{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,12,17]],"date-time":"2025-12-17T08:28:20Z","timestamp":1765960100828,"version":"3.37.3"},"reference-count":92,"publisher":"Informa UK Limited","issue":"1","funder":[{"DOI":"10.13039\/100000001","name":"National Science Foundation","doi-asserted-by":"publisher","award":["1421580"],"award-info":[{"award-number":["1421580"]}],"id":[{"id":"10.13039\/100000001","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["www.tandfonline.com"],"crossmark-restriction":true},"short-container-title":["European Journal of Information Systems"],"published-print":{"date-parts":[[2021,1,2]]},"DOI":"10.1080\/0960085x.2020.1793696","type":"journal-article","created":{"date-parts":[[2020,7,21]],"date-time":"2020-07-21T21:58:47Z","timestamp":1595368727000},"page":"27-45","update-policy":"https:\/\/doi.org\/10.1080\/tandf_crossmark_01","source":"Crossref","is-referenced-by-count":16,"title":["Using susceptibility claims to motivate behaviour change in IT security"],"prefix":"10.1080","volume":"30","author":[{"ORCID":"https:\/\/orcid.org\/0000-0001-8711-1827","authenticated-orcid":false,"given":"Matthew L.","family":"Jensen","sequence":"first","affiliation":[{"name":"MIS Division, Price College of Business, University of Oklahoma, Norman, USA"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-6705-202X","authenticated-orcid":false,"given":"Alexandra","family":"Durcikova","sequence":"additional","affiliation":[{"name":"MIS Division, Price College of Business, University of Oklahoma, Norman, USA"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-9719-415X","authenticated-orcid":false,"given":"Ryan T","family":"Wright","sequence":"additional","affiliation":[{"name":"McIntire School of Commerce, University of Virginia, Charlottesville, USA"}]}],"member":"301","published-online":{"date-parts":[[2020,7,21]]},"reference":[{"key":"cit0001","doi-asserted-by":"publisher","DOI":"10.1007\/1-4020-8090-5_13"},{"key":"cit0002","doi-asserted-by":"publisher","DOI":"10.2307\/25750694"},{"key":"cit0003","unstructured":"Anti-Phishing Working Group. (2016). Phishing activity trends report. Retrieved July 15, 2016, from https:\/\/docs.apwg.org\/reports\/apwg_trends_report_q1_2020.pdf"},{"key":"cit0004","unstructured":"Ashford, W. (2018). Nearly half of UK manufacturers hit by cyber attacks. Computer Weekly. Retrieved May 14, 2018, from https:\/\/www.computerweekly.com\/news\/252439718\/Nearly-half-of-UK-manufacturers-hit-by-cyber-attacks"},{"key":"cit0005","doi-asserted-by":"publisher","DOI":"10.17705\/1jais.00506"},{"key":"cit0006","unstructured":"Barrett, B. (2016). Some basic security tips for the clinton campaign (and anyone else). Wired Magazine. Retrieved October 14, 2016, from https:\/\/www.wired.com\/2016\/10\/basic-security-tips-clinton-campaign-anyone-else\/"},{"key":"cit0007","unstructured":"Basu, E. (2014). Target CEO fired \u2013Can you be fired if your company is hacked? Forbes Magazine. https:\/\/www.forbes.com\/sites\/ericbasu\/2014\/06\/15\/target-ceo-fired-can-you-be-fired-if-your-company-is-hacked\/#57e47c987c9f"},{"key":"cit0008","doi-asserted-by":"publisher","DOI":"10.1016\/j.jsis.2018.11.002"},{"key":"cit0009","doi-asserted-by":"publisher","DOI":"10.25300\/MISQ\/2015\/39.4.5"},{"key":"cit0010","doi-asserted-by":"publisher","DOI":"10.1016\/j.jclinepi.2003.08.009"},{"key":"cit0011","doi-asserted-by":"publisher","DOI":"10.2307\/25750690"},{"key":"cit0012","doi-asserted-by":"publisher","DOI":"10.1016\/j.ijresmar.2008.06.005"},{"key":"cit0013","doi-asserted-by":"publisher","DOI":"10.25300\/MISQ\/2016\/40.1.09"},{"key":"cit0014","doi-asserted-by":"publisher","DOI":"10.1111\/1467-8721.ep10768783"},{"key":"cit0015","unstructured":"Corfield, G. (2019). Personal data slurped in Airbus hack \u2013 But firm\u2019s industrial smarts could be what crooks are after. The Register. Retrieved April 15, 2019, from https:\/\/www.theregister.co.uk\/2019\/01\/31\/airbus_hacked_eurofighter_link\/"},{"key":"cit0016","doi-asserted-by":"publisher","DOI":"10.1109\/HICSS.2010.311"},{"key":"cit0017","doi-asserted-by":"publisher","DOI":"10.2308\/isys-50704"},{"key":"cit0018","doi-asserted-by":"publisher","DOI":"10.1111\/j.1467-9221.2008.00678.x"},{"key":"cit0019","doi-asserted-by":"publisher","DOI":"10.2307\/20650303"},{"key":"cit0020","volume":"5","author":"Disparte D.","year":"2017","journal-title":"Harvard Business Review"},{"key":"cit0021","unstructured":"DUO. (2016). Inside a retail hack: Lateral movement & credential-harvesting. DUO Inc. Retrieved October 14, 2016, from https:\/\/duo.com\/blog\/inside-a-retail-hack-lateral-movement-and-credential-harvesting"},{"key":"cit0022","doi-asserted-by":"publisher","DOI":"10.1002\/mar.4220120509"},{"key":"cit0023","doi-asserted-by":"publisher","DOI":"10.1037\/0021-9010.74.5.787"},{"key":"cit0024","unstructured":"Etters, K. (2019). Cyberattack diverts almost $500,000 out of city of Tallahassee payroll account. USA Today. Retrieved April 15, 2019, from https:\/\/www.usatoday.com\/story\/news\/nation\/2019\/04\/05\/hackers-divert-nearly-500-000-city-tallahassees-payroll\/3383451002\/"},{"key":"cit0025","unstructured":"FBI. (2016). FBI warns of dramatic increase in business E-Mail scams. Federal Bureau of Investigation. Retrieved June 14, 2016, from https:\/\/www.fbi.gov\/phoenix\/press-releases\/2016\/fbi-warns-of-dramatic-increase-in-business-e-mail-scams"},{"key":"cit0026","unstructured":"Fitzgerald, D. (2016). Akamai says hackers use \u2019smart\u2019 devices to test stolen usernames, passwords. Wall Street Journal. Retrieved October 14, 2016, from http:\/\/www.wsj.com\/articles\/akamai-says-hackers-use-smart-devices-to-test-stolen-usernames-passwords-1476287922"},{"key":"cit0027","unstructured":"Gartner. (2018). Gartner forecasts worldwide information security spending to exceed $124 billion in 2019. Gartner Inc. Retrieved April 14, 2019, from https:\/\/www.gartner.com\/en\/newsroom\/press-releases\/2018-08-15-gartner-forecasts-worldwide-information-security-spending-to-exceed-124-billion-in-2019"},{"key":"cit0028","unstructured":"Givens, S. (2019). Five strategies to get employee buy-in for security awareness training. Forbes Magazine. Retrieved April 13, 2019, from https:\/\/www.forbes.com\/sites\/forbeshumanresourcescouncil\/2019\/04\/12\/five-strategies-to-get-employee-buy-in-for-security-awareness-training\/#1e6262fc236d"},{"key":"cit0029","doi-asserted-by":"publisher","DOI":"10.17705\/1jais.00151"},{"key":"cit0030","doi-asserted-by":"publisher","DOI":"10.1057\/ejis.2009.6"},{"key":"cit0031","doi-asserted-by":"publisher","DOI":"10.25300\/MISQ\/2014\/38.2.08"},{"key":"cit0032","doi-asserted-by":"publisher","DOI":"10.1002\/smj.582"},{"key":"cit0033","doi-asserted-by":"publisher","DOI":"10.1002\/0471722146"},{"key":"cit0034","doi-asserted-by":"publisher","DOI":"10.17705\/1jais.00232"},{"key":"cit0035","doi-asserted-by":"publisher","DOI":"10.1145\/975817.975820"},{"key":"cit0036","doi-asserted-by":"publisher","DOI":"10.1080\/07421222.2017.1334499"},{"key":"cit0037","doi-asserted-by":"publisher","DOI":"10.2307\/25750691"},{"key":"cit0038","doi-asserted-by":"publisher","DOI":"10.1111\/deci.12328"},{"key":"cit0039","doi-asserted-by":"publisher","DOI":"10.1057\/ejis.2015.15"},{"key":"cit0040","doi-asserted-by":"publisher","DOI":"10.25300\/MISQ\/2015\/39.1.06"},{"key":"cit0041","doi-asserted-by":"publisher","DOI":"10.1016\/S0268-4012(02)00105-6"},{"key":"cit0042","doi-asserted-by":"publisher","DOI":"10.1080\/01621459.1958.10501452"},{"key":"cit0043","doi-asserted-by":"publisher","DOI":"10.17705\/1jais.00274"},{"key":"cit0044","doi-asserted-by":"publisher","DOI":"10.1145\/1572532.1572536"},{"key":"cit0045","doi-asserted-by":"publisher","DOI":"10.1145\/1754393.1754396"},{"issue":"3","key":"cit0046","first-page":"5","volume":"9","author":"LaTour M. S.","year":"1989","journal-title":"Marketing Health Services"},{"key":"cit0047","doi-asserted-by":"publisher","DOI":"10.1037\/h0100799"},{"key":"cit0048","doi-asserted-by":"publisher","DOI":"10.2307\/25148817"},{"issue":"3","key":"cit0049","first-page":"163","volume":"50","author":"Mantel N.","year":"1966","journal-title":"Cancer Chemotherapy Reports. Part 1"},{"key":"cit0050","unstructured":"Martin, A. (2019). Cybercriminals target the UK police force with ransomware. The Inquirer. Retrieved April 15, 2019, from https:\/\/www.theinquirer.net\/inquirer\/news\/3073016\/police-federation-ransomware-attack"},{"key":"cit0051","doi-asserted-by":"publisher","DOI":"10.1080\/07421222.2017.1394083"},{"key":"cit0052","doi-asserted-by":"publisher","DOI":"10.1287\/isre.2013.0502"},{"key":"cit0053","doi-asserted-by":"publisher","DOI":"10.25300\/MISQ\/2018\/13853"},{"key":"cit0054","unstructured":"National Institute of Standards and Technology. (2016). Digital authentication guidelines: National institute of standards and technology."},{"key":"cit0055","doi-asserted-by":"publisher","DOI":"10.5465\/AMR.2011.59330932"},{"key":"cit0056","doi-asserted-by":"publisher","DOI":"10.1109\/HICSS.2007.206"},{"key":"cit0057","unstructured":"Palfy, S. (2019). Why reused passwords could put your tax information at risk. Forbes Magazine. Retrieved April 22, 2019, from https:\/\/www.forbes.com\/sites\/forbestechcouncil\/2019\/04\/12\/why-reused-passwords-could-put-your-tax-information-at-risk\/#100e3c6441f5"},{"key":"cit0058","doi-asserted-by":"crossref","unstructured":"Pattabiraman, A., Srinivasan, S., Swaminathan, K. & Gupta, M. (2018). Fortifying corporate human wall: A literature review of security awareness and training. Information Technology Risk Management and Compliance in Modern Organizations (pp. 142\u2013175): IGI Global.","DOI":"10.4018\/978-1-5225-2604-9.ch006"},{"key":"cit0059","doi-asserted-by":"publisher","DOI":"10.1037\/h0027342"},{"key":"cit0060","doi-asserted-by":"publisher","DOI":"10.1080\/07421222.2015.1138374"},{"key":"cit0061","doi-asserted-by":"publisher","DOI":"10.25300\/MISQ\/2013\/37.4.09"},{"key":"cit0062","doi-asserted-by":"publisher","DOI":"10.2307\/25750704"},{"key":"cit0063","doi-asserted-by":"publisher","DOI":"10.1111\/j.1529-1006.2006.00026.x"},{"key":"cit0064","doi-asserted-by":"publisher","DOI":"10.1037\/h0029832"},{"key":"cit0065","doi-asserted-by":"publisher","DOI":"10.1080\/00223980.1975.9915803"},{"key":"cit0066","first-page":"153","volume-title":"Social psychophysiology: A source book","author":"Rogers R. W.","year":"1983"},{"key":"cit0067","unstructured":"Savage, M. (2019). Cybercrime for dummies: Cracking internet passwords is as easy as 123456. The Guardian. Retrieved April 22, 2019, from https:\/\/www.theguardian.com\/technology\/2019\/apr\/21\/cybercrime-hacking-internet-account-passwords"},{"key":"cit0068","doi-asserted-by":"publisher","DOI":"10.1177\/009365099026002006"},{"key":"cit0069","doi-asserted-by":"publisher","DOI":"10.1080\/14792772143000003"},{"volume-title":"Attitude and attitude change: The social judgment-involvement approach","year":"1965","author":"Sherif C. W.","key":"cit0070"},{"volume-title":"Social judgment: Assimilation and contrast effects in communication and attitude change","year":"1961","author":"Sherif M.","key":"cit0071"},{"key":"cit0072","doi-asserted-by":"publisher","DOI":"10.2307\/25750688"},{"key":"cit0073","doi-asserted-by":"publisher","DOI":"10.1207\/s15327027hc2002_6"},{"key":"cit0074","doi-asserted-by":"publisher","DOI":"10.1002\/cb.130"},{"key":"cit0075","doi-asserted-by":"publisher","DOI":"10.1111\/j.1468-2885.2006.00009.x"},{"key":"cit0076","unstructured":"Solman, P. (2015). The battle to beat password security threats. Financial Times."},{"key":"cit0077","unstructured":"Steinberg, J. (2016). The biggest lessons from the yahoo data breach are the ones nobody is talking about. Inc Magazine. Retrieved October 14, 2016, from http:\/\/www.inc.com\/joseph-steinberg\/the-biggest-lessons-from-the-yahoo-data-breach-are-the-ones-nobody-is-talking-ab.html"},{"key":"cit0078","doi-asserted-by":"publisher","DOI":"10.1177\/002224299105500304"},{"key":"cit0079","doi-asserted-by":"publisher","DOI":"10.1037\/0021-9010.90.4.692"},{"key":"cit0080","doi-asserted-by":"publisher","DOI":"10.1348\/000712605X47431"},{"key":"cit0081","doi-asserted-by":"publisher","DOI":"10.17705\/1jais.00109"},{"key":"cit0082","doi-asserted-by":"publisher","DOI":"10.17705\/1jais.00375"},{"key":"cit0083","doi-asserted-by":"publisher","DOI":"10.25300\/MISQ\/2015\/39.2.04"},{"key":"cit0084","doi-asserted-by":"publisher","DOI":"10.1111\/j.1464-0597.2007.00327.x"},{"key":"cit0085","unstructured":"Verizon. (2017). 2017 Data breach investigations report. Verizon. http:\/\/www.verizonenterprise.com\/verizon-insights-lab\/dbir\/2017\/"},{"key":"cit0086","first-page":"13","volume":"41","author":"Wall J. D.","year":"2017","journal-title":"Communications of the AIS"},{"key":"cit0087","doi-asserted-by":"publisher","DOI":"10.17705\/1jais.00424"},{"key":"cit0088","doi-asserted-by":"publisher","DOI":"10.17705\/1jais.00524"},{"key":"cit0089","doi-asserted-by":"publisher","DOI":"10.1111\/isj.12129"},{"key":"cit0090","doi-asserted-by":"publisher","DOI":"10.1080\/03637759209376276"},{"key":"cit0091","doi-asserted-by":"publisher","DOI":"10.1287\/isre.2014.0522"},{"key":"cit0092","doi-asserted-by":"publisher","DOI":"10.17705\/1jais.00399"}],"container-title":["European Journal of Information Systems"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.tandfonline.com\/doi\/pdf\/10.1080\/0960085X.2020.1793696","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,5,29]],"date-time":"2021-05-29T02:27:30Z","timestamp":1622255250000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.tandfonline.com\/doi\/full\/10.1080\/0960085X.2020.1793696"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020,7,21]]},"references-count":92,"journal-issue":{"issue":"1","published-print":{"date-parts":[[2021,1,2]]}},"alternative-id":["10.1080\/0960085X.2020.1793696"],"URL":"https:\/\/doi.org\/10.1080\/0960085x.2020.1793696","relation":{},"ISSN":["0960-085X","1476-9344"],"issn-type":[{"type":"print","value":"0960-085X"},{"type":"electronic","value":"1476-9344"}],"subject":[],"published":{"date-parts":[[2020,7,21]]},"assertion":[{"value":"The publishing and review policy for this title is described in its Aims & Scope.","order":1,"name":"peerreview_statement","label":"Peer Review Statement"},{"value":"http:\/\/www.tandfonline.com\/action\/journalInformation?show=aimsScope&journalCode=tjis20","URL":"http:\/\/www.tandfonline.com\/action\/journalInformation?show=aimsScope&journalCode=tjis20","order":2,"name":"aims_and_scope_url","label":"Aim & Scope"},{"value":"2018-05-18","order":0,"name":"received","label":"Received","group":{"name":"publication_history","label":"Publication History"}},{"value":"2020-07-03","order":2,"name":"accepted","label":"Accepted","group":{"name":"publication_history","label":"Publication History"}},{"value":"2020-07-21","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}