Social Networking Websites and Posting Personal Information: An Evaluation of Protection Motivation Theory

Marett, Kent; McNab, Anna Lazárová; Harris, Ranida

doi:10.17705/1thci.00032

Cited by 40 publications

(23 citation statements)

References 63 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…They observed the effect fear appeals rhetoric had on spyware threats and found that fear appeals significantly improved security perceptions and intentions to apply spyware protection. Other research such as Marett et al (2011), who examined the effect of fear appeals on social media users, also shows that one can use fear appeals to inspire safer social media security behavior. Fear appeals are also useful in inspiring individuals to protect their organizations' information assets.…”

Section: Fear Appealsmentioning

confidence: 96%

“…IS security studies demonstrate how persuasive messages that target users' beliefs to persuade them to take preventative measures (fear appeals) can motivate them to comply with recommended IS security policies. Studies have shown as much for personal IS security behavior (e.g., Boss et al, 2015;Johnston & Warkentin, 2010;Marett, McNab, & Harris, 2011;Vance et al, 2013) and in organizational settings (Johnston et al, 2015;Posey et al, 2015;Posey et al, 2011). However, IS security training fundamentally differs from other types of training in that it is persuasive in nature (Karjalainen & Siponen, 2011), which introduces additional challenges.…”

Section: Compliance Through Persuasive Communicationmentioning

confidence: 99%

“…PMT proposes that the likelihood of compliance increases when individuals perceive the recommended response as effective (Rogers, 1975(Rogers, , 1983. In the IS security domain, several studies (Boss et al, 2015;Marett et al, 2011;Workman et al, 2008) have found support for the influence of response efficacy on security practices. For example, Workman et al (2008) found that employees are more likely to comply with IS security policies if they believe the policies are effective, while Johnston and Warkentin (2010) provided empirical evidence of the important role that perceived effectiveness of anti-spyware software plays in users' intentions to implement anti-spyware protection.…”

Section: Efficacy Perceptionsmentioning

confidence: 99%

“…For example, Workman et al (2008) found that employees are more likely to comply with IS security policies if they believe the policies are effective, while Johnston and Warkentin (2010) provided empirical evidence of the important role that perceived effectiveness of anti-spyware software plays in users' intentions to implement anti-spyware protection. Marett et al (2011), who applied PMT to explain social media security behavior, found that individuals who believe that removing sensitive information would help protect them from online threats are more likely to agree not to post sensitive information. It seems likely that, if users believe that recommended password guidelines will prevent password-related threats, they will be more likely to intend to comply with the recommended guidelines.…”

Section: Efficacy Perceptionsmentioning

confidence: 99%

See 3 more Smart Citations

Short-term and Long-term Effects of Fear Appeals in Improving Compliance with Password Guidelines

Mwagwabi¹,

McGill²,

Dixon³

2018

CAIS

View full text Add to dashboard Cite

Passwords are the most widely used method of authentication on the Internet, but users find compliance with password guidelines difficult, and we know little about the long-term effects of attempts to improve compliance. In this paper, we extend the work of fear appeals use in the IS security domain to investigate their longer-term effects. We conducted a longitudinal experimental study to examine fear appeals' long-and short-term effects. Using a model based on protection motivation theory (Rogers, 1983), we found that fear of threat, perceived password effectiveness, and password self-efficacy predicted compliance. We also found that neither perceived vulnerability to a security attack nor perceived severity of an attack influenced compliance. Providing persuasive communication improved compliance with password guidelines and resulted in significantly stronger passwords, but the effects on compliance intentions were only short term. This study extends our understanding of the factors that influence compliance with password guidelines and how we can modify them to improve compliance. We raise interesting questions about the role of fear in different IS security contexts. We also highlight the need for more research on the long-term impact of persuasive communication.

show abstract

Section: Fear Appealsmentioning

confidence: 96%

Section: Compliance Through Persuasive Communicationmentioning

confidence: 99%

Section: Efficacy Perceptionsmentioning

confidence: 99%

Section: Efficacy Perceptionsmentioning

confidence: 99%

See 2 more Smart Citations

Short-term and Long-term Effects of Fear Appeals in Improving Compliance with Password Guidelines

Mwagwabi¹,

McGill²,

Dixon³

2018

CAIS

View full text Add to dashboard Cite

show abstract

“…2 While the growth in adoption is clear, assessing the extent and quality of user experience with Web 2.0 and of the consequences of Web activity is a challenge. Scanning the issues of leading information systems and human computer interaction journals published since the issue of our call for papers, we found only a few articles (e.g., Marett et al, 2011;Aggarwal et al, 2012;Dewan and Ramaprasad, 2012) that address this challenge.…”

mentioning

confidence: 99%

Introduction to the Special Issue on Human-Computer Interaction in the Web 2.0 Era

Turetken¹,

Olfman²

2013

THCI

View full text Add to dashboard Cite

.0, the "dynamic web," is one of the most effective applications to date of information and communication technologies in the way it revolutionized how individuals interact with information. The term Web 2.0 is largely associated with Tim O'Reilley (Graham, 2005; O'Reilley, 2005), and is a loosely defined concept that represents a variety of technologies. Some of these are development platforms while others are applications used mostly for social computing and interaction. The latter group of technologies, also known as the Social Web (Rheingold, 2000) has arguably been in the core of the World Wide Web from its conception (Porter, 2008). Moreover, the developmental components of Web 2.0 that moved computing beyond desktops via the use of web-based "building blocks" such as web services not only made it possible to realize the true potential of the social web, but to a large extent made it synonymous with Web 2.0. Our use of the term Web 2.0 also treats it as identical to the social web.As such, Web 2.0 is omnipresent in virtually every aspect of our lives from social networking to viral marketing to political campaigning. Masses, who to a large extent used to be mere consumers of content generated by relatively few "authorities," are now in a position to be "content providers." This means a sizeable portion of content in circulation today is generated by "novices" either in the domain of that content or the technology used in its generation and dissemination. This, by itself, made inevitable a paradigm shift in the interaction of users with information technology. Another radical change has been in the way people consume user-generated content and communicate with the "creators" or other users of that content.We issued the call for papers for this special issue in 2010 based on our observation of this strong trend in the development, adoption, and use of Web 2.0 applications, and the relative scarcity of research on Web 2.0 from a Human Computer Interaction (HCI) viewpoint. There are many elements that influence the interaction of people with Web 2.0 applications. In our call for papers, we noted: "It is presumable that with better identification of users, their motivations, and interaction needs, user experience with Web 2.0 will be substantially improved." We also highlighted the "any time any place" nature of HCI in the era of Web 2.0 as many users interact with Web 2.0 applications using mobile devices, thus enabling near real-time information sharing. When we reflect upon these observations today, we see that the trend in the adoption of Web 2.0 applications has continued at a tremendous pace. As an example, as of early 2011 when the submissions to this special issue were due, there were over 600 million Facebook and about 175 million Twitter accounts. In 2010 alone, there was a growth of 200 million and 50 million accounts, respectively. 1 Within the same time frame, the number of blog posts published on one of the most popular blogging platforms, WordPress.com, increased from approximately 1.8 million t...

show abstract

Information Systems Security

Warkentin

2015

Wiley Encyclopedia of Management

View full text Add to dashboard Cite

Given the strategic dependence on information and information technology by individuals, workgroups (teams), organizations, industries, nations, and society overall, it is imperative that the integrity of that information is maintained in all three states – during transmission, during storage, and during processing. Information (and information systems) security management is the process of ensuring the confidentiality, integrity, and availability of information whenever and wherever it is transmitted, stored, and processed (sometimes called the “CIA Triad”). While perfect security is desirable, it is unfortunately unattainable. There are numerous active and passive threats to the security of information, as well as responses to these threats that must be adopted by individuals, teams, and organizations. Various technical and behavioral controls are used to counter these threats, but this article will focus on the behavioral controls. Threats characteristics and threat examples are discussed below, as are the responses to such threats. Research findings support the importance of both internal and external threats, with internal threats demonstrating the greatest negative impact in most cases. Factors that contribute to individual compliance with security policies will be discussed, along with some discussion of the intentional violation of security protocols and policies by malicious individuals.

show abstract

Social Networking Websites and Posting Personal Information: An Evaluation of Protection Motivation Theory

Cited by 40 publications

References 63 publications

Short-term and Long-term Effects of Fear Appeals in Improving Compliance with Password Guidelines

Short-term and Long-term Effects of Fear Appeals in Improving Compliance with Password Guidelines

Introduction to the Special Issue on Human-Computer Interaction in the Web 2.0 Era

Information Systems Security

Contact Info

Product

Resources

About