The Impact of Threat and Efficacy on Information Security Behavior: Applying an Extended Parallel Process Model to the Fear of Ransomware.

Abstract

Information security has become an increasingly important aspect in companies and households during this time of digitalization. Cyber attacks and especially ransomware attacks are a growing threat. How people react to and perceive this threat is a central component of this study. This paper is meant to investigate how threat and efficacy influence individuals’ information security behavior. For this purpose, a structural equation model was developed using the Extended Parallel Process Model (EPPM). The results show that participants who received a low threat message in their ransom demand were less afraid and more likely to deal with the issue. At the same time, they were not as confident as people who perceived a significant threat. Participants who felt that they had little adequate protection against ransomware were more fearful and therefore dealt with the topic more defensively. Conversely, they also had the intention to behave safely.