Paper Type
Complete
Abstract
Cyber risk is increasing, with more cyberattacks causing significant consequences. Organizations respond by implementing cybersecurity strategies combining technical solutions and employee awareness. This is crucial, as human vulnerability remains the primary weakness. However, cyber risk is often underestimated, and employees bypass security best practices. To address this, we apply the Protection Motivation Theory (PMT) and the Extended Parallel Process Model (EPPM) to influence cyber risk perception. Unlike most studies, we adopt a qualitative Design Science Research (DSR) approach to emphasize fear appeal design. Our research question is: How can a fear appeal be designed to influence employees’ perception of cyber risk? Grounded in Critical Realism (CR), we identify generative mechanisms that enhance cyber risk perception, including a cyberscore format, targeting middle management and using binding communication. We develop an artifact within a banking institution, implement evaluation strategies, and present preliminary findings. This study offers theoretical, methodological, and practical contributions.
Paper Number
1419
Recommended Citation
Peneloux, Emilie; Cécile, Godé; and Lepinard, Philippe, "Influencer la perception du risque cyber : résultats préliminaires et perspectives de la conception d’un cyberscore" (2025). AMCIS 2025 Proceedings. 2.
https://aisel.aisnet.org/amcis2025/frais/frais/2
Influencer la perception du risque cyber : résultats préliminaires et perspectives de la conception d’un cyberscore
Cyber risk is increasing, with more cyberattacks causing significant consequences. Organizations respond by implementing cybersecurity strategies combining technical solutions and employee awareness. This is crucial, as human vulnerability remains the primary weakness. However, cyber risk is often underestimated, and employees bypass security best practices. To address this, we apply the Protection Motivation Theory (PMT) and the Extended Parallel Process Model (EPPM) to influence cyber risk perception. Unlike most studies, we adopt a qualitative Design Science Research (DSR) approach to emphasize fear appeal design. Our research question is: How can a fear appeal be designed to influence employees’ perception of cyber risk? Grounded in Critical Realism (CR), we identify generative mechanisms that enhance cyber risk perception, including a cyberscore format, targeting middle management and using binding communication. We develop an artifact within a banking institution, implement evaluation strategies, and present preliminary findings. This study offers theoretical, methodological, and practical contributions.
When commenting on articles, please be friendly, welcoming, respectful and abide by the AIS eLibrary Discussion Thread Code of Conduct posted here.
Comments
FRAIS