Balancing fear and confidence: A strategic approach to mitigating human risk in cybersecurity

dc.contributor.authorGalletta, Dennis F.en
dc.contributor.authorMoody, Gregory D.en
dc.contributor.authorLowry, Paul Benjaminen
dc.contributor.authorWillison, Roberten
dc.contributor.authorBoss, Scotten
dc.contributor.authorChen, Yanen
dc.contributor.authorLuo, Xinen
dc.contributor.authorPienta, Daniel A.en
dc.contributor.authorPolak, Peteren
dc.contributor.authorSchuetze, Sebastianen
dc.contributor.authorThatcher, Jasonen
dc.date.accessioned2024-12-16T14:25:03Zen
dc.date.available2024-12-16T14:25:03Zen
dc.date.issued2025en
dc.description.abstractDespite technological advances, cybersecurity breaches persist, with human actions often being the weakest link. Educational programs and policies have been ineffective in reducing threats, as shown by rising trend data breaches and costs, averaging $9.48 million in 2023. The growing threat persists despite the plethora of tools and techniques, indicating a need for a strategic shift. Drawing on interviews with C-level IS executives and earlier experimental research, this paper advocates for greater care in warning users about security dangers, and simultaneously building their confidence in their ability to improve their cybersecurity safety. Managers must carefully balance their communications, instilling appropriate concern without causing excessive fear or negativity.en
dc.description.versionAccepted versionen
dc.format.mimetypeapplication/pdfen
dc.identifier.orcidLowry, Paul [0000-0002-0187-5808]en
dc.identifier.urihttps://hdl.handle.net/10919/123807en
dc.identifier.volume2024en
dc.language.isoenen
dc.rightsIn Copyrighten
dc.rights.urihttp://rightsstatements.org/vocab/InC/1.0/en
dc.subjectCybersecurityen
dc.subjectData Breachesen
dc.subjectUser Actionsen
dc.subjectManagement Interventionsen
dc.subjectBreach Costsen
dc.subjectTechnological Vulnerabilitiesen
dc.subjectSecurity Awarenessen
dc.titleBalancing fear and confidence: A strategic approach to mitigating human risk in cybersecurityen
dc.title.serialMISQ Executiveen
dc.typeArticle - Refereeden
dc.type.dcmitypeTexten
dc.type.otherArticleen
dcterms.dateAccepted2024-10-12en
pubs.organisational-groupVirginia Techen
pubs.organisational-groupVirginia Tech/Pamplin College of Businessen
pubs.organisational-groupVirginia Tech/Pamplin College of Business/Business Information Technologyen
pubs.organisational-groupVirginia Tech/All T&R Facultyen
pubs.organisational-groupVirginia Tech/Pamplin College of Business/PCOB T&R Facultyen

Files

Original bundle
Now showing 1 - 1 of 1
Loading...
Thumbnail Image
Name:
2024-Dec MISQe cybersecurity POST-PRINTS.pdf
Size:
902.32 KB
Format:
Adobe Portable Document Format
Description:
Accepted version
License bundle
Now showing 1 - 1 of 1
Name:
license.txt
Size:
1.5 KB
Format:
Plain Text
Description: