Guarding against online threats: why entrepreneurs take protective measures

ABSTRACT Information technology is becoming increasingly important for entrepreneurs. Protecting their technical infrastructure and stored data is, therefore, also becoming more vital. Nevertheless, research into the safety and security of entrepreneurs in general, and online threats targeted at entrepreneurs in particular, is still limited. This study investigates to what extent self-employed entrepreneurs protect themselves against online threats, and what motivates them to do so. Based on secondary analyses on data collected from 1622 Dutch entrepreneurs, we observe that the majority implement technical and personal coping measures. By adopting protection motivation theory as a theoretical basis for our study, we found that coping appraisal explains the adoption of protective measures. Entrepreneurs are likely to implement protective measures when they believe a measure is effective, when they are capable of using internet technology, when their attitude towards online protection is positive and when they believe they are responsible for their own online security. Although the secondary analysis provides some limitations, this study offers new insights into the usage of protective measures and the motivation for taking them. These insights can help to improve information security campaigns.

[1]  Shelia R. Cotten,et al.  Determinants of online safety behaviour: towards an intervention strategy for college students , 2015, Behav. Inf. Technol..

[2]  Michael Schaper,et al.  UNDERSTANDING SMALL BUSINESS SCAMS , 2012 .

[3]  Merrill Warkentin,et al.  Fear Appeals and Information Security Behaviors: An Empirical Study , 2010, MIS Q..

[4]  Enno Masurel Evidemce from the Netherlands , 2004 .

[5]  Enno Masurel SMEs and Crime , 2004 .

[6]  Tyler Moore,et al.  Measuring the Cost of Cybercrime , 2012, WEIS.

[7]  Jurjen Jansen,et al.  Studying Safe Online Banking Behaviour: A Protection Motivation Theory Approach , 2015, HAISA.

[8]  Kunal Sharma,et al.  SMEs and Cybersecurity Threats in E-Commerce , 2009 .

[9]  Princely Ifinedo,et al.  Understanding information systems security policy compliance: An integration of the theory of planned behavior and the protection motivation theory , 2012, Comput. Secur..

[10]  K Witte,et al.  Predicting risk behaviors: development and validation of a diagnostic scale. , 1996, Journal of health communication.

[11]  Gordon B. Davis,et al.  User Acceptance of Information Technology: Toward a Unified View , 2003, MIS Q..

[12]  Robert LaRose,et al.  Online safety begins with you and me: Convincing Internet users to protect themselves , 2015, Comput. Hum. Behav..

[13]  R. W. Rogers,et al.  A Protection Motivation Theory of Fear Appeals and Attitude Change1. , 1975, The Journal of psychology.

[14]  Younghwa Lee,et al.  Threat or coping appraisal: determinants of SMB executives’ decision to adopt anti-malware software , 2009, Eur. J. Inf. Syst..

[15]  Detmar W. Straub,et al.  Security lapses and the omission of information security measures: A threat control model and empirical test , 2008, Comput. Hum. Behav..

[16]  Steven Furnell,et al.  Approaches to IT Security in Small and Medium Enterprises , 2004, AISM.

[17]  Polly Yeung,et al.  SPSS survival manual. A step by step guide to data analysis using IBM SPSS (5th ed) [Book Review] , 2014 .

[18]  Younghwa Lee,et al.  Understanding anti-plagiarism software adoption: An extended protection motivation theory perspective , 2011, Decis. Support Syst..

[19]  J. Pallant SPSS survival manual : a step-by-step guide to data analysis using SPSS version 15 , 2007 .

[20]  G. Torkzadeh,et al.  Factorial Validity of a Computer Self-Efficacy Scale and the Impact of Computer Training , 1994 .

[21]  Young U. Ryu,et al.  Self-efficacy in information security: Its influence on end users' information security practice behavior , 2009, Comput. Secur..

[22]  Gavriel Salvendy,et al.  Perception of information security , 2010, Behav. Inf. Technol..

[23]  Hong Kian Sam,et al.  Computer Self-Efficacy, Computer Anxiety, and Attitudes toward the Internet: A Study among Undergraduates in Unimas , 2005, J. Educ. Technol. Soc..

[24]  Elizabeth Sillence,et al.  It won't happen to me: Promoting secure behaviour among internet users , 2010, Comput. Hum. Behav..

[25]  Yajiong Xue,et al.  Avoidance of Information Technology Threats: A Theoretical Perspective , 2009, MIS Q..

[26]  Dahui Li,et al.  Fighting identity theft: The coping perspective , 2012, Decis. Support Syst..

[27]  Mark A. Harris,et al.  Mobile device security considerations for small- and medium-sized enterprise business mobility , 2014, Inf. Manag. Comput. Secur..

[28]  Detmar W. Straub,et al.  The amplification effects of procedural justice on a threat control model of information systems security behaviours , 2009, Behav. Inf. Technol..

[29]  S. Furnell End-user security culture: A lesson that will never be learnt? , 2008 .

[30]  Kim-Kwang Raymond Choo,et al.  The cyber threat landscape: Challenges and future research directions , 2011, Comput. Secur..

[31]  Robert LaRose,et al.  Keeping our network safe: a model of online protection behaviour , 2008, Behav. Inf. Technol..

[32]  Atul Gupta,et al.  Information systems security issues and decisions for small businesses: An empirical examination , 2005, Inf. Manag. Comput. Security.

[33]  Yajiong Xue,et al.  Understanding Security Behaviors in Personal Computer Usage: A Threat Avoidance Perspective , 2010, J. Assoc. Inf. Syst..

[34]  Huseyin Bicen,et al.  Determination of student opinions in augmented reality , 2016 .

[35]  Deborah Compeau,et al.  Computer Self-Efficacy: Development of a Measure and Initial Test , 1995, MIS Q..

[36]  John Sullivant The Cyber Threat Landscape , 2016 .

[37]  P. Sheeran,et al.  Prediction and Intervention in Health-Related Behavior: A Meta-Analytic Review of Protection Motivation Theory , 2000 .

[38]  Li-Chiou Chen,et al.  An Integrated Model of Individual Web Security Behavior , 2010, AMCIS.

[39]  R. W. Rogers,et al.  A meta-analysis of research on protection motivation theory. , 2000 .

[40]  Julie Pallant,et al.  SPSS survival manual : a step by step guide to data analysis using SPSS for Windows , 2001, Behaviour Change.

[41]  I. Ajzen,et al.  Belief, Attitude, Intention, and Behavior: An Introduction to Theory and Research , 1977 .

[42]  Mikko T. Siponen,et al.  Motivating IS security compliance: Insights from Habit and Protection Motivation Theory , 2012, Inf. Manag..

[43]  Ritu Agarwal,et al.  Practicing Safe Computing: A Multimedia Empirical Examination of Home Computer User Security Behavioral Intentions , 2010, MIS Q..