Login or signup to connect with paper authors and to register for specific Author Connect sessions (if available).

Investigating User Inaction in Post-Breach Situations
Arman Falahati, Liette Lapointe, Suzanne Rivard
Given the magnitude of security incidents, organizations typically put into place security measures. Nonetheless, data breaches still occur, leading to substantial negative consequences for customer users and organizations. While breached organizations will often reach out to the impacted customers to notify them of the incident and recommend protective measures, many users do not embrace those recommendations. As a result, the impacts become more dire. In this emergent research forum (ERF) paper, we build upon the information systems (IS) literature to put forth a theoretical framework that distinguishes between different taxa of inaction – unawareness, deliberate ignorance, and impotence. We propose a model to test specific antecedents for each taxon. This work paves the way for future research and informs the development of targeted post-breach communications.

AuthorConnect Sessions

No sessions scheduled yet