Understanding the inward emotion-focused coping strategies of individual users in response to mobile malware threats

Abstract

According to coping theory, individuals cope with information system threats by adopting either problem-focused coping (PFC) or emotion-focused coping (EFC). However, little is known about EFC in the information security (ISec) literature. Moreover, there is potential confusion regarding the meaning of some EFC strategies. Hence, ISec scholars and practitioners may (i) have a narrow view of EFC or (ii) confuse it with other concepts. In this study, we offer one response to this issue. We first address the ambiguity regarding EFC before differentiating five inward EFC strategies and assessing them empirically in the mobile malware context. To the best of our knowledge, this study is the first to compare several inward EFC strategies in the ISec field.We contribute two new findings on EFC: 1) response efficacy is a crucial factor that impedes users from implementing EFC strategies; 2) avoidance and fatalism significantly impede PFC. Our study also contributes to the ISec literature by categorising EFC into active and passive forms. We showed that individuals’ use of passive inward EFC strategies was positively associated with threat vulnerability. Finally, we provide interesting insights into the complicated responses of individuals to mobile malware threats, presenting implications for ISec research and practice.