Cognitive Coping and Social Drivers of Internet Threat Avoidance Behaviour in Tanzania Public Sector Employees
DOI:
https://doi.org/10.24191/jcrinn.v11i1.583Keywords:
Internet Threat, Avoidance Behaviour, Cybersecurity Behaviour, Public Sector, Technology Threat Avoidance , TheoryAbstract
This study examines how cognitive, coping, and social-attitudinal factors determine internet threat avoidance behaviour among public sector employees in a rapidly digitalising low-income setting. We draw on Technology Threat Avoidance Theory (TTAT) and the Theory of Planned Behaviour (TPB) to model avoidance intention as a proximal predictor of avoidance behaviour. Cross-section survey data were collected from 558 Tanzania public servants across ministries, departments, and agencies and analysed using Partial Least Square – Structural Equation Modelling. The measurement model attained conventional reliability and validity limits, and the structural model explained 60.8% of the variance in avoidance intention and 33.4% in avoidance behaviour. Avoidance intention exhibited a large positive effect on avoidance behaviour, while all the antecedents of intentions showed significant but small effects. Our findings position at the centre empowerment, low-friction and socially embedded interventions for enhancing public sector cybersecurity in Tanzania and similar settings.
Downloads
References
Ajzen, I. (2020). The theory of planned behavior: Frequently asked questions. Human Behavior and Emerging Technologies, 2(4), 314–324. https://doi.org/10.1002/hbe2.195
Alanazi, M., Freeman, M., & Tootell, H. (2022). Exploring the factors that influence the cybersecurity behaviors of young adults. Computers in Human Behavior, 136, 107376. https://doi.org/10.1016/j.chb.2022.107376
AlGhanboosi, B., Ali, S., & Tarhini, A. (2023). Examining the effect of regulatory factors on avoiding online blackmail threats on social media: A structural equation modeling approach. Computers in Human Behavior, 144, 107702. https://doi.org/10.1016/j.chb.2023.107702
Alghazo, S. H. A., Humaidi, N., & Abdullah, N. B. (2025). Utilising manager’s competency, employee’s awareness and motivation for promoting cybersecurity protective behaviour. Electronic Journal of Knowledge Management, 23(2), 14–40. https://doi.org/10.34190/ejkm.23.2.3895
Ali, R. F., Dominic, P. D. D., Ali, S. E. A., Rehman, M., & Sohail, A. (2021). Information security behavior and information security policy compliance: A systematic literature review for identifying the transformation process from noncompliance to compliance. Applied Sciences, 11(8), 3383. https://doi.org/10.3390/app11083383
AlKalbani, A., Deng, H., Kam, B., & Zhang, X. (2017). Information security compliance in organizations: an institutional perspective. Data and Information Management, 1(2), 104–114. https://doi.org/10.1515/dim-2017-0006
Almansoori, A., Al-Emran, M., & Shaalan, K. (2023). Exploring the frontiers of cybersecurity behavior: A systematic review of studies and theories. Applied Sciences, 13(9), 5700. https://doi.org/10.3390/app13095700
Alqahtani, H. (2022). The impact of technology threat avoidance theory constructs on cybersecurity avoidance behaviour. In 13th International Conference on Applied Human Factors and Ergonomics (AHFE 2022) (pp. 161–175). https://doi.org/10.54941/ahfe1002693
Alshammari, M. M., & Al-Mamary, Y. H. (2025). Bridging policy and practice: Integrated model for investigating behavioral influences on information security policy compliance. Systems, 13(8), 630. https://doi.org/10.3390/systems13080630
Al-Shanfari, I., Yassin, W., Tabook, N., Ismail, R., & Ismail, A. (2022). Determinants of information security awareness and behaviour strategies in public sector organizations among employees. International Journal of Advanced Computer Science and Applications, 13(8), 479–490. https://doi.org/10.14569/IJACSA.2022.0130855
Alsharida, R. A., Al-rimy, B. A. S., Al-Emran, M., & Zainal, A. (2023). A systematic review of multi perspectives on human cybersecurity behavior. Technology in Society, 73, 102258. https://doi.org/10.1016/j.techsoc.2023.102258
Balagopal, N., & Saji K., M. (2023, October 12). Information security policy violations in the work-from-home era. WISP 2023 Proceedings. Pre-ICIS Workshop on Information Security and Privacy (SIGSEC). https://aisel.aisnet.org/wisp2023/15
Baltuttis, D., Teubner, T., & Adam, M. T. P. (2024). A typology of cybersecurity behavior among knowledge workers. Computers & Security, 140, 103741. https://doi.org/10.1016/j.cose.2024.103741
Beaudry, A., & Pinsonneault, A. (2001). IT-induced adaptation and individual performance: A coping acts model. ICIS 2001 Proceedings, 58. https://core.ac.uk/download/pdf/301354339.pdf
Carpenter, D., Young, D. K., Barrett, P., & McLeod, A. J. (2019). Refining technology threat avoidance theory. Communications of the Association for Information Systems, 380–407. https://doi.org/10.17705/1CAIS.04422
Delso-Vicente, A.-T., Diaz-Marcos, L., Aguado-Tevar, O., & De Blanes-Sebastián, M. G. (2025). Factors influencing employee compliance with information security policies: A systematic literature review of behavioral and technological aspects in cybersecurity. Future Business Journal, 11(1), 28. https://doi.org/10.1186/s43093-025-00452-7
Economic Commission for Africa. (2025, August). Tanzania’s path toward a national data governance framework | United Nations
Economic Commission for Africa [Information]. Tanzania’s Path toward a National Data Governance Framework. https://www.uneca.org/stories/tanzania%E2%80%99s-path-toward-a-national-data-governance-framework
FBI National Press Office. (2025, April). FBI Releases Annual Internet Crime Report [Press Release]. Federal Bureau of Investigation. https://www.fbi.gov/news/press-releases/fbi-releases-annual-internet-crime-report
Fornell, C., & Larcker, D. F. (1981). Evaluating structural equation models with unobservable variables and measurement error. Journal Of Marketing Research, 18(1), 39–50. https://doi.org/10.1177/002224378101800104
Gerdenitsch, C., Wurhofer, D., & Tscheligi, M. (2023). Working conditions and cybersecurity: Time pressure, autonomy and threat appraisal shaping employees’ security behavior. Cyberpsychology: Journal of Psychosocial Research on Cyberspace, 17(4). https://doi.org/10.5817/CP2023-4-7
Haag, S., Siponen, M., & Liu, F. (2021). Protection motivation theory in information systems security research: A review of the past and a road map for the future. ACM SIGMIS Database: The DATABASE for Advances in Information Systems, 52(2), 25–67. https://doi.org/10.1145/3462766.3462770
Hair, J., & Alamer, A. (2022). Partial Least Squares Structural Equation Modeling (PLS-SEM) in second language and education research: Guidelines using an applied example. Research Methods in Applied Linguistics, 1(3), 100027. https://doi.org/10.1016/j.rmal.2022.100027
Hair, J. F., Hult, G. T. M., Ringle, C. M., & Sarstedt, M. (2017). A primer on partial least squares structural equation modeling (PLS-SEM) (Second edition). SAGE.
Hair, J. F., Hult, G. T. M., Ringle, C. M., & Sarstedt, M. (2022). Hair A primer on partial least squares structural equation modeling pls-sem (3rd ed.). SAGE.
Hair, J. F., Risher, J. J., Sarstedt, M., & Ringle, C. M. (2019). When to use and how to report the results of PLS-SEM. European Business Review, 31(1), 2–24. https://doi.org/10.1108/EBR-11-2018-0203
Han, M., Zhao, H., Ma, X., & Shi, R. (2025). Influencing factors of information security behavior among college students based on protection motivation theory: Evidence from China. Frontiers in Public Health, 13, 1677024. https://doi.org/10.3389/fpubh.2025.1677024
Henseler, J., Hubona, G., & Ray, P. A. (2016). Using PLS path modeling in new technology research: Updated guidelines. Industrial Management & Data Systems, 116(1), 2–20. https://doi.org/10.1108/IMDS-09-2015-0382
Hong, Y., & Furnell, S. (2021). Understanding cybersecurity behavioral habits: Insights from situational support. Journal of Information Security and Applications, 57, 102710. https://doi.org/10.1016/j.jisa.2020.102710
Hong, Y., Kim, M.-J., & Roh, T. (2023). Mitigating the impact of work overload on cybersecurity behavior: The moderating influence of corporate ethics—A Mediated moderation analysis. Sustainability, 15(19), 14327. https://doi.org/10.3390/su151914327
Hossain, S. T., Yigitcanlar, T., Nguyen, K., & Xu, Y. (2024). Local government cybersecurity landscape: A systematic review and conceptual framework. Applied Sciences, 14(13), 5501. https://doi.org/10.3390/app14135501
Ilany-Tzur, N., & Fink, L. (2025). Device and risk-avoidance behavior in the context of cybersecurity phishing attacks. International Journal of Information Management, 84, 102919. https://doi.org/10.1016/j.ijinfomgt.2025.102919
Jenkins, J., Durcikova, A., & Nunamaker, J. (2021). Mitigating the security intention-behavior gap: The moderating role of required effort on the intention-behavior relationship. Journal of the Association for Information Systems, 22(1), 246–272. https://doi.org/10.17705/1jais.00660
Jibril, A. B., Kwarteng, M. A., Botchway, R. K., Bode, J., & Chovancova, M. (2020). The impact of online identity theft on customers’ willingness to engage in e-banking transaction in Ghana: A technology threat avoidance theory. Cogent Business & Management, 7(1), 1832825. https://doi.org/10.1080/23311975.2020.1832825
Khadka, K., & Ullah, A. B. (2025). Human factors in cybersecurity: An interdisciplinary review and framework proposal. International Journal of Information Security, 24(3), 119. https://doi.org/10.1007/s10207-025-01032-0
Kiran, U., Khan, N. F., Murtaza, H., Farooq, A., & Pirkkalainen, H. (2025). Explanatory and predictive modeling of cybersecurity behaviors using protection motivation theory. Computers & Security, 149, 104204. https://doi.org/10.1016/j.cose.2024.104204
Kuppusamy, P., Samy, G. N., Maarop, N., Shanmugam, B., & Perumal, S. (2022). Information security policy compliance behavior models, theories, and influencing factors: A systematic literature review. Journal of Theoretical and Applied Information Technology, 100(5), 1536–1557.
Li, L., Xu, L., & He, W. (2022). The effects of antecedents and mediating factors on cybersecurity protection behavior. Computers in Human Behavior Reports, 5, 100165. https://doi.org/10.1016/j.chbr.2021.100165
Liang & Xue. (2009). Avoidance of information technology threats: A theoretical perspective. MIS Quarterly, 33(1), 71. https://doi.org/10.2307/20650279
Mayer, P., Zou, Y., Lowens, B. M., Dyer, H. A., Le, K., Schaub, F., & Aviv, A. J. (2023). Awareness, Intention, (In)Action: Individuals’ Reactions to Data Breaches. ACM Transactions on Computer-Human Interaction, 30(5), 1–53. https://doi.org/10.1145/3589958
Mtakati, B., & Sengati, F. (2021). Cybersecurity posture of higher learning institutions in Tanzania. The Journal of Informatics, 1(1). https://doi.org/10.59645/tji.v1i1.1
Mustapha, A., Mgawe, B. S., Mvulla, J., & Sam, A. (2025). Mitigating cybersecurity risks in e-waste: A study on secure disposal practices in Tanzania’s public institutions. Journal of Information Systems and Informatics, 7(2), 1354–1375. https://doi.org/10.51519/journalisi.v7i2.1100
Ogbeibu, S., Jabbour, C. J. C., Gaskin, J., Senadjki, A., & Hughes, M. (2021). Leveraging STARA competencies and green creativity to boost green organisational innovative evidence: A praxis for sustainable development. Business Strategy and the Environment, 30(5), 2421–2440. https://doi.org/10.1002/bse.2754
Parikh, V., & Nimbekar, M. (2023). Socializing the impact: An analysis of the theory of planned behavior’s influence on increasing university students’ cybersecurity awareness. Journal of Community Development, 4(2), 139–156. https://doi.org/10.47134/comdev.v4i2.162
Patronidou, A. (2022). Nudging Secure Digital Behavior [Thesis]. Erasmus University Rotterdam.
Polit, D. F., Beck, C. T., & Owen, S. V. (2007). Is the CVI an acceptable indicator of content validity? Appraisal and recommendations. Research in Nursing & Health, 30(4), 459–467. https://doi.org/10.1002/nur.20199
President’s Office, Public Service Management and Good Governance. (2022). Tanzania e-Government Strategy 2022. President’s Office, Public Service Management and Good Governance. https://www.utumishi.go.tz/uploads/documents/sw-1688121445-Tanzania%20e-Government%20Strategy%202022.pdf?
Rae, C. (2024, September). Time to take action: Insights from the verizon data breach investigations report 2024 [Blog]. Isms.Online. https://www.isms.online/information-security/time-to-take-action-insights-from-the-verizon-data-breach-investigations-report-2024/
Reeves, A., Calic, D., & Delfabbro, P. (2020). Sleeping with the enemy: Does depletion cause fatigue with cybersecurity? In A. Moallem (Ed.), HCI for Cybersecurity, Privacy and Trust (vol. 12210, pp. 217–231). Springer International Publishing. https://doi.org/10.1007/978-3-030-50309-3_15
Sarstedt, M., Hair, J. F., Ringle, C. M., Thiele, K. O., & Gudergan, S. P. (2016). Estimation issues with PLS and CBSEM: Where the bias lies! Journal of Business Research, 69(10), 3998–4010. https://doi.org/10.1016/j.jbusres.2016.06.007
Satter, R. (2025, April 23). FBI says cybercrime costs rose to at least $16 billion in 2024. Reuters. https://www.reuters.com/world/us/fbi-says-cybercrime-costs-rose-least-16-billion-2024-2025-04-23/
Session, W., & Muller, S. R. (2022). Technology Threat Avoidance Factors Affecting Cybersecurity Professionals’ Willingness to Share Information. 209–213. https://doi.org/10.15439/2022M4720
Streukens, S., & Leroi-Werelds, S. (2016). Bootstrapping and PLS-SEM: A step-by-step guide to get more out of your bootstrap results. European Management Journal, 34(6), 618–632. https://doi.org/10.1016/j.emj.2016.06.003
Sulaiman, N. S., Fauzi, M. A., Hussain, S., & Wider, W. (2022). Cybersecurity behavior among government employees: The role of protection motivation theory and responsibility in mitigating cyberattacks. Information, 13(9), 413. https://doi.org/10.3390/info13090413
Sun, Q., Willemsen, M. C., & Knijnenburg, B. P. (2020). Unpacking the intention-behavior gap in privacy decision making for the Internet of Things (IoT) using aspect listing. Computers & Security, 97, 101924. https://doi.org/10.1016/j.cose.2020.101924
Tsai, H. S., Jiang, M., Alhabash, S., LaRose, R., Rifon, N. J., & Cotten, S. R. (2016). Understanding online safety behaviors: A protection motivation theory perspective. Computers & Security, 59, 138–150. https://doi.org/10.1016/j.cose.2016.02.009
Uddin, S., & Lu, H. (2024). Dataset meta-level and statistical features affect machine learning performance. Scientific Reports, 14(1), 1670. https://doi.org/10.1038/s41598-024-51825-x
United Republic of Tanzania. (2024). E-Government technology roadmap 2024 (Policy No. eGA/EXT/IRA/007; p. 37). e-Government Authority. https://www.ega.go.tz/uploads/standarddocuments/sw-1710314957-SIGNED%20e-Government%20Technology%20Roadmap%202024%20(1).pdf
Venkatesh, Morris, Davis, & Davis. (2003). User acceptance of information technology: Toward a unified view. MIS Quarterly, 27(3), 425. https://doi.org/10.2307/30036540
Wang, X., Li, Y., Khasraghi, H. J., & Trumbach, C. (2023). The mediating role of security anxiety in internet threat avoidance behavior. Computers & Security, 134, 103429. https://doi.org/10.1016/j.cose.2023.103429
Xin, T., Siponen, M., & Chen, S. (2022). Understanding the inward emotion-focused coping strategies of individual users in response to mobile malware threats. Behaviour & Information Technology, 41(13), 2835–2859. https://doi.org/10.1080/0144929X.2021.1954242
Yamane, T. (1967). Statistics: An Introductory Analysis.pdf (2nd ed.). Harper & Row and John Weatherhill Inc.
Yousuf, H., Al-Emran, M., & Shaalan, K. (2023). Evaluating individuals’ cybersecurity behavior in mobile payment contactless technologies: Extending TPB with cybersecurity awareness. In A. Moallem (Ed.), HCI for Cybersecurity, Privacy and Trust (Vol. 14045, pp. 542–554). Springer Nature Switzerland. https://doi.org/10.1007/978-3-031-35822-7_35
Downloads
Published
How to Cite
Issue
Section
License
Copyright (c) 2026 Frank Sengati, Abdulkarim M. Jamal Kanaan, Ramesh Kumar Ayyasamy, Abdelhak Senadjki (Author)
This work is licensed under a Creative Commons Attribution 4.0 International License.
