Redefining threat appraisals of organizational insiders and exploring the moderating role of fear in cyberattack protection motivation

Vrhovec, Simon; Mihelič, Anže

doi:10.1016/j.cose.2021.102309

Cited by 26 publications

(8 citation statements)

References 63 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…This finding supports the findings of several studies that self-efficacy is significantly related to attitude formation [ 110 , 111 ]. The previous study’s finding of an insignificant relationship between self-efficacy and attitude formation, on the other hand, was contradicted [ 112 , 113 ].…”

Section: Discussionmentioning

confidence: 86%

Thwarting Instant Messaging Phishing Attacks: The Role of Self-Efficacy and the Mediating Effect of Attitude towards Online Sharing of Personal Information

Lee

Gan

Liew

2023

IJERPH

View full text Add to dashboard Cite

Context: The cause of cybercrime phishing threats in Malaysia is a lack of knowledge and awareness of phishing. Objective: The effects of self-efficacy (the ability to gain anti-phishing knowledge) and protection motivation (attitude toward sharing personal information online) on the risk of instant messaging phishing attacks (phishing susceptibility) are investigated in this study. The protection motivation theory (PMT) was tested in the context of attitudes toward sharing personal information online with a view to improving interventions to reduce the risk of phishing victimisation.Methods: Data were collected using non-probability purposive sampling. An online survey of 328 Malaysian active instant messaging users was collected and analysed in SmartPLS version 4.0.8.6 using partial least squares structural equation modelling. Results: The results showed that a person’s cognitive factor (either high or low self-efficacy) affected their chance of being a victim of instant message phishing. A higher level of self-efficacy and a negative attitude towards sharing personal information online were significant predictors of phishing susceptibility. A negative attitude towards sharing personal information online mediated the relationship between high levels of self-efficacy and phishing susceptibility. A higher level of self-efficacy led to the formation of negative attitudes among internet users. Attitudes toward the sharing of personal information online are critical because they allow phishing attempts to exist and succeed. Conclusions: The findings give government agencies more information on how to organise anti-phishing campaigns and awareness programmes; awareness and education can improve one’s ability to acquire anti-phishing knowledge (self-efficacy).

show abstract

Section: Discussionmentioning

confidence: 86%

Thwarting Instant Messaging Phishing Attacks: The Role of Self-Efficacy and the Mediating Effect of Attitude towards Online Sharing of Personal Information

Lee

Gan

Liew

2023

IJERPH

View full text Add to dashboard Cite

show abstract

“…Some prior studies have found that response efficacy is a significant driver of insider motivation to protect organizations from information security threats (Menard et al. , 2017) and cyberattacks (Vrhovec and Mihelič, 2021) and to adopt security technologies (Lee and Larsen, 2009). However, other studies had opposite discoveries.…”

Section: Discussion Of the Resultsmentioning

confidence: 99%

The impact of ignorance and bias on information security protection motivation: a case of e-waste handling

Chen

Yuan

2022

INTR

View full text Add to dashboard Cite

PurposeProtection motivation theory (PMT) explains that the intention to cope with information security risks is based on informed threat and coping appraisals. However, people cannot always make appropriate assessments due to possible ignorance and cognitive biases. This study proposes a research model that introduces four antecedent factors from ignorance and bias perspectives into the PMT model and empirically tests this model with data from a survey of electronic waste (e-waste) handling.Design/methodology/approachThe data collected from 356 Chinese samples are analyzed via structural equation modeling (SEM).FindingsThe results revealed that for threat appraisal, optimistic bias leads to a lower perception of risks. However, factual ignorance (lack of knowledge of risks) does not significantly affect the perceived threat. For coping appraisal, practical ignorance (lack of knowledge of coping with risks) leads to low response efficacy and self-efficacy and high perceptions of coping cost, but the illusion of control overestimates response efficacy and self-efficacy.Originality/valueFirst, this study addresses a new type of information security problem in e-waste handling. Second, this study extends the PMT model by exploring the roles of ignorance and bias as antecedents. Finally, the authors reinvestigate the basic constructs of PMT to identify how rational threat and coping assessments affect user intentions to cope with data security risks.

show abstract

“…Selfefficacy positively impacts protection motivation; employees with a strong sense of self-efficacy are more likely to participate in cybersecurity compliance and take online security measures. Training can boost employees' self-efficacy by providing them with the skills and knowledge necessary to tackle cybersecurity challenges and contribute to a safer digital environment (Chen et al, 2018;De Kimpe et al, 2022;Ahmad et al, 2019;Vrhovec and Miheli c, 2021). Strengthening support from top management.…”

Section: Discussionmentioning

confidence: 99%

“…Ahmad et al (2019) found that employees with a strong sense of self-efficacy in managing security incidents are more likely to participate in cybersecurity compliance. Self-efficacy is also found to play an important role in the case of low fear of cyberattacks and low levels of commitment among employees as self-efficacy positively impact protection motivation (Vrhovec and Miheli c, 2021) and information security policy compliance (Liu et al, 2020).…”

Section: The Developed Themes and Subthemesmentioning

confidence: 99%

Building a thematic framework of cybersecurity: a systematic literature review approach

Khaw,

Amran,

Teoh

2024

JSIT

View full text Add to dashboard Cite

Purpose This paper aims to explore the factors affecting cybersecurity implementation in organizations in various countries and develop a cybersecurity framework to improve cybersecurity practices within organizations for cybersecurity risk management through a systematic literature review (SLR) approach. Design/methodology/approach This SLR adhered to RepOrting Standards for Systematics Evidence Syntheses (ROSES) publication standards and used various research approaches. The study’s article selection process involved using Scopus, one of the most important scientific databases, to review articles published between 2014 and 2023. Findings This review identified the four main themes: individual factors, organizational factors, technological factors and governmental role. In addition, nine subthemes that relate to these primary topics were established. Originality/value This research sheds light on the multifaceted nature of cybersecurity by exploring factors influencing implementation and developing an improvement framework, offering valuable insights for researchers to advance theoretical developments, assisting industry practitioners in tailoring cybersecurity strategies to their needs and providing policymakers with a basis for creating more effective cybersecurity regulations and standards.

show abstract

Redefining threat appraisals of organizational insiders and exploring the moderating role of fear in cyberattack protection motivation

Cited by 26 publications

References 63 publications

Thwarting Instant Messaging Phishing Attacks: The Role of Self-Efficacy and the Mediating Effect of Attitude towards Online Sharing of Personal Information

Thwarting Instant Messaging Phishing Attacks: The Role of Self-Efficacy and the Mediating Effect of Attitude towards Online Sharing of Personal Information

The impact of ignorance and bias on information security protection motivation: a case of e-waste handling

Building a thematic framework of cybersecurity: a systematic literature review approach

Contact Info

Product

Resources

About