{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,18]],"date-time":"2026-01-18T10:12:18Z","timestamp":1768731138081,"version":"3.49.0"},"reference-count":77,"publisher":"Springer Science and Business Media LLC","issue":"3","license":[{"start":{"date-parts":[[2022,5,30]],"date-time":"2022-05-30T00:00:00Z","timestamp":1653868800000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2022,5,30]],"date-time":"2022-05-30T00:00:00Z","timestamp":1653868800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Inf Syst Front"],"published-print":{"date-parts":[[2023,6]]},"DOI":"10.1007\/s10796-022-10274-5","type":"journal-article","created":{"date-parts":[[2022,5,30]],"date-time":"2022-05-30T10:04:24Z","timestamp":1653905064000},"page":"1277-1292","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":9,"title":["Detecting Cybersecurity Threats: The Role of the Recency and Risk Compensating Effects"],"prefix":"10.1007","volume":"25","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-1198-0679","authenticated-orcid":false,"given":"Roozmehr","family":"Safi","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Glenn J.","family":"Browne","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2022,5,30]]},"reference":[{"issue":"4","key":"10274_CR1","doi-asserted-by":"publisher","first-page":"407","DOI":"10.1080\/00140138808966688","volume":"31","author":"JG Adams","year":"1988","unstructured":"Adams, J. G. (1988). Risk homeostasis and the purpose of safety regulation. Ergonomics, 31(4), 407\u2013428","journal-title":"Ergonomics"},{"issue":"3","key":"10274_CR2","doi-asserted-by":"publisher","first-page":"11","DOI":"10.1145\/3130515.3130518","volume":"48","author":"P Balozian","year":"2017","unstructured":"Balozian, P., & Leidner, D. (2017). Review of IS security policy compliance: Toward the building blocks of an IS security theory. ACM SIGMIS Database: The DATABASE for Advances in Information Systems, 48(3), 11\u201343","journal-title":"ACM SIGMIS Database: The DATABASE for Advances in Information Systems"},{"issue":"4","key":"10274_CR3","doi-asserted-by":"publisher","first-page":"1078","DOI":"10.1137\/0111080","volume":"11","author":"R Barlow","year":"1963","unstructured":"Barlow, R., Hunter, L., & Proschan, F. (1963). Optimum Checking Procedures. Journal of the Society for Industrial and Applied Mathematics, 11(4), 1078\u20131095. https:\/\/doi.org\/10.1137\/0111080","journal-title":"Journal of the Society for Industrial and Applied Mathematics"},{"issue":"4","key":"10274_CR4","doi-asserted-by":"publisher","first-page":"375","DOI":"10.1145\/162124.162127","volume":"25","author":"R Baskerville","year":"1993","unstructured":"Baskerville, R. (1993). Information systems security design methods: Implications for information systems development. ACM Comput. Surv, 25(4), 375\u2013414. https:\/\/doi.org\/10.1145\/162124.162127","journal-title":"ACM Comput. Surv"},{"key":"10274_CR5","unstructured":"Bazerman, M. H., & Moore, D. A. (2013). Judgment in Managerial Decision Making (8th ed.). Wiley"},{"issue":"1","key":"10274_CR6","doi-asserted-by":"publisher","first-page":"85","DOI":"10.1016\/S0272-7358(99)00041-0","volume":"21","author":"P Bijttebier","year":"2001","unstructured":"Bijttebier, P., Vertommen, H., & Steene, G. V. (2001). Assessment of cognitive coping styles. Clinical Psychology Review, 21(1), 85\u2013104. https:\/\/doi.org\/10.1016\/S0272-7358(99)00041-0","journal-title":"Clinical Psychology Review"},{"key":"10274_CR7","doi-asserted-by":"publisher","unstructured":"Blakley, B., McDermott, E., & Geer, D. (2001). Information security is information risk management. Proceedings of the 2001 Workshop on New Security Paradigms - NSPW \u201901, 97. https:\/\/doi.org\/10.1145\/508171.508187","DOI":"10.1145\/508171.508187"},{"issue":"4","key":"10274_CR8","doi-asserted-by":"publisher","first-page":"64","DOI":"10.1145\/1330311.1330325","volume":"51","author":"LD Bodin","year":"2008","unstructured":"Bodin, L. D., Gordon, L. A., & Loeb, M. P. (2008). Information security and risk management. Communications of the ACM, 51(4), 64\u201368. https:\/\/doi.org\/10.1145\/1330311.1330325","journal-title":"Communications of the ACM"},{"issue":"2","key":"10274_CR9","doi-asserted-by":"publisher","first-page":"151","DOI":"10.1057\/ejis.2009.8","volume":"18","author":"S Boss","year":"2009","unstructured":"Boss, S., Kirsch, L. J., Angermeier, I., Shingler, R. A., & Boss, W. (2009). If someone is watching, I\u2019ll do what I\u2019m asked: Mandatoriness, control, and information security. European Journal of Information Systems, 18(2), 151\u2013164","journal-title":"European Journal of Information Systems"},{"issue":"3","key":"10274_CR10","doi-asserted-by":"publisher","first-page":"340","DOI":"10.1177\/1948550612455931","volume":"4","author":"L Brandimarte","year":"2013","unstructured":"Brandimarte, L., Acquisti, A., & Loewenstein, G. (2013). Misplaced confidences: Privacy and the control paradox. Social Psychological and Personality Science, 4(3), 340\u2013347","journal-title":"Social Psychological and Personality Science"},{"key":"10274_CR11","unstructured":"Butow, T., Kehoe, M., Holler, J., Lester, R., Keene, R., & Pritchard, J. (2018). Reducing MTTD for High-Severity Incidents: A How-To Guide for SREs (V. Wilson, Ed.; 1st ed.). O\u2019Reilly Media. https:\/\/www.gremlin.com\/oreilly-reducing-mttd-for-high-severity-incidents\/?utm_source=google&utm_medium=cpc&gclid=CjwKCAjwk93rBRBLEiwAcMapUVYMjsmS_C1ECUi980QZICiDti0KZwXbVEsTvu1DUAV_nca7Cz8WJxoC0fIQAvD_BwE"},{"issue":"7541","key":"10274_CR12","doi-asserted-by":"publisher","first-page":"605","DOI":"10.1136\/bmj.332.7541.605","volume":"332","author":"MM Cassell","year":"2006","unstructured":"Cassell, M. M., Halperin, D. T., Shelton, J. D., & Stanton, D. (2006). Risk compensation: The Achilles\u2019 heel of innovations in HIV prevention? Bmj, 332(7541), 605\u2013607","journal-title":"Bmj"},{"issue":"3","key":"10274_CR13","doi-asserted-by":"publisher","first-page":"70","DOI":"10.1201\/1078\/44432.21.3.20040601\/82480.11","volume":"21","author":"V Cerullo","year":"2004","unstructured":"Cerullo, V., & Cerullo, M. J. (2004). Business Continuity Planning: A Comprehensive Approach. Information Systems Management, 21(3), 70\u201378. https:\/\/doi.org\/10.1201\/1078\/44432.21.3.20040601\/82480.11","journal-title":"Information Systems Management"},{"key":"10274_CR14","doi-asserted-by":"publisher","first-page":"346","DOI":"10.1007\/978-3-642-27207-3_37","volume-title":"Software Engineering, Business Continuity, and Education","author":"M Chen","year":"2011","unstructured":"Chen, M., Qian, C., & Nakagawa, T. (2011). Periodic and Random Inspection Policies for Computer Systems. In T. Kim, H. Adeli, H. Kim, H. Kang, K. J. Kim, A. Kiumi, & B. H. Kang (Eds.), Software Engineering, Business Continuity, and Education (pp. 346\u2013353). Berlin Heidelberg: Springer"},{"key":"10274_CR15","doi-asserted-by":"publisher","unstructured":"Chen, P., Desmet, L., & Huygens, C. (2014). A study on advanced persistent threats. Communications and Multimedia Security, 63\u201372. https:\/\/doi.org\/10.1007\/978-3-662-44885-4_5","DOI":"10.1007\/978-3-662-44885-4_5"},{"key":"10274_CR16","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1016\/j.jpubeco.2017.04.002","volume":"151","author":"A Chong","year":"2017","unstructured":"Chong, A., & Restrepo, P. (2017). Regulatory protective measures and risky behavior: Evidence from ice hockey. Journal of Public Economics, 151, 1\u201311","journal-title":"Journal of Public Economics"},{"key":"10274_CR17","doi-asserted-by":"publisher","first-page":"16","DOI":"10.1007\/978-3-642-27576-0_2","volume-title":"Financial Cryptography and Data Security","author":"N Christin","year":"2012","unstructured":"Christin, N., Egelman, S., Vidas, T., & Grossklags, J. (2012). It\u2019s All about the Benjamins: An Empirical Study on Incentivizing Users to Ignore Security Advice. In G. Danezis (Ed.), Financial Cryptography and Data Security (pp. 16\u201330). Berlin Heidelberg: Springer"},{"key":"10274_CR18","unstructured":"Cieslak, N. (2016, March 29). NIST cybersecurity framework adoption on the rise. Https:\/\/Www.Tenable.Com\/Blog\/Nist-Cybersecurity-Framework-Adoption-on-the-Rise. https:\/\/www.tenable.com\/blog\/nist-cybersecurity-framework-adoption-on-the-rise"},{"key":"10274_CR19","unstructured":"Cohen, J. (1988). Statistical power analysis for the behavioral sciences (2nd ed.). L. Erlbaum Associates"},{"issue":"3","key":"10274_CR20","doi-asserted-by":"publisher","first-page":"195","DOI":"10.1007\/s11166-005-1153-2","volume":"30","author":"R Croson","year":"2005","unstructured":"Croson, R., & Sundali, J. (2005). The Gambler\u2019s Fallacy and the Hot Hand: Empirical Data from Casinos. Journal of Risk and Uncertainty; New York, 30(3), 195\u2013209. https:\/\/doi.org\/10.1007\/s11166-005-1153-2. http:\/\/dx.doi.org.proxy.library.umkc.edu\/","journal-title":"Journal of Risk and Uncertainty; New York"},{"key":"10274_CR21","doi-asserted-by":"publisher","first-page":"90","DOI":"10.1016\/j.cose.2012.09.010","volume":"32","author":"RE Crossler","year":"2013","unstructured":"Crossler, R. E., Johnston, A. C., Lowry, P. B., Hu, Q., Warkentin, M., & Baskerville, R. (2013). Future directions for behavioral information security research. Computers & Security, 32, 90\u2013101. https:\/\/doi.org\/10.1016\/j.cose.2012.09.010","journal-title":"Computers & Security"},{"issue":"1","key":"10274_CR22","doi-asserted-by":"publisher","first-page":"81","DOI":"10.1111\/j.1539-6924.1986.tb00196.x","volume":"6","author":"L Evans","year":"1986","unstructured":"Evans, L. (1986). Risk Homeostasis Theory and Traffic Accident Data. Risk Analysis, 6(1), 81\u201394","journal-title":"Risk Analysis"},{"issue":"1","key":"10274_CR23","doi-asserted-by":"publisher","first-page":"187","DOI":"10.1007\/s10796-018-9845-8","volume":"22","author":"M Ezhei","year":"2020","unstructured":"Ezhei, M., & Tork Ladani, B. (2020). Interdependency Analysis in Security Investment against Strategic Attacks. Information Systems Frontiers, 22(1), 187\u2013201. https:\/\/doi.org\/10.1007\/s10796-018-9845-8","journal-title":"Information Systems Frontiers"},{"key":"10274_CR24","unstructured":"FireEye (2019). M-Trends Cyber Security Trends.FireEye Mandiant Services. https:\/\/www.fireeye.com\/current-threats\/annual-threat-report\/mtrends.html"},{"key":"10274_CR25","doi-asserted-by":"crossref","unstructured":"Fox, C. R., & \u00dclk\u00fcmen, G. (2011). Distinguishing two dimensions of uncertainty. In W. Brun, G. Keren, G. Kirkeb\u00f8en, & H. Montgomery (Eds.), Perspectives on thinking, judging, and decision making. Universitetsforlaget","DOI":"10.2139\/ssrn.3695311"},{"issue":"1","key":"10274_CR26","doi-asserted-by":"publisher","first-page":"2","DOI":"10.1037\/a0024338","volume":"141","author":"CO Fritz","year":"2012","unstructured":"Fritz, C. O., Morris, P. E., & Richler, J. J. (2012). Effect size estimates: Current use, calculations, and interpretation. Journal of Experimental Psychology: General, 141(1), 2\u201318. https:\/\/doi.org\/10.1037\/a0024338","journal-title":"Journal of Experimental Psychology: General"},{"issue":"1","key":"10274_CR27","doi-asserted-by":"publisher","first-page":"7","DOI":"10.17705\/1thci.00004","volume":"1","author":"DF Galletta","year":"2009","unstructured":"Galletta, D. F., & Zhang, P. (2009). Introducing AIS Transactions on Human-Computer Interaction. AIS Transactions on Human-Computer Interaction, 1(1), 7\u201312","journal-title":"AIS Transactions on Human-Computer Interaction"},{"issue":"1\u20133","key":"10274_CR28","doi-asserted-by":"publisher","first-page":"15","DOI":"10.1016\/0925-7535(96)00002-1","volume":"22","author":"AI Glendon","year":"1996","unstructured":"Glendon, A. I., Hoyes, T., Haigney, D., & Taylor, R. (1996). A review of risk homeostasis theory in simulated environments. Safety Science, 22(1\u20133), 15\u201325","journal-title":"Safety Science"},{"key":"10274_CR29","doi-asserted-by":"crossref","unstructured":"Gutzwiller, R. S., Fugate, S., Sawyer, B. D., & Hancock, P. (2015). The human factors of cyber network defense. Proceedings of the Human Factors and Ergonomics Society Annual Meeting, 59, 322\u2013326","DOI":"10.1177\/1541931215591067"},{"issue":"2","key":"10274_CR30","doi-asserted-by":"publisher","first-page":"82","DOI":"10.1136\/ip.6.2.82","volume":"6","author":"J Hedlund","year":"2000","unstructured":"Hedlund, J. (2000). Risky business: Safety regulations, risk compensation, and individual behavior. Injury Prevention, 6(2), 82\u201390. https:\/\/doi.org\/10.1136\/ip.6.2.82","journal-title":"Injury Prevention"},{"issue":"3","key":"10274_CR31","doi-asserted-by":"publisher","first-page":"337","DOI":"10.2753\/MIS0742-1222250310","volume":"25","author":"H Herath","year":"2008","unstructured":"Herath, H., & Herath, T. C. (2008). Investments in Information Security: A Real Options Perspective with Bayesian Postaudit. Journal of Management Information Systems, 25(3), 337\u2013375. https:\/\/doi.org\/10.2753\/MIS0742-1222250310","journal-title":"Journal of Management Information Systems"},{"issue":"2","key":"10274_CR32","doi-asserted-by":"publisher","first-page":"154","DOI":"10.1016\/j.dss.2009.02.005","volume":"47","author":"T Herath","year":"2009","unstructured":"Herath, T., & Rao, H. R. (2009). Encouraging information security behaviors in organizations: Role of penalties, pressures and perceived effectiveness. Decision Support Systems, 47(2), 154\u2013165","journal-title":"Decision Support Systems"},{"issue":"2","key":"10274_CR33","doi-asserted-by":"publisher","first-page":"377","DOI":"10.1007\/s10796-015-9599-5","volume":"19","author":"SM Ho","year":"2017","unstructured":"Ho, S. M., & Warkentin, M. (2017). Leader\u2019s dilemma game: An experimental design for cyber insider threat research. Information Systems Frontiers, 19(2), 377\u2013396. https:\/\/doi.org\/10.1007\/s10796-015-9599-5","journal-title":"Information Systems Frontiers"},{"issue":"4","key":"10274_CR34","doi-asserted-by":"publisher","first-page":"291","DOI":"10.1037\/h0056878","volume":"41","author":"M Jarvik","year":"1951","unstructured":"Jarvik, M. (1951). Probability learning and a negative recency effect in the serial anticipation of alternative symbols. Journal of Experimental Psychology, 41(4), 291\u2013297","journal-title":"Journal of Experimental Psychology"},{"key":"10274_CR35","doi-asserted-by":"publisher","unstructured":"Johnson, C. K., Gutzwiller, R. S., Ferguson-Walter, K., & Fugate, S. (2020). A Cyber-Relevant Table of Decision Making Biases and their Definitions (Version 1). Arizona State University. https:\/\/doi.org\/10.13140\/RG.2.2.14891.87846\/1","DOI":"10.13140\/RG.2.2.14891.87846\/1"},{"issue":"3","key":"10274_CR36","doi-asserted-by":"publisher","first-page":"231","DOI":"10.1057\/ejis.2015.15","volume":"25","author":"AC Johnston","year":"2016","unstructured":"Johnston, A. C., Warkentin, M., McBride, M., & Carter, L. (2016). Dispositional and situational factors: Influences on information security policy violations. European Journal of Information Systems, 25(3), 231\u2013251","journal-title":"European Journal of Information Systems"},{"key":"10274_CR37","unstructured":"Kabacoff, R. I. (2015). R in Action; R in Action, Data Analysis and Graphics with R (2nd ed.). Manning"},{"key":"10274_CR38","unstructured":"Kahneman, D. (2011). Thinking, Fast and Slow. Farrar, Straus and Giroux"},{"issue":"5","key":"10274_CR39","doi-asserted-by":"publisher","first-page":"1241","DOI":"10.1007\/s10796-019-09927-9","volume":"22","author":"HJ Kam","year":"2020","unstructured":"Kam, H. J., Mattson, T., & Goel, S. (2020). A Cross Industry Study of Institutional Pressures on Organizational Effort to Raise Information Security Awareness. Information Systems Frontiers, 22(5), 1241\u20131264. https:\/\/doi.org\/10.1007\/s10796-019-09927-9","journal-title":"Information Systems Frontiers"},{"key":"10274_CR40","unstructured":"Kuo, H. C., & Varki, S. (2014). Are Firms Perceived As Safer After an Information Breach? ACR North American Advances, NA-42. http:\/\/acrwebsite.org\/volumes\/1017691\/volumes\/v42\/NA-42"},{"issue":"2","key":"10274_CR41","doi-asserted-by":"publisher","first-page":"361","DOI":"10.1007\/s10796-019-09977-z","volume":"23","author":"E Kweon","year":"2021","unstructured":"Kweon, E., Lee, H., Chai, S., & Yoo, K. (2021). The Utility of Information Security Training and Education on Cybersecurity Incidents: An empirical evidence. Information Systems Frontiers, 23(2), 361\u2013373. https:\/\/doi.org\/10.1007\/s10796-019-09977-z","journal-title":"Information Systems Frontiers"},{"issue":"1","key":"10274_CR42","doi-asserted-by":"publisher","first-page":"17","DOI":"10.1007\/s11166-009-9072-2","volume":"39","author":"SK Laury","year":"2009","unstructured":"Laury, S. K., McInnes, M. M., & Swarthout, J. T. (2009). Insurance decisions for low-probability losses. Journal of Risk and Uncertainty, 39(1), 17\u201344. https:\/\/doi.org\/10.1007\/s11166-009-9072-2","journal-title":"Journal of Risk and Uncertainty"},{"key":"10274_CR43","unstructured":"Lee, R., & Lee, R. (2016). The Who, What, Where, When, Why and How of Effective Threat Hunting (SANS Institute: Reading Room - Analyst Papers). SANS. https:\/\/www.sans.org\/reading-room\/whitepapers\/analyst\/membership\/36785"},{"key":"10274_CR44","unstructured":"Maloney, S. (2018, September 1). What is an Advanced Persistent Threat (APT)? https:\/\/www.cybereason.com\/blog\/advanced-persistent-threat-apt"},{"issue":"21","key":"10274_CR45","doi-asserted-by":"publisher","first-page":"1259","DOI":"10.1056\/NEJM198205273062103","volume":"306","author":"BJ McNeil","year":"1982","unstructured":"McNeil, B. J., Pauker, S. G., Sox, H. C., & Tversky, A. (1982). On the elicitation of preferences for alternative therapies. The New England Journal of Medicine, 306(21), 1259\u20131262. https:\/\/doi.org\/10.1056\/NEJM198205273062103","journal-title":"The New England Journal of Medicine"},{"key":"10274_CR46","doi-asserted-by":"publisher","unstructured":"Meyer-Delius, J., & Liebl, L. (1976). Evaluation of Vigilance Related to Visual Perception. In T. B. Sheridan & G. Johannsen (Eds.), Monitoring Behavior and Supervisory Control (pp.\u00a097\u2013106). Springer US. https:\/\/doi.org\/10.1007\/978-1-4684-2523-9_9","DOI":"10.1007\/978-1-4684-2523-9_9"},{"key":"10274_CR47","doi-asserted-by":"publisher","unstructured":"National Institute of Standards and Technology (2018). Framework for Improving Critical Infrastructure Cybersecurity, Version 1.1 (NIST Cybersecurity White Paper). National Institute of Standards and Technology. https:\/\/doi.org\/10.6028\/NIST.CSWP.04162018","DOI":"10.6028\/NIST.CSWP.04162018"},{"issue":"1","key":"10274_CR48","doi-asserted-by":"publisher","first-page":"84","DOI":"10.1016\/0749-5978(87)90046-X","volume":"39","author":"GB Northcraft","year":"1987","unstructured":"Northcraft, G. B., & Neale, M. A. (1987). Experts, amateurs, and real estate: An anchoring-and-adjustment perspective on property pricing decisions. Organizational Behavior and Human Decision Processes, 39(1), 84\u201397. https:\/\/doi.org\/10.1016\/0749-5978(87)90046-X","journal-title":"Organizational Behavior and Human Decision Processes"},{"issue":"4","key":"10274_CR49","doi-asserted-by":"publisher","first-page":"677","DOI":"10.1086\/260352","volume":"83","author":"S Peltzman","year":"1975","unstructured":"Peltzman, S. (1975). The Effects of Automobile Safety Regulation. Journal of Political Economy, 83(4), 677\u2013725. https:\/\/doi.org\/10.1086\/260352","journal-title":"Journal of Political Economy"},{"key":"10274_CR50","unstructured":"Posey, C., Roberts, T., Lowry, P. B., Bennett, B., & Courtney, J. (2013). Insiders\u2019 protection of organizational information assets: Development of a systematics-based taxonomy and theory of diversity for protection-motivated behaviors (SSRN Scholarly Paper ID 2173642). Social Science Research Network. https:\/\/papers.ssrn.com\/abstract=2173642"},{"issue":"3","key":"10274_CR51","doi-asserted-by":"publisher","first-page":"775","DOI":"10.1162\/003355302760193896","volume":"117","author":"M Rabin","year":"2002","unstructured":"Rabin, M. (2002). Inference by Believers in the Law of Small Numbers. The Quarterly Journal of Economics, 117(3), 775\u2013816","journal-title":"The Quarterly Journal of Economics"},{"issue":"1","key":"10274_CR52","doi-asserted-by":"publisher","first-page":"tyaa002","DOI":"10.1093\/cybsec\/tyaa002","volume":"6","author":"P Rajivan","year":"2020","unstructured":"Rajivan, P., Aharonov-Majar, E., & Gonzalez, C. (2020). Update now or later? Effects of experience, cost, and risk preference on update decisions. Journal of Cybersecurity, 6(1), tyaa002. https:\/\/doi.org\/10.1093\/cybsec\/tyaa002","journal-title":"Journal of Cybersecurity"},{"key":"10274_CR53","doi-asserted-by":"publisher","unstructured":"Renaud, K., & Warkentin, M. (2017). Risk Homeostasis in Information Security: Challenges in Confirming Existence and Verifying Impact. Proceedings of the 2017 New Security Paradigms Workshop, 57\u201369. https:\/\/doi.org\/10.1145\/3171533.3171534","DOI":"10.1145\/3171533.3171534"},{"issue":"1","key":"10274_CR54","doi-asserted-by":"publisher","first-page":"76","DOI":"10.1177\/0956797613497022","volume":"25","author":"VF Reyna","year":"2014","unstructured":"Reyna, V. F., Chick, C. F., Corbin, J. C., & Hsia, A. N. (2014). Developmental reversals in risky decision making: Intelligence agents show larger decision biases than college students. Psychological Science, 25(1), 76\u201384. https:\/\/doi.org\/10.1177\/0956797613497022","journal-title":"Psychological Science"},{"issue":"3","key":"10274_CR55","doi-asserted-by":"publisher","first-page":"293","DOI":"10.1016\/S0001-4575(96)00083-8","volume":"29","author":"F Sagberg","year":"1997","unstructured":"Sagberg, F., Fosser, S., & Saetermo, I. A. (1997). An investigation of behavioural adaptation to airbags and antilock brakes among taxi drivers. Accident; Analysis and Prevention, 29(3), 293\u2013302. https:\/\/doi.org\/10.1016\/S0001-4575(96)00083-8","journal-title":"Accident; Analysis and Prevention"},{"key":"10274_CR56","doi-asserted-by":"crossref","unstructured":"Saltzer, J. H., & Schroeder, M. D. (1975). The protection of information in computer systems. Proceedings of the IEEE, 63(9), 1278\u20131308","DOI":"10.1109\/PROC.1975.9939"},{"issue":"3","key":"10274_CR57","doi-asserted-by":"publisher","first-page":"173","DOI":"10.1136\/ip.2006.014142","volume":"13","author":"MD Scott","year":"2007","unstructured":"Scott, M. D., Buller, D. B., Andersen, P. A., Walkosz, B. J., Voeks, J. H., Dignan, M. B., & Cutter, G. R. (2007). Testing the risk compensation hypothesis for safety helmets in alpine skiing and snowboarding. Injury Prevention, 13(3), 173\u2013177. https:\/\/doi.org\/10.1136\/ip.2006.014142","journal-title":"Injury Prevention"},{"key":"10274_CR58","doi-asserted-by":"crossref","unstructured":"Sheridan, T. B., & Johannsen, G. (Eds.). (1976). Monitoring Behavior and Supervisory Control (1st ed. 1976). Imprint: Springer","DOI":"10.1007\/978-1-4684-2523-9"},{"key":"10274_CR59","unstructured":"Shimao, H., Khern-am-nuai, W., & Kannan, K. N. (2019). So You Think You Are Safe: Implications of Quality Uncertainty in Security Software (SSRN Scholarly Paper ID 2621846). Social Science Research Network. https:\/\/papers.ssrn.com\/abstract=2621846"},{"issue":"5","key":"10274_CR60","doi-asserted-by":"publisher","first-page":"267","DOI":"10.1016\/j.im.2008.12.007","volume":"46","author":"M Siponen","year":"2009","unstructured":"Siponen, M., & Willison, R. (2009). Information security management standards: Problems and solutions. Information & Management, 46(5), 267\u2013270. https:\/\/doi.org\/10.1016\/j.im.2008.12.007","journal-title":"Information & Management"},{"key":"10274_CR61","unstructured":"Slovic, P. (2010). The Feeling of Risk: New Perspectives on Risk Perception. Earthscan"},{"issue":"1","key":"10274_CR62","doi-asserted-by":"publisher","first-page":"113","DOI":"10.1257\/jep.8.1.113","volume":"8","author":"VL Smith","year":"1994","unstructured":"Smith, V. L. (1994). Economics in the laboratory. Journal of Economic Perspectives, 8(1), 113\u2013131. https:\/\/doi.org\/10.1257\/jep.8.1.113","journal-title":"Journal of Economic Perspectives"},{"issue":"4","key":"10274_CR63","doi-asserted-by":"publisher","first-page":"410","DOI":"10.1108\/MAJ-07-2017-1596","volume":"33","author":"T Stafford","year":"2018","unstructured":"Stafford, T., Deitz, G., & Li, Y. (2018). The role of internal audit and user training in information security policy compliance. Managerial Auditing Journal, 33(4), 410\u2013424","journal-title":"Managerial Auditing Journal"},{"key":"10274_CR64","doi-asserted-by":"crossref","unstructured":"Straub, D. W., & Welke, R. J. (1998). Coping with systems risk: Security planning models for management decision making.MIS Quarterly,441\u2013469","DOI":"10.2307\/249551"},{"issue":"4","key":"10274_CR65","doi-asserted-by":"publisher","first-page":"277","DOI":"10.1016\/0001-4575(88)90055-3","volume":"20","author":"FM Streff","year":"1988","unstructured":"Streff, F. M., & Geller, E. S. (1988). An experimental test of risk compensation: Between-subject versus within-subject analyses. Accident; Analysis and Prevention, 20(4), 277\u2013287. https:\/\/doi.org\/10.1016\/0001-4575(88)90055-3","journal-title":"Accident; Analysis and Prevention"},{"key":"10274_CR66","doi-asserted-by":"publisher","unstructured":"Tola, B., Jiang, Y., & Helvik, B. E. (2017). Failure process characteristics of cloud-enabled services. 2017 9th International Workshop on Resilient Networks Design and Modeling (RNDM), 1\u20137. https:\/\/doi.org\/10.1109\/RNDM.2017.8093033","DOI":"10.1109\/RNDM.2017.8093033"},{"key":"10274_CR67","unstructured":"Trimpop, R. M. (1994). The Psychology of Risk Taking Behavior. Elsevier"},{"issue":"2","key":"10274_CR68","doi-asserted-by":"publisher","first-page":"105","DOI":"10.1037\/h0031322","volume":"76","author":"A Tversky","year":"1971","unstructured":"Tversky, A., & Kahneman, D. (1971). Belief in the law of small numbers. Psychological Bulletin, 76(2), 105\u2013110. https:\/\/doi.org\/10.1037\/h0031322","journal-title":"Psychological Bulletin"},{"key":"10274_CR69","unstructured":"Verizon (2018). 2018 data breach investigations report, 11th edition (Research Report No. 11th). Verizon. verizonenterprise.com\/DBIR2018"},{"issue":"1","key":"10274_CR70","doi-asserted-by":"publisher","first-page":"91","DOI":"10.25300\/MISQ\/2015\/39.1.05","volume":"39","author":"J Wang","year":"2015","unstructured":"Wang, J., Gupta, M., & Rao, H. R. (2015). Insider threats in a financial institution: Analysis of attack-proneness of information systems applications. MIS Q, 39(1), 91\u2013112. https:\/\/doi.org\/10.25300\/MISQ\/2015\/39.1.05","journal-title":"MIS Q"},{"key":"10274_CR71","unstructured":"Warkentin, M., Crossler, R. E., & Malimage, N. (2012). Are You Sure You\u2019re Safe? Perceived Security Protection as an Enabler of Risky IT Behavior. Proceedings of the 2012 International Federation of Information Processing (IFIP) International Workshop on Information Systems Security Research, Dewald Roode Information Security Workshop"},{"key":"10274_CR72","unstructured":"Warkentin, M., Goel, S., Williams, K. J., & Renaud, K. (2018). Are we Predisposed to Behave Securely? Influence of Risk Disposition on Individual Security Behaviours. ECIS, 25"},{"issue":"1","key":"10274_CR73","doi-asserted-by":"publisher","first-page":"203","DOI":"10.1007\/s10796-018-9857-4","volume":"22","author":"A Weeger","year":"2020","unstructured":"Weeger, A., Wang, X., Gewald, H., Raisinghani, M., Sanchez, O., Grant, G., & Pittayachawan, S. (2020). Determinants of Intention to Participate in Corporate BYOD-Programs: The Case of Digital Natives. Information Systems Frontiers, 22(1), 203\u2013219. https:\/\/doi.org\/10.1007\/s10796-018-9857-4","journal-title":"Information Systems Frontiers"},{"key":"10274_CR74","unstructured":"Wickens, C. D., Gordon, S. E., & Liu, Y. (1998). & others. An introduction to human factors engineering"},{"key":"10274_CR75","unstructured":"Wilde, G. (1994). Target risk: Dealing with the danger of death, disease and damage in everyday decisions. Castor & Columba"},{"issue":"2","key":"10274_CR76","doi-asserted-by":"publisher","first-page":"89","DOI":"10.1136\/ip.4.2.89","volume":"4","author":"G Wilde","year":"1998","unstructured":"Wilde, G. (1998). Risk homeostasis theory: An overview. Injury Prevention, 4(2), 89\u201391","journal-title":"Injury Prevention"},{"issue":"3","key":"10274_CR77","doi-asserted-by":"publisher","first-page":"55","DOI":"10.17705\/1thci.00007","volume":"1","author":"P Zhang","year":"2009","unstructured":"Zhang, P., Li, N., Scialdone, M., & Carey, J. (2009). The intellectual advancement of human-computer interaction research: A critical assessment of the MIS literature (1990\u20132008). AIS Transactions on Human-Computer Interaction, 1(3), 55\u2013107","journal-title":"AIS Transactions on Human-Computer Interaction"}],"container-title":["Information Systems Frontiers"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s10796-022-10274-5.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1007\/s10796-022-10274-5\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s10796-022-10274-5.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,6,6]],"date-time":"2023-06-06T03:36:38Z","timestamp":1686022598000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/s10796-022-10274-5"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022,5,30]]},"references-count":77,"journal-issue":{"issue":"3","published-print":{"date-parts":[[2023,6]]}},"alternative-id":["10274"],"URL":"https:\/\/doi.org\/10.1007\/s10796-022-10274-5","relation":{},"ISSN":["1387-3326","1572-9419"],"issn-type":[{"value":"1387-3326","type":"print"},{"value":"1572-9419","type":"electronic"}],"subject":[],"published":{"date-parts":[[2022,5,30]]},"assertion":[{"value":"27 March 2022","order":1,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"30 May 2022","order":2,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Declarations"}},{"value":"The authors have no relevant financial or non-financial interests to disclose.","order":2,"name":"Ethics","group":{"name":"EthicsHeading","label":"Conflict of interest"}}]}}