Restrictive Deterrence: Impact Of Warning Banner Messages On Repeated Low-Trust Software Use

This research paper focuses on the warning messages that are one of the last lines of defense against cybercriminals. The effectiveness of warnings in influencing users' behavior when using low-trust (potentially malicious) software has not been adequately addressed by the prior research. Using the restrictive deterrence theory, supported by the Communication-Human Information Processing (C-HIP) Model, we conducted an experimental study investigating the influence of warning messages on the repeated use of low-trust software. The results suggest that the use of low-trust software could be reduced in frequency, or completely abandoned, in the presence of warning messages, whereby security incidents could be better mitigated and reduced. We suggest several implications for practitioners and offer some interesting theoretical insights.