minor innovations, called Minor Technical Improvements (MTIs) in this thesis, are actually used or could be potentially used through the firm, is not well documented. This thesis addresses three questions about the diffusion of minor innovations in firms with multiple operating units. (1) To what extent do MTIs actually diffuse? (2) What is the potential for further diffusion of MITs? (3) What are the managerial implications of MTI diffusion for operating improvement?;The field site for the research was 13 operating units of Canada\u27s largest domestic mining company. A total of 73 MTIs were documented on video tape and in writing, taken from 13 mines and mills.;The results indicate that MTIs actually diffuse to other parts of the firm. There is potential for MTIs to diffuse even further. The operating units improved productivity and quality of work life by innovating MTIs within the confines of their own operations. Some of these benefits were transferred to other operating units by the diffusion of MTIs. Even greater benefits could be realized across the research site by further diffusion. The research site may have incurred opportunity costs by not pursing this potential. The research results emphasize the importance of communication as an influence on diffusion

Deployment of Information Security Practices: The High Reliability Theory Perspective

Drawing on high reliability theory, this study investigates how a firm’s information security (InfoSec) practices as practical proficiencies form its organisational security culture. We tested the model using survey data from 602 professional managers in Australia and New Zealand who are aware of the InfoSec programmes within their respective organisations, the findings of which suggest a security culture is influenced by a firm’s practical proficiencies in the form of InfoSec practices namely prevention, detection and response practices. Our findings also emphasise the importance of organisational supportive proficiencies as organisational structure for improving the impact of InfoSec preventive practices on organisational security culture in a firm. The results of this study provide both academics and practitioners an understanding of the vital organisational dynamics necessary to establish a culture of security

The Online Consumer Trust Construct: A Web Merchant Practitioner Perspective

If companies are to enjoy long-term success in the Internet marketplace, they must effectively manage the complex, multidimensional process of building online consumer trust. eMerchants must understand the characteristics of web interfaces, policies, and procedures that promote trust and enact this knowledge in the form of specific trust-building mechanisms. Therefore, eMerchants must exercise a variety of trust-building techniques in the design of their online consumer interface as well as the principles upon which they operate. In doing so, eMerchants look to a variety of sources, outside the discussions available in academic literature, which influence and govern their perception of online consumer trust development. The purpose of this paper is to identify these sources and leverage the theoretical framework of previous academic literature by incorporating these practitioner sources into a framework from which future research efforts of online consumer trust can be based

A Replication Study of User Motivation in Protecting Information Security using Protection Motivation Theory and Self Determination Theory

Securing one’s data and protecting important information from various security threats are essential tasks for all end users, whether they be home users or organizational users. The motivation for doing so, however, may be entirely different for these two user populations. In 2017, Menard et al. conducted a study of home end users’ behavioral intentions regarding the installation of password management software using Self-Determination Theory (SDT), Protection Motivation Theory (PMT), and an integrated SDT-PMT model. This methodological replication study replicated those model comparisons to test organizational users’ behavioral intentions. We surveyed more than 300 organizational users who did not have password management software installed on their devices. We found support to suggest that, while both home and organizational users are significantly motivated by PMT- and SDT-enabled appeals, organizational users are significantly more motivated than their home user counterparts to install password management software when exposed to SDT-embedded appeals. We believe this outcome is the result of the multi-faceted sense of accountability (to themselves, their coworkers, and their organization) that organizational users experience but home users do not. This methodological replication of Menard et al. (2017) provided an opportunity to expose this multi-faceted view of accountability among organizational users and offers a foundation for future research to delve more closely into the nature of accountability in this context

Open Data: A Replication Study of User Motivation in Protecting Information Security using Protection Motivation Theory and Self-Determination Theory

This paper provides data used to analyze the methodological replication of Menard et al. (2017) by Yang et al. (2020). The replication paper studied organizational users’ intentions to install password management software when they faced different appeals/persuasive messages. There were three different types of appeals based on Protection Motivation Theory, Self-Determination Theory, and the integrated model of the two. We provide the description here to meet the open data standards. Our dataset contained three separate files. PMT_CLEAN file was on PMT appeal; SDT_CLEAN file was on SDT appeals; INTEGRATED_CLEAN file was on the integrated appeals. The PMT appeal contained 157 observations; the SDT appeal contained 156 observations; the integrated appeal contained 153 observations. There is a total of 466 observations, which includes the following constructs: behavioral intention to install password manager software, response performance motivation, threat severity, threat susceptibility, response efficacy, self-efficacy, response cost, autonomy, competence, and relatedness. Control variables include gender, ethnicity, age, employee status, educational background, occupation, and computing experience

Assessing contaminated sediments in the context of multiple stressors

Sediments have a major role in ecosystem functioning but can also act as physical or chemical stressors. Anthropogenic activities may change the chemical constituency of sediments and the rate, frequency, and extent of sediment transport, deposition, and resuspension. The importance of sediments as stressors will depend on site ecosystem attributes and the magnitude and preponderance of co-occurring stressors. Contaminants are usually of greater ecological consequence in human-modified, depositional environments, where other anthropogenic stressors often co-occur. Risk assessments and restoration strategies should better consider the role of chemical contamination in the context of multiple stressors. There have been numerous advances in the temporal and spatial characterization of stressor exposures and quantification of biological responses. Contaminated sediments causing biological impairment tend to be patchy, whereas more pervasive anthropogenic stressors, such as alterations to habitat and flow, physical disturbance, and nutrient addition, may drive large-scale ecosystem responses. A systematic assessment of relevant ecosystem attributes and reference conditions can assist in understanding the importance of sediments in the context of other stressors. Experimental manipulations then allow for the controlled study of dominant stressors and the establishment of causal links. This approach will result in more effective management of watersheds and waterways. Environ. Toxicol. Chem. 2010;29:2625–2643. © 2010 SETACPeer Reviewedhttp://deepblue.lib.umich.edu/bitstream/2027.42/78293/1/332_ftp.pd