Past research has clarified effective IS security and examined the contributors to security technology adoption in organizations. Based on the research as well as the traditional technology acceptance model, this study proposes a conceptual model that employs risk-related factors to predict managerial attitude towards adopting security technologies. Unlike most works that merely consider perceived usefulness of technology from the positive benefits perspective, this study suggests that the downside of risk is a major determinant of managerial behavior in adopting security technology. This study adds two perceived risks and decision-maker risk propensity into the model to clarify the relationships between the three risk-related factors and perceived usefulness, as well as their effects on security technology adoption. Propositions derived from the conceptual model provide an agenda for future studies of individual risk behavior in organizational settings.