Merrill Warkentin

Merrill Warkentin
Mississippi State University | MSU · Department of Management and Information Systems

PhD

About

227
Publications
183,922
Reads
How we measure 'reads'
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
9,499
Citations
Additional affiliations
August 2002 - August 2017
Mississippi State University
Position
  • Professor
August 2001 - present
Mississippi State University
Position
  • Professor of MIS and Drew Allen Endowed Fellow
Description
  • I am also a member of the MSU Center for Computer Security Research and the Distributed Analytics and Security Institute (DASI)
August 2001 - April 2019
Mississippi State University
Position
  • Professor

Publications

Publications (227)
Article
A consumer electronics recommerce platform (CERP) is a customer-to-business online marketplace for trading in and recycling used electronic products. Its success depends on the usage of many customers. Employing a sequential mixed-methods approach, this paper aims to identify and examine the factors influencing CERP usage. Proposing and validating...
Article
Recently, data breaches, especially insider data breaches, have become increasingly common. However, there is a limited amount of research on the factors associated with the decrease in users' trust in response to these events. In this study, social role theory and socioemotional selectivity theory are applied to understand the role of age (younger...
Article
As an important construct in IS area, self-efficacy of individuals to engage in information security behaviors has been previously studied. We replicated one such study, which tested the influence of self-efficacy in information security (SEIS) on end user’s information security behavior. In our work, four out of six hypotheses were supported. By u...
Article
Social media services become a hotbed for rumors and lies during health crises such as the COVID-19 pandemic. While previous literature studies the negative role that social media users play in spreading rumors during crises, this study explores how users can be motivated to combat COVID-19 rumors. We build a research model that is based on the Awa...
Cover Page
Full-text available
For more detailed information, please visit the SI website at: https://www.journals.elsevier.com/journal-of-information-security-and-applications/call-for-papers/special-issue-on-insider-threats-in-cyber-security
Conference Paper
Full-text available
More than half of information systems security policy violations are initiated by insiders' non-malicious activities. We investigate non-malicious activities of insiders through the lens of workaround theory and argue that the application of techniques of neutralization impact the application of workarounds. We identify the elements of workarounds...
Article
Current information security behavior research assumes that lone individuals make a rational, informed decision about security technologies based on careful consideration of personally available information. We challenge this assumption by examining how the herd behavior influences users’ security decisions when coping with security threats. The re...
Chapter
The ongoing demand for new and faster technologies continues to leave consumers and business users to face the constant challenge of updating systems and software. This unrelenting pace of technological evolution has not always been matched with a commensurate focus on security and privacy matters. In particular, the obligatory move to embrace clou...
Article
Full-text available
Purpose A growing number of studies have investigated the effect of ethical leadership on behavioral outcome of employees. However, considering the important role of ethics in IS security, the security literature lacks a theoretical and empirical investigation of the relationship between ethical leadership and employees' security behavior, such as...
Article
Recent research in leading business journals has varied widely in how statistical outliers are identified and handled; many techniques were reported. But most articles with empirical data have not mentioned outliers; many others simply referred to their removal without details. This wide variety of methods and frequent non-disclosure of methods can...
Article
Digital/virtual gift purchasing and giving (gifting thereafter) is a business model that has emerged in the context of the social live streaming service (SLSS). In this study, we argue that both SLSS and its gifting model are largely established upon the application of game and game-like design elements and principles in the non-game environment –...
Article
The relationship between abusive supervision and employee workplace deviance has received much attention. Conceptualizing information systems (IS) misuse as a form of workplace deviance, the literature on IS security lacks a theoretical and empirical investigation of the relationship between abusive supervision and employee IS misuse. Drawing on re...
Article
Purpose The WeChat mini-program is a new channel for the delivery of online and mobile services, including electronic government services. Given the distinguishing characteristics and new business model of WeChat mini-programs, additional studies of mini-program-based government services are warranted. The purpose of this paper is to identify the f...
Article
This study examined the effects of financial incentives on security policy compliance. Participants were recruited for a computerized in-basket job simulation and randomly assigned to one of three groups: (1) control group with no financial incentives for compliance; (2) positive frame (gain) group where participants could gain up to $5 for complia...
Article
Cybercriminals are taking advantage of the COVID-19 outbreak and offering COVID-19-related scams to unsuspecting people. Currently, there is a lack of studies that focus on protecting people from COVID-19-related cybercrimes. Drawing upon Cultivation Theory and Protection Motivation Theory, we develop a research model to examine the cultivation eff...
Article
Full-text available
Purpose The Journal of Intellectual Capital (JIC) is one of the leading academic journals in the field of business and management, with an impact factor of 3.744, according to Journal Citation Reports from Clarivate Analytics, 2019. This study reports the results of a content analysis of the JIC articles that have been published since the journal w...
Article
With the changing way people live, communicate, and work, enterprises are striving to shift their existing business model into a “self‐tuning” one. Enterprises are becoming more agile, adaptive, and ambidextrous in order to boost innovation in the current digital transformation era. Nowadays, ‘digital innovation’ is closely associated with Industry...
Article
Full-text available
Extant research has shown that neutralization processes can enable potential IS security policy violators to justify their behavior and overcome the deterrence effect of sanctions in order to engage in unethical behaviors. However, such sanctions are typically moderate and not career ending. We test the boundary conditions of this theory by evaluat...
Article
Determining how to design persuasive information security messages to increase employees’ engagement in protection-motivated behaviors is an important organizational objective. Information security messages that are argument-based have been shown to effectively elicit employees’ protection-motivated behaviors. The mechanism by which cue-based infor...
Article
Full-text available
Governments can intervene to a greater or lesser extent in managing the risks that citizens face. They can adopt a maximal intervention approach (e.g., COVID‐19) or a hands‐off approach (e.g., unemployment), effectively “responsibilizing” their citizens. To manage the cyber risk, governments publish cyber‐related policies. This article examines the...
Article
Information systems security is a major organizational concern. This study examines the role of vicarious experience on an individual's behavioral intent to perform a secure recommended response. The protection motivation theory model is expanded to include vicarious experience, which was examined through the separate constructs of vicarious threat...
Article
This conceptual paper explores the impact of blockchain technology on public sector processes through the lens of information security. It includes an overview of the evolution of e-government, a synopsis of existing applications of blockchain technology, and innovative blockchain developments. We utilize the Confidentiality-Integrity-Accessibility...
Article
Cross-cultural studies in Information Systems (IS) have experienced an overreliance on Hofstede’s theory, which has impeded researchers from exploring alternative theoretical lenses. We examine the moderating effects of Schwartz’s Polar Dimensions on users’ perception of Social Network Service, highlighting cultural issues associated with IS privac...
Article
Cross-cultural studies in Information Systems (IS) have experienced an overreliance on Hofstede’s theory, which has impeded researchers from exploring alternative theoretical lenses. We examine the moderating effects of Schwartz’s Polar Dimensions on users’ perception of Social Network Service, highlighting cultural issues associated with IS privac...
Article
Full-text available
The introduction of innovative technologies by employees into their workplace has been a long-standing practice. This informal introduction of technology within an organization without the organizational support or sanction is defined as "grassroots diffusion." While a plethora of research studies have focused on factors contributing to individuals...
Article
There is increasing scholarly interest in how social media impacts our society. This paper examines the effect of social media usage in reducing corruption at the country level. By analyzing a five-year (2011–2015) panel dataset of 62 countries, our results suggest that the level of social media usage of a country affects the level of perceived con...
Article
The endowment effect is the term used to describe a phenomenon that manifests as a reluctance to relinquish owned artifacts, even when a viable or better substitute is offered.It has been confirmed by multiple studies when it comes to ownership of physical artifacts. If computer users also “own” and are attached to, their personal security routines...
Article
Full-text available
Fear appeals are increasingly used to motivate users to engage in behaviors that protect information security. Though academic interest in the topic has been burgeoning, prior research has mainly focused on providing process evidence on how low and high threat security messages influence protective behaviors. According to protection motivation theo...
Article
Persuasion is key to encourage compliance with information security policies through fear appeals, though research has not examined how the perceived quality of their arguments affects threat and coping appraisals. Because we know that perceived argument quality can influence attitudes and behavior, it may improve fear appeal effectiveness. The res...
Article
Saving energy in workplaces provides a valuable opportunity to lessen energy consumption and greenhouse gas emissions. This article draws on stimulus-organism-response theory (SOR) to explore the impact of circumstance stimulus and internal psychological states on employee’s energy saving intention. Partial Least Square (PLS) was employed to examin...
Article
Full-text available
Insider threats remain one of the biggest concerns for organizations. Applying persuasive messages to motivate employees to engage in compliance behaviors is a common approach. A fear appeal is a persuasive message that arouses an individual’s fear of a potential threat in order to produce a recommended behavior. However, the effectiveness of fear-...
Article
Cyber criminals appear to be plying their trade without much hindrance. Home computer users are particularly vulnerable to attack by an increasingly sophisticated and globally-dispersed hacker group. The smartphone era has exacerbated the situation, offering hackers even more attack surfaces to exploit. It might not be entirely coincidental that cy...
Article
With recent incidents of temporary employees such as seasonal employees, contractors, and subcontractors engaging in information security violations, once again the focus lies on motivating the people within the “organization's wall” to comply with information security. This research paper studies the impact of employment status on organizational c...
Article
Full-text available
Organizations use security education, training, and awareness (SETA) programs to counter internal security threats and promote compliance with information security policies. Yet, employees often use neutralization techniques to rationalize noncompliant behavior. We investigated three theory-based communication approaches that can be incorporated in...
Article
Employee disinterest in information security remains one of the greatest impediments to effective information security management programs. How can organizations enhance the persuasiveness of the information security messages used to warn employees of threats and encourage employees to take specific actions to improve their security? We use fear ap...
Article
Full-text available
Increased deregulation and globalization have encouraged organizations to expand the cultural diversity of their employees. Integrating each employee into an organization's culture, including practices regarding the protection of information, is critical. Because active employee participation is important for security, managers may need to evaluate...
Article
Full-text available
This study explores the influence of three factors on a person’s decision to drive in winter weather: destination, affected area, and caution level. Participants (n = 555) completed an online survey that included scenarios with text of a simulated radio message involving a character named Mike. After the scenario, participants answered Likert-scale...
Article
Research has investigated the role of numerous influences on individual information security behaviors, including protection motivation, deterrence, and various dispositional and environmental factors. Various theories have been applied to study these influences on security behaviors. One major research stream has looked at threat and coping apprai...
Article
The growth of eGovernment applications has initiated profound re-engineering of numerous citizen-government interactions but has not yet provided significant impacts on internet-based voting (iVoting). This study examines the role of trust and the technology adoption model (TAM) in influencing citizen intentions to adopt iVoting, and whether a soci...
Article
Full-text available
Factorial survey analysis is a statistical technique with a long history of use in decision-oriented organizational and information systems (IS) research. The technique produces a collection of standardized regression coefficients that help one to rank survey factors by importance. However, such rankings may be invalid because a researcher might no...
Article
Developing and advancing theory in the information systems (IS) discipline requires scholars to use and contribute to theory. While few IS scholars create new theories, many borrow and adapt theories from other disciplines to study a variety of phenomena in the realm of IS. Over time, this practice has raised concerns as to the appropriateness and...
Article
An unexplored gap in IT adoption research concerns the positive role of shared benefits even when personal information is exposed. To explore the evaluation paradigm of shared benefits versus the forfeiture of personal information, we analyze how utility consumers use smart metering technology (SMT). In this context, utility companies can monitor e...
Conference Paper
The central premise behind risk homeostasis theory is that humans adapt their behaviors, based on external factors, to align with a personal risk tolerance level. In essence, this means that the safer or more secure they feel, the more likely it is that they will behave in a risky manner. If this effect exists, it serves to restrict the ability of...
Article
Modern organizations face significant information security threats, to which they respond with various managerial techniques. It is widely believed that “one size does not fit all” for achieving employee information security policy compliance; nevertheless, it is yet to be determined which techniques work best to different organizational employees....
Article
Full-text available
Online social networks (OSNs) continue to have a transformative influence on how people socialize, partially because they help facilitate social contact that is crucial to fulfilling an innate need to belong. However, there is increasing evidence that some users suffer from OSN addiction, expressed as OSN obsessive-compulsive disorder (OCD). Using...
Article
Full-text available
One of the problems with insider threat research is the lack of a complete 360° view of an insider threat dataset due to inadequate experimental design. This has prevented us from modeling a computational system to protect against insider threat situations. This paper provides a contemporary methodological approach for using online games to simulat...
Article
The increasing social reliance on computer-mediated communication has resulted in the rise of deceptive communication. Gender is a salient feature of identity that can be easily disguised online, and yet the phenomenon of gender deception has not been fully investigated. This study adopts a multifactorial analysis to examine motivation, self-effica...
Article
People using online social networks (OSNs) exchange information through posts of multimedia content, which may contain others’ information. Our study contributes to the privacy literature by examining individuals’ perceptions of the risk their OSN activity poses to others’ information. We introduce the concept “perceived shared risk,” which include...
Article
Although employee computer abuse is a costly and significant problem for firms, the existing academic literature regarding this issue is limited. To address this gap, we apply a multi-theoretical model to explain employees' intentions to abuse computers. To understand the motives for such behaviour, we investigate the role of two forms of organizat...
Article
Online social networks (OSNs) offer a stream of information that readily provides comparison opportunities, often resulting in feelings of envy. Two factors that drive OSN-situational envy (OSN-SE) are a user’s personality and needs. Leveraging the five-factor model of personality and uses and gratifications theory, we explore how personality trait...
Article
Teachers play a key role in adoption of technologies for classroom use. This study surveyed teachers regarding their intention to use tablet technology to interact with students and other teachers through smart school websites technology. The Unified Theory of Acceptance and Use of Technology (UTAUT) served as the theoretical framework for this stu...
Article
Detecting scareware messages that seek to deceive users with fear-inducing words and images is critical to protect users from sharing their identity information, money, and/or time with bad actors. Through a scenario-based experiment, the present study evaluated factors that aid users in perceiving deceptive communications. An online experiment was...
Article
Previous research has established continuance models that explain and predict an individual's behaviors when engaged with hedonic or functional systems or environments that provide productivity-enhancing outcomes. However, within the context of information security, these models are not applicable and fail to accurately assess the circumstances in...
Article
Gender is a salient feature of identity that is rarely questioned in our physical encounters. We are usually not confused about a person's gender—generally it's male or female. However, as the adoption of computer-mediated communication increases, our social reliance on these technologies has made gender easily disguised online. And yet, the phenom...
Article
Full-text available
The issue of consumer information privacy, arguably the most substantial and persistent problem confronting e-commerce companies in general and online social networking service providers in particular, often results in unsatisfied customers. Researchers have investigated privacy from various perspectives and in a multitude of settings, yet there ha...
Article
Full-text available
Information security management programs have long included “fear appeals”, managerial communiqués designed to promote secure behaviors among organizational insiders. However, recent research has found a conflict between the predictions of contemporary fear appeal theory for how we expect individuals to experience fear appeals and what actually occ...
Article
Insiders represent a major threat to the security of an organization's information resources. Previous research has explored the role of dispositional and situational factors in promoting compliant behavior, but these factors have not been studied together. In this study, we use a scenario-based factorial survey approach to identify key disposition...
Article
Full-text available
Ubiquitous networking facilitates Internet access across multiple network environments, whose value is tied directly to user perceptions of its ability to securely execute transactions. Prior research has cited awareness, trust, and risk as critical determinants of adoption but has failed to examine these factors as they relate to infrastructure an...
Article
Full-text available
As we are continually confronted with increasingly sophisticated electronic messages, distinguishing messages that are valid from irrelevant, malicious, or otherwise undeserving of the recipient’s attention has become an extremely important task. The present study leverages the lens of information manipulation theory to analyze the impact of percei...
Article
Full-text available
The Internet and social computing technology have revolutionized our ability to gather information as well as enabled new modes of communication and forms of self-expression. As the popularity of social computing technologies has increased, our society has begun to witness modifications in socialization behaviors. Social psychology theory suggests...