Gender Differences in Mobile Users' IT Security Appraisals and Protective Actions: Findings from a Mixed-Method Study

Recent reports show that mobile users often refrain from taking the necessary precautionary actions to protect their mobile devices from IT security threats. To improve users’ protective behavior, it is necessary to have a better understanding of the downstream beliefs and attitudes. Although previous IS research has intensively investigated protection behavior in the IT context, findings from psychological studies that people’s threat and coping appraisals are gender-specific are largely neglected. Drawing on gender schema theory and protection motivation theory, the present study analyzes gender differences in the formation of mobile users’ intentions to take precautionary actions and their consequent coping behavior. Utilizing a two-step mixed-method research approach (survey, experiment, and interviews) and drawing data from 177 Android users, we show that female and male mobile users’ problemfocused coping behaviors are based on different threat and coping appraisals. These findings have significant implications both for future research and for practitioners.

[1]  P. Sheeran,et al.  Combining motivational and volitional interventions to promote exercise participation: protection motivation theory and implementation intentions. , 2002, British journal of health psychology.

[2]  G. Bansal,et al.  Moral Beliefs and Organizational Information Security Policy Compliance: The Role of Gender , 2016 .

[3]  Margo Wilson,et al.  Competitiveness, risk taking, and violence: the young male syndrome , 1985, Ethology and Sociobiology.

[4]  P. Sheeran Intention—Behavior Relations: A Conceptual and Empirical Review , 2002 .

[5]  V. Helgeson,et al.  Sex Differences in Coping Behavior: A Meta-Analytic Review and an Examination of Relative Coping , 2002 .

[6]  L. Pearlin,et al.  The structure of coping. , 1978, Journal of health and social behavior.

[7]  S. Bem Gender schema theory: A cognitive account of sex typing. , 1981 .

[8]  Anabel Quan-Haase,et al.  Uses and Gratifications of Social Media: A Comparison of Facebook and Instant Messaging , 2010 .

[9]  N. Schwarz Self-reports: How the questions shape the answers. , 1999 .

[10]  N. Bozionelos,et al.  Psychology of Computer Use: XXXIX. Prevalence of Computer Anxiety in British Managers and Professionals , 1996, Psychological reports.

[11]  Irene Woon,et al.  A Protection Motivation Theory Approach to Home Wireless Security , 2005, ICIS.

[12]  D. Buss The evolution of human intrasexual competition: tactics of mate attraction. , 1988, Journal of personality and social psychology.

[13]  Detmar W. Straub,et al.  Security lapses and the omission of information security measures: A threat control model and empirical test , 2008, Comput. Hum. Behav..

[14]  Steven Prentice-Dunn,et al.  Effects of Coping Information and Value Affirmation on Responses to a Perceived Health Threat , 2005, Health communication.

[15]  Marko Sarstedt,et al.  PLS-SEM: Indeed a Silver Bullet , 2011 .

[16]  Anol Bhattacherjee,et al.  Influence Processes for Information Technology Acceptance: An Elaboration Likelihood Model , 2006, MIS Q..

[17]  Jonathan Baron,et al.  How bad is a 10% chance of losing a toe? Judgments of probabilistic conditions by doctors and laypeople , 2005, Memory & cognition.

[18]  Atreyi Kankanhalli,et al.  Studying users' computer security behavior: A health belief perspective , 2009, Decis. Support Syst..

[19]  J. Cruz,et al.  Coping strategies, multidimensional competitive anxiety and cognitive threat appraisal : differences across sex, age and type of sport , 2010 .

[20]  Mohammad Nauman,et al.  How secure is your smartphone: An analysis of smartphone security mechanisms , 2012, Proceedings Title: 2012 International Conference on Cyber Security, Cyber Warfare and Digital Forensic (CyberSec).

[21]  Mikko T. Siponen,et al.  Motivating IS security compliance: Insights from Habit and Protection Motivation Theory , 2012, Inf. Manag..

[22]  George R. Franke,et al.  Gender differences in ethical perceptions of business practices: a social role theory perspective. , 1997, The Journal of applied psychology.

[23]  Ritu Agarwal,et al.  Practicing Safe Computing: A Multimedia Empirical Examination of Home Computer User Security Behavioral Intentions , 2010, MIS Q..

[24]  R. W. Rogers,et al.  Protection Motivation Theory and preventive health: beyond the Health Belief Model , 1986 .

[25]  Viswanath Venkatesh,et al.  Why Don't Men Ever Stop to Ask for Directions? Gender, Social Influence, and Their Role in Technology Acceptance and Usage Behavior , 2000, MIS Q..

[26]  Lynette Kvasny,et al.  Millennials and Masculinity: A Shifting Tide of Gender Typing of ICT? , 2010, AMCIS.

[27]  C. Plott,et al.  The Willingness to Pay-Willingness to Accept Gap, the 'Endowment Effect,' Subject Misconceptions, and Experimental Procedures for Eliciting Valuations , 2005 .

[28]  Gill Kirkup,et al.  Gender and cultural differences in Internet use: A study of China and the UK , 2007, Comput. Educ..

[29]  E. Diener,et al.  Gender differences in negative affect and well-being: the case for emotional intensity. , 1991, Journal of personality and social psychology.

[30]  Eileen M. Trauth,et al.  The role of theory in gender and information systems research , 2013, Inf. Organ..

[31]  I. Ajzen The theory of planned behavior , 1991 .

[32]  Izak Benbasat,et al.  Information Security Policy Compliance: An Empirical Study of Rationality-Based Beliefs and Information Security Awareness , 2010, MIS Q..

[33]  Merrill Warkentin,et al.  Fear Appeals and Information Security Behaviors: An Empirical Study , 2010, MIS Q..

[34]  Rosalind C. Barnett,et al.  The relationship between women's work and family roles and their subjective well-being and psychological distress. , 1991 .

[35]  Hsiu-Yuan Wang,et al.  User acceptance of mobile internet based on the Unified Theory of Acceptance and Use of Technology: Investigating the determinants and gender differences , 2010 .

[36]  Younghwa Lee,et al.  Threat or coping appraisal: determinants of SMB executives’ decision to adopt anti-malware software , 2009, Eur. J. Inf. Syst..

[37]  R. W. Rogers,et al.  A Protection Motivation Theory of Fear Appeals and Attitude Change1. , 1975, The Journal of psychology.

[38]  Elke U. Weber,et al.  Beyond a Trait View of Risk Taking: A Domain-Specific Scale Measuring Risk Perceptions, Expected Benefits, and Perceived-Risk Attitudes in German-Speaking Populations , 2004 .

[39]  John Hulland,et al.  Use of partial least squares (PLS) in strategic management research: a review of four recent studies , 1999 .

[40]  Iddo Gal,et al.  Understanding Repeated Simple Choices , 1996 .

[41]  L. Hoffman Early Childhood Experiences and Women's Achievement Motives , 1972 .

[42]  Jiayi Mu,et al.  Android Mobile Security – Threats and Protection , 2013 .

[43]  I. Ajzen,et al.  Belief, Attitude, Intention, and Behavior: An Introduction to Theory and Research , 1977 .

[44]  Frank Pajares,et al.  Gender and Perceived Self-Efficacy in Self-Regulated Learning , 2002 .

[45]  Joni Hersch,et al.  SMOKING, SEAT BELTS, AND OTHER RISKY CONSUMER DECISIONS: DIFFERENCES BY GENDER AND RACE , 1996 .

[46]  Christine R. Harris,et al.  Gender Differences in Risk Assessment: Why do Women Take Fewer Risks than Men? , 2006, Judgment and Decision Making.

[47]  K Witte,et al.  Predicting risk behaviors: development and validation of a diagnostic scale. , 1996, Journal of health communication.

[48]  Deborah A. Prentice,et al.  What Women and Men Should Be, Shouldn't be, are Allowed to be, and don't Have to Be: The Contents of Prescriptive Gender Stereotypes , 2002 .

[49]  France Bélanger,et al.  Trustworthiness in electronic commerce: the role of privacy, security, and site attributes , 2002, J. Strateg. Inf. Syst..

[50]  J. Ptacek,et al.  Gender, appraisal, and coping : a longitudinal analysis , 1992 .

[51]  H. Raghav Rao,et al.  Women in Cybersecurity: A Study of Career Advancement , 2010, IT Professional.

[52]  H. Raghav Rao,et al.  Protection motivation and deterrence: a framework for security policy compliance in organisations , 2009, Eur. J. Inf. Syst..

[53]  Tamara Dinev,et al.  An Extended Privacy Calculus Model for E-Commerce Transactions , 2006, Inf. Syst. Res..

[54]  R. Bagozzi,et al.  On the evaluation of structural equation models , 1988 .

[55]  Marko Sarstedt,et al.  Partial least squares structural equation modeling (PLS-SEM): An emerging tool in business research , 2014 .

[56]  S. Folkman,et al.  Stress, appraisal, and coping , 1974 .

[57]  E. Lenney,et al.  Women's self-confidence in achievement settings. , 1977 .

[58]  Fred D. Davis Perceived Usefulness, Perceived Ease of Use, and User Acceptance of Information Technology , 1989, MIS Q..

[59]  William D. Schafer,et al.  Gender differences in risk taking: A meta-analysis. , 1999 .

[60]  R. W. Rogers,et al.  A meta-analysis of research on protection motivation theory. , 2000 .

[61]  Terry S. Overton,et al.  Estimating Nonresponse Bias in Mail Surveys , 1977 .

[62]  C. Fornell,et al.  Evaluating structural equation models with unobservable variables and measurement error. , 1981 .

[63]  Deborah Compeau,et al.  Computer Self-Efficacy: Development of a Measure and Initial Test , 1995, MIS Q..

[64]  Yajiong Xue,et al.  Avoidance of Information Technology Threats: A Theoretical Perspective , 2009, MIS Q..

[65]  Dennis F. Galletta,et al.  What Do Systems Users Have to Fear? Using Fear Appeals to Engender Threats and Fear that Motivate Protective Security Behaviors , 2015, MIS Q..

[66]  A. Eagly,et al.  Explaining Sex Differences in Social Behavior: A Meta-Analytic Perspective , 1991 .

[67]  Gordon B. Davis,et al.  User Acceptance of Information Technology: Toward a Unified View , 2003, MIS Q..

[68]  John M. Neale,et al.  New measure of daily coping: Development and preliminary results. , 1984 .

[69]  S. West,et al.  Emotionality and self-regulation, threat appraisal, and coping in children of divorce , 1999, Development and Psychopathology.

[70]  Yajiong Xue,et al.  Understanding Security Behaviors in Personal Computer Usage: A Threat Avoidance Perspective , 2010, J. Assoc. Inf. Syst..

[71]  Daniel R. Horne,et al.  The Privacy Paradox: Personal Information Disclosure Intentions versus Behaviors , 2007 .

[72]  Gaurav Bansal,et al.  Interaction Effect of Gender and Neutralization Techniques on Information Security Policy Compliance: An Ethical Perspective , 2016, AMCIS.

[73]  Bonnie Brinton Anderson,et al.  Using Measures of Risk Perception to Predict Information Security Behavior: Insights from Electroencephalography (EEG) , 2014, J. Assoc. Inf. Syst..

[74]  Robert LaRose,et al.  Keeping our network safe: a model of online protection behaviour , 2008, Behav. Inf. Technol..

[75]  Eliza K. Pavalko,et al.  Women, work, and health : stress and opportunities , 1993 .