Social computing technologies typically have multiple features that allow users to reveal their personal information to other users. Such self-disclosure (SD) behavior is generally considered ...positive and beneficial in interpersonal communication and relationships. Using a newly proposed model based on social exchange theory, this paper investigates and empirically validates the relationships between SD technology use and culture. In particular, we explore the effects of culture on information privacy concerns and the desire for online interpersonal awareness, which influence attitudes toward, intention to use, and actual use of SD technologies. Our model was tested using arguably the strongest social computing technology for online SD-instant messaging (IM)-with users from China and the United States. Our findings reveal that cross-cultural dimensions are significant predictors of information privacy concerns and desire for online awareness, which are, in turn, found to be predictors of attitude toward, intention to use, and actual use of IM. Overall, our proposed model is applicable to both cultures. Our findings enhance the theoretical understanding of the effects of culture and privacy concerns on SD technologies and provide practical suggestions for developers of SD technologies, such as adding additional control features to applications.
•Survey design tests effects of collectivism and ownership on security decisions.•Factorial survey method experimentally manipulates variables in scenarios.•Collectivism affects intention and ...psychological ownership.•Psychological ownership affects native PMT variables and intention.•Significant differences shown between U.S. and China sample populations.
Increased deregulation and globalization have encouraged organizations to expand the cultural diversity of their employees. Integrating each employee into an organization's culture, including practices regarding the protection of information, is critical. Because active employee participation is important for security, managers may need to evaluate individual cultural values to motivate employees to perform secure behaviors. This study analyzes these potential differences by examining two individual characteristics – collectivism and psychological ownership of information – within the context of information security-related behaviors. The results of this study indicate that an individual's personal orientation toward collectivism has an impact on psychological ownership and the intention not to perform secure behaviors. Furthermore, psychological ownership was shown to have a significant impact on the protection motivation constructs as well as on intention. The findings of this study contribute to information security research by studying collectivism's effect on psychological ownership and psychological ownership's impact on protection motivation.
Information Security (InfoSec) research is far reaching and includes many approaches to deal with protecting and mitigating threats to the information assets and technical resources available within ...computer based systems. Although a predominant weakness in properly securing information assets is the individual user within an organization, much of the focus of extant security research is on technical issues. The purpose of this paper is to highlight future directions for Behavioral InfoSec research, which is a newer, growing area of research. The ensuing paper presents information about challenges currently faced and future directions that Behavioral InfoSec researchers should explore. These areas include separating insider deviant behavior from insider misbehavior, approaches to understanding hackers, improving information security compliance, cross-cultural Behavioral InfoSec research, and data collection and measurement issues in Behavioral InfoSec research.
The ultimate goal of any prescribed medical therapy is to achieve desired outcomes of patient care. However, patient nonadherence has long been a major problem detrimental to patient health and, ...thus, is a concern for all health care providers. Moreover, nonadherence is extremely costly for global medical systems because of unnecessary complications and expenses. Traditional patient education programs often serve as an intervention tool to increase patients' self-care awareness, disease knowledge, and motivation to change patient behaviors for better adherence. Patient trust in physicians, patient-physician relationships, and quality of communication have also been identified as critical factors influencing patient adherence. However, little is known about how mobile patient education technologies help foster patient adherence.
This study aimed to empirically investigate whether and how a mobile patient education system (MPES) juxtaposed with patient trust can increase patient adherence to prescribed medical therapies.
This study was conducted based on a field survey of 125 patients in multiple states in the United States who have used an innovative mobile health care system for their health care education and information seeking. Partial least squares techniques were used to analyze the collected data.
The results revealed that patient-physician communication and the use of an MPES significantly increase patients' trust in their physicians. Furthermore, patient trust has a prominent effect on patient attitude toward treatment adherence, which in turn influences patients' behavioral intention and actual adherence behavior. Based on the theory of planned behavior, the results also indicated that behavioral intention, response efficacy, and self-efficacy positively influenced patients' actual treatment adherence behavior, whereas descriptive norms and subjective norms do not play a role in this process.
Our study is one of the first that examines the relationship between patients who actively use an MPES and their trust in their physicians. This study contributes to this context by enriching the trust literature, addressing the call to identify key patient-centered technology determinants of trust, advancing the understanding of patient adherence mechanisms, adding a new explanation of the influence of education mechanisms delivered via mobile devices on patient adherence, and confirming that the theory of planned behavior holds in this patient adherence context.
The global use of online communities has exploded to involve hundreds of millions of users. Despite the tremendous social impact and business opportunities afforded by these communities, little ...information systems (IS) research has addressed them - especially in a cross-cultural context. Our research proposes an online community self-disclosure model, tested in a cross-cultural setting using data provided by French and British working professionals. Our model is based on social exchange theory (SET) and social penetration theory (SPT), as well as on cross-cultural theory related to individualism-collectivism. SET explains that individuals engage in relationships when the perceived costs associated with the relationship are less than the expected benefits. SPT extends SET to explain that individuals participate in self-disclosure to foster relationships - reciprocation is the primary benefit of self-disclosure, whereas risk is the foundational cost of self-disclosure. Our study established several important findings: positive social influence to use an online community increases online community self-disclosure; reciprocity increases self-disclosure; online community trust increases self-disclosure; and privacy risk beliefs decrease self-disclosure. Meanwhile, a tendency toward collectivism increases self-disclosure. We further found that French participants had higher scores on horizontal individualism than British participants. Several other findings and their implications for practice are also discussed.
Practitioners and researchers alike recognize the positive influence insiders' behavior can have on information systems (IS) security. This awareness has resulted in a research stream focused on the ...performance of protective behaviors. We contribute to this research stream by extending an oft-cited theory in the information security literature—protection motivation theory (PMT)—to include the relationship of insiders' psychological capital (PsyCap) with the mechanisms of PMT.
PsyCap is a construct of role-breadth psychological capacities and resources embodying important work-related motivational resources. Therefore, given the varied facets central to PMT, determining the relationship of PsyCap with each distinct PMT mechanism is an important contribution. Furthermore, prior research has established that individuals can develop their PsyCap. Consequently, considering the relationship of role-breadth PsyCap with the PMT mechanisms provides an important and malleable, motivational antecedent that complements PMT and is absent from most assessments of the contemporary PMT model. We find support for PsyCap's relationship with the mechanisms of PMT and suggest opportunities to develop PsyCap in conjunction with other organizational security efforts. We present our findings, discuss their implications for research and practice, and highlight several opportunities for future research.
•Extended PMT model is proposed that includes the relationship of insiders' PsyCap.•PsyCap uniquely relates to each threat and coping appraisal mechanism of PMT.•Via the facets of PMT, PsyCap indirectly relates to protection motivation and PMBs.•Higher levels of PsyCap are related to more PMBs and higher protection motivation.•Opportunities exist to build insiders' PsyCap and improve information security.
We present a model of employee compliance with information security policy (ISP) that (1) explicates stable, cognitive beliefs regarding the consequences of compliance and noncompliance as well as ...state‐based affective constructs, namely, positive and negative mood states and episodic, security‐related work‐impediment events, and (2) provides an expanded conceptualisation of moral considerations and normative influences regarding employees' ISP compliance. Because affect is central to this theorisation, we ensure that the model captures and explains differences in day‐to‐day affective constructs to account for the often fleeting nature of affective states. We test our multilevel model using an experience‐sampling methodology design, in which employees completed daily surveys over a 2‐week period, followed by a hierarchal linear modelling statistical assessment. Our contribution to theory is a unique account of ISP compliance that integrates affective factors with constructs from rational choice theory and theory of planned behaviour and that diverges from prior conceptualisations of ISP compliance as a purely stable and reason‐based phenomenon. For practitioners, our results suggest that a combination of cognitive and affective influences may produce discrete episodes of ISP compliance that do not coincide with prior behavioural trends.
Information security (ISec) is a pervasive concern of individuals, organizations, and governments. To encourage individuals to engage in and learn about secure behaviors, ISec research has turned to ...fear appeals, which are short messages that communicate threats and efficacy to elicit protection motivation among recipients. ISec research has reported contradictory findings on what makes fear appeals effective in ISec contexts, and this lack of clarity is problematic, because it may lead to incorrect conclusions. For example, some studies have argued that the mixed findings arise from differences between personal and organizational contexts and that fear appeals do not work well among organizational users. However, this argument has not been empirically tested, and differences in message design provide an equally plausible explanation, which has also not been tested. To reconcile the mixed findings across these studies, we test the effects of context (i.e., personal users vs. organizational users) and degree of message abstractness (i.e., abstract vs. concrete) on fear-appeal outcomes. We draw from construal-level theory to conceptualize the differences between abstract and concrete fear appeals. Across three experiments, we find evidence that concrete fear appeals are more effective than abstract fear appeals for the purpose of stimulating fear-appeal outcomes. Furthermore, by comparing two identical experiments-one conducted with personal users and another conducted with organizational users-we find differences in participants' responses to fear appeals. However, contrary to our expectations, our findings suggest that organizational users report higher levels of fear and protection motivation than personal users. This finding is not a theoretical contradiction: the theoretical crux of an effective fear appeal is that it must be personally relevant to stimulate fear; correspondingly, we show that concrete fear appeals help stimulate fear and the desired protective response. Moreover, concrete fear appeals increase actual compliance behaviors, not just intentions. Thus, our findings suggest that the mixed findings in the literature may be a product of message abstractness and differences among audiences. This has pivotal implications for how to construct fear appeals in research and practice.
Trust is a crucial factor in e-commerce. However, consumers are less likely to trust unknown Web sites. This study explores how less-familiar e-commerce Web sites can use branding alliances and Web ...site quality to increase the likelihood of initial consumer trust. We use the associative network model of memory to explain brand knowledge and to show how the mere exposure effect can be leveraged to improve a Web site's brand image. We also extend information integration theory to explain how branding alliances are able to increase initial trust and transfer positive effects to Web sites. Testing of our model shows that the most important constructs for increasing initial trust in our experimental context are branding and Web site quality. Finally, we discuss future research ideas, limitations, implications, and ideas for practitioners.
Access-policy violations are a growing problem with substantial costs for organizations. Although training programs and sanctions have been suggested as a means of reducing these violations, evidence ...shows the problem persists. It is thus imperative to identify additional ways to reduce access-policy violations, especially for systems providing broad access to data. We use accountability theory to develop four user-interface (UI) design artifacts that raise users’ accountability perceptions within systems and in turn decrease access-policy violations. To test our model, we uniquely applied the scenario-based factorial survey method to various graphical manipulations of a records system containing sensitive information at a large organization with over 300 end users who use the system daily. We show that the UI design artifacts corresponding to four submanipulations of accountability can raise accountability and reduce access policy violation intentions. Our findings have several theoretical and practical implications for increasing accountability using UI design. Moreover, we are the first to extend the scenario-based factorial survey method to test design artifacts. This method provides the ability to use more design manipulations and to test with fewer users than is required in traditional experimentation and research on human–computer interaction. We also provide bootstrapping tests of mediation and moderation and demonstrate how to analyze fixed and random effects within the factorial survey method optimally.
PDF
