G4 Doctoral dissertation (monograph)
Irrational human factors in behavioral information security : familiarity, fear, and a change of mind (2022)
Irrationaaliset inhimilliset tekijät tietoturvallisessa käyttäytymisessä : tuttuus, pelko ja mielenmuutos

Liu, F. (2022). Irrational human factors in behavioral information security : familiarity, fear, and a change of mind [Doctoral dissertation]. Jyväskylän yliopisto. JYU Dissertations, 504. http://urn.fi/URN:ISBN:978-951-39-9090-9

JYU authors or editors

Publication details

All authors or editors: Liu, Fufan

eISBN: 978-951-39-9090-9

Journal or series: JYU Dissertations

eISSN: 2489-9003

Publication year: 2022

Number in series: 504

Number of pages in the book: 97

Publisher: Jyväskylän yliopisto

Place of Publication: Jyväskylä

Publication country: Finland

Publication language: English

Persistent website address: http://urn.fi/URN:ISBN:978-951-39-9090-9

Publication open access: Openly available

Publication channel open access: Open Access channel


Behavioral information security (ISec) is an important research stream for management information systems (MIS) that relies on developments in other human sciences. In this dissertation, we investigate the psychological side of MIS by discussing the relationship between a few selected irrational human factors and persuasive information security communication. In Study 1, we explore the role of familiarity on the perception of a range of information security threats and protective behavior. This topic is important and relevant, in that any type of ISec communication can get people familiarized with the broader topic of security and threat despite of its designed intention. The results show that familiarity could yield both positive and negative effects depending on how it is operationalized in the communicative setting. Study 2 was motivated by MIS’s recent emphasis of “fear as the drive” in information security compliance, as well as the use of neuroimaging techniques to validate such fear. Along the chapter, we question the scientific understanding of fear and its measurement in behavioral ISec studies, and further argue that the inherent meaning of one general mental construct may vary to such a degree that a standardized measurement should be discouraged in MIS. Finally, in Study 3, we problematize the simple human capacity of being able to “change their mind” after making an initial decision. Based on discourses in behavioral economics and philosophy, a framework is proposed for portraying how one’s able to have a change of mind, while the relationship between behavioral predictability and the individual’s flexible use of information for decision support is emphasized. This framework explains why persuaded decision-making results may not last and how communication issuers may adapt a relaxed yet reflective implementation strategy to achieve more stable result in a longer lifecycle. This dissertation contributes to MIS and ISec communication by exploring the foundational roles of three subtle yet crucial human factors, namely, familiarity, fear, and a change of mind. The discussions and results are linked to more generalized problems in MIS’s pursuit of scientific and methodological rigor. Meanwhile, they imply great potential in embracing MIS’s research possibilities in a human-centered direction.

Keywords: data security; risks; behaviour; behavioural psychology; decision making; irrationality; psychological factors; human factors; emotions; fear (emotions); doctoral dissertations

Free keywords: irrationality; behavioral information security; decision-making

Contributing organizations

Ministry reporting: Yes

Reporting Year: 2022

Last updated on 2022-24-11 at 20:52