This study presents an empirical investigation of factors affecting small- and medium-sized business (SMB) executives’ decision to adopt anti-malware software for their organizations. A research model was developed by adopting and expanding the protection motivation theory from health psychology, which has successfully been used to investigate the effect of threat and coping appraisal on protective actions. A questionnaire-based field survey with 239 U.S. SMB executives was conducted, and the data were analyzed using partial least squares (PLS). This study demonstrates that threat and coping appraisal successfully predict SMB executives’ anti-malware software adoption intention, leading to SMB adoption. In addition, considerable variance in adoption intention and actual SMB adoption is addressed by social influence from key stakeholders and situation-specific variables, such as IT budget and vendor support. Further, the generalizability of the model was tested using industry type and IS expertise. The adoption intention of IS experts and IT intensive industries was mainly affected by threat appraisal and social influence, while that of non-IS experts and non-IT intensive industries was significantly influenced by coping appraisal and IT budget. Vendor support was a key facilitator of the anti-malware adoption for IS experts and IT intensive industry groups, while IT budget was for non-IS expert and non-IT intensive industry groups. Key implications for theory and practice are discussed.