{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,16]],"date-time":"2026-05-16T08:50:54Z","timestamp":1778921454454,"version":"3.51.4"},"publisher-location":"New York, NY, USA","reference-count":163,"publisher":"ACM","license":[{"start":{"date-parts":[[2025,4,25]],"date-time":"2025-04-25T00:00:00Z","timestamp":1745539200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by-nc\/4.0\/"}],"funder":[{"name":"Institute for Advanced Studies of the University of Luxembourg"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2025,4,26]]},"DOI":"10.1145\/3706598.3713122","type":"proceedings-article","created":{"date-parts":[[2025,4,24]],"date-time":"2025-04-24T03:33:32Z","timestamp":1745465612000},"page":"1-28","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":4,"title":["Beyond Deterrence: A Systematic Review of the Role of Autonomous Motivation in Organizational Security Behavior Studies"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0000-0003-0794-1551","authenticated-orcid":false,"given":"Xiaowei","family":"Chen","sequence":"first","affiliation":[{"name":"Institute for Advanced Studies, University of Luxembourg, Esch-sur-Alzette, Luxembourg"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-9483-617X","authenticated-orcid":false,"given":"Lorin","family":"Sch\u00f6ni","sequence":"additional","affiliation":[{"name":"Security, Privacy &amp; Society, ETH Zurich, Zurich, Switzerland"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-4461-0551","authenticated-orcid":false,"given":"Verena","family":"Distler","sequence":"additional","affiliation":[{"name":"Department of Computer Science, Aalto University, Espoo, Finland"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-6873-8146","authenticated-orcid":false,"given":"Verena","family":"Zimmermann","sequence":"additional","affiliation":[{"name":"Department of Humanities, Social and Political Sciences, ETH Z\u00fcrich, Z\u00fcrich, Switzerland"}]}],"member":"320","published-online":{"date-parts":[[2025,4,25]]},"reference":[{"key":"e_1_3_3_3_2_2","doi-asserted-by":"crossref","unstructured":"Anne Adams and Martina\u00a0Angela Sasse. 1999. Users are not the enemy. Commun. ACM 42 12 (1999) 40\u201346.","DOI":"10.1145\/322796.322806"},{"key":"e_1_3_3_3_3_2","doi-asserted-by":"crossref","unstructured":"Icek Ajzen. 1991. The theory of planned behavior. Organizational behavior and human decision processes 50 2 (1991) 179\u2013211.","DOI":"10.1016\/0749-5978(91)90020-T"},{"key":"e_1_3_3_3_4_2","doi-asserted-by":"crossref","unstructured":"Icek Ajzen. 2020. The theory of planned behavior: Frequently asked questions. Human behavior and emerging technologies 2 4 (2020) 314\u2013324.","DOI":"10.1002\/hbe2.195"},{"key":"e_1_3_3_3_5_2","doi-asserted-by":"crossref","unstructured":"Saad Alahmari Karen Renaud and Inah Omoronyia. 2023. Moving beyond cyber security awareness and training to engendering security knowledge sharing. Information Systems and e-Business Management 21 1 (2023) 123\u2013158.","DOI":"10.1007\/s10257-022-00575-2"},{"key":"e_1_3_3_3_6_2","doi-asserted-by":"crossref","unstructured":"Yasser Alhelaly Gurpreet Dhillon and Tiago Oliveira. 2023. When expectation fails and motivation prevails: the mediating role of awareness in bridging the expectancy-capability gap in mobile identity protection. Computers & Security 134 (2023) 103470.","DOI":"10.1016\/j.cose.2023.103470"},{"key":"e_1_3_3_3_7_2","doi-asserted-by":"crossref","unstructured":"Rao\u00a0Faizan Ali PDD Dominic Syed Emad\u00a0Azhar Ali Mobashar Rehman and Abid Sohail. 2021. Information security behavior and information security policy compliance: A systematic literature review for identifying the transformation process from noncompliance to compliance. Applied Sciences 11 8 (2021) 3383.","DOI":"10.3390\/app11083383"},{"key":"e_1_3_3_3_8_2","doi-asserted-by":"crossref","unstructured":"Rawan\u00a0A Alsharida Bander Ali\u00a0Saleh Al-rimy Mostafa Al-Emran and Anazida Zainal. 2023. A systematic review of multi perspectives on human cybersecurity behavior. Technology in society 73 (2023) 102258.","DOI":"10.1016\/j.techsoc.2023.102258"},{"key":"e_1_3_3_3_9_2","doi-asserted-by":"publisher","DOI":"10.1145\/3633500.3633504"},{"key":"e_1_3_3_3_10_2","doi-asserted-by":"crossref","unstructured":"Steven Alter. 2014. Theory of Workarounds. Communications of the Association for Information Systems 34 1 (2014) 55. http:\/\/aisel.aisnet.org\/cais\/vol34\/iss1\/55","DOI":"10.17705\/1CAIS.03455"},{"key":"e_1_3_3_3_11_2","doi-asserted-by":"crossref","unstructured":"Ahmed Alzahrani and Christopher Johnson. 2019. AHP-based Security decision making: How intention and intrinsic motivation affect policy compliance. International Journal of Advanced Computer Science and Applications 10 6 (2019) 1\u20138.","DOI":"10.14569\/IJACSA.2019.0100601"},{"key":"e_1_3_3_3_12_2","doi-asserted-by":"publisher","DOI":"10.1109\/INFOMAN.2018.8392822"},{"key":"e_1_3_3_3_13_2","first-page":"68","volume-title":"International Conference for International Association for Development of the Information Society (IADIS): Proceedings of International Conferences e-society and Mobile Learning","author":"Awudu Salim","year":"2023","unstructured":"Salim Awudu and Sotirios Terzis. 2023. Investigating Staff Information Security Policy Compliance in Electronic Identity Systems: The Ghanaian National Identity System. In International Conference for International Association for Development of the Information Society (IADIS): Proceedings of International Conferences e-society and Mobile Learning. ERIC, USA, 68\u201375."},{"key":"e_1_3_3_3_14_2","doi-asserted-by":"crossref","unstructured":"Albert Bandura and Dale\u00a0H Schunk. 1981. Cultivating competence self-efficacy and intrinsic interest through proximal self-motivation. Journal of personality and social psychology 41 3 (1981) 586.","DOI":"10.1037\/\/0022-3514.41.3.586"},{"key":"e_1_3_3_3_15_2","series-title":"(SOUPS \u201916)","first-page":"253","volume-title":"Proceedings of the Twelfth USENIX Conference on Usable Privacy and Security","author":"Beautement Adam","year":"2016","unstructured":"Adam Beautement, Ingolf Becker, Simon Parkin, Kat Krol, and M.\u00a0Angela Sasse. 2016. Productive security: a scalable methodology for analysing employee security behaviours. In Proceedings of the Twelfth USENIX Conference on Usable Privacy and Security (Denver, CO, USA) (SOUPS \u201916). USENIX Association, USA, 253\u2013270."},{"key":"e_1_3_3_3_16_2","doi-asserted-by":"publisher","DOI":"10.1145\/1595676.1595684"},{"key":"e_1_3_3_3_17_2","doi-asserted-by":"publisher","DOI":"10.14722\/eurousec.2017.23007"},{"key":"e_1_3_3_3_18_2","doi-asserted-by":"crossref","unstructured":"Daniel Bennett and Elisa Mekler. January 2024. Beyond Intrinsic Motivation: The Role of Autonomous Motivation in User Experience. ACM Transactions on Computer-Human Interaction 1 1 (January 2024) 1\u201344.","DOI":"10.1145\/3689044"},{"key":"e_1_3_3_3_19_2","doi-asserted-by":"publisher","DOI":"10.1145\/3613904.3642843"},{"key":"e_1_3_3_3_20_2","unstructured":"John\u00a0F. Binning. 2016. Construct. https:\/\/www.britannica.com\/science\/construct. Encyclopedia Britannica."},{"key":"e_1_3_3_3_21_2","doi-asserted-by":"crossref","unstructured":"John\u00a0M Blythe and Lynne Coventry. 2018. Costly but effective: Comparing the factors that influence employee anti-malware behaviours. Computers in Human Behavior 87 (2018) 87\u201397.","DOI":"10.1016\/j.chb.2018.05.023"},{"key":"e_1_3_3_3_22_2","first-page":"103","volume-title":"Eleventh Symposium On Usable Privacy and Security ({ SOUPS} 2015)","author":"Blythe John\u00a0M","year":"2015","unstructured":"John\u00a0M Blythe, Lynne Coventry, and Linda Little. 2015. Unpacking security policy compliance: The motivators and barriers of employees\u2019 security behaviors. In Eleventh Symposium On Usable Privacy and Security ({ SOUPS} 2015). Usenix, Berkeley, CA, USA, 103\u2013122."},{"key":"e_1_3_3_3_23_2","doi-asserted-by":"publisher","DOI":"10.1145\/3613904.3642432"},{"key":"e_1_3_3_3_24_2","volume-title":"Psychological reactance: A theory of freedom and control","author":"Brehm Sharon\u00a0S","year":"2013","unstructured":"Sharon\u00a0S Brehm and Jack\u00a0W Brehm. 2013. Psychological reactance: A theory of freedom and control. Academic Press, New York, USA."},{"key":"e_1_3_3_3_25_2","doi-asserted-by":"crossref","unstructured":"Burcu Bulgurcu Hasan Cavusoglu and Izak Benbasat. 2010. Information security policy compliance: an empirical study of rationality-based beliefs and information security awareness. MIS quarterly 34 3 (2010) 523\u2013548.","DOI":"10.2307\/25750690"},{"key":"e_1_3_3_3_26_2","doi-asserted-by":"publisher","DOI":"10.1109\/EuroSPW51379.2020.00069"},{"key":"e_1_3_3_3_27_2","doi-asserted-by":"crossref","unstructured":"Pavlo Burda Luca Allodi and Nicola Zannone. 2024. Cognition in social engineering empirical research: a systematic literature review. ACM Transactions on Computer-Human Interaction 31 2 (2024) 1\u201355.","DOI":"10.1145\/3635149"},{"key":"e_1_3_3_3_28_2","doi-asserted-by":"crossref","unstructured":"AJ Burns Tom\u00a0L Roberts Clay Posey Paul\u00a0Benjamin Lowry and Bryan Fuller. 2023. Going beyond deterrence: A middle-range theory of motives and controls for insider computer abuse. Information Systems Research 34 1 (2023) 342\u2013362.","DOI":"10.1287\/isre.2022.1133"},{"key":"e_1_3_3_3_29_2","doi-asserted-by":"crossref","unstructured":"Hao Chen and Wenli Li. 2019. Understanding commitment and apathy in is security extra-role behavior from a person-organization fit perspective. Behaviour & Information Technology 38 5 (2019) 454\u2013468.","DOI":"10.1080\/0144929X.2018.1539520"},{"key":"e_1_3_3_3_30_2","volume-title":"S&PEI Workshop of the Twentieth Symposium on Usable Privacy and Security (SOUPS 2024)","author":"Chen Xiaowei","year":"2024","unstructured":"Xiaowei Chen, Sophie Doublet, and Verena Distler. 2024. Making Motivation Theories Accessible: Introducing Motivation Cards to Map Motivators for Security and Privacy Education. In S&PEI Workshop of the Twentieth Symposium on Usable Privacy and Security (SOUPS 2024)."},{"key":"e_1_3_3_3_31_2","first-page":"487","volume-title":"Twentieth Symposium on Usable Privacy and Security (SOUPS 2024)","author":"Chen Xiaowei","year":"2024","unstructured":"Xiaowei Chen, Sophie Doublet, Anastasia Sergeeva, Gabriele Lenzini, Vincent Koenig, and Verena Distler. 2024. What Motivates and Discourages Employees in Phishing Interventions: An Exploration of Expectancy-Value Theory. In Twentieth Symposium on Usable Privacy and Security (SOUPS 2024). Usenix, Berkely, CA, USA, 487\u2013506."},{"key":"e_1_3_3_3_32_2","doi-asserted-by":"publisher","DOI":"10.1145\/3613904.3641943"},{"key":"e_1_3_3_3_33_2","unstructured":"Xiaowei Chen Verena Zimmermann Lorin Sch\u00f6ni and Verena Distler. 2024. Systematic literature review on autonomous motivation in organizational cybersecurity behaviors. https:\/\/osf.io\/jxtk9."},{"key":"e_1_3_3_3_34_2","doi-asserted-by":"crossref","unstructured":"W\u00a0Alec Cram John D\u2019arcy and Jeffrey\u00a0G Proudfoot. 2019. Seeing the forest and the trees: a meta-analysis of the antecedents to information security policy compliance. MIS quarterly 43 2 (2019) 525\u2013554.","DOI":"10.25300\/MISQ\/2019\/15117"},{"key":"e_1_3_3_3_35_2","doi-asserted-by":"crossref","unstructured":"Russell Cropanzano and Marie\u00a0S Mitchell. 2005. Social exchange theory: An interdisciplinary review. Journal of management 31 6 (2005) 874\u2013900.","DOI":"10.1177\/0149206305279602"},{"key":"e_1_3_3_3_36_2","doi-asserted-by":"crossref","unstructured":"Robert\u00a0E Crossler Allen\u00a0C Johnston Paul\u00a0Benjamin Lowry Qing Hu Merrill Warkentin and Richard Baskerville. 2013. Future directions for behavioral information security research. computers & security 32 (2013) 90\u2013101.","DOI":"10.1016\/j.cose.2012.09.010"},{"key":"e_1_3_3_3_37_2","doi-asserted-by":"crossref","unstructured":"Joseph Da\u00a0Silva and Rikke\u00a0Bjerg Jensen. 2022. \" Cyber security is a dark art\": The CISO as Soothsayer. Proceedings of the ACM on Human-Computer Interaction 6 CSCW2 (2022) 1\u201331.","DOI":"10.1145\/3555090"},{"key":"e_1_3_3_3_38_2","doi-asserted-by":"crossref","unstructured":"John D\u2019Arcy Anat Hovav and Dennis Galletta. 2009. User awareness of security countermeasures and its impact on information systems misuse: A deterrence approach. Information systems research 20 1 (2009) 79\u201398.","DOI":"10.1287\/isre.1070.0160"},{"key":"e_1_3_3_3_39_2","doi-asserted-by":"crossref","unstructured":"Joshua Davis Deepti Agrawal and Xiang Guo. 2023. Enhancing users\u2019 security engagement through cultivating commitment: the role of psychological needs fulfilment. European Journal of Information Systems 32 2 (2023) 195\u2013206.","DOI":"10.1080\/0960085X.2021.1927866"},{"key":"e_1_3_3_3_40_2","doi-asserted-by":"crossref","unstructured":"Joshua\u00a0M Davis Deepti Agrawal and Obi Ogbanufe. 2025. Shaping extra-role security behaviors through employee-agent relations: A dual-channel motivational perspective. International Journal of Information Management 80 (2025) 102833.","DOI":"10.1016\/j.ijinfomgt.2024.102833"},{"key":"e_1_3_3_3_41_2","doi-asserted-by":"crossref","unstructured":"Edward\u00a0L Deci and Richard\u00a0M Ryan. 2008. Facilitating optimal motivation and psychological well-being across life\u2019s domains. Canadian psychology\/Psychologie canadienne 49 1 (2008) 14.","DOI":"10.1037\/0708-5591.49.1.14"},{"key":"e_1_3_3_3_42_2","doi-asserted-by":"crossref","unstructured":"Edward\u00a0L Deci and Richard\u00a0M Ryan. 2008. Self-determination theory: A macrotheory of human motivation development and health. Canadian psychology\/Psychologie canadienne 49 3 (2008) 182.","DOI":"10.1037\/a0012801"},{"key":"e_1_3_3_3_43_2","doi-asserted-by":"crossref","unstructured":"Edward\u00a0L Deci and Richard\u00a0M Ryan. 2014. The importance of universal psychological needs for understanding motivation in the workplace. The Oxford handbook of work engagement motivation and self-determination theory 13 (2014) 13\u201332.","DOI":"10.1093\/oxfordhb\/9780199794911.013.003"},{"key":"e_1_3_3_3_44_2","unstructured":"Gurpreet Dhillon Yurita\u00a0Yakimini Abdul\u00a0Talib and Winnie\u00a0Ng Picoto. 2020. The mediating role of psychological empowerment in information security compliance intentions. Journal of the Association for Information Systems 21 1 (2020) 5."},{"key":"e_1_3_3_3_45_2","doi-asserted-by":"crossref","unstructured":"Antonio D\u00edaz\u00a0Andrade Monideepa Tarafdar Robert\u00a0M Davison Andrew Hardin Angsana\u00a0A Techatassanasoontorn Paul\u00a0Benjamin Lowry Sutirtha Chatterjee and Gerhard Schwabe. 2023. The importance of theory at the Information Systems Journal. Information Systems Journal 33 (2023) 693\u2013702.","DOI":"10.1111\/isj.12437"},{"key":"e_1_3_3_3_46_2","doi-asserted-by":"publisher","DOI":"10.1145\/3544548.3581170"},{"key":"e_1_3_3_3_47_2","unstructured":"P Drogkaris and A Bourka. 2019. Cybersecurity culture guidelines: Behavioural aspects of cybersecurity. European Union Agency for Network and Information Security (ENISA) (2019)."},{"key":"e_1_3_3_3_48_2","doi-asserted-by":"crossref","unstructured":"Jacquelynne\u00a0S Eccles and Allan Wigfield. 1995. In the mind of the actor: The structure of adolescents\u2019 achievement task values and expectancy-related beliefs. Personality and social psychology bulletin 21 3 (1995) 215\u2013225.","DOI":"10.1177\/0146167295213003"},{"key":"e_1_3_3_3_49_2","doi-asserted-by":"crossref","unstructured":"Jacquelynne\u00a0S Eccles and Allan Wigfield. 2020. From expectancy-value theory to situated expectancy-value theory: A developmental social cognitive and sociocultural perspective on motivation. Contemporary educational psychology 61 (2020) 101859.","DOI":"10.1016\/j.cedpsych.2020.101859"},{"key":"e_1_3_3_3_50_2","first-page":"61","volume-title":"Fifteenth Symposium on Usable Privacy and Security (SOUPS 2019)","author":"Faklaris Cori","year":"2019","unstructured":"Cori Faklaris, Laura\u00a0A Dabbish, and Jason\u00a0I Hong. 2019. A self-report measure of end-user security attitudes (SA-6). In Fifteenth Symposium on Usable Privacy and Security (SOUPS 2019). USENIX, Santa Clara, USA, 61\u201377."},{"key":"e_1_3_3_3_51_2","doi-asserted-by":"publisher","DOI":"10.24251\/HICSS.2021.549"},{"key":"e_1_3_3_3_52_2","doi-asserted-by":"crossref","unstructured":"Muriel Frank and Vanessa Kohn. 2023. Understanding extra-role security behaviors: An integration of self-determination theory and construal level theory. Computers & Security 132 (2023) 103386.","DOI":"10.1016\/j.cose.2023.103386"},{"key":"e_1_3_3_3_53_2","series-title":"(SOUPS\u201921)","volume-title":"Proceedings of the Seventeenth USENIX Conference on Usable Privacy and Security","author":"Franz Anjuli","year":"2021","unstructured":"Anjuli Franz, Verena Zimmermann, Gregor Albrecht, Katrin Hartwig, Christian Reuter, Alexander Benlian, and Joachim Vogt. 2021. SoK: still plenty of phish in the sea\u2014a taxonomy of user-oriented phishing interventions and avenues for future research. In Proceedings of the Seventeenth USENIX Conference on Usable Privacy and Security(SOUPS\u201921). USENIX Association, USA, Article 18, 19\u00a0pages."},{"key":"e_1_3_3_3_54_2","doi-asserted-by":"crossref","unstructured":"Trevor Gabriel and Steven Furnell. 2011. Selecting security champions. Computer Fraud & Security 2011 8 (2011) 8\u201312.","DOI":"10.1016\/S1361-3723(11)70082-3"},{"key":"e_1_3_3_3_55_2","doi-asserted-by":"crossref","unstructured":"Yotamu Gangire Ad\u00e9le Da\u00a0Veiga and Marlien Herselman. 2021. Assessing information security behaviour: A self-determination theory perspective. Information & Computer Security 29 4 (2021) 625\u2013646.","DOI":"10.1108\/ICS-11-2020-0179"},{"key":"e_1_3_3_3_56_2","doi-asserted-by":"crossref","unstructured":"Cornelia Gerdenitsch Daniela Wurhofer and Manfred Tscheligi. 2023. Working conditions and cybersecurity: Time pressure autonomy and threat appraisal shaping employees\u2019 security behavior. Cyberpsychology: Journal of Psychosocial Research on Cyberspace 17 4 (2023) 19.","DOI":"10.5817\/CP2023-4-7"},{"key":"e_1_3_3_3_57_2","doi-asserted-by":"publisher","DOI":"10.1145\/1124772.1124961"},{"key":"e_1_3_3_3_58_2","doi-asserted-by":"crossref","unstructured":"Ken\u00a0H Guo Yufei Yuan Norman\u00a0P Archer and Catherine\u00a0E Connelly. 2011. Understanding nonmalicious security violations in the workplace: A composite behavior model. Journal of management information systems 28 2 (2011) 203\u2013236.","DOI":"10.2753\/MIS0742-1222280208"},{"key":"e_1_3_3_3_59_2","doi-asserted-by":"publisher","DOI":"10.1145\/3617072.3617115"},{"key":"e_1_3_3_3_60_2","doi-asserted-by":"crossref","unstructured":"Steffi Haag Mikko Siponen and Fufan Liu. 2021. Protection motivation theory in information systems security research: A review of the past and a road map for the future. ACM SIGMIS Database: the DATABASE for Advances in Information Systems 52 2 (2021) 25\u201367.","DOI":"10.1145\/3462766.3462770"},{"key":"e_1_3_3_3_61_2","doi-asserted-by":"crossref","unstructured":"JR Hackman. 1976. Motivation through the design work: Test of the theory. Organizational Behavior and Human Performance 16 (1976) 250\u2013279.","DOI":"10.1016\/0030-5073(76)90016-7"},{"key":"e_1_3_3_3_62_2","doi-asserted-by":"crossref","unstructured":"Neal\u00a0R Haddaway Matthew\u00a0J Page Chris\u00a0C Pritchard and Luke\u00a0A McGuinness. 2022. PRISMA2020: An R package and Shiny app for producing PRISMA 2020-compliant flow diagrams with interactivity for optimised digital transparency and Open Synthesis. Campbell systematic reviews 18 2 (2022) e1230.","DOI":"10.1002\/cl2.1230"},{"key":"e_1_3_3_3_63_2","first-page":"1","volume-title":"Thirty Fourth International Conference on Information Systems","author":"Haeussinger Felix","year":"2013","unstructured":"Felix Haeussinger and Johann Kranz. 2013. Information security awareness: Its antecedents and mediating effects on security compliant behavior. In Thirty Fourth International Conference on Information Systems. Citeseer, Milan, 1\u201316."},{"key":"e_1_3_3_3_64_2","doi-asserted-by":"publisher","DOI":"10.1145\/3322385.3322388"},{"key":"e_1_3_3_3_65_2","doi-asserted-by":"crossref","unstructured":"Tejaswini Herath and H\u00a0Raghav Rao. 2009. Encouraging information security behaviors in organizations: Role of penalties pressures and perceived effectiveness. Decision support systems 47 2 (2009) 154\u2013165.","DOI":"10.1016\/j.dss.2009.02.005"},{"key":"e_1_3_3_3_66_2","doi-asserted-by":"publisher","DOI":"10.1145\/1719030.1719050"},{"key":"e_1_3_3_3_67_2","doi-asserted-by":"publisher","DOI":"10.1145\/3498891.3498902"},{"key":"e_1_3_3_3_68_2","series-title":"(SEC \u201923)","volume-title":"Proceedings of the 32nd USENIX Conference on Security Symposium","author":"Hielscher Jonas","year":"2023","unstructured":"Jonas Hielscher, Uta Menges, Simon Parkin, Annette Kluge, and M.\u00a0Angela Sasse. 2023. \"Employees who don\u2019t accept the time security takes are not aware enough\": the CISO view of human-centred security. In Proceedings of the 32nd USENIX Conference on Security Symposium (Anaheim, CA, USA) (SEC \u201923). USENIX Association, USA, Article 130, 18\u00a0pages."},{"key":"e_1_3_3_3_69_2","first-page":"3295","volume-title":"33nd USENIX Security Symposium (USENIX Security 23)","author":"Hielscher Jonas","year":"2024","unstructured":"Jonas Hielscher and Simon Parkin. 2024. \" What Keeps People Secure is That They Met The Security Team\": Deconstructing Drivers And Goals of Organizational Security Awareness. In 33nd USENIX Security Symposium (USENIX Security 23). USENIX, Philadephia, USA, 3295\u20133312."},{"key":"e_1_3_3_3_70_2","series-title":"(SOUPS \u201923)","volume-title":"Proceedings of the Nineteenth USENIX Conference on Usable Privacy and Security","author":"Hielscher Jonas","year":"2023","unstructured":"Jonas Hielscher, Markus Sch\u00f6ps, Uta Menges, Marco Gutfleisch, Mirko Helbling, and M.\u00a0Angela Sasse. 2023. Lacking the tools and support to fix friction: results from an interview study with security managers. In Proceedings of the Nineteenth USENIX Conference on Usable Privacy and Security (Anaheim, CA, USA) (SOUPS \u201923). USENIX Association, USA, Article 8, 20\u00a0pages."},{"key":"e_1_3_3_3_71_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-58460-7_34"},{"key":"e_1_3_3_3_72_2","doi-asserted-by":"crossref","unstructured":"Yuxiang Hong and Mengyi Xu. 2021. Autonomous motivation and information security policy compliance: role of job satisfaction responsibility and deterrence. Journal of Organizational and End User Computing (JOEUC) 33 6 (2021) 1\u201317.","DOI":"10.4018\/JOEUC.20211101.oa9"},{"key":"e_1_3_3_3_73_2","doi-asserted-by":"crossref","unstructured":"Princely Ifinedo. 2014. Information systems security policy compliance: An empirical study of the effects of socialisation influence and cognition. Information & Management 51 1 (2014) 69\u201379.","DOI":"10.1016\/j.im.2013.10.001"},{"key":"e_1_3_3_3_74_2","doi-asserted-by":"crossref","unstructured":"Sitwala Imenda. 2014. Is there a conceptual difference between theoretical and conceptual frameworks? Journal of social sciences 38 2 (2014) 185\u2013195.","DOI":"10.1080\/09718923.2014.11893249"},{"key":"e_1_3_3_3_75_2","doi-asserted-by":"publisher","DOI":"10.1145\/1753326.1753384"},{"key":"e_1_3_3_3_76_2","doi-asserted-by":"crossref","unstructured":"Lennart Jaeger and Andreas Eckhardt. 2021. Eyes wide open: The role of situational information security awareness for security-related behaviour. Information Systems Journal 31 3 (2021) 429\u2013472.","DOI":"10.1111\/isj.12317"},{"key":"e_1_3_3_3_77_2","doi-asserted-by":"publisher","DOI":"10.1109\/HICSS.2015.418"},{"key":"e_1_3_3_3_78_2","doi-asserted-by":"crossref","unstructured":"Soohyun Jeon Anat Hovav Jinyoung Han and Steven Alter. 2018. Rethinking the prevailing security paradigm: can user empowerment with traceability reduce the rate of security policy circumvention? ACM SIGMIS Database: the DATABASE for Advances in Information Systems 49 3 (2018) 54\u201377.","DOI":"10.1145\/3242734.3242739"},{"key":"e_1_3_3_3_79_2","doi-asserted-by":"crossref","unstructured":"Soohyun Jeon Insoo Son and Jinyoung Han. 2020. Exploring the role of intrinsic motivation in ISSP compliance: enterprise digital rights management system case. Information Technology & People 34 2 (2020) 599\u2013616.","DOI":"10.1108\/ITP-05-2018-0256"},{"key":"e_1_3_3_3_80_2","doi-asserted-by":"crossref","unstructured":"Soohyun Jeon Insoo Son and Jinyoung Han. 2023. Understanding employee\u2019s emotional reactions to ISSP compliance: focus on frustration from security requirements. Behaviour & Information Technology 42 13 (2023) 2093\u20132110.","DOI":"10.1080\/0144929X.2022.2109512"},{"key":"e_1_3_3_3_81_2","doi-asserted-by":"crossref","unstructured":"Heidi Julien Jen\u00a0JL Pecoskie and Kathleen Reed. 2011. Trends in information behavior research 1999\u20132008: A content analysis. Library & Information Science Research 33 1 (2011) 19\u201324.","DOI":"10.1016\/j.lisr.2010.07.014"},{"key":"e_1_3_3_3_82_2","doi-asserted-by":"crossref","unstructured":"Kristian Kannel\u00f8nning and Sokratis\u00a0K Katsikas. 2023. A systematic literature review of how cybersecurity-related behavior has been assessed. Information & Computer Security 31 4 (2023) 463\u2013477.","DOI":"10.1108\/ICS-08-2022-0139"},{"key":"e_1_3_3_3_83_2","doi-asserted-by":"crossref","unstructured":"Herbert\u00a0C Kelman. 1958. Compliance identification and internalization three processes of attitude change. Journal of conflict resolution 2 1 (1958) 51\u201360.","DOI":"10.1177\/002200275800200106"},{"key":"e_1_3_3_3_84_2","first-page":"1","volume-title":"Thirty Fifth International Conference on Information Systems","author":"Kranz Johann","year":"2014","unstructured":"Johann Kranz and Felix Haeussinger. 2014. Why deterrence is not enough: The role of endogenous motivations on employees\u2019 information security behavior. In Thirty Fifth International Conference on Information Systems. Association for Information Systems, Atlanta, GA, USA, 1\u201314."},{"key":"e_1_3_3_3_85_2","doi-asserted-by":"crossref","unstructured":"Kuang-Ming Kuo Paul\u00a0C Talley and Chi-Hsien Huang. 2020. A meta-analysis of the deterrence theory in security-compliant and security-risk behaviors. Computers & Security 96 (2020) 101928.","DOI":"10.1016\/j.cose.2020.101928"},{"key":"e_1_3_3_3_86_2","doi-asserted-by":"crossref","unstructured":"Dominika Kwasnicka Stephan\u00a0U Dombrowski Martin White and Falko Sniehotta. 2016. Theoretical explanations for maintenance of behaviour change: a systematic review of behaviour theories. Health psychology review 10 3 (2016) 277\u2013296.","DOI":"10.1080\/17437199.2016.1151372"},{"key":"e_1_3_3_3_87_2","doi-asserted-by":"crossref","unstructured":"Richard\u00a0S Lazarus. 1991. Cognition and motivation in emotion. American psychologist 46 4 (1991) 352.","DOI":"10.1037\/\/0003-066X.46.4.352"},{"key":"e_1_3_3_3_88_2","doi-asserted-by":"publisher","DOI":"10.1109\/HICSS.2013.192"},{"key":"e_1_3_3_3_89_2","doi-asserted-by":"crossref","unstructured":"Benedikt Lebek J\u00f6rg Uffen Markus Neumann Bernd Hohler and Michael H.\u00a0Breitner. 2014. Information security awareness and behavior: a theory-based literature review. Management Research Review 37 12 (2014) 1049\u20131092.","DOI":"10.1108\/MRR-04-2013-0085"},{"key":"e_1_3_3_3_90_2","doi-asserted-by":"crossref","unstructured":"Daeun Lee Harjinder\u00a0Singh Lallie and Nadine Michaelides. 2023. The impact of an employee\u2019s psychological contract breach on compliance with information security policies: intrinsic and extrinsic motivation. Cognition Technology & Work 25 2 (2023) 273\u2013289.","DOI":"10.1007\/s10111-023-00727-5"},{"key":"e_1_3_3_3_91_2","doi-asserted-by":"crossref","unstructured":"Han Li Rathindra Sarathy Jie Zhang and Xin Luo. 2014. Exploring the effects of organizational justice personal ethics and sanction on internet use policy compliance. Information Systems Journal 24 6 (2014) 479\u2013502.","DOI":"10.1111\/isj.12037"},{"key":"e_1_3_3_3_92_2","doi-asserted-by":"crossref","unstructured":"Rachid\u00a0Ait Maalem\u00a0Lahcen Bruce Caulkins Ram Mohapatra and Manish Kumar. 2020. Review and insight on the behavioral aspects of cybersecurity. Cybersecurity 3 (2020) 1\u201318.","DOI":"10.1186\/s42400-020-00050-w"},{"key":"e_1_3_3_3_93_2","doi-asserted-by":"crossref","unstructured":"Philip Menard Gregory\u00a0J Bott and Robert\u00a0E Crossler. 2017. User motivations in protecting information security: Protection motivation theory versus self-determination theory. Journal of Management Information Systems 34 4 (2017) 1203\u20131230.","DOI":"10.1080\/07421222.2017.1394083"},{"key":"e_1_3_3_3_94_2","doi-asserted-by":"publisher","DOI":"10.1145\/3617072.3617099"},{"key":"e_1_3_3_3_95_2","doi-asserted-by":"crossref","unstructured":"John\u00a0P Meyer Natalie\u00a0J Allen and Catherine\u00a0A Smith. 1993. Commitment to organizations and occupations: Extension and test of a three-component conceptualization. Journal of applied psychology 78 4 (1993) 538.","DOI":"10.1037\/\/0021-9010.78.4.538"},{"key":"e_1_3_3_3_96_2","doi-asserted-by":"crossref","unstructured":"Marianne Miserandino. 1996. Children who do well in school: Individual differences in perceived competence and autonomy in above-average children. Journal of educational psychology 88 2 (1996) 203.","DOI":"10.1037\/\/0022-0663.88.2.203"},{"key":"e_1_3_3_3_97_2","doi-asserted-by":"crossref","unstructured":"David Moher Alessandro Liberati Jennifer Tetzlaff Douglas\u00a0G Altman Prisma Group et\u00a0al. 2010. Preferred reporting items for systematic reviews and meta-analyses: the PRISMA statement. International journal of surgery 8 5 (2010) 336\u2013341.","DOI":"10.1016\/j.ijsu.2010.02.007"},{"key":"e_1_3_3_3_98_2","doi-asserted-by":"crossref","unstructured":"Gregory\u00a0D Moody Mikko Siponen and Seppo Pahnila. 2018. Toward a unified model of information security policy compliance. MIS quarterly 42 1 (2018) 285\u2013A22.","DOI":"10.25300\/MISQ\/2018\/13853"},{"key":"e_1_3_3_3_99_2","doi-asserted-by":"crossref","unstructured":"Frederick\u00a0P Morgeson and Stephen\u00a0E Humphrey. 2006. The Work Design Questionnaire (WDQ): developing and validating a comprehensive measure for assessing job design and the nature of work. Journal of applied psychology 91 6 (2006) 1321.","DOI":"10.1037\/0021-9010.91.6.1321"},{"key":"e_1_3_3_3_100_2","doi-asserted-by":"publisher","DOI":"10.1145\/3313831.3376791"},{"key":"e_1_3_3_3_101_2","doi-asserted-by":"publisher","DOI":"10.1145\/3290605.3300370"},{"key":"e_1_3_3_3_102_2","doi-asserted-by":"crossref","unstructured":"Jeanne Nakamura Mihaly Csikszentmihalyi et\u00a0al. 2009. Flow theory and research. Handbook of positive psychology 195 (2009) 206.","DOI":"10.1093\/oxfordhb\/9780195187243.013.0018"},{"key":"e_1_3_3_3_103_2","doi-asserted-by":"publisher","unstructured":"Jakub\u00a0\u0160t\u011bp\u00e1n Nov\u00e1k Jan Masner Petr Benda Pavel \u0160imek and Vojt\u011bch Merunka. 2024. Eye Tracking Usability and User Experience: A Systematic Review. International Journal of Human\u2013Computer Interaction 40 17 (Sept. 2024) 4484\u20134500. 10.1080\/10447318.2023.2221600","DOI":"10.1080\/10447318.2023.2221600"},{"key":"e_1_3_3_3_104_2","doi-asserted-by":"crossref","unstructured":"Obi Ogbanufe and Ling Ge. 2023. A comparative evaluation of behavioral security motives: Protection intrinsic and identity motivations. Computers & Security 128 (2023) 103136.","DOI":"10.1016\/j.cose.2023.103136"},{"key":"e_1_3_3_3_105_2","unstructured":"Obi Ogbanufe Russell Torres and Katia Guerra. 2023. BYOA and Security: Examining Perspective-Taking and Self-Determination. Journal of Computer Information Systems 2023 (2023) 1\u201317."},{"key":"e_1_3_3_3_106_2","doi-asserted-by":"crossref","unstructured":"Keshnee Padayachee. 2012. Taxonomy of compliant information security behavior. Computers & Security 31 5 (2012) 673\u2013680.","DOI":"10.1016\/j.cose.2012.04.004"},{"key":"e_1_3_3_3_107_2","doi-asserted-by":"publisher","DOI":"10.24251\/HICSS.2018.595"},{"key":"e_1_3_3_3_108_2","doi-asserted-by":"crossref","unstructured":"Douglas\u00a0D Perkins and Marc\u00a0A Zimmerman. 1995. Empowerment theory research and application. American journal of community psychology 23 (1995) 569\u2013579.","DOI":"10.1007\/BF02506982"},{"key":"e_1_3_3_3_109_2","first-page":"233","volume-title":"Roode Workshop on IS Security Research","author":"Posey Clay","year":"2010","unstructured":"Clay Posey, Tom Roberts, Paul\u00a0Benjamin Lowry, Becky Bennett, and James Courtney. 2010. Insiders\u2019 Protection of Organizational Information Assets: A Multidimensional Scaling Study of Protection-Motivated Behaviors. In Roode Workshop on IS Security Research. SSRN, Boston, MA, USA, 233\u2013277."},{"key":"e_1_3_3_3_110_2","first-page":"1","volume-title":"The Dewald Roode workshop in information systems security","author":"Posey Clay","year":"2011","unstructured":"Clay Posey, Tom Roberts, Paul\u00a0Benjamin Lowry, James Courtney, and Becky Bennett. 2011. Motivating the insider to protect organizational information assets: Evidence from protection motivation theory and rival explanations. In The Dewald Roode workshop in information systems security. SSRN, Kennesaw, GA, 1\u201351."},{"key":"e_1_3_3_3_111_2","doi-asserted-by":"crossref","unstructured":"Clay Posey Tom\u00a0L Roberts and Paul\u00a0Benjamin Lowry. 2015. The impact of organizational commitment on insiders\u2019 motivation to protect organizational information assets. Journal of Management Information Systems 32 4 (2015) 179\u2013214.","DOI":"10.1080\/07421222.2015.1138374"},{"key":"e_1_3_3_3_112_2","doi-asserted-by":"crossref","unstructured":"Clay Posey Tom\u00a0L Roberts Paul\u00a0Benjamin Lowry Rebecca\u00a0J Bennett and James\u00a0F Courtney. 2013. Insiders\u2019 protection of organizational information assets: Development of a systematics-based taxonomy and theory of diversity for protection-motivated behaviors. Mis Quarterly 37 4 (2013) 1189\u20131210.","DOI":"10.25300\/MISQ\/2013\/37.4.09"},{"key":"e_1_3_3_3_113_2","first-page":"367","volume-title":"Taking stock: The status of criminological theory","author":"Pratt Travis\u00a0C","year":"2006","unstructured":"Travis\u00a0C Pratt, Francis\u00a0T Cullen, Kristie\u00a0R Blevins, Leah\u00a0E Daigle, and Tamara\u00a0D Madensen. 2006. The empirical status of deterrence theory: A meta-analysis. In Taking stock: The status of criminological theory. Transaction Publishers, New Jersey, USA, 367\u2013395."},{"key":"e_1_3_3_3_114_2","unstructured":"Johnmarshall Reeve Edward\u00a0L Deci and Richard\u00a0M Ryan. 2004. Self-determination theory: a dialectical framework for understanding sociocultural influences on student. Big theories revisited 4 (2004) 31."},{"key":"e_1_3_3_3_115_2","doi-asserted-by":"crossref","unstructured":"Ronald\u00a0W Rogers. 1975. A protection motivation theory of fear appeals and attitude change1. The journal of psychology 91 1 (1975) 93\u2013114.","DOI":"10.1080\/00223980.1975.9915803"},{"key":"e_1_3_3_3_116_2","doi-asserted-by":"crossref","unstructured":"Benjamin\u00a0D Rosenberg and Jason\u00a0T Siegel. 2018. A 50-year review of psychological reactance theory: Do not read this article. Motivation Science 4 4 (2018) 281.","DOI":"10.1037\/mot0000091"},{"key":"e_1_3_3_3_117_2","doi-asserted-by":"publisher","DOI":"10.1521\/978.14625\/28806"},{"key":"e_1_3_3_3_118_2","doi-asserted-by":"crossref","unstructured":"Richard\u00a0M Ryan and Edward\u00a0L Deci. 2000. Intrinsic and extrinsic motivations: Classic definitions and new directions. Contemporary educational psychology 25 1 (2000) 54\u201367.","DOI":"10.1006\/ceps.1999.1020"},{"key":"e_1_3_3_3_119_2","doi-asserted-by":"crossref","unstructured":"Richard\u00a0M Ryan and Edward\u00a0L Deci. 2020. Intrinsic and extrinsic motivation from a self-determination theory perspective: Definitions theory practices and future directions. Contemporary educational psychology 61 (2020) 101860.","DOI":"10.1016\/j.cedpsych.2020.101860"},{"key":"e_1_3_3_3_120_2","unstructured":"Richard\u00a0M Ryan Edward\u00a0L Deci et\u00a0al. 2002. Overview of self-determination theory: An organismic dialectical perspective. Handbook of self-determination research 2 3-33 (2002) 36."},{"key":"e_1_3_3_3_121_2","doi-asserted-by":"crossref","unstructured":"Nader\u00a0Sohrabi Safa and Rossouw Von\u00a0Solms. 2016. An information security knowledge sharing model in organizations. Computers in Human Behavior 57 (2016) 442\u2013451.","DOI":"10.1016\/j.chb.2015.12.037"},{"key":"e_1_3_3_3_122_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-031-25460-414"},{"key":"e_1_3_3_3_123_2","doi-asserted-by":"publisher","DOI":"10.1145\/3025453.3025926"},{"key":"e_1_3_3_3_124_2","doi-asserted-by":"publisher","DOI":"10.1145\/3688459.3688460"},{"key":"e_1_3_3_3_125_2","doi-asserted-by":"publisher","DOI":"10.1201\/9781315155890-3"},{"key":"e_1_3_3_3_126_2","doi-asserted-by":"crossref","unstructured":"Dale\u00a0H Schunk and Maria\u00a0K DiBenedetto. 2020. Motivation and social cognitive theory. Contemporary educational psychology 60 (2020) 101832.","DOI":"10.1016\/j.cedpsych.2019.101832"},{"key":"e_1_3_3_3_127_2","doi-asserted-by":"crossref","unstructured":"Scott\u00a0E Seibert Gang Wang and Stephen\u00a0H Courtright. 2011. Antecedents and consequences of psychological and team empowerment in organizations: a meta-analytic review. Journal of applied psychology 96 5 (2011) 981.","DOI":"10.1037\/a0022676"},{"key":"e_1_3_3_3_128_2","doi-asserted-by":"crossref","unstructured":"Ahmad\u00a0Bakhtiyari Shahri Zuraini Ismail and Shahram Mohanna. 2016. The impact of the security competency on \u201cself-efficacy in information security\u201d for effective health information security in Iran. Journal of medical systems 40 (2016) 1\u20139.","DOI":"10.1007\/s10916-016-0591-5"},{"key":"e_1_3_3_3_129_2","doi-asserted-by":"crossref","unstructured":"Susan\u00a0P Shapiro. 2005. Agency theory. Annu. Rev. Sociol. 31 1 (2005) 263\u2013284.","DOI":"10.1146\/annurev.soc.31.041304.122159"},{"key":"e_1_3_3_3_130_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-59291-2_8"},{"key":"e_1_3_3_3_131_2","doi-asserted-by":"crossref","unstructured":"Mario Silic and Paul\u00a0Benjamin Lowry. 2020. Using design-science based gamification to improve organizational security training and compliance. Journal of management information systems 37 1 (2020) 129\u2013161.","DOI":"10.1080\/07421222.2019.1705512"},{"key":"e_1_3_3_3_132_2","doi-asserted-by":"crossref","unstructured":"Gavin\u00a0R Slemp Mark\u00a0A Lee and Lara\u00a0H Mossman. 2021. Interventions to support autonomy competence and relatedness needs in organizations: A systematic review with recommendations for research and practice. Journal of Occupational and Organizational Psychology 94 2 (2021) 427\u2013457.","DOI":"10.1111\/joop.12338"},{"key":"e_1_3_3_3_133_2","doi-asserted-by":"crossref","unstructured":"Teodor Sommestad Henrik Karlz\u00e9n and Jonas Hallberg. 2019. The theory of planned behavior and information security policy compliance. Journal of Computer Information Systems 59:4 (2019) 344\u2013353.","DOI":"10.1080\/08874417.2017.1368421"},{"key":"e_1_3_3_3_134_2","doi-asserted-by":"crossref","unstructured":"Jai-Yeol Son. 2011. Out of fear or desire? Toward a better understanding of employees\u2019 motivation to follow IS security policies. Information & Management 48 7 (2011) 296\u2013302.","DOI":"10.1016\/j.im.2011.07.002"},{"key":"e_1_3_3_3_135_2","doi-asserted-by":"crossref","unstructured":"Paul\u00a0E Spector. 1982. Behavior in organizations as a function of employee\u2019s locus of control. Psychological bulletin 91 3 (1982) 482.","DOI":"10.1037\/\/0033-2909.91.3.482"},{"key":"e_1_3_3_3_136_2","doi-asserted-by":"crossref","unstructured":"Gretchen\u00a0M Spreitzer. 1995. Psychological empowerment in the workplace: Dimensions measurement and validation. Academy of management Journal 38 5 (1995) 1442\u20131465.","DOI":"10.2307\/256865"},{"key":"e_1_3_3_3_137_2","doi-asserted-by":"crossref","unstructured":"Jeffrey\u00a0M Stanton Kathryn\u00a0R Stam Paul Mastrangelo and Jeffrey Jolton. 2005. Analysis of end user security behaviors. Computers & security 24 2 (2005) 124\u2013133.","DOI":"10.1016\/j.cose.2004.07.001"},{"key":"e_1_3_3_3_138_2","doi-asserted-by":"crossref","unstructured":"Dan\u00a0N Stone Edward\u00a0L Deci and Richard\u00a0M Ryan. 2009. Beyond talk: Creating autonomous motivation through self-determination theory. Journal of general management 34 3 (2009) 75\u201391.","DOI":"10.1177\/030630700903400305"},{"key":"e_1_3_3_3_139_2","doi-asserted-by":"crossref","unstructured":"Noor\u00a0Suhani Sulaiman Muhammad\u00a0Ashraf Fauzi Walton Wider Jegatheesan Rajadurai Suhaidah Hussain and Siti\u00a0Aminah Harun. 2022. Cyber\u2013information security compliance and violation behaviour in organisations: A systematic review. Social Sciences 11 9 (2022) 386.","DOI":"10.3390\/socsci11090386"},{"key":"e_1_3_3_3_140_2","doi-asserted-by":"crossref","unstructured":"Robert\u00a0I Sutton and Barry\u00a0M Staw. 1995. What theory is not. Administrative science quarterly 40:3 (1995) 371\u2013384.","DOI":"10.2307\/2393788"},{"key":"e_1_3_3_3_141_2","doi-asserted-by":"crossref","unstructured":"Maja Tadi\u0107\u00a0Vuj\u010di\u0107 Wido\u00a0GM Oerlemans and Arnold\u00a0B Bakker. 2017. How challenging was your work today? The role of autonomous work motivation. European Journal of Work and Organizational Psychology 26 1 (2017) 81\u201393.","DOI":"10.1080\/1359432X.2016.1208653"},{"key":"e_1_3_3_3_142_2","doi-asserted-by":"publisher","DOI":"10.1145\/3411764.3445768"},{"key":"e_1_3_3_3_143_2","first-page":"1","volume-title":"Thirty Sixth International Conference of Information Systems,","author":"Talib Yurita\u00a0Abdul","year":"2015","unstructured":"Yurita\u00a0Abdul Talib and Gurpreet Dhillon. 2015. Employee ISP compliance intentions: an empirical test of empowerment. In Thirty Sixth International Conference of Information Systems,. Association for Information Systems, Fort Worth, USA, 1\u201319."},{"key":"e_1_3_3_3_144_2","doi-asserted-by":"crossref","unstructured":"Gurvirender\u00a0PS Tejay and Zareef\u00a0A Mohammed. 2023. Cultivating security culture for information security success: A mixed-methods study based on anthropological perspective. Information & Management 60 3 (2023) 103751.","DOI":"10.1016\/j.im.2022.103751"},{"key":"e_1_3_3_3_145_2","doi-asserted-by":"crossref","unstructured":"Kenneth\u00a0W Thomas and Betty\u00a0A Velthouse. 1990. Cognitive elements of empowerment: An \u201cinterpretive\u201d model of intrinsic task motivation. Academy of management review 15 4 (1990) 666\u2013681.","DOI":"10.5465\/amr.1990.4310926"},{"key":"e_1_3_3_3_146_2","doi-asserted-by":"publisher","DOI":"10.1145\/3313831.3376723"},{"key":"e_1_3_3_3_147_2","unstructured":"Daniel Udo-Akang. 2012. Theoretical constructs concepts and applications. American International Journal of Contemporary Research 2 9 (2012) 89\u201397."},{"key":"e_1_3_3_3_148_2","unstructured":"O Van\u00a0den Akker GJY Peters C Bakker R Carlsson NA Coles KS Corker G Feldman DT Mellor D Moreau T Nordstr\u00f6m et\u00a0al. 2020. Generalized systematic review registration form."},{"key":"e_1_3_3_3_149_2","doi-asserted-by":"crossref","unstructured":"Ali Vedadi Merrill Warkentin Detmar\u00a0W Straub and Jordan Shropshire. 2024. Fostering information security compliance as organizational citizenship behavior. Information & Management 61 5 (2024) 103968.","DOI":"10.1016\/j.im.2024.103968"},{"key":"e_1_3_3_3_150_2","doi-asserted-by":"publisher","unstructured":"Antje\u00a0C. Venjakob and Claudia\u00a0R. Mello-Thoms. 2015. Review of prospects and challenges of eye tracking in volumetric imaging. Journal of Medical Imaging 3 1 (Sept. 2015) 011002. 10.1117\/1.JMI.3.1.011002 Publisher: SPIE.","DOI":"10.1117\/1.JMI.3.1.011002"},{"key":"e_1_3_3_3_151_2","first-page":"623","volume-title":"Twentieth Symposium on Usable Privacy and Security (SOUPS 2024)","author":"Preuschen Alexandra von","year":"2024","unstructured":"Alexandra von Preuschen, Monika\u00a0C Schuhmacher, and Verena Zimmermann. 2024. Beyond fear and frustration-towards a holistic understanding of emotions in cybersecurity. In Twentieth Symposium on Usable Privacy and Security (SOUPS 2024). USENIX Association, Philadephia, USA, 623\u2013642."},{"key":"e_1_3_3_3_152_2","first-page":"1","volume-title":"38th International Conference on Information Systems: Transforming Society with Digital Innovation, ICIS 2017: Transforming Society with Digital Innovation","author":"Welck Maximilian von","year":"2017","unstructured":"Maximilian von Welck, Manuel Trenz, Tina\u00a0Blegind Jensen, and Daniel Veit. 2017. Empowerment and BYOx: Towards Improved IS Security Compliance. In 38th International Conference on Information Systems: Transforming Society with Digital Innovation, ICIS 2017: Transforming Society with Digital Innovation. Association for Information Systems, Atlanta, GA, USA, 1\u201311."},{"key":"e_1_3_3_3_153_2","doi-asserted-by":"crossref","unstructured":"Joan\u00a0IJ Wagner Greta Cummings Donna\u00a0L Smith Joanne Olson Lynn Anderson and Sharon Warren. 2010. The relationship between structural empowerment and psychological empowerment for nurses: a systematic review. Journal of nursing management 18 4 (2010) 448\u2013462.","DOI":"10.1111\/j.1365-2834.2010.01088.x"},{"key":"e_1_3_3_3_154_2","doi-asserted-by":"publisher","DOI":"10.1145\/3613904.3642837"},{"key":"e_1_3_3_3_155_2","doi-asserted-by":"crossref","unstructured":"Jeffrey\u00a0D Wall Prashant Palvia and Paul\u00a0Benjamin Lowry. 2013. Control-related motivations and information security policy compliance: The role of autonomy and efficacy. Journal of Information Privacy and Security 9 4 (2013) 52\u201379.","DOI":"10.1080\/15536548.2013.10845690"},{"key":"e_1_3_3_3_156_2","doi-asserted-by":"publisher","DOI":"10.1145\/3290605.3300338"},{"key":"e_1_3_3_3_157_2","series-title":"(SSYM\u201999)","first-page":"14","volume-title":"Proceedings of the 8th Conference on USENIX Security Symposium - Volume 8","author":"Whitten Alma","year":"1999","unstructured":"Alma Whitten and J.\u00a0D. Tygar. 1999. Why Johnny can\u2019t encrypt: a usability evaluation of PGP 5.0. In Proceedings of the 8th Conference on USENIX Security Symposium - Volume 8 (Washington, D.C.) (SSYM\u201999). USENIX Association, USA, 14."},{"key":"e_1_3_3_3_158_2","doi-asserted-by":"crossref","unstructured":"Allan Wigfield and Jacquelynne\u00a0S Eccles. 2000. Expectancy\u2013value theory of achievement motivation. Contemporary educational psychology 25 1 (2000) 68\u201381.","DOI":"10.1006\/ceps.1999.1015"},{"key":"e_1_3_3_3_159_2","doi-asserted-by":"crossref","unstructured":"Robert Willison and Merrill Warkentin. 2013. Beyond deterrence: An expanded view of employee computer abuse. MIS quarterly 37 1 (2013) 1\u201320.","DOI":"10.25300\/MISQ\/2013\/37.1.01"},{"key":"e_1_3_3_3_160_2","doi-asserted-by":"publisher","unstructured":"Michael Workman William\u00a0H. Bommer and Detmar Straub. 2008. Security lapses and the omission of information security measures: A threat control model and empirical test. Comput. Hum. Behav. 24 6 (Sept. 2008) 2799\u20132816. 10.1016\/j.chb.2008.04.005","DOI":"10.1016\/j.chb.2008.04.005"},{"key":"e_1_3_3_3_161_2","unstructured":"Ning Yang Tripti Singh and Allen Johnston. 2020. A Replication Study of User Motivation in Protecting Information Security using Protection Motivation Theory and Self Determination Theory. AIS Transactions on Replication Research 6 1 (2020) 10."},{"key":"e_1_3_3_3_162_2","doi-asserted-by":"publisher","unstructured":"Verena Zimmermann Lorin Sch\u00f6ni Thierry Schaltegger Benjamin Ambuehl Melanie Knieps and Nico Ebert. 2024. Human-Centered Cybersecurity Revisited: From Enemies to Partners. Commun. ACM 67 11 (Oct. 2024) 72\u201381. 10.1145\/3665665","DOI":"10.1145\/3665665"},{"key":"e_1_3_3_3_163_2","doi-asserted-by":"crossref","unstructured":"Yixin Zou Khue Le Peter Mayer Alessandro Acquisti Adam\u00a0J Aviv and Florian Schaub. April 2024. Encouraging Users to Change Breached Passwords Using the Protection Motivation Theory. ACM Transactions on Computer-Human Interaction 1 1 (April 2024) 1\u201345.","DOI":"10.1145\/3689432"},{"key":"e_1_3_3_3_164_2","doi-asserted-by":"publisher","DOI":"10.1145\/304851.304859"}],"event":{"name":"CHI 2025: CHI Conference on Human Factors in Computing Systems","location":"Yokohama Japan","acronym":"CHI '25","sponsor":["SIGCHI ACM Special Interest Group on Computer-Human Interaction"]},"container-title":["Proceedings of the 2025 CHI Conference on Human Factors in Computing Systems"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3706598.3713122","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3706598.3713122","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,7,4]],"date-time":"2025-07-04T05:15:14Z","timestamp":1751606114000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3706598.3713122"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,4,25]]},"references-count":163,"alternative-id":["10.1145\/3706598.3713122","10.1145\/3706598"],"URL":"https:\/\/doi.org\/10.1145\/3706598.3713122","relation":{},"subject":[],"published":{"date-parts":[[2025,4,25]]},"assertion":[{"value":"2025-04-25","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}