Dr Malcolm Pattinson

Adelaide Research Fellow

Adelaide Business School

Faculty of the Professions

My Research
Career
Publications
Supervision
Professional Activities
Contact

I am currently a Senior Research Fellow in the Adelaide Business School. Over the last two decades, my work has been dedicated to teaching and research in the domain of Information Security and Cyber Security, particularly in regard to the behaviour of digital-device users and how it impacts on organisational security. I am an integral member the multi-disciplinary Human Aspects of Cyber Security (HACS) Research Group, which has conducted research projects relating to: susceptibility of phishing email recipients; social engineering techniques of hackers; risk perceptions and behaviours of employees; cognitive aspects and personality traits of computer users; and the information security awareness of individuals. I am also co-chair of the international Human Aspects of Information Security and Assurance (HAISA) conference and hosted the November 2017 HAISA conference in Adelaide, Australia.

Expand

Appointments

Date	Position	Institution name
2018 - 2018	Research Fellow	University of Adelaide
2017 - 2017	Adelaide Research Fellow	University of Adelaide
2012 - 2016	Visiting Research Fellow	Unirversity of Adelaide

Language Competencies

Language Competency
English Can read, write, speak, understand spoken and peer review

Language	Competency
English	Can read, write, speak, understand spoken and peer review

Education

Date	Institution name	Country	Title
—	Univeristy of Adelaide	Australia	PhD
—	Flinders University	Australia	M. Commerce (by Research)
—	University of South Australia	Australia	B. App. Sc. (Data Processing)

Certifications

Title	Institution name	Country
Certified Information Systems Auditor (CISA)	ISACA	—
Certified Information Security Manager (CISM)	ISACA	—
Certified in the Governance of Enterprice Informat	ISACA	—
Certified in Risk and Information System Controls	ISACA	—

Research Interests

Business and Management Business Information Systems Computer System Security Computer-Human Interaction Strategic, Defence & Security Studies

Expand

Journals

Year	Citation
2018	McCormac, A., Calic, D., Parsons, K., Butavicius, M., Pattinson, M., & Lillie, M. (2018). The effect of resilience and job stress on information security awareness. Information and Computer Security, 26(3), 277-289. DOI
2017	Parsons, K., Calic, D., Pattinson, M., Butavicius, M., McCormac, A., & Zwaans, T. (2017). The Human Aspects of Information Security Questionnaire (HAIS-Q): Two further validation studies. Computers and Security, 66, 40-51. DOI Scopus32 WoS21
2017	Pattinson, M., Butavicius, M., Parsons, K., McCormac, A., & Calic, D. (2017). Managing information security awareness at an Australian bank: a comparative study. Information and Computer Security, 25(2), 181-189. DOI Scopus3
2017	McCormac, A., Calic, D., Butavicius, M., Parsons, K., Zwaans, T., & Pattinson, M. (2017). A reliable measure of Information Security Awareness and the identification of bias in responses. Australasian Journal of Information Systems, 21, 1-12. DOI Scopus1
2017	McCormac, A., Zwaans, T., Parsons, K., Calic, D., Butavicius, M., & Pattinson, M. (2017). Individual differences and Information Security Awareness. Computers in Human Behavior, 69, 151-156. DOI Scopus29 WoS18
2016	Pattinson, M., Parsons, K., Butavicius, M., McCormac, A., & Calic, D. (2016). Assessing information security attitudes: a comparison of two studies. Information and Computer Security, 24(2), 228-240. DOI Scopus11
2015	Parsons, K., Young, E., Butavicius, M., McCormac, A., Pattinson, M., & Jerram, C. (2015). The influence of organizational information security culture on information security decision making. Journal of Cognitive Engineering and Decision Making, 9(2), 117-129. DOI Scopus19
2015	Parsons, K., McCormac, A., Pattinson, M., Butavicius, M., & Jerram, C. (2015). The design of phishing studies: challenges for researchers. Computers and Security, 52, 194-206. DOI Scopus23 WoS17
2014	Parsons, K., McCormac, A., Pattinson, M., Butavicius, M., & Jerram, C. (2014). A study of information security awareness in Australian government organisations. Information Management and Computer Security, 22(4), 334-345. DOI Scopus17
2014	Parsons, K., McCormac, A., Butavicius, M., Pattinson, M., & Jerram, C. (2014). Determining employee awareness using the Human Aspects of Information Security Questionnaire (HAIS-Q). Computers & Security, 42, 165-176. DOI Scopus83 WoS54
2012	Pattinson, M., Jerram, C., Parsons, K., McCormac, A., & Butavicius, M. (2012). Why do some people manage phishing e-mails better than others?. Information Management & Computer Security, 20(1), 18-28. DOI Scopus46
2007	Pattinson, M., & Anderson, G. (2007). How well are information risks being communicated to your computer end-users?. Information Management and Computer Security, 15(5), 362-371. DOI Scopus24
2006	Pattinson, M., & Anderson, G. (2006). Risk communication, risk perception and information security. IFIP International Federation for Information Processing, 193. Scopus5
2005	Pattinson, M., & Anderson, G. (2005). Risk communication, risk perception and information security. IFIP Advances in Information and Communication Technology, 193, 175-184. Scopus4

Conference Papers

Year	Citation
2018	Parsons, K., Butavicius, M., Lillie, M., Calic, D., McCormac, A., & Pattinson, M. (2018). Which individual, cultural, organisational and inerventional factors explain phishing resilience?. In N. Clarke, & S. Furnell (Eds.), Proceedings of the Twelfth International Symposium on Human Aspects of Information Security & Assurance (HAISA 2018) (pp. 1-11). Dundee, Scotland, UK: University of Plymouth.
2018	Pattinson, M., Butavicius, M., Ciccarello, B., Lillie, M., Parsons, K., Calic, D., & McCormac, A. (2018). Adapting Cyber-Security Training to Your Employees. In N. Clarke, & S. Furnell (Eds.), PROCEEDINGS OF THE TWELFTH INTERNATIONAL SYMPOSIUM ON HUMAN ASPECTS OF INFORMATION SECURITY & ASSURANCE (HAISA 2018) (pp. 67-79). Dundee, SCOTLAND: PLYMOUTH UNIV.
2016	McCormac, A., Calic, D., Parsons, K., Zwaans, T., Butavicius, M., & Pattinson, M. (2016). Test-retest reliability and internal consistency of the human aspects of information security questionnaire (HAIS-Q). In Proceedings of the 27th Australasian Conference on Information Systems, ACIS 2016. Scopus3
2016	Calic, D., Pattinson, M., Parsons, K., Butavicius, M., & McCormac, A. (2016). Naïve and accidental behaviours that compromise information security: what the experts think. In N. Clarke, & S. Furnell (Eds.), Proceedings of the 10th International Symposium on Human Aspects of Information Security & Assurance (pp. 12-21). Frankfurt, Germany: Plymouth University. Scopus5
2016	Pattinson, M., Butavicius, M., Parsons, K., McCormac, A., Calic, D., & Jerram, C. (2016). The information security awareness of bank employees. In Proceedings of the 10th International Symposium on Human Aspects of Information Security and Assurance, HAISA 2016 (pp. 189-198). Scopus1
2015	Pattinson, M., Butavicius, M., Parsons, K., McCormac, A., & Jerram, C. (2015). Examining attitudes toward information security behaviour using mixed methods. In S. Furnell, & N. Clarke (Eds.), Proceedings of the 9th International Symposium on Human Aspects of Information Security & Assurance, HAISA 2015 (pp. 57-70). United Kingdom: Plymouth University. Scopus7
2015	Parsons, K., Butavicius, M., Pattinson, M., McCormac, A., Calic, D., & Jerram, C. (2015). Do users focus on the correct cues to differentiate between phishing and genuine emails?. In ACIS 2015 Proceedings - 26th Australasian Conference on Information Systems. Online: Association for Information Systems. Scopus2
2015	Butavicius, M., Parsons, K., Pattinson, M., & McCormac, A. (2015). Breaching the human firewall: Social engineering in phishing and spear-phishing emails. In ACIS 2015 Proceedings - 26th Australasian Conference on Information Systems. Online: Association for Information Systems. Scopus6
2015	Pattinson, M., Butavicius, M., Parsons, K., McCormac, A., & Calic, D. (2015). Factors that influence information security behavior: an Australian web-based study. In T. Tryfonas, & I. Askoxylakis (Eds.), Proceedings of the International Conference on Human Aspects of Information Security, Privacy, and Trust Vol. 9190 (pp. 231-241). Los Angeles, CA: Springer. DOI Scopus12
2014	Parsons, K., Mccormac, A., Pattinson, M., Butavicius, M., & Jerram, C. (2014). Using actions and intentions to evaluate categorical responses to phishing and genuine emails. In Proceedings of the 8th International Symposium on Human Aspects of Information Security and Assurance, HAISA 2014 (pp. 30-41). Plymouth, United Kingdom: University of Plymouth. Scopus2
2013	Pattinson, M., & Jerram, C. (2013). A study of information systems risk perceptions at a local government organisation. In Proceedings of the 24th Australasian Conference on Information Systems.
2013	Parsons, K., McCormac, A., Butavicius, M., Pattinson, M., & Jerram, C. (2013). The development of the human aspects of information security questionnaire (HAIS-Q). In Proceedings of the 24th Australasian Conference on Information Systems (pp. 1-12). Australia. Scopus1
2013	Parsons, K., McCormac, A., Pattinson, M., Butavicius, M., & Jerram, C. (2013). An analysis of information security vulnerabilities at three Australian government organisations. In Proceedings of the European Information Security Multi-Conference, EISMC 2013 (pp. 34-44). Scopus8
2013	Parsons, K., McCormac, A., Pattinson, M., Butavicius, M., & Jerram, C. (2013). Phishing for the truth: A scenario-based experiment of users’ behavioural response to emails. In L. Janczewski, H. Wolfe, & S. Shenoi (Eds.), IFIP Advances in Information and Communication Technology Vol. 405 (pp. 366-378). Auckland, NEW ZEALAND: SPRINGER-VERLAG BERLIN. Scopus16 WoS10
2011	Pattinson, M., Jerram, C., Parsons, K., McCormac, A., & Butavicius, M. (2011). Managing phishing emails: A scenario-based experiment. In Proceedings of the 5th International Symposium on Human Aspects of Information Security and Assurance, HAISA 2011 (pp. 75-85). Scopus1
2010	Pattinson, M., & Jerram, C. (2010). Examining end-user perceptions of information risks: an application of the Repertory Grid Technique. In Proceedings of the South African Information Security Multi-Conference (pp. 2-12). UK: University of Plymouth.
2009	Ram, J., & Pattinson, M. (2009). Exploring antecedents of organisational adoption of ERP and their effect on performance of firms. In Proceedings of the 17th European Conference on Information Systems (pp. 1-13). Online: Association for Information Systems. Scopus5
2007	Pattinson, M., & Anderson, G. (2007). How well are information risks being communicated to your computer end-users?. In Proceedings of the International Symposium on Human Aspects of Information Security and Assurance, HAISA 2007 (pp. 25-36). Scopus1

Expand

Current Higher Degree by Research Supervision (University of Adelaide)

Date	Role	Research Topic	Program	Degree Type	Student Load	Student Name
2015	Co-Supervisor	The Assessment and Management of Human Resource Risk for Personnel Deployed on International Operations	Doctor of Philosophy	Doctorate	Part Time	Mr Mark Golsby

Expand

Board Memberships

Date Role Board name Institution name Country
2015 - 2016 Board Member Adelaide Chapter ISACA Australia

Date	Role	Board name	Institution name	Country
2015 - 2016	Board Member	Adelaide Chapter	ISACA	Australia

Position: Adelaide Research Fellow
Phone: 83133529
Email: malcolm.pattinson@adelaide.edu.au
Fax: 8313 4952
Campus: North Terrace
Building: Nexus 10 Tower, floor 10
Room: 10 40
Org Unit: Marketing and Management

Dr Malcolm Pattinson

Appointments

Language Competencies

Education

Certifications

Research Interests

Journals

Conference Papers

Current Higher Degree by Research Supervision (University of Adelaide)

Board Memberships

Connect With Me

External Profiles