The impact of a cause–effect elaboration procedure on information security risk perceptions: a construal fit perspective

Abstract

Abstract Cybersecurity breaches are on the rise. Extant literature in the development of strategies to enhance IT users’ online protective behaviours has neglected users’ cognitive processing of cybersecurity risk information. This study demonstrates a cause–effect elaboration procedure based on the concept of construal fit to influence online users’ cybersecurity risk perceptions. Using online experiments (N = 534), the construal fit between elaboration of causes vs effects of cybersecurity risks and perceived temporal distance (distant vs near) was manipulated. The results revealed that a construal fit between the elaboration of ‘effects’ (vs ‘causes’) and temporally ‘near’ (vs ‘distant’) cybersecurity risks enhanced users’ risk perceptions, which in turn predicted protective behavioural intentions. Ensuring construal fit is a novel, cognition-based approach to safeguard IT users against online threats. Our findings enrich existing staged theories used to investigate cybersecurity risk perceptions and suggest to practitioners that heightened cyber risk perception can effectively be induced by simultaneously enhancing the concreteness of IT users’ construal of cybersecurity incidents and emphasizing on its negative consequences (vs causes).