Dr Malcolm Pattinson

Dr Malcolm Pattinson
 Position Adelaide Research Fellow
 Org Unit Marketing and Management
 Email malcolm.pattinson@adelaide.edu.au
 Telephone +61 8 8313 3529
 Mobile +61 4 0760 2782
 Location Floor/Room 10 40 ,  Nexus 10 Tower ,   North Terrace
  • Biography/ Background

    I am currently a Research Fellow and Information Security Consultant in the Adelaide Business School’s Human Aspects of Cyber Security (HACS) research group.  Although I have been consulting, teaching and researching information security for many years, my time with HACS has been focussed primarily on human factors research relating to computer-based behaviour.  I am also co-chair for the International Symposium on Human Aspects of Information Security & Assurance (HAISA) and we will be hosting the HAISA2017 conference in Adelaide in November, 2017.  I am currently a Board Member of the Adelaide Chapter of ISACA and have the certifications CISA, CISM, CGEIT and CRISC.

    http://www.dst.defence.gov.au/news/2016/03/15/humans-weakest-link-information-security-chain

     


  • Qualifications

    Bachelor of Applied Science (Data Processing), University of South Australia (formerly South Australian Institute of Technology).

    Master of Commerce (by research), Flinders University.
    Thesis topic:  Evaluating Information Systems Security: An Application of Goal Attainment Scaling.

    Doctor of Philosophy, University of Adelaide.
    Thesis topic: An Examination of Information System Risk Perceptions Using the Repertory Grid Technique
    (Awarded a Dean's Commendation for Doctoral Thesis Excellence).

     

     

     

     

     

  • Awards & Achievements

    Certified Information Systems Auditor (CISA)

    Certified Information Security Manager (CISM)

    Certified in the Governance of Enterprise Information Technology (CGEIT)

    Certified in Risk and Information Systems Control (CRISC)

  • Research Interests

    Information Security

    Cyber Security

    Human Aspects of Information and Cyber Security

    Behavioural Information Security

    Information System Risk Management

    Information Technology Governance

    Information Security Management

    Compliance with Information Security Frameworks, Standards & Guidelines

  • Publications

    1.     Pattinson, M., Butavicius, M., Parsons, K., McCormac, A., Calic, D. & Jerram, C., (In Press), “The Information Security Awareness of Bank Employees”, In S. Furnell & N. Clarke (Eds.) Proceedings of the 10th International Symposium on Human Aspects of Information Security & Assurance (HAISA 2016), Frankfurt, Germany, pp. 189-198. 

     

    2.     Pattinson, M., Parsons, K., Butavicius, M., McCormac, A. & Calic, D., (In Press), “Assessing Information Security Attitudes: A comparison of two studies”, Information & Computer Security, Accepted 9th March 2016.

     

    3.     Parsons, K., Butavicius, M., Pattinson, M., McCormac, A., Calic, D. & Jerram, C., (2015), “Do Users Focus on the Correct Cues to Differentiate Between Phishing and Genuine Emails?”, Proceedings of Australian Conference of Information Systems (ACIS), Adelaide, December, Article in Press.

     

    4.     Butavicius, M., Parsons, K., Pattinson, M. & McCormac, A., (2015), “Breaching the Human Firewall: Social Engineering in Phishing and Spear-Phishing Emails”, Proceedings of Australian Conference of Information Systems (ACIS), Adelaide, December, Article in Press

     

    5.     Pattinson, M., Butavicius, M., Parsons, K., McCormac, A. & Calic, D., (2015), “Factors that Influence Information Security Behaviour: An Australian Web-based Study”, In T. Tryfonas, & I. Askoxylakis (Eds.) Conference Proceedings of Human Aspects of Information Security, Privacy, & Trust (HCI 2015), Los Angeles, Springer International, LNCS 9190, pp. 231-241.

     

    6.     Pattinson, M., Butavicius, M., Parsons, K., McCormac, A. & Jerram, C., (2015), “Examining Attitudes Toward Information Security Behaviour Using Mixed Methods”, In S. Furnell & N. Clarke (Eds.) Proceedings of the 9th International Symposium on Human Aspects of Information Security & Assurance (HAISA 2015), Lesvos, Greece, pp. 57-70.

     

    7.     Parsons, K., Young, E., Butavicius, M., McCormac, A., Pattinson, M. & Jerram, C., (2015), “The Influence of Organisational Information Security Culture on Cybersecurity Decision Making”, Journal of Cognitive Engineering and Decision Making: Special Issue on Cybersecurity Decision Making, Vol. 9, Iss. 2, pp. 117-129.

     

    8.     Parsons, K., McCormac, A., Pattinson, M., Butavicius, M. & Jerram, C., (2015), “The Design of Phishing Studies: Challenges for Researchers”. Computers and Security: Special Issue on SEC 2013 Conference, Article in Press.

     

    9.     Parsons, K., McCormac, A., Pattinson, M., Butavicius, M., & Jerram, C., (2014), “A Study of Information Security Awareness in Australian Government Organisations”, Information Management & Computer Security, Vol. 22, Iss. 4, pp. 334-345.

     

    10.  Parsons, K., McCormac, A., Butavicius, M., Pattinson, M. & Jerram, C., (2014), “Determining Employee Awareness Using the Human Aspects of Information Security Questionnaire (HAIS-Q)”, Computers & Security, Vol. 42, pp. 165-176.

     

    11.  Parsons, K., McCormac, A., Pattinson, M., Butavicius, M. & Jerram, C., (2014), "Using Actions and Intentions to Evaluate Categorical Responses to Phishing and Genuine Emails", In N. L. Clarke & S. M. Furnell (Eds.) Proceedings of the 8th International Symposium on Human Aspects of Information Security & Assurance (HAISA 2014), Plymouth UK, July, pp. 30-41.

     

    12.  Parsons, K., McCormac, A., Pattinson, M., Butavicius, M. & Jerram, C., (2013), "An Analysis of Information Security Vulnerabilities at Three Australian Government Organisations", Proceedings of the European Information Security Multi-conference (EISMC 2013), Lisbon, Portugal, May, pp. 34-44.

     

    13.  Pattinson, M., Jerram, C., Parsons, K., McCormac, A., & Butavicius, M., (2013), “Information Security Awareness: An Analysis of Knowledge, Attitude and Behaviour”, Proceedings of Control, Audit & Computer Security (CACS) 2013 Oceania conference, Adelaide, September.

     

    14.  Parsons, K., McCormac, A., Butavicius, M., Pattinson, M., & Jerram, C., (2013), "The Development of the Human Aspects of Information Security Questionnaire (HAIS-Q)", In Hepu Deng & Craig Standing (Eds.) Proceedings of the 24th Australasian Conference on Information Systems (ACIS), Melbourne, Australia, December, pp. 1-11.

     

    15.  Pattinson, M. & Jerram, C., (2013), "A Study of Information Systems Risk Perceptions at a Local Government Organisation", In Hepu Deng & Craig Standing (Eds.) Proceedings of the 24th Australasian Conference on Information Systems (ACIS), Melbourne, Australia, December, pp. 1-11.

     

    16.  Parsons, K., McCormac, A., Pattinson, M., Butavicius, M. & Jerram, C., (2013), “Phishing for the Truth: A Scenario-based Experiment of Users’ Behavioural Response to Emails”, In L. J. Janczewski, H. Wolf & S. Shenoi (Eds.) Proceedings of the 28th IFIP TC-11 International Information Security and Privacy Conference (SEC2013), Auckland, NZ, July, pp. 366-378.

     

    17.  Pattinson, M., Jerram, C., Parsons, K., McCormac, A., & Butavicius, M., (2012), "Why Do Some People Manage Phishing E-mails Better Than Others?", Information Management & Computer Security, Emerald Group Publishing Limited,  Vol: 20, Iss: 1 pp. 18-28.

     

    18.  Pattinson, M., Jerram, C., Parsons, K., McCormac, A., & Butavicius, M., (2011), “Managing Phishing Emails: A Scenario-Based Experiment”, In S. Furnell & N. Clarke (Eds.) Proceedings of the 5th International Symposium on Human Aspects of Information Security and Assurance (HAISA 2011), London, England, July, pp. 74-85.

     

    19.  Pattinson, M. & Jerram, C., (2010), "Examining End-user Perceptions of Information Risks: An Application of the Repertory Grid Technique", In N. Clarke, S. Furnell & R. von Solms (Eds) Proceedings of the South African Information Security Multi-Conference (SAISMC 2010), Port Elizabeth, South Africa, May, pp. 2-12.

  • Professional Associations

    Member, Information Systems Audit and Control Association (ISACA)

    Board Member, ISACA Adelaide Chapter, 2015 - 2016

    Member International Federation for Information Processing (IFIP), Technical Committee 11, Working Group 11.1 (Information Security Management)

    Co-chair International Federation for Information Processing Systems (IFIP), Technical Committee 11, Working Group 11.12 (Human Aspects of Information Sevcurity & Assurance (HAISA))

  • Professional Interests

    Information Security Consultant

  • Media Expertise

    CategoriesInformation Technology, Information Management
    ExpertiseCyber security Information Security Information Warfare Risk Management Human Aspects of Information Security IT Governance
    NotesMember ISACA

The information in this directory is provided to support the academic, administrative and business activities of the University of Adelaide. To facilitate these activities, entries in the University Phone Directory are not limited to University employees. The use of information provided here for any other purpose, including the sending of unsolicited commercial material via email or any other electronic format, is strictly prohibited. The University reserves the right to recover all costs incurred in the event of breach of this policy.

Entry last updated: Sunday, 23 Jun 2019

To link to this page, please use the following URL:  https://www.adelaide.edu.au/directory/malcolm.pattinson