Understanding user behaviour in coping with security threats of mobile device loss and theft

Mobile devices have been widely used by people to meet their information processing and communication needs for both work and personal life. However, the loss and theft of these devices has created a new type of information security threat to the individuals as well as to the companies involved. Based on protection motivation theory (PMT), this study constructs a user behaviour model to empirically investigate the key factors that may affect end user behaviours in coping with mobile device loss and theft. The results suggest that user coping intention is influenced by user threat perception, coping appraisal, and social influence. The findings of this study contribute to information systems security research by addressing very important mobile security risks from a specific perspective and by revealing that the combined but not singular effects of perceived vulnerability and perceived severity influence user intention to cope with security threats.

[1]  R. W. Rogers,et al.  A Protection Motivation Theory of Fear Appeals and Attitude Change1. , 1975, The Journal of psychology.

[2]  A. Bandura Self-efficacy: toward a unifying theory of behavioral change. , 1977, Psychological review.

[3]  C. Fornell,et al.  Evaluating structural equation models with unobservable variables and measurement error. , 1981 .

[4]  A. Bandura Self-efficacy mechanism in human agency , 2024, Psihologìâ ì suspìlʹstvo.

[5]  R. Rogers Cognitive and physiological processes in fear appeals and attitude change: a revised theory of prote , 1983 .

[6]  Fred D. Davis,et al.  User Acceptance of Computer Technology: A Comparison of Two Theoretical Models , 1989 .

[7]  Fred D. Davis Perceived Usefulness, Perceived Ease of Use, and User Acceptance of Information Technology , 1989, MIS Q..

[8]  Richard Baskerville,et al.  Risk analysis: an interpretive feasibility tool in justifying information systems security , 1991 .

[9]  R. Lazarus Emotion and Adaptation , 1991 .

[10]  RICHAFID BASKERVILLE,et al.  Information systems security design methods: implications for information systems development , 1993, CSUR.

[11]  P. Sheeran,et al.  Prediction and Intervention in Health-Related Behavior: A Meta-Analytic Review of Protection Motivation Theory , 2000 .

[12]  Gordon B. Davis,et al.  User Acceptance of Information Technology: Toward a Unified View , 2003, MIS Q..

[13]  Detmar W. Straub,et al.  Validation Guidelines for IS Positivist Research , 2004, Commun. Assoc. Inf. Syst..

[14]  Anne Beaudry,et al.  Understanding User Responses to Information Technology: A Coping Model of User Adaption , 2005, MIS Q..

[15]  Detmar W. Straub,et al.  Security lapses and the omission of information security measures: A threat control model and empirical test , 2008, Comput. Hum. Behav..

[16]  Younghwa Lee,et al.  Threat or coping appraisal: determinants of SMB executives’ decision to adopt anti-malware software , 2009, Eur. J. Inf. Syst..

[17]  Yajiong Xue,et al.  Avoidance of Information Technology Threats: A Theoretical Perspective , 2009, MIS Q..

[18]  Qing Hu,et al.  User behaviour towards protective information technologies: the role of national cultural differences , 2009, Inf. Syst. J..

[19]  Dennis F. Galletta,et al.  User Awareness of Security Countermeasures and Its Impact on Information Systems Misuse: A Deterrence Approach , 2009, Inf. Syst. Res..

[20]  H. Raghav Rao,et al.  Protection motivation and deterrence: a framework for security policy compliance in organisations , 2009, Eur. J. Inf. Syst..

[21]  R. Plotnikoff,et al.  Protection Motivation Theory and Physical Activity , 2009, Journal of health psychology.

[22]  Merrill Warkentin,et al.  Fear Appeals and Information Security Behaviors: An Empirical Study , 2010, MIS Q..

[23]  Ritu Agarwal,et al.  Practicing Safe Computing: A Multimedia Empirical Examination of Home Computer User Security Behavioral Intentions , 2010, MIS Q..

[24]  Mikko T. Siponen,et al.  Neutralization: New Insights into the Problem of Employee Systems Security Policy Violations , 2010, MIS Q..

[25]  Catherine E. Connelly,et al.  Understanding Nonmalicious Security Violations in the Workplace: A Composite Behavior Model , 2011, J. Manag. Inf. Syst..

[26]  Tejaswini Herath,et al.  A review and analysis of deterrence theory in the IS security literature: making sense of the disparate findings , 2011, Eur. J. Inf. Syst..

[27]  Bill Morrow,et al.  BYOD security challenges: control and protect your most sensitive data , 2012, Netw. Secur..