Security breaches and organization response strategy : Exploring consumers’ threat and coping appraisals

Research output: Journal Publications and Reviews (RGC: 21, 22, 62)21_Publication in refereed journalpeer-review

6 Scopus Citations
View graph of relations


Related Research Unit(s)


Original languageEnglish
Article number102498
Journal / PublicationInternational Journal of Information Management
Online published12 Mar 2022
Publication statusPublished - Aug 2022


We address a long-standing lacuna in the Information Management literature on the relationships among security breaches, organization response strategy as well as consumers’ threat and coping appraisal. Security breaches can involve the leak of sensitive data, and potentially lead to negative consumer reactions. It is, thus, timely and critical to theorize and empirically investigate the ways in which organization can respond effectively to security breaches and how consumers’ threat and coping appraisals vary according to the different response strategies. Our study addresses this lacuna by developing a conceptual model of i) security breach, ii) organization response strategies, and iii) consumer appraisal, grounded on the risk theory and protection motivation theory. We use the principal and agent perspectives to portray the breached organization as the agent providing the coping strategy, and consumers as the principal actors who evaluate the strategy. We incorporated a vignette-based survey to test the model with empirical data. We identify that the variations in the response strategy of organization after a security breach can lead to significantly different consumers’ reactions. We discuss the implications of our findings for theory and practice and delineate an agenda for future research.

Research Area(s)

  • Corporate reputation, Intention to re-transact, Organization response strategy (ORS), Perceived risk, Protection motivation theory (PMT), Security breach

Bibliographic Note

Full text of this publication does not contain sufficient affiliation information. With consent from the author(s) concerned, the Research Unit(s) information for this record is based on the existing academic department affiliation of the author(s).

Citation Format(s)