dc.contributor.author | Siponen, Mikko | |
dc.contributor.author | Rönkkö, Mikko | |
dc.contributor.author | Fufan, Liu | |
dc.contributor.author | Haag, Steffi | |
dc.contributor.author | Laatikainen, Gabriella | |
dc.date.accessioned | 2024-01-12T06:09:23Z | |
dc.date.available | 2024-01-12T06:09:23Z | |
dc.date.issued | 2024 | |
dc.identifier.citation | Siponen, M., Rönkkö, M., Fufan, L., Haag, S., & Laatikainen, G. (2024). Protection Motivation Theory in Information Security Behavior Research : Reconsidering the Fundamentals. <i>Communications of the Association for Information Systems</i>, <i>53</i>, 1136-1165. <a href="https://doi.org/10.17705/1CAIS.05348" target="_blank">https://doi.org/10.17705/1CAIS.05348</a> | |
dc.identifier.other | CONVID_194658909 | |
dc.identifier.uri | https://jyx.jyu.fi/handle/123456789/92716 | |
dc.description.abstract | Scholars commonly use protection motivation theory (PMT) by Rogers to examine information systems (IS) security behaviors and behavioral intentions. A recent, influential paper by Boss, Galletta, Lowry, Moody, and Polak (2015; hereafter BGLMP) in MIS Quarterly outlines correct and incorrect uses of PMT in Information Security behavior research. In this paper, we review some of BGLMP’s key recommendations, such as the claim that all IS behavior studies that apply PMT should always use the model of the full theory, contain and measure fear, and measure actual behaviors. We defend an interpretation of Rogers (1975, 1983) that differs from the interpretation that BGLMP propose. We present evidence that Rogers’ PMT and the empirical evidence do not adequately support many of BGLMP’s suggestions and that these suggestions contradict good scientific practices (e.g., restricting the use of the method of isolation) that the philosophy of science and the original literature on PMT uphold. As a result, if reviewers and editors continue to embrace these recommendations, they could hinder the progress of IS behavior research by not allowing isolation or the combination of different theoretical components. In contrast to BGLMP’s paper, we argue that further PMT research can focus on isolated PMT components and combine them with other theories. Some of our ideas (e.g., isolation) are not PMT-specific and could be useful for IS research in general. In summary, we contest BGLMP’s recommendations and offer revised recommendations in return. | en |
dc.format.mimetype | application/pdf | |
dc.language.iso | eng | |
dc.publisher | Association for Information Systems | |
dc.relation.ispartofseries | Communications of the Association for Information Systems | |
dc.relation.uri | https://aisel.aisnet.org/cais/vol53/iss1/47 | |
dc.rights | In Copyright | |
dc.subject.other | protection motivation theory | |
dc.subject.other | infosec behavior | |
dc.subject.other | behavioral information security | |
dc.subject.other | security threat | |
dc.subject.other | threat message | |
dc.subject.other | fear appeal | |
dc.subject.other | threatening communication | |
dc.title | Protection Motivation Theory in Information Security Behavior Research : Reconsidering the Fundamentals | |
dc.type | article | |
dc.identifier.urn | URN:NBN:fi:jyu-202401121217 | |
dc.contributor.laitos | Informaatioteknologian tiedekunta | fi |
dc.contributor.laitos | Kauppakorkeakoulu | fi |
dc.contributor.laitos | Faculty of Information Technology | en |
dc.contributor.laitos | School of Business and Economics | en |
dc.contributor.oppiaine | Tietojärjestelmätiede | fi |
dc.contributor.oppiaine | Empirical Cyber Security and Software Engineering | fi |
dc.contributor.oppiaine | Information Systems Science | en |
dc.contributor.oppiaine | Empirical Cyber Security and Software Engineering | en |
dc.type.uri | http://purl.org/eprint/type/JournalArticle | |
dc.type.coar | http://purl.org/coar/resource_type/c_2df8fbb1 | |
dc.description.reviewstatus | peerReviewed | |
dc.format.pagerange | 1136-1165 | |
dc.relation.issn | 1529-3181 | |
dc.relation.volume | 53 | |
dc.type.version | publishedVersion | |
dc.rights.copyright | © Association for Information Systems | |
dc.rights.accesslevel | openAccess | fi |
dc.subject.yso | tietojärjestelmät | |
dc.subject.yso | uhat | |
dc.subject.yso | suositukset | |
dc.subject.yso | riskit | |
dc.subject.yso | tietoturva | |
dc.subject.yso | käyttäjät | |
dc.subject.yso | riskienhallinta | |
dc.subject.yso | tietoliikenne | |
dc.subject.yso | käyttäytyminen | |
dc.subject.yso | teoriat | |
dc.format.content | fulltext | |
jyx.subject.uri | http://www.yso.fi/onto/yso/p3927 | |
jyx.subject.uri | http://www.yso.fi/onto/yso/p21206 | |
jyx.subject.uri | http://www.yso.fi/onto/yso/p7637 | |
jyx.subject.uri | http://www.yso.fi/onto/yso/p11099 | |
jyx.subject.uri | http://www.yso.fi/onto/yso/p5479 | |
jyx.subject.uri | http://www.yso.fi/onto/yso/p16550 | |
jyx.subject.uri | http://www.yso.fi/onto/yso/p3134 | |
jyx.subject.uri | http://www.yso.fi/onto/yso/p5446 | |
jyx.subject.uri | http://www.yso.fi/onto/yso/p3625 | |
jyx.subject.uri | http://www.yso.fi/onto/yso/p127 | |
dc.rights.url | http://rightsstatements.org/page/InC/1.0/?language=en | |
dc.relation.doi | 10.17705/1CAIS.05348 | |
dc.type.okm | A1 | |