In Brief

Abstract

Behavioral determinants of cybersecurity have gained greater attention among information technology experts in recent years. However, drivers of risky cybersecurity behavior have not been widely studied. This exploratory study examines the extent to which risky cybersecurity behavior is predicted by factors of cybersecurity-related avoidance behavior. Self-reported risky cybersecurity behavior was examined in light of technology threat avoidance factors in a sample of 184 working adults in the United States. Risky behaviors were measured using the instrument by Hadlington (2017), previously used by researchers to measure behavioral associations with non-technology threat avoidance-related items. Hierarchical regression noted significant predictive associations between several technology threat avoidance factors and self-reported risky cybersecurity behavior: perceived susceptibility (p = .027), perceived cost (p = .003), and self-efficacy (p = .043). Combined, these variables explained 9.4% of the adjusted variance in levels of risky cybersecurity behavior (p = .001). Effect size calculations revealed predictive impacts in the low-medium range. Age was also confirmed as a confounding covariate (p = .045). The impact findings uniquely distinguish this study from previous works. Findings also infer that training in protective behavior can mitigate a significant portion of risky cybersecurity behavior.