Abstract

Human error is one of the biggest cybersecurity vulnerabilities in organizations making organizational security solutions become ineffective. It is therefore crucial for organizations to adapt their risk management in concordance to arising threats. Using the Technology Threat Avoidance Theory (TTAT) as a theoretical lens, this article investigates the relationship between security threats, employees’ risk perception, and avoidance behavior. While recent research has suggested that an individual’s dispositional risk propensity can influence the perception of technology threats, we argue that additional risk facets, namely situational and organizational risk propensity can influence employees’ threat perception. Drawing on a scenario-based online experiment, our study reveals that risk perception in a work environment is not a static risk assessment but rather depends on situational aspects and the organization’s risk propensity. Our study contributes to existing research by investigating the different aspects of risk-taking in an organizational context to improve the understanding of employees’ behavior at work.

Share

COinS