An exploration of risk characteristics of information security threats and related public information search behavior

Abstract

Information security (IS) threats are increasingly pervasive, and search engines are being used by the public as the primary tool for searching for relevant information. This research investigates the following two questions: (1) How can different IS threats be characterized and distinguished in terms of their risk characteristics? and (2) how are risk characteristics related to public searches for information on IS threats? Applying psychometric analysis, our analyses of survey data first show that unknown risk and dread risk are two underlying dimensions that can characterize different IS threats. Drawing broadly on the literature of information foraging theory, we examine the influence of risk characteristics on public searches for information on these threats. We utilize a search engine log to extract searches related to IS threats. We develop and estimate a system of equations with correlated individual-specific error terms using the Markov Chain Monte Carlo method. We find that the two risk characteristics exert differential impacts on information search behavior (including types of information sought, number of pages viewed, and length of query). The implications for IS research and practice are discussed.