TY  - JOUR
AB  - Purpose The purpose of this study was to determine how security statement certainty (overconfident, underconfident and realistic) and behavioral intentions of potential consumers impact the perceptions of companies in the presence or absence of a past security breach.Design/methodology/approach The study exposed participants to three types of security statements and randomly assigned them to the presence or absence of a previous breach. Participants then evaluated the company and generated a hypothetical password for that company.Findings This study found that the presence or absence of a previous breach had a large impact on company perceptions, but a minimal impact on behavioral intentions to be personally more secure.Research limitations/implications The authors found that the presence or absence of a previous breach had a large impact on company perceptions, but minimal impact on behavioral intentions to be personally more secure.Practical implications Companies need to be cautious about how much confidence they convey to consumers. Companies should not rely on consumers engaging in secure online practices, even following a breach.Social implications Companies need to communicate personal security behaviors to consumers in a way that still instills confidence in the company but encourages personal responsibility.Originality/value The confidence of company security statements and presence of a previous breach were examined for their impact on company perception and a novel dependent variable of password complexity.
VL  - 33
IS  - 4
SN  - 0268-6902
DO  - 10.1108/MAJ-11-2017-1692
UR  - https://doi.org/10.1108/MAJ-11-2017-1692
AU  - Curtis Shelby R.
AU  - Carre Jessica Rose
AU  - Jones Daniel Nelson
PY  - 2018
Y1  - 2018/01/01
TI  - Consumer security behaviors and trust following a data breach
T2  - Managerial Auditing Journal
PB  - Emerald Publishing Limited
SP  - 425
EP  - 435
Y2  - 2024/04/24
ER  -