University Staff Directory The University of Adelaide Australia
Faculties & Divisions | People A to Z | Media Expertise | Phonebook
Public browsing [Login]
Text Zoom: S | M | L

Dr Malcolm Pattinson

Telephone +61 8 8313 3529
Position Adelaide Research Fellow
Email malcolm.pattinson@adelaide.edu.au
Fax +61 8 8313 4952
Mobile +61 4 0760 2782
Building Nexus 10 Tower
Floor/Room 9 22
Campus North Terrace
Org Unit Marketing and Management

To link to this page, please use the following URL:
http://www.adelaide.edu.au/directory/malcolm.pattinson

Biography/ Background

I am currently a Research Fellow and Information Security Consultant in the Adelaide Business School’s Human Aspects of Cyber Security (HACS) research group.  Although I have been consulting, teaching and researching information security for many years, my time with HACS has been focussed primarily on human factors research relating to computer-based behaviour.  I am also co-chair for the International Symposium on Human Aspects of Information Security & Assurance (HAISA) and we will be hosting the HAISA2017 conference in Adelaide in November, 2017.  I am currently a Board Member of the Adelaide Chapter of ISACA and have the certifications CISA, CISM, CGEIT and CRISC.

http://www.dst.defence.gov.au/news/2016/03/15/humans-weakest-link-information-security-chain

 


Qualifications

Bachelor of Applied Science (Data Processing), University of South Australia (formerly South Australian Institute of Technology).

Master of Commerce (by research), Flinders University.
Thesis topic:  Evaluating Information Systems Security: An Application of Goal Attainment Scaling.

Doctor of Philosophy, University of Adelaide.
Thesis topic: An Examination of Information System Risk Perceptions Using the Repertory Grid Technique
(Awarded a Dean's Commendation for Doctoral Thesis Excellence).

 

 

 

 

 

Awards & Achievements

Certified Information Systems Auditor (CISA)

Certified Information Security Manager (CISM)

Certified in the Governance of Enterprise Information Technology (CGEIT)

Certified in Risk and Information Systems Control (CRISC)

Research Interests

Information Security

Cyber Security

Human Aspects of Information and Cyber Security

Behavioural Information Security

Information System Risk Management

Information Technology Governance

Information Security Management

Compliance with Information Security Frameworks, Standards & Guidelines

Publications

1.     Pattinson, M., Butavicius, M., Parsons, K., McCormac, A., Calic, D. & Jerram, C., (In Press), “The Information Security Awareness of Bank Employees”, In S. Furnell & N. Clarke (Eds.) Proceedings of the 10th International Symposium on Human Aspects of Information Security & Assurance (HAISA 2016), Frankfurt, Germany, pp. 189-198. 

 

2.     Pattinson, M., Parsons, K., Butavicius, M., McCormac, A. & Calic, D., (In Press), “Assessing Information Security Attitudes: A comparison of two studies”, Information & Computer Security, Accepted 9th March 2016.

 

3.     Parsons, K., Butavicius, M., Pattinson, M., McCormac, A., Calic, D. & Jerram, C., (2015), “Do Users Focus on the Correct Cues to Differentiate Between Phishing and Genuine Emails?”, Proceedings of Australian Conference of Information Systems (ACIS), Adelaide, December, Article in Press.

 

4.     Butavicius, M., Parsons, K., Pattinson, M. & McCormac, A., (2015), “Breaching the Human Firewall: Social Engineering in Phishing and Spear-Phishing Emails”, Proceedings of Australian Conference of Information Systems (ACIS), Adelaide, December, Article in Press

 

5.     Pattinson, M., Butavicius, M., Parsons, K., McCormac, A. & Calic, D., (2015), “Factors that Influence Information Security Behaviour: An Australian Web-based Study”, In T. Tryfonas, & I. Askoxylakis (Eds.) Conference Proceedings of Human Aspects of Information Security, Privacy, & Trust (HCI 2015), Los Angeles, Springer International, LNCS 9190, pp. 231-241.

 

6.     Pattinson, M., Butavicius, M., Parsons, K., McCormac, A. & Jerram, C., (2015), “Examining Attitudes Toward Information Security Behaviour Using Mixed Methods”, In S. Furnell & N. Clarke (Eds.) Proceedings of the 9th International Symposium on Human Aspects of Information Security & Assurance (HAISA 2015), Lesvos, Greece, pp. 57-70.

 

7.     Parsons, K., Young, E., Butavicius, M., McCormac, A., Pattinson, M. & Jerram, C., (2015), “The Influence of Organisational Information Security Culture on Cybersecurity Decision Making”, Journal of Cognitive Engineering and Decision Making: Special Issue on Cybersecurity Decision Making, Vol. 9, Iss. 2, pp. 117-129.

 

8.     Parsons, K., McCormac, A., Pattinson, M., Butavicius, M. & Jerram, C., (2015), “The Design of Phishing Studies: Challenges for Researchers”. Computers and Security: Special Issue on SEC 2013 Conference, Article in Press.

 

9.     Parsons, K., McCormac, A., Pattinson, M., Butavicius, M., & Jerram, C., (2014), “A Study of Information Security Awareness in Australian Government Organisations”, Information Management & Computer Security, Vol. 22, Iss. 4, pp. 334-345.

 

10.  Parsons, K., McCormac, A., Butavicius, M., Pattinson, M. & Jerram, C., (2014), “Determining Employee Awareness Using the Human Aspects of Information Security Questionnaire (HAIS-Q)”, Computers & Security, Vol. 42, pp. 165-176.

 

11.  Parsons, K., McCormac, A., Pattinson, M., Butavicius, M. & Jerram, C., (2014), "Using Actions and Intentions to Evaluate Categorical Responses to Phishing and Genuine Emails", In N. L. Clarke & S. M. Furnell (Eds.) Proceedings of the 8th International Symposium on Human Aspects of Information Security & Assurance (HAISA 2014), Plymouth UK, July, pp. 30-41.

 

12.  Parsons, K., McCormac, A., Pattinson, M., Butavicius, M. & Jerram, C., (2013), "An Analysis of Information Security Vulnerabilities at Three Australian Government Organisations", Proceedings of the European Information Security Multi-conference (EISMC 2013), Lisbon, Portugal, May, pp. 34-44.

 

13.  Pattinson, M., Jerram, C., Parsons, K., McCormac, A., & Butavicius, M., (2013), “Information Security Awareness: An Analysis of Knowledge, Attitude and Behaviour”, Proceedings of Control, Audit & Computer Security (CACS) 2013 Oceania conference, Adelaide, September.

 

14.  Parsons, K., McCormac, A., Butavicius, M., Pattinson, M., & Jerram, C., (2013), "The Development of the Human Aspects of Information Security Questionnaire (HAIS-Q)", In Hepu Deng & Craig Standing (Eds.) Proceedings of the 24th Australasian Conference on Information Systems (ACIS), Melbourne, Australia, December, pp. 1-11.

 

15.  Pattinson, M. & Jerram, C., (2013), "A Study of Information Systems Risk Perceptions at a Local Government Organisation", In Hepu Deng & Craig Standing (Eds.) Proceedings of the 24th Australasian Conference on Information Systems (ACIS), Melbourne, Australia, December, pp. 1-11.

 

16.  Parsons, K., McCormac, A., Pattinson, M., Butavicius, M. & Jerram, C., (2013), “Phishing for the Truth: A Scenario-based Experiment of Users’ Behavioural Response to Emails”, In L. J. Janczewski, H. Wolf & S. Shenoi (Eds.) Proceedings of the 28th IFIP TC-11 International Information Security and Privacy Conference (SEC2013), Auckland, NZ, July, pp. 366-378.

 

17.  Pattinson, M., Jerram, C., Parsons, K., McCormac, A., & Butavicius, M., (2012), "Why Do Some People Manage Phishing E-mails Better Than Others?", Information Management & Computer Security, Emerald Group Publishing Limited,  Vol: 20, Iss: 1 pp. 18-28.

 

18.  Pattinson, M., Jerram, C., Parsons, K., McCormac, A., & Butavicius, M., (2011), “Managing Phishing Emails: A Scenario-Based Experiment”, In S. Furnell & N. Clarke (Eds.) Proceedings of the 5th International Symposium on Human Aspects of Information Security and Assurance (HAISA 2011), London, England, July, pp. 74-85.

 

19.  Pattinson, M. & Jerram, C., (2010), "Examining End-user Perceptions of Information Risks: An Application of the Repertory Grid Technique", In N. Clarke, S. Furnell & R. von Solms (Eds) Proceedings of the South African Information Security Multi-Conference (SAISMC 2010), Port Elizabeth, South Africa, May, pp. 2-12.

Professional Associations

Member, Information Systems Audit and Control Association (ISACA)

Board Member, ISACA Adelaide Chapter, 2015 - 2016

Member International Federation for Information Processing (IFIP), Technical Committee 11, Working Group 11.1 (Information Security Management)

Co-chair International Federation for Information Processing Systems (IFIP), Technical Committee 11, Working Group 11.12 (Human Aspects of Information Sevcurity & Assurance (HAISA))

Professional Interests

Information Security Consultant

Expertise for Media Contact

CategoriesInformation Technology, Information Management
ExpertiseCyber security Information Security Information Warfare Risk Management Human Aspects of Information Security IT Governance
NotesMember ISACA

Entry last updated: Thursday, 20 Apr 2017

The information in this directory is provided to support the academic, administrative and business activities of the University of Adelaide. To facilitate these activities, entries in the University Phone Directory are not limited to University employees. The use of information provided here for any other purpose, including the sending of unsolicited commercial material via email or any other electronic format, is strictly prohibited. The University reserves the right to recover all costs incurred in the event of breach of this policy.