Why People Do Nothing Under It Threat?

The development of information technology and network has brought a great opportunity and value for the society.People need to face kinds of information security threats when they enjoy the convenience and benefit of internet.In view of the serious consequences of information security threats,a reasonable assumption is that users should take effective measures to eliminate information security threats.However,it is surprising that many users are indifferent when they come across information security threats.What's more,users do not take measures actively.This “inaction” phenomenon can have a great influence on information security practice.Nowadays,people strengthen information security through training and education,but these methods work out under the premise that users are engaged in taking measures to eliminate threats actively.Therefore,studying why uses do nothing when they under information threats have a strong theoretical and practical value.In order to study why users are indifferent when they face the information security threats,this paper review the articles which are related to information security behaviors of users.And most scholars focus on problem focused coping behavior,and few do a systematic research about emotion focused coping behavior.Therefore,this paper integrate TTAT into the research model,study the Problem-Focused Coping and Emotion-Focused Coping in the the perspective of individuals.This paper construct a research model which shows that information security risk(confidentiality risk,integrity risk and availability risk)influence users' coping behavior(Problem-Focused Coping andEmotion-Focused Coping)through perceived threat(perceived susceptibility,perceived severity and perceived avoidability).This paper empirically test the theoretical model with the data surveyed of 489 employees in the context of cloud computing.Our results indicate that,users tend to adopt Problem-Focused Coping(PFC),not only Emotion-Focused Coping(EFC)when they are under IT threat.We also find that users adopt different security behaviors when they perceive avoidability.When perceived avoidability is in high degree,the higher perceived susceptibility and perceived severity are,users are more likely to adopt EFC.When perceived avoidability is in low degree,the higher perceived susceptibility and perceived severity are,users are more likely to adopt both EFC and PF...