References
- AjzenITheory of planned behaviorOrganizational Behavior and Human Decision Processes199150217921110.1016/0749-5978(91)90020-T
- AjzenIFishbeinMPrediction of goal-directed behavior: attitudes, intentions, and perceived behavioral controlJournal of Experimental Social Psychology19802245347410.1016/0022-1031(86)90045-4
- AkersRRational choice, deterrence, and social learning theory in criminology: the path not takenThe Journal of Criminal Law and Criminology199081365367610.2307/1143850
- AlbrechtsenEA qualitative study of users’ view on information securityComputers & Security200726427628910.1016/j.cose.2006.11.004
- Anderson C (2005) Creating the conscientious cybercitizen: an examination of home computer user attitudes and intentions towards security. In Tenth INFORMS Conference on Information Systems and Technology (CIST) San Francisco, California, USA.
- ArmitageCConnerMSocial cognition models and health behaviour: a structured reviewPsychology and Health200015217318910.1080/08870440008400299
- AxelrodLJNewtonJWPreventing nuclear war: beliefs and attitudes as predictors of disarmist and deterrentist behaviorJournal of Applied Social Psychology1991211294010.1111/j.1559-1816.1991.tb00440.x
- BagoziiRPThe self-regulation of attitudes, intentions and behaviorSocial Psychology Quarterly199255217820410.2307/2786945
- BanduraAAdamsNEHardyABHowellGNTests of the generality of self-efficacy theoryCognitive Theory And Research198041396610.1007/BF01173354
- BargeJKSchlueterDA critical evaluation of organizational commitment and identificationManagement198821116133
- BollenKLennoxRConventional wisdom on measurement: a structural equation perspectivePsychological Bulletin1991110230531410.1037/0033-2909.110.2.305
- CERT/CC (2004) 2004 e-Crime watch survey summary of findings. Computer Emergency Response Team Coordination Center (CERT/CC). Available at http://www.cert.org/archive/pdf/2004eCrimeWatchSummary.pdf. Accessed 15 January 2007.
- ChanMWoonIKankanhalliAPerceptions of information security at the workplace: linking information security climate to compliant behaviorJournal of Information Privacy and Security200513184110.1080/15536548.2005.10855772
- ChengHSimsRTeegenHTo purchase or to pirate software: an empirical studyJournal of Management Information Systems1997134496010.1080/07421222.1997.11518142
- Chin WW and Marcolin B (1995) A holistic approach to construct validation in is research: examples of the interplay between theory and measurement. In Administrative Sciences Association of Canada – 23rd Conference (CAMPEAU D, Ed.), Windsor, Ontario.
- CialdiniRBKallgrenCARenoRRA focus theory of normative conduct: a theoretical refinement and reevaluation of the role of norms in human behaviorAdvances in Experimental Social Psychology1991201234
- CompeauDRHigginsCAComputer self-efficacy: development of a measure and initial testMIS Quarterly199519218921110.2307/249688
- Culnan M (2004) Bentley survey on consumers and internet security: summary of findings. [WWW document] http://www.bentley.edu/events/iscw2004/survey_findings.pdf (accessed on 31 January 2009).
- D’arcy J and Hovav A (2004) The role of individual characteristics on the effectiveness of IS security countermeasures. In Tenth Americas Conference on Information Systems New York.
- DhillonGBackhouseJCurrent directions in IS security research: towards socio-organizational perspectivesInformation Systems Journal200111212715310.1046/j.1365-2575.2001.00099.x
- DhillonGTorkzadehGValue-focused assessment of information system security in organizationsInformation Systems Journal200616329331410.1111/j.1365-2575.2006.00219.x
- EhrlichICrime, punishment, and the market for offensesJournal of Economic Perspectives1996101436710.1257/jep.10.1.43
- EllenPSWienerJLCobb-WalgrenCThe role of perceived consumer effectiveness in motivating environmentally conscious behaviorsJournal of Public Policy & Marketing1991102102117
- Finch J, Furnell S and Dowland P (2003) Assessing IT security culture: system administrator and end-user perspectives. In Proceedings of ISOneWorld 2003 Conference and Convention Las Vegas, Nevada, USA.
- FloydDLPrentice-DunnSRogersRWA meta-analysis of research on protection motivation theoryJournal of Applied Social Psychology200030240742910.1111/j.1559-1816.2000.tb02323.x
- FurnellSMBryantPPhippenADAssessing the security perceptions of personal internet usersComputers & Security200726541041710.1016/j.cose.2007.03.001
- GefenDStraubDWA practical guide to factorial validity using PLS-graph: tutorial and annotated exampleCommunications of the Association for Information Systems20051691109
- GefenDStraubDWBoudreauM-CStructural equation modelling and regression: guidelines for research practiceCommunications of the Association for Information Systems20004177
- GistMSelf-efficacy: implications for organizational behavior and human resource managementAcademy of Management, The Academy of Management Review1987123472485
- Gordon LA, Loeb MP, Lucyshyn W and Richardson R (2006) 2006 CSI/FBI computer crime and security survey. Computer Security Institute.
- GrubeJWMorganMMcgreeSTAttitudes and normative beliefs as predictors of smoking intentions and behaviours: a test of three modelsBritish Journal of Social Psychology198625819310.1111/j.2044-8309.1986.tb00707.x
- IgbariaMIivariJThe effects of self-efficacy on computer usageInternational Journal of Management Science1995236587605
- KankanhalliATeoH-HTanBCYWeiK-KAn integrative study of information systems security effectivenessInternational Journal of Information Management200323213915410.1016/S0268-4012(02)00105-6
- KarahannaEStraubDWChervanyNLInformation technology adoption across time: a cross-sectional comparison of pre-adoption and post-adoption beliefsMIS Quarterly199923218321310.2307/249751
- KnappKJMarshallTERainerRKFordFNManagerial Dimensions in Information Security: A Theoretical Model of Organizational Effectiveness2005
- LeeSMLeeS-GYooSAn integrative model of computer abuse based on social control and general deterrence theoriesInformation and Management200441670771810.1016/j.im.2003.08.008
- LochKDCarrHHWarkentinMEThreats to information systems: today's reality, yesterday's understandingMIS Quarterly199216217310.2307/249574
- LochKDCongerSOzEOwnership, privacy and monitoring in the workplace: a debate on technology and ethicsJournal of Business Ethics1998176653663
- LochKDStraubDWKamelSDiffusing the internet in the Arab world: the role of social norms and technological culturationIEEE Transactions on Engineering Management2003501456310.1109/TEM.2002.808257
- MaQPearsonJMISO 17799: ‘Best practices’ in information security management?Communications of the Association for Information Systems200515577591
- MadduxJERogersRWProtection motivation and self-efficacy: a revised theory of fear appeals and attitude changeJournal of Experimental Social Psychology198319546947910.1016/0022-1031(83)90023-9
- MelamedSRabinowitzSFeinerSWeisbergERibakJUsefulness of the protection motivation theory in explaining hearing protection device use among male industrial workersHealth Psychology199615320921510.1037/0278-6133.15.3.209
- MilneSSheeranPOrbellSPrediction and intervention in health-related behavior: a meta-analytic review of protection motivation theoryJournal of Applied Social Psychology200010110614310.1111/j.1559-1816.2000.tb02308.x
- Mishra S and Dhillon G (2006) Information systems security governance research: a behavioral perspective. In 1st Annual Symposium on Information Assurance, Academic Track of 9th Annual NYS Cyber Security Conference pp 27–35 New York, USA.
- MowdayRReflections on the study and relevance of organizational commitmentHuman Resources Management Review19988438740110.1016/S1053-4822(99)00006-6
- NeuwirthKDunwoodySGriffinRJProtection motivation and risk communicationRisk Analysis200020572173410.1111/0272-4332.205065
- Pahnila S, Siponen M and Mahmood A (2007) Employees’ behavior towards IS security policy compliance. In 40th Hawaii International Conference on System Sciences (HICSS 07) Hawaii, USA.
- PalardyNGreeningLOttJDolderbyAAtchisonJAdolescents’ health attitudes and adherence to treatment for insulin-dependent diabetes mellitusDevelopmental and Behavioral Pediatrics1998191313710.1097/00004703-199802000-00005
- PeaceAGGallettaDThongJSoftware piracy in the workplace: a model and empirical testJournal of Management Information Systems2003201153177
- PetterSStraubDRaiASpecifying formative constructs in information systems researchMIS Quarterly2007314623656
- PostGVKaganAEvaluating information security tradeoffs: restricting access can interfere with user tasksComputers & Security200726322923710.1016/j.cose.2006.10.004
- Privacyrights.Org (2005) A chronology of data breaches. Available at http://www.privacyrights.org/ar/chronDataBreaches.htm, accessed 21 January 2007.
- Privacyrights.Org (2006) 2006 disclosures of U.S. data incidents. Available at http://www.privacyrights.org/ar/chronDataBreaches.htm, accessed 21 January 2007.
- RandallDCommitment and the organization: the organization man revisitedAcademy of Management Review1987123460471
- RiemenschneiderCKHarrissonDMykytynPPUnderstanding IT adoption decisions in small business: integrating current theoriesInformation and Management20034026928510.1016/S0378-7206(02)00010-1
- RivisASheeranPSocial influences and the theory of planned behavior: evidence for a direct relationship between prototypes and young people's exercise behaviorPsychology and Health200318556758310.1080/0887044032000069883
- RogersRWA protection motivation theory of fear appeals and attitude changeThe Journal of Psychology1975919311410.1080/00223980.1975.9915803
- RogersRWCognitive and physiological processes in fear appeals and attitude change: a revised theory of protected motivationSocial Psychophysiology: A Sourcebook1983153176
- SaksABelcourtMAn investigation of training activities and transfer of training in organizationsHuman Resources Management200645462964810.1002/hrm.20135
- SheeranPOrbellSAugmenting the theory of planned behavior: roles for anticipated regret and descriptive normsJournal of Applied Social Psychology199929102107214210.1111/j.1559-1816.1999.tb02298.x
- Shropshire J, Warkentin M, Johnston AC and Schmidt MB (2006) Personality and it security: an application of the five-factor model. In Proceedings of the Americas Conference on Information Systems pp 3443–3449.
- SiponenMTA conceptual foundation for organizational information security awarenessInformation Management and Computer Security200081314110.1108/09685220010371394
- StajkovicALuthansFSelf-efficacy and work-related performance: a meta analysisPsychological Bulletin1998124224026110.1037/0033-2909.124.2.240
- StanleyMAMadduxJECognitive processes in health enhancement: investigation of a combined protection motivation and self-efficacy modelBasic and Applied Social Psychology19867210111310.1207/s15324834basp0702_2
- Stanton JM, Stam K, Guzman I and Caldera C (2003) Examining the linkages between organizational commitment and information security. In IEEE Systems, Man, and Cybernetics Conference Washington DC, USA.
- StantonJMStamKRMastrangeloPJoltonJAnalysis of end user security behaviorsComputers & Security200524212413310.1016/j.cose.2004.07.001
- SteffenVJMen's motivation to perform the testicle self-exam: effects of prior knowledge and an educational brochureJournal of Applied Social Psychology199020868170210.1111/j.1559-1816.1990.tb00432.x
- StraubDWValidating instruments in MIS researchMIS Quarterly198913214716910.2307/248922
- StraubDWEffective is security: an empirical studyInformation Systems Research19901325527610.1287/isre.1.3.255
- StraubDWCollinsRWKey information issues facing managers: software piracy, proprietary databases, and individual rights to privacyMIS Quarterly199014214315610.2307/248772
- StraubDWNanceWDDiscovering and disciplining computer abuse in organizationMIS Quarterly1990141456010.2307/249307
- TannerJFHuntJBEpprightDRThe protection motivation model: a normative model of fear appealsJournal of Marketing1991553364510.2307/1252146
- TaylorSToddPAUnderstanding information technology usage – a test of competing modelsInformation Systems Research19956214417610.1287/isre.6.2.144
- ThompsonRLHigginsCAHowellJMPersonal computing: toward a conceptual model of utilizationMIS Quarterly199115112414310.2307/249443
- ThompsonRLHigginsCAHowellJMInfluence of experience on personal computer utilizationJournal of Management Information Systems199411116718710.1080/07421222.1994.11518035
- ThomsonKLVon SolmsRInformation security awareness: educating your users effectivelyInformation Management & Computers Security19986416717310.1108/09685229810227649
- TorkzadehRPflughoeftKHallLComputer self-efficacy, training effectiveness and user attitudes: an empirical studyBehaviour and Information Technology199918429930910.1080/014492999119039
- VenkateshVBrownSA longitudinal investigation of personal computers in homes: adoption determinants and emerging challengesMIS Quarterly20012517110210.2307/3250959
- VenkateshVMorrisMGDavisGBDavisFDUser acceptance of information technology: toward a unified viewMIS Quarterly2003273425478
- Von SolmsBInformation security – a multidimensional disciplineComputers & Security200120650450810.1016/S0167-4048(01)00608-3
- Von SolmsRVon SolmsBFrom policies to cultureComputers & Security200423427527910.1016/j.cose.2004.01.013
- VroomCVon SolmsRTowards information security behavioural complianceComputers & Security200423319119810.1016/j.cose.2004.01.012
- WienerYCommitment in organizations: a normative viewAcademy of Management Review198273418
- WilliamsKHawkinsRPerceptual research on general deterrence: a critical reviewLaw and Society Review198620454557210.2307/3053466
- WitteKAllenMA meta-analysis of fear appeals: implications for effective public health campaignsHealth Education & Behavior200027559161510.1177/109019810002700506
- Woon IMY, Tan GW and Low RT (2005) A protection motivation theory approach to home wireless security. In International Conference on Information Systems pp 367–380 Las Vegas, USA.
- ZhangXWhat do consumers really know about spywareCommunications of the ACM2005488444810.1145/1076211.1076238