Johnston, 2010: Fear Appeals and Information Security Behaviors: An Empirical Study

Topic:

Results of the study suggest that fear appeals do impact end user behavioral intentions to comply with recommended individual acts of security, but the impact is not uniform across all end users. It is determined in part by perceptions of self-efficacy, response efficacy, threat severity, and social influence.

survey, 275 university affiliates

Constructs in this publication:

Construct Cites Category Questions given? Content validity Pretests Response type Notes
behavioral intent Venkatesh et al., 2003 no panel of 8 researchers pilot 5-point likert scales
social influence Venkatesh et al., 2003 no panel of 8 researchers pilot 5-point likert scales
response efficacy Witte, 1996 no panel of 8 researchers pilot 5-point likert scales
self-efficacy Witte, 1996 no panel of 8 researchers pilot 5-point likert scales
threat severity Witte, 1996 no panel of 8 researchers pilot 5-point likert scales
threat susceptibility Witte, 1996 no panel of 8 researchers pilot 5-point likert scales

This publication is cited by the following publications:

Citation:

Allen C. Johnston and Merrill Warkentin. Fear Appeals and Information Security Behaviors: An Empirical Study. MIS Quarterly, 34(3):549–566, 2010. doi:10.2307/25750691.

Bibtex


@article{johnston_fear_2010,
 abstract = {Information technology executives strive to align the actions of end users with the desired security posture of management and of the firm through persuasive communication. In many cases, some element of fear is incorporated within these communications. However, within the context of computer security and information assurance, it is not yet clear how these fear-inducing arguments, known as fear appeals, will ultimately impact the actions of end users. The purpose of this study is to investigate the influence of fear appeals on the compliance of end users with recommendations to enact specific individual computer security actions toward the mitigation of threats. An examination was performed that culminated in the development and testing of a conceptual model representing an infusion of technology adoption and fear appeal theories. Results of the study suggest that fear appeals do impact end user behavioral intentions to comply with recommended individual acts of security, but the impact is not uniform across all end users. It is determined in part by perceptions of self-efficacy, response efficacy, threat severity, and social influence. The findings of this research contribute to information systems security research, human\textemdash{}computer interaction, and organizational communication by revealing a new paradigm in which IT users form perceptions of the technology, not on the basis of performance gains, but on the basis of utility for threat mitigation.},
 author = {Johnston, Allen C. and Warkentin, Merrill},
 doi = {10.2307/25750691},
 issn = {0276-7783},
 journal = {MIS Quarterly},
 number = {3},
 pages = {549-566},
 shorttitle = {Fear {{Appeals}} and {{Information Security Behaviors}}},
 title = {Fear {{Appeals}} and {{Information Security Behaviors}}: {{An Empirical Study}}},
 volume = {34},
 year = {2010}
}