{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,6,10]],"date-time":"2026-06-10T15:38:32Z","timestamp":1781105912801,"version":"3.54.1"},"reference-count":67,"publisher":"IGI Global Scientific Publishing","issue":"3","content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2014,7,1]]},"abstract":"<p>Information security is often viewed as a technological matter. However, security professionals will readily admit that without safe practices by users, no amount or type of technology will be effective at preventing unauthorized intrusions. By paralleling the practices of information security and health prevention, a rationale for employing constructs from existing models of health behavior is established. A comprehensive and parsimonious model (the Security Belief Model) is developed to explain information security behavior intentions. The model is tested empirically based on a sample of 237 Indian professionals. The results of the empirical study indicate general support for the model, particularly including severity, susceptibility, benefits, and a cue to action as antecedents to the intention to perform preventive information security behaviors. The paper also discusses implications of the model and results for practitioners and possibilities for future research are included.<\/p>","DOI":"10.4018\/joeuc.2014070102","type":"journal-article","created":{"date-parts":[[2014,10,10]],"date-time":"2014-10-10T14:51:06Z","timestamp":1412952666000},"page":"23-46","source":"Crossref","is-referenced-by-count":19,"title":["Explaining Users' Security Behaviors with the Security Belief Model"],"prefix":"10.4018","volume":"26","author":[{"given":"Clay K.","family":"Williams","sequence":"first","affiliation":[{"name":"Southern Illinois University Edwardsville, Edwardsville, IL, USA"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Donald","family":"Wynn","sequence":"additional","affiliation":[{"name":"University of Dayton, Dayton, OH, USA"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Ramana","family":"Madupalli","sequence":"additional","affiliation":[{"name":"Southern Illinois University Edwardsville, Edwardsville, IL, USA"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Elena","family":"Karahanna","sequence":"additional","affiliation":[{"name":"Terry College of Business, University of Georgia, Athens, GA, USA"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Barbara K.","family":"Duncan","sequence":"additional","affiliation":[{"name":"Southern Illinois University Edwardsville, Edwardsville, IL, USA"}],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"2432","reference":[{"issue":"3","key":"joeuc.2014070102-0","doi-asserted-by":"crossref","first-page":"613","DOI":"10.2307\/25750694","article-title":"Practicing Safe Computing: A Multimethod Empirical Examination of Home Computer User Security Behavioral Intentions.","volume":"34","author":"C.Anderson","year":"2010","journal-title":"Management Information Systems Quarterly"},{"key":"joeuc.2014070102-1","doi-asserted-by":"publisher","DOI":"10.2307\/3150783"},{"key":"joeuc.2014070102-2","author":"A.Bandura","year":"1977","journal-title":"Social Learning Theory"},{"issue":"3","key":"joeuc.2014070102-3","doi-asserted-by":"crossref","first-page":"523","DOI":"10.2307\/25750690","article-title":"Information Security Policy Compliance: An Empirical Study of Rationality-Based Beliefs and Information Security Awareness.","volume":"34","author":"B.Bulgurcu","year":"2010","journal-title":"Management Information Systems Quarterly"},{"issue":"3","key":"joeuc.2014070102-4","doi-asserted-by":"crossref","first-page":"431","DOI":"10.3233\/JCS-2003-11308","article-title":"The Economic Cost of Publicly Announced Information Security Breaches: Empirical Evidence from the Stock Market.","volume":"11","author":"K.Campbell","year":"2003","journal-title":"Journal of Computer Security"},{"issue":"4","key":"joeuc.2014070102-5","doi-asserted-by":"crossref","first-page":"689","DOI":"10.2307\/20650323","article-title":"Interpretation of Formative Measurement in Information Systems Research.","volume":"33","author":"R. T.Cenfetelli","year":"2009","journal-title":"Management Information Systems Quarterly"},{"key":"joeuc.2014070102-6","doi-asserted-by":"publisher","DOI":"10.1097\/00012272-198404000-00011"},{"key":"joeuc.2014070102-7","first-page":"45","article-title":"The Health Belief Model","author":"V. L.Champion","year":"2008","journal-title":"Health Behavior and Health Education: Theory, Research, and Practice"},{"issue":"3","key":"joeuc.2014070102-8","doi-asserted-by":"crossref","first-page":"18","DOI":"10.1080\/15536548.2005.10855772","article-title":"Perceptions of Information Security in the Workplace: Linking Information Security Climate to Compliant Behavior.","volume":"1","author":"M.Chan","year":"2005","journal-title":"Journal of Information Privacy and Security"},{"key":"joeuc.2014070102-9","unstructured":"Chenoweth, T., Minch, R., & Gattiker, T. (2009). Application of Protection Motivation Theory to Adoption of Protective Technologies. Paper presented at the 42nd Hawaii International Conference on System Sciences, Waikaloa, Hawaii."},{"key":"joeuc.2014070102-10","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-32827-8_29"},{"key":"joeuc.2014070102-11","doi-asserted-by":"publisher","DOI":"10.2307\/249688"},{"key":"joeuc.2014070102-12","doi-asserted-by":"publisher","DOI":"10.1287\/isre.1070.0160"},{"key":"joeuc.2014070102-13","doi-asserted-by":"publisher","DOI":"10.2307\/249008"},{"key":"joeuc.2014070102-14","doi-asserted-by":"publisher","DOI":"10.1287\/mnsc.35.8.982"},{"key":"joeuc.2014070102-15","doi-asserted-by":"publisher","DOI":"10.1109\/TEM.2003.822468"},{"key":"joeuc.2014070102-16","doi-asserted-by":"publisher","DOI":"10.1016\/S0378-7206(98)00101-3"},{"key":"joeuc.2014070102-17","doi-asserted-by":"publisher","DOI":"10.3758\/BF03193146"},{"key":"joeuc.2014070102-18","doi-asserted-by":"publisher","DOI":"10.2307\/3151718"},{"key":"joeuc.2014070102-19","doi-asserted-by":"publisher","DOI":"10.2307\/3151312"},{"issue":"2","key":"joeuc.2014070102-20","doi-asserted-by":"crossref","first-page":"iii","DOI":"10.2307\/23044042","article-title":"An Update and Extension to SEM Guidelines for Administrative and Social Science Research.","volume":"35","author":"D.Gefen","year":"2011","journal-title":"Management Information Systems Quarterly"},{"issue":"5","key":"joeuc.2014070102-21","first-page":"91","article-title":"A Practical Guide to Factorial Validity Using PLS-Graph: Tutorial and Annotated Example.","volume":"16","author":"D.Gefen","year":"2005","journal-title":"Communications of the Association for Information Systems"},{"key":"joeuc.2014070102-22","doi-asserted-by":"crossref","unstructured":"Gefen, D., Straub, D. W., & Boudreau, M.-C. (2000). Structural Equation Modeling and Regression: Guidelines for Research Practice. Communications of the AIS, 4.","DOI":"10.17705\/1CAIS.00407"},{"key":"joeuc.2014070102-23","doi-asserted-by":"publisher","DOI":"10.2307\/249689"},{"key":"joeuc.2014070102-24","doi-asserted-by":"publisher","DOI":"10.1108\/09685220910978112"},{"key":"joeuc.2014070102-25","doi-asserted-by":"publisher","DOI":"10.1057\/ejis.2009.6"},{"key":"joeuc.2014070102-26","doi-asserted-by":"publisher","DOI":"10.1177\/109019818401100101"},{"key":"joeuc.2014070102-27","first-page":"45","article-title":"The Health Belief Model","author":"N. K.Janz","year":"2002","journal-title":"Health behavior and health education: Theory, research, and practice"},{"key":"joeuc.2014070102-28","doi-asserted-by":"publisher","DOI":"10.1086\/376806"},{"issue":"2","key":"joeuc.2014070102-29","first-page":"1","article-title":"Fear Appeals and Information Security Behaviors: An Empirical Study.","volume":"34","author":"A. C.Johnston","year":"2010","journal-title":"Management Information Systems Quarterly"},{"key":"joeuc.2014070102-30","doi-asserted-by":"publisher","DOI":"10.2307\/249751"},{"key":"joeuc.2014070102-31","doi-asserted-by":"publisher","DOI":"10.1057\/ejis.2009.11"},{"key":"joeuc.2014070102-32","doi-asserted-by":"publisher","DOI":"10.1057\/ejis.2009.11"},{"key":"joeuc.2014070102-33","author":"K.Lewin","year":"1935","journal-title":"A Dynamic Theory of Personality"},{"issue":"1","key":"joeuc.2014070102-34","doi-asserted-by":"crossref","first-page":"71","DOI":"10.2307\/20650279","article-title":"Avoidance of Information Technology Threats: A Theoretical Perspective.","volume":"33","author":"H.Liang","year":"2009","journal-title":"Management Information Systems Quarterly"},{"issue":"7","key":"joeuc.2014070102-35","doi-asserted-by":"crossref","first-page":"394","DOI":"10.17705\/1jais.00232","article-title":"Understanding Security Behaviors in Personal Computer Usage: A Threat Avoidance Perspective.","volume":"11","author":"H.Liang","year":"2010","journal-title":"Journal of the Association for Information Systems"},{"key":"joeuc.2014070102-36","doi-asserted-by":"crossref","first-page":"336","DOI":"10.1177\/109019817400200404","article-title":"The health belief model: Origins and correlates in psychological theory.","volume":"2","author":"L. A.Maiman","year":"1974","journal-title":"Health Education Monographs"},{"key":"joeuc.2014070102-37","doi-asserted-by":"publisher","DOI":"10.1016\/j.dss.2008.11.010"},{"key":"joeuc.2014070102-38","author":"J. C.Nunnally","year":"1978","journal-title":"Psychometric Theory"},{"issue":"4","key":"joeuc.2014070102-39","doi-asserted-by":"crossref","first-page":"623","DOI":"10.2307\/25148814","article-title":"Specifying Formative Constructs in Information Systems Research.","volume":"31","author":"S.Petter","year":"2007","journal-title":"Management Information Systems Quarterly"},{"key":"joeuc.2014070102-40","doi-asserted-by":"publisher","DOI":"10.1037\/0021-9010.88.5.879"},{"key":"joeuc.2014070102-41","unstructured":"Porten, J. (2010, 8\/1\/2011). Mac virus onslaught in 2011? Not so fast. MacWorld, from http:\/\/www.macworld.com\/article\/156744\/2010\/12\/2011_viruses.html"},{"key":"joeuc.2014070102-42","doi-asserted-by":"publisher","DOI":"10.1093\/her\/1.3.153"},{"key":"joeuc.2014070102-43","doi-asserted-by":"publisher","DOI":"10.1037\/0022-006X.51.3.390"},{"issue":"4","key":"joeuc.2014070102-44","doi-asserted-by":"crossref","first-page":"757","DOI":"10.2307\/25750704","article-title":"Improving Employees' Compliance Through Information Sysytems Security Training: An Action Study.","volume":"34","author":"P.Puhakainen","year":"2010","journal-title":"Management Information Systems Quarterly"},{"key":"joeuc.2014070102-45","unstructured":"Ringle, C. M., Wende, S., & Will, A. (2005). SmartPLS, version 2.0 Beta. Hamburg, Germany: University of Hamburg; Retrieved from http:\/\/www.smartpls.de"},{"key":"joeuc.2014070102-46","doi-asserted-by":"publisher","DOI":"10.1145\/1592401.1592405"},{"key":"joeuc.2014070102-47","unstructured":"Rogers, E. M. (1995). Diffusion of Innovations (Fourth Edition ed.). New York: The Free Press."},{"key":"joeuc.2014070102-48","doi-asserted-by":"publisher","DOI":"10.2307\/3348967"},{"issue":"4","key":"joeuc.2014070102-49","doi-asserted-by":"crossref","first-page":"354","DOI":"10.1177\/109019817400200405","article-title":"The Health Belief Model and Preventive Health Behavior.","volume":"2","author":"I. M.Rosenstock","year":"1974","journal-title":"Health Education Monographs"},{"key":"joeuc.2014070102-50","doi-asserted-by":"publisher","DOI":"10.1177\/109019818801500203"},{"key":"joeuc.2014070102-51","doi-asserted-by":"publisher","DOI":"10.2307\/2392182"},{"key":"joeuc.2014070102-52","first-page":"23","article-title":"The Health Belief Model","author":"P.Sheeran","year":"1996","journal-title":"Predicting Health Behavior"},{"key":"joeuc.2014070102-53","doi-asserted-by":"publisher","DOI":"10.1109\/MC.2010.35"},{"issue":"3","key":"joeuc.2014070102-54","doi-asserted-by":"crossref","first-page":"487","DOI":"10.2307\/25750688","article-title":"Neutralization: New Insights into the Problem of Employee Information System Security Policy Violation.","volume":"34","author":"M.Siponen","year":"2010","journal-title":"Management Information Systems Quarterly"},{"key":"joeuc.2014070102-55","doi-asserted-by":"publisher","DOI":"10.1016\/j.im.2008.12.007"},{"key":"joeuc.2014070102-56","doi-asserted-by":"crossref","first-page":"291","DOI":"10.17705\/1CAIS.01415","article-title":"Spyware: The Ghost in the Machine.","volume":"14","author":"T. F.Stafford","year":"2004","journal-title":"Communications of the Association for Information Systems"},{"key":"joeuc.2014070102-57","doi-asserted-by":"publisher","DOI":"10.1287\/isre.1.3.255"},{"key":"joeuc.2014070102-58","first-page":"380","article-title":"Validation Guidelines for IS Positivist Research.","volume":"14","author":"D. W.Straub","year":"2004","journal-title":"Communications of the AIS"},{"key":"joeuc.2014070102-59","doi-asserted-by":"publisher","DOI":"10.2307\/249551"},{"key":"joeuc.2014070102-60","first-page":"71","article-title":"The health belief model and health behavior","author":"V. J.Strecher","year":"1997","journal-title":"Handbook of health behavior research 1: Personal and social determinants"},{"key":"joeuc.2014070102-61","doi-asserted-by":"publisher","DOI":"10.4018\/joeuc.2012010102"},{"key":"joeuc.2014070102-62","doi-asserted-by":"publisher","DOI":"10.1287\/mnsc.46.2.186.11926"},{"issue":"1","key":"joeuc.2014070102-63","doi-asserted-by":"crossref","first-page":"177","DOI":"10.2307\/20650284","article-title":"Using PLS Path Modeling for Assessing Hierarchical Construct Models: Guidelines and Empirical Illustration.","volume":"33","author":"M.Wetzels","year":"2009","journal-title":"Management Information Systems Quarterly"},{"key":"joeuc.2014070102-64","unstructured":"Whitehouse, S., Mikulsky, B., & Snowe, O. (2010). Cyber self-defense can help U.S. security (9\/3\/2010). CNN.com. Retrieved from http:\/\/articles.cnn.com\/2010-09-03\/opinion\/senators.cyber.security_1_cybersecurity-botnets-government-computer-networks"},{"key":"joeuc.2014070102-65","unstructured":"Woon, I., Tan, G.-W., & Low, R. (2005). A Protection Motivation Theory Approach to Home Wireless Security. Paper presented at the 26th International Conference on Information Systems, Las Vegas, NV."},{"key":"joeuc.2014070102-66","doi-asserted-by":"publisher","DOI":"10.1016\/j.chb.2008.04.005"}],"container-title":["Journal of Organizational and End User Computing"],"original-title":[],"language":"ng","link":[{"URL":"https:\/\/www.igi-global.com\/viewtitle.aspx?TitleId=116694","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,6,1]],"date-time":"2022-06-01T18:03:01Z","timestamp":1654106581000},"score":1,"resource":{"primary":{"URL":"https:\/\/services.igi-global.com\/resolvedoi\/resolve.aspx?doi=10.4018\/joeuc.2014070102"}},"subtitle":[""],"short-title":[],"issued":{"date-parts":[[2014,7,1]]},"references-count":67,"journal-issue":{"issue":"3","published-print":{"date-parts":[[2014,7]]}},"URL":"https:\/\/doi.org\/10.4018\/joeuc.2014070102","relation":{},"ISSN":["1546-2234","1546-5012"],"issn-type":[{"value":"1546-2234","type":"print"},{"value":"1546-5012","type":"electronic"}],"subject":[],"published":{"date-parts":[[2014,7,1]]}}}