Dr Malcolm Pattinson

Dr Malcolm Pattinson
 Position Adelaide Research Fellow
 Org Unit Marketing and Management
 Email malcolm.pattinson@adelaide.edu.au
 Telephone +61 8 8313 3529
 Mobile +61 4 0760 2782
 Location Floor/Room 10 40 ,  Nexus 10 Tower ,   North Terrace
  • Biography/ Background

    I am currently a Research Fellow and Information Security Consultant in the Adelaide Business School’s Human Aspects of Cyber Security (HACS) research group.  Although I have been consulting, teaching and researching information security for many years, my time with HACS has been focussed primarily on human factors research relating to computer-based behaviour.  I am also co-chair for the International Symposium on Human Aspects of Information Security & Assurance (HAISA) and we will be hosting the HAISA2017 conference in Adelaide in November, 2017.  I am currently a Board Member of the Adelaide Chapter of ISACA and have the certifications CISA, CISM, CGEIT and CRISC.

    http://www.dst.defence.gov.au/news/2016/03/15/humans-weakest-link-information-security-chain

     


  • Qualifications

    Bachelor of Applied Science (Data Processing), University of South Australia (formerly South Australian Institute of Technology).

    Master of Commerce (by research), Flinders University.
    Thesis topic:  Evaluating Information Systems Security: An Application of Goal Attainment Scaling.

    Doctor of Philosophy, University of Adelaide.
    Thesis topic: An Examination of Information System Risk Perceptions Using the Repertory Grid Technique
    (Awarded a Dean's Commendation for Doctoral Thesis Excellence).

     

     

     

     

     

  • Awards & Achievements

    Certified Information Systems Auditor (CISA)

    Certified Information Security Manager (CISM)

    Certified in the Governance of Enterprise Information Technology (CGEIT)

    Certified in Risk and Information Systems Control (CRISC)

  • Research Interests

    Information Security

    Cyber Security

    Human Aspects of Information and Cyber Security

    Behavioural Information Security

    Information System Risk Management

    Information Technology Governance

    Information Security Management

    Compliance with Information Security Frameworks, Standards & Guidelines

  • Publications

    1.     Pattinson, M., Butavicius, M., Ciccarello, B., Lillie, M., Parsons, K., Calic, D. & McCormac, A., (2019), “Matching Training to Individual Learning Styles Improves Information Security Awareness”, Information and Computer Security, (in press).

     

    2.     Parsons, K., Butavicius, M., Delfabbro, P. & Lillie, M., (2019), “Predicting Susceptibility to Social Influence in Phishing Emails”, International Journal of Human-Computer Studies, Vol. 128, pp. 17-26.

     

    3.     Kun,Y., Taib, R., Butavicius, M., Parsons, K. & Chen, F., (2019), “Mouse Behaviour as an Index of Phishing Awareness”, 17th IFIP TC.13 International Conference on Human-Computer Interaction. September 2018, Paphos, Greece, Springer LNCS series.

     

    4.     Pattinson, M., Ciccarello, B., Butavicius, M., Parsons, K., McCormac, A. & Calic, D., (2018), “Is Your Office Environment Conducive to Good Cyber Security Behaviour?” Proceedings of the 17th Australian Cyber Warfare Conference (CWAR), Melbourne, Australia, pp. 32-41.

     

    5.     Pattinson, M., Butavicius, M., Ciccarello, B., Lillie, M., Parsons, K., Calic, D. & McCormac, A., (2018), “Adapting Cyber Security Training to Your Employees”, Proceedings of the 12th International Symposium on Human Aspects of Information Security and Assurance (HAISA 2018), Dundee, Scotland.

     

    6.     Parsons, K., Butavicius, M., Lillie, M., Calic, D., McCormac, A. & Pattinson, M., (2018), “Which Individual, Cultural, Organisational and Interventional Factors Explain Phishing Resilience?”, Proceedings of the 12th International Symposium on Human Aspects of Information Security and Assurance (HAISA 2018), Dundee, Scotland.

     

    7.     McCormac, A., Calic, D., Butavicius, M., Parsons, K., Pattinson, M. & Lillie, M., (2018), “The Effect of Resilience and Job stress on Information Security Awareness”, Information and Computer Security, 26(3), 277-289.

     

    8.     Butavicius, M., Parsons, Pattinson, M., K., McCormac, A., Calic, D. & Lillie, M. (2017), “Understanding Susceptibility to Phishing Emails: Assessing the Impact of Individual Differences and Culture”, Proceedings of the 11th International Symposium on Human Aspects of Information Security and Assurance (HAISA 2017), Adelaide, Australia, pp. 12–23.

     

    9.     McCormac, A., Calic, D., Butavicius, M., Parsons, K., Pattinson, M. & Lillie, M. (2017), “Understanding the Relationships Between Resilience, Work Stress and Information Security Awareness”, Proceedings of the 11th International Symposium on Human Aspects of Information Security and Assurance (HAISA 2017), Adelaide, Australia, pp. 80–90.

     

    10.  Pattinson, M., Butavicius, M., Parsons, K., McCormac, A. & Calic, D. (2017), “Managing Information Security Awareness at an Australian Bank: A Comparative Study”, Information and Computer Security, Vol. 25, Iss. 2, pp. 181-189.

     

    11.  Parsons, K., Calic, D., Pattinson, M., Butavicius, M., McCormac, A. & Zwaans, T., (2017), “The Human Aspects of Information Security Questionnaire (HAIS-Q): Two Further Validation Studies”, Computers and Security, Vol. 66, pp. 40-51

     

    12.  Zwaans, T., McCormac, A., Parsons, K., Calic, D., Butavicius, M. & Pattinson, M., (2017), “Individual Differences and Information Security Awareness”, Computers in Human Behaviour, Vol. 69, pp. 151-156.

     

    13.  McCormac, A., Calic, D., Parsons, K., Zwaans, T. Butavicius, M. & Pattinson, M., (2016), “Test-retest Reliability and Internal Consistency of the Human Aspects of Information Security Questionnaire (HAIS-Q)”, Proceedings of Australasian Conference on Information Systems, Wollongong, December.

     

    14.  Calic, D, Pattinson, M., Parsons, K., Butavicius, M. & McCormac, A. (2016), “Naïve and Accidental Behaviours that Compromise Information Security: What the Experts Think”, In S. Furnell & N. Clarke (Eds.) Proceedings of the 10th International Symposium on Human Aspects of Information Security and Assurance (HAISA 2016), Frankfurt, Germany, pp. 12-21.

     

    15.  Pattinson, M., Butavicius, M., Parsons, K., McCormac, A., Calic, D. & Jerram, C., (2016), “The Information Security Awareness of Bank Employees”, In S. Furnell & N. Clarke (Eds.) Proceedings of the 10th International Symposium on Human Aspects of Information Security and Assurance (HAISA 2016), Frankfurt, Germany, pp. 189-198.

     

    16.  Pattinson, M., Parsons, K., Butavicius, M., McCormac, A. & Calic, D., (2016), “Assessing Information Security Attitudes: A Comparison of Two Studies”, Information and Computer Security, Vol. 24, Iss. 2, pp. 228-240.

     

    17.  Parsons, K., Butavicius, M., Pattinson, M., McCormac, A., Calic, D. & Jerram, C., (2015), “Do Users Focus on the Correct Cues to Differentiate Between Phishing and Genuine Emails?”, Proceedings of Australasian Conference of Information Systems (ACIS), Adelaide, December, arXiv preprint arXiv:1605.04717.

     

    18.  Butavicius, M., Parsons, K., Pattinson, M. & McCormac, A., (2015), “Breaching the Human Firewall: Social Engineering in Phishing and Spear-Phishing Emails”, Proceedings of Australasian Conference of Information Systems (ACIS), Adelaide, December, arXiv preprint arXiv:1606.00887.

     

    19.  Pattinson, M., Butavicius, M., Parsons, K., McCormac, A. & Calic, D., (2015), “Factors that Influence Information Security Behaviour: An Australian Web-based Study”, In T. Tryfonas & I. Askoxylakis (Eds.) Conference Proceedings of Human Aspects of Information Security, Privacy, and Trust (HCI 2015), Los Angeles, Springer International, LNCS 9190, pp. 231-241.

     

    20.  Pattinson, M., Butavicius, M., Parsons, K., McCormac, A. & Jerram, C., (2015), “Examining Attitudes Toward Information Security Behaviour Using Mixed Methods”, In S. Furnell & N. Clarke (Eds.) Proceedings of the 9th International Symposium on Human Aspects of Information Security and Assurance (HAISA 2015), Lesvos, Greece, pp. 57-70.

     

    21.  Parsons, K., Young, E., Butavicius, M., McCormac, A., Pattinson, M. & Jerram, C., (2015), “The Influence of Organisational Information Security Culture on Information Security Decision Making”, Journal of Cognitive Engineering and Decision Making: Special Issue on Cybersecurity Decision Making, Vol. 9, Iss. 2, pp. 117-129.

     

    22.  Parsons, K., McCormac, A., Pattinson, M., Butavicius, M. & Jerram, C., (2015), “The Design of Phishing Studies: Challenges for Researchers”. Computers and Security: Special Issue on SEC 2013 Conference, pp. 194-206.

     

    23.  Parsons, K., McCormac, A., Pattinson, M., Butavicius, M. & Jerram, C., (2014), “A Study of Information Security Awareness in Australian Government Organisations”, Information Management and Computer Security, Vol. 22, Iss. 4, pp. 334-345.

     

    24.  Parsons, K., McCormac, A., Butavicius, M., Pattinson, M. & Jerram, C., (2014), “Determining Employee Awareness Using the Human Aspects of Information Security Questionnaire (HAIS-Q)”, Computers and Security, Vol. 42, pp. 165-176.

     

    25.  Parsons, K., McCormac, A., Pattinson, M., Butavicius, M. & Jerram, C., (2014), "Using Actions and Intentions to Evaluate Categorical Responses to Phishing and Genuine Emails", In N. L. Clarke & S. M. Furnell (Eds.) Proceedings of the 8th International Symposium on Human Aspects of Information Security and Assurance (HAISA 2014), Plymouth UK, July, pp. 30-41.

     

     

    27.  Pattinson, M., Jerram, C., Parsons, K., McCormac, A. & Butavicius, M., (2013), “Information Security Awareness: An Analysis of Knowledge, Attitude and Behaviour”, Proceedings of Control, Audit and Computer Security (CACS) 2013 Oceania conference, Adelaide, September.

     

    28.  Parsons, K., McCormac, A., Butavicius, M., Pattinson, M. & Jerram, C., (2013), "The Development of the Human Aspects of Information Security Questionnaire (HAIS-Q)", In Hepu Deng & Craig Standing (Eds.) Proceedings of the 24th Australasian Conference on Information Systems (ACIS), Melbourne, Australia, December, pp. 1-11.

     

    29.  Pattinson, M. & Jerram, C., (2013), "A Study of Information Systems Risk Perceptions at a Local Government Organisation", In Hepu Deng & Craig Standing (Eds.) Proceedings of the 24th Australasian Conference on Information Systems (ACIS), Melbourne, Australia, December, pp. 1-11.

     

    30.  Parsons, K., McCormac, A., Pattinson, M., Butavicius, M. & Jerram, C., (2013), “Phishing for the Truth: A Scenario-based Experiment of Users’ Behavioural Response to Emails”, In L. J. Janczewski, H. Wolf & S. Shenoi (Eds.) Proceedings of the 28th IFIP TC-11 International Information Security and Privacy Conference (SEC2013), Auckland, NZ, July, pp. 366-378.

     

    31.  Pattinson, M., Jerram, C., Parsons, K., McCormac, A. & Butavicius, M., (2012), "Why Do Some People Manage Phishing E-mails Better Than Others?", Information Management and Computer Security, Emerald Group Publishing Limited,  Vol: 20, Iss: 1 pp. 18-28.

     

    32.  Pattinson, M., Jerram, C., Parsons, K., McCormac, A. & Butavicius, M., (2011), “Managing Phishing Emails: A Scenario-Based Experiment”, In S. Furnell & N. Clarke (Eds.) Proceedings of the 5th International Symposium on Human Aspects of Information Security and Assurance (HAISA 2011), London, England, July, pp. 74-85.

     

    33.  Pattinson, M. & Jerram, C., (2010), "Examining End-user Perceptions of Information Risks: An Application of the Repertory Grid Technique", In N. Clarke, S. Furnell & R. von Solms (Eds) Proceedings of the South African Information Security Multi-Conference (SAISMC 2010), Port Elizabeth, South Africa, May, pp. 2-12.

     

  • Professional Associations

    Member, Information Systems Audit and Control Association (ISACA)

    Board Member, ISACA Adelaide Chapter, 2015 - 2016

    Member International Federation for Information Processing (IFIP), Technical Committee 11, Working Group 11.1 (Information Security Management)

    Co-chair International Federation for Information Processing Systems (IFIP), Technical Committee 11, Working Group 11.12 (Human Aspects of Information Sevcurity & Assurance (HAISA))

  • Professional Interests

    Information Security Consultant

  • Media Expertise

    CategoriesInformation Technology, Information Management
    ExpertiseCyber security Information Security Information Warfare Risk Management Human Aspects of Information Security IT Governance
    NotesMember ISACA

The information in this directory is provided to support the academic, administrative and business activities of the University of Adelaide. To facilitate these activities, entries in the University Phone Directory are not limited to University employees. The use of information provided here for any other purpose, including the sending of unsolicited commercial material via email or any other electronic format, is strictly prohibited. The University reserves the right to recover all costs incurred in the event of breach of this policy.

Entry last updated: Sunday, 15 Sep 2019

To link to this page, please use the following URL:  https://www.adelaide.edu.au/directory/malcolm.pattinson