G4 Doctoral dissertation (monograph)
Irrational human factors in behavioral information security : familiarity, fear, and a change of mind (2022)
Irrationaaliset inhimilliset tekijät tietoturvallisessa käyttäytymisessä : tuttuus, pelko ja mielenmuutos
Liu, F. (2022). Irrational human factors in behavioral information security : familiarity, fear, and a change of mind [Doctoral dissertation]. Jyväskylän yliopisto. JYU Dissertations, 504. http://urn.fi/URN:ISBN:978-951-39-9090-9
JYU authors or editors
Publication details
All authors or editors: Liu, Fufan
eISBN: 978-951-39-9090-9
Journal or series: JYU Dissertations
eISSN: 2489-9003
Publication year: 2022
Number in series: 504
Number of pages in the book: 97
Publisher: Jyväskylän yliopisto
Place of Publication: Jyväskylä
Publication country: Finland
Publication language: English
Persistent website address: http://urn.fi/URN:ISBN:978-951-39-9090-9
Publication open access: Openly available
Publication channel open access: Open Access channel
Abstract
Behavioral information security (ISec) is an important research stream for management information systems (MIS) that relies on developments in other human sciences. In this dissertation, we investigate the psychological side of MIS by discussing the relationship between a few selected irrational human factors and persuasive information security communication. In Study 1, we explore the role of familiarity on the perception of a range of information security threats and protective behavior. This topic is important and relevant, in that any type of ISec communication can get people familiarized with the broader topic of security and threat despite of its designed intention. The results show that familiarity could yield both positive and negative effects depending on how it is operationalized in the communicative setting. Study 2 was motivated by MIS’s recent emphasis of “fear as the drive” in information security compliance, as well as the use of neuroimaging techniques to validate such fear. Along the chapter, we question the scientific understanding of fear and its measurement in behavioral ISec studies, and further argue that the inherent meaning of one general mental construct may vary to such a degree that a standardized measurement should be discouraged in MIS. Finally, in Study 3, we problematize the simple human capacity of being able to “change their mind” after making an initial decision. Based on discourses in behavioral economics and philosophy, a framework is proposed for portraying how one’s able to have a change of mind, while the relationship between behavioral predictability and the individual’s flexible use of information for decision support is emphasized. This framework explains why persuaded decision-making results may not last and how communication issuers may adapt a relaxed yet reflective implementation strategy to achieve more stable result in a longer lifecycle. This dissertation contributes to MIS and ISec communication by exploring the foundational roles of three subtle yet crucial human factors, namely, familiarity, fear, and a change of mind. The discussions and results are linked to more generalized problems in MIS’s pursuit of scientific and methodological rigor. Meanwhile, they imply great potential in embracing MIS’s research possibilities in a human-centered direction.
Keywords: data security; risks; behaviour; behavioural psychology; decision making; irrationality; psychological factors; human factors; emotions; fear (emotions); doctoral dissertations
Free keywords: irrationality; behavioral information security; decision-making
Contributing organizations
Ministry reporting: Yes
Reporting Year: 2022
