References
- Ajzen, I. (1991). The theory of planned behavior. Organizational Behavior and Human Decision Processes, 50(2), 179-211. https://doi.org/10.1016/0749-5978(91)90020-T.
- Akter, S., Uddin, M. R., Sajib, S., Lee, W. J. T., Michael, K., and Hossain, M. A. (2022). Reconceptualizing cybersecurity awareness capability in the data-driven digital economy. Annals of Operations Research. https://doi.org/10.1007/s10479-022-04844-8.
- Alavizadeh, H., Jang-Jaccard, J., Enoch, S. Y., Al-Sahaf, H., Welch, I., Camtepe, S. A., and Kim, D. D. (2022). A Survey on Cyber Situation-Awareness Systems: Framework, Techniques, and Insights. ACM Computing Surveys, 55(5), 1-35. https://doi.org/10.1145/3530809.
- Aldawood, H., and Skinner, G. (2020). Evaluating contemporary digital awareness programs for future application within the cyber security social engineering domain. International Journal of Computer Applications, 177(31), 57-61. https://doi.org/10.5120/ijca2020919793
- Alfons, A., Ates, N. Y., and Groenen, P. J. F. (2022). A robust bootstrap test for mediation analysis. Organizational Research Methods, 25(3), 591-617. https://doi.org/10.1177/1094428121999096
- Alohali, M., Clarke, N., Li, F., and Furnell, S. (2018). Identifying and predicting the factors affecting end-users' risk-taking behavior. Information and Computer Security, 26(3), 306-326. https://doi.org/10.1108/ICS-03-2018-0037
- Al-Omari, A., El-Gayar, O., and Deokar, A. (2012). Information security policy compliance: The role of information security awareness. 18th Americas Conference on Information Systems 2012, AMCIS 2012, 2(January), 1633-1640.
- Alotaibi, M. (2017). A Model for Monitoring End-User Security Policy Compliance. Plymouth University.
- Alshare, K., Lane, P. L., and Lane, M. R. (2018). Information security policy compliance: A higher education case study. Information and Computer Security, 26(1), 91-108. https://doi.org/10.1108/ICS-09-2016-0073
- Altahat, S. M., and Atan, T. (2018). Role of healthy work environments in sustainability of goal achievement; ethical leadership, intention to sabotage, and psychological capital in Jordanian universities. Sustainability (Switzerland), 10(10). https://doi.org/10.3390/su10103559.
- Anye, E. (2019). Factors affecting employee intentions to comply with password policies.
- Aurigemma, S., and Mattson, T. (2014). Do it OR ELSE! exploring the effectiveness of deterrence on employee compliance with information security policies. In 20th Americas Conference on Information Systems, AMCIS 2014 (pp. 1-12).
- Aurigemma, S., and Mattson, T. (2017a). Deterrence and punishment experience impacts on ISP compliance attitudes. Information and Computer Security, 25(4), 421-436. https://doi.org/10.1108/ICS-11-2016-0089
- Aurigemma, S., and Mattson, T. (2017b). Privilege or procedure: Evaluating the effect of employee status on intent to comply with socially interactive information security threats and controls. Computers and Security, 66, 218-234. https://doi.org/10.1016/j.cose.2017.02.006
- Avey, J. B., Luthans, F., Smith, R. M., and Palmer, N. F. (2010). Impact of positive psychological capital on employee well-being over time. Journal of Occupational Health Psychology, 15, 17-28. https://doi.org/10.1037/a0016998
- Avey, J. B., Wernsing, T. S., and Luthans, F. (2008). Can positive employees help positive organizational change? Impact of psychological capital and emotions on relevant attitudes and behaviors. The journal of applied behavioral science, 44(1), 48-70. https://doi.org/10.1177/0021886307311470
- Bandura, D. (1977). Control Document Cont rolled Documt. November 1997.
- Bansal, G., Muzatko, S., and Shin, S. I. (2020). Information system security policy noncompliance: The role of situation-specific ethical orientation. Information Technology and People, 30(1), 1350-1917. https://doi.org/10.1108/ITP-03-2019-0109
- Beccaria. (1963). On crimes and punishments / trans. with an introduction, by Henry Paolucci. In Indianapolis, IN: Bobbs-Merrill. (Original work published 1764).
- Belanger, F., Collignon, S., Enget, K., and Negangard, E. (2017). Determinants of early conformance with information security policies. Information and Management, 54(7), 887-901. https://doi.org/10.1016/j.im.2017.01.003
- Bennett, R. J., and Robinson, S. L. (2000). Development of a measure of workplace deviance. Journal of Applied Psychology, 85(3), 349-360. https://doi.org/10.1037/0021-9010.85.3.349
- Bhaharin, S. H., Mokhtar, U. A., Sulaiman, R., and Yusof, M. M. (2019). Issues and trends in information security policy compliance. International Conference on Research and Innovation in Information Systems, ICRIIS, December-2. https://doi.org/10.1109/ICRIIS48246.2019.9073645
- Bhowmik, D., and Sahai, A. (2018). Optimism Promotes Organizational Commitment. The International Journal of Indian Psychology, 6(3), 35-50. https://doi.org/10.25215/0603.044.
- Boss, S. R., Galletta, D. F., Lowry, P. B., Moody, G. D., and Polak, P. (2015). What do systems users have to fear? Using fear appeals to engender threats and fear that motivate protective security behaviors. MIS Quarterly: Management Information Systems, 39(4), 837-864. https://doi.org/10.25300/MISQ/2015/39.4.5
- Bougaardt, G., and Kyobe, M. (2011). Investigating the factors inhibiting SMEs from recognizing and measuring losses from cyber crime in South Africa. The Electronic Journal Information Systems Evaluation, 14(2), 167-178.
- Boulhna, O. (2020). Applying psychological reactance theory to intercultural communication in the workplace: Dealing with technological change and tolerance for ambiguity. ProQuest Dissertations and Theses, 138. Retrieved from https://search.proquest.com/dissertations-theses/applying-psychological-reactance-theory/docview/2457967884/se-2?accountid=49069
- Boutilier, R. (2020). Personality differences in hope and optimism on consideration of future consequences and goal motivation. PsyArXiv Preprints, 2(September), 1-20. https://doi.org/10.13140/RG.2.2.30907.03365
- Bradley, K. T., and Westlund, N. K. (2017). Risk perceptions and health behavior Rebecca. J Neruosci Res, 95(6), 1336-1356. https://doi.org/10.1016/j.copsyc.2015.03.012.Risk
- Bulgurcu, B., Cavusoglu, H., and Benbasat, I. (2010). Information security policy compliance: An empirical study of rationality-based beliefs and information security awareness. MIS Quarterly, 34(3), 523-548. https://doi.org/10.2307/25750690
- Burns, A. J. (2021). Protecting organizational information assets: Exploring the influence of regulatory focus on rational choices. In Proceedings of the Annual Hawaii International Conference on System Sciences, 2020-Janua, (pp. 5228-5237). https://doi.org/10.24251/hicss.2021.637
- Burns, A. J., Johnson, M. E., and Caputo, D. D. (2019). Spear phishing in a barrel: Insights from a targeted phishing campaign. Journal of Organizational Computing and Electronic Commerce, 29(1), 24-39. https://doi.org/10.1080/10919392.2019.1552745
- Burns, A. J., Posey, C., Roberts, T. L., and Benjamin Lowry, P. (2017). Examining the relationship of organizational insiders' psychological capital with information security threat and coping appraisals. Computers in Human Behavior, 68, 190-209. https://doi.org/10.1016/j.chb.2016.11.018
- Burns, A. J., Roberts, T. L., Posey, C., Bennett, R. J., and Courtney, J. F. (2018). Intentions to Comply Versus Intentions to Protect: A VIE Theory Approach to Understanding the Influence of Insiders' Awareness of Organizational SETA Efforts. Decision Sciences, 49(6), 1187-1228. https://doi.org/10.1111/deci.12304.
- Burns, A. J., Roberts, T. L., Posey, C., Bennett, R. J., and Courtney, J. F. (2018). Intentions to comply versus intentions to protect: A VIE theory approach to understanding the influence of insiders' awareness of organizational SETA efforts. Decision Sciences, 49(6), 1187-1228. https://doi.org/10.1111/deci.12304
- Burns, S., and Roberts, L. (2013). Applying the theory of planned behaviour to predicting online safety behaviour. Crime Prevention and Community Safety, 15(1), 48-64. https://doi.org/10.1057/cpcs.2012.13
- Burns, T., and Roszkowska, E. (2016). Rational choice theory: Toward a psychological, social, and material contextualization of human choice behavior. Theoretical Economics Letters, 6(02), 195-207. https://doi.org/10.4236/tel.2016.62022
- Byrne, B. M. (2001). Structural equation modeling with AMOS, EQS, and LISREL: Comparative approaches to testing for the factorial validity of a measuring instrument. International Journal of Testing, 1(1), 55-86. https://doi.org/10.1207/s15327574ijt0101_4
- Cavus, M., and Gokcen, A. (2015). Psychological Capital: Definition, Components and Effects. British Journal of Education, Society and Behavioural Science, 5(3), 244-255. https://doi.org/10.9734/bjesbs/2015/12574
- Chen, L., Zhen, J., Dong, K., and Xie, Z. (2020). Effects of sanction on the mentality of information security policy compliance. Revista Argentina de Clinica Psicologica, 29(1), 39-49. https://doi.org/10.24205/03276716.2020.6
- Chen, X., Wu, D., Chen, L., and Teng, J. K. L. (2018). Sanction severity and employees' information security policy compliance: Investigating mediating, moderating, and control variables. Information and Management, 55(8), 1049-1060. https://doi.org/10.1016/j.im.2018.05.011
- Chin, W. W. (1998). The partial least squares approach to structural equation modelling. In G. A. Marcoulides (Ed.), Modern Methods for Business Research, 295(2), 295-336.
- Choi, M., Levy, Y., and Anat, H. (2013). The role of user computer self-efficacy, cybersecurity countermeasures awareness, and cybersecurity skills influence on computer misuse. In Proceedings of the Pre-International Conference of Information Systems (ICIS) SIGSEC - Workshop on Information Security and Privacy (WISP) 2013, December (pp. 1-19). Retrieved from https://www.researchgate.net/publication/318710121%0Ahttps://nsuworks.nova.edu/gscis_facpres/98
- Choi, Y., and Lee, D. (2014). Psychological capital, Big Five traits, and employee outcomes. Journal of Managerial Psychology, 29(2), 122-140. https://doi.org/10.1108/JMP-06-2012-0193
- Clubb, A. C., and Hinkle, J. C. (2015). Protection motivation theory as a theoretical framework for understanding the use of protective measures. Criminal Justice Studies, 28(3), 336-355. https://doi.org/10.1080/1478601X.2015.1050590
- Cronbach, L. J. (1951). Coefficient alpha and the internal structure of tests. Psychometrika, 16(3), 297-334. https://doi.org/10.1007/BF02310555
- Cross, C., and Kelly, M. (2016). The problem of 'white noise': Examining current prevention approaches to online fraud. Journal of Financial Crime, 23(4), 806-818. https://doi.org/10.1108/JFC-12-2015-0069
- D'Arcy, J., and Herath, T. (2011). A review and analysis of deterrence theory in the IS security literature: Making sense of the disparate findings. European Journal of Information Systems, 20(6), 643-658. https://doi.org/10.1057/ejis.2011.23
- D'Arcy, J., and Teh, P. L. (2019). Predicting employee information security policy compliance on a daily basis: The interplay of security-related stress, emotions, and neutralization. Information and Management, 56(7). https://doi.org/10.1016/j.im.2019.02.006.
- D'Arcy, J., and Lowry, P. B. (2019). Cognitive-affective drivers of employees' daily compliance with information security policies: A multilevel, longitudinal study. Information Systems Journal, 29(1), 43-69. https://doi.org/10.1111/isj.12173
- D'Arcy, J., Hovav, A., and Galletta, D. (2009). User awareness of security countermeasures and its impact on information systems misuse: A deterrence approach. Information Systems Research, 20(1), 79-98. https://doi.org/10.1287/isre.1070.0160
- Dhillon, G. (2001). Violation of safeguards by trusted personnel and understanding related information security concerns. Computers and Security, 20(2), 165-172. https://doi.org/10.1016/S0167-4048(01)00209-7
- Dora, M., and Azim, A. (2019). Organizational Justice and Workplace Deviance Behavior: Psychological Capital as Mediator. American International Journal of Humanities and Social Science, 5(2), 2415-1424. www.cgrd.org.
- Duong, B. (2022). Security counterproductive behaviors employees' security counterproductive. Louisiana Tech University.
- Evans, M., He, Y., Maglaras, L., and Janicke, H. (2019). HEART-IS: A novel technique for evaluating human error-related information security incidents. Computers and Security, 80(May 2018), 74-89. https://doi.org/10.1016/j.cose.2018.09.002
- Farshadkhah, S., Van Slyke, C., and Fuller, B. (2021). Onlooker effect and affective responses in information security violation mitigation. Computers and Security, 100, 102082. https://doi.org/10.1016/j.cose.2020.102082
- Ferrer, R. A., Klein, W. M. P., Avishai, A., Jones, K., Villegas, M., and Sheeran, P. (2018). When does risk perception predict protection motivation for health threats? A person-by-situation analysis. PLoS ONE, 13(3), 1-15. https://doi.org/10.1371/journal.pone.0191994.
- Fitzgerald, K. (2020). Walden University.
- Fornell, C., and Larcker, D. (1981). Evaluating structural equation models with unobservable variables and measurement error. Journal of Marketing Research., 18(1), 39-50. https://doi.org/10.1177/002224378101800104
- Frank, M., and Kohn, V. (2021). How to mitigate security-related stress: The role of psychological capital. In Proceedings of the Annual Hawaii International Conference on System Sciences, 2020-January (pp. 4538-4547). https://doi.org/10.24251/hicss.2021.550
- Garver, M.S and Mentzer, J.T (1999). Logistics research methods: employing structural equation modeling to test for construct validity. Journal of business logistics, 20(1), 33.
- Ghazvini, A., and Shukur, Z. (2016). Awareness training transfer and information security content development for healthcare industry. International Journal of Advanced Computer Science and Applications, 7(5), 361-370. https://doi.org/10.14569/ijacsa.2016.070549
- Goode, S., Lin, C., Tsai, J. C., and Jiang, J. J. (2015). Rethinking the role of security in client satisfaction with Software-as-a-Service (SaaS) providers. Decision Support Systems, 70, 73-85. https://doi.org/10.1016/j.dss.2014.12.005
- Guo, K. H., and Yuan, Y. (2012). Information & Management The effects of multilevel sanctions on information security violations : A mediating model. Information & Management, 49(6), 320-326. https://doi.org/10.1016/j.im.2012.08.001.
- Gurung, A., Luo, X., and Liao, Q. (2009). Consumer motivations in taking action against spyware: An empirical investigation. Information Management and Computer Security, 17(3), 276-289. https://doi.org/10.1108/09685220910978112
- Gwebu, K. L., Wang, J., and Hu, M. Y. (2020). Information security policy noncompliance: An integrative social influence model. Information Systems Journal, 30(2), 220-269. https://doi.org/10.1111/isj.12257
- Hadlington, L. (2017). Human factors in cybersecurity: Examining the link between Internet addiction, impulsivity, attitudes towards cybersecurity, and risky cybersecurity behaviours. Heliyon, June, e00346. https://doi.org/10.1016/j.heliyon.2017.e00346
- Hair, J. J. F., Hult, G. T. M., Ringle, C. M., and Sarstedt, M. (2014). A Primer on Partial Least Squares Structural Equation Modeling (PLS-SEM). Thousand Oaks, california: SAGE Publications. http://fortune.com/2016/06/20/employees-computer-security/
- Hanus, B., and Wu, Y. "Andy." (2016). Impact of users' security awareness on desktop security behavior: A protection motivation theory perspective. Information Systems Management, 33(1), 2-16. https://doi.org/10.1080/10580530.2015.1117842
- Hayes, A. F. (2009). Beyond Baron and Kenny: Statistical mediation analysis in the new millennium. Communication Monographs, 76(4), 408-420. https://doi.org/10.1080/03637750903310360
- Herath, T., and Rao, H. R. (2009). Protection motivation and deterrence: A framework for security policy compliance in organisations. European Journal of Information Systems, 18(2), 106-125. https://doi.org/10.1057/ejis.2009.6
- Higgins, G. E., and Lauterbach, C. (2004). Control balance theory and exploitation: an examination of contingencies. Criminal Justice Studies, 17(3), 291-310. https://doi.org/10.1080/1478601042000281123
- Hina, S., Panneer Selvam, D. D. D., and Lowry, P. B. (2019). Institutional governance and protection motivation: Theoretical insights into shaping employees' security compliance behavior in higher education institutions in the developing world. Computers and Security, 87, 101594. https://doi.org/10.1016/j.cose.2019.101594
- Hirtenlehner, H., and Schulz, S. (2021). Deterrence and the moral context: Is the impact of perceived sanction risk dependent on best friends' moral beliefs? Criminal Justice Review, 46(1), 53-79. https://doi.org/10.1177/0734016820949641
- Hone, K., and Eloff, J. H. P. (2002). Information security policy: What do international information security standards say? Computers and Security, 21(5), 402-409. https://doi.org/10.1016/S0167-4048(02)00504-7
- Hong, J. (2012). The state of phishing attacks. Communications of the ACM, 55(1), 74-81. https://doi.org/10.1145/2063176.2063197
- Hsu, J. S. C., Shih, S. P., Hung, Y. W., and Lowry, P. B. (2015). The role of extra-role behaviors and social controls in information security policy effectiveness. Information Systems Research, 26(2), 282-300. https://doi.org/10.1287/isre.2015.0569
- Hu, Q., Dinev, T., Hart, P., and Cooke, D. (2012). Managing Employee Compliance with Information Security Policies : The Critical Role of Top Management and Organizational Culture. Decis. Sci, 43, 615-660. https://doi.org/10.1111/j.1540-5915.2012.00361.x
- Hwang, I., and Cha, O. (2018). Examining technostress creators and role stress as potential threats to employees' information security compliance. Computers in Human Behavior, 81, 282-293. https://doi.org/10.1016/j.chb.2017.12.022
- Hwang, I., Kim, K. T., and Kim, S. (2017). Why not comply with information security? An empirical approach for the causes of non-compliance. Online Inf. Rev, 41(1), 1-18. https://doi.org/10.1108/OIR-11-2015-0358
- Iacobucci, D. (2010). Structural equations modeling: Fit Indices, sample size, and advanced topics. Journal of Consumer Psychology, 20(1), 90-98. https://doi.org/10.1016/j.jcps.2009.09.003
- Ifinedo, P. (2012). Understanding information systems security policy compliance: An integration of the theory of planned behavior and the protection motivation theory. Computers and Security, 31(1), 83-95. https://doi.org/10.1016/j.cose.2011.10.007
- Ifinedo, P. (2014). Information systems security policy compliance: An empirical study of the effects of socialisation, influence, and cognition. Information and Management, 51(1), 69-79. https://doi.org/10.1016/j.im.2013.10.001
- Inuwa, I., and Ononiwu, C. (2020). Motivations and prevention of malicious and criminal misuse of information systems in organizations: A systematic review. In Proceedings of the 24th Pacific Asia Conference on Information Systems: Information Systems (IS) for the Future, PACIS 2020.
- Jaakko, J. (2019). Is Human The Weakest Link In Information Security: A Systematic Literature Review. In Information security, Master's thesis (Vol. 204, Issue 1). http://search.ebscohost.com/login.aspx?direct=true&db=bth&AN=28111529&site=ehost-live.
- Jacobs, B. A. (2010). Deterrence and deterrability. Criminology: An Interdisciplinary Journal, 48(2), 417-441. https://doi.org/10.1111/j.1745-9125.2010.00191.x
- Jakobsson, M. (2016). Understanding social engineering based scams. In springer.com (Vol. 49, Issue 0). https://doi.org/10.1007/978-1-4939-6457-4
- Jalali, M. S., Bruckes, M., Westmattelmann, D., and Schewe, G. (2020). Why employees (still) click on phishing links: Investigation in hospitals. Journal of Medical Internet Research, 22(1), 1-16. https://doi.org/10.2196/16775
- Janis, I. L. (1967). Effects of fear arousal on attitude change: Recent developments in theory and experimental research. Advances in experimental social psychology, 3, 166-224. https://doi.org/10.1016/S0065-2601(08)60344-5
- Janis, I. L., and Feshbach, S. (1953). Effects of fear-arousing communications. The Journal of Abnormal and Social Psychology, 48(1), 78-92. https://doi.org/10.1037/h0060732
- Jansen, J., and van Schaik, P. (2019). The design and evaluation of a theory-based intervention to promote security behaviour against phishing. International Journal of Human Computer Studies, 123(January 2018), 40-55. https://doi.org/10.1016/j.ijhcs.2018.10.004
- Jeon, S., and Hovav, A. (2015). Empowerment or control: Reconsidering employee security policy compliance in terms of authorization. In Proceedings of the Annual Hawaii International Conference on System Sciences, 2015-March (pp. 3473-3482). https://doi.org/10.1109/HICSS.2015.418
- John, F. R. (2021). Influence of Psychological Capital on Employee Engagement and Explored the Mediating Role of Organizational Commitment. European Journal of Molecular & Clinical Medicine, 8(3), 3222-3231.
- Johnson, D. P., and Johnson, D. (2017). How Attitude Toward the Behavior, Subjective Norm, and Perceived Behavioral Control Affects Information Security Behavior Intention. Walden Dissertations and Doctoral Studies, 4454.
- Johnston, A. C., Warkentin, M., and Siponen, M. (2015). An enhanced fear appeal rhetorical framework: Leveraging threats to the human asset through sanctioning rhetoric. MIS Quarterly: Management Information Systems, 39(1), 113-134. https://doi.org/10.25300/MISQ/2015/39.1.06
- Johnston, A. C., Warkentin, M., McBride, M., and Carter, L. (2016). Dispositional and situational factors: Influences on information security policy violations. European Journal of Information Systems, 25(3), 231-251. https://doi.org/10.1057/ejis.2015.15
- Junglas, I. A., Johnson, N. A., and Spitzmuller, C. (2008). Personality traits and concern for privacy: An empirical study in the context of location-based services. European Journal of Information Systems, 17(4), 387-402. https://doi.org/10.1057/ejis.2008.29
- Kajtazi, M., Cavusoglu, H., Benbasat, I., and Haftor, D. (2018). Escalation of commitment as an antecedent to noncompliance with information security policy. Information and Computer Security, 26(2), 39-57. https://doi.org/10.1108/ICS-09-2017-0066
- Khando, K., Gao, S., Islam, S. M., and Salman, A. (2021). Enhancing employees information security awareness in private and public organisations: A systematic literature review. Computers and Security, 106, 102267. https://doi.org/10.1016/j.cose.2021.102267.
- Kim, B., Lee, D. Y., and Kim, B. (2020). Deterrent effects of punishment and training on insider security threats: A field experiment on phishing attacks. Behaviour and Information Technology, 39(11), 1156-1175. https://doi.org/10.1080/0144929X.2019.1653992
- Kim, M., Kim, A. C. H., Newman, J. I., Ferris, G. R., and Perrewe, P. L. (2019). The antecedents and consequences of positive organizational behavior: The role of psychological capital for promoting employee well-being in sport or ganizations. Sport Management Review, 22(1), 108-125. https://doi.org/10.1016/j.smr.2018.04.003
- Kimolo, K. (2013). The relationship between employee empowerment practices and employee perfromance in regional development authorities in Kenya. In Kimanzi Kimolo a Research Project Submitted in Partial Fulfillment of the Requirement for Degree of Masters of Business Admini (Issue October).
- Kline, R. B. (2005). Principles and practice of structural equation modeling. New York, USA: The Guilford Press. https://doi.org/10.1038/156278a0.
- Kolkowska, E., and Dhillon, G. (2013). Organizational power and information security rule compliance. Computers and Security, 33, 3-11. https://doi.org/10.1016/j.cose.2012.07.001
- Kolkowska, E., Karlsson, F., and Hedstrom, K. (2017). Escalation of commitment as an antecedent to noncompliance with information security policy. Information and Computer Security, 26(2), 39-57. https://doi.org/10.1108/ICS-09-2017-0066
- Koohang, A., Nord, J. H., Sandoval, Z. V., and Paliszkiewicz, J. (2020). Reliability, validity, and strength of a unified model for information security policy compliance. Journal of Computer Information Systems, 61(2), 99-107. https://doi.org/10.1080/08874417.2020.1779151
- Krazit, T. (2016). Employees are the weakest link in computer security.
- Kuhalampi, M. (2017). Impact of Deterrence Theory Methods on Employees' Information Security Behavior. PhD Thesis.
- Kulyk, O., and Volkamer, M. (2018). Usability is not enough: Lessons learned from "human factors in security" research for verifiability. In Third International Joint Conference on Electronic Voting (E-Vote-ID 2018) (pp. 66-79).
- Kumar. (2022). Cyber Security Issues and Challenges - A Review. International Journal of Scientific Research in Computer Science, Engineering and Information Technology, 8(11), 269-273. https://doi.org/10.32628/cseit228379
- Lankton, N. K., Stivason, C., and Gurung, A. (2019). Information protection behaviors: morality and organizational criticality. Information and Computer Security, 27(3), 468-488. https://doi.org/10.1108/ICS-07-2018-0092
- Lebek, B., Uffen, J., Neumann, M., Hohler, B., and Breitner, M. H. (2014). Information security awareness and behavior: A theory-based literature review. Management Research Review, 37(12), 1049-1092. https://doi.org/10.1108/MRR-04-2013-0085
- Li, Y., Zhang, N., and Pan, T. (2018). Understanding the roles of challenge security demands, psychological resources in information security policy noncompliance. Proceedings of the 22nd Pacific Asia Conference on Information Systems - Opportunities and Challenges for the Digitized Society: Are We Ready?, PACIS 2018.
- Liang, H., Xue, Y., and Wu, L. (2012). Ensuring employees' IT compliance: Carrot or stick? Information System Resrach, June 24(2), 201-497. https://doi.org/10.1287/isre.1120.0427
- Liu, C., Wang, N., and Liang, H. (2020). Motivating information security policy compliance: The critical role of supervisor-subordinate guanxi and organizational commitment. International Journal of Information Management, 54(28), 102152. https://doi.org/10.1016/j.ijinfomgt.2020.102152
- Lowry, P. B., and Moody, G. D. (2015). Proposing the control-reactance compliance model (CRCM) to explain opposing motivations to comply with organisational information security policies. Information Systems Journal, 25(5), 433-463. https://doi.org/10.1111/isj.12043
- Lowry, P. B., Moody, G. D., and Chatterjee, S. (2017). Using the control balance theory to explain online social media deviance. In Proceedings of the Annual Hawaii International Conference on System Sciences, 2017-Janua (pp. 2253-2262). https://doi.org/10.24251/hicss.2017.272
- Lowry, P. B., Posey, C., Bennett, R. (Becky) J., and Roberts, T. L. (2015). Leveraging fairness and reactance theories to deter reactive computer abuse following enhanced organisational information security policies: An empirical study of the influence of counterfactual reasoning and organisational trust. Information Systems Journal, 25(3), 193-273. https://doi.org/10.1111/isj.12063
- Lu, Y. (2018). Cybersecurity Research: A Review of Current Research Topics. Journal of Industrial Integration and Management, 03(04), 1850014. https://doi.org/10.1142/s2424862218500148.
- Luo, X. R., and Zhdanov, D. (2016). Special issue introduction: A comprehensive perspective on information systems security - technical advances and behavioral issues. Decision Support Systems, 92, 1-2. https://doi.org/10.1016/j.dss.2016.10.003
- Ma, X. (2021). IS professionals' information security behaviors in Chinese IT organizations for information security protection. Information Processing and Management, 59(1), 1-14. https://doi.org/10.1016/j.ipm.2021.102744
- MacKenzie, S. B., Podsakoff, P. M., and Ahearne, M. (1998). Some possible antecedents and consequences of in-role and extra-role salesperson performance. Journal of Marketing, 62(3), 87-98. https://doi.org/10.2307/1251745
- Maddux, J.E., and Rogers, R.W. (1983). Protection motivation and self-efficacy: A revised theory of fear appeals and attitude change. Journal of Experimental Social Psychology, 19(5), 469-479. https://doi.org/10.1016/0022-1031(83)90023-9
- Malik, A. (2013). Efficacy, hope, optimism and resilience at workplace-positive organizational behavior. International Journal of Scientific and Research Publications, 3(10), 1-4.
- Marlina, L., Setyoningrum, N. G., Mulyani, Y. S., Permana, T. E., and Sumarni, R. (2021). Improving employees working discipline with punishment, reward, and implementation of standard operational procedures 1Lina. Perwira International Journal of Economics and Business, 1(1).
- Mathieu, J., and Taylor, S. (2006). Clarifying conditions and decision points for mediational type inferences in Organizational Behavior. Journal of Organizational Behavior, 27, 1031-1056. https://doi.org/10.1002/job.406.
- Menard, P., Warkentin, M., and Lowry, P. B. (2018). The impact of collectivism and psychological ownership on protection motivation: A cross-cultural examination. Computers and Security, 75, 147-166. https://doi.org/10.1016/j.cose.2018.01.020
- Merhi, M. I., and Ahluwalia, P. (2014). The role of punishment and task dissonance in information security policies compliance. In 20th Americas Conference on Information Systems, AMCIS 2014, Straub 1990 (pp. 1-10).
- Merhi, M. I., and Ahluwalia, P. (2015). Top management can lower resistance toward information security compliance. In 2015 International Conference on Information Systems: Exploring the Information Frontier, ICIS 2015, December 2015.
- Merhi, M. I., and Ahluwalia, P. (2019). Examining the impact of deterrence factors and norms on resistance to Information Systems Security. Computers in Human Behavior, 92, 37-46. https://doi.org/10.1016/j.chb.2018.10.031
- Merhi, M. I., and Midha, V. (2012). The impact of training and social norms on information security compliance: A pilot study. International Conference on Information Systems (ICIS) (pp. 4183-4193).
- Mishra, A., Alzoubi, Y. I., Gill, A. Q., and Anwar, M. J. (2022). Cybersecurity Enterprises Policies: A Comparative Study. Sensors, 22(2), 1-35. https://doi.org/10.3390/s22020538
- Moody, G. D., Siponen, M., and Pahnila, S. (2018). Toward a Unified Model of Information Security Policy Compliance. MIS Quarterly, 42(1), 285-311. https://doi.org/10.25300/MISQ/2018/138532018R.
- Moody, G., Siponen, M., and Pahnila, S. (2018). Toward a unified model of information security policy compliance. Mis Quarterly, 42, 285-302. https://eds.a.ebscohost.com/eds/pdfviewer/pdfviewer?vid=0&sid=056bcc95-624f-437e-a25e-2f1b41f0bedf%40sdc-v-sessmgr03 https://doi.org/10.25300/MISQ/2018/13853
- Moquin, R., and Wakefield, R. L. (2016). The roles of awareness, sanctions, and ethics in software compliance. Journal of Computer Information Systems, 56(3), 261-270. https://doi.org/10.1080/08874417.2016.1153922.
- Myyry, L., Siponen, M., Pahnila, S., Vartiainen, T., and Vance, A. (2009). What levels of moral reasoning and values explain adherence to information security rules? An empirical study. European Journal of Information Systems, 18(2), 126-139. https://doi.org/10.1057/ejis.2009.10
- Ncubukezit, T. (2022). Human Errors: A Cybersecurity Concern and the Weakest Link to Small Businesses. International Conference on Cyber Warfare and Security, 17(1), 395-403. https://doi.org/10.34190/iccws.17.1.51.
- Ng, B. Y., and Rahim, M. A. (2005). A socio-behavioral study of home computer users' intention to practice security. 9th Pacific Asia Conference on Information Systems: I.T. and Value Creation, PACIS 2005, 234-247.
- Nguyen, H. M., and Ngo, T. T. (2020). Psychological Capital, Organizational Commitment and Job Performance : A Case in Vietnam. The Journal of Asian Finance, Economics and Busines, 7(5), 269-278. https://doi.org/10.13106/jafeb.2020.vol7.no5.269.
- Nolzen, N. (2018). The concept of psychological capital: A comprehensive review. Management Review Quarterly, 68(3), 237-277. https://doi.org/10.1007/s11301-018-0138-6
- Nunnally, J., and Bernstein, I. (1994). Book Review: Psychometric theory. Journal of Psychoeducational Assessment, 275-280.
- Pahnila, S., Siponen, M., and Mahmood, A. (2007). Which Factors Explain Employees' Adherence to Information Security Policies? An Empirical Study. PACIS 2007 Proceedings.
- Paliszkiewicz, J. (2019). Information security policy compliance: Leadership and trust. Journal of Computer Information Systems, 59(3), 211-217. https://doi.org/10.1080/08874417.2019.1571459
- Paolillo, A., Platania, S., Magnano, P., and Ramaci, T. (2015). Organizational Justice, Optimism and Commitment to Change. Procedia - Social and Behavioral Sciences, 191, 1697-1701. https://doi.org/10.1016/j.sbspro.2015.04.479.
- Paternoster, R., and Simpson, S. (1993). A Rational Choice Theory of Corporate Crime. In R. V. Clarke, & M. Felson (Eds.), Routine Activities and Rational Choice Theory (pp. 37-51). NJ: New Brunswick Transaction.
- Pham, H. C. (2019). Information security burnout: Identification of sources and mitigating factors from security demands and resources. Journal of Information Security and Applications, 46, 96-107. https://doi.org/10.1016/j.jisa.2019.03.012
- Pham, H. C., Brennan, L., and Richardson, J. (2017). Review of behavioural theories in security compliance and research challenges. In Proceedings of the Informing Science and Information Technology Education Conference (pp. 65-76).
- Pham, H. C., El-Den, J., and Richardson, J. (2016). Stress-based security compliance model - An exploratory study. Information and Computer Security, 24(4), 326-347. https://doi.org/10.1108/ICS-10-2014-0067
- Plamenova Djourova, N. (2018). Psychological capital: Underlying mechanisms, antecedents, and outcomes in the workplace. Doctoral thesis.
- Ponemon Institute. (2016). Sixth annual benchmark study on privacy & security of healthcare data. Ponemon Institute, 1-52.
- Ponemon Institute. (2017). 2016 Cost of cyber crime study and the risk of business innovation. Ponemon Institute, 1-36.
- Ponemon Institute. (2020). 2020 Cost of Insider Threats. Retrieved from https://www.observeit.com/wp-content/uploads/2020/04/2020-Global-Cost-of-Insider-Threats-Ponemon-Report_UTD.pdf
- Posey, C., Bennett, B., and Roberts, T. (2011). When computer monitoring backfires: Invasion of privacy and organizational injustice as precursors to computer abuse. Journal of Information System Security, 10(1), 21-45.
- Posey, C., Roberts, T. L., and Lowry, P. B. (2015). The impact of organizational commitment on insiders motivation to protect organizational information assets. Journal of Management Information Systems, 32(4), 179-214. https://doi.org/10.1080/07421222.2015.1138374
- Posey, C., Roberts, T. L., Lowry, P. B., Bennett, R. J., and Courtney, J. F. (2013). Insiders' protection of organizational information assets: Development of a systematics-based taxonomy and theory of diversity for protection-motivated behaviors. MIS Quarterly: Management Information Systems, 37(4), 1189-1210. https://doi.org/10.25300/MISQ/2013/37.4.09
- Pratt, T. C., Cullen, F. T., Blevins, K. R., Daigle, L. E., and Madensen, T. D. (2006). The Empirical Status of Deterrence Theory: A Meta-Analysis. Taking Stock: The Status of Criminological Theory: Advances in Criminological Theory: Volume 15, 15(January), 367-396. https://doi.org/10.4324/9781315130620-14.
- PwC. (2017). UK organisations still failing to prepare effectively for cyber attacks. UK Organisations Still Failing to Prepare Effectively for Cyber Attacks. PWC: Cambridge, UK.
- Rabenu, E., and Yaniv, E. (2017). Psychological resources and strategies to cope with stress at work. International Journal of Psychological Research, 10(2), 8-15. https://doi.org/10.21500/20112084.2698
- Raza, M. H., Abid, M., Yan, T., Ali Naqvi, S. A., Akhtar, S., and Faisal, M. (2019). Understanding farmers' intentions to adopt sustainable crop residue management practices: A structural equation modeling approach. In Journal of Cleaner Production (Vol. 227). Elsevier B.V. https://doi.org/10.1016/j.jclepro.2019.04.244.
- Ritzman, M., and Kahle-Piasecki, L. (2016). What works: a systems approach to employee performance in strengthening information security. Performance Improvement, 55(8), 17-22. https://doi.org/10.1002/pfi.21614
- Rogers, R. W. (1975). A protection motivation theory of fear appeals and attitude change1. The Journal of Psychology, 91(1), 93-114. https://doi.org/10.1080/00223980.1975.9915803
- Safa, N. S., and Von Solms, R. (2016). An information security knowledge sharing model in organizations. Computers in Human Behavior, 57, 442-451. https://doi.org/10.1016/j.chb.2015.12.037
- Safa, N. S., Solms, R. Von, and Futcher, L. (2016). Human aspects of information security in organisations. Computer Fraud and Security, 2016(2), 15-18. https://doi.org/10.1016/S1361-3723(16)30017-3
- Sahoo, B. C., Sia, S. K., Sahu, N., and Appu, A. V. (2015). Psychological Capital and Work Attitudes: A Conceptual Analysis. Journal of Organization and Human Behaviour, 4(2and3), 10-21. https://doi.org/10.21863/johb/2015.4.2and3.008.
- SANS. (2014). Information Security Policy Templates. Retrieved from http://www.sans.org/security-resources/policies/general
- Saridakis, G., Benson, V., Ezingeard, J. N., and Tennakoon, H. (2016). Individual information security, user behaviour and cyber victimisation: An empirical study of social networking users. Technological Forecasting and Social Change, 102, 320-330. https://doi.org/10.1016/j.techfore.2015.08.012
- Sarkar, A., and Garg, N. (2020). "Peaceful workplace" only a myth?: Examining the mediating role of psychological capital on spirituality and nonviolence behaviour at the workplace. International Journal of Conflict Management, 31(5), 709-728. https://doi.org/10.1108/IJCMA-11-2019-0217.
- Sawyer, B. D., Finomore, V. S., Funke, G. J., Matthews, G., Mancuso, V., Funke, M., Warm, J. S., and Hancock, P. A. (2016). Report date (dd-mm-yy) 2. report type 3. dates covered (from-to) cyber vigilance: The human factor 5a. contract number. 298(0704).
- Saxena, N., Hayes, E., Bertino, E., Ojo, P., Choo, K. K. R., and Burnap, P. (2020). Impact and key challenges of insider threats on organizations and critical businesses. Electronics (Switzerland), 9(9), 1-29. https://doi.org/10.3390/electronics9091460
- Seligman, M. E., and Csikszentmihalyi, M. (2000). Positive psychology. An introduction. The American Psychologist, 55(1), 5-14. https://doi.org/10.1037/0003-066X.55.1.5
- Senarak, C. (2021). Cybersecurity knowledge and skills for port facility security officers of international seaports: Perspectives of IT and security personnel. Asian Journal of Shipping and Logistics, 37(4), 345-360. https://doi.org/10.1016/j.ajsl.2021.10.002
- Shahbaznezhad, H., Kolini, F., and Rashidirad, M. (2020). Employees' behavior in phishing attacks: What individual, organizational, and technological factors matter? Journal of Computer Information Systems, 1-12. https://doi.org/10.1080/08874417.2020.1812134
- Siddiqi, M. A., Pak, W., and Siddiqi, M. A. (2022). A Study on the Psychology of Social Engineering-Based Cyberattacks and Existing Countermeasures. Applied Sciences (Switzerland), 12(12). https://doi.org/10.3390/app12126042
- Siponen, M., Adam Mahmood, M., and Pahnila, S. (2014). Employees' adherence to information security policies: An exploratory field study. Information and Management, 51(2), 217-224. https://doi.org/10.1016/j.im.2013.08.006
- Siponen, M., Soliman, W., and Vance, A. (2022). Common misunderstandings of deterrence theory in information systems research and future research directions. Data Base for Advances in Information Systems, 53(1), 25-60. https://doi.org/10.1145/3514097.3514101
- Sommestad, T., and Hallberg, J. (2013). A review of the theory of planned behaviour in the context of information security policy compliance. IFIP Advances in Information and Communication Technology, 405, 257-271. https://doi.org/10.1007/978-3-642-39218-4_20
- Sommestad, T., Hallberg, J., Lundholm, K., and Bengtsson, J. (2014). Variables influencing information security policy compliance: A systematic review of quantitative studies. Information Management and Computer Security, 22(1), 42-75. https://doi.org/10.1108/IMCS-08-2012-0045
- Sommestad, T., Karlzen, H., and Hallberg, J. (2015). The sufficiency of the theory of planned behavior for explaining information security policy compliance. Information and Computer Security. https://doi.org/10.1108/ICS-04-2014-0025
- Sprissler, E., Yan, Z., Robertson, T., Bordoff, S., Chen, Q., Yan, R., and Park, S. Y. (2018). Finding the weakest links in the weakest link: How well do undergraduate students make cybersecurity judgment? Computers in Human Behavior, 84, 375-382. https://doi.org/10.1016/j.chb.2018.02.019.
- Stahl, B. C., Doherty, N. F., and Shaw, M. (2012). Information security policies in the UK healthcare sector: A critical evaluation. Information Systems Journal, 22(1), 77-94. https://doi.org/10.1111/j.1365-2575.2011.00378.x
- Straub, D. W. (1990). Effective IS security: An empirical study. Information Systems Research, 1(3), 255-276. https://doi.org/10.1287/isre.1.3.255
- Straub, D. W., and Welke, R. J. (1998). Coping with systems risk: Security planning models for management decision making. MIS Quarterly: Management Information Systems, 22(4), 441-464. https://doi.org/10.2307/249551
- Straub, D., and Gefen, D. (2004). Validation guidelines for is positivist research. Communications of the Association for Information Systems, 13. https://doi.org/10.17705/1cais.01324
- Talib, Y. Y. A., and Dhillon, G. (2015). Employee ISP compliance intentions: An empirical test of empowerment. In 2015 International Conference on Information Systems: Exploring the Information Frontier, ICIS 2015, December 2015.
- Tannenbaum, M. B., Hepler, J., Zimmerman, R. S., Saul, L., and Jacobs, S. (2018). Appealing to fear: A meta-analysis of fear appeal effectiveness and. Psychol Bull., 141(6), 1178-1204. https://doi.org/10.1037/a0039729. Appealing
- Tavakoli, M. (2010). A positive approach to stress, resistance, and organizational change. Procedia - Social and Behavioral Sciences, 5, 1794-1798. https://doi.org/10.1016/j.sbspro.2010.07.366
- Teo, T., Zhou, M., and Noyes, J. (2016). Teachers and technology: Development of an extended theory of planned behavior. Educational Technology Research and Development, 64(6), 1033-1052. https://doi.org/10.1007/s11423-016-9446-5
- Tittle, C. R. (1995). Control Balance: Toward a General Theory of Deviance. New York: ImprintRoutledge.
- Trang, S., and Brendel, B. (2019). A meta-analysis of deterrence theory in information security policy compliance research. Information Systems Frontiers, 21(6), 1265-1284. https://doi.org/10.1007/s10796-019-09956-4
- Tsohou, A., and Holtkamp, P. (2018). Are users competent to comply with information security policies? An analysis of professional competence models. Information Technology & People, 31(5), 1047-1068. https://doi.org/10.1108/ITP-02-2017-0052
- Valasvuo, S. (2022). Cybersecurity development and business continuity plan for car dealership.
- Vance, A., and Siponen, M. (2012). IS security policy violations: A rational choice perspective. Journal of Organizational and End User Computing, 24(1), 21-41. https://doi.org/10.4018/joeuc.2012010102.
- Vance, A., Fellow, S., and Siponen, M. (2020). Effects of sanctions, moral beliefs, and neutralization on information security policy violations across cultures. Science of the Total Environment, 136126. https://doi.org/10.1016/j.scitotenv.2019.136126
- Velazquez, Lucia. (2020). Examining Information Security Policy Violations, Rationalization of Deviant Behaviors, and Preventive Strategies Dissertation Manuscript Submitted to Northcentral University School of Business in Partial Fulfillment of the Requirements for the Degree o (Issue July).
- Venkatesh, V., and Davis, F. D. (2000). Theoretical extension of the Technology Acceptance Model: Four longitudinal field studies. Management Science, 46(2), 186-204. https://doi.org/10.1287/mnsc.46.2.186.11926
- Verkijika, S. F. (2018). Understanding smartphone security behaviors: An extension of the protection motivation theory with anticipated regret. Computers and Security, 77, 860-870. https://doi.org/10.1016/j.cose.2018.03.008.
- Wahda, Mursalim, Fauziah, and Asty. (2020). Extra-role behavior improvement model: Organizational learning culture, organizational trust, and organizational justice approach. International Journal of Engineering Business Management, 12, 1-12. https://doi.org/10.1177/1847979020963774
- Wang, J., Li, Y., and Rao, H. R. (2017). Coping responses in phishing detection: An investigation of antecedents and consequences. Information Systems Research, 28(2), 378-396. https://doi.org/10.1287/isre.2016.0680
- Wang, J., Liu-Lastres, B., Ritchie, B. W., and Mills, D. J. (2019). Travellers' self-protections against health risks: An application of the full protection motivation theory. Annals of Tourism Research.
- Wang, X., and Xu, J. (2021). Deterrence and leadership factors: Which are important for information security policy compliance in the hotel industry. Tourism Management, 84. https://doi.org/10.1016/j.tourman.2021.104282
- Warkentin, M., Willison, R., Johnston, A. C., Warkentin, M., Willison, R., and Johnston, A. C. (2011). The role of perceptions of organizational injustice and techniques of neutralization in forming computer abuse intentions. In Proceedings of the Seventeenth Americas Conference on Information Systems, Detroit, Michigan.
- Warrington, C. (2017). A study of personality traits to explain employees' information security behavior among generational cohorts. Journal of Organizational Psychology, 22(3). https://doi.org/10.33423/jop.v22i3.5647
- Wetzels, M., Odekerken-Schroder, G., and Van Oppen, C. (2009). Using PLS path modeling for assessing hierarchical construct models: Guidelines and empirical illustration. MIS Quarterly: Management Information Systems, 33(1), 177-196. https://doi.org/10.2307/20650284
- Williams, E. J., Hinds, J., and Joinson, A. N. (2018). Exploring susceptibility to phishing in the workplace. International Journal of Human Computer Studies, 120, 1-13. https://doi.org/10.1016/j.ijhcs.2018.06.004
- Witte, K. (1992). Putting the fear back into fear appeals: The extended parallel process model. Communications Monographs, 59(4), 329-349. https://doi.org/10.1080/03637759209376276
- Woon, I., Tan, G. W., and Low. (2005). A protection motivation theory approach to home wireless security. In International Conference on Information Systems (ICIS). Retrieved from http://aisel.aisnet.org/icis2005
- Workman, M., Bommer, W. H., and Straub, D. (2008). Security lapses and the omission of information security measures: A threat control model and empirical test. Computers in Human Behavior, 24(6), 2799-2816. https://doi.org/10.1016/j.chb.2008.04.005
- Wortley, R., and Sidebottom, A. (2017). Deterrence and rational choice theory. The Encyclopedia of Juvenile Delinquency and Justice, 1-6. https://doi.org/10.1002/9781118524275.ejdj0131
- Xu, F., Hsu, C., Luo, X., and Warkentin, M. (2021). Reactions to abusive supervision: Neutralization and IS misuse. Journal of Computer Information Systems, 1-10. https://doi.org/10.1080/08874417.2021.1887776 November, 36.
- Xu, J., Qureshi, A. R., Mohamed, Y., Dabagh, A., Kin, C. L., and Khan, R. (2021). Effective virtual interventions to enhance psychological capital: A mixed-methods systematic review. https://doi.org/10.31234/osf.io/dpjuy
- Xu, Z., and Guo, K. (2017). Organizational Citizenship Behavior regarding Information Security (OCB-S): Leadership Approach Perspective organizational citizenship behavior regarding security (OCB-S): leadership approach perspective. Journal of Computer Information Systems.
- Yan, Z., Robertson, T., Yan, R., Park, S. Y., Bordoff, S., Chen, Q., and Sprissler, E. (2018). Finding the weakest links in the weakest link: How well do undergraduate students make cybersecurity judgment?, Computers in Human Behavior, 84, 375-382. https://doi.org/10.1016/j.chb.2018.02.019
- Yazdanmehr, A., and Wang, J. (2016). Employees' information security policy compliance: A norm activation perspective. Decision Support Systems, 92, 36-46. https://doi.org/10.1016/j.dss.2016.09.009
- Yeo, L. H., and Banfield, J. (2022). Human Factors in Electronic Health Records Cybersecurity Breach: An Exploratory Analysis. Perspectives in Health Information Management, 19(Spring).
- Young, and Ernst. (2011). Into the cloud, out of the fog; Global Information Security Survey. Into the Cloud, out of the Fog: Global Information Security Survey. Retrieved from https://www.Techzim.Co.Zw/Wp-Content/Uploads/Ey-Global-formationsecurity-Survey-Zimbabwe-Report-6-December-2011.Pdf
- Zhang, X., Liu, S., Wang, L., Zhang, Y., and Wang, J. (2019). Mobile health service adoption in China: Integration of theory of planned behavior, protection motivation theory and personal health differences. Online Information Review, 44(1), 1-23. https://doi.org/10.1108/OIR-11-2016-0339
- Zhao, L., Yin, J., and Song, Y. (2016). An exploration of rumor combating behavior on social media in the context of social crises. Computers in Human Behavior, 58, 25-36. https://doi.org/10.1016/j.chb.2015.11.054
- Zhen, J., Xie, Z., Dong, K., and Chen, L. (2021). Impact of negative emotions on violations of information security policy and possible mitigations. Behaviour and Information Technology, 41, 2342-2354. https://doi.org/10.1080/0144929X.2021.1921029