Journal Publications

2024

• Cram, A., D’Arcy, J. and Benlian, A. (Conditionally Accepted). “The Only Thing We Have to Fear Is Fear Itself: The Influence of Instability in the Cybersecurity Fear Control Process,” MIS Quarterly.
• Cram, A., D’Arcy, J. and Benlian, A. (2024). “Time Will Tell: A Case for an Idiographic Approach to Behavioral Cybersecurity Research,” MIS Quarterly, 48(1), 95-136.
• Herath, T., D’Arcy, J., Herath, H. and Yuan, S. (2024) “Role of Need to Belong, Social Influences, and Perceived Risks in Social Networking Behaviors,” International Journal of Digital Society, 15(1), 1916-1924.

2023

• Cram, A. and D’Arcy, J. (2023). “What a Waste of Time: An Examination of Cybersecurity Legitimacy,” Information Systems Journal, 33(6), 1396-1422.
• Singh, T., Johnston, A.C., D’Arcy, J. and Harms, P.D. (2023). “Stress in the Cybersecurity Profession: An Systematic Review of Related Literature and Opportunities for Future Research,” Organizational Cybersecurity Journal: Practice, Process, and People, 3(2), 100-126.

2022

• D’Arcy, J. and Basoglu, A. (2022). “The Influences of Public and Institutional Pressure on Firms’ Cybersecurity Disclosures,” Journal of the Association for Information Systems, 23(3), 779-805.
• Wall, J.D., Palvia, P. and D’Arcy, J. (2022). “Theorizing the Behavioral Effects of Control Complementarity in Security Control Platforms,” Information Systems Frontiers, 24(2), 637-658.

2021

• Cianci, A.M., Convery, A.M., D’Arcy, J. and Tsakumis, G.T. (2021). “I Expected More From You: Navigating Client Trust Violations,” California Management Review Insights, December 13.
• Cram, A., Proudfoot, J. and D’Arcy, J. (2021). “When Enough is Enough: Investigating the Antecedents and Consequences of Information Security Fatigue,” Information Systems Journal, 31(4), 521-549.
• Blackwood-Brown, C., Levy, Y. and D’Arcy, J. (2021). “Cybersecurity Awareness and Skills of Senior Citizens: A Motivation Perspective,” Journal of Computer Information Systems, 61(3), 195-206.

2020

• D’Arcy, J., Adjerid, I., Angst, C. and Glavas, A. (2020). “Too Good to Be True: Firm Social Reputation and the Risk of Data Breach,” Information Systems Research, 31(4), 1200-1223.
• Cram, A., Proudfoot, J. and D’Arcy, J. (2020). “Maximizing Employee Compliance with Cybersecurity Policies,” MIS Quarterly Executive, 19(3), 183-198.
• Herath, T., Herath, H. and D’Arcy, J. (2020). “Diffusion of Information Security Solutions in Organizations: An Integrative Lens Based on Information Diffusion and Technology-Organization-Environment Framework,” The DATABASE for Advances in Information Systems, 51(2), 12-35.

2019

• Cram, A., D’Arcy, J. and Proudfoot, J. (2019). “Seeing the Forest and the Trees: A Meta-Analysis of the Antecedents of Information Security Policy Compliance,” MIS Quarterly, 43(2), 525-554.
• D’Arcy, J. and Lowry, P.B. (2019). “Cognitive-Affective Drivers of Employees’ Daily Compliance with Information Security Policies: A Multilevel, Longitudinal Study,” Information Systems Journal, 29(1), 43-69.
• D’Arcy, J. and Teh, P.-L. (2019). “Predicting Employee Information Security Policy Compliance on a Daily Basis: The Interplay of Security-Related Stress, Emotions, and Neutralization,” Information & Management, 56(7), 103151.
• Turel, O., Matt, C., Trenz, M, Cheung, C.M.K., D’Arcy, J., Qahri-Saremi, H. and Tarafdar, M. (2019). “Panel Report: The Dark Side of the Digitization of the Individual,” Internet Research, 29(2), 274-288.

2018

• Herath, T., Yim, M.-S., D’Arcy, J., Kichan, N. and Raghav, H.R. (2018). “Examining Employees Security Violations: Moral Disengagement and Its Environmental Influences,” Information Technology & People, 31(6), 1135-1162.
• D’Arcy, J., Herath, T., Yim, M.-S., Kichan, N. and Raghav, H.R. (2018). “Employee Moral Disengagement in Response to Stressful Information Security Requirements: A Methodological Replication of a Coping-Based Model,” AIS Transactions on Replication Research, 4(8), 1-17.

2017

• Angst, C., Block, E., D’Arcy, J. and Kelley, K. (2017). “When Do IT Security Investments Matter? Accounting for the Influence of Institutional Factors in the Context of Healthcare Data Breaches,” MIS Quarterly, 41(3), 893-916.
• Cram, A., Proudfoot, J. and D’Arcy, J. (2017). “Organizational Information Security Policies: A Review and Research Framework,” European Journal of Information Systems, 26(6), 605-641.

2016

• Lowry, P.B., D’Arcy, J., Hammer, B. and Moody, G. (2016). “Cargo Cult Science in Traditional Organization and Information Systems Survey Research: A Case for Nontraditional Methods of Data Collection, Including Mechanical Turk and Online Panels,” Journal of Strategic Information Systems, 25(3), 232-240.
• Cram, A. and D’Arcy, J. (2016). “Teaching Information Security in Business Schools: A Proposal to Balance Technical and Managerial Content,” Communications of the Association for Information Systems, 39(3), 32-51.

2015

• Tarafdar, M., D’Arcy, J., Gupta, A. and Turel, O. (2015). “Is Information Technology Zapping Your Organization? Taking on the Dark Side of Information Technology Use,” MIT Sloan Management Review, 56(2), 61-70.
• Teh, P.-L., Ahmed, P.K. and D’Arcy, J. (2015). “What Drives Information Security Policy Violations Among Banking Employees? Insights from Neutralization and Social Exchange Theory,” Journal of Global Information Management, 23(1), 44-64.

2014

• D’Arcy, J., Herath, T. and Shoss, M. (2014). “Understanding Employee Responses to Stressful Information Security Requirements: A Coping Perspective,” Journal of Management Information Systems, 31(2), 291-325. Online Appendix
• D’Arcy, J. and Greene, G. (2014). “Security Culture and the Employment Relationship as Drivers of Employees’ Security Compliance,” Information Management & Computer Security, 22(5), 474-489.
• D’Arcy, J., Gupta, A., Tarafdar, M. and Turel, O. (2014). “Reflecting on the ‘Dark Side’ of Information Technology Use,” Communications of the Association for Information Systems, 35(5), 109-118.
• Kajzer, M., D’Arcy, J., Crowell, C., Striegel, A. and Van Bruggen, D. (2014). “An Exploratory Investigation of Message-Person Congruence in Information Security Awareness Campaigns,” Computers & Security, 43, 64-76.

2012

• Angst, C., Devaraj, S. and D’Arcy, J. (2012). “Dual Role of IT-Assisted Communication in Patient Care: A Validated Structure-Process-Outcome Framework,” Journal of Management Information Systems, 29(2), 255-291.
• D’Arcy, J. and Devaraj, S. (2012). “Employee Misuse of Information Technology Resources: Testing a Contemporary Deterrence Model,” Decision Sciences, 43(6), 1091-1124. (Best Paper Runner Up)
• Vaidyanathan, G., Devaraj, S. and D’Arcy, J. (2012). “Does Security Impact E-Procurement Performance? Testing a Model of Direct and Moderated Effects,” Decision Sciences, 43(3), 437-458.
• Hovav, A. and D’Arcy, J. (2012). “Applying an Extended Model of Deterrence Across Cultures: An Investigation of Information Systems Misuse in the U.S. and South Korea,” Information & Management, 49(2), 99-110.

2011

• D’Arcy, J. and Herath, T. (2011). “A Review and Analysis of Deterrence Theory in the IS Security Literaure: Making Sense of the Disparate Findings,” European Journal of Information Systems, 20(6), 643-658.

2009

• D’Arcy, J., Hovav, A. and Galletta, D. (2009). “User Awareness of Security Countermeaures and Its Impact on Information Systems Misuse: A Deterrence Perspective,” Information Systems Research, 20(1), 79-98. (Emerald Citations of Excellence Award)
• D’Arcy, J. and Hovav. A. (2009). “Does One Size Fit All? Examining the Differential Effects of IS Security Countermeasures,” Journal of Business Ethics, 89(1), 59-71.
• Chapple, M.J., D’Arcy, J., and Striegel, A. (2009). “An Analyis of Firewall Rulebase (Mis)Management Practices,” Journal of the Information Systems Security Association, Feb., 12-18.

2007

• D’Arcy, J. and Hovav, A. (2007). “Deterring Internal Information Systems Misuse,” Communications of the ACM, 50(10), 113-117.
• D’Arcy, J. and Hovav, A. (2007). “Towards a Best Fit Between Organizational Security Countermeasures and Information Systems Misuse Behaviors,” Journal of Information System Security, 3(2), 1-30.
• Schuff, D., Turetken, O., D’Arcy, J. and Croson, D. (2007). “Managing E-Mail Overload: Present Solutions and Future Challenges,” IEEE Computer, 40(2), 31-36.

2006 and prior

• Schuff, D., Turetken, O. and D’Arcy, J.. (2006). “A Multi-Attribute, Multi-Weight Clustering Approach to Managing E-Mail Overload,” Decision Support Systems, 42(3), 1350-1365.
• Hovav, A. and D’Arcy, J. (2005). “Capital Market Reaction to Defective IT Products: The Case of Computer Viruses,” Computers & Security, 24(5), 409-424.
• Hovav, A. and D’Arcy, J. (2004). “The Impact of Virus Attack Announcements on the Market Value of Firms,” Information Systems Security, 13(3), 32-40.
• DeRosa, D., Hantula, D.A., Kock, N. and D’Arcy, J. (2004). “Trust and Leadership in Virtual Teamwork: A Media Naturalness Perspective,” Human Resource Management, 43(2/3), 219-232.
• Hovav, A. and D’Arcy, J. (2003). “The Impact of Denial-of-Service Attack Announcments on the Market Value of Firms,” Risk Management and Insurance Review, 6(2), 97-121. (Best Paper Award)
• Kock, N. and D’Arcy, J. (2002). “Resolving the E-Collaboration Paradox: The Competing Influences of Media Naturalness and Compensatory Adaptation,” Information Management and Consulting, 17(4), 72-78.