This study presents an empirical investigation of factors affecting SMB CEOs decision to improve or not their company's information security (ISS). We developed a research model by adopting the protection motivation theory (PMT) to investigate the effect of threat and coping appraisal on protective actions. We conducted a questionnaire-based survey with SMB CEOs. Prior studies using PMT have never been focused on SMB CEOs behavior, and we postulate that in SMBs where there is no CIO or even IT people, CEO's actions are of utmost importance for achieving a satisfying ISS.
- Information security
- Protection motivation theory