Behavioral genetics offers numerous opportunities to bridge gaps in biological research of IS and to shed light on the nature versus nurture debate. This study seeks to explain persistent weaknesses in behavioral security from a genetic perspective. A synthesis of current literatures on cognitive neuroscience, decision making, and fraud victimization suggests a genetic basis for user susceptibility to security risks such as phishing scams. Using the classic twin design, this study reports estimated heritability of behavioral security to be at least 29.15% by comparing concordance between 144 pairs of monozygotic (MZ) twins and that between 52 pairs of same-sex dyzygotic (DZ) twins. Zygosity of the twin pairs serves as the primary independent variable in the behavioral genetics analysis, while performance on a behavioral security test serves as the dependent measure. Implications of the study results are discussed with respect to IS research as well as managerial practices
