Over the past decade, there has been an increase in cybersecurity breaches through identity theft, hacking, phishing attacks, and the use of malware such as viruses, worms, or trojans. The breaches have triggered an increase in investment in information security in organizations. As technology continues to improve, the risks of having cybersecurity incidents also increase. Cybersecurity firms reported that in 2016, there were 1209 total breaches with 1.1 billion identities exposed. Most experts agree that human vulnerability is a significant factor in cybersecurity. Most issues related to advanced threats come from human nature and ignorance. For the study, the researcher examined the relationship between Millennial professionals’ perceptions of cybersecurity risks and users’ online security behaviors. The study focused on two elements of perception which are perceived benefits and perceived barriers. The researcher administered a survey to 109 participants randomly selected among Survey Monkey audience members. The Spearman’s correlation test performed supported the analysis of the strength of the relationship and the level of significance between each of the independent variables and the dependent variable. The results from the statistical test provided enough evidence to reject each of the null hypothesis tested in this study. There were significant correlations between each of the independent variables, Perceived Benefits (PBE) and Perceived Barriers (PBA) and the dependent variable Online Security Behaviors (OSB).
Jones, C. and Mujtaba, B. (2006) Is Your Information at Risk? Information Technology Leaders’ Thoughts about the Impact of Cybercrime on Competitive Advantage. Review of Business Information Systems, 10, 7. https://doi.org/10.19030/rbis.v10i2.5320
Fischhoff, B., Slovic, P., Lichtenstein, S., Read, S. and Combs, B. (1978) How Safe Is Safe Enough? A Psychometric Study of Attitudes towards Technological Risks and Benefits. Policy Sciences, 9, 127-152. https://doi.org/10.1007/BF00143739
Parsons, K., McCormac, A., Butavicius, M. and Ferguson, L. (2010) Human Factors and Information Security: Individual, Culture and Security Environment. No. DSTO-TR-2484, Command, Control, Communications and Intelligence Division DSTO Defence Science and Technology Organisation, Edinburgh.
Pattinson, M. and Anderson, G. (2005) Risk Communication, Risk Perception and Information Security. In: Security Management, Integrity, and Internal Control in Information Systems, Springer, Berlin, 175-184. https://doi.org/10.1007/0-387-31167-X_11
Oswick, C., Fleming, P. and Hanlon, G. (2011) From Borrowing to Blending: Rethinking the Processes of Organizational Theory Building. Academy of Management Review, 36, 318-337. https://doi.org/10.5465/AMR.2011.59330932
Warkentin, M. and Siponen, M. (2015) An Enhanced Fear Appeal Rhetorical Framework: Leveraging Threats to the Human Asset through Sanctioning Rhetoric. MIS Quarterly, 39, 113-134. https://doi.org/10.25300/MISQ/2015/39.1.06
Boss, S., Galletta, D., Lowry, P.B., Moody, G.D. and Polak, P. (2015) What Do Systems Users Have to Fear? Using Fear Appeals to Engender Threats and Fear That Motivate Protective Security Behaviors. MIS Quarterly (MISQ), 39, 837-864. https://doi.org/10.25300/MISQ/2015/39.4.5
Haeger, D.L. and Lingham, T. (2014) A Trend toward Work-Life Fusion: A Multi-Generational Shift in Technology Use at Work. Technological Forecasting and Social Change, 89, 316-325. https://doi.org/10.1016/j.techfore.2014.08.009
S-O’Brien, L., Read, P., Woolcott, J. and Shah, C. (2011) Understanding Privacy Behaviors of Millennials within Social Networking Sites. Proceedings of the American Society for Information Science and Technology, 48, 1-10. https://doi.org/10.1002/meet.2011.14504801198
Wipawayangkool, K. and Villafranca, E. (2015) Exploring Millennials’ Malware Awareness and Intention to Comply with Information Security Policy. Review of Integrative Business and Economics Research, 4, 153.
Li, L., He, W., Xu, L., Ivan, A., Anwar, M. and Yuan, X. (2014) Does Explicit Information Security Policy Affect Employees’ Cyber Security Behavior? A Pilot Study. 2014 Enterprise Systems Conference, Shanghai, 2-3 August 2014, 169-173. https://doi.org/10.1109/ES.2014.66
Chakraborty, R., Lee, J., Bagchi-Sen, S., Upadhyaya, S. and Raghav Rao, H. (2016) Online Shopping Intention in the Context of Data Breach in Online Retail Stores: An Examination of Older and Younger Adults. Decision Support Systems, 83, 47-56. https://doi.org/10.1016/j.dss.2015.12.007
Kang, R., Dabbish, L., Fruchter, N. and Kiesler, S. (2015) My Data Just Goes Everywhere: User Mental Models of the Internet and Implications for Privacy and Security. Symposium on Usable Privacy and Security, Pittsburgh, 2015, 39-52.
de Bruijn, H. and Janssen, M. (2017) Building Cybersecurity Awareness: The Need for Evidence-Based Framing Strategies. Government Information Quarterly, 34, 1-7. https://doi.org/10.1016/j.giq.2017.02.007
Bryce, J. and Fraser, J. (2014) The Role of Disclosure of Personal Information in the Evaluation of Risk and Trust in Young Peoples’ Online Interactions. Computers in Human Behavior, 30, 299-306. https://doi.org/10.1016/j.chb.2013.09.012
Dinev, T. and Hu, Q. (2007) The Centrality of Awareness in the Formation of User Behavioral Intention toward Protective Information Technologies. Journal of the Association for Information Systems, 8, 23. https://doi.org/10.17705/1jais.00133
Byrne, Z.S., Dvorak, K.J., Peters, J.M., Ray, I., Howe, A. and Sanchez, D. (2016) From the User’s Perspective: Perceptions of Risk Relative to Benefit Associated with Using the Internet. Computers in Human Behavior, 59, 456-468. https://doi.org/10.1016/j.chb.2016.02.024
Riek, M., Bohme, R. and Moore, T. (2016) Measuring the Influence of Perceived Cybercrime Risk on Online Service Avoidance. IEEE Transactions on Dependable and Secure Computing, 13, 261-273. https://doi.org/10.1109/TDSC.2015.2410795
Liang, H. and Xue, Y. (2010) Understanding Security Behaviors in Personal Computer Usage: A Threat Avoidance Perspective. Journal of the Association for Information Systems, 11, 394-413. https://doi.org/10.17705/1jais.00232
Fry, R. (2018) Millennials Are the Largest Generation in the U.S. Labor Force. Pew Research Center, Washington DC. https://www.pewresearch.org/fact-tank/2018/2004/2011/millennials-largest-generation-us-labor-force
Ifinedo, P. (2014) Information Systems Security Policy Compliance: An Empirical Study of the Effects of Socialisation, Influence, and Cognition. Information & Management, 51, 69-79. https://doi.org/10.1016/j.im.2013.10.001
Lebek, B., Uffen, J., Neumann, M., Hohler, B. and Breitner, M.H. (2014) Information Security Awareness and Behavior: A Theory-Based Literature Review. Management Research Review, 37, 1049-1092. https://doi.org/10.1108/MRR-04-2013-0085
Straub, D., Boudreau, M. and Gefen, D. (2004) Validation Guidelines for Is Positivist Research. Communications of the Association for Information Systems, 13, 380-427. https://doi.org/10.17705/1CAIS.01324
Gall, M., Gall, J. and Borg, W. (2007) Nonexperimental Research: Descriptive and Causal-Comparative Designs. In: Gall, M.D., Gall, J.P. and Borg, W.R., Eds., Educational Research: An Introduction, Pearson/Allyn & Bacon, Boston, 298-330.
Faul, F., Erdfelder, E., Lang, A.-G. and Buchner, A. (2007) G* Power 3: A Flexible Statistical Power Analysis Program for the Social, Behavioral, and Biomedical Sciences. Behavior Research Methods, 39, 175-191. https://doi.org/10.3758/BF03193146
Young, D.K., Carpenter, D. and McLeod, A. (2016) Malware Avoidance Motivations and Behaviors: A Technology Threat Avoidance Replication. AIS Transactions on Replication Research, 2, 1-17. https://doi.org/10.17705/1atrr.00015
Fornell, C. and Larcker, D.F. (1981) Evaluating Structural Equation Models with Unobservable Variables and Measurement Error. Journal of Marketing Research, 18, 39-50. https://doi.org/10.1177/002224378101800104
Ifinedo, P. (2012) Understanding Information Systems Security Policy Compliance: An Integration of the Theory of Planned Behavior and the Protection Motivation Theory. Computers & Security, 31, 83-95. https://doi.org/10.1016/j.cose.2011.10.007