Mitigating the ransomware threat: a protection motivation theory approach

Jacques Ophoff; Mcguigan Lakay

doi:10.1007/978-3-030-11407-7_12

Mitigating the ransomware threat: a protection motivation theory approach

Jacques Ophoff^*, Mcguigan Lakay

^*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

59 Downloads (Pure)

Abstract

Ransomware has emerged as one of the biggest security threats to organizations and individuals alike. As technical solutions are developed the creators of ransomware are also improving the sophistication of such attacks. A combination of technical and behavioral measures is required to deal with this problem. This study investigates computer users’ motivation to adopt security measures against ransomware, using protection motivation theory (PMT) as a theoretical foundation. We conducted empirical research, using a survey methodology, collecting data from 118 respondents. Using partial least squares structural equation modelling our analysis provides support for several factors influencing protection motivation in this context. These include perceived threat severity and perceived threat vulnerability, mediated by fear. Self-efficacy is shown as a significant coping factor. Maladaptive rewards and response costs both have a significant negative influence on protection motivation. The results provide support for the use of fear appeals and PMT to influence protection motivation in the context of ransomware threats.

Original language	English
Title of host publication	Information security
Subtitle of host publication	17th International conference, ISSA 2018, Pretoria, South Africa, August 15–16, 2018, revised selected papers
Editors	Hein Venter, Marianne Loock, Marijke Coetzee, Mariki Eloff, Jan Eloff
Place of Publication	Cham
Publisher	Springer
Pages	163-175
Number of pages	13
ISBN (Electronic)	9783030114077
ISBN (Print)	9783030114060
DOIs	https://doi.org/10.1007/978-3-030-11407-7_12
Publication status	Published - 25 Jan 2019
Externally published	Yes
Event	Information Security South Africa - Pretoria, South Africa Duration: 15 Aug 2018 → 16 Aug 2018 Conference number: 17th

Publication series

Name	Communications in Computer and Information Science (CCIS)
Publisher	Springer
Volume	973
ISSN (Print)	1865-0929
ISSN (Electronic)	1865-0937

Conference

Conference	Information Security South Africa
Abbreviated title	ISSA 2018
Country	South Africa
City	Pretoria
Period	15/08/18 → 16/08/18

Access to Document

10.1007/978-3-030-11407-7_12

Ophoff_MitigatingTheRansomwareThreat_Accepted_2018Accepted author manuscript, 578 KB

Fingerprint Dive into the research topics of 'Mitigating the ransomware threat: a protection motivation theory approach'. Together they form a unique fingerprint.

Cite this

Ophoff, J., & Lakay, M. (2019). Mitigating the ransomware threat: a protection motivation theory approach. In H. Venter, M. Loock, M. Coetzee, M. Eloff, & J. Eloff (Eds.), Information security: 17th International conference, ISSA 2018, Pretoria, South Africa, August 15–16, 2018, revised selected papers (pp. 163-175). (Communications in Computer and Information Science (CCIS); Vol. 973). Springer. https://doi.org/10.1007/978-3-030-11407-7_12

Ophoff, Jacques ; Lakay, Mcguigan. / Mitigating the ransomware threat : a protection motivation theory approach. Information security: 17th International conference, ISSA 2018, Pretoria, South Africa, August 15–16, 2018, revised selected papers. editor / Hein Venter ; Marianne Loock ; Marijke Coetzee ; Mariki Eloff ; Jan Eloff. Cham : Springer, 2019. pp. 163-175 (Communications in Computer and Information Science (CCIS)).

@inproceedings{537e3582856546d7bf6a7d5f94bf8725,

title = "Mitigating the ransomware threat: a protection motivation theory approach",

abstract = "Ransomware has emerged as one of the biggest security threats to organizations and individuals alike. As technical solutions are developed the creators of ransomware are also improving the sophistication of such attacks. A combination of technical and behavioral measures is required to deal with this problem. This study investigates computer users{\textquoteright} motivation to adopt security measures against ransomware, using protection motivation theory (PMT) as a theoretical foundation. We conducted empirical research, using a survey methodology, collecting data from 118 respondents. Using partial least squares structural equation modelling our analysis provides support for several factors influencing protection motivation in this context. These include perceived threat severity and perceived threat vulnerability, mediated by fear. Self-efficacy is shown as a significant coping factor. Maladaptive rewards and response costs both have a significant negative influence on protection motivation. The results provide support for the use of fear appeals and PMT to influence protection motivation in the context of ransomware threats.",

author = "Jacques Ophoff and Mcguigan Lakay",

year = "2019",

month = jan,

day = "25",

doi = "10.1007/978-3-030-11407-7_12",

language = "English",

isbn = "9783030114060",

series = "Communications in Computer and Information Science (CCIS)",

publisher = "Springer",

pages = "163--175",

editor = "Hein Venter and Marianne Loock and Marijke Coetzee and Mariki Eloff and Jan Eloff",

booktitle = "Information security",

note = "Information Security South Africa, ISSA 2018 ; Conference date: 15-08-2018 Through 16-08-2018",

}

Ophoff, J & Lakay, M 2019, Mitigating the ransomware threat: a protection motivation theory approach. in H Venter, M Loock, M Coetzee, M Eloff & J Eloff (eds), Information security: 17th International conference, ISSA 2018, Pretoria, South Africa, August 15–16, 2018, revised selected papers. Communications in Computer and Information Science (CCIS), vol. 973, Springer, Cham, pp. 163-175, Information Security South Africa, Pretoria, South Africa, 15/08/18. https://doi.org/10.1007/978-3-030-11407-7_12

Mitigating the ransomware threat : a protection motivation theory approach. / Ophoff, Jacques; Lakay, Mcguigan.

Information security: 17th International conference, ISSA 2018, Pretoria, South Africa, August 15–16, 2018, revised selected papers. ed. / Hein Venter; Marianne Loock; Marijke Coetzee; Mariki Eloff; Jan Eloff. Cham : Springer, 2019. p. 163-175 (Communications in Computer and Information Science (CCIS); Vol. 973).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

TY - GEN

T1 - Mitigating the ransomware threat

T2 - Information Security South Africa

AU - Ophoff, Jacques

AU - Lakay, Mcguigan

N1 - Conference code: 17th

PY - 2019/1/25

Y1 - 2019/1/25

N2 - Ransomware has emerged as one of the biggest security threats to organizations and individuals alike. As technical solutions are developed the creators of ransomware are also improving the sophistication of such attacks. A combination of technical and behavioral measures is required to deal with this problem. This study investigates computer users’ motivation to adopt security measures against ransomware, using protection motivation theory (PMT) as a theoretical foundation. We conducted empirical research, using a survey methodology, collecting data from 118 respondents. Using partial least squares structural equation modelling our analysis provides support for several factors influencing protection motivation in this context. These include perceived threat severity and perceived threat vulnerability, mediated by fear. Self-efficacy is shown as a significant coping factor. Maladaptive rewards and response costs both have a significant negative influence on protection motivation. The results provide support for the use of fear appeals and PMT to influence protection motivation in the context of ransomware threats.

AB - Ransomware has emerged as one of the biggest security threats to organizations and individuals alike. As technical solutions are developed the creators of ransomware are also improving the sophistication of such attacks. A combination of technical and behavioral measures is required to deal with this problem. This study investigates computer users’ motivation to adopt security measures against ransomware, using protection motivation theory (PMT) as a theoretical foundation. We conducted empirical research, using a survey methodology, collecting data from 118 respondents. Using partial least squares structural equation modelling our analysis provides support for several factors influencing protection motivation in this context. These include perceived threat severity and perceived threat vulnerability, mediated by fear. Self-efficacy is shown as a significant coping factor. Maladaptive rewards and response costs both have a significant negative influence on protection motivation. The results provide support for the use of fear appeals and PMT to influence protection motivation in the context of ransomware threats.

U2 - 10.1007/978-3-030-11407-7_12

DO - 10.1007/978-3-030-11407-7_12

M3 - Conference contribution

AN - SCOPUS:85066911060

SN - 9783030114060

T3 - Communications in Computer and Information Science (CCIS)

SP - 163

EP - 175

BT - Information security

A2 - Venter, Hein

A2 - Loock, Marianne

A2 - Coetzee, Marijke

A2 - Eloff, Mariki

A2 - Eloff, Jan

PB - Springer

CY - Cham

Y2 - 15 August 2018 through 16 August 2018

ER -

Ophoff J, Lakay M. Mitigating the ransomware threat: a protection motivation theory approach. In Venter H, Loock M, Coetzee M, Eloff M, Eloff J, editors, Information security: 17th International conference, ISSA 2018, Pretoria, South Africa, August 15–16, 2018, revised selected papers. Cham: Springer. 2019. p. 163-175. (Communications in Computer and Information Science (CCIS)). https://doi.org/10.1007/978-3-030-11407-7_12