Employees' Intended Information Security Behaviour in Real Estate Organisations: a Protection Motivation Perspective

Due to the amount of identifiable customer personal, financial and other information stored by real estate organisations in their information systems, the threats are real. Challenges to secure the organisational (and customer) data are compounded by the nature of the industry (e.g. the core business and employees’ qualifications are non-security-related). To investigate the factors that influence real estate employees’ intended information security behaviour, we propose a research model based on Protection Motivation Theory (PMT) where we also include previous incidents as constituting threat appraisal components. Our findings from a survey of 105 real estate business employees in Australia reveal that perceived vulnerability, perceived severity, previous incidents, and response efficacy have a positive impact on real estate employees’ information security behavioural intention whereas self-efficacy does not. Our study also determines that response cost has a negative significant effect on intended information security behaviour.

[1]  David Eichelberger,et al.  Handbook Of Psychological Testing , 2016 .

[2]  Kim-Kwang Raymond Choo,et al.  Information Privacy Concerns of Real Estate Customers and Information Security in the Real Estate Industry: an Empirical Analysis , 2015, AISC.

[3]  Kim-Kwang Raymond Choo,et al.  Information security in the South Australian real estate industry: A study of 40 real estate organisations , 2014, Inf. Manag. Comput. Secur..

[4]  Kim-Kwang Raymond Choo,et al.  Always connected, but are smart mobile users getting more security savvy? A survey of smart mobile device users , 2014, Behav. Inf. Technol..

[5]  Kim-Kwang Raymond Choo,et al.  Understanding the Information Security Awareness Process in Real Estate Organizations Using the SECI Model , 2014, AMCIS.

[6]  Kim-Kwang Raymond Choo,et al.  Building the Next Generation of Cyber Security Professionals , 2014, ECIS.

[7]  Qing Hu,et al.  Future directions for behavioral information security research , 2013, Comput. Secur..

[8]  Norshidah Mohamed,et al.  Information privacy concerns, antecedents and privacy measure use in social networking sites: Evidence from Malaysia , 2012, Comput. Hum. Behav..

[9]  Princely Ifinedo,et al.  Understanding information systems security policy compliance: An integration of the theory of planned behavior and the protection motivation theory , 2012, Comput. Secur..

[10]  Kathy Ning Shen,et al.  An empirical study on E-Banking acceptance in the United Arab Emirates (UAE) , 2011 .

[11]  Harold F. Tipton Official (ISC)2® Guide to the ISSMP® CBK® , 2011 .

[12]  Kim-Kwang Raymond Choo Cyber threat landscape faced by financial and insurance industry , 2011 .

[13]  Younghwa Lee,et al.  Understanding anti-plagiarism software adoption: An extended protection motivation theory perspective , 2011, Decis. Support Syst..

[14]  K. Courneya,et al.  Protection motivation theory and the prediction of physical activity among adults with type 1 or type 2 diabetes in a large population sample. , 2010, British journal of health psychology.

[15]  Izak Benbasat,et al.  Information Security Policy Compliance: An Empirical Study of Rationality-Based Beliefs and Information Security Awareness , 2010, MIS Q..

[16]  H. Raghav Rao,et al.  Protection motivation and deterrence: a framework for security policy compliance in organisations , 2009, Eur. J. Inf. Syst..

[17]  Younghwa Lee,et al.  Threat or coping appraisal: determinants of SMB executives’ decision to adopt anti-malware software , 2009, Eur. J. Inf. Syst..

[18]  Atreyi Kankanhalli,et al.  Studying users' computer security behavior: A health belief perspective , 2009, Decis. Support Syst..

[19]  Robert P. Minch,et al.  Application of Protection Motivation Theory to Adoption of Protective Technologies , 2009, 2009 42nd Hawaii International Conference on System Sciences.

[20]  Detmar W. Straub,et al.  Security lapses and the omission of information security measures: A threat control model and empirical test , 2008, Comput. Hum. Behav..

[21]  Robert LaRose,et al.  Keeping our network safe: a model of online protection behaviour , 2008, Behav. Inf. Technol..

[22]  Xianggui Qu,et al.  Multivariate Data Analysis , 2007, Technometrics.

[23]  Tyler Moore,et al.  The Economics of Information Security , 2006, Science.

[24]  Aki Tsuchiya,et al.  Health priorities and public preferences: the relative importance of past health experience and future health prospects. , 2005, Journal of health economics.

[25]  Irene Woon,et al.  A Protection Motivation Theory Approach to Home Wireless Security , 2005, ICIS.

[26]  J. Dimsdale Stalked by the Past: The Influence of Ethnicity on Health , 2000, Psychosomatic medicine.

[27]  R. W. Rogers,et al.  A meta-analysis of research on protection motivation theory. , 2000 .

[28]  P. Sheeran,et al.  Prediction and Intervention in Health-Related Behavior: A Meta-Analytic Review of Protection Motivation Theory , 2000 .

[29]  Darren George,et al.  SPSS for Windows Step by Step: A Simple Guide and Reference , 1998 .

[30]  J. John Patient satisfaction: the impact of past experience. , 1992, Journal of health care marketing.

[31]  N. Weinstein Effects of personal experience on self-protective behavior. , 1989, Psychological bulletin.

[32]  James C. Anderson,et al.  STRUCTURAL EQUATION MODELING IN PRACTICE: A REVIEW AND RECOMMENDED TWO-STEP APPROACH , 1988 .

[33]  R. W. Rogers,et al.  Effects of components of protection-motivation theory on adaptive and maladaptive coping with a health threat. , 1987, Journal of personality and social psychology.

[34]  R. W. Rogers,et al.  Protection motivation and self-efficacy: A revised theory of fear appeals and attitude change , 1983 .

[35]  R. Rogers Cognitive and physiological processes in fear appeals and attitude change: a revised theory of prote , 1983 .

[36]  C. Fornell,et al.  Evaluating structural equation models with unobservable variables and measurement error. , 1981 .

[37]  R. W. Rogers,et al.  A Protection Motivation Theory of Fear Appeals and Attitude Change1. , 1975, The Journal of psychology.

[38]  J. Hair Multivariate data analysis , 1972 .

[39]  Manfred Kochen,et al.  On the economics of information , 1972, J. Am. Soc. Inf. Sci..

[40]  G. Stigler The Economics of Information , 1961, Journal of Political Economy.

[41]  L. Cronbach Coefficient alpha and the internal structure of tests , 1951 .