This paper intends to extend Protection Motivation Theory (one of the leading theories in Information Security research) based on innovation diffusion and institutional legitimacy theories. We postulate that legitimacy, in which fear is only a partial representation, is a more comprehensive antecedent to intention to comply with security policies. We argue the use of ethos, pathos, and logos appeals to complement the fear rhetoric traditionally present in information security research to elicit legitimacy judgments and indirectly intention to comply. We propose an experiment in which by manipulating the rhetorical elements of the communication, we can study its impact on legitimacy and ultimately intention to abide by the security policy.
Torres, Carlos Ivan and Crossler, Robert Ernest, "Rhetorical appeals and legitimacy perceptions: How to induce information security policy compliance" (2019). WISP 2019 Proceedings. 8.