Information security management programs have long included “fear appeals”, managerial communiqués designed to promote secure behaviors among organizational insiders. However, recent research has found a conflict between the predictions of contemporary fear appeal theory for how we expect individuals to experience fear appeals and what actually occurs in IS security situations. Using the opportunity presented by neuroimaging tools to examine cognitive and affective reactions to fear appeals, we take a comparative look at the contentions of fear appeal theory and the realities of what insiders experience neurologically when exposed to ecologically relevant IS security fear appeals. Our fMRI results suggest that fear appeals elicit threat and threat response assessments, which partially supports fear appeal theory but does not support the presence of an actual fear response. Furthermore, appraisals of recommended threat responses had a stronger impact on intentions to enact security behaviors than appraisals of the threat itself, which suggests that a focus on threats might be misplaced. Instead, focusing on ways to make the responses to the threats more appealing to users might work better. These controversial findings suggest future research that should explore how fear appeals play out in IS security and in what ways.
Warkentin, Merrill; Walden, Eric; Johnston, Allen C.; and Straub, Detmar W.
"Neural Correlates of Protection Motivation for Secure IT Behaviors: An fMRI Examination,"
Journal of the Association for Information Systems:
3, Article 1.
Available at: http://aisel.aisnet.org/jais/vol17/iss3/1