Cybersecurity: What Matters to Consumers – An Exploratory Study

Introduction

U.S. online sales is expected to grow from $263 billion in 2013 to $414 billion in 2018, a compound annual growth rate of 9.5% (Enright, 2014). Although e-commerce has become popular, Internet privacy violations and cyber attacks to the e-commerce systems are also on the rise. Cyber-attacks have impaired or even shut down the e-commerce activities completely by damages such as website defacement, denial of service, price manipulation, financial fraud, or data breach (Hovanesian, 2008). Global State of Information Security (2015) a survey conducted by PricewaterhouseCoopers has indicated that the total number of security incidents has increased 48% over 2013. In fact industry estimates of losses from intellectual property to data theft in 2013, range as high as $1 trillion (Ackerman, 2013). Furthermore, a study by Ponemon Institute indicated that the average cost of cybercrime for U.S. retail stores more than doubled from 2013 to an annual average of $8.6 million per company in 2014 (Ponemon Institute, 2014). Thus it can be stated with a high degree of conviction that cybersecurity is detrimental both to the business as well as the consumer and needs to be investigated.

The Internet is complex in nature. The governments and businesses worldwide have been tasked with providing secure e-commerce trade practices, and laws to enforce those practices. In the early 2000’s, the United States established CERT (Computer Emergency Readiness Team), which is the operational arm of the National Cyber Security Division at the Department of Homeland Security (DHS); the mission being “to improve the nation's cyber security posture, coordinate cyber information sharing, and proactively manage cyber risks to the nation while protecting the constitutional rights of Americans” (US-CERT, 2012). Currently, DHS works directly with public and private partners to enhance cybersecurity (Combat Cyber Crime, 2014). On top of this measure of security, there are countless individual software programs that companies and individuals alike use to combat cybercrime (e.g., Norton, MacAfee and other anti-spam, anti-spy and firewall software). Although these programs are utilized to secure all major online websites, more than half of consumers are either unsure or not confident at all in the security of their personal information when shopping both in-store and online which is ultimately hindering the development of e-commerce to its full potential.

Given the importance of impact on cybersecurity, there is a distinct lack of research which examines this important phenomenon from the consumers’ perspective. There have been studies that have examined privacy online in various contexts including value, perceived risk, trust, and service quality (Wolfinbarger & Gilly, 2003); however, none of the studies have investigated cybersecurity. In most of the studies, privacy and security concerns are treated as a single construct with security examined as one of the dimensions of the overarching privacy concerns (Xu & Teo 2004). Some of the researchers have conceptualized that privacy is dependent upon information security (Chellappa, & Pavlou, 2002). On the other hand, according to Belanger, Hiller, & Smith (2002), privacy and security concerns should be conceptualized as distinct, and there is a lack of understanding of their relations (see also Chang, Cheung, & Lai, 2005; Vijayasarathy 2004).