G4 Doctoral dissertation (monograph)
Securing the human factor : understanding the role of prior experience, mental representations, and coping strategies in behavioral information security (2024)
Ihmistekijän turvaaminen : ymmärrys aikaisemmasta kokemuksesta, mentaalisista representaatioista ja selviytymisstrategioista

Xin, T. (2024). Securing the human factor : understanding the role of prior experience, mental representations, and coping strategies in behavioral information security [Doctoral dissertation]. University of Jyväskylä. JYU Dissertations, 772. https://urn.fi/URN:ISBN:978-952-86-0122-7

JYU authors or editors

Xin, Tong

Publication details

All authors or editors: Xin, Tong

eISBN: 978-952-86-0122-7

Journal or series: JYU Dissertations

eISSN: 2489-9003

Publication year: 2024

Number in series: 772

Number of pages in the book: 1 verkkoaineisto (90 sivua)

Publisher: University of Jyväskylä

Publication country: Finland

Publication language: English

Persistent website address: https://urn.fi/URN:ISBN:978-952-86-0122-7

Publication open access: Openly available

Publication channel open access: Open Access channel

Abstract

Although Protection Motivation Theory (PMT), originally from health psychology, has become a foundational theory for explaining information security (ISec) related behaviors, it has not been fully applied to ISec. This is because several core components of PMT are completely ignored, such as users’ ISec-related prior experiences and coping styles. To rectify this, this dissertation consists of three studies exploring individual users' prior ISec experiences, their cognitive processing of fear appeal messages, and emotion-focused coping (EFC) strategies in coping with ISec threats. In Study 1, we expand on the commonly simplified notion of Prior Experience (PE) in ISec, accentuating the influence of both direct and vicarious experiences. Emphasizing the importance of prior coping feedback, the research unpacks how threat and coping appraisals mediate the effects of prior experiences on present protective intentions related to cybersecurity, while also shedding light on potential cognitive biases. In turn, Study 2 delves into the realm of fear appeal messages, using Construal Level Theory (CLT) to highlight the pivotal role of individual users' mental representations in decoding these messages. Experimental outcomes confirm the significant impact of specific mental representations on user responses, suggesting novel pathways to refine ISec communication strategies. Lastly, a subtle exploration of emotion-focused coping (EFC) within ISec is undertaken in Study 3. Going beyond the commonly studied problem-focused coping, this segment discerns active and passive inward EFC strategies, revealing their inherent complexities and implications on perceived threat vulnerability. This dissertation enhances the application of PMT in the field of information security. By conducting an in-depth exploration of the previously overlooked components of PMT, this dissertation offers an enriched perspective for understanding individual user ISec behaviors, which provides researchers with a more sophisticated and comprehensive approach to interpreting user behavior in ISec contexts. The investigations in three studies furnish crucial insights for the enhancement of both ISec research methodologies and practical cybersecurity measures.

Keywords: cyber security; data security; threats; defence mechanisms (mental phenomena); representation (mental objects); behaviour; experiences (knowledge); coping; doctoral dissertations

Free keywords: behavioral information security; Protection Motivation Theory (PMT); prior experiences; mental representations; inward emotion-focused coping

Fields of science:

113 Computer and information sciences (Natural sciences)

Contributing organizations

JYU units:

Faculty of Information Technology

Ministry reporting: Yes

Follow-up groups: